_logger.fine("ws.processRequest");
}
final SOAPMessageContext finalMC = messageContext;
Implementor implementor = (Implementor) messageContext.getProperty( IMPLEMENTOR );
final Tie tie = implementor.getTie();
StreamingHandler handler = (StreamingHandler) implementor.getTie();
SOAPMessage request = finalMC.getMessage();
final ServerAuthContext sAC = config_.getAuthContext(handler,request);
boolean status = true;
try {
if (sAC != null) {
status = false;
// proceed to process message security
status = WebServiceSecurity.validateRequest(finalMC,sAC);
if (status) {
messageContext.setProperty(SERVER_AUTH_CONTEXT, sAC);
}
}
} catch (AuthException ae) {
_logger.log(Level.SEVERE, LogUtils.ERROR_REQUEST_VALIDATION, ae);
throw new RuntimeException(ae);
} finally {
WebServiceSecurity.auditInvocation(messageContext, endpoint_, status);
}
if (status) {
// only do doAsPriv if SecurityManager in effect.
if (System.getSecurityManager() != null) {
// on this branch, the endpoint invocation and the
// processing of the response will be initiated from
// within the system handler delegate. delegate returns
// false so that dispatcher will not invoke the endpoint.
status = false;
try {
Subject.doAsPrivileged
(SecurityContext.getCurrent().getSubject(),
new PrivilegedExceptionAction() {
public Object run() throws Exception {
tie.handle(finalMC);
processResponse(finalMC);
return null;
}
}, null);