com.sun.xml.wss.provider.wsit
Class WSITServerAuthContext
java.lang.Object
com.sun.xml.wss.provider.wsit.WSITAuthContextBase
com.sun.xml.wss.provider.wsit.WSITServerAuthContext
- All Implemented Interfaces:
- ServerAuthContext, ServerAuth
public class WSITServerAuthContext
- extends WSITAuthContextBase
- implements ServerAuthContext
- Author:
- kumar jayanti
|
Field Summary |
protected static java.lang.String |
TRUE
|
| Fields inherited from class com.sun.xml.wss.provider.wsit.WSITAuthContextBase |
allowMissingTimestamp, bindingLevelAlgSuite, bpMSP, debug, DEFAULT_JMAC_HANDLER, disableIncPrefix, EMPTY_LIST, encHeaderContent, encRMLifecycleMsg, isCertValid, isCertValidityVerified, isEPREnabled, isSOAP12, issuedTokenContextMap, iterationsForPDK, jaxbContext, log, marshaller, mcVer, nextPipe, nextTube, optimized, pipeConfig, policyAlternatives, REQ_PACKET, RES_PACKET, rmVer, secEnv, securityMUValue, securityPolicyNamespaces, serverCert, soapFactory, soapVersion, spVersion, timestampTimeOut, unmarshaller, WSDLPORT, WSENDPOINT, wsscVer, wsTrustVer |
|
Constructor Summary |
WSITServerAuthContext(java.lang.String operation,
javax.security.auth.Subject subject,
java.util.Map<java.lang.Object,java.lang.Object> map,
javax.security.auth.callback.CallbackHandler callbackHandler)
Creates a new instance of WSITServerAuthContext |
|
Method Summary |
protected void |
addIncomingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
SecurityPolicyHolder sph,
com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
|
protected SecurityPolicyHolder |
addIncomingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation,
com.sun.xml.ws.policy.Policy policy,
PolicyAlternativeHolder ph)
|
protected void |
addIncomingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
java.lang.String protocol,
PolicyAlternativeHolder ph)
|
protected void |
addOutgoingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
SecurityPolicyHolder sph,
com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
|
protected SecurityPolicyHolder |
addOutgoingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation,
com.sun.xml.ws.policy.Policy policy,
PolicyAlternativeHolder ph)
|
protected void |
addOutgoingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
java.lang.String protocol,
PolicyAlternativeHolder ph)
|
protected boolean |
bindingHasIssuedTokenPolicy()
|
protected boolean |
bindingHasRMPolicy()
|
protected boolean |
bindingHasSecureConversationPolicy()
|
void |
cleanSubject(MessageInfo messageInfo,
javax.security.auth.Subject subject)
Remove method specific principals and credentials from the subject. |
protected java.lang.String |
getAction(com.sun.xml.ws.api.model.wsdl.WSDLOperation operation,
boolean inComming)
|
protected MessagePolicy |
getOutgoingFaultPolicy(com.sun.xml.ws.api.message.Packet packet)
|
protected MessagePolicy |
getOutgoingXWSSecurityPolicy(com.sun.xml.ws.api.message.Packet packet,
boolean isSCMessage)
|
protected ProcessingContext |
initializeOutgoingProcessingContext(com.sun.xml.ws.api.message.Packet packet,
boolean isSCMessage)
|
AuthStatus |
secureResponse(MessageInfo messageInfo,
javax.security.auth.Subject serviceSubject)
Secure a service response before sending it to the client. |
com.sun.xml.ws.api.message.Packet |
secureResponse(com.sun.xml.ws.api.message.Packet retPacket,
javax.security.auth.Subject serviceSubject,
java.util.Map sharedState)
|
AuthStatus |
validateRequest(MessageInfo messageInfo,
javax.security.auth.Subject clientSubject,
javax.security.auth.Subject serviceSubject)
Authenticate a received service request. |
com.sun.xml.ws.api.message.Packet |
validateRequest(com.sun.xml.ws.api.message.Packet packet,
javax.security.auth.Subject clientSubject,
javax.security.auth.Subject serviceSubject,
java.util.Map<java.lang.Object,java.lang.Object> sharedState)
|
protected com.sun.xml.ws.api.message.Message |
verifyInboundMessage(com.sun.xml.ws.api.message.Message message,
ProcessingContext ctx)
|
protected SOAPMessage |
verifyInboundMessage(SOAPMessage message,
ProcessingContext ctx)
|
| Methods inherited from class com.sun.xml.wss.provider.wsit.WSITAuthContextBase |
buildProtocolPolicy, cachedOperation, cacheMessage, cacheOperation, cacheOperation, collectPolicies, constructPolicyHolder, constructPolicyHolder, generateInternalError, getAction, getAlgoSuite, getBindingAlgorithmSuite, getEffectiveBootstrapPolicy, getInBoundSCP, getIssuedTokenPoliciesFromBootstrapPolicy, getKerberosTokenPoliciesFromBootstrapPolicy, getOperation, getOperationKey, getOutBoundKTP, getOutBoundSCP, getOutgoingXWSBootstrapPolicy, getRequestPacket, getResponsePacket, getSecureConversationPolicies, getSOAPFault, getSOAPFaultException, getSOAPFaultException, getTokens, getWSDLOpFromAction, getWssAssertion, hasKerberosTokenPolicy, initializeInboundProcessingContext, isAddressingEnabled, isMakeConnectionMessage, isRMMessage, isSCCancel, isSCMessage, isSCRenew, isTrustMessage, loadClass, loadGFHandler, populateConfigProperties, resetCachedOperation, resolveAlternative, secureOutboundMessage, secureOutboundMessage, setRequestPacket, setResponsePacket, unmarshalPolicy |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
TRUE
protected static final java.lang.String TRUE
- See Also:
- Constant Field Values
WSITServerAuthContext
public WSITServerAuthContext(java.lang.String operation,
javax.security.auth.Subject subject,
java.util.Map<java.lang.Object,java.lang.Object> map,
javax.security.auth.callback.CallbackHandler callbackHandler)
- Creates a new instance of WSITServerAuthContext
validateRequest
public AuthStatus validateRequest(MessageInfo messageInfo,
javax.security.auth.Subject clientSubject,
javax.security.auth.Subject serviceSubject)
throws AuthException
- Description copied from interface:
ServerAuth
- Authenticate a received service request.
This method is called to transform the mechanism-specific request
message acquired by calling getRequestMessage (on messageInfo)
into the validated application message to be returned to the message
processing runtime.
If the received message is a (mechanism-specific) meta-message,
the method implementation must attempt to transform the meta-message
into a corresponding mechanism-specific response message, or to the
validated application request message.
The runtime will bind a validated application message into the
the corresponding service invocation.
This method conveys the outcome of its message processing either
by returning an AuthStatus value or by throwing an AuthException.
- Specified by:
validateRequest in interface ServerAuth
- Parameters:
messageInfo - A contextual object that encapsulates the
client request and server response objects, and that may be
used to save state across a sequence of calls made to the
methods of this interface for the purpose of completing a
secure message exchange.clientSubject - A Subject that represents the source of the
service
request. It is used by the method implementation to store
Principals and credentials validated in the request.serviceSubject - A Subject that represents the recipient of the
service request, or null. It may be used by the method
implementation as the source of Principals or credentials to
be used to validate the request. If the Subject is not null,
the method implementation may add additional Principals or
credentials (pertaining to the recipient of the service
request) to the Subject.
- Returns:
- An AuthStatus object representing the completion status of
the processing performed by the method.
The AuthStatus values that may be returned by this method
are defined as follows:
- AuthStatus.SUCCESS when the application request message
was successfully validated. The validated request message is
available by calling getRequestMessage on messageInfo.
- AuthStatus.SEND_SUCCESS to indicate that validation/processing
of the request message successfully produced the secured application
response message (in messageInfo). The secured response message is
available by calling getResponseMessage on messageInfo.
- AuthStatus.SEND_CONTINUE to indicate that message validation is
incomplete, and that a preliminary response was returned as the
response message in messageInfo.
When this status value is returned to challenge an
application request message, the challenged request must be saved
by the authentication module such that it can be recovered
when the module's validateRequest message is called to process
the request returned for the challenge.
- AuthStatus.SEND_FAILURE to indicate that message validation failed
and that an appropriate failure response message is available by
calling getResponseMessage on messageInfo.
- Throws:
AuthException - When the message processing failed without
establishing a failure response message (in messageInfo).
secureResponse
public AuthStatus secureResponse(MessageInfo messageInfo,
javax.security.auth.Subject serviceSubject)
throws AuthException
- Description copied from interface:
ServerAuth
- Secure a service response before sending it to the client.
This method is called to transform the response message acquired by
calling getResponseMessage (on messageInfo) into the mechanism-specific
form to be sent by the runtime.
This method conveys the outcome of its message processing either
by returning an AuthStatus value or by throwing an AuthException.
- Specified by:
secureResponse in interface ServerAuth
- Parameters:
messageInfo - A contextual object that encapsulates the
client request and server response objects, and that may be
used to save state across a sequence of calls made to the
methods of this interface for the purpose of completing a
secure message exchange.serviceSubject - A Subject that represents the source of the
service
response, or null. It may be used by the method implementation
to retrieve Principals and credentials necessary to secure
the response. If the Subject is not null,
the method implementation may add additional Principals or
credentials (pertaining to the source of the service
response) to the Subject.
- Returns:
- An AuthStatus object representing the completion status of
the processing performed by the method.
The AuthStatus values that may be returned by this method
are defined as follows:
- AuthStatus.SEND_SUCCESS when the application response
message was successfully secured. The secured response message may be
obtained by calling getResponseMessage on messageInfo.
- AuthStatus.SEND_CONTINUE to indicate that the application response
message (within messageInfo) was replaced with a security message
that should elicit a security-specific response (in the form of a
request) from the peer.
This status value serves to inform the calling runtime that
(to successfully complete the message exchange) it will
need to be capable of continuing the message dialog by processing
at least one additional request/response exchange (after having
sent the response message returned in messageInfo).
When this status value is returned, the application response must
be saved by the authentication module such that it can be recovered
when the module's validateRequest message is called to process
the elicited response.
- AuthStatus.SEND_FAILURE to indicate that a failure occurred while
securing the response message and that an appropriate failure response
message is available by calling getResponseMeessage on messageInfo.
- Throws:
AuthException - When the message processing failed without
establishing a failure response message (in messageInfo).
cleanSubject
public void cleanSubject(MessageInfo messageInfo,
javax.security.auth.Subject subject)
throws AuthException
- Description copied from interface:
ServerAuth
- Remove method specific principals and credentials from the subject.
- Specified by:
cleanSubject in interface ServerAuth
- Parameters:
messageInfo - a contextual object that encapsulates the
client request and server response objects, and that may be
used to save state across a sequence of calls made to the
methods of this interface for the purpose of completing a
secure message exchange.subject - the Subject instance from which the Principals and
credentials are to be removed.
- Throws:
AuthException - If an error occurs during the Subject
processing.
validateRequest
public com.sun.xml.ws.api.message.Packet validateRequest(com.sun.xml.ws.api.message.Packet packet,
javax.security.auth.Subject clientSubject,
javax.security.auth.Subject serviceSubject,
java.util.Map<java.lang.Object,java.lang.Object> sharedState)
throws XWSSecurityException
- Throws:
XWSSecurityException
secureResponse
public com.sun.xml.ws.api.message.Packet secureResponse(com.sun.xml.ws.api.message.Packet retPacket,
javax.security.auth.Subject serviceSubject,
java.util.Map sharedState)
throws XWSSecurityException
- Throws:
XWSSecurityException
verifyInboundMessage
protected SOAPMessage verifyInboundMessage(SOAPMessage message,
ProcessingContext ctx)
throws WssSoapFaultException,
XWSSecurityException
- Throws:
WssSoapFaultException
XWSSecurityException
verifyInboundMessage
protected com.sun.xml.ws.api.message.Message verifyInboundMessage(com.sun.xml.ws.api.message.Message message,
ProcessingContext ctx)
throws XWSSecurityException
- Throws:
XWSSecurityException
initializeOutgoingProcessingContext
protected ProcessingContext initializeOutgoingProcessingContext(com.sun.xml.ws.api.message.Packet packet,
boolean isSCMessage)
- Overrides:
initializeOutgoingProcessingContext in class WSITAuthContextBase
getOutgoingXWSSecurityPolicy
protected MessagePolicy getOutgoingXWSSecurityPolicy(com.sun.xml.ws.api.message.Packet packet,
boolean isSCMessage)
- Overrides:
getOutgoingXWSSecurityPolicy in class WSITAuthContextBase
getOutgoingFaultPolicy
protected MessagePolicy getOutgoingFaultPolicy(com.sun.xml.ws.api.message.Packet packet)
bindingHasIssuedTokenPolicy
protected boolean bindingHasIssuedTokenPolicy()
- Overrides:
bindingHasIssuedTokenPolicy in class WSITAuthContextBase
bindingHasSecureConversationPolicy
protected boolean bindingHasSecureConversationPolicy()
- Overrides:
bindingHasSecureConversationPolicy in class WSITAuthContextBase
bindingHasRMPolicy
protected boolean bindingHasRMPolicy()
- Overrides:
bindingHasRMPolicy in class WSITAuthContextBase
addOutgoingMP
protected SecurityPolicyHolder addOutgoingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation,
com.sun.xml.ws.policy.Policy policy,
PolicyAlternativeHolder ph)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addOutgoingMP in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
addIncomingMP
protected SecurityPolicyHolder addIncomingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation,
com.sun.xml.ws.policy.Policy policy,
PolicyAlternativeHolder ph)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addIncomingMP in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
addIncomingProtocolPolicy
protected void addIncomingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
java.lang.String protocol,
PolicyAlternativeHolder ph)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addIncomingProtocolPolicy in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
addOutgoingProtocolPolicy
protected void addOutgoingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
java.lang.String protocol,
PolicyAlternativeHolder ph)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addOutgoingProtocolPolicy in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
addIncomingFaultPolicy
protected void addIncomingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
SecurityPolicyHolder sph,
com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addIncomingFaultPolicy in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
addOutgoingFaultPolicy
protected void addOutgoingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
SecurityPolicyHolder sph,
com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addOutgoingFaultPolicy in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
getAction
protected java.lang.String getAction(com.sun.xml.ws.api.model.wsdl.WSDLOperation operation,
boolean inComming)
- Specified by:
getAction in class WSITAuthContextBase
Copyright © 2005-2011 Oracle Corporation. All Rights Reserved.