1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.extras.wssecurity.filters; |
12 | |
|
13 | |
import org.mule.MuleManager; |
14 | |
import org.mule.config.i18n.MessageFactory; |
15 | |
import org.mule.extras.wssecurity.handlers.MuleWSSInHandler; |
16 | |
import org.mule.impl.MuleMessage; |
17 | |
import org.mule.impl.security.AbstractEndpointSecurityFilter; |
18 | |
import org.mule.providers.soap.axis.AxisConnector; |
19 | |
import org.mule.providers.soap.axis.extensions.MuleConfigProvider; |
20 | |
import org.mule.providers.soap.xfire.XFireConnector; |
21 | |
import org.mule.umo.UMOEvent; |
22 | |
import org.mule.umo.lifecycle.InitialisationException; |
23 | |
import org.mule.umo.security.CryptoFailureException; |
24 | |
import org.mule.umo.security.EncryptionStrategyNotFoundException; |
25 | |
import org.mule.umo.security.SecurityException; |
26 | |
import org.mule.umo.security.SecurityProviderNotFoundException; |
27 | |
import org.mule.umo.security.UnknownAuthenticationTypeException; |
28 | |
import org.mule.umo.security.UnsupportedAuthenticationSchemeException; |
29 | |
|
30 | |
import java.util.ArrayList; |
31 | |
import java.util.Hashtable; |
32 | |
import java.util.List; |
33 | |
import java.util.Map; |
34 | |
import java.util.Properties; |
35 | |
|
36 | |
import javax.xml.namespace.QName; |
37 | |
|
38 | |
import org.apache.axis.ConfigurationException; |
39 | |
import org.apache.axis.Handler; |
40 | |
import org.apache.axis.handlers.soap.SOAPService; |
41 | |
import org.apache.axis.server.AxisServer; |
42 | |
import org.apache.ws.axis.security.WSDoAllReceiver; |
43 | |
import org.apache.ws.axis.security.WSDoAllSender; |
44 | |
import org.apache.ws.security.handler.WSHandlerConstants; |
45 | |
import org.codehaus.xfire.XFire; |
46 | |
import org.codehaus.xfire.security.wss4j.WSS4JOutHandler; |
47 | |
import org.codehaus.xfire.service.Service; |
48 | |
import org.codehaus.xfire.util.dom.DOMInHandler; |
49 | |
import org.codehaus.xfire.util.dom.DOMOutHandler; |
50 | |
|
51 | 114 | public class WsSecurityFilter extends AbstractEndpointSecurityFilter |
52 | |
{ |
53 | 114 | private String wsDecryptionFile = null; |
54 | 114 | private String wsSignatureFile = null; |
55 | 114 | private Map addOutboundProperties = null; |
56 | 114 | private Map addInboundProperties = null; |
57 | |
|
58 | |
public String getWsDecryptionFile() |
59 | |
{ |
60 | 0 | return wsDecryptionFile; |
61 | |
} |
62 | |
|
63 | |
public void setWsDecryptionFile(String wsDecryptionFile) |
64 | |
{ |
65 | 46 | this.wsDecryptionFile = wsDecryptionFile; |
66 | 46 | } |
67 | |
|
68 | |
public String getWsSignatureFile() |
69 | |
{ |
70 | 0 | return wsSignatureFile; |
71 | |
} |
72 | |
|
73 | |
public void setWsSignatureFile(String wsSignatureFile) |
74 | |
{ |
75 | 52 | this.wsSignatureFile = wsSignatureFile; |
76 | 52 | } |
77 | |
|
78 | |
|
79 | |
|
80 | |
|
81 | |
|
82 | |
|
83 | |
protected void authenticateInbound(UMOEvent event) |
84 | |
throws SecurityException, CryptoFailureException, SecurityProviderNotFoundException, |
85 | |
EncryptionStrategyNotFoundException, UnknownAuthenticationTypeException |
86 | |
{ |
87 | 22 | Map properties = event.getSession().getComponent().getDescriptor().getProperties(); |
88 | 22 | if (properties.containsKey("xfire")) |
89 | |
{ |
90 | 16 | XFire server = (XFire)properties.get("xfire"); |
91 | 16 | String pathInfo = event.getEndpoint().getEndpointURI().getPath(); |
92 | |
|
93 | |
String serviceName; |
94 | 16 | int i = pathInfo.lastIndexOf('/'); |
95 | |
|
96 | 16 | if (i > -1) |
97 | |
{ |
98 | 16 | serviceName = pathInfo.substring(i + 1); |
99 | |
} |
100 | |
else |
101 | |
{ |
102 | 0 | serviceName = pathInfo; |
103 | |
} |
104 | |
|
105 | 16 | Service service = server.getServiceRegistry().getService(serviceName); |
106 | |
|
107 | |
|
108 | |
|
109 | 16 | Object[] connectorArray = MuleManager.getInstance().getConnectors().values().toArray(); |
110 | 16 | XFireConnector connector = null; |
111 | 16 | XFireConnector tempConnector = null; |
112 | |
|
113 | 62 | for (int iter = 0; iter < connectorArray.length; iter++) |
114 | |
{ |
115 | 46 | if (connectorArray[iter] instanceof XFireConnector) |
116 | |
{ |
117 | 28 | tempConnector = (XFireConnector)connectorArray[iter]; |
118 | |
|
119 | 28 | if (tempConnector.getReceivers(event.getEndpoint().getEndpointURI().toString()).length == 0) |
120 | |
{ |
121 | 12 | connector = null; |
122 | |
} |
123 | |
else |
124 | |
{ |
125 | 16 | connector = tempConnector; |
126 | 16 | iter = connectorArray.length; |
127 | |
} |
128 | |
} |
129 | |
} |
130 | |
|
131 | 16 | if (connector != null){ |
132 | 16 | Object[] outhandlers = service.getOutHandlers().toArray(); |
133 | 32 | for (i = 0; i < outhandlers.length; i++) |
134 | |
{ |
135 | 16 | if (outhandlers[i] instanceof DOMOutHandler) |
136 | |
{ |
137 | 0 | connector.getClientOutHandlers().remove(i); |
138 | |
} |
139 | 16 | if (outhandlers[i] instanceof WSS4JOutHandler) |
140 | |
{ |
141 | 0 | connector.getClientOutHandlers().remove(i); |
142 | |
} |
143 | |
} |
144 | |
|
145 | |
|
146 | 16 | Object[] handlers = service.getInHandlers().toArray(); |
147 | 16 | boolean isDomInHandlerPresent = false; |
148 | 16 | boolean isWss4jInHandlerPresent = false; |
149 | 48 | for (i = 0; i < handlers.length; i++) |
150 | |
{ |
151 | 32 | if (handlers[i] instanceof DOMInHandler) |
152 | |
{ |
153 | 0 | isDomInHandlerPresent = true; |
154 | |
} |
155 | 32 | if (handlers[i] instanceof MuleWSSInHandler) |
156 | |
{ |
157 | 0 | isWss4jInHandlerPresent = true; |
158 | |
} |
159 | |
} |
160 | |
|
161 | 16 | if (!isDomInHandlerPresent) |
162 | |
{ |
163 | 16 | service.addInHandler(new DOMInHandler()); |
164 | |
} |
165 | |
|
166 | 16 | if (!isWss4jInHandlerPresent) |
167 | |
{ |
168 | 16 | service.addInHandler(new MuleWSSInHandler()); |
169 | |
} |
170 | |
|
171 | |
|
172 | 16 | if (service.getProperty("action") == null) |
173 | |
{ |
174 | 16 | if (connector.getExtraProperties() != null) |
175 | |
{ |
176 | 16 | Properties props = new Properties(); |
177 | 16 | props.putAll(connector.getExtraProperties()); |
178 | 16 | if (addInboundProperties != null) |
179 | |
{ |
180 | 0 | props.putAll(addInboundProperties); |
181 | |
} |
182 | 16 | Object[] keys = props.keySet().toArray(); |
183 | 62 | for (i = 0; i < props.size(); i++) |
184 | |
{ |
185 | 46 | service.setProperty(keys[i].toString(), props.getProperty((String)keys[i])); |
186 | |
} |
187 | 16 | } |
188 | |
else |
189 | |
{ |
190 | |
|
191 | 0 | service.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); |
192 | 0 | service.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "org.mule.extras.wssecurity.callbackhandlers.MuleWsSecurityCallbackHandler"); |
193 | |
|
194 | 0 | if (addInboundProperties != null) |
195 | |
{ |
196 | 0 | Properties props = new Properties(); |
197 | 0 | props.putAll(this.addInboundProperties); |
198 | 0 | Object[] keys = props.keySet().toArray(); |
199 | 0 | for (i = 0; i < props.size(); i++) |
200 | |
{ |
201 | 0 | service.setProperty(keys[i].toString(), props.getProperty((String)keys[i])); |
202 | |
} |
203 | |
} |
204 | |
} |
205 | 16 | if (wsDecryptionFile != null) |
206 | |
{ |
207 | 10 | service.setProperty(WSHandlerConstants.DEC_PROP_FILE, wsDecryptionFile); |
208 | |
} |
209 | 16 | if (wsSignatureFile != null) |
210 | |
{ |
211 | 8 | service.setProperty(WSHandlerConstants.SIG_PROP_FILE, wsSignatureFile); |
212 | |
} |
213 | |
} |
214 | |
} |
215 | 16 | } |
216 | 6 | else if (properties.containsKey("axisServer")) |
217 | |
{ |
218 | 6 | AxisServer server = (AxisServer)event.getSession().getComponent().getDescriptor() |
219 | |
.getProperties().get("axisServer"); |
220 | 6 | MuleConfigProvider provider = (MuleConfigProvider)server.getConfig(); |
221 | |
|
222 | 6 | String prefix = event.getEndpoint().getProtocol() + ":"; |
223 | 6 | String serviceName = event.getEndpoint().getName().substring(prefix.length()); |
224 | |
SOAPService soapService; |
225 | |
|
226 | |
|
227 | |
try |
228 | |
{ |
229 | 6 | soapService = provider.getService(new QName(serviceName)); |
230 | |
|
231 | 6 | Hashtable options = new Hashtable(); |
232 | 6 | if (event.getMessage().getProperty("action") != null) |
233 | |
{ |
234 | 0 | options.putAll(getProperties(event)); |
235 | 0 | soapService.setPropertyParent(options); |
236 | 0 | Handler inHandler = new WSDoAllReceiver(); |
237 | 0 | provider.setGlobalRequest(inHandler); |
238 | |
} |
239 | |
} |
240 | 0 | catch (ConfigurationException e) |
241 | |
{ |
242 | 0 | throw new UnsupportedAuthenticationSchemeException(MessageFactory.createStaticMessage("A Configurtation Exception occured while configuring WS-Security on Axis "),new MuleMessage(e.getMessage())); |
243 | 6 | } |
244 | |
} |
245 | 22 | } |
246 | |
|
247 | |
|
248 | |
|
249 | |
|
250 | |
|
251 | |
protected void authenticateOutbound(UMOEvent event) |
252 | |
throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException |
253 | |
{ |
254 | 14 | if (event.getEndpoint().getConnector() instanceof XFireConnector) |
255 | |
{ |
256 | 12 | XFireConnector connector = (XFireConnector)event.getEndpoint().getConnector(); |
257 | 12 | Map properties = event.getSession().getComponent().getDescriptor().getProperties(); |
258 | 12 | XFire server = (XFire)properties.get("xfire"); |
259 | |
|
260 | 12 | if (server == null) |
261 | |
{ |
262 | 12 | server = connector.getXfire(); |
263 | |
} |
264 | |
|
265 | 12 | if (server != null) |
266 | |
{ |
267 | 12 | List clientHandlers = new ArrayList(); |
268 | 12 | List existingOutHandlers = connector.getClientOutHandlers(); |
269 | |
|
270 | 12 | clientHandlers.add("org.codehaus.xfire.util.dom.DOMOutHandler"); |
271 | 12 | clientHandlers.add("org.codehaus.xfire.security.wss4j.WSS4JOutHandler"); |
272 | |
|
273 | 12 | if (existingOutHandlers == null) |
274 | |
{ |
275 | 12 | connector.setClientOutHandlers(clientHandlers); |
276 | |
} |
277 | 0 | else if (!existingOutHandlers |
278 | |
.contains("org.codehaus.xfire.security.wss4j.WSS4JOutHandler")) |
279 | |
{ |
280 | 0 | connector.setClientOutHandlers(clientHandlers); |
281 | |
} |
282 | |
|
283 | 12 | if (addOutboundProperties != null) |
284 | |
{ |
285 | 12 | connector.setExtraProperties(getAddOutboundProperties()); |
286 | |
} |
287 | |
} |
288 | 12 | } |
289 | 2 | else if (event.getEndpoint().getConnector() instanceof AxisConnector) |
290 | |
{ |
291 | 2 | AxisConnector connector = (AxisConnector)event.getEndpoint().getConnector(); |
292 | |
|
293 | 2 | if (connector.getClientProvider() != null) |
294 | |
{ |
295 | 2 | String[] processString = event.getEndpoint().getEndpointURI().toString().split("://"); |
296 | |
|
297 | 6 | while (processString.length > 1){ |
298 | 4 | processString = processString[1].split("/"); |
299 | |
} |
300 | |
|
301 | 2 | Handler outHandler = new WSDoAllSender(); |
302 | |
|
303 | 2 | if (addOutboundProperties != null) |
304 | |
{ |
305 | 2 | outHandler.setOptions(new Hashtable(getAddOutboundProperties())); |
306 | |
} |
307 | 2 | connector.getClientProvider().setGlobalRequest(outHandler); |
308 | |
} |
309 | |
} |
310 | 14 | } |
311 | |
|
312 | |
protected void doInitialise() throws InitialisationException |
313 | |
{ |
314 | |
|
315 | 194 | } |
316 | |
|
317 | |
|
318 | |
|
319 | |
|
320 | |
|
321 | |
|
322 | |
|
323 | |
|
324 | |
protected Properties getProperties(UMOEvent event) |
325 | |
{ |
326 | 0 | Properties props = new Properties(); |
327 | |
|
328 | 0 | if (wsDecryptionFile != null) |
329 | |
{ |
330 | 0 | props.put(WSHandlerConstants.DEC_PROP_FILE, wsDecryptionFile); |
331 | |
} |
332 | 0 | if (wsSignatureFile != null) |
333 | |
{ |
334 | 0 | props.put(WSHandlerConstants.SIG_PROP_FILE, wsSignatureFile); |
335 | |
} |
336 | 0 | return props; |
337 | |
} |
338 | |
|
339 | |
public Map getAddOutboundProperties() |
340 | |
{ |
341 | 14 | return addOutboundProperties; |
342 | |
} |
343 | |
|
344 | |
public void setAddOutboundProperties(Map addOutboundProperties) |
345 | |
{ |
346 | 34 | this.addOutboundProperties = addOutboundProperties; |
347 | 34 | } |
348 | |
|
349 | |
public Map getAddInboundProperties() { |
350 | 0 | return addInboundProperties; |
351 | |
} |
352 | |
|
353 | |
public void setAddInboundProperties(Map addInboundProperties) { |
354 | 4 | this.addInboundProperties = addInboundProperties; |
355 | 4 | } |
356 | |
} |