Package com.apress.prospring.ch6.security

Examples of com.apress.prospring.ch6.security.SecurityManager


    String sequencePropertyKey = internalSequenceId;

    // Check that the sender of this Ack holds the correct token
    SequencePropertyBean tokenBean = seqPropMgr.retrieve(outSequenceId, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
    if(tokenBean != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());
     
      secManager.checkProofOfPossession(token, soapHeader, msgCtx);
    }
   
    Iterator ackRangeIterator = sequenceAck.getAcknowledgementRanges().iterator();
    Iterator nackIterator = sequenceAck.getNackList().iterator();
View Full Code Here


    }

    // Check that the create sequence response message proves possession of the correct token
    String tokenData = rmsBean.getSecurityTokenData();
    if(tokenData != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      MessageContext crtSeqResponseCtx = createSeqResponseRMMsgCtx.getMessageContext();
      OMElement body = crtSeqResponseCtx.getEnvelope().getBody();
      SecurityToken token = secManager.recoverSecurityToken(tokenData);
      secManager.checkProofOfPossession(token, body, crtSeqResponseCtx);
    }

    String internalSequenceId = rmsBean.getInternalSequenceID();
    if (internalSequenceId == null || "".equals(internalSequenceId)) {
      String message = SandeshaMessageHelper.getMessage(SandeshaMessageKeys.tempSeqIdNotSet);
View Full Code Here

    return sequenceID;
  }

  public static SecurityManager getSecurityManager(ConfigurationContext context) throws SandeshaException {
    SecurityManager util = (SecurityManager) context.getProperty(Sandesha2Constants.SECURITY_MANAGER);
    if (util != null) return util;

    //Currently module policies are used to find the security impl. These cant be overriden
    String securityManagerClassStr = getDefaultPropertyBean(context.getAxisConfiguration()).getSecurityManagerClass();
    util = getSecurityManagerInstance(securityManagerClassStr,context);
View Full Code Here

    String sequencePropertyKey = sequenceId;
   
    // Check that the sender of this AckRequest holds the correct token
    SequencePropertyBean tokenBean = seqPropMgr.retrieve(sequencePropertyKey, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
    if(tokenBean != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configurationContext);
      SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());
     
      secManager.checkProofOfPossession(token, soapHeader, msgContext);
    }

    // Setting the ack depending on AcksTo.
    SequencePropertyBean acksToBean = seqPropMgr.retrieve(sequencePropertyKey,
        Sandesha2Constants.SequenceProperties.ACKS_TO_EPR);
View Full Code Here

    SequencePropertyBeanMgr sequencePropMgr = storageManager.getSequencePropertyBeanMgr();
   
    // Check that the sender of this CloseSequence holds the correct token
    SequencePropertyBean tokenBean = sequencePropMgr.retrieve(sequenceId, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
    if(tokenBean != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(msgCtx.getConfigurationContext());
      OMElement body = msgCtx.getEnvelope().getBody();
      SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());
      secManager.checkProofOfPossession(token, body, msgCtx);
    }

    FaultManager faultManager = new FaultManager();
    SandeshaException fault = faultManager.checkForUnknownSequence(rmMsgCtx, sequenceId, storageManager);
    if (fault != null) {
View Full Code Here

    }
   
    // Reset the security manager, and then load it
    parameter = config.getParameter(Sandesha2Constants.SECURITY_MANAGER);
    if(parameter != null) config.removeParameter(parameter);
    SecurityManager util = SandeshaUtil.getSecurityManager(configContext);
    util.initSecurity(module);

    // Mark the config context so that we can run sync 2-way interations over
    // RM, but at the same time switch it off for unreliable messages.
    // We do a similar trick with the code that does an early HTTP 202 for
    // messages that don't need their backchannel.
View Full Code Here

      // Check that both the Sequence header and message body have been secured properly
      RMDBeanMgr mgr = storageManager.getRMDBeanMgr();
      RMDBean bean = mgr.retrieve(sequenceId);
     
      if(bean != null && bean.getSecurityTokenData() != null) {
        SecurityManager secManager = SandeshaUtil.getSecurityManager(rmMsgCtx.getConfigurationContext());
       
        QName seqName = new QName(rmMsgCtx.getRMNamespaceValue(), Sandesha2Constants.WSRM_COMMON.SEQUENCE);
       
        SOAPEnvelope envelope = rmMsgCtx.getSOAPEnvelope();
        OMElement body = envelope.getBody();
        OMElement seqHeader = envelope.getHeader().getFirstChildWithName(seqName);
       
        SecurityToken token = secManager.recoverSecurityToken(bean.getSecurityTokenData());
       
        secManager.checkProofOfPossession(token, seqHeader, rmMsgCtx.getMessageContext());
        secManager.checkProofOfPossession(token, body, rmMsgCtx.getMessageContext());
      }
     
      MessageContext messageContext = rmMsgCtx.getMessageContext();
   
      if (bean != null) {
View Full Code Here

    createSeqRMMsg.setMessagePart(Sandesha2Constants.MessageParts.CREATE_SEQ, createSequencePart);

    // Find the token that should be used to secure this new sequence. If there is a token, then we
    // save it in the properties so that the caller can store the token within the create sequence
    // bean.
    SecurityManager secMgr = SandeshaUtil.getSecurityManager(context);
    SecurityToken token = secMgr.getSecurityToken(applicationMsgContext);
    if(token != null) {
      OMElement str = secMgr.createSecurityTokenReference(token, createSeqmsgContext);
      createSequencePart.setSecurityTokenReference(str);
      createSeqRMMsg.setProperty(Sandesha2Constants.MessageContextProperties.SECURITY_TOKEN, token);
     
      // If we are using token based security, and the 1.1 spec level, then we
      // should introduce a UsesSequenceSTR header into the message.
      if(createSequencePart.getNamespaceValue().equals(Sandesha2Constants.SPEC_2007_02.NS_URI)) {
        UsesSequenceSTR header = new UsesSequenceSTR(null, Sandesha2Constants.SPEC_2007_02.NS_URI);
        header.toSOAPEnvelope(createSeqmsgContext.getEnvelope());
      }

      // Ensure that the correct token will be used to secure the outbound create sequence message.
      // We cannot use the normal helper method as we have not stored the token into the sequence bean yet.
      secMgr.applySecurityToken(token, createSeqRMMsg.getMessageContext());
    }

    createSeqRMMsg.setAction(SpecSpecificConstants.getCreateSequenceAction(rmsBean.getRMVersion()));
    createSeqRMMsg.setSOAPAction(SpecSpecificConstants.getCreateSequenceSOAPAction(rmsBean.getRMVersion()));
View Full Code Here

    ConfigurationContext configCtx = message.getConfigurationContext();

    if(rmBean.getSecurityTokenData() != null) {
      if(log.isDebugEnabled()) log.debug("Securing outbound message");
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      SecurityToken token = secManager.recoverSecurityToken(rmBean.getSecurityTokenData());
      secManager.applySecurityToken(token, message);
    }

    if(log.isDebugEnabled()) log.debug("Exit: RMMsgCreator::secureOutboundMessage");
  }
View Full Code Here

    }

    // Check that the sender of this Ack holds the correct token
    String internalSequenceId = rmsBean.getInternalSequenceID();
    if(rmsBean.getSecurityTokenData() != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      SecurityToken token = secManager.recoverSecurityToken(rmsBean.getSecurityTokenData());
     
      secManager.checkProofOfPossession(token, soapHeader, msgCtx);
    }
   
    if(log.isDebugEnabled()) log.debug("Got Ack for RM Sequence: " + outSequenceId + ", internalSeqId: " + internalSequenceId);
    Iterator ackRangeIterator = sequenceAck.getAcknowledgementRanges().iterator();
View Full Code Here

TOP

Related Classes of com.apress.prospring.ch6.security.SecurityManager

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.