Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sun.xml.wss.provider.wsit
Class WSITClientAuthContext

java.lang.Object
  extended by com.sun.xml.wss.provider.wsit.WSITAuthContextBase
      extended by com.sun.xml.wss.provider.wsit.WSITClientAuthContext
All Implemented Interfaces:
ClientAuth, ClientAuthContext
public class WSITClientAuthContext
extends WSITAuthContextBase
implements ClientAuthContext

Author:
kumar jayanti

Field Summary
protected  java.lang.ref.WeakReference<WSITClientAuthConfig> authConfig
           
protected  int tubeOrPipeHashCode
           
 
Fields inherited from class com.sun.xml.wss.provider.wsit.WSITAuthContextBase
allowMissingTimestamp, bindingLevelAlgSuite, bpMSP, debug, DEFAULT_JMAC_HANDLER, disableIncPrefix, EMPTY_LIST, encHeaderContent, encRMLifecycleMsg, isCertValid, isCertValidityVerified, isEPREnabled, isSOAP12, issuedTokenContextMap, iterationsForPDK, jaxbContext, log, marshaller, mcVer, nextPipe, nextTube, optimized, pipeConfig, policyAlternatives, REQ_PACKET, RES_PACKET, rmVer, secEnv, securityMUValue, securityPolicyNamespaces, serverCert, soapFactory, soapVersion, spVersion, timestampTimeOut, unmarshaller, WSDLPORT, WSENDPOINT, wsscVer, wsTrustVer
 
Constructor Summary
WSITClientAuthContext(java.lang.String operation, javax.security.auth.Subject subject, java.util.Map<java.lang.Object,java.lang.Object> map, javax.security.auth.callback.CallbackHandler callbackHandler)
          Creates a new instance of WSITClientAuthContext
 
Method Summary
protected  void addIncomingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, SecurityPolicyHolder sph, com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
           
protected  SecurityPolicyHolder addIncomingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation, com.sun.xml.ws.policy.Policy policy, PolicyAlternativeHolder ph)
           
protected  void addIncomingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, java.lang.String protocol, PolicyAlternativeHolder ph)
           
protected  void addOutgoingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, SecurityPolicyHolder sph, com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
           
protected  SecurityPolicyHolder addOutgoingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation, com.sun.xml.ws.policy.Policy policy, PolicyAlternativeHolder ph)
           
protected  void addOutgoingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy, java.lang.String protocol, PolicyAlternativeHolder ph)
           
 void cleanSubject(MessageInfo messageInfo, javax.security.auth.Subject subject)
          Remove implementation specific principals and credentials from the subject.
protected  java.lang.String getAction(com.sun.xml.ws.api.model.wsdl.WSDLOperation operation, boolean inComming)
           
protected  java.util.List<com.sun.xml.ws.policy.PolicyAssertion> getIssuedTokenPolicies(com.sun.xml.ws.api.message.Packet packet, java.lang.String scope)
           
protected  void populateKerberosContext(com.sun.xml.ws.api.message.Packet packet, ProcessingContextImpl ctx, boolean isSCMessage)
           
protected  com.sun.xml.ws.api.message.Message secureOutboundMessage(com.sun.xml.ws.api.message.Message message, ProcessingContext ctx)
           
protected  javax.xml.soap.SOAPMessage secureOutboundMessage(javax.xml.soap.SOAPMessage message, ProcessingContext ctx)
           
 AuthStatus secureRequest(MessageInfo messageInfo, javax.security.auth.Subject clientSubject)
          Secure a service request message before sending it to the service.
 com.sun.xml.ws.api.message.Packet secureRequest(com.sun.xml.ws.api.message.Packet packet, javax.security.auth.Subject clientSubject, boolean isSCMessage)
           
 AuthStatus validateResponse(MessageInfo messageInfo, javax.security.auth.Subject clientSubject, javax.security.auth.Subject serviceSubject)
          Validate a received service response.
 com.sun.xml.ws.api.message.Packet validateResponse(com.sun.xml.ws.api.message.Packet req, javax.security.auth.Subject clientSubject, javax.security.auth.Subject serviceSubject)
           
protected  com.sun.xml.ws.api.message.Message verifyInboundMessage(com.sun.xml.ws.api.message.Message message, ProcessingContext ctx)
           
protected  javax.xml.soap.SOAPMessage verifyInboundMessage(javax.xml.soap.SOAPMessage message, ProcessingContext ctx)
           
 
Methods inherited from class com.sun.xml.wss.provider.wsit.WSITAuthContextBase
bindingHasIssuedTokenPolicy, bindingHasRMPolicy, bindingHasSecureConversationPolicy, buildProtocolPolicy, cachedOperation, cacheMessage, cacheOperation, cacheOperation, collectPolicies, constructPolicyHolder, constructPolicyHolder, generateInternalError, getAction, getAlgoSuite, getBindingAlgorithmSuite, getEffectiveBootstrapPolicy, getInBoundSCP, getIssuedTokenPoliciesFromBootstrapPolicy, getKerberosTokenPoliciesFromBootstrapPolicy, getOperation, getOperationKey, getOutBoundKTP, getOutBoundSCP, getOutgoingXWSBootstrapPolicy, getOutgoingXWSSecurityPolicy, getRequestPacket, getResponsePacket, getSecureConversationPolicies, getSOAPFault, getSOAPFaultException, getSOAPFaultException, getTokens, getWSDLOpFromAction, getWssAssertion, hasKerberosTokenPolicy, initializeInboundProcessingContext, initializeOutgoingProcessingContext, isAddressingEnabled, isMakeConnectionMessage, isRMMessage, isSCCancel, isSCMessage, isSCRenew, isTrustMessage, loadClass, loadGFHandler, populateConfigProperties, resetCachedOperation, resolveAlternative, setRequestPacket, setResponsePacket, unmarshalPolicy
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

authConfig

protected java.lang.ref.WeakReference<WSITClientAuthConfig> authConfig

tubeOrPipeHashCode

protected int tubeOrPipeHashCode
Constructor Detail

WSITClientAuthContext

public WSITClientAuthContext(java.lang.String operation,
                             javax.security.auth.Subject subject,
                             java.util.Map<java.lang.Object,java.lang.Object> map,
                             javax.security.auth.callback.CallbackHandler callbackHandler)
Creates a new instance of WSITClientAuthContext

Method Detail

secureRequest

public AuthStatus secureRequest(MessageInfo messageInfo,
                                javax.security.auth.Subject clientSubject)
                         throws AuthException
Description copied from interface: ClientAuth
Secure a service request message before sending it to the service.

This method is called to transform the request message acquired by calling getRequestMessage (on messageInfo) into the mechanism-specific form to be sent by the runtime.

This method conveys the outcome of its message processing either by returning an AuthStatus value or by throwing an AuthException.

Specified by:
secureRequest in interface ClientAuth
Parameters:
messageInfo - A contextual object that encapsulates the client request and server response objects, and that may be used to save state across a sequence of calls made to the methods of this interface for the purpose of completing a secure message exchange.
clientSubject - A Subject that represents the source of the service request, or null. It may be used by the method implementation as the source of Principals or credentials to be used to secure the request. If the Subject is not null, the method implementation may add additional Principals or credentials (pertaining to the source of the service request) to the Subject.
Returns:
An AuthStatus object representing the completion status of the processing performed by the method. The AuthStatus values that may be returned by this method are defined as follows:
  • AuthStatus.SUCCESS when the application request message was successfully secured. The secured request message may be obtained by calling getRequestMessage on messageInfo.
  • AuthStatus.SEND_CONTINUE to indicate that the application request message (within messageInfo) was replaced with a security message that should elicit a security-specific response from the peer security system. This status value also indicates that the application message has not yet been secured. This status value serves to inform the calling runtime that (to successfully complete the message exchange) it will need to be capable of continuing the message dialog by conducting at least one additional request/response exchange after having received the security-specific response elicited by sending the security message. When this status value is returned, the corresponding invocation of validateResponse must be able to obtain the original application request message.
  • AuthStatus.FAILURE to indicate that a failure occured while securing the request message, and that an appropriate failure response message is available by calling getResponseMessage on messageInfo.
Throws:
AuthException - When the message processing failed without establishing a failure response message (in messageInfo).

secureRequest

public com.sun.xml.ws.api.message.Packet secureRequest(com.sun.xml.ws.api.message.Packet packet,
                                                       javax.security.auth.Subject clientSubject,
                                                       boolean isSCMessage)
                                                throws XWSSecurityException
Throws:
XWSSecurityException

validateResponse

public AuthStatus validateResponse(MessageInfo messageInfo,
                                   javax.security.auth.Subject clientSubject,
                                   javax.security.auth.Subject serviceSubject)
                            throws AuthException
Description copied from interface: ClientAuth
Validate a received service response.

This method is called to transform the mechanism-specific response message acquired by calling getResponseMessage (on messageInfo) into the validated application message to be returned to the message processing runtime. If the response message is a (mechanism-specific) meta-message, the method implementation must attempt to transform the meta-message into the next mechanism-specific request message to be sent by the runtime.

This method conveys the outcome of its message processing either by returning an AuthStatus value or by throwing an AuthException.

Specified by:
validateResponse in interface ClientAuth
Parameters:
messageInfo - A contextual object that encapsulates the client request and server response objects, and that may be used to save state across a sequence of calls made to the methods of this interface for the purpose of completing a secure message exchange.
clientSubject - A Subject that represents the recipient of the service response, or null. It may be used by the method implementation as the source of Principals or credentials to be used to validate the response. If the Subject is not null, the method implementation may add additional Principals or credentials (pertaining to the recipient of the service request) to the Subject.
serviceSubject - A Subject that represents the source of the service response, or null. If the Subject is not null, the method implementation may add additional Principals or credentials (pertaining to the source of the service response) to the Subject.
Returns:
An AuthStatus object representing the completion status of the processing performed by the method. The AuthStatus values that may be returned by this method are defined as follows:
  • AuthStatus.SUCCESS when the application response message was successfully validated. The validated message is available by calling getResponseMessage on messageInfo.
  • AuthStatus.SEND_CONTINUE to indicate that response validation is incomplete, and that a continuation request was returned as the request message within messageInfo. This status value serves to inform the calling runtime that (to successfully complete the message exchange) it will need to be capable of continuing the message dialog by conducting at least one additional request/response exchange.
  • AuthStatus.FAILURE to indicate that validation of the response failed, and that a failure response message has been established in messageInfo.
Throws:
AuthException - When the message processing failed without establishing a failure response message (in messageInfo).

cleanSubject

public void cleanSubject(MessageInfo messageInfo,
                         javax.security.auth.Subject subject)
                  throws AuthException
Description copied from interface: ClientAuth
Remove implementation specific principals and credentials from the subject.

Specified by:
cleanSubject in interface ClientAuth
Parameters:
messageInfo - A contextual object that encapsulates the client request and server response objects, and that may be used to save state across a sequence of calls made to the methods of this interface for the purpose of completing a secure message exchange.
subject - The Subject instance from which the Principals and credentials are to be removed.
Throws:
AuthException - If an error occurs during the Subject processing.

validateResponse

public com.sun.xml.ws.api.message.Packet validateResponse(com.sun.xml.ws.api.message.Packet req,
                                                          javax.security.auth.Subject clientSubject,
                                                          javax.security.auth.Subject serviceSubject)
                                                   throws XWSSecurityException
Throws:
XWSSecurityException

secureOutboundMessage

protected javax.xml.soap.SOAPMessage secureOutboundMessage(javax.xml.soap.SOAPMessage message,
                                                           ProcessingContext ctx)
Overrides:
secureOutboundMessage in class WSITAuthContextBase

secureOutboundMessage

protected com.sun.xml.ws.api.message.Message secureOutboundMessage(com.sun.xml.ws.api.message.Message message,
                                                                   ProcessingContext ctx)
Overrides:
secureOutboundMessage in class WSITAuthContextBase

verifyInboundMessage

protected javax.xml.soap.SOAPMessage verifyInboundMessage(javax.xml.soap.SOAPMessage message,
                                                          ProcessingContext ctx)
                                                   throws WssSoapFaultException,
                                                          XWSSecurityException
Throws:
WssSoapFaultException
XWSSecurityException

verifyInboundMessage

protected com.sun.xml.ws.api.message.Message verifyInboundMessage(com.sun.xml.ws.api.message.Message message,
                                                                  ProcessingContext ctx)
                                                           throws XWSSecurityException
Throws:
XWSSecurityException

addOutgoingMP

protected SecurityPolicyHolder addOutgoingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation,
                                             com.sun.xml.ws.policy.Policy policy,
                                             PolicyAlternativeHolder ph)
                                      throws com.sun.xml.ws.policy.PolicyException
Specified by:
addOutgoingMP in class WSITAuthContextBase
Throws:
com.sun.xml.ws.policy.PolicyException

addIncomingMP

protected SecurityPolicyHolder addIncomingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation,
                                             com.sun.xml.ws.policy.Policy policy,
                                             PolicyAlternativeHolder ph)
                                      throws com.sun.xml.ws.policy.PolicyException
Specified by:
addIncomingMP in class WSITAuthContextBase
Throws:
com.sun.xml.ws.policy.PolicyException

addIncomingProtocolPolicy

protected void addIncomingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
                                         java.lang.String protocol,
                                         PolicyAlternativeHolder ph)
                                  throws com.sun.xml.ws.policy.PolicyException
Specified by:
addIncomingProtocolPolicy in class WSITAuthContextBase
Throws:
com.sun.xml.ws.policy.PolicyException

addOutgoingProtocolPolicy

protected void addOutgoingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
                                         java.lang.String protocol,
                                         PolicyAlternativeHolder ph)
                                  throws com.sun.xml.ws.policy.PolicyException
Specified by:
addOutgoingProtocolPolicy in class WSITAuthContextBase
Throws:
com.sun.xml.ws.policy.PolicyException

addIncomingFaultPolicy

protected void addIncomingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
                                      SecurityPolicyHolder sph,
                                      com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
                               throws com.sun.xml.ws.policy.PolicyException
Specified by:
addIncomingFaultPolicy in class WSITAuthContextBase
Throws:
com.sun.xml.ws.policy.PolicyException

addOutgoingFaultPolicy

protected void addOutgoingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
                                      SecurityPolicyHolder sph,
                                      com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
                               throws com.sun.xml.ws.policy.PolicyException
Specified by:
addOutgoingFaultPolicy in class WSITAuthContextBase
Throws:
com.sun.xml.ws.policy.PolicyException

getAction

protected java.lang.String getAction(com.sun.xml.ws.api.model.wsdl.WSDLOperation operation,
                                     boolean inComming)
Specified by:
getAction in class WSITAuthContextBase

getIssuedTokenPolicies

protected java.util.List<com.sun.xml.ws.policy.PolicyAssertion> getIssuedTokenPolicies(com.sun.xml.ws.api.message.Packet packet,
                                                                                       java.lang.String scope)

populateKerberosContext

protected void populateKerberosContext(com.sun.xml.ws.api.message.Packet packet,
                                       ProcessingContextImpl ctx,
                                       boolean isSCMessage)
                                throws XWSSecurityException
Throws:
XWSSecurityException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2005-2012 Oracle Corporation. All Rights Reserved.