com.sun.xml.wss.provider.wsit
Class WSITClientAuthContext
java.lang.Object
com.sun.xml.wss.provider.wsit.WSITAuthContextBase
com.sun.xml.wss.provider.wsit.WSITClientAuthContext
- All Implemented Interfaces:
- ClientAuth, ClientAuthContext
public class WSITClientAuthContext
- extends WSITAuthContextBase
- implements ClientAuthContext
- Author:
- kumar jayanti
| Fields inherited from class com.sun.xml.wss.provider.wsit.WSITAuthContextBase |
allowMissingTimestamp, bindingLevelAlgSuite, bpMSP, debug, DEFAULT_JMAC_HANDLER, disableIncPrefix, EMPTY_LIST, encHeaderContent, encRMLifecycleMsg, isCertValid, isCertValidityVerified, isEPREnabled, isSOAP12, issuedTokenContextMap, iterationsForPDK, jaxbContext, log, marshaller, mcVer, nextPipe, nextTube, optimized, pipeConfig, policyAlternatives, REQ_PACKET, RES_PACKET, rmVer, secEnv, securityMUValue, securityPolicyNamespaces, serverCert, soapFactory, soapVersion, spVersion, timestampTimeOut, unmarshaller, WSDLPORT, WSENDPOINT, wsscVer, wsTrustVer |
|
Constructor Summary |
WSITClientAuthContext(java.lang.String operation,
javax.security.auth.Subject subject,
java.util.Map<java.lang.Object,java.lang.Object> map,
javax.security.auth.callback.CallbackHandler callbackHandler)
Creates a new instance of WSITClientAuthContext |
|
Method Summary |
protected void |
addIncomingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
SecurityPolicyHolder sph,
com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
|
protected SecurityPolicyHolder |
addIncomingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation,
com.sun.xml.ws.policy.Policy policy,
PolicyAlternativeHolder ph)
|
protected void |
addIncomingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
java.lang.String protocol,
PolicyAlternativeHolder ph)
|
protected void |
addOutgoingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
SecurityPolicyHolder sph,
com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
|
protected SecurityPolicyHolder |
addOutgoingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation,
com.sun.xml.ws.policy.Policy policy,
PolicyAlternativeHolder ph)
|
protected void |
addOutgoingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
java.lang.String protocol,
PolicyAlternativeHolder ph)
|
void |
cleanSubject(MessageInfo messageInfo,
javax.security.auth.Subject subject)
Remove implementation specific principals and credentials from the
subject. |
protected java.lang.String |
getAction(com.sun.xml.ws.api.model.wsdl.WSDLOperation operation,
boolean inComming)
|
protected java.util.List<com.sun.xml.ws.policy.PolicyAssertion> |
getIssuedTokenPolicies(com.sun.xml.ws.api.message.Packet packet,
java.lang.String scope)
|
protected void |
populateKerberosContext(com.sun.xml.ws.api.message.Packet packet,
ProcessingContextImpl ctx,
boolean isSCMessage)
|
protected com.sun.xml.ws.api.message.Message |
secureOutboundMessage(com.sun.xml.ws.api.message.Message message,
ProcessingContext ctx)
|
protected SOAPMessage |
secureOutboundMessage(SOAPMessage message,
ProcessingContext ctx)
|
AuthStatus |
secureRequest(MessageInfo messageInfo,
javax.security.auth.Subject clientSubject)
Secure a service request message before sending it to the service. |
com.sun.xml.ws.api.message.Packet |
secureRequest(com.sun.xml.ws.api.message.Packet packet,
javax.security.auth.Subject clientSubject,
boolean isSCMessage)
|
AuthStatus |
validateResponse(MessageInfo messageInfo,
javax.security.auth.Subject clientSubject,
javax.security.auth.Subject serviceSubject)
Validate a received service response. |
com.sun.xml.ws.api.message.Packet |
validateResponse(com.sun.xml.ws.api.message.Packet req,
javax.security.auth.Subject clientSubject,
javax.security.auth.Subject serviceSubject)
|
protected com.sun.xml.ws.api.message.Message |
verifyInboundMessage(com.sun.xml.ws.api.message.Message message,
ProcessingContext ctx)
|
protected SOAPMessage |
verifyInboundMessage(SOAPMessage message,
ProcessingContext ctx)
|
| Methods inherited from class com.sun.xml.wss.provider.wsit.WSITAuthContextBase |
bindingHasIssuedTokenPolicy, bindingHasRMPolicy, bindingHasSecureConversationPolicy, buildProtocolPolicy, cachedOperation, cacheMessage, cacheOperation, cacheOperation, collectPolicies, constructPolicyHolder, constructPolicyHolder, generateInternalError, getAction, getAlgoSuite, getBindingAlgorithmSuite, getEffectiveBootstrapPolicy, getInBoundSCP, getIssuedTokenPoliciesFromBootstrapPolicy, getKerberosTokenPoliciesFromBootstrapPolicy, getOperation, getOperationKey, getOutBoundKTP, getOutBoundSCP, getOutgoingXWSBootstrapPolicy, getOutgoingXWSSecurityPolicy, getRequestPacket, getResponsePacket, getSecureConversationPolicies, getSOAPFault, getSOAPFaultException, getSOAPFaultException, getTokens, getWSDLOpFromAction, getWssAssertion, hasKerberosTokenPolicy, initializeInboundProcessingContext, initializeOutgoingProcessingContext, isAddressingEnabled, isMakeConnectionMessage, isRMMessage, isSCCancel, isSCMessage, isSCRenew, isTrustMessage, loadClass, loadGFHandler, populateConfigProperties, resetCachedOperation, resolveAlternative, setRequestPacket, setResponsePacket, unmarshalPolicy |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
authConfig
protected java.lang.ref.WeakReference<WSITClientAuthConfig> authConfig
tubeOrPipeHashCode
protected int tubeOrPipeHashCode
WSITClientAuthContext
public WSITClientAuthContext(java.lang.String operation,
javax.security.auth.Subject subject,
java.util.Map<java.lang.Object,java.lang.Object> map,
javax.security.auth.callback.CallbackHandler callbackHandler)
- Creates a new instance of WSITClientAuthContext
secureRequest
public AuthStatus secureRequest(MessageInfo messageInfo,
javax.security.auth.Subject clientSubject)
throws AuthException
- Description copied from interface:
ClientAuth
- Secure a service request message before sending it to the service.
This method is called to transform the request message acquired
by calling getRequestMessage (on messageInfo) into the
mechanism-specific form to be sent by the runtime.
This method conveys the outcome of its message processing either
by returning an AuthStatus value or by throwing an AuthException.
- Specified by:
secureRequest in interface ClientAuth
- Parameters:
messageInfo - A contextual object that encapsulates the
client request and server response objects, and that may be
used to save state across a sequence of calls made to the
methods of this interface for the purpose of completing a
secure message exchange.clientSubject - A Subject that represents the source of the
service
request, or null. It may be used by the method implementation
as the source of Principals or credentials to be used to
secure the request. If the Subject is not null, the method
implementation may add additional Principals or credentials
(pertaining to the source of the service request) to the
Subject.
- Returns:
- An AuthStatus object representing the completion status of
the processing performed by the method.
The AuthStatus values that may be returned by this method
are defined as follows:
- AuthStatus.SUCCESS when the application request message
was successfully secured. The secured request message may be
obtained by calling getRequestMessage on messageInfo.
- AuthStatus.SEND_CONTINUE to indicate that the application
request message (within messageInfo) was replaced with a security
message that should elicit a security-specific response from the peer
security system. This status value also indicates that the application
message has not yet been secured.
This status value serves to inform the calling runtime that
(to successfully complete the message exchange) it will
need to be capable of continuing the message dialog by conducting
at least one additional request/response exchange after having
received the security-specific response elicited by sending the
security message.
When this status value is returned, the corresponding
invocation of
validateResponse must be able
to obtain the original application request message.
- AuthStatus.FAILURE to indicate that a failure occured
while securing the request message, and that an appropriate
failure response message is available by calling getResponseMessage
on messageInfo.
- Throws:
AuthException - When the message processing failed without
establishing a failure response message (in messageInfo).
secureRequest
public com.sun.xml.ws.api.message.Packet secureRequest(com.sun.xml.ws.api.message.Packet packet,
javax.security.auth.Subject clientSubject,
boolean isSCMessage)
throws XWSSecurityException
- Throws:
XWSSecurityException
validateResponse
public AuthStatus validateResponse(MessageInfo messageInfo,
javax.security.auth.Subject clientSubject,
javax.security.auth.Subject serviceSubject)
throws AuthException
- Description copied from interface:
ClientAuth
- Validate a received service response.
This method is called to transform the mechanism-specific response
message acquired by calling getResponseMessage (on messageInfo)
into the validated application message to be returned to the
message processing runtime. If the response message is a
(mechanism-specific) meta-message, the method implementation must
attempt to transform the meta-message into the next
mechanism-specific request message to be sent by the runtime.
This method conveys the outcome of its message processing either
by returning an AuthStatus value or by throwing an AuthException.
- Specified by:
validateResponse in interface ClientAuth
- Parameters:
messageInfo - A contextual object that encapsulates the
client request and server response objects, and that may be
used to save state across a sequence of calls made to the
methods of this interface for the purpose of completing a
secure message exchange.clientSubject - A Subject that represents the recipient of the
service response, or null. It may be used by the method
implementation as the source of Principals or credentials to
be used to validate the response. If the Subject is not null,
the method implementation may add additional Principals or
credentials (pertaining to the recipient of the service
request) to the Subject.serviceSubject - A Subject that represents the source of the
service response, or null. If the Subject is not null,
the method implementation may add additional Principals or
credentials (pertaining to the source of the service
response) to the Subject.
- Returns:
- An AuthStatus object representing the completion status of
the processing performed by the method.
The AuthStatus values that may be returned by this method
are defined as follows:
- AuthStatus.SUCCESS when the application response
message was successfully validated. The validated
message is available by calling getResponseMessage on
messageInfo.
- AuthStatus.SEND_CONTINUE to indicate that response validation
is incomplete, and that a continuation request was returned
as the request message within messageInfo.
This status value serves to inform the calling runtime that
(to successfully complete the message exchange) it will
need to be capable of continuing the message dialog by conducting
at least one additional request/response exchange.
- AuthStatus.FAILURE to indicate that validation of the response
failed, and that a failure response message has been established
in messageInfo.
- Throws:
AuthException - When the message processing failed without
establishing a failure response message (in messageInfo).
cleanSubject
public void cleanSubject(MessageInfo messageInfo,
javax.security.auth.Subject subject)
throws AuthException
- Description copied from interface:
ClientAuth
- Remove implementation specific principals and credentials from the
subject.
- Specified by:
cleanSubject in interface ClientAuth
- Parameters:
messageInfo - A contextual object that encapsulates the
client request and server response objects, and that may be
used to save state across a sequence of calls made to the
methods of this interface for the purpose of completing a
secure message exchange.subject - The Subject instance from which the Principals and
credentials are to be removed.
- Throws:
AuthException - If an error occurs during the Subject
processing.
validateResponse
public com.sun.xml.ws.api.message.Packet validateResponse(com.sun.xml.ws.api.message.Packet req,
javax.security.auth.Subject clientSubject,
javax.security.auth.Subject serviceSubject)
throws XWSSecurityException
- Throws:
XWSSecurityException
secureOutboundMessage
protected SOAPMessage secureOutboundMessage(SOAPMessage message,
ProcessingContext ctx)
- Overrides:
secureOutboundMessage in class WSITAuthContextBase
secureOutboundMessage
protected com.sun.xml.ws.api.message.Message secureOutboundMessage(com.sun.xml.ws.api.message.Message message,
ProcessingContext ctx)
- Overrides:
secureOutboundMessage in class WSITAuthContextBase
verifyInboundMessage
protected SOAPMessage verifyInboundMessage(SOAPMessage message,
ProcessingContext ctx)
throws WssSoapFaultException,
XWSSecurityException
- Throws:
WssSoapFaultException
XWSSecurityException
verifyInboundMessage
protected com.sun.xml.ws.api.message.Message verifyInboundMessage(com.sun.xml.ws.api.message.Message message,
ProcessingContext ctx)
throws XWSSecurityException
- Throws:
XWSSecurityException
addOutgoingMP
protected SecurityPolicyHolder addOutgoingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation,
com.sun.xml.ws.policy.Policy policy,
PolicyAlternativeHolder ph)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addOutgoingMP in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
addIncomingMP
protected SecurityPolicyHolder addIncomingMP(com.sun.xml.ws.api.model.wsdl.WSDLBoundOperation operation,
com.sun.xml.ws.policy.Policy policy,
PolicyAlternativeHolder ph)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addIncomingMP in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
addIncomingProtocolPolicy
protected void addIncomingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
java.lang.String protocol,
PolicyAlternativeHolder ph)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addIncomingProtocolPolicy in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
addOutgoingProtocolPolicy
protected void addOutgoingProtocolPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
java.lang.String protocol,
PolicyAlternativeHolder ph)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addOutgoingProtocolPolicy in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
addIncomingFaultPolicy
protected void addIncomingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
SecurityPolicyHolder sph,
com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addIncomingFaultPolicy in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
addOutgoingFaultPolicy
protected void addOutgoingFaultPolicy(com.sun.xml.ws.policy.Policy effectivePolicy,
SecurityPolicyHolder sph,
com.sun.xml.ws.api.model.wsdl.WSDLFault fault)
throws com.sun.xml.ws.policy.PolicyException
- Specified by:
addOutgoingFaultPolicy in class WSITAuthContextBase
- Throws:
com.sun.xml.ws.policy.PolicyException
getAction
protected java.lang.String getAction(com.sun.xml.ws.api.model.wsdl.WSDLOperation operation,
boolean inComming)
- Specified by:
getAction in class WSITAuthContextBase
getIssuedTokenPolicies
protected java.util.List<com.sun.xml.ws.policy.PolicyAssertion> getIssuedTokenPolicies(com.sun.xml.ws.api.message.Packet packet,
java.lang.String scope)
populateKerberosContext
protected void populateKerberosContext(com.sun.xml.ws.api.message.Packet packet,
ProcessingContextImpl ctx,
boolean isSCMessage)
throws XWSSecurityException
- Throws:
XWSSecurityException
Copyright © 2005-2013 Oracle Corporation. All Rights Reserved.