You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by na...@apache.org on 2008/05/07 11:10:01 UTC
svn commit: r654049 -
/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
Author: nandana
Date: Wed May 7 02:10:00 2008
New Revision: 654049
URL: http://svn.apache.org/viewvc?rev=654049&view=rev
Log:
When SOAP Message contain a security header and Rampart is engaged, it has to be processed. We must throw a specific error not just a must understand failure error.
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
Modified: webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java?rev=654049&r1=654048&r2=654049&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java (original)
+++ webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java Wed May 7 02:10:00 2008
@@ -17,6 +17,10 @@
package org.apache.rampart.handler;
import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMException;
+import org.apache.axiom.soap.SOAPHeader;
+import org.apache.axiom.soap.SOAPHeaderBlock;
+import org.apache.axiom.soap.impl.dom.soap11.SOAP11HeaderBlockImpl;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.HandlerDescription;
@@ -31,6 +35,7 @@
import org.apache.rampart.util.RampartUtil;
import org.apache.ws.secpolicy.model.Binding;
import org.apache.ws.secpolicy.model.SupportingToken;
+import org.apache.ws.security.WSConstants;
import org.apache.ws.security.handler.WSHandlerConstants;
import java.util.Iterator;
@@ -170,9 +175,48 @@
}
}
}
-
+
+ // If a security header is there and Rampart is engaged, it has to be processed.
+ // If it is not processed, there must have been a problem in picking the policy
+
+ SOAPHeaderBlock secHeader = getSecurityHeader(msgContext);
+
+ if (secHeader != null && (secHeader.isProcessed() == false)) {
+ throw new AxisFault("InvalidSecurity - Security policy not found");
+ }
+
return InvocationResponse.CONTINUE;
}
+
+ private SOAPHeaderBlock getSecurityHeader(MessageContext msgContext) throws AxisFault {
+
+ SOAPHeader header = null;
+ try {
+ header = msgContext.getEnvelope().getHeader();
+ } catch (OMException ex) {
+ throw new AxisFault(
+ "PostDispatchVerificationHandler: cannot get SOAP header after security processing",
+ ex);
+ }
+
+ Iterator headers = header.getChildElements();
+
+ SOAPHeaderBlock headerBlock = null;
+
+ while (headers.hasNext()) {
+ // Find the wsse header
+ SOAPHeaderBlock hb = (SOAPHeaderBlock) headers.next();
+ if (hb.getLocalName().equals(WSConstants.WSSE_LN)
+ && hb.getNamespace().getNamespaceURI().equals(WSConstants.WSSE_NS)) {
+ headerBlock = hb;
+ break;
+ }
+ }
+
+ return headerBlock;
+
+
+ }
}