org.apache.cxf.ws.security.wss4j
Class WSS4JInInterceptor
java.lang.Object
org.apache.ws.security.handler.WSHandler
org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
- All Implemented Interfaces:
- SoapInterceptor, Interceptor<SoapMessage>, PhaseInterceptor<SoapMessage>
- Direct Known Subclasses:
- AbstractUsernameTokenAuthenticatingInterceptor, PolicyBasedWSS4JInInterceptor
public class WSS4JInInterceptor
- extends AbstractWSS4JInterceptor
Performs WS-Security inbound actions.
- Author:
- Tomasz Sztelak
| Fields inherited from class org.apache.ws.security.handler.WSHandler |
cryptos, secEngine |
|
Method Summary |
protected void |
advanceBody(SoapMessage msg,
Node body)
|
protected void |
computeAction(SoapMessage msg,
org.apache.ws.security.handler.RequestData reqData)
Do whatever is necessary to determine the action for the incoming message and
do whatever other setup work is necessary. |
protected SecurityContext |
createSecurityContext(Principal p)
|
protected static org.apache.ws.security.WSSecurityEngine |
createSecurityEngine(Map<QName,Object> map)
|
protected void |
doResults(SoapMessage msg,
String actor,
Element soapHeader,
Element soapBody,
List<org.apache.ws.security.WSSecurityEngineResult> wsResult)
|
protected void |
doResults(SoapMessage msg,
String actor,
Element soapHeader,
Element soapBody,
List<org.apache.ws.security.WSSecurityEngineResult> wsResult,
boolean utWithCallbacks)
|
Collection<PhaseInterceptor<? extends Message>> |
getAdditionalInterceptors()
Returns a collection of Interceptors that should be added to the chain
whenever this interceptor is added. |
protected CallbackHandler |
getCallback(org.apache.ws.security.handler.RequestData reqData,
int doAction)
|
protected CallbackHandler |
getCallback(org.apache.ws.security.handler.RequestData reqData,
int doAction,
boolean utWithCallbacks)
|
Object |
getProperty(Object msgContext,
String key)
|
protected org.apache.ws.security.cache.ReplayCache |
getReplayCache(SoapMessage message,
String booleanKey,
String instanceKey)
Get a ReplayCache instance. |
protected org.apache.ws.security.WSSecurityEngine |
getSecurityEngine(boolean utWithCallbacks)
|
void |
handleMessage(SoapMessage msg)
Intercepts a message. |
boolean |
isGET(SoapMessage message)
|
protected boolean |
isSecurityContextPrincipal(Principal p,
List<org.apache.ws.security.WSSecurityEngineResult> wsResult)
Checks if a given WSS4J Principal can be represented as a user principal
inside SecurityContext. |
void |
setIgnoreActions(boolean i)
|
| Methods inherited from class org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor |
getAfter, getBefore, getId, getOption, getPassword, getPhase, getProperties, getRoles, getUnderstoodHeaders, handleFault, isRequestor, loadCryptoFromPropertiesFile, postHandleMessage, setAfter, setBefore, setId, setPassword, setPhase, setProperties, setProperty, setProperty, translateProperties |
| Methods inherited from class org.apache.ws.security.handler.WSHandler |
checkReceiverResults, checkReceiverResultsAnyOrder, checkSignatureConfirmation, decodeBooleanConfigValue, decodeBSPCompliance, decodeCustomPasswordTypes, decodeDecryptionParameter, decodeEnableSignatureConfirmation, decodeEncryptionParameter, decodeFutureTimeToLive, decodeMustUnderstand, decodeNamespaceQualifiedPasswordTypes, decodePasswordType, decodePasswordTypeStrict, decodeRequireSignedEncryptedDataElements, decodeSignatureParameter, decodeSignatureParameter2, decodeTimestampPrecision, decodeTimestampStrict, decodeTimeToLive, decodeUseEncodedPasswords, decodeUseSingleCertificate, decodeUTParameter, doReceiverAction, doSenderAction, getCallbackHandler, getClassLoader, getPasswordCallbackHandler, getPasswordCB, getString, getStringOption, loadCrypto, loadDecryptionCrypto, loadEncryptionCrypto, loadSignatureCrypto |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
TIMESTAMP_RESULT
public static final String TIMESTAMP_RESULT
- See Also:
- Constant Field Values
SIGNATURE_RESULT
public static final String SIGNATURE_RESULT
- See Also:
- Constant Field Values
PRINCIPAL_RESULT
public static final String PRINCIPAL_RESULT
- See Also:
- Constant Field Values
PROCESSOR_MAP
public static final String PROCESSOR_MAP
- See Also:
- Constant Field Values
VALIDATOR_MAP
public static final String VALIDATOR_MAP
- See Also:
- Constant Field Values
SECURITY_PROCESSED
public static final String SECURITY_PROCESSED
WSS4JInInterceptor
public WSS4JInInterceptor()
WSS4JInInterceptor
public WSS4JInInterceptor(boolean ignore)
WSS4JInInterceptor
public WSS4JInInterceptor(Map<String,Object> properties)
getAdditionalInterceptors
public Collection<PhaseInterceptor<? extends Message>> getAdditionalInterceptors()
- Description copied from interface:
PhaseInterceptor
- Returns a collection of Interceptors that should be added to the chain
whenever this interceptor is added. May return null.
- Specified by:
getAdditionalInterceptors in interface PhaseInterceptor<SoapMessage>- Overrides:
getAdditionalInterceptors in class AbstractWSS4JInterceptor
- Returns:
- the collection of interceptors
setIgnoreActions
public void setIgnoreActions(boolean i)
getProperty
public Object getProperty(Object msgContext,
String key)
- Overrides:
getProperty in class AbstractWSS4JInterceptor
isGET
public final boolean isGET(SoapMessage message)
handleMessage
public void handleMessage(SoapMessage msg)
throws Fault
- Description copied from interface:
Interceptor
- Intercepts a message.
Interceptors should NOT invoke handleMessage or handleFault
on the next interceptor - the interceptor chain will
take care of this.
- Throws:
Fault
computeAction
protected void computeAction(SoapMessage msg,
org.apache.ws.security.handler.RequestData reqData)
- Do whatever is necessary to determine the action for the incoming message and
do whatever other setup work is necessary.
- Parameters:
msg - reqData -
doResults
protected void doResults(SoapMessage msg,
String actor,
Element soapHeader,
Element soapBody,
List<org.apache.ws.security.WSSecurityEngineResult> wsResult)
throws javax.xml.soap.SOAPException,
javax.xml.stream.XMLStreamException,
org.apache.ws.security.WSSecurityException
- Throws:
javax.xml.soap.SOAPException
javax.xml.stream.XMLStreamException
org.apache.ws.security.WSSecurityException
doResults
protected void doResults(SoapMessage msg,
String actor,
Element soapHeader,
Element soapBody,
List<org.apache.ws.security.WSSecurityEngineResult> wsResult,
boolean utWithCallbacks)
throws javax.xml.soap.SOAPException,
javax.xml.stream.XMLStreamException,
org.apache.ws.security.WSSecurityException
- Throws:
javax.xml.soap.SOAPException
javax.xml.stream.XMLStreamException
org.apache.ws.security.WSSecurityException
isSecurityContextPrincipal
protected boolean isSecurityContextPrincipal(Principal p,
List<org.apache.ws.security.WSSecurityEngineResult> wsResult)
- Checks if a given WSS4J Principal can be represented as a user principal
inside SecurityContext. Example, UsernameToken or PublicKey principals can
be used to facilitate checking the user roles, etc.
advanceBody
protected void advanceBody(SoapMessage msg,
Node body)
throws javax.xml.soap.SOAPException,
javax.xml.stream.XMLStreamException,
org.apache.ws.security.WSSecurityException
- Throws:
javax.xml.soap.SOAPException
javax.xml.stream.XMLStreamException
org.apache.ws.security.WSSecurityException
createSecurityContext
protected SecurityContext createSecurityContext(Principal p)
getCallback
protected CallbackHandler getCallback(org.apache.ws.security.handler.RequestData reqData,
int doAction,
boolean utWithCallbacks)
throws org.apache.ws.security.WSSecurityException
- Throws:
org.apache.ws.security.WSSecurityException
getCallback
protected CallbackHandler getCallback(org.apache.ws.security.handler.RequestData reqData,
int doAction)
throws org.apache.ws.security.WSSecurityException
- Throws:
org.apache.ws.security.WSSecurityException
getSecurityEngine
protected org.apache.ws.security.WSSecurityEngine getSecurityEngine(boolean utWithCallbacks)
- Returns:
- the WSSecurityEngine in use by this interceptor.
This engine is defined to be the secEngineOverride
instance, if defined in this class (and supplied through
construction); otherwise, it is taken to be the default
WSSecEngine instance (currently defined in the WSHandler
base class).
createSecurityEngine
protected static org.apache.ws.security.WSSecurityEngine createSecurityEngine(Map<QName,Object> map)
- Returns:
- a freshly minted WSSecurityEngine instance, using the
(non-null) processor map, to be used to initialize the
WSSecurityEngine instance.
getReplayCache
protected org.apache.ws.security.cache.ReplayCache getReplayCache(SoapMessage message,
String booleanKey,
String instanceKey)
- Get a ReplayCache instance. It first checks to see whether caching has been explicitly
enabled or disabled via the booleanKey argument. If it has been set to false, or not
specified, then no replay caching is done (for this booleanKey).
It tries to get an instance of ReplayCache via the instanceKey argument from a
contextual property, and failing that the message exchange. If it can't find any, then it
defaults to using an EH-Cache instance and stores that on the message exchange.
Apache CXF