From do-not-reply at jboss.org Wed Nov 23 17:14:59 2011
Content-Type: multipart/mixed; boundary="===============7248430949862893122=="
MIME-Version: 1.0
From: do-not-reply at jboss.org
To: gatein-commits at lists.jboss.org
Subject: [gatein-commits] gatein SVN: r8123 - in
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss:
credentials and 1 other directories.
Date: Wed, 23 Nov 2011 17:14:59 -0500
Message-ID: <201111232214.pANMExti030114@svn01.web.mwc.hst.phx2.redhat.com>
--===============7248430949862893122==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Author: mposolda
Date: 2011-11-23 17:14:59 -0500 (Wed, 23 Nov 2011)
New Revision: 8123
Added:
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/cred=
entials/
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/cred=
entials/CredentialsAccessor.java
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/cred=
entials/HTTPSessionCredentialsAccessor.java
Modified:
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/jbos=
s5/handlers/consumer/WSSecurityCredentialHandler.java
Log:
GTNWSRP-268-WSRP.patch
Added: components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/=
credentials/CredentialsAccessor.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/cre=
dentials/CredentialsAccessor.java (rev 0)
+++ components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/cre=
dentials/CredentialsAccessor.java 2011-11-23 22:14:59 UTC (rev 8123)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2011, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.wsrp.wss.credentials;
+
+import org.gatein.wci.security.Credentials;
+
+/**
+ * Accessor for obtaining credentials of current user.
+ *
+ * @author Marek Posolda
+ */
+public interface CredentialsAccessor
+{
+
+ /**
+ * @return {@link org.gatein.wci.security.Credentials} of current user.
+ */
+ public Credentials getCredentials();
+
+}
Added: components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/=
credentials/HTTPSessionCredentialsAccessor.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/cre=
dentials/HTTPSessionCredentialsAccessor.java (rev 0)
+++ components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/cre=
dentials/HTTPSessionCredentialsAccessor.java 2011-11-23 22:14:59 UTC (rev 8=
123)
@@ -0,0 +1,63 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2011, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.wsrp.wss.credentials;
+
+import org.gatein.wci.security.Credentials;
+import org.gatein.wsrp.servlet.ServletAccess;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Obtaining credentials from HTTP session.
+ *
+ * @author Marek Posolda
+ */
+public class HTTPSessionCredentialsAccessor implements CredentialsAccessor
+{
+
+ private static Logger log =3D LoggerFactory.getLogger(HTTPSessionCrede=
ntialsAccessor.class);
+
+ /**
+ * Return credentials from HTTP session. It assumes that Credentials ar=
e in HTTP session in attribute
+ * {@link org.gatein.wci.security.Credentials#CREDENTIALS} and current =
HTTP request is bound to {@link org.gatein.wsrp.servlet.ServletAccess} thre=
ad-local.
+ *
+ * @return credentials
+ */
+ @Override
+ public Credentials getCredentials()
+ {
+ HttpServletRequest request =3D ServletAccess.getRequest();
+ if (request !=3D null && request.getSession() !=3D null)
+ {
+ return (Credentials)request.getSession().getAttribute(Credentials=
.CREDENTIALS);
+ }
+ else
+ {
+ log.debug("Could not get current HttpServletRequest, cannot obtai=
n credentials from HTTP session.");
+ return null;
+ }
+ }
+}
Modified: components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/w=
ss/jboss5/handlers/consumer/WSSecurityCredentialHandler.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/jbo=
ss5/handlers/consumer/WSSecurityCredentialHandler.java 2011-11-23 03:39:01 =
UTC (rev 8122)
+++ components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/jbo=
ss5/handlers/consumer/WSSecurityCredentialHandler.java 2011-11-23 22:14:59 =
UTC (rev 8123)
@@ -36,6 +36,7 @@
import org.jboss.ws.core.CommonMessageContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.wsrp.wss.credentials.CredentialsAccessor;
=
/**
* @author Matt Wringe
@@ -45,6 +46,13 @@
{
private static Logger log =3D LoggerFactory.getLogger(WSSecurityCredent=
ialHandler.class);
=
+ private CredentialsAccessor credentialsAccessor;
+
+ public WSSecurityCredentialHandler(CredentialsAccessor credentialsAcces=
sor)
+ {
+ this.credentialsAccessor =3D credentialsAccessor;
+ }
+
public void close(MessageContext arg0)
{
//Nothing to do for now
@@ -75,25 +83,17 @@
log.debug("Attempting to convert security context to WS-Security =
header");
=
CommonMessageContext ctx =3D (CommonMessageContext) soapMessageCo=
ntext;
- =
- HttpServletRequest request =3D ServletAccess.getRequest();
- if (request !=3D null && request.getSession() !=3D null)
+
+ Credentials credentials =3D credentialsAccessor.getCredentials();
+
+ if (credentials !=3D null)
{
- Credentials credentials =3D (Credentials)request.getSession(=
).getAttribute(Credentials.CREDENTIALS);
- if (credentials !=3D null)
- {
- ctx.put(BindingProvider.USERNAME_PROPERTY, credentials.ge=
tUsername());
- ctx.put(BindingProvider.PASSWORD_PROPERTY, credentials.ge=
tPassword());
- }
- else
- {
- log.debug("Could not find credentials to put in WS-Securi=
ty header");
- return true;
- }
+ ctx.put(BindingProvider.USERNAME_PROPERTY, credentials.getUser=
name());
+ ctx.put(BindingProvider.PASSWORD_PROPERTY, credentials.getPass=
word());
}
else
{
- log.debug("Could not get current HttpServletRequest, cannot l=
ogin.");
+ log.debug("Could not find credentials to put in WS-Security he=
ader");
}
}
catch (Exception e)
--===============7248430949862893122==--