You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/07/28 17:45:30 UTC
svn commit: r1151899 - in
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider:
STSException.java SecurityTokenServiceProvider.java
Author: coheigea
Date: Thu Jul 28 15:45:29 2011
New Revision: 1151899
URL: http://svn.apache.org/viewvc?rev=1151899&view=rev
Log:
[CXF-3693] - SecurityTokenServiceProvider does not handle exceptions properly
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java?rev=1151899&r1=1151898&r2=1151899&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java Thu Jul 28 15:45:29 2011
@@ -19,19 +19,94 @@
package org.apache.cxf.ws.security.sts.provider;
+import javax.xml.namespace.QName;
+
/**
- *
+ * A RuntimeException that can be thrown by an STS implementation. If the FaultCode is set, then this
+ * code/String will be returned to the user, otherwise the Exception message is returned.
*/
public class STSException extends RuntimeException {
- private static final long serialVersionUID = -6540501345865299260L;
-
+ /**
+ * WS-Trust 1.3 namespace
+ */
+ public static final String WST_NS_05_12 = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
+
+ /**
+ * Specification Fault Codes
+ */
+ public static final QName INVALID_REQUEST = new QName(WST_NS_05_12, "InvalidRequest");
+ public static final QName FAILED_AUTH = new QName(WST_NS_05_12, "FailedAuthentication");
+ public static final QName REQUEST_FAILED = new QName(WST_NS_05_12, "RequestFailed");
+ public static final QName INVALID_TOKEN = new QName(WST_NS_05_12, "InvalidSecurityToken");
+ public static final QName AUTH_BAD_ELEMENTS = new QName(WST_NS_05_12, "AuthenticationBadElements");
+ public static final QName BAD_REQUEST = new QName(WST_NS_05_12, "BadRequest");
+ public static final QName EXPIRED_DATA = new QName(WST_NS_05_12, "ExpiredData");
+ public static final QName INVALID_TIME = new QName(WST_NS_05_12, "InvalidTimeRange");
+ public static final QName INVALID_SCOPE = new QName(WST_NS_05_12, "InvalidScope");
+ public static final QName RENEW_NEEDED = new QName(WST_NS_05_12, "RenewNeeded");
+ public static final QName UNABLE_TO_RENEW = new QName(WST_NS_05_12, "UnableToRenew");
+
+ /**
+ * A map of Fault Code to Fault Strings
+ */
+ private static final java.util.Map<QName, String> FAULT_CODE_MAP =
+ new java.util.HashMap<QName, String>();
+
+ static {
+ FAULT_CODE_MAP.put(INVALID_REQUEST, "The request was invalid or malformed");
+ FAULT_CODE_MAP.put(FAILED_AUTH, "Authentication failed");
+ FAULT_CODE_MAP.put(REQUEST_FAILED, "The specified request failed");
+ FAULT_CODE_MAP.put(INVALID_TOKEN, "Security token has been revoked");
+ FAULT_CODE_MAP.put(AUTH_BAD_ELEMENTS, "Insufficient Digest Elements");
+ FAULT_CODE_MAP.put(BAD_REQUEST, "The specified RequestSecurityToken is not understood");
+ FAULT_CODE_MAP.put(EXPIRED_DATA, "The request data is out-of-date");
+ FAULT_CODE_MAP.put(INVALID_TIME, "The requested time range is invalid or unsupported");
+ FAULT_CODE_MAP.put(INVALID_SCOPE, "The request scope is invalid or unsupported");
+ FAULT_CODE_MAP.put(RENEW_NEEDED, "A renewable security token has expired");
+ FAULT_CODE_MAP.put(UNABLE_TO_RENEW, "The requested renewal failed");
+ }
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 2186924985128534490L;
+
+
+ private QName faultCode;
+
public STSException(String message) {
super(message);
}
-
+
+ public STSException(String message, QName faultCode) {
+ super(message);
+ this.faultCode = faultCode;
+ }
+
public STSException(String message, Throwable e) {
super(message, e);
}
+ public STSException(String message, Throwable e, QName faultCode) {
+ super(message, e);
+ this.faultCode = faultCode;
+ }
+
+ public void setFaultCode(QName faultCode) {
+ this.faultCode = faultCode;
+ }
+
+ public QName getFaultCode() {
+ return faultCode;
+ }
+
+ @Override
+ public String getMessage() {
+ if (faultCode != null && FAULT_CODE_MAP.get(faultCode) != null) {
+ return FAULT_CODE_MAP.get(faultCode);
+ }
+ return super.getMessage();
+ }
+
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java?rev=1151899&r1=1151898&r2=1151899&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenServiceProvider.java Thu Jul 28 15:45:29 2011
@@ -19,6 +19,7 @@
package org.apache.cxf.ws.security.sts.provider;
+import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.List;
@@ -31,9 +32,6 @@ import javax.xml.bind.JAXBElement;
import javax.xml.bind.Unmarshaller;
import javax.xml.bind.util.JAXBSource;
import javax.xml.namespace.QName;
-import javax.xml.soap.Detail;
-import javax.xml.soap.DetailEntry;
-import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPFactory;
import javax.xml.soap.SOAPFault;
@@ -223,33 +221,41 @@ public class SecurityTokenServiceProvide
.createRequestSecurityTokenResponse(tokenResponse));
}
- } catch (Exception e) {
+ } catch (InvocationTargetException ex) {
try {
- SOAPFault fault = soapFactory.createFault();
- if (e.getMessage() != null) {
- fault.setFaultString(e.getMessage());
- } else if (e.getCause() != null && e.getCause().getMessage() != null) {
- fault.setFaultString(e.getCause().getMessage());
- } else {
- fault.setFaultString("Internal STS error");
- }
- Detail detail = fault.addDetail();
- detail = fault.getDetail();
- QName qName = new QName(WSTRUST_13_NAMESPACE, "Fault", "ns");
- DetailEntry de = detail.addDetailEntry(qName);
- qName = new QName(WSTRUST_13_NAMESPACE, "ErrorCode", "ns");
- SOAPElement errorElement = de.addChildElement(qName);
- StackTraceElement[] ste = e.getStackTrace();
- errorElement.setTextContent(ste[0].toString());
+ Throwable cause = ex.getCause();
+ SOAPFault fault = createSOAPFault(cause);
+ throw new SOAPFaultException(fault);
+ } catch (SOAPException e1) {
+ throw new Fault(e1);
+ }
+ } catch (Exception ex) {
+ try {
+ SOAPFault fault = createSOAPFault(ex);
throw new SOAPFaultException(fault);
} catch (SOAPException e1) {
throw new Fault(e1);
}
-
}
return response;
}
+
+ private SOAPFault createSOAPFault(Throwable ex) throws SOAPException {
+ SOAPFault fault = soapFactory.createFault();
+ String faultString = "Internal STS error";
+ QName faultCode = fault.getFaultCodeAsQName();
+
+ if (ex != null) {
+ if (ex instanceof STSException && ((STSException)ex).getFaultCode() != null) {
+ faultCode = ((STSException)ex).getFaultCode();
+ }
+ faultString = ex.getMessage();
+ }
+ fault.setFaultString(faultString);
+ fault.setFaultCode(faultCode);
+ return fault;
+ }
private Object convertToJAXBObject(Source source) throws Exception {
Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();