use of org.jboss.wsf.spi.security.JASPIAuthenticationProvider in project jbossws-cxf by jbossws.
the class CXFClientConfigurer method setConfigProperties.
protected void setConfigProperties(Object client, ClientConfig config) {
Client cxfClient;
if (client instanceof DispatchImpl<?>) {
cxfClient = ((DispatchImpl<?>) client).getClient();
} else {
cxfClient = ClientProxy.getClient(client);
}
cleanupPreviousProps(cxfClient);
Map<String, String> props = config.getProperties();
if (props != null && !props.isEmpty()) {
savePropList(cxfClient, props);
}
setConfigProperties(cxfClient, props);
// config jaspi
JASPIAuthenticationProvider japsiProvider = (JASPIAuthenticationProvider) ServiceLoader.loadService(JASPIAuthenticationProvider.class.getName(), null, ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
if (japsiProvider != null) {
japsiProvider.enableClientAuthentication(cxfClient, props);
} else {
Loggers.SECURITY_LOGGER.cannotFindJaspiClasses();
}
}
use of org.jboss.wsf.spi.security.JASPIAuthenticationProvider in project jbossws-cxf by jbossws.
the class BusHolder method configure.
/**
* Update the Bus held by the this instance using the provided parameters.
* This basically prepares the bus for being used with JBossWS.
*
* @param resolver The ResourceResolver to configure, if any
* @param configurer The JBossWSCXFConfigurer to install in the bus, if any
* @param wsmd The current JBossWebservicesMetaData, if any
* @param dep The current deployment
*/
public void configure(ResourceResolver resolver, Configurer configurer, JBossWebservicesMetaData wsmd, Deployment dep) {
if (configured) {
throw Messages.MESSAGES.busAlreadyConfigured(bus);
}
bus.setProperty(org.jboss.wsf.stack.cxf.client.Constants.DEPLOYMENT_BUS, true);
busHolderListener = new BusHolderLifeCycleListener();
bus.getExtension(BusLifeCycleManager.class).registerLifeCycleListener(busHolderListener);
setWSDLManagerStreamWrapper(bus);
if (configurer != null) {
bus.setExtension(configurer, Configurer.class);
}
Map<String, String> props = getProperties(wsmd);
setInterceptors(bus, dep, props);
dep.addAttachment(Bus.class, bus);
try {
final JASPIAuthenticationProvider jaspiProvider = SPIProvider.getInstance().getSPI(JASPIAuthenticationProvider.class, ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
if (jaspiProvider != null && jaspiProvider.enableServerAuthentication(dep, wsmd)) {
bus.getInInterceptors().add(new AuthenticationMgrSubjectCreatingInterceptor());
}
} catch (WSFException e) {
Loggers.DEPLOYMENT_LOGGER.cannotFindJaspiClasses();
}
setResourceResolver(bus, resolver);
if (bus.getExtension(PolicyEngine.class) != null) {
bus.getExtension(PolicyEngine.class).setAlternativeSelector(getAlternativeSelector(props));
}
// *first* enabled cxf management if required, *then* add anything else which could be manageable (e.g. work queues)
setCXFManagement(bus, props);
setAdditionalWorkQueues(bus, props);
setWSDiscovery(bus, props);
AnnotationsInfo ai = dep.getAttachment(AnnotationsInfo.class);
if (ai == null || ai.hasAnnotatedClasses(PolicySets.class.getName())) {
policySetsListener = new PolicySetsAnnotationListener(dep.getClassLoader());
bus.getExtension(FactoryBeanListenerManager.class).addListener(policySetsListener);
}
// default to USE_ORIGINAL_THREAD = true; this can be overridden by simply setting the property in the endpoint or in the message using an interceptor
// this forces one way operation to use original thread, which is required for ejb webserivce endpoints to avoid authorization failures from ejb container
// and is a performance improvement in general when running in-container, as CXF needs to cache the message to free the thread, which is expensive
// (moreover the user can tune the web container thread pool instead of expecting cxf to fork new threads)
bus.setProperty(OneWayProcessorInterceptor.USE_ORIGINAL_THREAD, true);
// [JBWS-3135] enable decoupled faultTo. This is an optional feature in cxf and we need this to be default to make it same behavior with native stack
bus.setProperty("org.apache.cxf.ws.addressing.decoupled_fault_support", true);
FeatureUtils.addFeatures(bus, bus, props);
for (DDEndpoint dde : metadata.getEndpoints()) {
EndpointImpl endpoint = new EndpointImpl(bus, newInstance(dde.getImplementor()));
if (dde.getInvoker() != null)
endpoint.setInvoker(newInvokerInstance(dde.getInvoker(), dep));
endpoint.setAddress(dde.getAddress());
endpoint.setEndpointName(dde.getPortName());
endpoint.setServiceName(dde.getServiceName());
endpoint.setWsdlLocation(dde.getWsdlLocation());
setHandlers(endpoint, dde);
if (dde.getProperties() != null) {
Map<String, Object> p = new HashMap<String, Object>();
p.putAll(dde.getProperties());
endpoint.setProperties(p);
}
if (dde.isAddressingEnabled()) {
WSAddressingFeature addressingFeature = new WSAddressingFeature();
addressingFeature.setAddressingRequired(dde.isAddressingRequired());
addressingFeature.setResponses(dde.getAddressingResponses());
endpoint.getFeatures().add(addressingFeature);
}
endpoint.setPublishedEndpointUrl(dde.getPublishedEndpointUrl());
endpoint.setSOAPAddressRewriteMetadata(dep.getAttachment(SOAPAddressRewriteMetadata.class));
endpoint.publish();
endpoints.add(endpoint);
if (dde.isMtomEnabled()) {
SOAPBinding binding = (SOAPBinding) endpoint.getBinding();
binding.setMTOMEnabled(true);
}
}
configured = true;
}
use of org.jboss.wsf.spi.security.JASPIAuthenticationProvider in project jbossws-cxf by jbossws.
the class ServerBeanCustomizer method configureEndpoint.
protected void configureEndpoint(EndpointImpl endpoint) {
// Configure wsdl file publisher
if (wsdlPublisher != null) {
endpoint.setWsdlPublisher(wsdlPublisher);
}
// Configure according to the specified jaxws endpoint configuration
if (// before publishing, we set the jaxws conf
!endpoint.isPublished()) {
final Object implementor = endpoint.getImplementor();
// setup our invoker for http endpoints if invoker is not configured in jbossws-cxf.xml DD
boolean isHttpEndpoint = endpoint.getAddress() != null && endpoint.getAddress().substring(0, 5).toLowerCase(Locale.ENGLISH).startsWith("http");
if ((endpoint.getInvoker() == null) && isHttpEndpoint) {
final AnnotationsInfo ai = dep.getAttachment(AnnotationsInfo.class);
endpoint.setInvoker(new JBossWSInvoker(ai.hasAnnotatedClasses(UseAsyncMethod.class.getName())));
}
// ** Endpoint configuration setup **
final String endpointClassName = implementor.getClass().getName();
final List<Endpoint> depEndpoints = dep.getService().getEndpoints();
for (Endpoint depEndpoint : depEndpoints) {
if (endpointClassName.equals(depEndpoint.getTargetBeanName())) {
org.jboss.wsf.spi.metadata.config.EndpointConfig config = depEndpoint.getEndpointConfig();
if (config == null) {
// the ASIL did not set the endpoint configuration, perhaps because we're processing an
// Endpoint.publish() API started endpoint or because we're on WildFly 8.0.0.Final or
// previous version. We compute the config here then (clearly no container injection
// will be performed on optional handlers attached to the config)
BasicConfigResolver bcr = new BasicConfigResolver(dep, implementor.getClass());
config = bcr.resolveEndpointConfig();
depEndpoint.setEndpointConfig(config);
}
if (config != null) {
endpoint.setEndpointConfig(config);
}
// also save Service QName and Port QName in the endpoint for later matches
depEndpoint.setProperty(Message.WSDL_PORT, endpoint.getEndpointName());
depEndpoint.setProperty(Message.WSDL_SERVICE, endpoint.getServiceName());
}
}
// JASPI
final JASPIAuthenticationProvider jaspiProvider = (JASPIAuthenticationProvider) ServiceLoader.loadService(JASPIAuthenticationProvider.class.getName(), null, ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
if (jaspiProvider == null) {
Loggers.DEPLOYMENT_LOGGER.cannotFindJaspiClasses();
} else {
if (jaspiProvider.enableServerAuthentication(endpoint, depEndpoints.get(0))) {
endpoint.getInInterceptors().add(new AuthenticationMgrSubjectCreatingInterceptor());
}
}
}
}
Aggregations