use of org.jboss.security.config.ApplicationPolicy in project jbossws-cxf by jbossws.
the class DefaultJASPIAuthenticationProvider method enableServerAuthentication.
public boolean enableServerAuthentication(Object target, Endpoint endpoint) {
if (!(target instanceof EndpointImpl)) {
Loggers.ROOT_LOGGER.cannotEnableJASPIAuthentication(target.getClass().getSimpleName());
return false;
}
EndpointImpl endpointImpl = (EndpointImpl) target;
String securityDomain = (String) endpointImpl.getProperties().get(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
if (securityDomain == null) {
return false;
}
ApplicationPolicy appPolicy = SecurityConfiguration.getApplicationPolicy(securityDomain);
if (appPolicy == null) {
Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
return false;
}
BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
if (bai == null || bai instanceof AuthenticationInfo) {
Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
return false;
}
JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
String contextRoot = endpoint.getService().getContextRoot();
String appId = "localhost " + contextRoot;
AuthConfigFactory factory = AuthConfigFactory.getFactory();
Properties properties = new Properties();
AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId, null);
JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
JaspiServerAuthenticator serverAuthenticator = null;
try {
ServerAuthConfig serverConfig = provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId, callbackHandler);
Properties serverContextProperties = new Properties();
serverContextProperties.put("security-domain", securityDomain);
serverContextProperties.put("jaspi-policy", jai);
serverContextProperties.put(javax.xml.ws.Endpoint.class, endpointImpl);
String authContextID = endpointImpl.getBeanName();
ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null, serverContextProperties);
serverAuthenticator = new JaspiServerAuthenticator(sctx);
endpointImpl.getInInterceptors().add(new JaspiSeverInInterceptor(serverAuthenticator));
endpointImpl.getOutInterceptors().add(new JaspiSeverOutInterceptor(serverAuthenticator));
return true;
} catch (Exception e) {
Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
}
return false;
}
Aggregations