Package org.jboss.ws.metadata.wsse

Examples of org.jboss.ws.metadata.wsse.WSSecurityConfiguration


            // Build type mapping meta data
            setupTypesMetaData(serviceMetaData);

            // Assign the WS-Security configuration,
            WSSecurityConfigFactory wsseConfFactory = WSSecurityConfigFactory.newInstance();
            WSSecurityConfiguration securityConfiguration = wsseConfFactory.createConfiguration(wsMetaData.getRootFile(), WSSecurityOMFactory.SERVER_RESOURCE_NAME);
            serviceMetaData.setSecurityConfiguration(securityConfiguration);

            // For every port-component build the EndpointMetaData
            PortComponentMetaData[] pcMetaDataArr = wsdMetaData.getPortComponents();
            for (PortComponentMetaData pcMetaData : pcMetaDataArr)
View Full Code Here


      ByteArrayOutputStream stream = new ByteArrayOutputStream();
      if (extMetaData instanceof EndpointMetaData)
      {
         EndpointMetaData ep = (EndpointMetaData) extMetaData;
       
         WSSecurityConfiguration securityConfiguration;
         try
         {
            //GET XML of security assertion
            PrimitiveAssertionWriter.newInstance().writePrimitiveAssertion(assertion, stream);
            StringReader reader = new StringReader(stream.toString());
View Full Code Here

            try
            {
               PrimitiveAssertionWriter.newInstance().writePrimitiveAssertion(assertion, stream);
               StringReader reader = new StringReader(stream.toString());
              
               WSSecurityConfiguration securityConfiguration = WSSecurityOMFactory.newInstance().parse(reader);
               serviceMetaData.setSecurityConfiguration(securityConfiguration);
              
               epMetaData.setConfigName("Standard WSSecurity Client");
               epMetaData.initEndpointConfig();
            }
View Full Code Here

      ByteArrayOutputStream baos = new ByteArrayOutputStream(512);
      try
      {
         ObjectOutputStream oos = new ObjectOutputStream(baos);
         WSSecurityOMFactory factory = WSSecurityOMFactory.newInstance();
         WSSecurityConfiguration securityConfig = factory.parse(getSecurityConfig());
         oos.writeObject(securityConfig);
         oos.close();
      }
      catch (IOException e)
      {
View Full Code Here

            ne.setRootCause(ex);
            throw ne;
         }

         // Unmarshall the WSSecurityConfiguration
         WSSecurityConfiguration securityConfig = null;
         RefAddr wsseRefAddr = ref.get(ServiceReferenceable.SECURITY_CONFIG);
         if (wsseRefAddr != null)
         {
            bais = new ByteArrayInputStream((byte[])wsseRefAddr.getContent());
            try
View Full Code Here

         {
            try
            {
               WSSecurityConfigFactory wsseConfFactory = WSSecurityConfigFactory.newInstance();
               UnifiedVirtualFile vfsRoot = serviceMetaData.getUnifiedMetaData().getRootFile();
               WSSecurityConfiguration config = wsseConfFactory.createConfiguration(vfsRoot, securityConfig);
               serviceMetaData.setSecurityConfiguration(config);
            }
            catch (IOException ex)
            {
               WSException.rethrow("Cannot set security config", ex);
View Full Code Here

      return new CommonSOAPFaultException(e.getFaultCode(), e.getFaultString());
   }

   public static void handleInbound(CommonMessageContext ctx) throws SOAPException, SOAPFaultException
   {
      WSSecurityConfiguration config = getSecurityConfig(ctx);
      SOAPMessageImpl soapMessage = (SOAPMessageImpl)ctx.getSOAPMessage();

      SOAPHeader soapHeader = soapMessage.getSOAPHeader();
      QName secQName = new QName(Constants.WSSE_NS, "Security");
      Element secHeaderElement = (soapHeader != null) ? Util.findElement(soapHeader, secQName) : null;

      if (secHeaderElement == null)
      {
         // This is ok, we always allow faults to be received because WS-Security does not encrypt faults
         if (soapMessage.getSOAPBody().getFault() != null)
            return;

         OperationMetaData opMetaData = ctx.getOperationMetaData();
         if (opMetaData == null)
         {
            // Get the operation meta data from the soap message
            // for the server side inbound message.
            EndpointMetaData epMetaData = ctx.getEndpointMetaData();
            opMetaData = soapMessage.getOperationMetaData(epMetaData);
         }

         String operation = opMetaData.getQName().toString();
         String port = opMetaData.getEndpointMetaData().getPortName().getLocalPart();

         if (hasRequirements(config, operation, port))
            throw convertToFault(new InvalidSecurityHeaderException("This service requires <wsse:Security>, which is missing."));

         return;
      }

      try
      {
         SecurityStore securityStore = new SecurityStore(config.getKeyStoreURL(), config.getKeyStoreType(), config.getKeyStorePassword(), config.getKeyPasswords(), config.getTrustStoreURL(),
               config.getTrustStoreType(), config.getTrustStorePassword());
         SecurityDecoder decoder = new SecurityDecoder(securityStore, config.getTimestampVerification());

         decoder.decode(soapMessage.getSOAPPart(), secHeaderElement);
        
         if (log.isTraceEnabled())
            log.trace("Decoded Message:\n" + DOMWriter.printNode(soapMessage.getSOAPPart(), true));
View Full Code Here

      }
   }

   private static WSSecurityConfiguration getSecurityConfig(CommonMessageContext ctx)
   {
      WSSecurityConfiguration config = ctx.getEndpointMetaData().getServiceMetaData().getSecurityConfiguration();
      if (config == null)
         throw new WSException("Cannot obtain security configuration from message context");

      return config;
   }
View Full Code Here

      return operations;
   }

   public static void handleOutbound(CommonMessageContext ctx) throws SOAPException, SOAPFaultException
   {
      WSSecurityConfiguration config = getSecurityConfig(ctx);
      SOAPMessageImpl soapMessage = (SOAPMessageImpl)ctx.getSOAPMessage();

      OperationMetaData opMetaData = ctx.getOperationMetaData();
      String operation = opMetaData.getQName().toString();
      String port = opMetaData.getEndpointMetaData().getPortName().getLocalPart();

      Config operationConfig = getConfig(config, port, operation);

      log.debug("WS-Security config: " + operationConfig);
     
      // Nothing to process
      if (operationConfig == null)
         return;

      ArrayList<OperationDescription<EncodingOperation>> operations = new ArrayList<OperationDescription<EncodingOperation>>();
      Timestamp timestamp = operationConfig.getTimestamp();
      if (timestamp != null)
      {
         operations.add(new OperationDescription<EncodingOperation>(TimestampOperation.class, null, null, timestamp.getTtl(), null));
      }

      if (operationConfig.getUsername() != null)
      {
         Object user = ctx.get(Stub.USERNAME_PROPERTY);
         Object pass = ctx.get(Stub.PASSWORD_PROPERTY);
        
         if (user == null && pass == null)
         {
            user = ctx.get(BindingProvider.USERNAME_PROPERTY);
            pass = ctx.get(BindingProvider.PASSWORD_PROPERTY);
         }

         if (user != null && pass != null)
         {
            operations.add(new OperationDescription<EncodingOperation>(SendUsernameOperation.class, null, user.toString(), pass.toString(), null));
            ctx.put(StubExt.PROPERTY_AUTH_TYPE, StubExt.PROPERTY_AUTH_TYPE_WSSE);
         }
      }

      Sign sign = operationConfig.getSign();
      if (sign != null)
      {
         List<Target> targets = convertTargets(sign.getTargets());
         if (sign.isIncludeTimestamp())
         {
            if (timestamp == null)
               operations.add(new OperationDescription<EncodingOperation>(TimestampOperation.class, null, null, null, null));

            if (targets != null && targets.size() > 0)
               targets.add(new WsuIdTarget("timestamp"));
         }

         operations.add(new OperationDescription<EncodingOperation>(SignatureOperation.class, targets, sign.getAlias(), null, null));
      }

      Encrypt encrypt = operationConfig.getEncrypt();
      if (encrypt != null)
      {
         List<Target> targets = convertTargets(encrypt.getTargets());
         operations.add(new OperationDescription<EncodingOperation>(EncryptionOperation.class, targets, encrypt.getAlias(), null, encrypt.getAlgorithm()));
      }

      if (operations.size() == 0)
         return;

      if(log.isDebugEnabled()) log.debug("Encoding Message:\n" + DOMWriter.printNode(soapMessage.getSOAPPart(), true));

      try
      {
         SecurityStore securityStore = new SecurityStore(config.getKeyStoreURL(), config.getKeyStoreType(), config.getKeyStorePassword(), config.getKeyPasswords() , config.getTrustStoreURL(),
               config.getTrustStoreType(), config.getTrustStorePassword());
         SecurityEncoder encoder = new SecurityEncoder(operations, securityStore);
         encoder.encode(soapMessage.getSOAPPart());
      }
      catch (WSSecurityException e)
      {
View Full Code Here

   private WSSecurityConfiguration getSecurityConfiguration(MessageContext msgContext)
   {
      EndpointMetaData epMetaData = ((CommonMessageContext)msgContext).getEndpointMetaData();
      ServiceMetaData serviceMetaData = epMetaData.getServiceMetaData();

      WSSecurityConfiguration config = serviceMetaData.getSecurityConfiguration();
      if (config == null) // might be set through ServiceObjectFactory
      {
         try
         {
            WSSecurityConfigFactory wsseConfFactory = WSSecurityConfigFactory.newInstance();
View Full Code Here

TOP

Related Classes of org.jboss.ws.metadata.wsse.WSSecurityConfiguration

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.