Search in sources :

Example 1 with JASPIAuthenticationProvider

use of org.jboss.wsf.spi.security.JASPIAuthenticationProvider in project jbossws-cxf by jbossws.

the class CXFClientConfigurer method setConfigProperties.

protected void setConfigProperties(Object client, ClientConfig config) {
    Client cxfClient;
    if (client instanceof DispatchImpl<?>) {
        cxfClient = ((DispatchImpl<?>) client).getClient();
    } else {
        cxfClient = ClientProxy.getClient(client);
    }
    cleanupPreviousProps(cxfClient);
    Map<String, String> props = config.getProperties();
    if (props != null && !props.isEmpty()) {
        savePropList(cxfClient, props);
    }
    setConfigProperties(cxfClient, props);
    // config jaspi
    JASPIAuthenticationProvider japsiProvider = (JASPIAuthenticationProvider) ServiceLoader.loadService(JASPIAuthenticationProvider.class.getName(), null, ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
    if (japsiProvider != null) {
        japsiProvider.enableClientAuthentication(cxfClient, props);
    } else {
        Loggers.SECURITY_LOGGER.cannotFindJaspiClasses();
    }
}
Also used : DispatchImpl(org.apache.cxf.jaxws.DispatchImpl) JASPIAuthenticationProvider(org.jboss.wsf.spi.security.JASPIAuthenticationProvider) Client(org.apache.cxf.endpoint.Client)

Example 2 with JASPIAuthenticationProvider

use of org.jboss.wsf.spi.security.JASPIAuthenticationProvider in project jbossws-cxf by jbossws.

the class BusHolder method configure.

/**
 * Update the Bus held by the this instance using the provided parameters.
 * This basically prepares the bus for being used with JBossWS.
 *
 * @param resolver               The ResourceResolver to configure, if any
 * @param configurer             The JBossWSCXFConfigurer to install in the bus, if any
 * @param wsmd                   The current JBossWebservicesMetaData, if any
 * @param dep                    The current deployment
 */
public void configure(ResourceResolver resolver, Configurer configurer, JBossWebservicesMetaData wsmd, Deployment dep) {
    if (configured) {
        throw Messages.MESSAGES.busAlreadyConfigured(bus);
    }
    bus.setProperty(org.jboss.wsf.stack.cxf.client.Constants.DEPLOYMENT_BUS, true);
    busHolderListener = new BusHolderLifeCycleListener();
    bus.getExtension(BusLifeCycleManager.class).registerLifeCycleListener(busHolderListener);
    setWSDLManagerStreamWrapper(bus);
    if (configurer != null) {
        bus.setExtension(configurer, Configurer.class);
    }
    Map<String, String> props = getProperties(wsmd);
    setInterceptors(bus, dep, props);
    dep.addAttachment(Bus.class, bus);
    try {
        final JASPIAuthenticationProvider jaspiProvider = SPIProvider.getInstance().getSPI(JASPIAuthenticationProvider.class, ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
        if (jaspiProvider != null && jaspiProvider.enableServerAuthentication(dep, wsmd)) {
            bus.getInInterceptors().add(new AuthenticationMgrSubjectCreatingInterceptor());
        }
    } catch (WSFException e) {
        Loggers.DEPLOYMENT_LOGGER.cannotFindJaspiClasses();
    }
    setResourceResolver(bus, resolver);
    if (bus.getExtension(PolicyEngine.class) != null) {
        bus.getExtension(PolicyEngine.class).setAlternativeSelector(getAlternativeSelector(props));
    }
    // *first* enabled cxf management if required, *then* add anything else which could be manageable (e.g. work queues)
    setCXFManagement(bus, props);
    setAdditionalWorkQueues(bus, props);
    setWSDiscovery(bus, props);
    AnnotationsInfo ai = dep.getAttachment(AnnotationsInfo.class);
    if (ai == null || ai.hasAnnotatedClasses(PolicySets.class.getName())) {
        policySetsListener = new PolicySetsAnnotationListener(dep.getClassLoader());
        bus.getExtension(FactoryBeanListenerManager.class).addListener(policySetsListener);
    }
    // default to USE_ORIGINAL_THREAD = true; this can be overridden by simply setting the property in the endpoint or in the message using an interceptor
    // this forces one way operation to use original thread, which is required for ejb webserivce endpoints to avoid authorization failures from ejb container
    // and is a performance improvement in general when running in-container, as CXF needs to cache the message to free the thread, which is expensive
    // (moreover the user can tune the web container thread pool instead of expecting cxf to fork new threads)
    bus.setProperty(OneWayProcessorInterceptor.USE_ORIGINAL_THREAD, true);
    // [JBWS-3135] enable decoupled faultTo. This is an optional feature in cxf and we need this to be default to make it same behavior with native stack
    bus.setProperty("org.apache.cxf.ws.addressing.decoupled_fault_support", true);
    FeatureUtils.addFeatures(bus, bus, props);
    for (DDEndpoint dde : metadata.getEndpoints()) {
        EndpointImpl endpoint = new EndpointImpl(bus, newInstance(dde.getImplementor()));
        if (dde.getInvoker() != null)
            endpoint.setInvoker(newInvokerInstance(dde.getInvoker(), dep));
        endpoint.setAddress(dde.getAddress());
        endpoint.setEndpointName(dde.getPortName());
        endpoint.setServiceName(dde.getServiceName());
        endpoint.setWsdlLocation(dde.getWsdlLocation());
        setHandlers(endpoint, dde);
        if (dde.getProperties() != null) {
            Map<String, Object> p = new HashMap<String, Object>();
            p.putAll(dde.getProperties());
            endpoint.setProperties(p);
        }
        if (dde.isAddressingEnabled()) {
            WSAddressingFeature addressingFeature = new WSAddressingFeature();
            addressingFeature.setAddressingRequired(dde.isAddressingRequired());
            addressingFeature.setResponses(dde.getAddressingResponses());
            endpoint.getFeatures().add(addressingFeature);
        }
        endpoint.setPublishedEndpointUrl(dde.getPublishedEndpointUrl());
        endpoint.setSOAPAddressRewriteMetadata(dep.getAttachment(SOAPAddressRewriteMetadata.class));
        endpoint.publish();
        endpoints.add(endpoint);
        if (dde.isMtomEnabled()) {
            SOAPBinding binding = (SOAPBinding) endpoint.getBinding();
            binding.setMTOMEnabled(true);
        }
    }
    configured = true;
}
Also used : DDEndpoint(org.jboss.wsf.stack.cxf.metadata.services.DDEndpoint) HashMap(java.util.HashMap) EndpointImpl(org.jboss.wsf.stack.cxf.deployment.EndpointImpl) SOAPAddressRewriteMetadata(org.jboss.wsf.spi.metadata.config.SOAPAddressRewriteMetadata) PolicyEngine(org.apache.cxf.ws.policy.PolicyEngine) SOAPBinding(javax.xml.ws.soap.SOAPBinding) FactoryBeanListenerManager(org.apache.cxf.service.factory.FactoryBeanListenerManager) PolicySetsAnnotationListener(org.jboss.wsf.stack.cxf.extensions.policy.PolicySetsAnnotationListener) WSAddressingFeature(org.apache.cxf.ws.addressing.WSAddressingFeature) JASPIAuthenticationProvider(org.jboss.wsf.spi.security.JASPIAuthenticationProvider) WSFException(org.jboss.wsf.spi.WSFException) BusLifeCycleManager(org.apache.cxf.buslifecycle.BusLifeCycleManager) AnnotationsInfo(org.jboss.wsf.spi.deployment.AnnotationsInfo) AuthenticationMgrSubjectCreatingInterceptor(org.jboss.wsf.stack.cxf.security.authentication.AuthenticationMgrSubjectCreatingInterceptor)

Example 3 with JASPIAuthenticationProvider

use of org.jboss.wsf.spi.security.JASPIAuthenticationProvider in project jbossws-cxf by jbossws.

the class ServerBeanCustomizer method configureEndpoint.

protected void configureEndpoint(EndpointImpl endpoint) {
    // Configure wsdl file publisher
    if (wsdlPublisher != null) {
        endpoint.setWsdlPublisher(wsdlPublisher);
    }
    // Configure according to the specified jaxws endpoint configuration
    if (// before publishing, we set the jaxws conf
    !endpoint.isPublished()) {
        final Object implementor = endpoint.getImplementor();
        // setup our invoker for http endpoints if invoker is not configured in jbossws-cxf.xml DD
        boolean isHttpEndpoint = endpoint.getAddress() != null && endpoint.getAddress().substring(0, 5).toLowerCase(Locale.ENGLISH).startsWith("http");
        if ((endpoint.getInvoker() == null) && isHttpEndpoint) {
            final AnnotationsInfo ai = dep.getAttachment(AnnotationsInfo.class);
            endpoint.setInvoker(new JBossWSInvoker(ai.hasAnnotatedClasses(UseAsyncMethod.class.getName())));
        }
        // ** Endpoint configuration setup **
        final String endpointClassName = implementor.getClass().getName();
        final List<Endpoint> depEndpoints = dep.getService().getEndpoints();
        for (Endpoint depEndpoint : depEndpoints) {
            if (endpointClassName.equals(depEndpoint.getTargetBeanName())) {
                org.jboss.wsf.spi.metadata.config.EndpointConfig config = depEndpoint.getEndpointConfig();
                if (config == null) {
                    // the ASIL did not set the endpoint configuration, perhaps because we're processing an
                    // Endpoint.publish() API started endpoint or because we're on WildFly 8.0.0.Final or
                    // previous version. We compute the config here then (clearly no container injection
                    // will be performed on optional handlers attached to the config)
                    BasicConfigResolver bcr = new BasicConfigResolver(dep, implementor.getClass());
                    config = bcr.resolveEndpointConfig();
                    depEndpoint.setEndpointConfig(config);
                }
                if (config != null) {
                    endpoint.setEndpointConfig(config);
                }
                // also save Service QName and Port QName in the endpoint for later matches
                depEndpoint.setProperty(Message.WSDL_PORT, endpoint.getEndpointName());
                depEndpoint.setProperty(Message.WSDL_SERVICE, endpoint.getServiceName());
            }
        }
        // JASPI
        final JASPIAuthenticationProvider jaspiProvider = (JASPIAuthenticationProvider) ServiceLoader.loadService(JASPIAuthenticationProvider.class.getName(), null, ClassLoaderProvider.getDefaultProvider().getServerIntegrationClassLoader());
        if (jaspiProvider == null) {
            Loggers.DEPLOYMENT_LOGGER.cannotFindJaspiClasses();
        } else {
            if (jaspiProvider.enableServerAuthentication(endpoint, depEndpoints.get(0))) {
                endpoint.getInInterceptors().add(new AuthenticationMgrSubjectCreatingInterceptor());
            }
        }
    }
}
Also used : UseAsyncMethod(org.apache.cxf.annotations.UseAsyncMethod) JBossWSInvoker(org.jboss.wsf.stack.cxf.JBossWSInvoker) Endpoint(org.jboss.wsf.spi.deployment.Endpoint) DefaultHttpEndpoint(org.jboss.ws.common.deployment.DefaultHttpEndpoint) JASPIAuthenticationProvider(org.jboss.wsf.spi.security.JASPIAuthenticationProvider) AnnotationsInfo(org.jboss.wsf.spi.deployment.AnnotationsInfo) BasicConfigResolver(org.jboss.ws.common.configuration.BasicConfigResolver) AuthenticationMgrSubjectCreatingInterceptor(org.jboss.wsf.stack.cxf.security.authentication.AuthenticationMgrSubjectCreatingInterceptor)

Aggregations

JASPIAuthenticationProvider (org.jboss.wsf.spi.security.JASPIAuthenticationProvider)3 AnnotationsInfo (org.jboss.wsf.spi.deployment.AnnotationsInfo)2 AuthenticationMgrSubjectCreatingInterceptor (org.jboss.wsf.stack.cxf.security.authentication.AuthenticationMgrSubjectCreatingInterceptor)2 HashMap (java.util.HashMap)1 SOAPBinding (javax.xml.ws.soap.SOAPBinding)1 UseAsyncMethod (org.apache.cxf.annotations.UseAsyncMethod)1 BusLifeCycleManager (org.apache.cxf.buslifecycle.BusLifeCycleManager)1 Client (org.apache.cxf.endpoint.Client)1 DispatchImpl (org.apache.cxf.jaxws.DispatchImpl)1 FactoryBeanListenerManager (org.apache.cxf.service.factory.FactoryBeanListenerManager)1 WSAddressingFeature (org.apache.cxf.ws.addressing.WSAddressingFeature)1 PolicyEngine (org.apache.cxf.ws.policy.PolicyEngine)1 BasicConfigResolver (org.jboss.ws.common.configuration.BasicConfigResolver)1 DefaultHttpEndpoint (org.jboss.ws.common.deployment.DefaultHttpEndpoint)1 WSFException (org.jboss.wsf.spi.WSFException)1 Endpoint (org.jboss.wsf.spi.deployment.Endpoint)1 SOAPAddressRewriteMetadata (org.jboss.wsf.spi.metadata.config.SOAPAddressRewriteMetadata)1 JBossWSInvoker (org.jboss.wsf.stack.cxf.JBossWSInvoker)1 EndpointImpl (org.jboss.wsf.stack.cxf.deployment.EndpointImpl)1 PolicySetsAnnotationListener (org.jboss.wsf.stack.cxf.extensions.policy.PolicySetsAnnotationListener)1