org.apache.cxf.ws.security.wss4j
Class WSS4JInInterceptor
java.lang.Object
org.apache.ws.security.handler.WSHandler
org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
- All Implemented Interfaces:
- SoapInterceptor, Interceptor<SoapMessage>, PhaseInterceptor<SoapMessage>
- Direct Known Subclasses:
- AbstractUsernameTokenAuthenticatingInterceptor, PolicyBasedWSS4JInInterceptor
public class WSS4JInInterceptor
- extends AbstractWSS4JInterceptor
Performs WS-Security inbound actions.
- Author:
- Tomasz Sztelak
| Fields inherited from class org.apache.ws.security.handler.WSHandler |
cryptos, DONE, secEngine |
| Methods inherited from class org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor |
decodeEnableSignatureConfirmation, getAfter, getBefore, getId, getOption, getPassword, getPhase, getProperties, getRoles, getUnderstoodHeaders, handleFault, isRequestor, loadDecryptionCrypto, loadEncryptionCrypto, loadSignatureCrypto, postHandleMessage, setAfter, setBefore, setId, setPassword, setPhase, setProperties, setProperty, setProperty |
| Methods inherited from class org.apache.ws.security.handler.WSHandler |
checkReceiverResults, checkReceiverResultsAnyOrder, checkSignatureConfirmation, decodeCustomPasswordTypes, decodeDecryptionParameter, decodeEncryptionParameter, decodeMustUnderstand, decodeNamespaceQualifiedPasswordTypes, decodeSignatureParameter, decodeSignatureParameter2, decodeTimestampPrecision, decodeTimestampStrict, decodeTimeToLive, decodeUTParameter, doReceiverAction, doSenderAction, getClassLoader, getPassword, getPasswordCB, getString, getStringOption, verifyTimestamp, verifyTrust |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
TIMESTAMP_RESULT
public static final String TIMESTAMP_RESULT
- See Also:
- Constant Field Values
SIGNATURE_RESULT
public static final String SIGNATURE_RESULT
- See Also:
- Constant Field Values
PRINCIPAL_RESULT
public static final String PRINCIPAL_RESULT
- See Also:
- Constant Field Values
PROCESSOR_MAP
public static final String PROCESSOR_MAP
- See Also:
- Constant Field Values
SECURITY_PROCESSED
public static final String SECURITY_PROCESSED
WSS4JInInterceptor
public WSS4JInInterceptor()
WSS4JInInterceptor
public WSS4JInInterceptor(boolean ignore)
WSS4JInInterceptor
public WSS4JInInterceptor(Map<String,Object> properties)
setIgnoreActions
public void setIgnoreActions(boolean i)
getProperty
public Object getProperty(Object msgContext,
String key)
- Overrides:
getProperty in class AbstractWSS4JInterceptor
handleMessage
public void handleMessage(SoapMessage msg)
throws Fault
- Description copied from interface:
Interceptor
- Intercepts a message.
Interceptors should NOT invoke handleMessage or handleFault
on the next interceptor - the interceptor chain will
take care of this.
- Throws:
Fault
checkTimestamps
protected void checkTimestamps(SoapMessage msg,
org.apache.ws.security.handler.RequestData reqData,
Vector wsResult)
throws org.apache.ws.security.WSSecurityException
- Throws:
org.apache.ws.security.WSSecurityException
computeAction
protected void computeAction(SoapMessage msg,
org.apache.ws.security.handler.RequestData reqData)
- Do whatever is necessary to determine the action for the incoming message and
do whatever other setup work is necessary.
- Parameters:
msg - reqData -
doResults
protected void doResults(SoapMessage msg,
String actor,
javax.xml.soap.SOAPMessage doc,
Vector wsResult)
throws javax.xml.soap.SOAPException,
javax.xml.stream.XMLStreamException,
org.apache.ws.security.WSSecurityException
- Throws:
javax.xml.soap.SOAPException
javax.xml.stream.XMLStreamException
org.apache.ws.security.WSSecurityException
createSecurityContext
protected SecurityContext createSecurityContext(Principal p)
getCallback
protected CallbackHandler getCallback(org.apache.ws.security.handler.RequestData reqData,
int doAction)
throws org.apache.ws.security.WSSecurityException
- Throws:
org.apache.ws.security.WSSecurityException
getSecurityEngine
protected org.apache.ws.security.WSSecurityEngine getSecurityEngine()
- Returns:
- the WSSecurityEngine in use by this interceptor.
This engine is defined to be the secEngineOverride
instance, if defined in this class (and supplied through
construction); otherwise, it is taken to be the default
WSSecEngine instance (currently defined in the WSHandler
base class).
TODO the WSHandler base class defines secEngine to be static, which
is really bad, because the engine has mutable state on it.
createSecurityEngine
protected static org.apache.ws.security.WSSecurityEngine createSecurityEngine(Map<QName,Object> map)
- Returns:
- a freshly minted WSSecurityEngine instance, using the
(non-null) processor map, to be used to initialize the
WSSecurityEngine instance.
TODO The WSS4J APIs leave something to be desired here, but hopefully
we'll clean all this up in WSS4J-2.0
Apache CXF