Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.cxf.ws.security.wss4j;
import java.security.Principal;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.Vector;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.apache.cxf.binding.soap.SoapHeader;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.common.i18n.Message;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.headers.Header;
import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.security.DefaultSecurityContext;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.policy.PolicyException;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.policy.SP12Constants;
import org.apache.cxf.ws.security.policy.SPConstants;
import org.apache.cxf.ws.security.policy.model.UsernameToken;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.WSUsernameTokenPrincipal;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
import org.apache.ws.security.message.WSSecUsernameToken;
import org.apache.ws.security.processor.UsernameTokenProcessor;
/**
*
*/
public class UsernameTokenInterceptor extends AbstractSoapInterceptor {
private static final Logger LOG = LogUtils.getL7dLogger(UsernameTokenInterceptor.class);
private static final Set HEADERS = new HashSet();
static {
HEADERS.add(new QName(WSConstants.WSSE_NS, "Security"));
HEADERS.add(new QName(WSConstants.WSSE11_NS, "Security"));
}
/**
* @param p
*/
public UsernameTokenInterceptor() {
super(Phase.PRE_PROTOCOL);
addAfter(PolicyBasedWSS4JInInterceptor.class.getName());
addAfter(PolicyBasedWSS4JOutInterceptor.class.getName());
}
public Set getUnderstoodHeaders() {
return HEADERS;
}
public void handleMessage(SoapMessage message) throws Fault {
boolean isReq = MessageUtils.isRequestor(message);
boolean isOut = MessageUtils.isOutbound(message);
if (isReq != isOut) {
//outbound on server side and inbound on client side doesn't need
//any username token stuff, assert policies and return
assertUsernameTokens(message, null);
return;
}
if (isReq) {
if (message.containsKey(PolicyBasedWSS4JOutInterceptor.SECURITY_PROCESSED)) {
//The full policy interceptors handled this
return;
}
addUsernameToken(message);
} else {
if (message.containsKey(WSS4JInInterceptor.SECURITY_PROCESSED)) {
//The full policy interceptors handled this
return;
}
processUsernameToken(message);
}
}
private void processUsernameToken(SoapMessage message) {
Header h = findSecurityHeader(message, false);
if (h == null) {
return;
}
Element el = (Element)h.getObject();
Element child = DOMUtils.getFirstElement(el);
while (child != null) {
if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())) {
try {
final WSUsernameTokenPrincipal princ = getPrincipal(child, message);
if (princ != null) {
Vectorv = new Vector();
v.add(0, new WSSecurityEngineResult(WSConstants.UT, princ, null, null, null));
List