Search in sources :

Example 6 with GenericMessageInfo

use of org.jboss.security.auth.message.GenericMessageInfo in project jbossws-cxf by jbossws.

the class JaspiClientAuthenticator method secureRequest.

public void secureRequest(SoapMessage message) {
    SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
    MessageInfo messageInfo = new GenericMessageInfo(soapMessage, null);
    String authContextID = clientConfig.getAuthContextID(messageInfo);
    Properties serverContextProperties = new Properties();
    serverContextProperties.put("security-domain", securityDomain);
    serverContextProperties.put("jaspi-policy", jpi);
    Subject clientSubject = new Subject();
    @SuppressWarnings("unused") AuthStatus authStatus = null;
    try {
        ClientAuthContext cctx = clientConfig.getAuthContext(authContextID, clientSubject, serverContextProperties);
        authStatus = cctx.secureRequest(messageInfo, clientSubject);
    } catch (AuthException e) {
        if (isSOAP12(message)) {
            SoapFault soap12Fault = new SoapFault(e.getMessage(), Soap12.getInstance().getSender());
            throw soap12Fault;
        } else {
            throw new SoapFault(e.getMessage(), new QName("", "japsi AuthException"));
        }
    }
// TODO:look at how to handle AuthStatus
}
Also used : SoapFault(org.apache.cxf.binding.soap.SoapFault) AuthStatus(javax.security.auth.message.AuthStatus) QName(javax.xml.namespace.QName) GenericMessageInfo(org.jboss.security.auth.message.GenericMessageInfo) AuthException(javax.security.auth.message.AuthException) ClientAuthContext(javax.security.auth.message.config.ClientAuthContext) Properties(java.util.Properties) SOAPMessage(javax.xml.soap.SOAPMessage) Subject(javax.security.auth.Subject) MessageInfo(javax.security.auth.message.MessageInfo) GenericMessageInfo(org.jboss.security.auth.message.GenericMessageInfo)

Example 7 with GenericMessageInfo

use of org.jboss.security.auth.message.GenericMessageInfo in project jbossws-cxf by jbossws.

the class JaspiClientAuthenticator method validateResponse.

public void validateResponse(SoapMessage message) {
    SOAPMessage request = message.getExchange().getInMessage().get(SOAPMessage.class);
    SOAPMessage response = message.getContent(SOAPMessage.class);
    MessageInfo messageInfo = new GenericMessageInfo(request, response);
    String authContextID = clientConfig.getAuthContextID(messageInfo);
    Properties serverContextProperties = new Properties();
    serverContextProperties.put("security-domain", securityDomain);
    serverContextProperties.put("jaspi-policy", jpi);
    Subject clientSubject = new Subject();
    @SuppressWarnings("unused") AuthStatus authStatus = null;
    try {
        ClientAuthContext sctx = clientConfig.getAuthContext(authContextID, clientSubject, serverContextProperties);
        authStatus = sctx.validateResponse(messageInfo, new Subject(), new Subject());
    } catch (AuthException e) {
        if (isSOAP12(message)) {
            SoapFault soap12Fault = new SoapFault(e.getMessage(), Soap12.getInstance().getSender());
            throw soap12Fault;
        } else {
            throw new SoapFault(e.getMessage(), new QName("", "japsi AuthException"));
        }
    }
// TODO:handle AuthStatus
}
Also used : SoapFault(org.apache.cxf.binding.soap.SoapFault) AuthStatus(javax.security.auth.message.AuthStatus) QName(javax.xml.namespace.QName) GenericMessageInfo(org.jboss.security.auth.message.GenericMessageInfo) AuthException(javax.security.auth.message.AuthException) ClientAuthContext(javax.security.auth.message.config.ClientAuthContext) Properties(java.util.Properties) SOAPMessage(javax.xml.soap.SOAPMessage) Subject(javax.security.auth.Subject) MessageInfo(javax.security.auth.message.MessageInfo) GenericMessageInfo(org.jboss.security.auth.message.GenericMessageInfo)

Aggregations

GenericMessageInfo (org.jboss.security.auth.message.GenericMessageInfo)7 AuthException (javax.security.auth.message.AuthException)4 AuthStatus (javax.security.auth.message.AuthStatus)4 MessageInfo (javax.security.auth.message.MessageInfo)4 QName (javax.xml.namespace.QName)4 SOAPMessage (javax.xml.soap.SOAPMessage)4 SoapFault (org.apache.cxf.binding.soap.SoapFault)4 ServletRequestContext (io.undertow.servlet.handlers.ServletRequestContext)3 Subject (javax.security.auth.Subject)3 Properties (java.util.Properties)2 ClientAuthContext (javax.security.auth.message.config.ClientAuthContext)2 AuthenticatedSessionManager (io.undertow.security.api.AuthenticatedSessionManager)1 Account (io.undertow.security.idm.Account)1 SoapMessage (org.apache.cxf.binding.soap.SoapMessage)1 SoapPreProtocolOutInterceptor (org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor)1 Endpoint (org.apache.cxf.endpoint.Endpoint)1 InterceptorChain (org.apache.cxf.interceptor.InterceptorChain)1 Message (org.apache.cxf.message.Message)1 MessageImpl (org.apache.cxf.message.MessageImpl)1 JASPICallbackHandler (org.jboss.security.auth.callback.JASPICallbackHandler)1