Search in sources :

Example 1 with AgentException

use of org.nhindirect.stagent.AgentException in project nhin-d by DirectProject.

the class DefaultSmtpAgent method processMessage.

/**
	 * Processes an message from an SMTP stack.  The bridge component between the SMTP stack and the SMTP agent is responsible for
	 * extracting the message, the recipient list, and the sender.  In some cases, the routing headers may have different information than
	 * what is populated in the SMTP MAIL FROM and RCTP TO headers.  In these cases, the SMTP headers should be favored over the routing
	 * headers in the message and passed as the recipient collection and sender to this method.
	 * @param message The message in the SMTP envelope.
	 * @param recipients The recipients of the message.  The RCTP TO headers should be used over the message routing headers.
	 * @param sender The send of the message. The MAIL FROM header should be used over the From: routing header in the message.
	 */
public MessageProcessResult processMessage(MimeMessage message, NHINDAddressCollection recipients, NHINDAddress sender) {
    GatewayState.getInstance().lockForProcessing();
    try {
        LOGGER.trace("Entering processMessage(MimeMessage, NHINDAddressCollection, NHINDAddress");
        MessageProcessResult retVal = null;
        verifyInitialized();
        preProcessMessage(message, sender);
        Collection<NHINDAddress> originalRecipList = new ArrayList<NHINDAddress>(recipients);
        DefaultMessageEnvelope envelopeToProcess = null;
        try {
            envelopeToProcess = new DefaultMessageEnvelope(new Message(message), recipients, sender);
            envelopeToProcess.setAgent(agent);
            // should always result in either a non null object or an exception
            MessageEnvelope processEvn = processEnvelope(envelopeToProcess);
            retVal = new MessageProcessResult(processEvn, null);
            if (retVal.getProcessedMessage() != null)
                postProcessMessage(retVal);
        } catch (SmtpAgentException e) {
            // rethrow
            LOGGER.trace("Exiting processMessage(MimeMessage, NHINDAddressCollection, NHINDAddress", e);
            throw e;
        } catch (Exception e) {
            // audit the message rejection
            if (envelopeToProcess != null) {
                Collection<AuditContext> contexts = createContextCollectionFromMessage(envelopeToProcess, Arrays.asList(AuditEvents.DEFAULT_HEADER_CONTEXT));
                if (e instanceof NHINDException) {
                    NHINDException exception = (NHINDException) e;
                    if (exception.getError() != null) {
                        contexts.add(new DefaultAuditContext(AuditEvents.REJECTED_MESSAGE_REASON_CONTEXT, exception.getError().toString()));
                        if (exception.getError() != null && exception.getError() instanceof AgentException && ((AgentException) exception.getError()).getError() == AgentError.NoTrustedRecipients) {
                            StringBuilder rejectedRecips = new StringBuilder();
                            int cnt = 0;
                            for (NHINDAddress address : originalRecipList) {
                                rejectedRecips.append(address.getAddress());
                                if (++cnt < originalRecipList.size())
                                    rejectedRecips.append(", ");
                            }
                            contexts.add(new DefaultAuditContext(AuditEvents.REJECTED_RECIPIENTS_CONTEXT, rejectedRecips.toString()));
                        }
                    }
                }
                auditor.audit(PRINICPAL, new AuditEvent(AuditEvents.REJECTED_MESSAGE_NAME, AuditEvents.EVENT_TYPE), contexts);
            }
            LOGGER.trace("Exiting processMessage(MimeMessage, NHINDAddressCollection, NHINDAddress", e);
            throw new SmtpAgentException(SmtpAgentError.Unknown, e);
        }
        LOGGER.trace("Exiting processMessage(MimeMessage, NHINDAddressCollection, NHINDAddress");
        return retVal;
    } finally {
        GatewayState.getInstance().unlockFromProcessing();
    }
}
Also used : DefaultAuditContext(org.nhindirect.common.audit.DefaultAuditContext) NotificationMessage(org.nhindirect.stagent.mail.notifications.NotificationMessage) IncomingMessage(org.nhindirect.stagent.IncomingMessage) Message(org.nhindirect.stagent.mail.Message) MimeMessage(javax.mail.internet.MimeMessage) OutgoingMessage(org.nhindirect.stagent.OutgoingMessage) DefaultMessageEnvelope(org.nhindirect.stagent.DefaultMessageEnvelope) AgentException(org.nhindirect.stagent.AgentException) ArrayList(java.util.ArrayList) NHINDException(org.nhindirect.stagent.NHINDException) DefaultMessageEnvelope(org.nhindirect.stagent.DefaultMessageEnvelope) MessageEnvelope(org.nhindirect.stagent.MessageEnvelope) MessagingException(javax.mail.MessagingException) AgentException(org.nhindirect.stagent.AgentException) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException) NHINDException(org.nhindirect.stagent.NHINDException) NHINDAddress(org.nhindirect.stagent.NHINDAddress) NHINDAddressCollection(org.nhindirect.stagent.NHINDAddressCollection) Collection(java.util.Collection) AuditEvent(org.nhindirect.common.audit.AuditEvent)

Example 2 with AgentException

use of org.nhindirect.stagent.AgentException in project nhin-d by DirectProject.

the class TrustModel_isCertPolicyCompliantTest method testIsCertPolicyCompliant_policyExpressionError_assertExecption.

public void testIsCertPolicyCompliant_policyExpressionError_assertExecption() throws Exception {
    final TrustModel model = new TrustModel();
    final PolicyFilter filter = mock(PolicyFilter.class);
    doThrow(new PolicyProcessException("Just Passing Through")).when(filter).isCompliant((X509Certificate) any(), (PolicyExpression) any());
    final PolicyResolver resolver = mock(PolicyResolver.class);
    final PolicyExpression expression = mock(PolicyExpression.class);
    when(resolver.getIncomingPolicy((InternetAddress) any())).thenReturn(Arrays.asList(expression));
    model.setTrustPolicyResolver(resolver);
    model.setPolicyFilter(filter);
    final X509Certificate cert = mock(X509Certificate.class);
    boolean exceptionOccured = false;
    try {
        model.isCertPolicyCompliant(new InternetAddress("me@test.com"), cert);
    } catch (AgentException e) {
        exceptionOccured = true;
    }
    assertTrue(exceptionOccured);
}
Also used : InternetAddress(javax.mail.internet.InternetAddress) PolicyFilter(org.nhindirect.policy.PolicyFilter) AgentException(org.nhindirect.stagent.AgentException) PolicyResolver(org.nhindirect.stagent.policy.PolicyResolver) PolicyExpression(org.nhindirect.policy.PolicyExpression) PolicyProcessException(org.nhindirect.policy.PolicyProcessException) X509Certificate(java.security.cert.X509Certificate)

Example 3 with AgentException

use of org.nhindirect.stagent.AgentException in project nhin-d by DirectProject.

the class TrustModel method enforce.

/**
     * Enforces the trust policy an incoming message.  Each domain recipient's trust status is set according the models trust policy. 
     */
public void enforce(IncomingMessage message) {
    if (message == null)
        throw new IllegalArgumentException();
    if (!message.hasSignatures())
        throw new AgentException(AgentError.UntrustedMessage);
    findSenderSignatures(message);
    if (!message.hasSenderSignatures())
        throw new AgentException(AgentError.MissingSenderSignature);
    // 
    // For each domain recipient, find at least one valid sender signature that the recipient trusts
    // the default value of the trust status is false, so only change the status if a trusted
    // certificate is found
    //        
    NHINDAddressCollection recipients = message.getDomainRecipients();
    for (NHINDAddress recipient : recipients) {
        recipient.setStatus(TrustEnforcementStatus.Failed);
        // be a bogus recipient
        if (recipient.getCertificates() != null) {
            // Find a trusted signature
            DefaultMessageSignatureImpl trustedSignature = findTrustedSignature(message, recipient, recipient.getTrustAnchors());
            // verify the signature
            if (trustedSignature != null) {
                recipient.setStatus(trustedSignature.isThumbprintVerified() ? TrustEnforcementStatus.Success : TrustEnforcementStatus.Success_ThumbprintMismatch);
            } else {
                LOGGER.warn("enforce(IncomingMessage message) - could not find a trusted certificate for recipient " + recipient.getAddress());
            }
        } else {
            LOGGER.warn("enforce(IncomingMessage message) - recipient " + recipient.getAddress() + " does not have a bound certificate");
        }
    }
}
Also used : NHINDAddress(org.nhindirect.stagent.NHINDAddress) DefaultMessageSignatureImpl(org.nhindirect.stagent.DefaultMessageSignatureImpl) AgentException(org.nhindirect.stagent.AgentException) NHINDAddressCollection(org.nhindirect.stagent.NHINDAddressCollection)

Aggregations

AgentException (org.nhindirect.stagent.AgentException)3 NHINDAddress (org.nhindirect.stagent.NHINDAddress)2 NHINDAddressCollection (org.nhindirect.stagent.NHINDAddressCollection)2 IOException (java.io.IOException)1 UnknownHostException (java.net.UnknownHostException)1 X509Certificate (java.security.cert.X509Certificate)1 ArrayList (java.util.ArrayList)1 Collection (java.util.Collection)1 MessagingException (javax.mail.MessagingException)1 InternetAddress (javax.mail.internet.InternetAddress)1 MimeMessage (javax.mail.internet.MimeMessage)1 AuditEvent (org.nhindirect.common.audit.AuditEvent)1 DefaultAuditContext (org.nhindirect.common.audit.DefaultAuditContext)1 PolicyExpression (org.nhindirect.policy.PolicyExpression)1 PolicyFilter (org.nhindirect.policy.PolicyFilter)1 PolicyProcessException (org.nhindirect.policy.PolicyProcessException)1 DefaultMessageEnvelope (org.nhindirect.stagent.DefaultMessageEnvelope)1 DefaultMessageSignatureImpl (org.nhindirect.stagent.DefaultMessageSignatureImpl)1 IncomingMessage (org.nhindirect.stagent.IncomingMessage)1 MessageEnvelope (org.nhindirect.stagent.MessageEnvelope)1