public class XwsSecurityInterceptor extends AbstractWsSecurityInterceptor implements org.springframework.beans.factory.InitializingBean
This interceptor needs a CallbackHandler
to operate. This handler is used to retrieve certificates,
private keys, validate user credentials, etc. Refer to the XWSS Javadoc to learn more about the specific
Callback
s fired by XWSS. You can also set multiple handlers, each of which will be used in turn.
Additionally, you must define a XWSS policy file by setting policyConfiguration
property. The format of
the policy file is documented in the Java
Web Services Tutorial.
Note that this interceptor depends on SAAJ, and thus requires SaajSoapMessage
s to operate. This
means that you must use a SaajSoapMessageFactory
to create the SOAP messages.
setCallbackHandler(javax.security.auth.callback.CallbackHandler)
,
setPolicyConfiguration(org.springframework.core.io.Resource)
,
XWSSCallback
,
SaajSoapMessageFactory
,
XWSSlogger, WS_SECURITY_NAME
Constructor and Description |
---|
XwsSecurityInterceptor() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
protected void |
cleanUp() |
protected void |
secureMessage(SoapMessage soapMessage,
MessageContext messageContext)
Secures the given SoapMessage message in accordance with the defined security policy.
|
void |
setCallbackHandler(CallbackHandler callbackHandler)
Sets the handler to resolve XWSS callbacks.
|
void |
setCallbackHandlers(CallbackHandler[] callbackHandler)
Sets the handlers to resolve XWSS callbacks.
|
void |
setPolicyConfiguration(org.springframework.core.io.Resource policyConfiguration)
Sets the policy configuration to use for XWSS.
|
protected void |
validateMessage(SoapMessage soapMessage,
MessageContext messageContext)
Validates the given SoapMessage message in accordance with the defined security policy.
|
afterCompletion, afterCompletion, handleFault, handleFault, handleFaultException, handleRequest, handleRequest, handleResponse, handleResponse, handleSecurementException, handleValidationException, setExceptionResolver, setSecureRequest, setSecureResponse, setSkipValidationIfNoHeaderPresent, setValidateRequest, setValidateResponse, understands
public void setCallbackHandler(CallbackHandler callbackHandler)
callbackHandlers
, is
required.XWSSCallback
,
setCallbackHandlers(javax.security.auth.callback.CallbackHandler[])
public void setCallbackHandlers(CallbackHandler[] callbackHandler)
callbackHandlers
, is
required.XWSSCallback
,
setCallbackHandler(javax.security.auth.callback.CallbackHandler)
public void setPolicyConfiguration(org.springframework.core.io.Resource policyConfiguration)
public void afterPropertiesSet() throws Exception
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
Exception
protected void secureMessage(SoapMessage soapMessage, MessageContext messageContext) throws XwsSecuritySecurementException
secureMessage
in class AbstractWsSecurityInterceptor
soapMessage
- the message to be securedXwsSecuritySecurementException
- in case of errorsIllegalArgumentException
- when soapMessage is not a SaajSoapMessage
protected void validateMessage(SoapMessage soapMessage, MessageContext messageContext) throws WsSecurityValidationException
validateMessage
in class AbstractWsSecurityInterceptor
soapMessage
- the message to be validatedXwsSecurityValidationException
- in case of errorsIllegalArgumentException
- when soapMessage is not a SaajSoapMessage
WsSecurityValidationException
- in case of validation errorsprotected void cleanUp()
cleanUp
in class AbstractWsSecurityInterceptor
Copyright © 2020 Pivotal Software. All rights reserved.