org.apache.ws.security.handler

Class WSHandler

java.lang.Object

org.apache.ws.security.handler.WSHandler

public abstract class WSHandler
extends Object

Extracted from WSDoAllReceiver and WSDoAllSender Extended to all passwordless UsernameTokens and configurable identities.

Author:

Davanum Srinivas (dims@yahoo.com)., Werner Dittmann (Werner.Dittmann@t-online.de)., Marcel Ammerlaan (marcel.ammerlaan@gmail.com).

Field Summary

Fields

Modifier and Type	Field and Description
protected Map<String,Crypto>	cryptos
protected WSSecurityEngine	secEngine

Constructor Summary

Constructors

Constructor and Description
WSHandler()

Method Summary

Methods

Modifier and Type	Method and Description
protected boolean	checkReceiverResults(List<WSSecurityEngineResult> wsResult, List<Integer> actions)
protected boolean	checkReceiverResultsAnyOrder(List<WSSecurityEngineResult> wsResult, List<Integer> actions)
protected void	checkSignatureConfirmation(RequestData reqData, List<WSSecurityEngineResult> resultList)
protected void	decodeAlgorithmSuite(RequestData reqData)
protected boolean	decodeAllowUsernameTokenNoPassword(RequestData reqData)
protected boolean	decodeBooleanConfigValue(RequestData reqData, String configTag, boolean defaultToTrue)
protected boolean	decodeBSPCompliance(RequestData reqData)
protected boolean	decodeCustomPasswordTypes(RequestData reqData)
protected void	decodeDecryptionParameter(RequestData reqData)
protected boolean	decodeEnableSignatureConfirmation(RequestData reqData)
protected void	decodeEncryptionParameter(RequestData reqData)
protected int	decodeFutureTimeToLive(RequestData reqData, boolean timestamp) Decode the FutureTimeToLive parameter for either a Timestamp or a UsernameToken Created element, depending on the boolean argument
protected boolean	decodeMustUnderstand(RequestData reqData)
protected boolean	decodeNamespaceQualifiedPasswordTypes(RequestData reqData)
protected String	decodePasswordType(RequestData reqData)
protected boolean	decodePasswordTypeStrict(RequestData reqData)
protected void	decodeRequireSignedEncryptedDataElements(RequestData reqData)
protected void	decodeSignatureParameter(RequestData reqData)
protected void	decodeSignatureParameter2(RequestData reqData)
protected boolean	decodeTimestampPrecision(RequestData reqData)
protected boolean	decodeTimestampStrict(RequestData reqData)
int	decodeTimeToLive(RequestData reqData, boolean timestamp) Decode the TimeToLive parameter for either a Timestamp or a UsernameToken Created element, depending on the boolean argument
protected boolean	decodeUseEncodedPasswords(RequestData reqData)
protected boolean	decodeUseSingleCertificate(RequestData reqData)
protected void	decodeUTParameter(RequestData reqData)
protected void	doReceiverAction(int doAction, RequestData reqData)
protected void	doSenderAction(int doAction, Document doc, RequestData reqData, List<Integer> actions, boolean isRequest) Performs all defined security actions to set-up the SOAP request.
CallbackHandler	getCallbackHandler(String callbackHandlerClass, String callbackHandlerRef, RequestData requestData) Get a CallbackHandler instance.
ClassLoader	getClassLoader(Object msgCtx) Returns the classloader to be used for loading the callback class
abstract Object	getOption(String key)
abstract String	getPassword(Object msgContext)
CallbackHandler	getPasswordCallbackHandler(RequestData reqData) Get a CallbackHandler instance to obtain passwords.
WSPasswordCallback	getPasswordCB(String username, int doAction, CallbackHandler callbackHandler, RequestData requestData) Get a password callback (WSPasswordCallback object) from a CallbackHandler instance
abstract Object	getProperty(Object msgContext, String key)
String	getString(String key, Object mc) Looks up key first via getOption(String) and if not found there, via getProperty(Object, String)
String	getStringOption(String key) Returns the option on name.
protected Crypto	loadCrypto(String cryptoPropertyFile, String cryptoPropertyRefId, RequestData requestData) Load a Crypto instance.
protected Crypto	loadCryptoFromPropertiesFile(String propFilename, RequestData reqData) A hook to allow subclass to load Crypto instances from property files in a different way.
protected Crypto	loadDecryptionCrypto(RequestData requestData) Hook to allow subclasses to load their Decryption Crypto however they see fit.
protected Crypto	loadEncryptionCrypto(RequestData requestData) Hook to allow subclasses to load their Encryption Crypto however they see fit.
Crypto	loadSignatureCrypto(RequestData requestData) Hook to allow subclasses to load their Signature Crypto however they see fit.
abstract void	setPassword(Object msgContext, String password)
abstract void	setProperty(Object msgContext, String key, Object value)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

secEngine

protected WSSecurityEngine secEngine

cryptos

protected Map<String,Crypto> cryptos

Constructor Detail

WSHandler

public WSHandler()

Method Detail

doSenderAction

protected void doSenderAction(int doAction,
                  Document doc,
                  RequestData reqData,
                  List<Integer> actions,
                  boolean isRequest)
                       throws WSSecurityException

Performs all defined security actions to set-up the SOAP request.

Parameters:

doAction - a set defining the actions to do

doc - the request as DOM document

reqData - a data storage to pass values around between methods

actions - a list holding the actions to do in the order defined in the deployment file or property

Throws:

WSSecurityException

doReceiverAction

protected void doReceiverAction(int doAction,
                    RequestData reqData)
                         throws WSSecurityException

Throws:

WSSecurityException

checkReceiverResults

protected boolean checkReceiverResults(List<WSSecurityEngineResult> wsResult,
                           List<Integer> actions)

checkReceiverResultsAnyOrder

protected boolean checkReceiverResultsAnyOrder(List<WSSecurityEngineResult> wsResult,
                                   List<Integer> actions)

checkSignatureConfirmation

protected void checkSignatureConfirmation(RequestData reqData,
                              List<WSSecurityEngineResult> resultList)
                                   throws WSSecurityException

Throws:

WSSecurityException

decodeUTParameter

protected void decodeUTParameter(RequestData reqData)
                          throws WSSecurityException

Throws:

WSSecurityException

decodeSignatureParameter

protected void decodeSignatureParameter(RequestData reqData)
                                 throws WSSecurityException

Throws:

WSSecurityException

decodeAlgorithmSuite

protected void decodeAlgorithmSuite(RequestData reqData)
                             throws WSSecurityException

Throws:

WSSecurityException

decodeEncryptionParameter

protected void decodeEncryptionParameter(RequestData reqData)
                                  throws WSSecurityException

Throws:

WSSecurityException

decodeTimeToLive

public int decodeTimeToLive(RequestData reqData,
                   boolean timestamp)

Decode the TimeToLive parameter for either a Timestamp or a UsernameToken Created element, depending on the boolean argument

decodeFutureTimeToLive

protected int decodeFutureTimeToLive(RequestData reqData,
                         boolean timestamp)

Decode the FutureTimeToLive parameter for either a Timestamp or a UsernameToken Created element, depending on the boolean argument

decodeBSPCompliance

protected boolean decodeBSPCompliance(RequestData reqData)
                               throws WSSecurityException

Throws:

WSSecurityException

decodePasswordType

protected String decodePasswordType(RequestData reqData)
                             throws WSSecurityException

Throws:

WSSecurityException

decodeMustUnderstand

protected boolean decodeMustUnderstand(RequestData reqData)
                                throws WSSecurityException

Throws:

WSSecurityException

decodeEnableSignatureConfirmation

protected boolean decodeEnableSignatureConfirmation(RequestData reqData)
                                             throws WSSecurityException

Throws:

WSSecurityException

decodeTimestampPrecision

protected boolean decodeTimestampPrecision(RequestData reqData)
                                    throws WSSecurityException

Throws:

WSSecurityException

decodeCustomPasswordTypes

protected boolean decodeCustomPasswordTypes(RequestData reqData)
                                     throws WSSecurityException

Throws:

WSSecurityException

decodeAllowUsernameTokenNoPassword

protected boolean decodeAllowUsernameTokenNoPassword(RequestData reqData)
                                              throws WSSecurityException

Throws:

WSSecurityException

decodeUseEncodedPasswords

protected boolean decodeUseEncodedPasswords(RequestData reqData)
                                     throws WSSecurityException

Throws:

WSSecurityException

decodeNamespaceQualifiedPasswordTypes

protected boolean decodeNamespaceQualifiedPasswordTypes(RequestData reqData)
                                                 throws WSSecurityException

Throws:

WSSecurityException

decodeTimestampStrict

protected boolean decodeTimestampStrict(RequestData reqData)
                                 throws WSSecurityException

Throws:

WSSecurityException

decodePasswordTypeStrict

protected boolean decodePasswordTypeStrict(RequestData reqData)
                                    throws WSSecurityException

Throws:

WSSecurityException

decodeUseSingleCertificate

protected boolean decodeUseSingleCertificate(RequestData reqData)
                                      throws WSSecurityException

Throws:

WSSecurityException

decodeRequireSignedEncryptedDataElements

protected void decodeRequireSignedEncryptedDataElements(RequestData reqData)
                                                 throws WSSecurityException

Throws:

WSSecurityException

decodeBooleanConfigValue

protected boolean decodeBooleanConfigValue(RequestData reqData,
                               String configTag,
                               boolean defaultToTrue)
                                    throws WSSecurityException

Throws:

WSSecurityException

loadSignatureCrypto

public Crypto loadSignatureCrypto(RequestData requestData)
                           throws WSSecurityException

Hook to allow subclasses to load their Signature Crypto however they see fit.

Parameters:

requestData - the RequestData object

Returns:

a Crypto instance to use for Signature creation/verification

Throws:

WSSecurityException

loadDecryptionCrypto

protected Crypto loadDecryptionCrypto(RequestData requestData)
                               throws WSSecurityException

Hook to allow subclasses to load their Decryption Crypto however they see fit.

Parameters:

requestData - the RequestData object

Returns:

a Crypto instance to use for Decryption creation/verification

Throws:

WSSecurityException

loadEncryptionCrypto

protected Crypto loadEncryptionCrypto(RequestData requestData)
                               throws WSSecurityException

Hook to allow subclasses to load their Encryption Crypto however they see fit.

Parameters:

requestData - the RequestData object

Returns:

a Crypto instance to use for Encryption creation/verification

Throws:

WSSecurityException

loadCrypto

protected Crypto loadCrypto(String cryptoPropertyFile,
                String cryptoPropertyRefId,
                RequestData requestData)
                     throws WSSecurityException

Load a Crypto instance. Firstly, it tries to use the cryptoPropertyRefId tag to retrieve a Crypto object via a custom reference Id. Failing this, it tries to load the crypto instance via the cryptoPropertyFile tag.

Parameters:

requestData - the RequestData object

Returns:

a Crypto instance to use for Encryption creation/verification

Throws:

WSSecurityException

loadCryptoFromPropertiesFile

protected Crypto loadCryptoFromPropertiesFile(String propFilename,
                                  RequestData reqData)
                                       throws WSSecurityException

A hook to allow subclass to load Crypto instances from property files in a different way.

Parameters:

propFilename - The property file name

reqData - The RequestData object

Returns:

A Crypto instance that has been loaded

Throws:

WSSecurityException

getCallbackHandler

public CallbackHandler getCallbackHandler(String callbackHandlerClass,
                                 String callbackHandlerRef,
                                 RequestData requestData)
                                   throws WSSecurityException

Get a CallbackHandler instance. First try to get an instance via the callbackHandlerRef on the message context. Failing that, try to load a new instance of the CallbackHandler via the callbackHandlerClass argument.

Parameters:

callbackHandlerClass - The class name of the CallbackHandler instance

callbackHandlerRef - The reference name of the CallbackHandler instance

requestData - The RequestData which supplies the message context

Returns:

a CallbackHandler instance

Throws:

WSSecurityException

getPasswordCallbackHandler

public CallbackHandler getPasswordCallbackHandler(RequestData reqData)
                                           throws WSSecurityException

Get a CallbackHandler instance to obtain passwords.

Parameters:

reqData - The RequestData which supplies the message context

Returns:

the CallbackHandler instance to obtain passwords.

Throws:

WSSecurityException

getPasswordCB

public WSPasswordCallback getPasswordCB(String username,
                               int doAction,
                               CallbackHandler callbackHandler,
                               RequestData requestData)
                                 throws WSSecurityException

Get a password callback (WSPasswordCallback object) from a CallbackHandler instance

Parameters:

username - The username to supply to the CallbackHandler

doAction - The action to perform

callbackHandler - The CallbackHandler instance

requestData - The RequestData which supplies the message context

Returns:

the WSPasswordCallback object containing the password

Throws:

WSSecurityException

decodeSignatureParameter2

protected void decodeSignatureParameter2(RequestData reqData)
                                  throws WSSecurityException

Throws:

WSSecurityException

decodeDecryptionParameter

protected void decodeDecryptionParameter(RequestData reqData)
                                  throws WSSecurityException

Throws:

WSSecurityException

getString

public String getString(String key,
               Object mc)

Looks up key first via getOption(String) and if not found there, via getProperty(Object, String)

Parameters:

key - the key to search for. May not be null.

mc - the message context to search.

Returns:

the value found.

Throws:

IllegalArgumentException - if key is null.

getStringOption

public String getStringOption(String key)

Returns the option on name.

Parameters:

key - the non-null key of the option.

Returns:

the option on key if key exists and is of type java.lang.String; otherwise null.

getClassLoader

public ClassLoader getClassLoader(Object msgCtx)

Returns the classloader to be used for loading the callback class

Parameters:

msgCtx - The MessageContext

Returns:

class loader

getOption

public abstract Object getOption(String key)

getProperty

public abstract Object getProperty(Object msgContext,
                 String key)

setProperty

public abstract void setProperty(Object msgContext,
               String key,
               Object value)

getPassword

public abstract String getPassword(Object msgContext)

setPassword

public abstract void setPassword(Object msgContext,
               String password)