public void handleMessage(Message message) throws Fault {
SecurityContext context = message.get(SecurityContext.class);
if (context == null) {
return;
}
Principal principal = context.getUserPrincipal();
UsernameToken usernameToken = (UsernameToken) message.get(SecurityToken.class);
if (principal == null
|| usernameToken == null
|| !principal.getName().equals(usernameToken.getName())) {
return;
}
// Read the user from Syncope and get the roles
WebClient client =
WebClient.create(address, Collections.singletonList(new JacksonJsonProvider()));
String authorizationHeader =
"Basic "
+ Base64Utility.encode(
(usernameToken.getName() + ":" + usernameToken.getPassword()).getBytes());
client.header("Authorization", authorizationHeader);
client = client.path("users/self");
UserTO user = null;
try {
user = client.get(UserTO.class);
if (user == null) {
Exception exception = new Exception("Authentication failed");
throw new Fault(exception);
}
} catch (RuntimeException ex) {
if (log.isDebugEnabled()) {
log.debug(ex.getMessage(), ex);
}
throw new Fault(ex);
}
// Now get the roles
List<MembershipTO> membershipList = user.getMemberships();
Subject subject = new Subject();
subject.getPrincipals().add(principal);
for (MembershipTO membership : membershipList) {
String roleName = membership.getRoleName();
subject.getPrincipals().add(new SimpleGroup(roleName, usernameToken.getName()));
}
subject.setReadOnly();
message.put(SecurityContext.class, new DefaultSecurityContext(principal, subject));
}
@Override
public void handleMessage(SoapMessage msg) throws Fault {
Endpoint ep = msg.getExchange().get(Endpoint.class);
sdc.set(ep.getSecurityDomainContext());
try {
SecurityToken token = msg.get(SecurityToken.class);
SecurityContext context = msg.get(SecurityContext.class);
if (token == null || context == null || context.getUserPrincipal() == null) {
super.handleMessage(msg);
return;
}
UsernameToken ut = (UsernameToken) token;
Subject subject =
createSubject(
ut.getName(), ut.getPassword(), ut.isHashed(), ut.getNonce(), ut.getCreatedTime());
SecurityContext sc = doCreateSecurityContext(context.getUserPrincipal(), subject);
msg.put(SecurityContext.class, sc);
} finally {
if (sdc != null) {
sdc.remove();
}
}
}
