List of usage examples for javax.xml.soap SOAPException getMessage
@Override
public String getMessage()
From source file:nl.nn.adapterframework.extensions.cxf.SOAPProviderBase.java
@Override public SOAPMessage invoke(SOAPMessage request) { String result;//from ww w . ja v a 2 s.c om PipeLineSessionBase pipelineSession = new PipeLineSessionBase(); String correlationId = Misc.createSimpleUUID(); log.debug(getLogPrefix(correlationId) + "received message"); if (request == null) { String faultcode = "soap:Server"; String faultstring = "SOAPMessage is null"; String httpRequestMethod = (String) webServiceContext.getMessageContext() .get(MessageContext.HTTP_REQUEST_METHOD); if (!"POST".equals(httpRequestMethod)) { faultcode = "soap:Client"; faultstring = "Request was send using '" + httpRequestMethod + "' instead of 'POST'"; } result = "<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">" + "<soap:Body><soap:Fault>" + "<faultcode>" + faultcode + "</faultcode>" + "<faultstring>" + faultstring + "</faultstring>" + "</soap:Fault></soap:Body></soap:Envelope>"; } else { // Make mime headers in request available as session key @SuppressWarnings("unchecked") Iterator<MimeHeader> mimeHeaders = request.getMimeHeaders().getAllHeaders(); String mimeHeadersXml = getMimeHeadersXml(mimeHeaders).toXML(); pipelineSession.put("mimeHeaders", mimeHeadersXml); // Make attachments in request (when present) available as session keys int i = 1; XmlBuilder attachments = new XmlBuilder("attachments"); @SuppressWarnings("unchecked") Iterator<AttachmentPart> attachmentParts = request.getAttachments(); while (attachmentParts.hasNext()) { try { InputStreamAttachmentPart attachmentPart = new InputStreamAttachmentPart( attachmentParts.next()); XmlBuilder attachment = new XmlBuilder("attachment"); attachments.addSubElement(attachment); XmlBuilder sessionKey = new XmlBuilder("sessionKey"); sessionKey.setValue("attachment" + i); attachment.addSubElement(sessionKey); pipelineSession.put("attachment" + i, attachmentPart.getInputStream()); log.debug(getLogPrefix(correlationId) + "adding attachment [attachment" + i + "] to session"); @SuppressWarnings("unchecked") Iterator<MimeHeader> attachmentMimeHeaders = attachmentPart.getAllMimeHeaders(); attachment.addSubElement(getMimeHeadersXml(attachmentMimeHeaders)); } catch (SOAPException e) { e.printStackTrace(); log.warn("Could not store attachment in session key", e); } i++; } pipelineSession.put("attachments", attachments.toXML()); // Transform SOAP message to string String message; try { message = XmlUtils.nodeToString(request.getSOAPPart()); log.debug(getLogPrefix(correlationId) + "transforming from SOAP message"); } catch (TransformerException e) { String m = "Could not transform SOAP message to string"; log.error(m, e); throw new WebServiceException(m, e); } // Process message via WebServiceListener ISecurityHandler securityHandler = new WebServiceContextSecurityHandler(webServiceContext); pipelineSession.setSecurityHandler(securityHandler); pipelineSession.put(IPipeLineSession.HTTP_REQUEST_KEY, webServiceContext.getMessageContext().get(MessageContext.SERVLET_REQUEST)); pipelineSession.put(IPipeLineSession.HTTP_RESPONSE_KEY, webServiceContext.getMessageContext().get(MessageContext.SERVLET_RESPONSE)); try { log.debug(getLogPrefix(correlationId) + "processing message"); result = processRequest(correlationId, message, pipelineSession); } catch (ListenerException e) { String m = "Could not process SOAP message: " + e.getMessage(); log.error(m); throw new WebServiceException(m, e); } } // Transform result string to SOAP message SOAPMessage soapMessage = null; try { log.debug(getLogPrefix(correlationId) + "transforming to SOAP message"); soapMessage = getMessageFactory().createMessage(); StreamSource streamSource = new StreamSource(new StringReader(result)); soapMessage.getSOAPPart().setContent(streamSource); } catch (SOAPException e) { String m = "Could not transform string to SOAP message"; log.error(m); throw new WebServiceException(m, e); } String multipartXml = (String) pipelineSession.get(attachmentXmlSessionKey); log.debug(getLogPrefix(correlationId) + "building multipart message with MultipartXmlSessionKey [" + multipartXml + "]"); if (StringUtils.isNotEmpty(multipartXml)) { Element partsElement; try { partsElement = XmlUtils.buildElement(multipartXml); } catch (DomBuilderException e) { String m = "error building multipart xml"; log.error(m, e); throw new WebServiceException(m, e); } Collection<Node> parts = XmlUtils.getChildTags(partsElement, "part"); if (parts == null || parts.size() == 0) { log.warn(getLogPrefix(correlationId) + "no part(s) in multipart xml [" + multipartXml + "]"); } else { Iterator<Node> iter = parts.iterator(); while (iter.hasNext()) { Element partElement = (Element) iter.next(); //String partType = partElement.getAttribute("type"); String partName = partElement.getAttribute("name"); String partSessionKey = partElement.getAttribute("sessionKey"); String partMimeType = partElement.getAttribute("mimeType"); Object partObject = pipelineSession.get(partSessionKey); if (partObject instanceof InputStream) { InputStream fis = (InputStream) partObject; DataHandler dataHander = null; try { dataHander = new DataHandler(new ByteArrayDataSource(fis, partMimeType)); } catch (IOException e) { String m = "Unable to add session key '" + partSessionKey + "' as attachment"; log.error(m, e); throw new WebServiceException(m, e); } AttachmentPart attachmentPart = soapMessage.createAttachmentPart(dataHander); attachmentPart.setContentId(partName); soapMessage.addAttachmentPart(attachmentPart); log.debug(getLogPrefix(correlationId) + "appended filepart [" + partSessionKey + "] with value [" + partObject + "] and name [" + partName + "]"); } else { //String String partValue = (String) partObject; DataHandler dataHander = new DataHandler(new ByteArrayDataSource(partValue, partMimeType)); AttachmentPart attachmentPart = soapMessage.createAttachmentPart(dataHander); attachmentPart.setContentId(partName); soapMessage.addAttachmentPart(attachmentPart); log.debug(getLogPrefix(correlationId) + "appended stringpart [" + partSessionKey + "] with value [" + partValue + "]"); } } } } return soapMessage; }
From source file:org.apache.axis.SOAPPart.java
/** * Write the contents to the specified writer. * * @param writer the <code>Writer</code> to write to *//* w ww . jav a2 s.c o m*/ public void writeTo(Writer writer) throws IOException { boolean inclXmlDecl = false; if (msgObject.getMessageContext() != null) { // if we have message context (JAX-RPC), write xml decl always. inclXmlDecl = true; } else { // if we have no message context (SAAJ), write xml decl according to property. try { String xmlDecl = (String) msgObject.getProperty(SOAPMessage.WRITE_XML_DECLARATION); if (xmlDecl != null && xmlDecl.equals("true")) { inclXmlDecl = true; } } catch (SOAPException e) { throw new IOException(e.getMessage()); } } if (currentForm == FORM_FAULT) { AxisFault env = (AxisFault) currentMessage; try { SerializationContext serContext = new SerializationContext(writer, getMessage().getMessageContext()); serContext.setSendDecl(inclXmlDecl); serContext.setEncoding(currentEncoding); env.output(serContext); } catch (Exception e) { log.error(Messages.getMessage("exception00"), e); throw env; } return; } if (currentForm == FORM_SOAPENVELOPE) { SOAPEnvelope env = (SOAPEnvelope) currentMessage; try { SerializationContext serContext = new SerializationContext(writer, getMessage().getMessageContext()); serContext.setSendDecl(inclXmlDecl); serContext.setEncoding(currentEncoding); env.output(serContext); } catch (Exception e) { throw AxisFault.makeFault(e); } return; } String xml = this.getAsString(); if (inclXmlDecl) { if (!xml.startsWith("<?xml")) { writer.write("<?xml version=\"1.0\" encoding=\""); writer.write(currentEncoding); writer.write("\"?>"); } } writer.write(xml); }
From source file:org.apache.ws.security.handler.WSS4JHandler.java
/** * Handles incoming web service requests and outgoing responses *//* ww w . ja va2 s .c om*/ public boolean doSender(MessageContext mc, RequestData reqData, boolean isRequest) throws WSSecurityException { reqData.getSignatureParts().removeAllElements(); reqData.getEncryptParts().removeAllElements(); reqData.setNoSerialization(false); /* * Get the action first. */ Vector actions = new Vector(); String action = (String) getOption(WSHandlerConstants.SEND + '.' + WSHandlerConstants.ACTION); if (action == null) { action = (String) getOption(WSHandlerConstants.ACTION); if (action == null) { action = (String) mc.getProperty(WSHandlerConstants.ACTION); } } if (action == null) { throw new JAXRPCException("WSS4JHandler: No action defined"); } int doAction = WSSecurityUtil.decodeAction(action, actions); if (doAction == WSConstants.NO_SECURITY) { return true; } /* * For every action we need a username, so get this now. The username * defined in the deployment descriptor takes precedence. */ reqData.setUsername((String) getOption(WSHandlerConstants.USER)); if (reqData.getUsername() == null || reqData.getUsername().equals("")) { reqData.setUsername((String) mc.getProperty(WSHandlerConstants.USER)); mc.removeProperty(WSHandlerConstants.USER); } /* * Now we perform some set-up for UsernameToken and Signature * functions. No need to do it for encryption only. Check if username * is available and then get a password. */ if (((doAction & (WSConstants.SIGN | WSConstants.UT | WSConstants.UT_SIGN)) != 0) && (reqData.getUsername() == null || reqData.getUsername().equals(""))) { /* * We need a username - if none throw an JAXRPCException. For encryption * there is a specific parameter to get a username. */ throw new JAXRPCException("WSS4JHandler: Empty username for specified action"); } if (doDebug) { log.debug("Action: " + doAction); log.debug("Actor: " + reqData.getActor()); } /* * Now get the SOAP part from the request message and convert it into a * Document. * * This forces Axis to serialize the SOAP request into FORM_STRING. * This string is converted into a document. * * During the FORM_STRING serialization Axis performs multi-ref of * complex data types (if requested), generates and inserts references * for attachments and so on. The resulting Document MUST be the * complete and final SOAP request as Axis would send it over the wire. * Therefore this must shall be the last (or only) handler in a chain. * * Now we can perform our security operations on this request. */ Document doc = null; SOAPMessage message = ((SOAPMessageContext) mc).getMessage(); Boolean propFormOptimization = (Boolean) mc.getProperty("axis.form.optimization"); log.debug("Form optimization: " + propFormOptimization); /* * If the message context property contains a document then this is a * chained handler. */ SOAPPart sPart = message.getSOAPPart(); if ((doc = (Document) mc.getProperty(WSHandlerConstants.SND_SECURITY)) == null) { try { doc = messageToDocument(message); } catch (Exception e) { if (doDebug) { log.debug(e.getMessage(), e); } throw new JAXRPCException("WSS4JHandler: cannot get SOAP envlope from message", e); } } if (doDebug) { log.debug("WSS4JHandler: orginal SOAP request: "); log.debug(org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc)); } doSenderAction(doAction, doc, reqData, actions, isRequest); /* * If required convert the resulting document into a message first. The * outputDOM() method performs the necessary c14n call. After that we * extract it as a string for further processing. * * Set the resulting byte array as the new SOAP message. * * If noSerialization is false, this handler shall be the last (or only) * one in a handler chain. If noSerialization is true, just set the * processed Document in the transfer property. The next Axis WSS4J * handler takes it and performs additional security processing steps. * */ if (reqData.isNoSerialization()) { mc.setProperty(WSHandlerConstants.SND_SECURITY, doc); } else { ByteArrayOutputStream os = new ByteArrayOutputStream(); XMLUtils.outputDOM(doc, os, true); if (doDebug) { String osStr = null; try { osStr = os.toString("UTF-8"); } catch (UnsupportedEncodingException e) { if (doDebug) { log.debug(e.getMessage(), e); } osStr = os.toString(); } log.debug("Send request:"); log.debug(osStr); } try { sPart.setContent(new StreamSource(new ByteArrayInputStream(os.toByteArray()))); } catch (SOAPException se) { if (doDebug) { log.debug(se.getMessage(), se); } throw new JAXRPCException("Couldn't set content on SOAPPart" + se.getMessage(), se); } mc.removeProperty(WSHandlerConstants.SND_SECURITY); } if (doDebug) { log.debug("WSS4JHandler: exit invoke()"); } return true; }
From source file:org.apache.ws.security.handler.WSS4JHandler.java
/** * handle responses//from w ww .j a v a 2 s .c om * * @param mc * @param reqData * @return true on successful processing * @throws WSSecurityException */ public boolean doReceiver(MessageContext mc, RequestData reqData, boolean isRequest) throws WSSecurityException { Vector actions = new Vector(); String action = (String) getOption(WSHandlerConstants.RECEIVE + '.' + WSHandlerConstants.ACTION); if (action == null) { action = (String) getOption(WSHandlerConstants.ACTION); if (action == null) { action = (String) mc.getProperty(WSHandlerConstants.ACTION); } } if (action == null) { throw new JAXRPCException("WSS4JHandler: No action defined"); } int doAction = WSSecurityUtil.decodeAction(action, actions); String actor = (String) getOption(WSHandlerConstants.ACTOR); SOAPMessage message = ((SOAPMessageContext) mc).getMessage(); SOAPPart sPart = message.getSOAPPart(); Document doc = null; try { doc = messageToDocument(message); } catch (Exception ex) { if (doDebug) { log.debug(ex.getMessage(), ex); } throw new JAXRPCException("WSS4JHandler: cannot convert into document", ex); } /* * Check if it's a fault. Don't process faults. * */ SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc.getDocumentElement()); if (WSSecurityUtil.findElement(doc.getDocumentElement(), "Fault", soapConstants.getEnvelopeURI()) != null) { return false; } /* * To check a UsernameToken or to decrypt an encrypted message we need * a password. */ CallbackHandler cbHandler = null; if ((doAction & (WSConstants.ENCR | WSConstants.UT)) != 0) { cbHandler = getPasswordCB(reqData); } /* * Get and check the Signature specific parameters first because they * may be used for encryption too. */ doReceiverAction(doAction, reqData); Vector wsResult = null; try { wsResult = secEngine.processSecurityHeader(doc, actor, cbHandler, reqData.getSigCrypto(), reqData.getDecCrypto()); } catch (WSSecurityException ex) { if (doDebug) { log.debug(ex.getMessage(), ex); } throw new JAXRPCException("WSS4JHandler: security processing failed", ex); } if (wsResult == null) { // no security header found if (doAction == WSConstants.NO_SECURITY) { return true; } else { throw new JAXRPCException("WSS4JHandler: Request does not contain required Security header"); } } if (reqData.getWssConfig().isEnableSignatureConfirmation() && !isRequest) { checkSignatureConfirmation(reqData, wsResult); } /* * If we had some security processing, get the original * SOAP part of Axis' message and replace it with new SOAP * part. This new part may contain decrypted elements. */ ByteArrayOutputStream os = new ByteArrayOutputStream(); XMLUtils.outputDOM(doc, os, true); try { sPart.setContent(new StreamSource(new ByteArrayInputStream(os.toByteArray()))); } catch (SOAPException se) { if (doDebug) { log.debug(se.getMessage(), se); } throw new JAXRPCException("Couldn't set content on SOAPPart" + se.getMessage(), se); } if (doDebug) { log.debug("Processed received SOAP request"); } /* * After setting the new current message, probably modified because * of decryption, we need to locate the security header. That is, * we force Axis (with getSOAPEnvelope()) to parse the string, build * the new header. Then we examine, look up the security header * and set the header as processed. * * Please note: find all header elements that contain the same * actor that was given to processSecurityHeader(). Then * check if there is a security header with this actor. */ SOAPHeader sHeader = null; try { sHeader = message.getSOAPPart().getEnvelope().getHeader(); } catch (Exception ex) { if (doDebug) { log.debug(ex.getMessage(), ex); } throw new JAXRPCException("WSS4JHandler: cannot get SOAP header after security processing", ex); } Iterator headers = sHeader.examineHeaderElements(actor); SOAPHeaderElement headerElement = null; while (headers.hasNext()) { SOAPHeaderElement hE = (SOAPHeaderElement) headers.next(); if (hE.getElementName().getLocalName().equals(WSConstants.WSSE_LN) && ((Node) hE).getNamespaceURI().equals(WSConstants.WSSE_NS)) { headerElement = hE; break; } } /* JAXRPC conversion changes */ headerElement.setMustUnderstand(false); // is this sufficient? /* * Now we can check the certificate used to sign the message. * In the following implementation the certificate is only trusted * if either it itself or the certificate of the issuer is installed * in the keystore. * * Note: the method verifyTrust(X509Certificate) allows custom * implementations with other validation algorithms for subclasses. */ // Extract the signature action result from the action vector WSSecurityEngineResult actionResult = WSSecurityUtil.fetchActionResult(wsResult, WSConstants.SIGN); if (actionResult != null) { X509Certificate returnCert = (X509Certificate) actionResult .get(WSSecurityEngineResult.TAG_X509_CERTIFICATE); if (returnCert != null && !verifyTrust(returnCert, reqData)) { throw new JAXRPCException("WSS4JHandler: The certificate used for the signature is not trusted"); } } /* * Perform further checks on the timestamp that was transmitted in the header. * In the following implementation the timestamp is valid if it was * created after (now-ttl), where ttl is set on server side, not by the client. * * Note: the method verifyTimestamp(Timestamp) allows custom * implementations with other validation algorithms for subclasses. */ // Extract the timestamp action result from the action vector actionResult = WSSecurityUtil.fetchActionResult(wsResult, WSConstants.TS); if (actionResult != null) { Timestamp timestamp = (Timestamp) actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP); if (timestamp != null && reqData.getWssConfig().isTimeStampStrict() && !verifyTimestamp(timestamp, decodeTimeToLive(reqData))) { throw new JAXRPCException("WSS4JHandler: The timestamp could not be validated"); } } /* * now check the security actions: do they match, in right order? */ if (!checkReceiverResults(wsResult, actions)) { throw new JAXRPCException("WSS4JHandler: security processing failed (actions mismatch)"); } /* * All ok up to this point. Now construct and setup the * security result structure. The service may fetch this * and check it. */ Vector results = null; if ((results = (Vector) mc.getProperty(WSHandlerConstants.RECV_RESULTS)) == null) { results = new Vector(); mc.setProperty(WSHandlerConstants.RECV_RESULTS, results); } WSHandlerResult rResult = new WSHandlerResult(actor, wsResult); results.add(0, rResult); if (doDebug) { log.debug("WSS4JHandler: exit invoke()"); } return true; }
From source file:org.codice.ddf.security.interceptor.AnonymousInterceptor.java
@Override public void handleMessage(SoapMessage message) throws Fault { if (anonymousAccessDenied) { LOGGER.debug("AnonymousAccess not enabled - no message checking performed."); return;/* ww w. j a v a 2 s. c o m*/ } if (message != null) { SoapVersion version = message.getVersion(); SOAPMessage soapMessage = getSOAPMessage(message); SOAPFactory soapFactory = null; SOAPElement securityHeader = null; //Check if security header exists; if not, execute AnonymousInterceptor logic String actor = (String) getOption(WSHandlerConstants.ACTOR); if (actor == null) { actor = (String) message.getContextualProperty(SecurityConstants.ACTOR); } Element existingSecurityHeader = null; try { LOGGER.debug("Checking for security header."); existingSecurityHeader = WSSecurityUtil.getSecurityHeader(soapMessage.getSOAPPart(), actor); } catch (WSSecurityException e1) { LOGGER.debug("Issue with getting security header", e1); } if (existingSecurityHeader == null) { LOGGER.debug("Current request has no security header, continuing with AnonymousInterceptor"); AssertionInfoMap assertionInfoMap = message.get(AssertionInfoMap.class); // if there is a policy we need to follow or we are ignoring policies, prepare the SOAP message if ((assertionInfoMap != null) || overrideEndpointPolicies) { RequestData reqData = new CXFRequestData(); WSSConfig config = (WSSConfig) message.getContextualProperty(WSSConfig.class.getName()); WSSecurityEngine engine = null; if (config != null) { engine = new WSSecurityEngine(); engine.setWssConfig(config); } if (engine == null) { engine = new WSSecurityEngine(); config = engine.getWssConfig(); } reqData.setWssConfig(config); try { soapFactory = SOAPFactory.newInstance(); } catch (SOAPException e) { LOGGER.error("Could not create a SOAPFactory.", e); return; // can't add anything if we can't create it } if (soapFactory != null) { //Create security header try { securityHeader = soapFactory.createElement(WSConstants.WSSE_LN, WSConstants.WSSE_PREFIX, WSConstants.WSSE_NS); securityHeader.addAttribute( new QName(WSConstants.URI_SOAP11_ENV, WSConstants.ATTR_MUST_UNDERSTAND), "1"); } catch (SOAPException e) { LOGGER.error("Unable to create security header for anonymous user.", e); return; // can't create the security - just return } } } EffectivePolicy effectivePolicy = message.get(EffectivePolicy.class); Exchange exchange = message.getExchange(); BindingOperationInfo bindingOperationInfo = exchange.getBindingOperationInfo(); Endpoint endpoint = exchange.get(Endpoint.class); if (null == endpoint) { return; } EndpointInfo endpointInfo = endpoint.getEndpointInfo(); Bus bus = exchange.get(Bus.class); PolicyEngine policyEngine = bus.getExtension(PolicyEngine.class); if (effectivePolicy == null) { if (policyEngine != null) { if (MessageUtils.isRequestor(message)) { effectivePolicy = policyEngine.getEffectiveClientResponsePolicy(endpointInfo, bindingOperationInfo, message); } else { effectivePolicy = policyEngine.getEffectiveServerRequestPolicy(endpointInfo, bindingOperationInfo, message); } } } //Auto analyze endpoint policies //Token Assertions String tokenAssertion = null; String tokenType = null; //Security Binding Assertions boolean layoutLax = false; boolean layoutStrict = false; boolean layoutLaxTimestampFirst = false; boolean layoutLaxTimestampLast = false; boolean requireClientCert = false; QName secBindingAssertion = null; //Supporting Token Assertions QName supportingTokenAssertion = null; boolean policyRequirementsSupported = false; // if there is a policy, try to follow it as closely as possible if (effectivePolicy != null) { Policy policy = effectivePolicy.getPolicy(); if (policy != null) { AssertionInfoMap infoMap = new AssertionInfoMap(policy); Set<Map.Entry<QName, Collection<AssertionInfo>>> entries = infoMap.entrySet(); for (Map.Entry<QName, Collection<AssertionInfo>> entry : entries) { Collection<AssertionInfo> assetInfoList = entry.getValue(); for (AssertionInfo info : assetInfoList) { LOGGER.debug("Assertion Name: {}", info.getAssertion().getName().getLocalPart()); QName qName = info.getAssertion().getName(); StringWriter out = new StringWriter(); XMLStreamWriter writer = null; try { writer = XMLOutputFactory.newInstance().createXMLStreamWriter(out); } catch (XMLStreamException e) { LOGGER.debug("Error with XMLStreamWriter", e); } catch (FactoryConfigurationError e) { LOGGER.debug("Error with FactoryConfiguration", e); } try { if (writer != null) { info.getAssertion().serialize(writer); writer.flush(); } } catch (XMLStreamException e) { LOGGER.debug("Error with XMLStream", e); } finally { if (writer != null) { try { writer.close(); } catch (XMLStreamException ignore) { //ignore } } } LOGGER.trace("Assertion XML: {}", out.toString()); String xml = out.toString(); // TODO DDF-1205 complete support for dynamic policy handling if (qName.equals(SP12Constants.TRANSPORT_BINDING)) { secBindingAssertion = qName; } else if (qName.equals(SP12Constants.INCLUDE_TIMESTAMP)) { createIncludeTimestamp(soapFactory, securityHeader); } else if (qName.equals(SP12Constants.LAYOUT)) { String xpathLax = "/Layout/Policy/Lax"; String xpathStrict = "/Layout/Policy/Strict"; String xpathLaxTimestampFirst = "/Layout/Policy/LaxTimestampFirst"; String xpathLaxTimestampLast = "/Layout/Policy/LaxTimestampLast"; } else if (qName.equals(SP12Constants.TRANSPORT_TOKEN)) { } else if (qName.equals(SP12Constants.HTTPS_TOKEN)) { String xpath = "/HttpsToken/Policy/RequireClientCertificate"; } else if (qName.equals(SP12Constants.SIGNED_SUPPORTING_TOKENS)) { String xpath = "/SignedSupportingTokens/Policy//IssuedToken/RequestSecurityTokenTemplate/TokenType"; tokenType = retrieveXmlValue(xml, xpath); supportingTokenAssertion = qName; } else if (qName.equals(SP12Constants.SUPPORTING_TOKENS)) { String xpath = "/SupportingTokens/Policy//IssuedToken/RequestSecurityTokenTemplate/TokenType"; tokenType = retrieveXmlValue(xml, xpath); supportingTokenAssertion = qName; } else if (qName.equals( org.apache.cxf.ws.addressing.policy.MetadataConstants.ADDRESSING_ASSERTION_QNAME)) { createAddressing(message, soapMessage, soapFactory); } else if (qName.equals(SP12Constants.TRUST_13)) { } else if (qName.equals(SP12Constants.ISSUED_TOKEN)) { //Check Token Assertion String xpath = "/IssuedToken/@IncludeToken"; tokenAssertion = retrieveXmlValue(xml, xpath); } else if (qName.equals(SP12Constants.WSS11)) { } } } //Check security and token policies if (tokenAssertion != null && tokenType != null && tokenAssertion.trim().equals(SP12Constants.INCLUDE_ALWAYS_TO_RECIPIENT) && tokenType.trim().equals(TOKEN_SAML20)) { policyRequirementsSupported = true; } else { LOGGER.warn( "AnonymousInterceptor does not support the policies presented by the endpoint."); } } else { if (overrideEndpointPolicies) { LOGGER.debug( "WS Policy is null, override is true - an anonymous assertion will be generated"); } else { LOGGER.warn( "WS Policy is null, override flag is false - no anonymous assertion will be generated."); } } } else { if (overrideEndpointPolicies) { LOGGER.debug( "Effective WS Policy is null, override is true - an anonymous assertion will be generated"); } else { LOGGER.warn( "Effective WS Policy is null, override flag is false - no anonymous assertion will be generated."); } } if (policyRequirementsSupported || overrideEndpointPolicies) { LOGGER.debug("Creating anonymous security token."); if (soapFactory != null) { HttpServletRequest request = (HttpServletRequest) message .get(AbstractHTTPDestination.HTTP_REQUEST); createSecurityToken(version, soapFactory, securityHeader, request.getRemoteAddr()); try { // Add security header to SOAP message soapMessage.getSOAPHeader().addChildElement(securityHeader); } catch (SOAPException e) { LOGGER.error("Issue when adding security header to SOAP message:" + e.getMessage()); } } else { LOGGER.debug("Security Header was null so not creating a SAML Assertion"); } } } else { LOGGER.debug("SOAP message contains security header, no action taken by the AnonymousInterceptor."); } if (LOGGER.isTraceEnabled()) { try { LOGGER.trace("SOAP request after anonymous interceptor: {}", SecurityLogger.getFormattedXml(soapMessage.getSOAPHeader().getParentNode())); } catch (SOAPException e) { //ignore } } } else { LOGGER.error("Incoming SOAP message is null - anonymous interceptor makes no sense."); } }
From source file:org.jlibrary.core.repository.axis.AxisRepositoryService.java
public Document createDocument(Ticket ticket, DocumentProperties docProperties) throws RepositoryException, SecurityException { org.jlibrary.core.repository.RepositoryService service = JLibraryServiceFactory.getInstance(localProfile) .getRepositoryService();// www . ja va 2s . c o m byte[] realContent; try { AttachmentPart[] attachments = getMessageAttachements(); InputStream is = attachments[0].getDataHandler().getInputStream(); realContent = IOUtils.toByteArray(is); is.close(); docProperties.setProperty(DocumentProperties.DOCUMENT_CONTENT, realContent); } catch (AxisFault e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } catch (IOException ioe) { logger.error(ioe.getMessage(), ioe); throw new RepositoryException(ioe); } catch (SOAPException se) { logger.error(se.getMessage(), se); throw new RepositoryException(se); } catch (PropertyNotFoundException e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } catch (InvalidPropertyTypeException e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } return service.createDocument(ticket, docProperties); }
From source file:org.jlibrary.core.repository.axis.AxisRepositoryService.java
public List createDocuments(Ticket ticket, List properties) throws RepositoryException, SecurityException { org.jlibrary.core.repository.RepositoryService service = JLibraryServiceFactory.getInstance(localProfile) .getRepositoryService();//ww w . jav a 2 s . c om byte[] realContent; try { for (int i = 0; i < properties.size(); i++) { DocumentProperties props = (DocumentProperties) properties.get(i); AttachmentPart[] attachments = getMessageAttachements(); InputStream is = attachments[i].getDataHandler().getInputStream(); realContent = IOUtils.toByteArray(is); is.close(); props.setProperty(DocumentProperties.DOCUMENT_CONTENT, realContent); } } catch (AxisFault e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } catch (IOException ioe) { logger.error(ioe.getMessage(), ioe); throw new RepositoryException(ioe); } catch (SOAPException se) { logger.error(se.getMessage(), se); throw new RepositoryException(se); } catch (PropertyNotFoundException e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } catch (InvalidPropertyTypeException e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } return service.createDocuments(ticket, properties); }
From source file:org.jlibrary.core.repository.axis.AxisRepositoryService.java
public Document updateDocument(Ticket ticket, DocumentProperties docProperties) throws RepositoryException, SecurityException, ResourceLockedException { org.jlibrary.core.repository.RepositoryService service = JLibraryServiceFactory.getInstance(localProfile) .getRepositoryService();/* ww w. j a v a 2 s. c o m*/ if (docProperties.hasProperty(DocumentProperties.DOCUMENT_CONTENT)) { byte[] realContent; try { AttachmentPart[] attachments = getMessageAttachements(); InputStream is = attachments[0].getDataHandler().getInputStream(); realContent = IOUtils.toByteArray(is); is.close(); docProperties.setProperty(DocumentProperties.DOCUMENT_CONTENT, realContent); } catch (AxisFault e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } catch (IOException ioe) { logger.error(ioe.getMessage(), ioe); throw new RepositoryException(ioe); } catch (SOAPException se) { logger.error(se.getMessage(), se); throw new RepositoryException(se); } catch (PropertyNotFoundException e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } catch (InvalidPropertyTypeException e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } } return service.updateDocument(ticket, docProperties); }
From source file:org.jlibrary.core.repository.axis.AxisRepositoryService.java
public void importRepository(Ticket ticket, byte[] content, String name) throws RepositoryAlreadyExistsException, RepositoryException, SecurityException { org.jlibrary.core.repository.RepositoryService service = JLibraryServiceFactory.getInstance(localProfile) .getRepositoryService();/*from w w w .j av a2 s. c om*/ byte[] realContent; try { AttachmentPart[] attachments = getMessageAttachements(); InputStream is = attachments[0].getDataHandler().getInputStream(); realContent = IOUtils.toByteArray(is); is.close(); } catch (AxisFault e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } catch (IOException ioe) { logger.error(ioe.getMessage(), ioe); throw new RepositoryException(ioe); } catch (SOAPException se) { logger.error(se.getMessage(), se); throw new RepositoryException(se); } service.importRepository(ticket, realContent, name); }
From source file:org.jlibrary.core.repository.axis.AxisRepositoryService.java
/** * @see org.jlibrary.core.repository.def.ResourcesModule#createResource(org.jlibrary.core.entities.Ticket, org.jlibrary.core.properties.ResourceNodeProperties) *///from www .j av a2s .co m public ResourceNode createResource(Ticket ticket, ResourceNodeProperties properties) throws RepositoryException, SecurityException { org.jlibrary.core.repository.RepositoryService service = JLibraryServiceFactory.getInstance(localProfile) .getRepositoryService(); byte[] realContent; try { AttachmentPart[] attachments = getMessageAttachements(); InputStream is = attachments[0].getDataHandler().getInputStream(); realContent = IOUtils.toByteArray(is); is.close(); properties.setProperty(ResourceNodeProperties.RESOURCE_CONTENT, realContent); } catch (AxisFault e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } catch (IOException ioe) { logger.error(ioe.getMessage(), ioe); throw new RepositoryException(ioe); } catch (SOAPException se) { logger.error(se.getMessage(), se); throw new RepositoryException(se); } catch (PropertyNotFoundException e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } catch (InvalidPropertyTypeException e) { logger.error(e.getMessage(), e); throw new RepositoryException(e); } return service.createResource(ticket, properties); }