org.apache.openejb.server.cxf.ConfigureCxfSecurity Maven / Gradle / Ivy
/**
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.openejb.server.cxf;
import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.interceptor.InterceptorProvider;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.openejb.core.webservices.PortData;
import org.apache.openejb.util.LogCategory;
import org.apache.openejb.util.Logger;
import javax.xml.namespace.QName;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
/**
* Helper class to extract WSS4J properties from a set of properties. More over,
* it configures In and Out interceptor to manage WS-Security.
*/
public class ConfigureCxfSecurity {
private static final Logger LOGGER = Logger.getInstance(LogCategory.CXF, ConfigureCxfSecurity.class);
private static final Map DEFAULT_VALIDATOR_MAP = new HashMap() {{
put(new QName(
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
"UsernameToken"),
new OpenEJBLoginValidator());
}};
private static final String OPENEJB_ENDPOINT_CONFIGURATOR = "openejb.endpoint.configurator";
public static final void setupWSS4JChain(Endpoint endpoint, Properties inProps) {
final Map in = getPropsFromProperties(inProps, "wss4j.in.");
final Map out = getPropsFromProperties(inProps, "wss4j.out.");
if (!in.containsKey(WSS4JInInterceptor.VALIDATOR_MAP)) {
// default case, if user doesn't want it he should add: wss4j.in.validator.{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken = DummyImpl
in.put(WSS4JInInterceptor.VALIDATOR_MAP, DEFAULT_VALIDATOR_MAP);
}
setupWSS4JChain(endpoint, in, out);
}
public static Map getPropsFromProperties(Properties inProps, String pattern) {
final String validatorPrefix = pattern + "validator";
final String processorPrefix = pattern + "processor";
final Map validatorMap = new HashMap();
final Map processorMap = new HashMap();
final Map props = new HashMap();
String key, val;
for (Map.Entry
© 2015 - 2024 Weber Informatics LLC | Privacy Policy