List of usage examples for javax.xml.ws.handler MessageContext SERVLET_CONTEXT
String SERVLET_CONTEXT
To view the source code for javax.xml.ws.handler MessageContext SERVLET_CONTEXT.
Click Source Link
From source file:be.fedict.trust.xkms2.ServiceConsumerInstanceResolver.java
@Override public T resolve(Packet request) { T endpoint = create();//from ww w .j av a 2 s. co m ServletContext servletContext = (ServletContext) request.get(MessageContext.SERVLET_CONTEXT); TrustService trustService = ServiceConsumerServletContextListener.getTrustService(servletContext); injectServices(endpoint, trustService); return endpoint; }
From source file:be.fedict.eid.dss.ws.ServiceConsumerInstanceResolver.java
@Override public T resolve(Packet request) { T endpoint = create();/*from ww w. j a v a 2s . c o m*/ ServletContext servletContext = (ServletContext) request.get(MessageContext.SERVLET_CONTEXT); SignatureVerificationService signatureVerificationService = ServiceConsumerServletContextListener .getSignatureVerificationService(servletContext); DocumentService documentService = ServiceConsumerServletContextListener.getDocumentService(servletContext); injectServices(endpoint, signatureVerificationService, documentService); return endpoint; }
From source file:be.fedict.eid.idp.protocol.saml2.artifact.ArtifactServicePortImpl.java
public ArtifactResponseType resolve(ArtifactResolveType artifactResolveType) { LOG.debug("Resolve: " + artifactResolveType.getArtifact()); ServletContext servletContext = (ServletContext) context.getMessageContext() .get(MessageContext.SERVLET_CONTEXT); // construct successfull artifact response ArtifactResponse artifactResponse = getArtifactResponse(artifactResolveType.getID()); // get SAML Artifact Map SAMLArtifactMap artifactMap = AbstractSAML2ArtifactProtocolService.getArtifactMap(servletContext); SAMLArtifactMap.SAMLArtifactMapEntry entry = artifactMap.get(artifactResolveType.getArtifact()); // Add entry if found and remove from map if (null != entry) { // validate issuer with entry.issuer if (!entry.getRelyingPartyId().equals(artifactResolveType.getIssuer().getValue())) { String message = "ArtifactResolve Issuer (" + artifactResolveType.getIssuer().getValue() + ") does not match entry RP ID!"; LOG.error(message + " (" + entry.getIssuerId() + ")"); artifactResponse = getArtifactResponse(artifactResolveType.getID(), StatusCode.REQUEST_DENIED_URI, message);/*from w ww . j a va 2s .co m*/ } else { LOG.debug("response found and added"); artifactResponse.setMessage(entry.getSamlMessage()); artifactMap.remove(artifactResolveType.getArtifact()); } } return Saml2Util.toJAXB(artifactResponse, ArtifactResponseType.class); }
From source file:de.drv.dsrv.spoc.web.webservice.jax.ExtraSchemaValidationHandler.java
@Override public boolean handleMessage(final SOAPMessageContext context) { // Nur fuer den Eingang final Boolean isOutBound = (Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY); if (isOutBound) { return true; }/*from w w w . j a va2 s . c o m*/ // Servlet-Context speichern final ServletContext servletContext = (ServletContext) context.get(MessageContext.SERVLET_CONTEXT); SOAPBody soapBody = getSoapBody(context); try { // Pruefe SOAP-Body if (soapBody == null) { try { // Erstelle neue SOAP-Message mit SOAP-Body final SOAPMessage soapMessage = MessageFactory.newInstance().createMessage(); soapBody = soapMessage.getSOAPBody(); context.setMessage(soapMessage); } catch (final SOAPException e) { LOG.error("Exception beim Erstellen einer SOAP-Message.", e); } // Request ungueltig - z.B. ungueltiges XML throw new InvalidExtraRequestException(resourceBundle.getString(Messages.ERROR_REQUEST_NO_EXTRA)); } // Hole Transport-Element final Node transportNode = getTransportElement(soapBody); if (transportNode == null) { // kein 'Transport'-Element, Request ungueltig throw new InvalidExtraRequestException(resourceBundle.getString(Messages.ERROR_REQUEST_NO_EXTRA)); } // Validiere Request-XML gegen eXTra-Schema validateExtraRequest(transportNode, servletContext); } catch (final InvalidExtraRequestException e) { return handleException(soapBody, e.getMessage(), ExtraErrorReasonType.INVALID_REQUEST); } catch (final Exception e) { LOG.error("Unbekannter Fehler beim Request-Validierung.", e); return handleException(soapBody, resourceBundle.getString(Messages.ERROR_REQUEST_VALIDATION_UNKNOWN), ExtraErrorReasonType.UNSPECIFIED); } return true; }
From source file:be.fedict.eid.idp.protocol.saml2.artifact.ArtifactServiceServerHandler.java
private void handleOutboundDocument(SOAPPart soapPart, SOAPMessageContext soapMessageContext) { LOG.debug("handle outbound"); // find optional IdP Identity for signing ServletContext servletContext = (ServletContext) soapMessageContext.get(MessageContext.SERVLET_CONTEXT); IdentityProviderConfiguration configuration = AbstractSAML2ProtocolService .getIdPConfiguration(servletContext); IdPIdentity idpIdentity = configuration.findIdentity(); if (null != idpIdentity) { try {//from w ww . j a v a 2 s . c o m LOG.debug("IdP Identity found, singing..."); // find assertion and sing if (null != Saml2Util.find(soapPart, XPATH_RESPONSE_ASSERTION)) { sign(soapPart, XPATH_RESPONSE_ASSERTION, XPATH_RESPONSE_ASSERTION_ISSUER, idpIdentity); } // find Response and sign if (null != Saml2Util.find(soapPart, XPATH_RESPONSE)) { sign(soapPart, XPATH_RESPONSE, XPATH_RESPONSE_STATUS, idpIdentity); } // find ArtifactResponse and sign sign(soapPart, XPATH_ARTIFACT_RESPONSE, XPATH_STATUS, idpIdentity); } catch (NoSuchAlgorithmException e) { throw createSOAPFaultException("Signing failed: " + "NoSuchAlgorithmException: " + e.getMessage()); } catch (InvalidAlgorithmParameterException e) { throw createSOAPFaultException( "Signing failed: " + "InvalidAlgorithmParameterException: " + e.getMessage()); } catch (MarshalException e) { throw createSOAPFaultException("Signing failed: " + "MarshalException: " + e.getMessage()); } catch (XMLSignatureException e) { throw createSOAPFaultException("Signing failed: " + "XMLSignatureException: " + e.getMessage()); } } }
From source file:edu.duke.cabig.c3pr.web.security.SecureWebServiceHandler.java
public void handleMessage(SoapMessage message) throws Fault { SOAPMessageContext ctx = new SOAPMessageContextImpl(message); try {/*from w w w . j a v a 2 s. c om*/ ServletContext servletContext = (ServletContext) ctx.get(MessageContext.SERVLET_CONTEXT); HttpServletRequest request = (HttpServletRequest) ctx.get(MessageContext.SERVLET_REQUEST); SAMLAssertion samlAssertion = extractSAMLAssertion(message); verifyAssertion(samlAssertion); authenticateSubject(servletContext, samlAssertion); if (SecurityContextHolder.getContext().getAuthentication() == null) { throw new RuntimeException( "Unable to authenticate service caller: perhaps, invalid SAML assertion?"); } AuditInfoFilter.setAuditInfo(request); } catch (Exception e) { log.error(e, e); generateSecurityFault(e); } }
From source file:com.zh.snmp.snmpweb.service.SnmpWebService.java
public void init() { if (service == null) { ServletContext servletContext = (ServletContext) context.getMessageContext() .get(MessageContext.SERVLET_CONTEXT); WebApplicationContext wac = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext); service = (SnmpService) wac.getBean("snmpService"); deviceService = (DeviceService) wac.getBean("deviceService"); configService = (ConfigService) wac.getBean("configService"); }//from w w w. j a v a 2s. c o m }
From source file:be.fedict.trust.xkms2.WSSecurityServerHandler.java
/** * Handles the outbound SOAP message. Adds the WS Security Header containing * a signed timestamp, and signed SOAP body. *//*from w w w . j a va 2 s . com*/ private void handleOutboundDocument(SOAPPart soapPart, SOAPMessageContext soapMessageContext) { LOG.debug("handle outbound document"); ServletContext servletContext = (ServletContext) soapMessageContext.get(MessageContext.SERVLET_CONTEXT); TrustService trustService = ServiceConsumerServletContextListener.getTrustService(servletContext); WSSecurityConfigEntity wsSecurityConfig = trustService.getWsSecurityConfig(); if (wsSecurityConfig.isSigning()) { LOG.debug("adding WS-Security SOAP header"); try { PrivateKeyEntry privateKeyEntry = KeyStoreUtils.loadPrivateKeyEntry(wsSecurityConfig); X509Certificate certificate = (X509Certificate) privateKeyEntry.getCertificate(); PrivateKey privateKey = privateKeyEntry.getPrivateKey(); WSSecHeader wsSecHeader = new WSSecHeader(); wsSecHeader.insertSecurityHeader(soapPart); WSSecTimestamp wsSecTimeStamp = new WSSecTimestamp(); wsSecTimeStamp.setTimeToLive(0); wsSecTimeStamp.build(soapPart, wsSecHeader); ClientCrypto crypto = new ClientCrypto(certificate, privateKey); WSSConfig wssConfig = new WSSConfig(); wssConfig.setWsiBSPCompliant(false); WSSecSignature sign = new WSSecSignature(wssConfig); sign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); sign.prepare(soapPart, crypto, wsSecHeader); sign.appendBSTElementToHeader(wsSecHeader); Vector<WSEncryptionPart> signParts = new Vector<WSEncryptionPart>(); signParts.add(new WSEncryptionPart(wsSecTimeStamp.getId())); SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(soapPart.getDocumentElement()); signParts.add(new WSEncryptionPart(soapConstants.getBodyQName().getLocalPart(), soapConstants.getEnvelopeURI(), "Content")); sign.addReferencesToSign(signParts, wsSecHeader); List<Reference> referenceList = sign.addReferencesToSign(signParts, wsSecHeader); sign.computeSignature(referenceList, false, null); } catch (WSSecurityException e) { trustService.logAudit("WS-Security error: " + e.getMessage()); throw new RuntimeException("WSS4J error: " + e.getMessage(), e); } catch (KeyStoreLoadException e) { trustService.logAudit("Load keystore error: " + e.getMessage()); throw new RuntimeException("Failed to laod keystore: " + e.getMessage(), e); } } }
From source file:be.fedict.eid.idp.protocol.ws_federation.sts.SecurityTokenServicePortImpl.java
@Override public RequestSecurityTokenResponseCollectionType requestSecurityToken(RequestSecurityTokenType request) { List<Object> requestContent = request.getAny(); String expectedAudience = null; for (Object requestObject : requestContent) { LOG.debug("request object type: " + requestObject.getClass().getName()); if (requestObject instanceof JAXBElement) { JAXBElement jaxbElement = (JAXBElement) requestObject; QName qname = jaxbElement.getName(); if (WSTrustConstants.TOKEN_TYPE_QNAME.equals(qname)) { String tokenType = (String) jaxbElement.getValue(); if (false == WSTrustConstants.STATUS_TOKEN_TYPE.equals(tokenType)) { throw new SecurityException("invalid response token type: " + tokenType); }/*from ww w. j av a2s . co m*/ } else if (WSTrustConstants.REQUEST_TYPE_QNAME.equals(qname)) { String requestType = (String) jaxbElement.getValue(); if (false == WSTrustConstants.VALIDATE_REQUEST_TYPE.equals(requestType)) { throw new SecurityException("invalid request type: " + requestType); } } else if (WSTrustConstants.VALIDATE_TARGET_QNAME.equals(qname)) { ValidateTargetType validateTarget = (ValidateTargetType) jaxbElement.getValue(); Object validateTargetObject = validateTarget.getAny(); if (null == validateTargetObject) { throw new SecurityException("missing ValidateTarget content"); } LOG.debug("ValidateTarget content type: " + validateTargetObject.getClass().getName()); // TODO: verify content is indeed SecurityTokenReference } } else if (requestObject instanceof AppliesTo) { AppliesTo appliesTo = (AppliesTo) requestObject; LOG.debug("wsp:AppliesTo present"); List<Object> appliesToContent = appliesTo.getAny(); for (Object appliesToObject : appliesToContent) { LOG.debug("AppliesTo object type: " + appliesToObject.getClass().getName()); if (appliesToObject instanceof JAXBElement) { JAXBElement appliesToElement = (JAXBElement) appliesToObject; QName appliesToQName = appliesToElement.getName(); if (WSTrustConstants.ENDPOINT_REFERENCE_QNAME.equals(appliesToQName)) { EndpointReferenceType endpointReference = (EndpointReferenceType) appliesToElement .getValue(); expectedAudience = endpointReference.getAddress().getValue(); } } } } } Element tokenElement = WSSecuritySoapHandler.getToken(this.context); if (null == tokenElement) { throw new SecurityException("missing Token"); } LOG.debug("token element: " + tokenElement.getLocalName()); LOG.debug("expected audience: " + expectedAudience); ServletContext servletContext = (ServletContext) context.getMessageContext() .get(MessageContext.SERVLET_CONTEXT); IdentityProviderConfiguration identityProviderConfiguration = IdentityProviderConfigurationFactory .getInstance(servletContext); boolean valid; String reason = null; try { validateToken(tokenElement, expectedAudience, identityProviderConfiguration); valid = true; } catch (Exception e) { LOG.error("error validating SAML token: " + e.getMessage(), e); valid = false; reason = e.getMessage(); } RequestSecurityTokenResponseCollectionType responseCollection = this.objectFactory .createRequestSecurityTokenResponseCollectionType(); List<RequestSecurityTokenResponseType> requestSecurityTokenResponses = responseCollection .getRequestSecurityTokenResponse(); RequestSecurityTokenResponseType requestSecurityTokenResponse = this.objectFactory .createRequestSecurityTokenResponseType(); requestSecurityTokenResponses.add(requestSecurityTokenResponse); List<Object> rstsContent = requestSecurityTokenResponse.getAny(); rstsContent.add(this.objectFactory.createTokenType(WSTrustConstants.STATUS_TOKEN_TYPE)); StatusType status = this.objectFactory.createStatusType(); rstsContent.add(this.objectFactory.createStatus(status)); if (valid) { status.setCode(WSTrustConstants.VALID_STATUS_CODE); } else { status.setCode(WSTrustConstants.INVALID_STATUS_CODE); status.setReason(reason); } return responseCollection; }
From source file:org.viafirma.conector.security.SecurityServiceWebHandler.java
private void ipCacheMaker(MessageHandlerContext context, ServletRequest servletRequest) { ipsAllowedList = new LinkedList<String>(); ServletContext servletContext = ((ServletContext) context.get(MessageContext.SERVLET_CONTEXT)); String allowed = (String) servletContext.getAttribute(Constantes.PARAM_ALLOWED); allowed = allowed.trim();/*w w w. j a va 2 s . c om*/ int position; while (allowed.contains(",")) { position = allowed.indexOf(","); this.ipsAllowedList.add(allowed.substring(0, position)); allowed = allowed.substring(position + 1); allowed = allowed.trim(); } ipsAllowedList.add(allowed); }