[jboss-cvs] Picketlink SVN: r442 - trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Oct 8 15:12:18 EDT 2010
Author: mmoyses
Date: 2010-10-08 15:12:18 -0400 (Fri, 08 Oct 2010)
New Revision: 442
Added:
trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2Handler.java
Modified:
trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerClient.java
trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerServer.java
Log:
Preparing CR
Added: trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2Handler.java
===================================================================
--- trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2Handler.java (rev 0)
+++ trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2Handler.java 2010-10-08 19:12:18 UTC (rev 442)
@@ -0,0 +1,115 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.picketlink.trust.jbossws.handler;
+
+import javax.security.auth.Subject;
+import javax.xml.namespace.QName;
+import javax.xml.ws.handler.MessageContext;
+
+import org.jboss.logging.Logger;
+import org.jboss.security.SecurityContext;
+import org.jboss.ws.core.CommonMessageContext;
+import org.jboss.ws.core.soap.SOAPMessageImpl;
+import org.jboss.ws.extensions.security.Util;
+import org.jboss.ws.extensions.security.element.SecurityHeader;
+import org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer;
+import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkPrincipal;
+import org.picketlink.identity.federation.core.wstrust.SamlCredential;
+import org.picketlink.trust.jbossws.SAML2Constants;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+/**
+ * A SAMLv2 WS handler.
+ *
+ * @author <a href="mmoyses at redhat.com">Marcus Moyses</a>
+ * @version $Revision: 1 $
+ */
+public class SAML2Handler extends WSSecurityHandlerServer
+{
+
+ protected Logger log = Logger.getLogger(this.getClass());
+
+ /**
+ * Retrieves the SAML assertion from the SOAP payload and lets invocation go to JAAS for validation.
+ */
+ protected boolean handleInbound(MessageContext msgContext)
+ {
+ CommonMessageContext ctx = (CommonMessageContext) msgContext;
+ SOAPMessageImpl soapMessage = (SOAPMessageImpl) ctx.getSOAPMessage();
+
+ // retrieve the assertion
+ Document document = soapMessage.getSOAPPart();
+ Element soapHeader = Util.findOrCreateSoapHeader(document.getDocumentElement());
+ Element assertion = Util.findElement(soapHeader, new QName(SAML2Constants.SAML2_ASSERTION_URI, "Assertion"));
+ if (assertion != null)
+ {
+ SamlCredential credential = new SamlCredential(assertion);
+ Element subject = Util.findElement(assertion, new QName(SAML2Constants.SAML2_ASSERTION_URI, "Subject"));
+ Element nameID = Util.findElement(subject, new QName(SAML2Constants.SAML2_ASSERTION_URI, "NameID"));
+ String username = nameID.getNodeValue();
+ // set SecurityContext
+ Subject s = new Subject();
+ SecurityContext sc = SecurityActions.createSecurityContext(new PicketLinkPrincipal(username), credential, s);
+ SecurityActions.setSecurityContext(sc);
+ }
+
+ return true;
+ }
+
+ /**
+ * It expects a {@link Element} assertion as the value of the {@link SAML2Constants#SAML2_ASSERTION_PROPERTY} property.
+ * This assertion is then included in the SOAP payload.
+ */
+ protected boolean handleOutbound(MessageContext msgContext)
+ {
+ CommonMessageContext ctx = (CommonMessageContext) msgContext;
+ SOAPMessageImpl soapMessage = (SOAPMessageImpl) ctx.getSOAPMessage();
+
+ // retrieve assertion
+ Element assertion = (Element) ctx.get(SAML2Constants.SAML2_ASSERTION_PROPERTY);
+
+ // add wsse header
+ Document document = soapMessage.getSOAPPart();
+ Element soapHeader = Util.findOrCreateSoapHeader(document.getDocumentElement());
+ SecurityHeader secHeader = new SecurityHeader(document);
+ try
+ {
+ Element wsse = secHeader.getElement();
+ wsse.setAttributeNS(soapHeader.getNamespaceURI(), soapHeader.getPrefix() + ":mustUnderstand", "1");
+ if (assertion != null)
+ {
+ // add the assertion as a child of the wsse header
+ wsse.appendChild(assertion);
+ }
+ soapHeader.insertBefore(wsse, soapHeader.getFirstChild());
+ }
+ catch (Exception e)
+ {
+ log.error(e);
+ return false;
+ }
+
+ return true;
+ }
+
+}
Modified: trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerClient.java
===================================================================
--- trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerClient.java 2010-10-07 18:00:50 UTC (rev 441)
+++ trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerClient.java 2010-10-08 19:12:18 UTC (rev 442)
@@ -23,13 +23,7 @@
import javax.xml.ws.handler.MessageContext;
-import org.jboss.ws.core.CommonMessageContext;
-import org.jboss.ws.core.soap.SOAPMessageImpl;
-import org.jboss.ws.extensions.security.Util;
-import org.jboss.ws.extensions.security.element.SecurityHeader;
-import org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer;
import org.picketlink.trust.jbossws.SAML2Constants;
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
/**
@@ -40,42 +34,17 @@
* @author <a href="mmoyses at redhat.com">Marcus Moyses</a>
* @version $Revision: 1 $
*/
-public class SAML2HandlerClient extends WSSecurityHandlerServer
+public class SAML2HandlerClient extends SAML2Handler
{
protected boolean handleInbound(MessageContext msgContext)
{
- // FIXME handleInbound
return super.handleInbound(msgContext);
}
protected boolean handleOutbound(MessageContext msgContext)
{
- CommonMessageContext ctx = (CommonMessageContext) msgContext;
- SOAPMessageImpl soapMessage = (SOAPMessageImpl) ctx.getSOAPMessage();
-
- // retrieve assertion
- Element assertion = (Element) ctx.get(SAML2Constants.SAML2_ASSERTION_PROPERTY);
-
- // add wsse header
- Document document = soapMessage.getSOAPPart();
- Element soapHeader = Util.findOrCreateSoapHeader(document.getDocumentElement());
- SecurityHeader secHeader = new SecurityHeader(document);
- try
- {
- Element wsse = secHeader.getElement();
- wsse.setAttributeNS(soapHeader.getNamespaceURI(), soapHeader.getPrefix() + ":mustUnderstand", "1");
- // add the assertion as a child of the wsse header
- wsse.appendChild(assertion);
- soapHeader.insertBefore(wsse, soapHeader.getFirstChild());
- }
- catch (Exception e)
- {
- e.printStackTrace();
- return false;
- }
-
- return true;
+ return super.handleOutbound(msgContext);
}
}
Modified: trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerServer.java
===================================================================
--- trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerServer.java 2010-10-07 18:00:50 UTC (rev 441)
+++ trust/trunk/jbossws-native/src/main/java/org/picketlink/trust/jbossws/handler/SAML2HandlerServer.java 2010-10-08 19:12:18 UTC (rev 442)
@@ -21,21 +21,8 @@
*/
package org.picketlink.trust.jbossws.handler;
-import javax.security.auth.Subject;
-import javax.xml.namespace.QName;
import javax.xml.ws.handler.MessageContext;
-import org.jboss.security.SecurityContext;
-import org.jboss.ws.core.CommonMessageContext;
-import org.jboss.ws.core.soap.SOAPMessageImpl;
-import org.jboss.ws.extensions.security.Util;
-import org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer;
-import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkPrincipal;
-import org.picketlink.identity.federation.core.wstrust.SamlCredential;
-import org.picketlink.trust.jbossws.SAML2Constants;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
/**
* A server side WS handler.
* Retrieves the SAML assertion from the SOAP payload and lets invocation go to JAAS for validation.
@@ -43,39 +30,17 @@
* @author <a href="mmoyses at redhat.com">Marcus Moyses</a>
* @version $Revision: 1 $
*/
-public class SAML2HandlerServer extends WSSecurityHandlerServer
+public class SAML2HandlerServer extends SAML2Handler
{
protected boolean handleInbound(MessageContext msgContext)
{
- CommonMessageContext ctx = (CommonMessageContext) msgContext;
- SOAPMessageImpl soapMessage = (SOAPMessageImpl) ctx.getSOAPMessage();
-
- // retrieve the assertion
- Document document = soapMessage.getSOAPPart();
- Element soapHeader = Util.findOrCreateSoapHeader(document.getDocumentElement());
- Element assertion = Util.findElement(soapHeader, new QName(SAML2Constants.SAML2_ASSERTION_URI, "Assertion"));
- if (assertion != null)
- {
- SamlCredential credential = new SamlCredential(assertion);
- Element subject = Util.findElement(assertion, new QName(SAML2Constants.SAML2_ASSERTION_URI, "Subject"));
- Element nameID = Util.findElement(subject, new QName(SAML2Constants.SAML2_ASSERTION_URI, "NameID"));
- String username = nameID.getNodeValue();
- // set SecurityContext
- Subject s = new Subject();
- SecurityContext sc = SecurityActions.createSecurityContext(new PicketLinkPrincipal(username), credential, s);
- SecurityActions.setSecurityContext(sc);
- }
-
- return true;
+ return super.handleInbound(msgContext);
}
protected boolean handleOutbound(MessageContext msgContext)
{
- // FIXME handleOutbound
return super.handleOutbound(msgContext);
}
-
-
}
More information about the jboss-cvs-commits
mailing list