You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ow...@apache.org on 2013/05/16 22:20:01 UTC
svn commit: r1483544 [1/2] - in /cxf/trunk/services/sts: sts-core/
sts-core/src/main/java/org/apache/cxf/sts/event/
sts-core/src/main/java/org/apache/cxf/sts/operation/ sts-war/
sts-war/src/main/resources/ sts-war/src/main/webapp/WEB-INF/
Author: owulff
Date: Thu May 16 20:20:00 2013
New Revision: 1483544
URL: http://svn.apache.org/r1483544
Log:
[CXF-5010] Add customizable request logging capability to STS
Added:
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSFailureEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSSuccessEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/LoggerListener.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelFailureEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelSuccessEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSFailureEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueFailureEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueSuccessEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewFailureEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewSuccessEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateFailureEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateSuccessEvent.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenCancellerParametersSupport.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenProviderParametersSupport.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenRenewerParametersSupport.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenValidatorParametersSupport.java
cxf/trunk/services/sts/sts-war/src/main/resources/org.apache.cxf.Logger
Removed:
cxf/trunk/services/sts/sts-war/src/main/resources/logging.properties
Modified:
cxf/trunk/services/sts/sts-core/pom.xml
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java
cxf/trunk/services/sts/sts-war/pom.xml
cxf/trunk/services/sts/sts-war/src/main/resources/log4j.properties
cxf/trunk/services/sts/sts-war/src/main/webapp/WEB-INF/cxf-transport.xml
Modified: cxf/trunk/services/sts/sts-core/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/pom.xml?rev=1483544&r1=1483543&r2=1483544&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/pom.xml (original)
+++ cxf/trunk/services/sts/sts-core/pom.xml Thu May 16 20:20:00 2013
@@ -44,6 +44,12 @@
<version>${project.version}</version>
<scope>compile</scope>
</dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-transports-http</artifactId>
+ <version>${project.version}</version>
+ <scope>compile</scope>
+ </dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache-core</artifactId>
@@ -81,6 +87,12 @@
<artifactId>slf4j-jdk14</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>${cxf.servlet-api.group}</groupId>
+ <artifactId>${cxf.servlet-api.artifact}</artifactId>
+ <scope>provided</scope>
+ <optional>true</optional>
+ </dependency>
</dependencies>
<build>
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.springframework.context.ApplicationEvent;
+
+public abstract class AbstractSTSEvent extends ApplicationEvent {
+
+ private static final long serialVersionUID = 1L;
+
+ private long duration;
+
+ public AbstractSTSEvent(Object source, long duration) {
+ super(source);
+ this.duration = duration;
+ }
+
+ public abstract String getOperation();
+
+ public long getDuration() {
+ return duration;
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSFailureEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSFailureEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSFailureEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+public abstract class AbstractSTSFailureEvent extends AbstractSTSEvent {
+
+ private static final long serialVersionUID = 1L;
+
+ //private static final String OPERATION = "Issue";
+ private Exception exception;
+
+ public AbstractSTSFailureEvent(Object source, long duration, Exception ex) {
+ super(source, duration);
+ exception = ex;
+ }
+
+ public Exception getException() {
+ return exception;
+ }
+
+ /*@Override
+ public String getOperation() {
+ return OPERATION;
+ }*/
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSSuccessEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSSuccessEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSSuccessEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/AbstractSTSSuccessEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+public abstract class AbstractSTSSuccessEvent extends AbstractSTSEvent {
+
+ private static final long serialVersionUID = 1L;
+
+ public AbstractSTSSuccessEvent(Object source, long duration) {
+ super(source, duration);
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/LoggerListener.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/LoggerListener.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/LoggerListener.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/LoggerListener.java Thu May 16 20:20:00 2013
@@ -0,0 +1,374 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.io.Writer;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.sts.claims.RequestClaim;
+import org.apache.cxf.sts.token.canceller.TokenCancellerParameters;
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+import org.apache.cxf.sts.token.renewer.TokenRenewerParameters;
+import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
+import org.apache.cxf.transport.http.AbstractHTTPDestination;
+
+import org.springframework.context.ApplicationListener;
+
+
+public class LoggerListener implements ApplicationListener<AbstractSTSEvent> {
+
+ public enum KEYS {
+ TIME,
+ OPERATION,
+ WS_SEC_PRINCIPAL,
+ STATUS,
+ TOKENTYPE,
+ EXCEPTION,
+ REALM,
+ APPLIESTO,
+ CLAIMS_PRIMARY,
+ CLAIMS_SECONDARY,
+ DURATION,
+ ACTAS_PRINCIPAL,
+ ONBEHALFOF_PRINCIPAL,
+ VALIDATE_PRINCIPAL,
+ CANCEL_PRINCIPAL,
+ RENEW_PRINCIPAL,
+ REMOTE_HOST,
+ REMOTE_PORT,
+ URL
+ };
+
+ private static final Logger LOG = LogUtils.getL7dLogger(LoggerListener.class);
+
+ private List<String> fieldOrder = new ArrayList<String>();
+ private boolean logStacktrace;
+ private boolean logFieldname;
+ private Level logLevel = Level.FINE;
+ private DateFormat dateFormat = DateFormat.getDateTimeInstance(DateFormat.SHORT, DateFormat.MEDIUM);
+
+ public LoggerListener() {
+ fieldOrder.add(KEYS.TIME.name());
+ fieldOrder.add(KEYS.STATUS.name());
+ fieldOrder.add(KEYS.DURATION.name());
+ fieldOrder.add(KEYS.REMOTE_HOST.name());
+ fieldOrder.add(KEYS.REMOTE_PORT.name());
+ fieldOrder.add(KEYS.OPERATION.name());
+ fieldOrder.add(KEYS.URL.name());
+ fieldOrder.add(KEYS.REALM.name());
+ fieldOrder.add(KEYS.WS_SEC_PRINCIPAL.name());
+ fieldOrder.add(KEYS.ONBEHALFOF_PRINCIPAL.name());
+ fieldOrder.add(KEYS.ACTAS_PRINCIPAL.name());
+ fieldOrder.add(KEYS.VALIDATE_PRINCIPAL.name());
+ fieldOrder.add(KEYS.CANCEL_PRINCIPAL.name());
+ fieldOrder.add(KEYS.RENEW_PRINCIPAL.name());
+ fieldOrder.add(KEYS.TOKENTYPE.name());
+ fieldOrder.add(KEYS.APPLIESTO.name());
+ fieldOrder.add(KEYS.CLAIMS_PRIMARY.name());
+ fieldOrder.add(KEYS.CLAIMS_SECONDARY.name());
+ fieldOrder.add(KEYS.EXCEPTION.name());
+ }
+
+ @Override
+ public void onApplicationEvent(AbstractSTSEvent event) {
+
+ if (event instanceof TokenProviderParametersSupport) {
+ handleEvent((TokenProviderParametersSupport)event);
+ } else if (event instanceof TokenValidatorParametersSupport) {
+ handleEvent((TokenValidatorParametersSupport)event);
+ } else if (event instanceof TokenCancellerParametersSupport) {
+ handleEvent((TokenCancellerParametersSupport)event);
+ } else if (event instanceof TokenRenewerParametersSupport) {
+ handleEvent((TokenRenewerParametersSupport)event);
+ } else {
+ LOG.warning("Unknown STS event: " + event.getClass());
+ }
+ }
+
+
+ public void handleEvent(TokenProviderParametersSupport event) {
+ try {
+ Map<String, String> map = new HashMap<String, String>();
+ AbstractSTSEvent baseEvent = (AbstractSTSEvent)event;
+ map.put(KEYS.TIME.name(), this.dateFormat.format(new Date(baseEvent.getTimestamp())));
+ map.put(KEYS.OPERATION.name(), baseEvent.getOperation());
+ map.put(KEYS.DURATION.name(), String.valueOf(baseEvent.getDuration()) + "ms");
+
+ TokenProviderParameters params = event.getTokenParameters();
+ HttpServletRequest req = (HttpServletRequest)params.getWebServiceContext().
+ getMessageContext().get(AbstractHTTPDestination.HTTP_REQUEST);
+ map.put(KEYS.REMOTE_HOST.name(), req.getRemoteHost());
+ map.put(KEYS.REMOTE_PORT.name(), String.valueOf(req.getRemotePort()));
+ map.put(KEYS.URL.name(), (String)params.getWebServiceContext().
+ getMessageContext().get("org.apache.cxf.request.url"));
+
+ map.put(KEYS.TOKENTYPE.name(), params.getTokenRequirements().getTokenType());
+ try {
+ if (params.getTokenRequirements().getOnBehalfOf() != null) {
+ map.put(KEYS.ONBEHALFOF_PRINCIPAL.name(),
+ params.getTokenRequirements().getOnBehalfOf().getPrincipal().getName());
+ }
+ if (params.getTokenRequirements().getActAs() != null) {
+ map.put(KEYS.ACTAS_PRINCIPAL.name(),
+ params.getTokenRequirements().getActAs().getPrincipal().getName());
+ }
+ if (params.getPrincipal() != null) {
+ map.put(KEYS.WS_SEC_PRINCIPAL.name(), params.getPrincipal().getName());
+ }
+ } catch (NullPointerException ex) {
+ //Principal could be null
+ }
+ map.put(KEYS.REALM.name(), params.getRealm());
+ map.put(KEYS.APPLIESTO.name(), params.getAppliesToAddress());
+
+ if (params.getRequestedPrimaryClaims() != null
+ && fieldOrder.indexOf(KEYS.CLAIMS_PRIMARY.name()) != -1) {
+ List<String> claims = new ArrayList<String>();
+ for (RequestClaim claim : params.getRequestedPrimaryClaims()) {
+ claims.add(claim.getClaimType().toString());
+ }
+ map.put(KEYS.CLAIMS_PRIMARY.name(), claims.toString());
+ }
+ if (params.getRequestedSecondaryClaims() != null
+ && fieldOrder.indexOf(KEYS.CLAIMS_SECONDARY.name()) != -1) {
+ List<String> claims = new ArrayList<String>();
+ for (RequestClaim claim : params.getRequestedSecondaryClaims()) {
+ claims.add(claim.getClaimType().toString());
+ }
+ map.put(KEYS.CLAIMS_SECONDARY.name(), claims.toString());
+ }
+ if (event instanceof AbstractSTSFailureEvent) {
+ map.put(KEYS.STATUS.name(), "FAILURE");
+ Exception ex = ((AbstractSTSFailureEvent)event).getException();
+ if (this.isLogStacktrace()) {
+ final Writer result = new StringWriter();
+ final PrintWriter printWriter = new PrintWriter(result);
+ ex.printStackTrace(printWriter);
+ map.put(KEYS.EXCEPTION.name(), result.toString());
+ } else {
+ map.put(KEYS.EXCEPTION.name(), ex.getMessage());
+ }
+ } else {
+ map.put(KEYS.STATUS.name(), "SUCCESS");
+ }
+ writeLog(map);
+ } catch (Exception ex) {
+ LOG.log(Level.WARNING, "Failed to capture or write logging details", ex);
+ }
+ }
+
+ public void handleEvent(TokenValidatorParametersSupport event) {
+ try {
+ Map<String, String> map = new HashMap<String, String>();
+ AbstractSTSEvent baseEvent = (AbstractSTSEvent)event;
+ map.put(KEYS.TIME.name(), this.dateFormat.format(new Date(baseEvent.getTimestamp())));
+ map.put(KEYS.OPERATION.name(), baseEvent.getOperation());
+ map.put(KEYS.DURATION.name(), String.valueOf(baseEvent.getDuration()) + "ms");
+
+ TokenValidatorParameters params = event.getTokenParameters();
+ HttpServletRequest req = (HttpServletRequest)params.getWebServiceContext().
+ getMessageContext().get(AbstractHTTPDestination.HTTP_REQUEST);
+ map.put(KEYS.REMOTE_HOST.name(), req.getRemoteHost());
+ map.put(KEYS.REMOTE_PORT.name(), String.valueOf(req.getRemotePort()));
+ map.put(KEYS.URL.name(), (String)params.getWebServiceContext().
+ getMessageContext().get("org.apache.cxf.request.url"));
+ map.put(KEYS.TOKENTYPE.name(), params.getTokenRequirements().getTokenType());
+ if (params.getTokenRequirements().getActAs() != null) {
+ map.put(KEYS.VALIDATE_PRINCIPAL.name(),
+ params.getTokenRequirements().getValidateTarget().getPrincipal().getName());
+ }
+ if (params.getPrincipal() != null) {
+ map.put(KEYS.WS_SEC_PRINCIPAL.name(), params.getPrincipal().getName());
+ }
+ map.put(KEYS.REALM.name(), params.getRealm());
+ //map.put(KEYS.APPLIESTO.name(), params.getAppliesToAddress());
+ if (event instanceof AbstractSTSFailureEvent) {
+ map.put(KEYS.STATUS.name(), "FAILURE");
+ Exception ex = ((AbstractSTSFailureEvent)event).getException();
+ if (this.isLogStacktrace()) {
+ final Writer result = new StringWriter();
+ final PrintWriter printWriter = new PrintWriter(result);
+ ex.printStackTrace(printWriter);
+ map.put(KEYS.EXCEPTION.name(), result.toString());
+ } else {
+ map.put(KEYS.EXCEPTION.name(), ex.getMessage());
+ }
+ } else {
+ map.put(KEYS.STATUS.name(), "SUCCESS");
+ }
+ writeLog(map);
+ } catch (Exception ex) {
+ LOG.log(Level.WARNING, "Failed to capture or write logging details", ex);
+ }
+ }
+
+ public void handleEvent(TokenCancellerParametersSupport event) {
+ try {
+ Map<String, String> map = new HashMap<String, String>();
+ AbstractSTSEvent baseEvent = (AbstractSTSEvent)event;
+ map.put(KEYS.TIME.name(), this.dateFormat.format(new Date(baseEvent.getTimestamp())));
+ map.put(KEYS.OPERATION.name(), baseEvent.getOperation());
+ map.put(KEYS.DURATION.name(), String.valueOf(baseEvent.getDuration()) + "ms");
+
+ TokenCancellerParameters params = event.getTokenParameters();
+ HttpServletRequest req = (HttpServletRequest)params.getWebServiceContext().
+ getMessageContext().get(AbstractHTTPDestination.HTTP_REQUEST);
+ map.put(KEYS.REMOTE_HOST.name(), req.getRemoteHost());
+ map.put(KEYS.REMOTE_PORT.name(), String.valueOf(req.getRemotePort()));
+ map.put(KEYS.URL.name(), (String)params.getWebServiceContext().
+ getMessageContext().get("org.apache.cxf.request.url"));
+ map.put(KEYS.TOKENTYPE.name(), params.getTokenRequirements().getTokenType());
+ if (params.getTokenRequirements().getActAs() != null) {
+ map.put(KEYS.CANCEL_PRINCIPAL.name(),
+ params.getTokenRequirements().getCancelTarget().getPrincipal().getName());
+ }
+ if (params.getPrincipal() != null) {
+ map.put(KEYS.WS_SEC_PRINCIPAL.name(), params.getPrincipal().getName());
+ }
+ //map.put(KEYS.REALM.name(), params.getRealm());
+ //map.put(KEYS.APPLIESTO.name(), params.getAppliesToAddress());
+ if (event instanceof AbstractSTSFailureEvent) {
+ map.put(KEYS.STATUS.name(), "FAILURE");
+ Exception ex = ((AbstractSTSFailureEvent)event).getException();
+ if (this.isLogStacktrace()) {
+ final Writer result = new StringWriter();
+ final PrintWriter printWriter = new PrintWriter(result);
+ ex.printStackTrace(printWriter);
+ map.put(KEYS.EXCEPTION.name(), result.toString());
+ } else {
+ map.put(KEYS.EXCEPTION.name(), ex.getMessage());
+ }
+ } else {
+ map.put(KEYS.STATUS.name(), "SUCCESS");
+ }
+ writeLog(map);
+ } catch (Exception ex) {
+ LOG.log(Level.WARNING, "Failed to capture or write logging details", ex);
+ }
+ }
+
+ public void handleEvent(TokenRenewerParametersSupport event) {
+ try {
+ Map<String, String> map = new HashMap<String, String>();
+ AbstractSTSEvent baseEvent = (AbstractSTSEvent)event;
+ map.put(KEYS.TIME.name(), this.dateFormat.format(new Date(baseEvent.getTimestamp())));
+ map.put(KEYS.OPERATION.name(), baseEvent.getOperation());
+ map.put(KEYS.DURATION.name(), String.valueOf(baseEvent.getDuration()) + "ms");
+
+ TokenRenewerParameters params = event.getTokenParameters();
+ HttpServletRequest req = (HttpServletRequest)params.getWebServiceContext().
+ getMessageContext().get(AbstractHTTPDestination.HTTP_REQUEST);
+ map.put(KEYS.REMOTE_HOST.name(), req.getRemoteHost());
+ map.put(KEYS.REMOTE_PORT.name(), String.valueOf(req.getRemotePort()));
+ map.put(KEYS.URL.name(), (String)params.getWebServiceContext().
+ getMessageContext().get("org.apache.cxf.request.url"));
+ map.put(KEYS.TOKENTYPE.name(), params.getTokenRequirements().getTokenType());
+ if (params.getTokenRequirements().getRenewTarget() != null) {
+ map.put(KEYS.RENEW_PRINCIPAL.name(),
+ params.getTokenRequirements().getRenewTarget().getPrincipal().getName());
+ }
+ if (params.getPrincipal() != null) {
+ map.put(KEYS.WS_SEC_PRINCIPAL.name(), params.getPrincipal().getName());
+ }
+ map.put(KEYS.REALM.name(), params.getRealm());
+ map.put(KEYS.APPLIESTO.name(), params.getAppliesToAddress());
+ if (event instanceof AbstractSTSFailureEvent) {
+ map.put(KEYS.STATUS.name(), "FAILURE");
+ Exception ex = ((AbstractSTSFailureEvent)event).getException();
+ if (this.isLogStacktrace()) {
+ final Writer result = new StringWriter();
+ final PrintWriter printWriter = new PrintWriter(result);
+ ex.printStackTrace(printWriter);
+ map.put(KEYS.EXCEPTION.name(), result.toString());
+ } else {
+ map.put(KEYS.EXCEPTION.name(), ex.getMessage());
+ }
+ } else {
+ map.put(KEYS.STATUS.name(), "SUCCESS");
+ }
+ writeLog(map);
+ } catch (Exception ex) {
+ LOG.log(Level.WARNING, "Failed to capture or write logging details", ex);
+ }
+ }
+
+ protected void writeLog(Map<String, String> map) {
+ final StringBuilder builder = new StringBuilder();
+ for (String key : fieldOrder) {
+ if (this.logFieldname) {
+ builder.append(key).append("=").append(map.get(key)).append(";");
+ } else {
+ builder.append(map.get(key)).append(";");
+ }
+
+ }
+ LOG.log(this.logLevel, builder.toString());
+ }
+
+ public List<String> getFieldOrder() {
+ return fieldOrder;
+ }
+
+ public void setFieldOrder(List<String> fieldOrder) {
+ this.fieldOrder = fieldOrder;
+ }
+
+ public boolean isLogStacktrace() {
+ return logStacktrace;
+ }
+
+ public void setLogStacktrace(boolean logStacktrace) {
+ this.logStacktrace = logStacktrace;
+ }
+
+ public boolean isLogFieldname() {
+ return logFieldname;
+ }
+
+ public void setLogFieldname(boolean logFieldname) {
+ this.logFieldname = logFieldname;
+ }
+
+ public void setDateFormat(String format) {
+ this.dateFormat = new SimpleDateFormat(format);
+ }
+
+ public Level getLogLevel() {
+ return logLevel;
+ }
+
+ public void setLogLevel(String logLevel) {
+ this.logLevel = Level.parse(logLevel);
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelFailureEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelFailureEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelFailureEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.canceller.TokenCancellerParameters;
+
+public class STSCancelFailureEvent extends AbstractSTSFailureEvent implements TokenCancellerParametersSupport {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final String OPERATION = "Cancel";
+
+
+ public STSCancelFailureEvent(TokenCancellerParameters parameters, long duration, Exception exception) {
+ super(parameters, duration, exception);
+ }
+
+ @Override
+ public String getOperation() {
+ return OPERATION;
+ }
+
+ @Override
+ public TokenCancellerParameters getTokenParameters() {
+ return (TokenCancellerParameters)this.getSource();
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelSuccessEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelSuccessEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelSuccessEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSCancelSuccessEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.canceller.TokenCancellerParameters;
+
+public class STSCancelSuccessEvent extends AbstractSTSSuccessEvent implements TokenCancellerParametersSupport {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final String OPERATION = "Cancel";
+
+
+ public STSCancelSuccessEvent(TokenCancellerParameters parameters, long duration) {
+ super(parameters, duration);
+ }
+
+ @Override
+ public String getOperation() {
+ return OPERATION;
+ }
+
+ @Override
+ public TokenCancellerParameters getTokenParameters() {
+ return (TokenCancellerParameters)this.getSource();
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSFailureEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSFailureEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSFailureEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+@Deprecated
+public interface STSFailureEvent {
+
+ Exception getException();
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueFailureEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueFailureEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueFailureEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+
+public class STSIssueFailureEvent extends AbstractSTSFailureEvent implements TokenProviderParametersSupport {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final String OPERATION = "Issue";
+
+
+ public STSIssueFailureEvent(TokenProviderParameters parameters, long duration, Exception exception) {
+ super(parameters, duration, exception);
+ }
+
+ @Override
+ public String getOperation() {
+ return OPERATION;
+ }
+
+ @Override
+ public TokenProviderParameters getTokenParameters() {
+ return (TokenProviderParameters)this.getSource();
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueSuccessEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueSuccessEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueSuccessEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSIssueSuccessEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+
+public class STSIssueSuccessEvent extends AbstractSTSSuccessEvent implements TokenProviderParametersSupport {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final String OPERATION = "Issue";
+
+
+ public STSIssueSuccessEvent(TokenProviderParameters parameters, long duration) {
+ super(parameters, duration);
+ }
+
+ @Override
+ public String getOperation() {
+ return OPERATION;
+ }
+
+ @Override
+ public TokenProviderParameters getTokenParameters() {
+ return (TokenProviderParameters)this.getSource();
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewFailureEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewFailureEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewFailureEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.renewer.TokenRenewerParameters;
+
+public class STSRenewFailureEvent extends AbstractSTSFailureEvent implements TokenRenewerParametersSupport {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final String OPERATION = "Renew";
+
+
+ public STSRenewFailureEvent(TokenRenewerParameters parameters, long duration, Exception exception) {
+ super(parameters, duration, exception);
+ }
+
+ @Override
+ public String getOperation() {
+ return OPERATION;
+ }
+
+ @Override
+ public TokenRenewerParameters getTokenParameters() {
+ return (TokenRenewerParameters)this.getSource();
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewSuccessEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewSuccessEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewSuccessEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSRenewSuccessEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.renewer.TokenRenewerParameters;
+
+public class STSRenewSuccessEvent extends AbstractSTSSuccessEvent implements TokenRenewerParametersSupport {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final String OPERATION = "Renew";
+
+
+ public STSRenewSuccessEvent(TokenRenewerParameters parameters, long duration) {
+ super(parameters, duration);
+ }
+
+ @Override
+ public String getOperation() {
+ return OPERATION;
+ }
+
+ @Override
+ public TokenRenewerParameters getTokenParameters() {
+ return (TokenRenewerParameters)this.getSource();
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateFailureEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateFailureEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateFailureEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateFailureEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
+
+public class STSValidateFailureEvent extends AbstractSTSFailureEvent implements TokenValidatorParametersSupport {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final String OPERATION = "Validate";
+
+
+ public STSValidateFailureEvent(TokenValidatorParameters parameters, long duration, Exception exception) {
+ super(parameters, duration, exception);
+ }
+
+ @Override
+ public String getOperation() {
+ return OPERATION;
+ }
+
+ @Override
+ public TokenValidatorParameters getTokenParameters() {
+ return (TokenValidatorParameters)this.getSource();
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateSuccessEvent.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateSuccessEvent.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateSuccessEvent.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/STSValidateSuccessEvent.java Thu May 16 20:20:00 2013
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
+
+public class STSValidateSuccessEvent extends AbstractSTSSuccessEvent implements TokenValidatorParametersSupport {
+
+ private static final long serialVersionUID = 1L;
+
+ private static final String OPERATION = "Validate";
+
+
+ public STSValidateSuccessEvent(TokenValidatorParameters parameters, long duration) {
+ super(parameters, duration);
+ }
+
+ @Override
+ public String getOperation() {
+ return OPERATION;
+ }
+
+ @Override
+ public TokenValidatorParameters getTokenParameters() {
+ return (TokenValidatorParameters)this.getSource();
+ }
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenCancellerParametersSupport.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenCancellerParametersSupport.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenCancellerParametersSupport.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenCancellerParametersSupport.java Thu May 16 20:20:00 2013
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.canceller.TokenCancellerParameters;
+
+public interface TokenCancellerParametersSupport {
+
+ TokenCancellerParameters getTokenParameters();
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenProviderParametersSupport.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenProviderParametersSupport.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenProviderParametersSupport.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenProviderParametersSupport.java Thu May 16 20:20:00 2013
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+
+public interface TokenProviderParametersSupport {
+
+ TokenProviderParameters getTokenParameters();
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenRenewerParametersSupport.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenRenewerParametersSupport.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenRenewerParametersSupport.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenRenewerParametersSupport.java Thu May 16 20:20:00 2013
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.renewer.TokenRenewerParameters;
+
+public interface TokenRenewerParametersSupport {
+
+ TokenRenewerParameters getTokenParameters();
+
+}
Added: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenValidatorParametersSupport.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenValidatorParametersSupport.java?rev=1483544&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenValidatorParametersSupport.java (added)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/TokenValidatorParametersSupport.java Thu May 16 20:20:00 2013
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.sts.event;
+
+import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
+
+public interface TokenValidatorParametersSupport {
+
+ TokenValidatorParameters getTokenParameters();
+
+}
Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java?rev=1483544&r1=1483543&r2=1483544&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java Thu May 16 20:20:00 2013
@@ -34,6 +34,7 @@ import javax.xml.namespace.QName;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.handler.MessageContext;
+
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -83,12 +84,14 @@ import org.apache.ws.security.message.WS
import org.apache.ws.security.message.WSSecEncryptedKey;
import org.apache.ws.security.util.XmlSchemaDateFormat;
-
+import org.springframework.context.ApplicationEvent;
+import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.context.ApplicationEventPublisherAware;
/**
* This abstract class contains some common functionality for different operations.
*/
-public abstract class AbstractOperation {
+public abstract class AbstractOperation implements ApplicationEventPublisherAware {
public static final QName TOKEN_TYPE =
new QName(WSConstants.WSSE11_NS, WSConstants.TOKEN_TYPE, WSConstants.WSSE11_PREFIX);
@@ -103,6 +106,7 @@ public abstract class AbstractOperation
protected boolean returnReferences = true;
protected TokenStore tokenStore;
protected ClaimsManager claimsManager = new ClaimsManager();
+ protected ApplicationEventPublisher eventPublisher;
public boolean isReturnReferences() {
return returnReferences;
@@ -642,4 +646,15 @@ public abstract class AbstractOperation
}
}
+ @Override
+ public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
+ this.eventPublisher = applicationEventPublisher;
+ }
+
+
+ protected void publishEvent(ApplicationEvent event) {
+ if (eventPublisher != null) {
+ eventPublisher.publishEvent(event);
+ }
+ }
}
Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java?rev=1483544&r1=1483543&r2=1483544&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenCancelOperation.java Thu May 16 20:20:00 2013
@@ -30,6 +30,8 @@ import javax.xml.ws.WebServiceContext;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.sts.QNameConstants;
import org.apache.cxf.sts.STSConstants;
+import org.apache.cxf.sts.event.STSCancelFailureEvent;
+import org.apache.cxf.sts.event.STSCancelSuccessEvent;
import org.apache.cxf.sts.request.KeyRequirements;
import org.apache.cxf.sts.request.ReceivedToken;
import org.apache.cxf.sts.request.ReceivedToken.STATE;
@@ -44,6 +46,7 @@ import org.apache.cxf.ws.security.sts.pr
import org.apache.cxf.ws.security.sts.provider.model.RequestedTokenCancelledType;
import org.apache.cxf.ws.security.sts.provider.operation.CancelOperation;
import org.apache.ws.security.WSSecurityException;
+import org.springframework.context.ApplicationEvent;
/**
* An implementation for Cancel operation interface.
@@ -65,69 +68,84 @@ public class TokenCancelOperation extend
public RequestSecurityTokenResponseType cancel(
RequestSecurityTokenType request, WebServiceContext context
) {
- RequestParser requestParser = parseRequest(request, context);
-
- KeyRequirements keyRequirements = requestParser.getKeyRequirements();
- TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
-
- ReceivedToken cancelTarget = tokenRequirements.getCancelTarget();
- if (cancelTarget == null || cancelTarget.getToken() == null) {
- throw new STSException("No element presented for cancellation", STSException.INVALID_REQUEST);
- }
- if (tokenRequirements.getTokenType() == null) {
- tokenRequirements.setTokenType(STSConstants.STATUS);
- LOG.fine(
- "Received TokenType is null, falling back to default token type: " + STSConstants.STATUS
- );
- }
-
+ long start = System.currentTimeMillis();
TokenCancellerParameters cancellerParameters = new TokenCancellerParameters();
- cancellerParameters.setStsProperties(stsProperties);
- cancellerParameters.setPrincipal(context.getUserPrincipal());
- cancellerParameters.setWebServiceContext(context);
- cancellerParameters.setTokenStore(getTokenStore());
- cancellerParameters.setKeyRequirements(keyRequirements);
- cancellerParameters.setTokenRequirements(tokenRequirements);
- cancellerParameters.setToken(cancelTarget);
-
- //
- // Cancel token
- //
- TokenCancellerResponse tokenResponse = null;
- for (TokenCanceller tokenCanceller : tokencancellers) {
- if (tokenCanceller.canHandleToken(cancelTarget)) {
- try {
- tokenResponse = tokenCanceller.cancelToken(cancellerParameters);
- } catch (RuntimeException ex) {
- LOG.log(Level.WARNING, "", ex);
- throw new STSException(
- "Error while cancelling a token", ex, STSException.REQUEST_FAILED
- );
+ try {
+ RequestParser requestParser = parseRequest(request, context);
+
+ KeyRequirements keyRequirements = requestParser.getKeyRequirements();
+ TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
+
+ cancellerParameters.setStsProperties(stsProperties);
+ cancellerParameters.setPrincipal(context.getUserPrincipal());
+ cancellerParameters.setWebServiceContext(context);
+ cancellerParameters.setTokenStore(getTokenStore());
+
+ cancellerParameters.setKeyRequirements(keyRequirements);
+ cancellerParameters.setTokenRequirements(tokenRequirements);
+
+ ReceivedToken cancelTarget = tokenRequirements.getCancelTarget();
+ if (cancelTarget == null || cancelTarget.getToken() == null) {
+ throw new STSException("No element presented for cancellation", STSException.INVALID_REQUEST);
+ }
+ cancellerParameters.setToken(cancelTarget);
+
+ if (tokenRequirements.getTokenType() == null) {
+ tokenRequirements.setTokenType(STSConstants.STATUS);
+ LOG.fine(
+ "Received TokenType is null, falling back to default token type: " + STSConstants.STATUS
+ );
+ }
+
+ //
+ // Cancel token
+ //
+ TokenCancellerResponse tokenResponse = null;
+ for (TokenCanceller tokenCanceller : tokencancellers) {
+ if (tokenCanceller.canHandleToken(cancelTarget)) {
+ try {
+ tokenResponse = tokenCanceller.cancelToken(cancellerParameters);
+ } catch (RuntimeException ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw new STSException(
+ "Error while cancelling a token", ex, STSException.REQUEST_FAILED
+ );
+ }
+ break;
}
- break;
}
- }
- if (tokenResponse == null || tokenResponse.getToken() == null) {
- LOG.fine("No Token Canceller has been found that can handle this token");
- throw new STSException(
- "No token canceller found for requested token type: "
- + tokenRequirements.getTokenType(),
- STSException.REQUEST_FAILED
- );
- }
-
- if (tokenResponse.getToken().getState() != STATE.CANCELLED) {
- LOG.log(Level.WARNING, "Token cancellation failed.");
- throw new STSException("Token cancellation failed.");
- }
+ if (tokenResponse == null || tokenResponse.getToken() == null) {
+ LOG.fine("No Token Canceller has been found that can handle this token");
+ throw new STSException(
+ "No token canceller found for requested token type: "
+ + tokenRequirements.getTokenType(),
+ STSException.REQUEST_FAILED
+ );
+ }
+
+ if (tokenResponse.getToken().getState() != STATE.CANCELLED) {
+ LOG.log(Level.WARNING, "Token cancellation failed.");
+ throw new STSException("Token cancellation failed.");
+ }
+
+ // prepare response
+ try {
+ RequestSecurityTokenResponseType response = createResponse(tokenRequirements);
+ ApplicationEvent event = new STSCancelSuccessEvent(cancellerParameters,
+ System.currentTimeMillis() - start);
+ publishEvent(event);
+ return response;
+ } catch (Throwable ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
+ }
- // prepare response
- try {
- return createResponse(tokenRequirements);
- } catch (Throwable ex) {
- LOG.log(Level.WARNING, "", ex);
- throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
+ } catch (RuntimeException ex) {
+ ApplicationEvent event = new STSCancelFailureEvent(cancellerParameters,
+ System.currentTimeMillis() - start, ex);
+ publishEvent(event);
+ throw ex;
}
}
Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java?rev=1483544&r1=1483543&r2=1483544&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java Thu May 16 20:20:00 2013
@@ -29,6 +29,8 @@ import javax.xml.ws.WebServiceContext;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.sts.QNameConstants;
import org.apache.cxf.sts.claims.RequestClaimCollection;
+import org.apache.cxf.sts.event.STSIssueFailureEvent;
+import org.apache.cxf.sts.event.STSIssueSuccessEvent;
import org.apache.cxf.sts.request.KeyRequirements;
import org.apache.cxf.sts.request.ReceivedToken;
import org.apache.cxf.sts.request.ReceivedToken.STATE;
@@ -54,6 +56,7 @@ import org.apache.cxf.ws.security.sts.pr
import org.apache.cxf.ws.security.sts.provider.operation.IssueOperation;
import org.apache.cxf.ws.security.sts.provider.operation.IssueSingleOperation;
import org.apache.ws.security.WSSecurityException;
+import org.springframework.context.ApplicationEvent;
/**
* An implementation of the IssueOperation interface.
@@ -91,90 +94,103 @@ public class TokenIssueOperation extends
RequestSecurityTokenType request,
WebServiceContext context
) {
- RequestParser requestParser = parseRequest(request, context);
-
- TokenProviderParameters providerParameters = createTokenProviderParameters(requestParser, context);
-
- // Check if the requested claims can be handled by the configured claim handlers
- RequestClaimCollection requestedClaims = providerParameters.getRequestedPrimaryClaims();
- checkClaimsSupport(requestedClaims);
- requestedClaims = providerParameters.getRequestedSecondaryClaims();
- checkClaimsSupport(requestedClaims);
- providerParameters.setClaimsManager(claimsManager);
-
- String realm = providerParameters.getRealm();
-
- TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
- String tokenType = tokenRequirements.getTokenType();
-
-
- // Validate OnBehalfOf token if present
- if (providerParameters.getTokenRequirements().getOnBehalfOf() != null) {
- ReceivedToken validateTarget = providerParameters.getTokenRequirements().getOnBehalfOf();
- TokenValidatorResponse tokenResponse = validateReceivedToken(
- context, realm, tokenRequirements, validateTarget);
-
- if (tokenResponse == null) {
- LOG.fine("No Token Validator has been found that can handle this token");
- } else if (validateTarget.getState().equals(STATE.INVALID)) {
- throw new STSException("Incoming token is invalid", STSException.REQUEST_FAILED);
- } else if (validateTarget.getState().equals(STATE.VALID)) {
- processValidToken(providerParameters, validateTarget, tokenResponse);
- } else {
- //[TODO] Add plugin for validation out-of-band
- // Example:
- // If the requestor is in the possession of a certificate (mutual ssl handshake)
- // the STS trusts the token sent in OnBehalfOf element
- }
- if (tokenResponse != null) {
- Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
- if (additionalProperties != null) {
- providerParameters.setAdditionalProperties(additionalProperties);
+ long start = System.currentTimeMillis();
+ TokenProviderParameters providerParameters = new TokenProviderParameters();
+ try {
+ RequestParser requestParser = parseRequest(request, context);
+
+ providerParameters = createTokenProviderParameters(requestParser, context);
+
+ // Check if the requested claims can be handled by the configured claim handlers
+ RequestClaimCollection requestedClaims = providerParameters.getRequestedPrimaryClaims();
+ checkClaimsSupport(requestedClaims);
+ requestedClaims = providerParameters.getRequestedSecondaryClaims();
+ checkClaimsSupport(requestedClaims);
+ providerParameters.setClaimsManager(claimsManager);
+
+ String realm = providerParameters.getRealm();
+
+ TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
+ String tokenType = tokenRequirements.getTokenType();
+
+
+ // Validate OnBehalfOf token if present
+ if (providerParameters.getTokenRequirements().getOnBehalfOf() != null) {
+ ReceivedToken validateTarget = providerParameters.getTokenRequirements().getOnBehalfOf();
+ TokenValidatorResponse tokenResponse = validateReceivedToken(
+ context, realm, tokenRequirements, validateTarget);
+
+ if (tokenResponse == null) {
+ LOG.fine("No Token Validator has been found that can handle this token");
+ } else if (validateTarget.getState().equals(STATE.INVALID)) {
+ throw new STSException("Incoming token is invalid", STSException.REQUEST_FAILED);
+ } else if (validateTarget.getState().equals(STATE.VALID)) {
+ processValidToken(providerParameters, validateTarget, tokenResponse);
+ } else {
+ //[TODO] Add plugin for validation out-of-band
+ // Example:
+ // If the requestor is in the possession of a certificate (mutual ssl handshake)
+ // the STS trusts the token sent in OnBehalfOf element
+ }
+ if (tokenResponse != null) {
+ Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
+ if (additionalProperties != null) {
+ providerParameters.setAdditionalProperties(additionalProperties);
+ }
}
}
- }
-
- // create token
- TokenProviderResponse tokenResponse = null;
- for (TokenProvider tokenProvider : tokenProviders) {
- boolean canHandle = false;
- if (realm == null) {
- canHandle = tokenProvider.canHandleToken(tokenType);
- } else {
- canHandle = tokenProvider.canHandleToken(tokenType, realm);
- }
- if (canHandle) {
- try {
- tokenResponse = tokenProvider.createToken(providerParameters);
- } catch (STSException ex) {
- LOG.log(Level.WARNING, "", ex);
- throw ex;
- } catch (RuntimeException ex) {
- LOG.log(Level.WARNING, "", ex);
- throw new STSException("Error in providing a token", ex, STSException.REQUEST_FAILED);
+
+ // create token
+ TokenProviderResponse tokenResponse = null;
+ for (TokenProvider tokenProvider : tokenProviders) {
+ boolean canHandle = false;
+ if (realm == null) {
+ canHandle = tokenProvider.canHandleToken(tokenType);
+ } else {
+ canHandle = tokenProvider.canHandleToken(tokenType, realm);
+ }
+ if (canHandle) {
+ try {
+ tokenResponse = tokenProvider.createToken(providerParameters);
+ } catch (STSException ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw ex;
+ } catch (RuntimeException ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw new STSException("Error in providing a token", ex, STSException.REQUEST_FAILED);
+ }
+ break;
}
- break;
}
- }
- if (tokenResponse == null || tokenResponse.getToken() == null) {
- LOG.log(Level.WARNING, "No token provider found for requested token type: " + tokenType);
- throw new STSException(
- "No token provider found for requested token type: " + tokenType,
- STSException.REQUEST_FAILED
- );
- }
- // prepare response
- try {
- KeyRequirements keyRequirements = requestParser.getKeyRequirements();
- EncryptionProperties encryptionProperties = providerParameters.getEncryptionProperties();
- RequestSecurityTokenResponseType response =
- createResponse(
- encryptionProperties, tokenResponse, tokenRequirements, keyRequirements, context
+ if (tokenResponse == null || tokenResponse.getToken() == null) {
+ LOG.log(Level.WARNING, "No token provider found for requested token type: " + tokenType);
+ throw new STSException(
+ "No token provider found for requested token type: " + tokenType,
+ STSException.REQUEST_FAILED
);
- return response;
- } catch (Throwable ex) {
- LOG.log(Level.WARNING, "", ex);
- throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
+ }
+ // prepare response
+ try {
+ KeyRequirements keyRequirements = requestParser.getKeyRequirements();
+ EncryptionProperties encryptionProperties = providerParameters.getEncryptionProperties();
+ RequestSecurityTokenResponseType response =
+ createResponse(
+ encryptionProperties, tokenResponse, tokenRequirements, keyRequirements, context
+ );
+ ApplicationEvent event = new STSIssueSuccessEvent(providerParameters,
+ System.currentTimeMillis() - start);
+ publishEvent(event);
+ return response;
+ } catch (Throwable ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
+ }
+
+ } catch (RuntimeException ex) {
+ ApplicationEvent event = new STSIssueFailureEvent(providerParameters,
+ System.currentTimeMillis() - start, ex);
+ publishEvent(event);
+ throw ex;
}
}
Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java?rev=1483544&r1=1483543&r2=1483544&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java Thu May 16 20:20:00 2013
@@ -31,6 +31,8 @@ import javax.xml.ws.WebServiceContext;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.sts.QNameConstants;
import org.apache.cxf.sts.RealmParser;
+import org.apache.cxf.sts.event.STSRenewFailureEvent;
+import org.apache.cxf.sts.event.STSRenewSuccessEvent;
import org.apache.cxf.sts.request.KeyRequirements;
import org.apache.cxf.sts.request.ReceivedToken;
import org.apache.cxf.sts.request.ReceivedToken.STATE;
@@ -51,6 +53,7 @@ import org.apache.cxf.ws.security.sts.pr
import org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType;
import org.apache.cxf.ws.security.sts.provider.operation.RenewOperation;
import org.apache.ws.security.WSSecurityException;
+import org.springframework.context.ApplicationEvent;
/**
* An implementation of the IssueOperation interface to renew tokens.
@@ -72,105 +75,129 @@ public class TokenRenewOperation extends
public RequestSecurityTokenResponseType renew(
RequestSecurityTokenType request, WebServiceContext context
) {
- RequestParser requestParser = parseRequest(request, context);
-
- KeyRequirements keyRequirements = requestParser.getKeyRequirements();
- TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
-
- ReceivedToken renewTarget = tokenRequirements.getRenewTarget();
- if (renewTarget == null || renewTarget.getToken() == null) {
- throw new STSException("No element presented for renewal", STSException.INVALID_REQUEST);
- }
- if (tokenRequirements.getTokenType() == null) {
- LOG.fine("Received TokenType is null");
- }
-
- // Get the realm of the request
- String realm = null;
- if (stsProperties.getRealmParser() != null) {
- RealmParser realmParser = stsProperties.getRealmParser();
- realm = realmParser.parseRealm(context);
- }
-
- // Validate the request
- TokenValidatorResponse tokenResponse = validateReceivedToken(
- context, realm, tokenRequirements, renewTarget);
-
- if (tokenResponse == null) {
- LOG.fine("No Token Validator has been found that can handle this token");
- renewTarget.setState(STATE.INVALID);
- throw new STSException(
- "No Token Validator has been found that can handle this token"
- + tokenRequirements.getTokenType(),
- STSException.REQUEST_FAILED
- );
- }
-
- // Reject an invalid token
- if (tokenResponse.getToken().getState() != STATE.EXPIRED
- && tokenResponse.getToken().getState() != STATE.VALID) {
- LOG.fine("The token is not valid or expired, and so it cannot be renewed");
- throw new STSException(
- "No Token Validator has been found that can handle this token"
- + tokenRequirements.getTokenType(),
- STSException.REQUEST_FAILED
- );
- }
+ long start = System.currentTimeMillis();
+ TokenRenewerParameters renewerParameters = new TokenRenewerParameters();
- //
- // Renew the token
- //
- TokenRenewerResponse tokenRenewerResponse = null;
- TokenRenewerParameters renewerParameters = createTokenRenewerParameters(requestParser, context);
- Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
- if (additionalProperties != null) {
- renewerParameters.setAdditionalProperties(additionalProperties);
- }
- renewerParameters.setRealm(tokenResponse.getTokenRealm());
- renewerParameters.setToken(tokenResponse.getToken());
-
- realm = tokenResponse.getTokenRealm();
- for (TokenRenewer tokenRenewer : tokenRenewers) {
- boolean canHandle = false;
- if (realm == null) {
- canHandle = tokenRenewer.canHandleToken(tokenResponse.getToken());
- } else {
- canHandle = tokenRenewer.canHandleToken(tokenResponse.getToken(), realm);
+ try {
+ RequestParser requestParser = parseRequest(request, context);
+
+ KeyRequirements keyRequirements = requestParser.getKeyRequirements();
+ TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
+
+ renewerParameters.setStsProperties(stsProperties);
+ renewerParameters.setPrincipal(context.getUserPrincipal());
+ renewerParameters.setWebServiceContext(context);
+ renewerParameters.setTokenStore(getTokenStore());
+
+ renewerParameters.setKeyRequirements(keyRequirements);
+ renewerParameters.setTokenRequirements(tokenRequirements);
+
+ ReceivedToken renewTarget = tokenRequirements.getRenewTarget();
+ if (renewTarget == null || renewTarget.getToken() == null) {
+ throw new STSException("No element presented for renewal", STSException.INVALID_REQUEST);
}
- if (canHandle) {
- try {
- tokenRenewerResponse = tokenRenewer.renewToken(renewerParameters);
- } catch (STSException ex) {
- LOG.log(Level.WARNING, "", ex);
- throw ex;
- } catch (RuntimeException ex) {
- LOG.log(Level.WARNING, "", ex);
- throw new STSException(
- "Error in providing a token", ex, STSException.REQUEST_FAILED
- );
+ renewerParameters.setToken(renewTarget);
+
+ if (tokenRequirements.getTokenType() == null) {
+ LOG.fine("Received TokenType is null");
+ }
+
+ // Get the realm of the request
+ String realm = null;
+ if (stsProperties.getRealmParser() != null) {
+ RealmParser realmParser = stsProperties.getRealmParser();
+ realm = realmParser.parseRealm(context);
+ }
+ renewerParameters.setRealm(realm);
+
+ // Validate the request
+ TokenValidatorResponse tokenResponse = validateReceivedToken(
+ context, realm, tokenRequirements, renewTarget);
+
+ if (tokenResponse == null) {
+ LOG.fine("No Token Validator has been found that can handle this token");
+ renewTarget.setState(STATE.INVALID);
+ throw new STSException(
+ "No Token Validator has been found that can handle this token"
+ + tokenRequirements.getTokenType(),
+ STSException.REQUEST_FAILED
+ );
+ }
+
+ // Reject an invalid token
+ if (tokenResponse.getToken().getState() != STATE.EXPIRED
+ && tokenResponse.getToken().getState() != STATE.VALID) {
+ LOG.fine("The token is not valid or expired, and so it cannot be renewed");
+ throw new STSException(
+ "No Token Validator has been found that can handle this token"
+ + tokenRequirements.getTokenType(),
+ STSException.REQUEST_FAILED
+ );
+ }
+
+ //
+ // Renew the token
+ //
+ TokenRenewerResponse tokenRenewerResponse = null;
+ renewerParameters = createTokenRenewerParameters(requestParser, context);
+ Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
+ if (additionalProperties != null) {
+ renewerParameters.setAdditionalProperties(additionalProperties);
+ }
+ renewerParameters.setRealm(tokenResponse.getTokenRealm());
+ renewerParameters.setToken(tokenResponse.getToken());
+
+ realm = tokenResponse.getTokenRealm();
+ for (TokenRenewer tokenRenewer : tokenRenewers) {
+ boolean canHandle = false;
+ if (realm == null) {
+ canHandle = tokenRenewer.canHandleToken(tokenResponse.getToken());
+ } else {
+ canHandle = tokenRenewer.canHandleToken(tokenResponse.getToken(), realm);
+ }
+ if (canHandle) {
+ try {
+ tokenRenewerResponse = tokenRenewer.renewToken(renewerParameters);
+ } catch (STSException ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw ex;
+ } catch (RuntimeException ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw new STSException(
+ "Error in providing a token", ex, STSException.REQUEST_FAILED
+ );
+ }
+ break;
}
- break;
}
- }
- if (tokenRenewerResponse == null || tokenRenewerResponse.getToken() == null) {
- LOG.fine("No Token Renewer has been found that can handle this token");
- throw new STSException(
- "No token renewer found for requested token type", STSException.REQUEST_FAILED
- );
- }
-
- // prepare response
- try {
- EncryptionProperties encryptionProperties = renewerParameters.getEncryptionProperties();
- RequestSecurityTokenResponseType response =
- createResponse(
- encryptionProperties, tokenRenewerResponse, tokenRequirements, keyRequirements, context
+ if (tokenRenewerResponse == null || tokenRenewerResponse.getToken() == null) {
+ LOG.fine("No Token Renewer has been found that can handle this token");
+ throw new STSException(
+ "No token renewer found for requested token type", STSException.REQUEST_FAILED
);
- return response;
- } catch (Throwable ex) {
- LOG.log(Level.WARNING, "", ex);
- throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
- }
+ }
+
+ // prepare response
+ try {
+ EncryptionProperties encryptionProperties = renewerParameters.getEncryptionProperties();
+ RequestSecurityTokenResponseType response =
+ createResponse(
+ encryptionProperties, tokenRenewerResponse, tokenRequirements, keyRequirements, context
+ );
+ ApplicationEvent event = new STSRenewSuccessEvent(renewerParameters,
+ System.currentTimeMillis() - start);
+ publishEvent(event);
+ return response;
+ } catch (Throwable ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
+ }
+ } catch (RuntimeException ex) {
+ ApplicationEvent event = new STSRenewFailureEvent(renewerParameters,
+ System.currentTimeMillis() - start, ex);
+ publishEvent(event);
+ throw ex;
+ }
}
private RequestSecurityTokenResponseType createResponse(