You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2017/03/28 12:50:50 UTC

cxf git commit: Updating XmlSecInInterceptor on 3.0.x

Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 491a6e81e -> 3d4462f94


Updating XmlSecInInterceptor on 3.0.x


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/3d4462f9
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/3d4462f9
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/3d4462f9

Branch: refs/heads/3.0.x-fixes
Commit: 3d4462f94085dc4f6f459befc6e397568fa9aec3
Parents: 491a6e8
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Tue Mar 28 13:50:30 2017 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Tue Mar 28 13:50:30 2017 +0100

----------------------------------------------------------------------
 .../cxf/jaxrs/impl/AbstractPropertiesImpl.java  |  4 ++
 .../rs/security/xml/XmlSecInInterceptor.java    | 47 +++++++++++++++-----
 2 files changed, 40 insertions(+), 11 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/3d4462f9/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
----------------------------------------------------------------------
diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
index caf8139..2b69400 100644
--- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
+++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
@@ -47,4 +47,8 @@ public abstract class AbstractPropertiesImpl {
     public Collection<String> getPropertyNames() {
         return holder.getPropertyNames();
     }
+    
+    public Message getMessage() {
+        return m;
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d4462f9/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
index 21b431b..07bc910 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
@@ -34,16 +34,21 @@ import java.util.regex.PatternSyntaxException;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.ReaderInterceptor;
+import javax.ws.rs.ext.ReaderInterceptorContext;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.XMLStreamReader;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.interceptor.StaxInInterceptor;
+import org.apache.cxf.jaxrs.impl.ReaderInterceptorContextImpl;
 import org.apache.cxf.jaxrs.utils.ExceptionUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.phase.AbstractPhaseInterceptor;
 import org.apache.cxf.phase.Phase;
 import org.apache.cxf.rs.security.common.CryptoLoader;
@@ -71,7 +76,7 @@ import org.apache.xml.security.stax.securityToken.SecurityToken;
 /**
  * A new StAX-based interceptor for processing messages with XML Signature + Encryption content.
  */
-public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> {
+public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> implements ReaderInterceptor {
     
     private static final Logger LOG = LogUtils.getL7dLogger(XmlSecInInterceptor.class);
     
@@ -93,14 +98,16 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> {
     }
     
     public void handleMessage(Message message) throws Fault {
-        String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
-        if ("GET".equals(method)) {
+        if (isServerGet(message)) {
             return;
         }
-        
-        Message outMs = message.getExchange().getOutMessage();
-        Message inMsg = outMs == null ? message : outMs.getExchange().getInMessage();
-        
+        prepareMessage(message);
+        message.getInterceptorChain().add(
+              new StaxActionInInterceptor(requireSignature, requireEncryption));
+    }
+
+    private void prepareMessage(Message inMsg) throws Fault {
+
         XMLStreamReader originalXmlStreamReader = inMsg.getContent(XMLStreamReader.class);
         if (originalXmlStreamReader == null) {
             InputStream is = inMsg.getContent(InputStream.class);
@@ -108,10 +115,7 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> {
                 originalXmlStreamReader = StaxUtils.createXMLStreamReader(is);
             }
         }
-        
-        inMsg.getInterceptorChain().add(
-            new StaxActionInInterceptor(requireSignature, requireEncryption));
-        
+
         try {
             XMLSecurityProperties properties = new XMLSecurityProperties();
             configureDecryptionKeys(inMsg, properties);
@@ -136,6 +140,11 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> {
             throwFault(e.getMessage(), e);
         }
     }
+
+    private boolean isServerGet(Message message) {
+        String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
+        return "GET".equals(method) && !MessageUtils.isRequestor(message);
+    }
     
     private void configureDecryptionKeys(Message message, XMLSecurityProperties properties) 
         throws IOException, 
@@ -376,6 +385,22 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> {
         }
     }
     
+    @Override
+    public Object aroundReadFrom(ReaderInterceptorContext ctx) throws IOException, WebApplicationException {
+        Message message = ((ReaderInterceptorContextImpl)ctx).getMessage();
+
+        if (isServerGet(message)) {
+            return ctx.proceed();
+        } else {
+            prepareMessage(message);
+            Object object = ctx.proceed();
+            new StaxActionInInterceptor(requireSignature,
+                                        requireEncryption).handleMessage(message);
+            return object;
+        }
+
+    }
+    
     /**
      * This interceptor handles parsing the StaX results (events) + checks to see whether the 
      * required (if any) Actions (signature or encryption) were fulfilled.