public Packet validateRequest( Packet packet, Subject clientSubject, Subject serviceSubject, Map<Object, Object> sharedState) throws XWSSecurityException { Message msg = packet.getMessage(); boolean isSCIssueMessage = false; boolean isSCCancelMessage = false; boolean isTrustMessage = false; String msgId = null; String action = null; boolean thereWasAFault = false; // Do Security Processing for Incoming Message // ---------------INBOUND SECURITY VERIFICATION---------- ProcessingContext ctx = initializeInboundProcessingContext(packet); // update the client subject passed to the AuthModule itself. ctx.setExtraneousProperty(MessageConstants.AUTH_SUBJECT, clientSubject); ctx.setExtraneousProperty( ProcessingContext.OPERATION_RESOLVER, new PolicyResolverImpl( inMessagePolicyMap, inProtocolPM, cachedOperation(packet), pipeConfig, addVer, false, rmVer)); ctx.setExtraneousProperty("SessionManager", sessionManager); try { if (!optimized) { SOAPMessage soapMessage = msg.readAsSOAPMessage(); soapMessage = verifyInboundMessage(soapMessage, ctx); msg = Messages.create(soapMessage); } else { msg = verifyInboundMessage(msg, ctx); } } catch (WssSoapFaultException ex) { log.log(Level.SEVERE, LogStringsMessages.WSITPVD_0035_ERROR_VERIFY_INBOUND_MSG(), ex); thereWasAFault = true; SOAPFaultException sfe = SOAPUtil.getSOAPFaultException(ex, soapFactory, soapVersion); msg = Messages.create(sfe, soapVersion); } catch (XWSSecurityException xwse) { log.log(Level.SEVERE, LogStringsMessages.WSITPVD_0035_ERROR_VERIFY_INBOUND_MSG(), xwse); thereWasAFault = true; SOAPFaultException sfe = SOAPUtil.getSOAPFaultException(xwse, soapFactory, soapVersion); msg = Messages.create(sfe, soapVersion); } catch (XWSSecurityRuntimeException xwse) { log.log(Level.SEVERE, LogStringsMessages.WSITPVD_0035_ERROR_VERIFY_INBOUND_MSG(), xwse); thereWasAFault = true; SOAPFaultException sfe = SOAPUtil.getSOAPFaultException(xwse, soapFactory, soapVersion); msg = Messages.create(sfe, soapVersion); } catch (WebServiceException xwse) { log.log(Level.SEVERE, LogStringsMessages.WSITPVD_0035_ERROR_VERIFY_INBOUND_MSG(), xwse); thereWasAFault = true; SOAPFaultException sfe = SOAPUtil.getSOAPFaultException(xwse, soapFactory, soapVersion); msg = Messages.create(sfe, soapVersion); } catch (SOAPException se) { // internal error log.log(Level.SEVERE, LogStringsMessages.WSITPVD_0035_ERROR_VERIFY_INBOUND_MSG(), se); thereWasAFault = true; SOAPFaultException sfe = SOAPUtil.getSOAPFaultException(se, soapFactory, soapVersion); msg = Messages.create(sfe, soapVersion); } catch (Exception ex) { // NPE's from server need to be handled as well log.log(Level.SEVERE, LogStringsMessages.WSITPVD_0035_ERROR_VERIFY_INBOUND_MSG(), ex); thereWasAFault = true; SOAPFaultException sfe = SOAPUtil.getSOAPFaultException(ex, soapFactory, soapVersion); msg = Messages.create(sfe, soapVersion); } if (thereWasAFault) { sharedState.put("THERE_WAS_A_FAULT", Boolean.valueOf(thereWasAFault)); if (this.isAddressingEnabled()) { if (optimized) { packet.setMessage(((JAXBFilterProcessingContext) ctx).getPVMessage()); } Packet ret = packet.createServerResponse( msg, this.addVer, this.soapVersion, this.addVer.getDefaultFaultAction()); return ret; } else { packet.setMessage(msg); return packet; } } packet.setMessage(msg); if (isAddressingEnabled()) { action = getAction(packet); if (wsscVer.getSCTRequestAction().equals(action) || wsscVer.getSCTRenewRequestAction().equals(action)) { isSCIssueMessage = true; sharedState.put("IS_SC_ISSUE", TRUE); if (wsscConfig != null) { packet.invocationProperties.put( com.sun.xml.ws.security.impl.policy.Constants .SUN_SECURE_SERVER_CONVERSATION_POLICY_NS, wsscConfig.iterator()); } } else if (wsscVer.getSCTCancelRequestAction().equals(action)) { isSCCancelMessage = true; sharedState.put("IS_SC_CANCEL", TRUE); } else if (wsTrustVer.getIssueRequestAction().equals(action) || wsTrustVer.getValidateRequestAction().equals(action)) { isTrustMessage = true; sharedState.put("IS_TRUST_MESSAGE", TRUE); sharedState.put("TRUST_REQUEST_ACTION", action); // packet.getMessage().getHeaders().getTo(addVer, pipeConfig.getBinding().getSOAPVersion()); if (trustConfig != null) { packet.invocationProperties.put( com.sun.xml.ws.security.impl.policy.Constants.SUN_TRUST_SERVER_SECURITY_POLICY_NS, trustConfig.iterator()); } // set the SecurityEnvironment packet.invocationProperties.put(WSTrustConstants.SECURITY_ENVIRONMENT, secEnv); packet.invocationProperties.put(WSTrustConstants.WST_VERSION, this.wsTrustVer); IssuedTokenContext ictx = ((ProcessingContextImpl) ctx).getTrustContext(); if (ictx != null && ictx.getAuthnContextClass() != null) { packet.invocationProperties.put( WSTrustConstants.AUTHN_CONTEXT_CLASS, ictx.getAuthnContextClass()); } } if (isSCIssueMessage) { List<PolicyAssertion> policies = getInBoundSCP(packet.getMessage()); if (!policies.isEmpty()) { packet.invocationProperties.put(SC_ASSERTION, (PolicyAssertion) policies.get(0)); } } } if (!isSCIssueMessage) { WSDLBoundOperation cachedOperation = cacheOperation(msg, packet); if (cachedOperation == null) { if (addVer != null) { cachedOperation = getWSDLOpFromAction(packet, true); packet.invocationProperties.put("WSDL_BOUND_OPERATION", cachedOperation); } } } sharedState.put("VALIDATE_REQ_PACKET", packet); Packet retPacket = null; if (isSCIssueMessage || isSCCancelMessage) { // -------put application message on hold and invoke SC contract-------- retPacket = invokeSecureConversationContract(packet, ctx, isSCIssueMessage); // if this is SC message we need to secure it in ValidateRequest Itself retPacket = secureResponse(retPacket, serviceSubject, sharedState); } else { updateSCSessionInfo(packet); retPacket = packet; } return retPacket; }