View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.chemistry.opencmis.server.impl.webservices;
20  
21  import com.sun.xml.ws.api.handler.MessageHandler;
22  import com.sun.xml.ws.api.handler.MessageHandlerContext;
23  import com.sun.xml.ws.api.message.Header;
24  import com.sun.xml.ws.api.message.HeaderList;
25  import com.sun.xml.ws.api.message.Message;
26  
27  import java.util.HashMap;
28  import java.util.Map;
29  import java.util.Set;
30  
31  import javax.xml.bind.JAXBElement;
32  import javax.xml.namespace.QName;
33  import javax.xml.ws.handler.MessageContext;
34  import javax.xml.ws.handler.MessageContext.Scope;
35  
36  
37  /**
38   * This class tries to extract a user name and a password from a UsernameToken.
39   */
40  public class AuthHandler extends AbstractUsernameTokenAuthHandler implements MessageHandler<MessageHandlerContext>
41  {
42      public Set<QName> getHeaders(  )
43      {
44          return HEADERS;
45      }
46  
47      public void close( MessageContext context )
48      {
49      }
50  
51      public boolean handleFault( MessageHandlerContext context )
52      {
53          return true;
54      }
55  
56      public boolean handleMessage( MessageHandlerContext context )
57      {
58          Boolean outboundProperty = (Boolean) context.get( MessageContext.MESSAGE_OUTBOUND_PROPERTY );
59  
60          if ( outboundProperty.booleanValue(  ) )
61          {
62              // we are only looking at inbound messages
63              return true;
64          }
65  
66          Map<String, String> callContextMap = null;
67  
68          try
69          {
70              // read the header
71              Message msg = context.getMessage(  );
72              HeaderList hl = msg.getHeaders(  );
73              Header securityHeader = hl.get( WSSE_SECURITY, true );
74  
75              JAXBElement<SecurityHeaderType> sht = securityHeader.readAsJAXB( WSSE_CONTEXT.createUnmarshaller(  ) );
76  
77              callContextMap = extractUsernamePassword( sht );
78          }
79          catch ( Exception e )
80          {
81              // something went wrong, e.g. a part of the SOAP header wasn't set
82          }
83  
84          // add user and password to context
85          if ( callContextMap == null )
86          {
87              callContextMap = new HashMap<String, String>(  );
88          }
89  
90          context.put( AbstractService.CALL_CONTEXT_MAP, callContextMap );
91          context.setScope( AbstractService.CALL_CONTEXT_MAP, Scope.APPLICATION );
92  
93          return true;
94      }
95  }