You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by jl...@apache.org on 2010/11/29 09:34:03 UTC
svn commit: r1040035 - in
/openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf:
ConfigureCxfSecurity.java WSSPassThroughInterceptor.java
Author: jlmonteiro
Date: Mon Nov 29 08:34:03 2010
New Revision: 1040035
URL: http://svn.apache.org/viewvc?rev=1040035&view=rev
Log:
Merged from openejb3
OPENEJB-1405 WS Security mustUnderstand flag not treated when handlers are used [from revision 1040029]
Reformat [from revision 1040032]
Added:
openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java
- copied, changed from r1040029, openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java
Modified:
openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java
Modified: openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java
URL: http://svn.apache.org/viewvc/openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java?rev=1040035&r1=1040034&r2=1040035&view=diff
==============================================================================
--- openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java (original)
+++ openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java Mon Nov 29 08:34:03 2010
@@ -29,53 +29,56 @@ import org.apache.ws.security.handler.WS
/**
* Helper class to extract WSS4J properties from a set of properties. More over,
- * it configures In and Out interceptor to manage WS6Security.
- *
+ * it configures In and Out interceptor to manage WS-Security.
*/
public class ConfigureCxfSecurity {
-
+
public static final void setupWSS4JChain(Endpoint endpoint, Properties inProps) {
- Map<String, Object> in = getPropsFromProperties(inProps, "wss4j.in.");
- Map<String, Object> out = getPropsFromProperties(inProps, "wss4j.out.");
- setupWSS4JChain(endpoint, in, out);
+ Map<String, Object> in = getPropsFromProperties(inProps, "wss4j.in.");
+ Map<String, Object> out = getPropsFromProperties(inProps, "wss4j.out.");
+ setupWSS4JChain(endpoint, in, out);
}
public static Map<String, Object> getPropsFromProperties(Properties inProps, String pattern) {
- String key, val;
+ String key, val;
- Map<String, Object> props = new HashMap<String, Object>();
- for (Map.Entry<Object, Object> entry : inProps.entrySet()) {
- key = String.valueOf(entry.getKey());
- val = String.valueOf(entry.getValue()).trim();
- if (key.startsWith(pattern)) {
- props.put(key.substring(pattern.length()), val);
- }
- }
- if (!props.isEmpty()) {
- // WSHandler first look for a property PW_CALLBACK_CLASS
- // if not found, it gets the PW_CALLBACK_REF
- props.put(WSHandlerConstants.PW_CALLBACK_REF, new ServerPasswordHandler());
- }
- return props;
+ Map<String, Object> props = new HashMap<String, Object>();
+ for (Map.Entry<Object, Object> entry : inProps.entrySet()) {
+ key = String.valueOf(entry.getKey());
+ val = String.valueOf(entry.getValue()).trim();
+ if (key.startsWith(pattern)) {
+ props.put(key.substring(pattern.length()), val);
+ }
+ }
+ if (!props.isEmpty()) {
+ // WSHandler first look for a property PW_CALLBACK_CLASS
+ // if not found, it gets the PW_CALLBACK_REF
+ props.put(WSHandlerConstants.PW_CALLBACK_REF, new ServerPasswordHandler());
+ }
+ return props;
}
public static final void setupWSS4JChain(Endpoint endpoint, Map<String, Object> inProps, Map<String, Object> outProps) {
- if (null != inProps && !inProps.isEmpty()) {
- endpoint.getInInterceptors().add(new SAAJInInterceptor());
- endpoint.getInInterceptors().add(new WSS4JInInterceptor(inProps));
- }
-
- if (null != outProps && !outProps.isEmpty()) {
- endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
- endpoint.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
- }
+ if (null != inProps && !inProps.isEmpty()) {
+ endpoint.getInInterceptors().add(new SAAJInInterceptor());
+ endpoint.getInInterceptors().add(new WSS4JInInterceptor(inProps));
+
+ // if WS Security is used with a JAX-WS handler (See EjbInterceptor), we have to deal with mustUnderstand flag
+ // in WS Security headers. So, let's add an interceptor
+ endpoint.getInInterceptors().add(new WSSPassThroughInterceptor());
+ }
+
+ if (null != outProps && !outProps.isEmpty()) {
+ endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
+ endpoint.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ }
}
public static final void configure(Endpoint endpoint, Properties p) {
- setupWSS4JChain(endpoint, p);
+ setupWSS4JChain(endpoint, p);
}
}
Copied: openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java (from r1040029, openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java)
URL: http://svn.apache.org/viewvc/openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java?p2=openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java&p1=openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java&r1=1040029&r2=1040035&rev=1040035&view=diff
==============================================================================
--- openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java (original)
+++ openejb/branches/openejb-3.1.x/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java Mon Nov 29 08:34:03 2010
@@ -30,36 +30,37 @@ import java.util.Set;
* adds the {@link org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor}. OpenEJB now supports
* WS Security out of the box, so it must indicates WS Security headers have been treated. That is simply done
* using that fake interceptor.
- *
+ * <p/>
* $Id$
*/
public class WSSPassThroughInterceptor extends AbstractSoapInterceptor {
private static final Set<QName> HEADERS = new HashSet<QName>();
- static {
- HEADERS.add(new QName(WSConstants.WSSE_NS, WSConstants.WSSE_LN));
- HEADERS.add(new QName(WSConstants.WSSE11_NS, WSConstants.WSSE_LN));
- HEADERS.add(new QName(WSConstants.ENC_NS, WSConstants.ENC_DATA_LN));
- }
-
- public WSSPassThroughInterceptor() {
- super(Phase.PRE_PROTOCOL);
- }
-
- public WSSPassThroughInterceptor(String phase) {
- super(phase);
- }
-
- @Override
- public Set<QName> getUnderstoodHeaders() {
- return HEADERS;
- }
-
- public void handleMessage(SoapMessage soapMessage) {
- // do nothing
-
- // this interceptor simply returns all WS-Security headers in its getUnderstoodHeaders()
- // method, so that CXF does not complain that they have not been "processed"
- // this is useful if you only need to look at the non-encrypted XML
- }
+
+ static {
+ HEADERS.add(new QName(WSConstants.WSSE_NS, WSConstants.WSSE_LN));
+ HEADERS.add(new QName(WSConstants.WSSE11_NS, WSConstants.WSSE_LN));
+ HEADERS.add(new QName(WSConstants.ENC_NS, WSConstants.ENC_DATA_LN));
+ }
+
+ public WSSPassThroughInterceptor() {
+ super(Phase.PRE_PROTOCOL);
+ }
+
+ public WSSPassThroughInterceptor(String phase) {
+ super(phase);
+ }
+
+ @Override
+ public Set<QName> getUnderstoodHeaders() {
+ return HEADERS;
+ }
+
+ public void handleMessage(SoapMessage soapMessage) {
+ // do nothing
+
+ // this interceptor simply returns all WS-Security headers in its getUnderstoodHeaders()
+ // method, so that CXF does not complain that they have not been "processed"
+ // this is useful if you only need to look at the non-encrypted XML
+ }
}