org.apache.cxf.ws.security.wss4j
Class WSS4JInInterceptor

java.lang.Object
  org.apache.ws.security.handler.WSHandler
      org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor
          org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

All Implemented Interfaces:

SoapInterceptor, Interceptor<SoapMessage>, PhaseInterceptor<SoapMessage>

Direct Known Subclasses:

AbstractUsernameTokenAuthenticatingInterceptor, PolicyBasedWSS4JInInterceptor

public class WSS4JInInterceptor
extends AbstractWSS4JInterceptor

Performs WS-Security inbound actions.

Author:

Tomasz Sztelak

Field Summary

static String	PRINCIPAL_RESULT
static String	PROCESSOR_MAP
static String	SECURITY_PROCESSED
static String	SIGNATURE_RESULT
static String	TIMESTAMP_RESULT
static String	VALIDATOR_MAP

Fields inherited from class org.apache.ws.security.handler.WSHandler

cryptos, secEngine

Constructor Summary

WSS4JInInterceptor()

WSS4JInInterceptor(boolean ignore)

WSS4JInInterceptor(Map<String,Object> properties)

Method Summary

protected void	advanceBody(SoapMessage msg, Node body)
protected void	computeAction(SoapMessage msg, org.apache.ws.security.handler.RequestData reqData) Do whatever is necessary to determine the action for the incoming message and do whatever other setup work is necessary.
protected SecurityContext	createSecurityContext(Principal p)
protected static org.apache.ws.security.WSSecurityEngine	createSecurityEngine(Map<QName,Object> map)
protected void	doResults(SoapMessage msg, String actor, Element soapHeader, Element soapBody, List<org.apache.ws.security.WSSecurityEngineResult> wsResult)
protected void	doResults(SoapMessage msg, String actor, Element soapHeader, Element soapBody, List<org.apache.ws.security.WSSecurityEngineResult> wsResult, boolean utWithCallbacks)
Collection<PhaseInterceptor<? extends Message>>	getAdditionalInterceptors() Returns a collection of Interceptors that should be added to the chain whenever this interceptor is added.
protected CallbackHandler	getCallback(org.apache.ws.security.handler.RequestData reqData, int doAction)
protected CallbackHandler	getCallback(org.apache.ws.security.handler.RequestData reqData, int doAction, boolean utWithCallbacks)
Object	getProperty(Object msgContext, String key)
protected org.apache.ws.security.WSSecurityEngine	getSecurityEngine(boolean utWithCallbacks)
void	handleMessage(SoapMessage msg) Intercepts a message.
boolean	isGET(SoapMessage message)
protected boolean	isSecurityContextPrincipal(Principal p, List<org.apache.ws.security.WSSecurityEngineResult> wsResult) Checks if a given WSS4J Principal can be represented as a user principal inside SecurityContext.
void	setIgnoreActions(boolean i)

Methods inherited from class org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor

getAfter, getBefore, getId, getOption, getPassword, getPhase, getProperties, getRoles, getUnderstoodHeaders, handleFault, isRequestor, loadCryptoFromPropertiesFile, postHandleMessage, setAfter, setBefore, setId, setPassword, setPhase, setProperties, setProperty, setProperty, translateProperties

Methods inherited from class org.apache.ws.security.handler.WSHandler

checkReceiverResults, checkReceiverResultsAnyOrder, checkSignatureConfirmation, decodeBooleanConfigValue, decodeBSPCompliance, decodeCustomPasswordTypes, decodeDecryptionParameter, decodeEnableSignatureConfirmation, decodeEncryptionParameter, decodeFutureTimeToLive, decodeMustUnderstand, decodeNamespaceQualifiedPasswordTypes, decodePasswordType, decodePasswordTypeStrict, decodeSignatureParameter, decodeSignatureParameter2, decodeTimestampPrecision, decodeTimestampStrict, decodeTimeToLive, decodeUseEncodedPasswords, decodeUseSingleCertificate, decodeUTParameter, doReceiverAction, doSenderAction, getCallbackHandler, getClassLoader, getPasswordCallbackHandler, getPasswordCB, getString, getStringOption, loadCrypto, loadDecryptionCrypto, loadEncryptionCrypto, loadSignatureCrypto

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

TIMESTAMP_RESULT

public static final String TIMESTAMP_RESULT

See Also:

Constant Field Values

SIGNATURE_RESULT

public static final String SIGNATURE_RESULT

See Also:

Constant Field Values

PRINCIPAL_RESULT

public static final String PRINCIPAL_RESULT

See Also:

Constant Field Values

PROCESSOR_MAP

public static final String PROCESSOR_MAP

See Also:

Constant Field Values

VALIDATOR_MAP

public static final String VALIDATOR_MAP

See Also:

Constant Field Values

SECURITY_PROCESSED

public static final String SECURITY_PROCESSED

Constructor Detail

WSS4JInInterceptor

public WSS4JInInterceptor()

WSS4JInInterceptor

public WSS4JInInterceptor(boolean ignore)

WSS4JInInterceptor

public WSS4JInInterceptor(Map<String,Object> properties)

Method Detail

getAdditionalInterceptors

public Collection<PhaseInterceptor<? extends Message>> getAdditionalInterceptors()

Description copied from interface: PhaseInterceptor

Returns a collection of Interceptors that should be added to the chain whenever this interceptor is added. May return null.

Specified by:

getAdditionalInterceptors in interface PhaseInterceptor<SoapMessage>

Overrides:

getAdditionalInterceptors in class AbstractWSS4JInterceptor

Returns:

the collection of interceptors

setIgnoreActions

public void setIgnoreActions(boolean i)

getProperty

public Object getProperty(Object msgContext,
                          String key)

Overrides:

getProperty in class AbstractWSS4JInterceptor

isGET

public final boolean isGET(SoapMessage message)

handleMessage

public void handleMessage(SoapMessage msg)
                   throws Fault

Description copied from interface: Interceptor

Intercepts a message. Interceptors should NOT invoke handleMessage or handleFault on the next interceptor - the interceptor chain will take care of this.

Throws:

Fault

computeAction

protected void computeAction(SoapMessage msg,
                             org.apache.ws.security.handler.RequestData reqData)

Do whatever is necessary to determine the action for the incoming message and do whatever other setup work is necessary.

Parameters:

msg -

reqData -

doResults

protected void doResults(SoapMessage msg,
                         String actor,
                         Element soapHeader,
                         Element soapBody,
                         List<org.apache.ws.security.WSSecurityEngineResult> wsResult)
                  throws javax.xml.soap.SOAPException,
                         javax.xml.stream.XMLStreamException,
                         org.apache.ws.security.WSSecurityException

Throws:

javax.xml.soap.SOAPException

javax.xml.stream.XMLStreamException

org.apache.ws.security.WSSecurityException

doResults

protected void doResults(SoapMessage msg,
                         String actor,
                         Element soapHeader,
                         Element soapBody,
                         List<org.apache.ws.security.WSSecurityEngineResult> wsResult,
                         boolean utWithCallbacks)
                  throws javax.xml.soap.SOAPException,
                         javax.xml.stream.XMLStreamException,
                         org.apache.ws.security.WSSecurityException

Throws:

javax.xml.soap.SOAPException

javax.xml.stream.XMLStreamException

org.apache.ws.security.WSSecurityException

isSecurityContextPrincipal

protected boolean isSecurityContextPrincipal(Principal p,
                                             List<org.apache.ws.security.WSSecurityEngineResult> wsResult)

Checks if a given WSS4J Principal can be represented as a user principal inside SecurityContext. Example, UsernameToken or PublicKey principals can be used to facilitate checking the user roles, etc.

advanceBody

protected void advanceBody(SoapMessage msg,
                           Node body)
                    throws javax.xml.soap.SOAPException,
                           javax.xml.stream.XMLStreamException,
                           org.apache.ws.security.WSSecurityException

Throws:

javax.xml.soap.SOAPException

javax.xml.stream.XMLStreamException

org.apache.ws.security.WSSecurityException

createSecurityContext

protected SecurityContext createSecurityContext(Principal p)

getCallback

protected CallbackHandler getCallback(org.apache.ws.security.handler.RequestData reqData,
                                      int doAction,
                                      boolean utWithCallbacks)
                               throws org.apache.ws.security.WSSecurityException

Throws:

org.apache.ws.security.WSSecurityException

getCallback

protected CallbackHandler getCallback(org.apache.ws.security.handler.RequestData reqData,
                                      int doAction)
                               throws org.apache.ws.security.WSSecurityException

Throws:

org.apache.ws.security.WSSecurityException

getSecurityEngine

protected org.apache.ws.security.WSSecurityEngine getSecurityEngine(boolean utWithCallbacks)

Returns:

the WSSecurityEngine in use by this interceptor. This engine is defined to be the secEngineOverride instance, if defined in this class (and supplied through construction); otherwise, it is taken to be the default WSSecEngine instance (currently defined in the WSHandler base class).

createSecurityEngine

protected static org.apache.ws.security.WSSecurityEngine createSecurityEngine(Map<QName,Object> map)

Returns:

a freshly minted WSSecurityEngine instance, using the (non-null) processor map, to be used to initialize the WSSecurityEngine instance.