コード例 #1
0
 private void removeContext(final Packet packet) {
   SecurityContextToken sct =
       (SecurityContextToken) packet.invocationProperties.get(MessageConstants.INCOMING_SCT);
   if (sct != null) {
     String strId = sct.getIdentifier().toString();
     if (strId != null) {
       issuedTokenContextMap.remove(strId);
       sessionManager.terminateSession(strId);
     }
   }
 }
コード例 #2
0
  @SuppressWarnings("unchecked")
  private void updateSCSessionInfo(Packet packet) {
    SecurityContextToken sct =
        (SecurityContextToken) packet.invocationProperties.get(MessageConstants.INCOMING_SCT);
    if (sct != null) {
      // get the secure session id
      String sessionId = sct.getIdentifier().toString();

      // put the secure session id the the message context
      packet.invocationProperties.put(Session.SESSION_ID_KEY, sessionId);
      packet.invocationProperties.put(
          Session.SESSION_KEY, sessionManager.getSession(sessionId).getUserData());
    }
  }
コード例 #3
0
  // The packet has the Message with RST/SCT inside it
  // TODO: Need to inspect if it is really a Issue or a Cancel
  private Packet invokeSecureConversationContract(
      Packet packet, ProcessingContext ctx, boolean isSCTIssue) {

    IssuedTokenContext ictx = new IssuedTokenContextImpl();
    ictx.getOtherProperties().put("SessionManager", sessionManager);
    Message msg = packet.getMessage();
    Message retMsg = null;
    String retAction = null;

    try {

      // Set the requestor authenticated Subject in the IssuedTokenContext
      Subject subject = SubjectAccessor.getRequesterSubject(ctx);
      ictx.setRequestorSubject(subject);

      WSTrustElementFactory wsscEleFac = WSTrustElementFactory.newInstance(wsscVer);
      JAXBElement rstEle =
          msg.readPayloadAsJAXB(WSTrustElementFactory.getContext(wsTrustVer).createUnmarshaller());
      BaseSTSRequest rst = wsscEleFac.createRSTFrom(rstEle);

      URI requestType = ((RequestSecurityToken) rst).getRequestType();
      BaseSTSResponse rstr = null;
      WSSCContract scContract = WSSCFactory.newWSSCContract(wsscVer);
      scContract.setWSSCServerConfig(
          (Iterator)
              packet.invocationProperties.get(
                  com.sun.xml.ws.security.impl.policy.Constants
                      .SUN_SECURE_SERVER_CONVERSATION_POLICY_NS));
      if (requestType.toString().equals(wsTrustVer.getIssueRequestTypeURI())) {
        List<PolicyAssertion> policies = getOutBoundSCP(packet.getMessage());
        rstr = scContract.issue(rst, ictx, (SecureConversationToken) policies.get(0));
        retAction = wsscVer.getSCTResponseAction();
        SecurityContextToken sct = (SecurityContextToken) ictx.getSecurityToken();
        String sctId = sct.getIdentifier().toString();

        Session session = sessionManager.getSession(sctId);
        if (session == null) {
          log.log(Level.SEVERE, LogStringsMessages.WSITPVD_0044_ERROR_SESSION_CREATION());
          throw new WSSecureConversationException(
              LogStringsMessages.WSITPVD_0044_ERROR_SESSION_CREATION());
        }

        // Put it here for RM to pick up
        packet.invocationProperties.put(Session.SESSION_ID_KEY, sctId);

        packet.invocationProperties.put(Session.SESSION_KEY, session.getUserData());

        IssuedTokenContext itctx = session.getSecurityInfo().getIssuedTokenContext();
        // add the subject of requestor
        itctx.setRequestorSubject(ictx.getRequestorSubject());
        // ((ProcessingContextImpl)ctx).getIssuedTokenContextMap().put(sctId, itctx);

      } else if (requestType.toString().equals(wsTrustVer.getRenewRequestTypeURI())) {
        List<PolicyAssertion> policies = getOutBoundSCP(packet.getMessage());
        retAction = wsscVer.getSCTRenewResponseAction();
        rstr = scContract.renew(rst, ictx, (SecureConversationToken) policies.get(0));
      } else if (requestType.toString().equals(wsTrustVer.getCancelRequestTypeURI())) {
        retAction = wsscVer.getSCTCancelResponseAction();
        rstr = scContract.cancel(rst, ictx);
      } else {
        log.log(
            Level.SEVERE,
            LogStringsMessages.WSITPVD_0045_UNSUPPORTED_OPERATION_EXCEPTION(requestType));
        throw new UnsupportedOperationException(
            LogStringsMessages.WSITPVD_0045_UNSUPPORTED_OPERATION_EXCEPTION(requestType));
      }

      // construct the complete message here containing the RSTR and the
      // correct Action headers if any and return the message.
      retMsg =
          Messages.create(
              WSTrustElementFactory.getContext(wsTrustVer).createMarshaller(),
              wsscEleFac.toJAXBElement(rstr),
              soapVersion);

    } catch (javax.xml.bind.JAXBException ex) {
      log.log(Level.SEVERE, LogStringsMessages.WSITPVD_0001_PROBLEM_MAR_UNMAR(), ex);
      throw new RuntimeException(LogStringsMessages.WSITPVD_0001_PROBLEM_MAR_UNMAR(), ex);
    } catch (com.sun.xml.wss.XWSSecurityException ex) {
      log.log(Level.SEVERE, LogStringsMessages.WSITPVD_0046_ERROR_INVOKE_SC_CONTRACT(), ex);
      throw new RuntimeException(LogStringsMessages.WSITPVD_0046_ERROR_INVOKE_SC_CONTRACT(), ex);
    } catch (WSSecureConversationException ex) {
      log.log(Level.SEVERE, LogStringsMessages.WSITPVD_0046_ERROR_INVOKE_SC_CONTRACT(), ex);
      throw new RuntimeException(LogStringsMessages.WSITPVD_0046_ERROR_INVOKE_SC_CONTRACT(), ex);
    }

    // SecurityContextToken sct = (SecurityContextToken)ictx.getSecurityToken();
    // String sctId = sct.getIdentifier().toString();
    // ((ProcessingContextImpl)ctx).getIssuedTokenContextMap().put(sctId, ictx);

    Packet retPacket = addAddressingHeaders(packet, retMsg, retAction);
    if (isSCTIssue) {
      List<PolicyAssertion> policies = getOutBoundSCP(packet.getMessage());

      if (!policies.isEmpty()) {
        retPacket.invocationProperties.put(SC_ASSERTION, (PolicyAssertion) policies.get(0));
      }
    }

    return retPacket;
  }