You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by na...@apache.org on 2008/05/07 11:10:01 UTC

svn commit: r654049 - /webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java

Author: nandana
Date: Wed May  7 02:10:00 2008
New Revision: 654049

URL: http://svn.apache.org/viewvc?rev=654049&view=rev
Log:
When SOAP Message contain a security header and Rampart is engaged, it has to be processed. We must throw a specific error not just a must understand failure error. 

Modified:
    webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java

Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java?rev=654049&r1=654048&r2=654049&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java Wed May  7 02:10:00 2008
@@ -17,6 +17,10 @@
 package org.apache.rampart.handler;
 
 import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMException;
+import org.apache.axiom.soap.SOAPHeader;
+import org.apache.axiom.soap.SOAPHeaderBlock;
+import org.apache.axiom.soap.impl.dom.soap11.SOAP11HeaderBlockImpl;
 import org.apache.axis2.AxisFault;
 import org.apache.axis2.context.MessageContext;
 import org.apache.axis2.description.HandlerDescription;
@@ -31,6 +35,7 @@
 import org.apache.rampart.util.RampartUtil;
 import org.apache.ws.secpolicy.model.Binding;
 import org.apache.ws.secpolicy.model.SupportingToken;
+import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.handler.WSHandlerConstants;
 
 import java.util.Iterator;
@@ -170,9 +175,48 @@
                 }
             }
         }
-
+        
+        // If a security header is there and Rampart is engaged, it has to be processed.  
+        // If it is not processed, there must have been a problem in picking the policy 
+        
+        SOAPHeaderBlock secHeader = getSecurityHeader(msgContext);
+        
+        if (secHeader != null && (secHeader.isProcessed() == false)) {
+            throw new AxisFault("InvalidSecurity - Security policy not found");
+        }
+        
         return InvocationResponse.CONTINUE;
         
     }
+    
+    private SOAPHeaderBlock getSecurityHeader(MessageContext msgContext) throws AxisFault {
+        
+        SOAPHeader header = null;
+        try {
+            header = msgContext.getEnvelope().getHeader();
+        } catch (OMException ex) {
+            throw new AxisFault(
+                "PostDispatchVerificationHandler: cannot get SOAP header after security processing",
+                    ex);
+        }
+
+        Iterator headers = header.getChildElements();
+
+        SOAPHeaderBlock headerBlock = null;
+
+        while (headers.hasNext()) { 
+            // Find the wsse header
+            SOAPHeaderBlock hb = (SOAPHeaderBlock) headers.next();
+            if (hb.getLocalName().equals(WSConstants.WSSE_LN)
+                    && hb.getNamespace().getNamespaceURI().equals(WSConstants.WSSE_NS)) {
+                headerBlock = hb;
+                break;
+            }
+        }
+        
+        return headerBlock;
+        
+        
+    }
 
 }