Package org.apache.cxf.binding.soap

Examples of org.apache.cxf.binding.soap.SoapFault


                 * Get the action first.
                 */
                Vector actions = new Vector();
                String action = getString(WSHandlerConstants.ACTION, mc);
                if (action == null) {
                    throw new SoapFault(new Message("NO_ACTION", LOG), version
                            .getReceiver());
                }
   
                int doAction = WSSecurityUtil.decodeAction(action, actions, config);
                if (doAction == WSConstants.NO_SECURITY) {
                    return;
                }
   
                /*
                 * For every action we need a username, so get this now. The
                 * username defined in the deployment descriptor takes precedence.
                 */
                reqData.setUsername((String) getOption(WSHandlerConstants.USER));
                if (reqData.getUsername() == null
                        || reqData.getUsername().equals("")) {
                    String username = (String) getProperty(reqData.getMsgContext(),
                            WSHandlerConstants.USER);
                    if (username != null) {
                        reqData.setUsername(username);
                    }
                }
   
                /*
                 * Now we perform some set-up for UsernameToken and Signature
                 * functions. No need to do it for encryption only. Check if
                 * username is available and then get a passowrd.
                 */
                if ((doAction & (WSConstants.SIGN | WSConstants.UT | WSConstants.UT_SIGN)) != 0
                        && (reqData.getUsername() == null
                        || reqData.getUsername().equals(""))) {
                    /*
                     * We need a username - if none throw an SoapFault. For
                     * encryption there is a specific parameter to get a username.
                     */
                    throw new SoapFault(new Message("NO_USERNAME", LOG), version
                            .getReceiver());
                }
                if (doDebug) {
                    LOG.fine("Action: " + doAction);
                    LOG.fine("Actor: " + reqData.getActor());
                }
                /*
                 * Now get the SOAP part from the request message and convert it
                 * into a Document. This forces CXF to serialize the SOAP request
                 * into FORM_STRING. This string is converted into a document.
                 * During the FORM_STRING serialization CXF performs multi-ref of
                 * complex data types (if requested), generates and inserts
                 * references for attachements and so on. The resulting Document
                 * MUST be the complete and final SOAP request as CXF would send it
                 * over the wire. Therefore this must shall be the last (or only)
                 * handler in a chain. Now we can perform our security operations on
                 * this request.
                 */             
   
                SOAPMessage saaj = mc.getContent(SOAPMessage.class);
   
                if (saaj == null) {
                    LOG.warning("SAAJOutHandler must be enabled for WS-Security!");
                    throw new SoapFault(new Message("NO_SAAJ_DOC", LOG), version
                            .getReceiver());
                }
   
                Document doc = saaj.getSOAPPart();

                if (doTimeDebug) {
                    t1 = System.currentTimeMillis();
                }
   
                doSenderAction(doAction, doc, reqData, actions, Boolean.TRUE
                        .equals(getProperty(mc, org.apache.cxf.message.Message.REQUESTOR_ROLE)));
   
                if (doTimeDebug) {
                    t2 = System.currentTimeMillis();
                    TIME_LOG.fine("Send request: total= " + (t2 - t0)
                            + " request preparation= " + (t1 - t0)
                            + " request processing= " + (t2 - t1)
                            + "\n");
                }
   
                if (doDebug) {
                    LOG.fine("WSS4JOutInterceptor: exit handleMessage()");
                }
            } catch (WSSecurityException e) {
                throw new SoapFault(new Message("SECURITY_FAILED", LOG), e, version
                        .getSender());
            } finally {
                reqData.clear();
                reqData = null;
            }
View Full Code Here


                        } else if (entry.getValue() instanceof Action) {
                            removedAction = config.setAction(
                                    entry.getKey().intValue(),
                                    (Action) entry.getValue());
                        } else {
                            throw new SoapFault(new Message("BAD_ACTION", LOG), version
                                    .getReceiver());
                        }
                    } catch (ClassCastException e) {
                        throw new SoapFault(new Message("BAD_ACTION", LOG), version
                                .getReceiver());
                    }
                   
                    if (doDebug) {
                        if (removedAction != null) {
View Full Code Here

                        this.prefixMap,
                        xPathExpression.getXPath(),
                        xPathExpression.getType(),
                        xPathExpression.getScope());
            } catch (WSSecurityException e) {
                throw new SoapFault("No " + xPathExpression.getType()
                        + " element found matching XPath "
                        + xPathExpression.getXPath(), Fault.FAULT_CODE_CLIENT);
            }
        }
    }
View Full Code Here

            XMLStreamReader xmlReader = message.getContent(XMLStreamReader.class);

            if (hasFault(message, xmlReader)) {
                SOAPFault soapFault =
                    soapMessage.getSOAPPart().getEnvelope().getBody().addFault();
                SoapFault fault =
                    message.getVersion() instanceof Soap11
                    ? Soap11FaultInInterceptor.unmarshalFault(message, xmlReader)
                    : Soap12FaultInInterceptor.unmarshalFault(message, xmlReader);
                if (fault.getFaultCode() != null) {
                    soapFault.setFaultCode(fault.getFaultCode());
                }
                if (fault.getMessage() != null) {
                    soapFault.setFaultString(fault.getMessage());
                }
                if (fault.getRole() != null) {
                    soapFault.setFaultActor(fault.getRole());
                }
                if (fault.getDetail() != null
                    && fault.getDetail().getFirstChild() != null) {
                   
                    Detail detail = null;
                    Node child = fault.getDetail().getFirstChild();
                    while (child != null) {
                        if (Node.ELEMENT_NODE == child.getNodeType()) {
                            if (detail == null) {
                                detail = soapFault.addDetail();
                            }
                            Node importedChild = soapMessage.getSOAPPart().importNode(child, true);
                            detail.appendChild(importedChild);
                        }
                        child = child.getNextSibling();
                    }
                }

                DOMSource bodySource = new DOMSource(soapFault);
                xmlReader = StaxUtils.createXMLStreamReader(bodySource);
            } else {
                StaxUtils.readDocElements(soapMessage.getSOAPBody(), xmlReader, true, true);
                DOMSource bodySource = new DOMSource(soapMessage.getSOAPPart().getEnvelope().getBody());
                xmlReader = StaxUtils.createXMLStreamReader(bodySource);
                xmlReader.nextTag();
                xmlReader.nextTag(); // move past body tag
            }
            message.setContent(XMLStreamReader.class, xmlReader);          
        } catch (SOAPException soape) {
            throw new SoapFault(new org.apache.cxf.common.i18n.Message(
                    "SOAPHANDLERINTERCEPTOR_EXCEPTION", BUNDLE), soape,
                    message.getVersion().getSender());
        } catch (XMLStreamException e) {
            throw new SoapFault(new org.apache.cxf.common.i18n.Message(
                    "SOAPHANDLERINTERCEPTOR_EXCEPTION", BUNDLE), e, message
                    .getVersion().getSender());
        }
    }
View Full Code Here

        try {
            if (xmlReader.nextTag() == XMLStreamConstants.START_ELEMENT) {
                String ns = xmlReader.getNamespaceURI();
                if (ns == null || "".equals(ns)) {
                    throw new SoapFault(new Message("NO_NAMESPACE", LOG, xmlReader.getLocalName()),
                                        Soap11.getInstance().getVersionMismatch());
                }
               
                SoapVersion soapVersion = SoapVersionFactory.getInstance().getSoapVersion(ns);
                if (soapVersion == null) {
                    throw new SoapFault(new Message("INVALID_VERSION", LOG, ns, xmlReader.getLocalName()),
                                            Soap11.getInstance().getVersionMismatch());
                }
                if (soapVersion == Soap12.getInstance()
                    && version == Soap11.getInstance()) {
                    throw new SoapFault(new Message("INVALID_11_VERSION", LOG, ns, xmlReader.getLocalName()),
                                        Soap11.getInstance().getVersionMismatch());                   
                }
                message.setVersion(soapVersion);

                XMLStreamReader filteredReader = new PartialXMLStreamReader(xmlReader, message.getVersion()
                    .getBody());

                Document doc = StaxUtils.read(filteredReader);

                message.setContent(Node.class, doc);

                // Find header
                // TODO - we could stream read the "known" headers and just DOM read the
                // unknown ones
                Element element = doc.getDocumentElement();
                QName header = soapVersion.getHeader();               
                List<Element> elemList =
                    DOMUtils.findAllElementsByTagNameNS(element,
                                                        header.getNamespaceURI(),
                                                        header.getLocalPart());
                for (Element elem : elemList) {
                    Element hel = DOMUtils.getFirstElement(elem);
                    while (hel != null) {
                        // Need to add any attributes that are present on the parent element
                        // which otherwise would be lost.
                        if (elem.hasAttributes()) {
                            NamedNodeMap nnp = elem.getAttributes();
                            for (int ct = 0; ct < nnp.getLength(); ct++) {
                                Node attr = nnp.item(ct);
                                Node headerAttrNode = hel.hasAttributes()
                                        ?  hel.getAttributes().getNamedItemNS(
                                                        attr.getNamespaceURI(), attr.getLocalName())
                                        : null;
                               
                                if (headerAttrNode == null) {
                                    Attr attribute = hel.getOwnerDocument().createAttributeNS(
                                            attr.getNamespaceURI(),
                                            attr.getNodeName());
                                    attribute.setNodeValue(attr.getNodeValue());
                                    hel.setAttributeNodeNS(attribute);
                                }
                            }
                        }
                       
                        HeaderProcessor p = bus.getExtension(HeaderManager.class)
                            .getHeaderProcessor(hel.getNamespaceURI());

                        Object obj;
                        DataBinding dataBinding = null;
                        if (p == null || p.getDataBinding() == null) {
                            obj = hel;
                        } else {
                            dataBinding = p.getDataBinding();
                            obj = dataBinding.createReader(Node.class).read(hel);
                        }
                        //TODO - add the interceptors
                       
                        SoapHeader shead = new SoapHeader(new QName(hel.getNamespaceURI(),
                                                                    hel.getLocalName()),
                                                           obj,
                                                           dataBinding);
                        String mu = hel.getAttributeNS(soapVersion.getNamespace(),
                                                      soapVersion.getAttrNameMustUnderstand());
                        String act = hel.getAttributeNS(soapVersion.getNamespace(),
                                                        soapVersion.getAttrNameRole());

                        if (!StringUtils.isEmpty(act)) {
                            shead.setActor(act);
                        }
                        shead.setMustUnderstand(Boolean.valueOf(mu) || "1".equals(mu));
                        //mark header as inbound header.(for distinguishing between the  direction to
                        //avoid piggybacking of headers from request->server->response.
                        shead.setDirection(SoapHeader.Direction.DIRECTION_IN);
                        message.getHeaders().add(shead);
                       
                        hel = DOMUtils.getNextElement(hel);
                    }
                }
                if (MessageUtils.getContextualBoolean(message,
                                                      SoapMessage.SCHEMA_VALIDATION_ENABLED,
                                                      false)) {
                    message.getInterceptorChain().add(new CheckClosingTagsInterceptor());
                }
            }
        } catch (XMLStreamException e) {
            throw new SoapFault(new Message("XML_STREAM_EXC", LOG), e, message.getVersion().getSender());
        }
    }
View Full Code Here

                        if (xmlReader.next() == XMLStreamReader.END_DOCUMENT) {
                            return;
                        }
                    }
                } catch (XMLStreamException e) {
                    throw new SoapFault(e.getMessage(), e,
                                        message.getVersion().getSender());
                }
            }
        }
View Full Code Here

            String actor = (String)getOption(WSHandlerConstants.ACTOR);

            SOAPMessage doc = msg.getContent(SOAPMessage.class);

            if (doc == null) {
                throw new SoapFault(new Message("NO_SAAJ_DOC", LOG), version.getReceiver());
            }

            CallbackHandler cbHandler = getCallback(reqData, doAction);

            /*
             * Get and check the Signature specific parameters first because
             * they may be used for encryption too.
             */
            doReceiverAction(doAction, reqData);
           
            Vector wsResult = null;
            if (doTimeLog) {
                t1 = System.currentTimeMillis();
            }

            wsResult = getSecurityEngine().processSecurityHeader(
                doc.getSOAPPart(),
                actor,
                cbHandler,
                reqData.getSigCrypto(),
                reqData.getDecCrypto()
            );

            if (doTimeLog) {
                t2 = System.currentTimeMillis();
            }

            if (wsResult == null) { // no security header found
                if (doAction == WSConstants.NO_SECURITY) {
                    return;
                } else if (doc.getSOAPPart().getEnvelope().getBody().hasFault()) {
                    LOG.warning("Request does not contain required Security header, "
                                + "but it's a fault.");
                    return;
                } else {
                    LOG.warning("Request does not contain required Security header");
                    throw new WSSecurityException(WSSecurityException.INVALID_SECURITY);
                }
            }
            if (reqData.getWssConfig().isEnableSignatureConfirmation()) {
                checkSignatureConfirmation(reqData, wsResult);
            }

            /*
             * Now we can check the certificate used to sign the message. In the
             * following implementation the certificate is only trusted if
             * either it itself or the certificate of the issuer is installed in
             * the keystore. Note: the method verifyTrust(X509Certificate)
             * allows custom implementations with other validation algorithms
             * for subclasses.
             */

            // Extract the signature action result from the action vector
            WSSecurityEngineResult actionResult = WSSecurityUtil
                .fetchActionResult(wsResult, WSConstants.SIGN);

            if (actionResult != null) {
                X509Certificate returnCert = (X509Certificate)actionResult
                    .get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);

                if (returnCert != null && !verifyTrust(returnCert, reqData)) {
                    LOG.warning("The certificate used for the signature is not trusted");
                    throw new WSSecurityException(WSSecurityException.FAILED_CHECK);
                }
                msg.put(SIGNATURE_RESULT, actionResult);
            }

            /*
             * Perform further checks on the timestamp that was transmitted in
             * the header. In the following implementation the timestamp is
             * valid if it was created after (now-ttl), where ttl is set on
             * server side, not by the client. Note: the method
             * verifyTimestamp(Timestamp) allows custom implementations with
             * other validation algorithms for subclasses.
             */

            // Extract the timestamp action result from the action vector
            actionResult = WSSecurityUtil.fetchActionResult(wsResult, WSConstants.TS);

            if (actionResult != null) {
                Timestamp timestamp = (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);

                if (timestamp != null && !verifyTimestamp(timestamp, decodeTimeToLive(reqData))) {
                    LOG.warning("The timestamp could not be validated");
                    throw new WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
                }
                msg.put(TIMESTAMP_RESULT, actionResult);
            }

            /*
             * now check the security actions: do they match, in right order?
             */
            if (!checkReceiverResults(wsResult, actions)) {
                LOG.warning("Security processing failed (actions mismatch)");
                throw new WSSecurityException(WSSecurityException.INVALID_SECURITY);
            }

            doResults(msg, actor, doc, wsResult);

            if (doTimeLog) {
                t3 = System.currentTimeMillis();
                TIME_LOG.fine("Receive request: total= " + (t3 - t0)
                        + " request preparation= " + (t1 - t0)
                        + " request processing= " + (t2 - t1)
                        + " header, cert verify, timestamp= " + (t3 - t2) + "\n");
            }

            if (doDebug) {
                LOG.fine("WSS4JInInterceptor: exit handleMessage()");
            }

        } catch (WSSecurityException e) {
            LOG.log(Level.WARNING, "", e);
            SoapFault fault = createSoapFault(version, e);
            throw fault;
        } catch (XMLStreamException e) {
            throw new SoapFault(new Message("STAX_EX", LOG), e, version.getSender());
        } catch (SOAPException e) {
            throw new SoapFault(new Message("SAAJ_EX", LOG), e, version.getSender());
        } finally {
            reqData.clear();
            reqData = null;
        }
    }
View Full Code Here

        if (action == null) {
            action = (String)msg.get(WSHandlerConstants.ACTION);
        }
        if (action == null) {
            LOG.warning("No security action was defined!");
            throw new SoapFault("No security action was defined!", version.getReceiver());
        }
        return action;
    }
View Full Code Here

     * Otherwise set the Fault/Code/Value to env:Sender and the Fault/Code/Subcode/Value
     * as the fault code from the WSSecurityException.
     */
    private SoapFault
    createSoapFault(SoapVersion version, WSSecurityException e) {
        SoapFault fault;
        javax.xml.namespace.QName faultCode = e.getFaultCode();
        if (version.getVersion() == 1.1 && faultCode != null) {
            fault = new SoapFault(e.getMessage(), e, faultCode);
        } else {
            fault = new SoapFault(e.getMessage(), e, version.getSender());
            if (version.getVersion() != 1.1 && faultCode != null) {
                fault.setSubCode(faultCode);
            }
        }
        return fault;
    }
View Full Code Here

        try {
            greeter.greetMe("cxf");
            fail("Twoway operation unexpectedly succeded.");
        } catch (WebServiceException ex) {
            Throwable cause = ex.getCause();
            SoapFault sf = (SoapFault)cause;
            assertEquals(expectedMsg, sf.getReason());
            assertEquals(SOAP_FAULT_CODE, sf.getFaultCode());
        }
       
        try {
            greeter.pingMe();
            fail("Expected PingMeFault not thrown.");
        } catch (WebServiceException ex) {
            Throwable cause = ex.getCause();
            SoapFault sf = (SoapFault)cause;
            assertEquals(expectedMsg, sf.getReason());
            assertEquals(SOAP_FAULT_CODE, sf.getFaultCode());
       
    }
View Full Code Here

TOP

Related Classes of org.apache.cxf.binding.soap.SoapFault

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.