cxf: ConfigureCxfSecurity.java WSSPassThroughInterceptor.java

jlmonteiro Sun, 28 Nov 2010 23:56:15 -0800

Author: jlmonteiro
Date: Mon Nov 29 07:54:36 2010
New Revision: 1040029

URL: http://svn.apache.org/viewvc?rev=1040029&view=rev
Log:
OPENEJB-1405 WS Security mustUnderstand flag not treated when handlers are used


Added:
    
openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java
Modified:
    
openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java

Modified: 
openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java
URL: 
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java?rev=1040029&r1=1040028&r2=1040029&view=diff
==============================================================================
--- 
openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java
 (original)
+++ 
openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java
 Mon Nov 29 07:54:36 2010
@@ -29,7 +29,7 @@ import org.apache.ws.security.handler.WS
 
 /**
  * Helper class to extract WSS4J properties from a set of properties. More 
over,
- * it configures In and Out interceptor to manage WS6Security.
+ * it configures In and Out interceptor to manage WS-Security.
  *
  */
 public class ConfigureCxfSecurity {
@@ -65,6 +65,10 @@ public class ConfigureCxfSecurity {
        if (null != inProps && !inProps.isEmpty()) {
            endpoint.getInInterceptors().add(new SAAJInInterceptor());
            endpoint.getInInterceptors().add(new WSS4JInInterceptor(inProps));
+
+        // if WS Security is used with a JAX-WS handler (See EjbInterceptor), 
we have to deal with mustUnderstand flag
+        // in WS Security headers. So, let's add an interceptor
+        endpoint.getInInterceptors().add(new WSSPassThroughInterceptor());
        }
 
        if (null != outProps && !outProps.isEmpty()) {

Added: 
openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java
URL: 
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java?rev=1040029&view=auto
==============================================================================
--- 
openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java
 (added)
+++ 
openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java
 Mon Nov 29 07:54:36 2010
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.openejb.server.cxf;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.ws.security.WSConstants;
+
+import javax.xml.namespace.QName;
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * When using JAX-WS Handler, the {...@link 
org.apache.openejb.server.cxf.ejb.EjbInterceptor}
+ * adds the {...@link 
org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor}. OpenEJB now 
supports
+ * WS Security out of the box, so it must indicates WS Security headers have 
been treated. That is simply done
+ * using that fake interceptor.
+ *
+ * $Id$
+ */
+public class WSSPassThroughInterceptor extends AbstractSoapInterceptor {
+    private static final Set<QName> HEADERS = new HashSet<QName>();
+       static {
+           HEADERS.add(new QName(WSConstants.WSSE_NS, WSConstants.WSSE_LN));
+           HEADERS.add(new QName(WSConstants.WSSE11_NS, WSConstants.WSSE_LN));
+           HEADERS.add(new QName(WSConstants.ENC_NS, WSConstants.ENC_DATA_LN));
+       }
+
+       public WSSPassThroughInterceptor() {
+           super(Phase.PRE_PROTOCOL);
+       }
+
+       public WSSPassThroughInterceptor(String phase) {
+           super(phase);
+       }
+
+       @Override
+       public Set<QName> getUnderstoodHeaders() {
+           return HEADERS;
+       }
+
+       public void handleMessage(SoapMessage soapMessage) {
+           // do nothing
+           
+           // this interceptor simply returns all WS-Security headers in its 
getUnderstoodHeaders()
+           // method, so that CXF does not complain that they have not been 
"processed"
+           // this is useful if you only need to look at the non-encrypted XML
+       }
+
+}

svn commit: r1040029 - in /openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf: ConfigureCxfSecurity.java WSSPassThroughInterceptor.java

Reply via email to