Package com.sun.enterprise.security.jmac

Examples of com.sun.enterprise.security.jmac.PacketMessageInfo


    private Packet processRequest(Packet request) throws Exception {

        AuthStatus status = AuthStatus.SUCCESS;
 
  PacketMessageInfo info= new PacketMapMessageInfo(request,new Packet());

  // XXX at this time, we expect the server subject to be null

  Subject serverSubject = (Subject)
      request.invocationProperties.get(PipeConstants.SERVER_SUBJECT);

  //could change the request packet
        ServerAuthContext sAC =
      helper.getServerAuthContext(info,serverSubject);

  Subject clientSubject = getClientSubject(request);

  final Packet validatedRequest;
 
  try {

      if (sAC != null) {
   
    // client subject must not be null
    // and when return status is SUCCESS, module
    // must have called handler.handle(CallerPrincipalCallback)

    status = sAC.validateRequest(info,clientSubject,serverSubject);

      }
  } catch(Exception e) {

      _logger.log(Level.SEVERE,"ws.error_validate_request", e);

      WebServiceException wse = new WebServiceException
    (localStrings.getLocalString
     ("enterprise.webservice.cantValidateRequest",
      "Cannot validate request for {0}",
      new Object[] { helper.getModelName() }),e);

      //set status for audit
      status = AuthStatus.SEND_FAILURE;

      // if unable to determine if two-way will return empty response
      return helper.getFaultResponse
    (info.getRequestPacket(),info.getResponsePacket(),wse);

  } finally {

      validatedRequest = info.getRequestPacket();
      helper.auditInvocation(validatedRequest,status);
  }

  Packet response = null;

  if (status == AuthStatus.SUCCESS) {

      boolean authorized = false;

      try {

    helper.authorize(validatedRequest);

    authorized = true;

      } catch (Exception e) {
    // not authorized, construct fault and proceded
    response = helper.getFaultResponse
        (validatedRequest,info.getResponsePacket(),e);
      }
     
      if (authorized) {

    // only do doAdPriv if SecurityManager is in effect
    if (System.getSecurityManager() == null) {
        try {
      // proceed to invoke the endpoint
      response = next.process(validatedRequest);
        } catch (Exception e) {
      if (e instanceof AuthException){
          _logger.log(Level.SEVERE,"ws.error_next_pipe", e);
      }
      response = helper.getFaultResponse
          (validatedRequest,info.getResponsePacket(),e);
        }
    } else {
        try {
      response = (Packet)Subject.doAsPrivileged
          (clientSubject,new PrivilegedExceptionAction() {
        public Object run() throws Exception {
            // proceed to invoke the endpoint
            return next.process(validatedRequest);
        }
          }, null);
        } catch (PrivilegedActionException pae) {
            Throwable cause = pae.getCause();
      if (cause instanceof AuthException){
          _logger.log(Level.SEVERE,"ws.error_next_pipe", cause);
      }
      response = helper.getFaultResponse
          (validatedRequest,info.getResponsePacket(),cause);
        }
    }
      }
     
      //pipes are not supposed to return a null response packet
      if (response == null) {

    WebServiceException wse = new WebServiceException
        (localStrings.getLocalString
         ("enterprise.webservice.nullResponsePacket",
          "Invocation of Service {0} returned null response packet",
          new Object[] { helper.getModelName() }));

    response = helper.getFaultResponse
        (validatedRequest,info.getResponsePacket(),wse);

    _logger.log(Level.SEVERE,"",wse);

      }

      // secure response, including if it is a fault
      if (sAC != null && response.getMessage() != null) {
    info.setResponsePacket(response);
    response = processResponse(info, sAC, serverSubject);
      }

  } else {
      // validateRequest did not return success
      if (_logger.isLoggable(Level.FINE)) {
    _logger.log(Level.FINE,"ws.status_validate_request", status);
      }
      // even for one-way mep, may return response with non-empty message
      response = info.getResponsePacket();
  }

        return response;
    }
View Full Code Here


    public void preDestroy() {
        //Give the AuthContext a chance to cleanup
        //create a dummy request packet
        try {
            Packet request = new Packet();
            PacketMessageInfo info = new PacketMapMessageInfo(request, new Packet());
            Subject subj = getClientSubject(request);
            ClientAuthContext cAC = helper.getClientAuthContext(info, subj);
             if (cAC != null && WSIT_CLIENT_AUTH_CONTEXT.equals(cAC.getClass().getName())) {
                cAC.cleanSubject(info, subj);
            }
View Full Code Here

   if(isHttpBinding) {
       return next.process(request);
   }
        */

  PacketMessageInfo info= new PacketMapMessageInfo(request,new Packet());
       
        info.getMap().put(javax.xml.ws.Endpoint.WSDL_SERVICE,
            helper.getProperty(PipeConstants.WSDL_SERVICE));

        AuthStatus status = AuthStatus.SEND_SUCCESS;

  Subject clientSubject = getClientSubject(request);

  ClientAuthContext cAC = null;

  try {

      cAC = helper.getClientAuthContext(info,clientSubject);

      if (cAC != null) {

    // proceed to process message sescurity
    status = cAC.secureRequest(info, clientSubject);
      }

  } catch(Exception e) {

      _logger.log(Level.SEVERE,"ws.error_secure_request", e);
     
      throw new WebServiceException
    (localStrings.getLocalString
     ("enterprise.webservice.cantSecureRequst",
      "Cannot secure request for {0}",
      new Object[] { helper.getModelName() }),e);
  }

  Packet response = null;

  if (status == AuthStatus.FAILURE) {
      if (_logger.isLoggable(Level.FINE)) {
    _logger.log(Level.FINE,"ws.status_secure_request", status);
      }
      response = info.getResponsePacket();
  } else {
      response = processSecureRequest(info,cAC,clientSubject);
  }

  // may return a security fault even if the MEP was one-way
View Full Code Here

    }
     
    public JAXBElement startSecureConversation(Packet packet)
            throws WSSecureConversationException {

  PacketMessageInfo info = new PacketMapMessageInfo(packet,new Packet());
  JAXBElement token = null;

  try {

      // gets the subject from the packet (puts one there if not found)
      Subject clientSubject = getClientSubject(packet);

      // put MessageInfo in properties map, since MessageInfo
      // is not passed to getAuthContext, key idicates function
      HashMap map = new HashMap();
      map.put(PipeConstants.SECURITY_TOKEN,info);

      helper.getSessionToken(map,info,clientSubject);

      // helper returns token in map of msgInfo, using same key
      Object o = info.getMap().get(PipeConstants.SECURITY_TOKEN);

      if (o != null && o instanceof JAXBElement) {
    token = (JAXBElement) o;
      }
View Full Code Here

            //XXX temporary, may need to re-structure the code
            if (GFServerConfigProvider.SOAP.equals(layer)) {
                // make this more efficient by operating on packet
                String rvalue = null;
                if (messageInfo instanceof PacketMessageInfo) {
                    PacketMessageInfo pmi = (PacketMessageInfo) messageInfo;
                    Packet p = (Packet) pmi.getRequestPacket();
                    if (p != null) {
                        Message m = p.getMessage();
                        if (m != null) {
                            WSDLPort port =
                                (WSDLPort) messageInfo.getMap().get("WSDL_MODEL");
View Full Code Here

TOP

Related Classes of com.sun.enterprise.security.jmac.PacketMessageInfo

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.