AbstractWsSecurityInterceptor (Spring Web Services 1.0.4 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Spring Web Services Framework

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.springframework.ws.soap.security
Class AbstractWsSecurityInterceptor

java.lang.Object
  org.springframework.ws.soap.security.AbstractWsSecurityInterceptor

All Implemented Interfaces:: EndpointInterceptor, SoapEndpointInterceptor

Direct Known Subclasses:: XwsSecurityInterceptor

public abstract class AbstractWsSecurityInterceptor
extends Object
implements SoapEndpointInterceptor
extends Object
implements SoapEndpointInterceptor

Interceptor base class for interceptors that handle WS-Security.

Subclasses of this base class can be configured to validate incoming and secure outgoing messages. By default, both are on.

Since:: 1.0.0
Author:: Arjen Poutsma

Field Summary
`protected Log`	`logger` Logger available to subclasses.

Constructor Summary
`AbstractWsSecurityInterceptor()`

Method Summary
`protected abstract void`	`cleanUp()`
`boolean`	`handleFault(MessageContext messageContext, Object endpoint)` Returns `true`, i.e. faults are not secured.
`protected boolean`	`handleFaultException(WsSecurityFaultException ex, MessageContext messageContext)` Handles a fault exception.Default implementation logs the given exception, and creates a SOAP Fault with the properties of the given exception, and returns `false`.
`boolean`	`handleRequest(MessageContext messageContext, Object endpoint)` Processes the incoming request message.
`boolean`	`handleResponse(MessageContext messageContext, Object endpoint)` Processes the outgoing response message.
`protected boolean`	`handleSecurementException(WsSecuritySecurementException ex, MessageContext messageContext)` Handles an securement exception.
`protected boolean`	`handleValidationException(WsSecurityValidationException ex, MessageContext messageContext)` Handles an invalid SOAP message.
`protected abstract void`	`secureMessage(SoapMessage soapMessage)` Abstract template method.
`void`	`setSecureResponse(boolean secureResponse)` Indicates whether outgoing responsed are to be secured.
`void`	`setValidateRequest(boolean validateRequest)` Indicates whether incoming request are to be validated.
`boolean`	`understands(SoapHeaderElement headerElement)` Given a `SoapHeaderElement`, return whether or not this `SoapEndpointInterceptor` understands it.
`protected abstract void`	`validateMessage(SoapMessage soapMessage)` Abstract template method.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

logger

protected final Log logger

Logger available to subclasses.

Constructor Detail

AbstractWsSecurityInterceptor

public AbstractWsSecurityInterceptor()

Method Detail

setSecureResponse

public void setSecureResponse(boolean secureResponse)

Indicates whether outgoing responsed are to be secured. Defaults to true.

setValidateRequest

public void setValidateRequest(boolean validateRequest)

Indicates whether incoming request are to be validated. Defaults to true.

handleRequest

public final boolean handleRequest(MessageContext messageContext,
                                   Object endpoint)
                            throws Exception

Description copied from interface: EndpointInterceptor

Processes the incoming request message. Called after EndpointMapping determined an appropriate endpoint object, but before EndpointAdapter invokes the endpoint.

MessageDispatcher processes an endpoint in an invocation chain, consisting of any number of interceptors, with the endpoint itself at the end. With this method, each interceptor can decide to abort the chain, typically creating a custom response.

Specified by:: handleRequest in interface EndpointInterceptor

Parameters:: messageContext - contains the incoming request message; endpoint - chosen endpoint to invoke
Returns:: true to continue processing of the request interceptor chain; false to indicate blocking of the request endpoint chain, without invoking the endpoint
Throws:: Exception - in case of errors
See Also:: MessageContext.getRequest()

handleResponse

public final boolean handleResponse(MessageContext messageContext,
                                    Object endpoint)
                             throws Exception

Description copied from interface: EndpointInterceptor

Processes the outgoing response message. Called after EndpointAdapter actually invoked the endpoint. Can manipulate the response, if any, by adding new headers, etc.

MessageDispatcher processes an endpoint in an invocation chain, consisting of any number of interceptors, with the endpoint itself at the end. With this method, each interceptor can post-process an invocation, getting applied in inverse order of the execution chain.

Note: Will only be called if this interceptor's EndpointInterceptor.handleRequest(org.springframework.ws.context.MessageContext, java.lang.Object) method has successfully completed.

Specified by:: handleResponse in interface EndpointInterceptor

Parameters:: messageContext - contains both request and response messages; endpoint - chosen endpoint to invoke
Returns:: true to continue processing of the reponse interceptor chain; false to indicate blocking of the response endpoint chain.
Throws:: Exception - in case of errors
See Also:: MessageContext.getRequest(), MessageContext.hasResponse(), MessageContext.getResponse()

handleFault

public boolean handleFault(MessageContext messageContext,
                           Object endpoint)
                    throws Exception

Returns true, i.e. faults are not secured.

Specified by:: handleFault in interface EndpointInterceptor

Parameters:: messageContext - contains both request and response messages, the response should contains a Fault; endpoint - chosen endpoint to invoke
Returns:: true to continue processing of the reponse interceptor chain; false to indicate blocking of the response handler chain.
Throws:: Exception

understands

public boolean understands(SoapHeaderElement headerElement)

Description copied from interface: SoapEndpointInterceptor

Given a SoapHeaderElement, return whether or not this SoapEndpointInterceptor understands it.

Specified by:: understands in interface SoapEndpointInterceptor

Parameters:: headerElement - the header
Returns:: true if understood, false otherwise

handleSecurementException

protected boolean handleSecurementException(WsSecuritySecurementException ex,
                                            MessageContext messageContext)

Handles an securement exception. Default implementation logs the given exception, and returns false.

Parameters:: ex - the validation exception; messageContext - the message context
Returns:: true to continue processing the message, false (the default) otherwise

handleValidationException

protected boolean handleValidationException(WsSecurityValidationException ex,
                                            MessageContext messageContext)

Handles an invalid SOAP message. Default implementation logs the given exception, and creates a SOAP 1.1 Client or SOAP 1.2 Sender Fault with the exception message as fault string, and returns false.

Parameters:: ex - the validation exception; messageContext - the message context
Returns:: true to continue processing the message, false (the default) otherwise

handleFaultException

protected boolean handleFaultException(WsSecurityFaultException ex,
                                       MessageContext messageContext)

Handles a fault exception.Default implementation logs the given exception, and creates a SOAP Fault with the properties of the given exception, and returns false.

Parameters:: ex - the validation exception; messageContext - the message context
Returns:: true to continue processing the message, false (the default) otherwise

validateMessage

protected abstract void validateMessage(SoapMessage soapMessage)
                                 throws WsSecurityValidationException

Abstract template method. Subclasses are required to validate the request contained in the given SoapMessage, and replace the original request with the validated version.

Parameters:: soapMessage - the soap message to validate
Throws:: WsSecurityValidationException - in case of validation errors

secureMessage

protected abstract void secureMessage(SoapMessage soapMessage)
                               throws WsSecuritySecurementException

Abstract template method. Subclasses are required to secure the response contained in the given SoapMessage, and replace the original response with the secured version.

Parameters:: soapMessage - the soap message to secure
Throws:: WsSecuritySecurementException - in case of securement errors

cleanUp

protected abstract void cleanUp()