Package org.apache.sandesha2.security

Examples of org.apache.sandesha2.security.SecurityManager

112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
    }

    // Check that the create sequence response message proves possession of the correct token
    String tokenData = rmsBean.getSecurityTokenData();
    if(tokenData != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      MessageContext crtSeqResponseCtx = createSeqResponseRMMsgCtx.getMessageContext();
      OMElement body = crtSeqResponseCtx.getEnvelope().getBody();
      SecurityToken token = secManager.recoverSecurityToken(tokenData);
      secManager.checkProofOfPossession(token, body, crtSeqResponseCtx);
    }

    String internalSequenceId = rmsBean.getInternalSequenceID();
    if (internalSequenceId == null || "".equals(internalSequenceId)) {
      String message = SandeshaMessageHelper.getMessage(SandeshaMessageKeys.tempSeqIdNotSet);
View Full Code Here
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
    // Check that both the Sequence header and message body have been secured properly
    RMDBeanMgr mgr = storageManager.getRMDBeanMgr();
    RMDBean bean = mgr.retrieve(sequenceId);
   
    if(bean != null && bean.getSecurityTokenData() != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(msgCtx.getConfigurationContext());
     
      QName seqName = new QName(rmMsgCtx.getRMNamespaceValue(), Sandesha2Constants.WSRM_COMMON.SEQUENCE);
     
      SOAPEnvelope envelope = msgCtx.getEnvelope();
      OMElement body = envelope.getBody();
      OMElement seqHeader = envelope.getHeader().getFirstChildWithName(seqName);
     
      SecurityToken token = secManager.recoverSecurityToken(bean.getSecurityTokenData());
     
      secManager.checkProofOfPossession(token, seqHeader, msgCtx);
      secManager.checkProofOfPossession(token, body, msgCtx);
    }
   
    // Store the inbound sequence id, number and lastMessage onto the operation context
    OperationContext opCtx = msgCtx.getOperationContext();
    if(opCtx != null) {
View Full Code Here
457
458
459
460
461
462
463
464
465
466
467
468
    storageManager.storeMessageContext(clonedMsgStoreKey, clonedMessage);
    rmsBean.setReferenceMessageStoreKey(clonedMsgStoreKey);
   
    SecurityToken token = (SecurityToken) createSeqRMMessage.getProperty(Sandesha2Constants.MessageContextProperties.SECURITY_TOKEN);
    if(token != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      rmsBean.setSecurityTokenData(secManager.getTokenRecoveryData(token));
    }
   
    storageManager.getRMSBeanMgr().insert(rmsBean);

    SenderBean createSeqEntry = new SenderBean();
View Full Code Here
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
      StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(context, context.getAxisConfiguration());
     
      // If the inbound CreateSequence includes a SecurityTokenReference then
      // ask the security manager to resolve that to a token for us. We also
      // check that the Create was secured using the token.
      SecurityManager secManager = SandeshaUtil.getSecurityManager(context);
      OMElement theSTR = createSeqPart.getSecurityTokenReference();
      SecurityToken token = null;
      if(theSTR != null) {
        MessageContext msgcontext = createSeqRMMsg.getMessageContext();
        token = secManager.getSecurityToken(theSTR, msgcontext);
       
        // The create must be the body part of this message, so we check the
        // security of that element.
        OMElement body = msgcontext.getEnvelope().getBody();
        secManager.checkProofOfPossession(token, body, msgcontext);
      }
 
      //if toAddress is RMAnon we may need to terminate the request side sequence here.
      EndpointReference toEPR = createSeqMsg.getTo();
      if (toEPR.hasAnonymousAddress()) {
View Full Code Here
729
730
731
732
733
734
735
736
737
738
739
    return null; //could not find the sequenceKey
  }
 

  public static SecurityManager getSecurityManager(ConfigurationContext context) throws SandeshaException {
    SecurityManager util = null;
    AxisConfiguration config = context.getAxisConfiguration();
    Parameter p = config.getParameter(Sandesha2Constants.SECURITY_MANAGER);
    if(p != null) util = (SecurityManager) p.getValue();
    if (util != null) return util;
View Full Code Here
93
94
95
96
97
98
99
100
101
102
103
104
105
106
    StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(context,context.getAxisConfiguration());
   
    // Check that the sender of this TerminateSequence holds the correct token
    RMDBean rmdBean = SandeshaUtil.getRMDBeanFromSequenceId(storageManager, sequenceId);
    if(rmdBean != null && rmdBean.getSecurityTokenData() != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(context);
      OMElement body = terminateSeqRMMsg.getSOAPEnvelope().getBody();
      SecurityToken token = secManager.recoverSecurityToken(rmdBean.getSecurityTokenData());
      secManager.checkProofOfPossession(token, body, terminateSeqRMMsg.getMessageContext());
    }

    if (FaultManager.checkForUnknownSequence(terminateSeqRMMsg, sequenceId, storageManager, false)) {
      if (log.isDebugEnabled())
        log.debug("Exit: TerminateSeqMsgProcessor::processInMessage, unknown sequence");
View Full Code Here
59
60
61
62
63
64
65
66
67
68
69
70
71
72
    String sequenceId = tsResponse.getIdentifier().getIdentifier();
    RMSBean rmsBean = SandeshaUtil.getRMSBeanFromSequenceId(storageManager, sequenceId);

    // Check that the sender of this TerminateSequence holds the correct token
    if(rmsBean != null && rmsBean.getSecurityTokenData() != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(context);
      OMElement body = terminateResRMMsg.getSOAPEnvelope().getBody();
      SecurityToken token = secManager.recoverSecurityToken(rmsBean.getSecurityTokenData());
      secManager.checkProofOfPossession(token, body, msgContext);
    }

    msgContext.setProperty(Sandesha2Constants.MessageContextProperties.INTERNAL_SEQUENCE_ID,rmsBean.getInternalSequenceID());

    //shedulling a polling request for the response side.
View Full Code Here
485
486
487
488
489
490
491
492
493
494
495
496
497
    if(bean!=null){
      tokenData = bean.getSecurityTokenData();
    }
    if(tokenData != null) {
      if (LoggingControl.isAnyTracingEnabled() && log.isDebugEnabled()) log.debug("debug:" + tokenData);
      SecurityManager secManager = SandeshaUtil.getSecurityManager(context.getConfigurationContext());
      SecurityToken token = secManager.recoverSecurityToken(tokenData);
      secManager.checkProofOfPossession(token, elementToCheck, context); //this will exception if there is no proof
    }
   
    if (LoggingControl.isAnyTracingEnabled() && log.isDebugEnabled())
      log.debug("Exit: SandeshaUtil::assertProofOfPossession");
  }
View Full Code Here
776
777
778
779
780
781
782
783
784
785
786
    return null; //could not find the sequenceKey
  }
 

  public static SecurityManager getSecurityManager(ConfigurationContext context) throws SandeshaException {
    SecurityManager util = null;
    AxisConfiguration config = context.getAxisConfiguration();
    Parameter p = config.getParameter(Sandesha2Constants.SECURITY_MANAGER);
    if(p != null) util = (SecurityManager) p.getValue();
    if (util != null) return util;
View Full Code Here
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
      StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(context, context.getAxisConfiguration());
     
      // If the inbound CreateSequence includes a SecurityTokenReference then
      // ask the security manager to resolve that to a token for us. We also
      // check that the Create was secured using the token.
      SecurityManager secManager = SandeshaUtil.getSecurityManager(context);
      OMElement theSTR = createSeqPart.getSecurityTokenReference();
      SecurityToken token = null;
      if(theSTR != null) {
        MessageContext msgcontext = createSeqRMMsg.getMessageContext();
        token = secManager.getSecurityToken(theSTR, msgcontext);
       
        // The create must be the body part of this message, so we check the
        // security of that element.
        OMElement body = msgcontext.getEnvelope().getBody();
        secManager.checkProofOfPossession(token, body, msgcontext);
      }
 
      //if toAddress is RMAnon we may need to terminate the request side sequence here.
      EndpointReference toEPR = createSeqMsg.getTo();
      if (toEPR.hasAnonymousAddress()) {
View Full Code Here
TOP

Related Classes of org.apache.sandesha2.security.SecurityManager

  • org.apache.axiom.om.OMElement
  • org.apache.axiom.om.OMFactory
  • org.apache.axiom.soap.SOAPEnvelope
  • org.apache.axiom.soap.SOAPFactory
  • org.apache.axiom.soap.SOAPHeader
  • org.apache.axis2.addressing.EndpointReference
  • org.apache.axis2.AxisFault
  • org.apache.axis2.client.MessageSender
  • org.apache.axis2.client.Options
  • org.apache.axis2.context.AbstractContext
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.