You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by jl...@apache.org on 2010/11/29 08:54:36 UTC

svn commit: r1040029 - in /openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf: ConfigureCxfSecurity.java WSSPassThroughInterceptor.java

Author: jlmonteiro
Date: Mon Nov 29 07:54:36 2010
New Revision: 1040029

URL: http://svn.apache.org/viewvc?rev=1040029&view=rev
Log:
OPENEJB-1405 WS Security mustUnderstand flag not treated when handlers are used

Added:
    openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java
Modified:
    openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java

Modified: openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java?rev=1040029&r1=1040028&r2=1040029&view=diff
==============================================================================
--- openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java (original)
+++ openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java Mon Nov 29 07:54:36 2010
@@ -29,7 +29,7 @@ import org.apache.ws.security.handler.WS
 
 /**
  * Helper class to extract WSS4J properties from a set of properties. More over,
- * it configures In and Out interceptor to manage WS6Security.
+ * it configures In and Out interceptor to manage WS-Security.
  *
  */
 public class ConfigureCxfSecurity {
@@ -65,6 +65,10 @@ public class ConfigureCxfSecurity {
 	if (null != inProps && !inProps.isEmpty()) {
 	    endpoint.getInInterceptors().add(new SAAJInInterceptor());
 	    endpoint.getInInterceptors().add(new WSS4JInInterceptor(inProps));
+
+        // if WS Security is used with a JAX-WS handler (See EjbInterceptor), we have to deal with mustUnderstand flag
+        // in WS Security headers. So, let's add an interceptor
+        endpoint.getInInterceptors().add(new WSSPassThroughInterceptor());
 	}
 
 	if (null != outProps && !outProps.isEmpty()) {

Added: openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java?rev=1040029&view=auto
==============================================================================
--- openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java (added)
+++ openejb/trunk/openejb3/server/openejb-cxf/src/main/java/org/apache/openejb/server/cxf/WSSPassThroughInterceptor.java Mon Nov 29 07:54:36 2010
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.openejb.server.cxf;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.ws.security.WSConstants;
+
+import javax.xml.namespace.QName;
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * When using JAX-WS Handler, the {@link org.apache.openejb.server.cxf.ejb.EjbInterceptor}
+ * adds the {@link org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor}. OpenEJB now supports
+ * WS Security out of the box, so it must indicates WS Security headers have been treated. That is simply done
+ * using that fake interceptor.
+ *
+ * $Id$
+ */
+public class WSSPassThroughInterceptor extends AbstractSoapInterceptor {
+    private static final Set<QName> HEADERS = new HashSet<QName>();
+       static {
+           HEADERS.add(new QName(WSConstants.WSSE_NS, WSConstants.WSSE_LN));
+           HEADERS.add(new QName(WSConstants.WSSE11_NS, WSConstants.WSSE_LN));
+           HEADERS.add(new QName(WSConstants.ENC_NS, WSConstants.ENC_DATA_LN));
+       }
+
+       public WSSPassThroughInterceptor() {
+           super(Phase.PRE_PROTOCOL);
+       }
+
+       public WSSPassThroughInterceptor(String phase) {
+           super(phase);
+       }
+
+       @Override
+       public Set<QName> getUnderstoodHeaders() {
+           return HEADERS;
+       }
+
+       public void handleMessage(SoapMessage soapMessage) {
+           // do nothing
+           
+           // this interceptor simply returns all WS-Security headers in its getUnderstoodHeaders()
+           // method, so that CXF does not complain that they have not been "processed"
+           // this is useful if you only need to look at the non-encrypted XML
+       }
+
+}