private <T> void configureWSSecurity(Dispatch<T> dispatch) {
if (this.mcf.getAsSecurityType() == WSManagedConnectionFactory.SecurityType.WSSecurity) {
Bus bus = BusFactory.getThreadDefaultBus();
BusFactory.setThreadDefaultBus(this.mcf.getBus());
try {
Client client = ((DispatchImpl) dispatch).getClient();
Endpoint ep = client.getEndpoint();
// spring configuration file
if (this.mcf.getOutInterceptors() != null) {
for (Interceptor i : this.mcf.getOutInterceptors()) {
ep.getOutInterceptors().add(i);
}
}
// ws-security pass-thru from custom jaas domain
Subject subject = ConnectionContext.getSubject();
if (subject != null) {
WSSecurityCredential credential =
ConnectionContext.getSecurityCredential(subject, WSSecurityCredential.class);
if (credential != null) {
if (credential.useSts()) {
dispatch
.getRequestContext()
.put(SecurityConstants.STS_CLIENT, credential.buildStsClient(bus));
}
if (credential.getSecurityHandler() == WSSecurityCredential.SecurityHandler.WSS4J) {
ep.getOutInterceptors()
.add(new WSS4JOutInterceptor(credential.getRequestPropterties()));
ep.getInInterceptors()
.add(new WSS4JInInterceptor(credential.getResponsePropterties()));
} else if (credential.getSecurityHandler()
== WSSecurityCredential.SecurityHandler.WSPOLICY) {
dispatch.getRequestContext().putAll(credential.getRequestPropterties());
dispatch.getResponseContext().putAll(credential.getResponsePropterties());
}
}
// When properties are set on subject treat them as they can configure WS-Security
HashMap<String, String> properties =
ConnectionContext.getSecurityCredential(subject, HashMap.class);
for (String key : properties.keySet()) {
if (key.startsWith("ws-security.")) { // $NON-NLS-1$
ep.put(key, properties.get(key));
}
}
}
} finally {
BusFactory.setThreadDefaultBus(bus);
}
}
}
private <T> void setDispatchProperties(Dispatch<T> dispatch, String binding) {
if (this.mcf.getAsSecurityType() == WSManagedConnectionFactory.SecurityType.HTTPBasic) {
String userName = this.mcf.getAuthUserName();
String password = this.mcf.getAuthPassword();
// if security-domain is specified and caller identity is used; then use
// credentials from subject
Subject subject = ConnectionContext.getSubject();
if (subject != null) {
userName = ConnectionContext.getUserName(subject, this.mcf, userName);
password = ConnectionContext.getPassword(subject, this.mcf, userName, password);
}
dispatch.getRequestContext().put(Dispatch.USERNAME_PROPERTY, userName);
dispatch.getRequestContext().put(Dispatch.PASSWORD_PROPERTY, password);
} else if (this.mcf.getAsSecurityType() == WSManagedConnectionFactory.SecurityType.Kerberos) {
boolean credentialFound = false;
Subject subject = ConnectionContext.getSubject();
if (subject != null) {
GSSCredential credential =
ConnectionContext.getSecurityCredential(subject, GSSCredential.class);
if (credential != null) {
dispatch.getRequestContext().put(GSSCredential.class.getName(), credential);
credentialFound = true;
}
}
if (!credentialFound) {
throw new WebServiceException(
WSManagedConnectionFactory.UTIL.getString("no_gss_credential")); // $NON-NLS-1$
}
} else if (this.mcf.getAsSecurityType() == WSManagedConnectionFactory.SecurityType.OAuth) {
boolean credentialFound = false;
Subject subject = ConnectionContext.getSubject();
if (subject != null) {
OAuthCredential credential =
ConnectionContext.getSecurityCredential(subject, OAuthCredential.class);
if (credential != null) {
dispatch.getRequestContext().put(OAuthCredential.class.getName(), credential);
credentialFound = true;
}
}
if (!credentialFound) {
throw new WebServiceException(
WSManagedConnectionFactory.UTIL.getString("no_oauth_credential")); // $NON-NLS-1$
}
}
if (this.mcf.getRequestTimeout() != null) {
dispatch.getRequestContext().put(RECEIVE_TIMEOUT, this.mcf.getRequestTimeout());
}
if (this.mcf.getConnectTimeout() != null) {
dispatch.getRequestContext().put(CONNECTION_TIMEOUT, this.mcf.getConnectTimeout());
}
if (HTTPBinding.HTTP_BINDING.equals(binding)) {
Map<String, List<String>> httpHeaders =
(Map<String, List<String>>)
dispatch.getRequestContext().get(MessageContext.HTTP_REQUEST_HEADERS);
if (httpHeaders == null) {
httpHeaders = new HashMap<String, List<String>>();
}
httpHeaders.put(
"Content-Type",
Collections.singletonList("text/xml; charset=utf-8")); // $NON-NLS-1$ //$NON-NLS-2$
httpHeaders.put(
"User-Agent", Collections.singletonList("Teiid Server")); // $NON-NLS-1$ //$NON-NLS-2$
dispatch.getRequestContext().put(MessageContext.HTTP_REQUEST_HEADERS, httpHeaders);
}
}
