Author: mposolda
Date: 2011-11-23 17:14:59 -0500 (Wed, 23 Nov 2011)
New Revision: 8123
Added:
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/credentials/
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/credentials/CredentialsAccessor.java
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/credentials/HTTPSessionCredentialsAccessor.java
Modified:
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/jboss5/handlers/consumer/WSSecurityCredentialHandler.java
Log:
GTNWSRP-268-WSRP.patch
Added:
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/credentials/CredentialsAccessor.java
===================================================================
---
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/credentials/CredentialsAccessor.java
(rev 0)
+++
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/credentials/CredentialsAccessor.java 2011-11-23
22:14:59 UTC (rev 8123)
@@ -0,0 +1,41 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2011, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+
+package org.wsrp.wss.credentials;
+
+import org.gatein.wci.security.Credentials;
+
+/**
+ * Accessor for obtaining credentials of current user.
+ *
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public interface CredentialsAccessor
+{
+
+ /**
+ * @return {@link org.gatein.wci.security.Credentials} of current user.
+ */
+ public Credentials getCredentials();
+
+}
Added:
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/credentials/HTTPSessionCredentialsAccessor.java
===================================================================
---
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/credentials/HTTPSessionCredentialsAccessor.java
(rev 0)
+++
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/credentials/HTTPSessionCredentialsAccessor.java 2011-11-23
22:14:59 UTC (rev 8123)
@@ -0,0 +1,63 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2011, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+
+package org.wsrp.wss.credentials;
+
+import org.gatein.wci.security.Credentials;
+import org.gatein.wsrp.servlet.ServletAccess;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Obtaining credentials from HTTP session.
+ *
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class HTTPSessionCredentialsAccessor implements CredentialsAccessor
+{
+
+ private static Logger log =
LoggerFactory.getLogger(HTTPSessionCredentialsAccessor.class);
+
+ /**
+ * Return credentials from HTTP session. It assumes that Credentials are in HTTP
session in attribute
+ * {@link org.gatein.wci.security.Credentials#CREDENTIALS} and current HTTP request is
bound to {@link org.gatein.wsrp.servlet.ServletAccess} thread-local.
+ *
+ * @return credentials
+ */
+ @Override
+ public Credentials getCredentials()
+ {
+ HttpServletRequest request = ServletAccess.getRequest();
+ if (request != null && request.getSession() != null)
+ {
+ return (Credentials)request.getSession().getAttribute(Credentials.CREDENTIALS);
+ }
+ else
+ {
+ log.debug("Could not get current HttpServletRequest, cannot obtain
credentials from HTTP session.");
+ return null;
+ }
+ }
+}
Modified:
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/jboss5/handlers/consumer/WSSecurityCredentialHandler.java
===================================================================
---
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/jboss5/handlers/consumer/WSSecurityCredentialHandler.java 2011-11-23
03:39:01 UTC (rev 8122)
+++
components/wsrp/trunk/ws-security/jboss5/src/main/java/org/wsrp/wss/jboss5/handlers/consumer/WSSecurityCredentialHandler.java 2011-11-23
22:14:59 UTC (rev 8123)
@@ -36,6 +36,7 @@
import org.jboss.ws.core.CommonMessageContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.wsrp.wss.credentials.CredentialsAccessor;
/**
* @author <a href="mailto:mwringe@redhat.com">Matt Wringe</a>
@@ -45,6 +46,13 @@
{
private static Logger log =
LoggerFactory.getLogger(WSSecurityCredentialHandler.class);
+ private CredentialsAccessor credentialsAccessor;
+
+ public WSSecurityCredentialHandler(CredentialsAccessor credentialsAccessor)
+ {
+ this.credentialsAccessor = credentialsAccessor;
+ }
+
public void close(MessageContext arg0)
{
//Nothing to do for now
@@ -75,25 +83,17 @@
log.debug("Attempting to convert security context to WS-Security
header");
CommonMessageContext ctx = (CommonMessageContext) soapMessageContext;
-
- HttpServletRequest request = ServletAccess.getRequest();
- if (request != null && request.getSession() != null)
+
+ Credentials credentials = credentialsAccessor.getCredentials();
+
+ if (credentials != null)
{
- Credentials credentials =
(Credentials)request.getSession().getAttribute(Credentials.CREDENTIALS);
- if (credentials != null)
- {
- ctx.put(BindingProvider.USERNAME_PROPERTY, credentials.getUsername());
- ctx.put(BindingProvider.PASSWORD_PROPERTY, credentials.getPassword());
- }
- else
- {
- log.debug("Could not find credentials to put in WS-Security
header");
- return true;
- }
+ ctx.put(BindingProvider.USERNAME_PROPERTY, credentials.getUsername());
+ ctx.put(BindingProvider.PASSWORD_PROPERTY, credentials.getPassword());
}
else
{
- log.debug("Could not get current HttpServletRequest, cannot
login.");
+ log.debug("Could not find credentials to put in WS-Security
header");
}
}
catch (Exception e)