1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss;
18
19 import java.io.IOException;
20 import java.io.InputStream;
21 import javax.security.auth.callback.Callback;
22 import javax.security.auth.callback.CallbackHandler;
23 import javax.security.auth.callback.UnsupportedCallbackException;
24 import javax.xml.soap.SOAPMessage;
25
26 import com.sun.xml.wss.ProcessingContext;
27 import com.sun.xml.wss.XWSSProcessor;
28 import com.sun.xml.wss.XWSSProcessorFactory;
29 import com.sun.xml.wss.XWSSecurityException;
30 import com.sun.xml.wss.impl.WssSoapFaultException;
31
32 import org.springframework.beans.factory.InitializingBean;
33 import org.springframework.core.io.Resource;
34 import org.springframework.util.Assert;
35 import org.springframework.ws.context.MessageContext;
36 import org.springframework.ws.soap.SoapMessage;
37 import org.springframework.ws.soap.saaj.SaajSoapMessage;
38 import org.springframework.ws.soap.security.AbstractWsSecurityInterceptor;
39 import org.springframework.ws.soap.security.WsSecurityValidationException;
40 import org.springframework.ws.soap.security.callback.CleanupCallback;
41 import org.springframework.ws.soap.security.xwss.callback.XwssCallbackHandlerChain;
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66 public class XwsSecurityInterceptor extends AbstractWsSecurityInterceptor implements InitializingBean {
67
68 private XWSSProcessor processor;
69
70 private CallbackHandler callbackHandler;
71
72 private Resource policyConfiguration;
73
74
75
76
77
78
79
80
81 public void setCallbackHandler(CallbackHandler callbackHandler) {
82 this.callbackHandler = callbackHandler;
83 }
84
85
86
87
88
89
90
91
92 public void setCallbackHandlers(CallbackHandler[] callbackHandler) {
93 this.callbackHandler = new XwssCallbackHandlerChain(callbackHandler);
94 }
95
96
97 public void setPolicyConfiguration(Resource policyConfiguration) {
98 this.policyConfiguration = policyConfiguration;
99 }
100
101 public void afterPropertiesSet() throws Exception {
102 Assert.notNull(policyConfiguration, "policyConfiguration is required");
103 Assert.isTrue(policyConfiguration.exists(), "policyConfiguration [" + policyConfiguration + "] does not exist");
104 Assert.notNull(callbackHandler, "callbackHandler is required");
105 XWSSProcessorFactory processorFactory = XWSSProcessorFactory.newInstance();
106 InputStream is = null;
107 try {
108 if (logger.isInfoEnabled()) {
109 logger.info("Loading policy configuration from from '" + policyConfiguration + "'");
110 }
111 is = policyConfiguration.getInputStream();
112 processor = processorFactory.createProcessorForSecurityConfiguration(is, callbackHandler);
113 }
114 finally {
115 if (is != null) {
116 is.close();
117 }
118 }
119 }
120
121
122
123
124
125
126
127
128 protected void secureMessage(SoapMessage soapMessage, MessageContext messageContext)
129 throws XwsSecuritySecurementException {
130 Assert.isTrue(soapMessage instanceof SaajSoapMessage, "XwsSecurityInterceptor requires a SaajSoapMessage. " +
131 "Use a SaajSoapMessageFactory to create the SOAP messages.");
132 SaajSoapMessage saajSoapMessage = (SaajSoapMessage) soapMessage;
133 try {
134 ProcessingContext context = processor.createProcessingContext(saajSoapMessage.getSaajMessage());
135 SOAPMessage result = processor.secureOutboundMessage(context);
136 saajSoapMessage.setSaajMessage(result);
137 }
138 catch (XWSSecurityException ex) {
139 throw new XwsSecuritySecurementException(ex.getMessage(), ex);
140 }
141 catch (WssSoapFaultException ex) {
142 throw new XwsSecurityFaultException(ex.getFaultCode(), ex.getFaultString(), ex.getFaultActor());
143 }
144 }
145
146
147
148
149
150
151
152
153 protected void validateMessage(SoapMessage soapMessage, MessageContext messageContext)
154 throws WsSecurityValidationException {
155 Assert.isTrue(soapMessage instanceof SaajSoapMessage, "XwsSecurityInterceptor requires a SaajSoapMessage. " +
156 "Use a SaajSoapMessageFactory to create the SOAP messages.");
157 SaajSoapMessage saajSoapMessage = (SaajSoapMessage) soapMessage;
158 try {
159 ProcessingContext context = processor.createProcessingContext(saajSoapMessage.getSaajMessage());
160 SOAPMessage result = processor.verifyInboundMessage(context);
161 saajSoapMessage.setSaajMessage(result);
162 }
163 catch (XWSSecurityException ex) {
164 throw new XwsSecurityValidationException(ex.getMessage(), ex);
165 }
166 catch (WssSoapFaultException ex) {
167 throw new XwsSecurityFaultException(ex.getFaultCode(), ex.getFaultString(), ex.getFaultActor());
168 }
169 }
170
171 protected void cleanUp() {
172 if (callbackHandler != null) {
173 try {
174 CleanupCallback cleanupCallback = new CleanupCallback();
175 callbackHandler.handle(new Callback[]{cleanupCallback});
176 }
177 catch (IOException ex) {
178 logger.warn("Cleanup callback resulted in IOException", ex);
179 }
180 catch (UnsupportedCallbackException ex) {
181
182 }
183 }
184 }
185 }