AuthHandler xref

This project has retired. For details please refer to its Attic page.
AuthHandler xref

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.chemistry.opencmis.server.impl.webservices;
20  
21  import java.util.HashMap;
22  import java.util.Map;
23  import java.util.Set;
24  
25  import javax.xml.bind.JAXBElement;
26  import javax.xml.namespace.QName;
27  import javax.xml.ws.handler.MessageContext;
28  import javax.xml.ws.handler.MessageContext.Scope;
29  
30  import com.sun.xml.ws.api.handler.MessageHandler;
31  import com.sun.xml.ws.api.handler.MessageHandlerContext;
32  import com.sun.xml.ws.api.message.Header;
33  import com.sun.xml.ws.api.message.HeaderList;
34  import com.sun.xml.ws.api.message.Message;
35  
36  /**
37   * This class tries to extract a user name and a password from a UsernameToken.
38   */
39  public class AuthHandler extends AbstractUsernameTokenAuthHandler implements MessageHandler<MessageHandlerContext> {
40  
41      public Set<QName> getHeaders() {
42          return HEADERS;
43      }
44  
45      public void close(MessageContext context) {
46      }
47  
48      public boolean handleFault(MessageHandlerContext context) {
49          return true;
50      }
51  
52      public boolean handleMessage(MessageHandlerContext context) {
53          Boolean outboundProperty = (Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
54          if (outboundProperty.booleanValue()) {
55              // we are only looking at inbound messages
56              return true;
57          }
58  
59          Map<String, String> callContextMap = null;
60  
61          try {
62              // read the header
63              Message msg = context.getMessage();
64              HeaderList hl = msg.getHeaders();
65              Header securityHeader = hl.get(WSSE_SECURITY, true);
66  
67              JAXBElement<SecurityHeaderType> sht = securityHeader.readAsJAXB(WSSE_CONTEXT.createUnmarshaller());
68  
69              callContextMap = extractUsernamePassword(sht);
70          } catch (Exception e) {
71              // something went wrong, e.g. a part of the SOAP header wasn't set
72          }
73  
74          // add user and password to context
75          if (callContextMap == null) {
76              callContextMap = new HashMap<String, String>();
77          }
78  
79          context.put(AbstractService.CALL_CONTEXT_MAP, callContextMap);
80          context.setScope(AbstractService.CALL_CONTEXT_MAP, Scope.APPLICATION);
81  
82          return true;
83      }
84  }