Source code

001/**
002 * Copyright 2005-2016 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.ksb.security.soap;
017
018import org.apache.cxf.binding.soap.SoapMessage;
019import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
020import org.apache.log4j.Logger;
021import org.apache.ws.security.components.crypto.Crypto;
022import org.apache.ws.security.components.crypto.Merlin;
023import org.apache.ws.security.handler.RequestData;
024import org.apache.ws.security.handler.WSHandlerConstants;
025import org.kuali.rice.core.api.config.ConfigurationException;
026import org.kuali.rice.core.api.config.property.Config;
027import org.kuali.rice.core.api.config.property.ConfigContext;
028import org.kuali.rice.core.api.exception.RiceRuntimeException;
029import org.kuali.rice.core.api.util.ClassLoaderUtils;
030import org.kuali.rice.ksb.config.wss4j.CryptoPasswordCallbackHandler;
031import org.springframework.core.io.DefaultResourceLoader;
032
033import java.io.IOException;
034import java.util.Properties;
035
036//import javax.xml.ws.handler.MessageContext;
037
038
039/**
040 *
041 * @author Kuali Rice Team (rice.collab@kuali.org)
042 */
043
044//TODO: Replace this class with cxf wss4j in interceptor
045public class CXFWSS4JInInterceptor extends WSS4JInInterceptor{
046
047        private static final Logger LOG = Logger.getLogger(CXFWSS4JInInterceptor.class);
048
049        private final boolean busSecurity;
050        
051        public CXFWSS4JInInterceptor(boolean busSecurity) {
052                this.busSecurity = busSecurity;
053        if (busSecurity) {
054                    this.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
055                    this.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, CryptoPasswordCallbackHandler.class.getName());
056                    this.setProperty(WSHandlerConstants.SIG_KEY_ID, "IssuerSerial");
057                    this.setProperty(WSHandlerConstants.USER, ConfigContext.getCurrentContextConfig().getKeystoreAlias());
058        }
059        }
060
061        @Override
062        public Crypto loadSignatureCrypto(RequestData reqData) {
063                try {
064                        return new Merlin(getMerlinProperties(), ClassLoaderUtils.getDefaultClassLoader());
065                } catch (Exception e) {
066                        throw new RiceRuntimeException(e);
067                }
068        }
069
070        @Override
071        public Crypto loadDecryptionCrypto(RequestData reqData) {
072                return loadSignatureCrypto(reqData);
073        }
074
075        protected Properties getMerlinProperties() throws IOException {
076                Properties props = new Properties();
077                props.put("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
078                props.put("org.apache.ws.security.crypto.merlin.keystore.password", ConfigContext.getCurrentContextConfig().getKeystorePassword());
079                props.put("org.apache.ws.security.crypto.merlin.alias.password", ConfigContext.getCurrentContextConfig().getKeystorePassword());
080                props.put("org.apache.ws.security.crypto.merlin.keystore.alias", ConfigContext.getCurrentContextConfig().getKeystoreAlias());
081            props.put("org.apache.ws.security.crypto.merlin.file", ConfigContext.getCurrentContextConfig().getKeystoreFile());
082
083                if (LOG.isDebugEnabled()) {
084                        LOG.debug("Using keystore location " + ConfigContext.getCurrentContextConfig().getKeystoreFile());
085                }
086                return props;
087        }
088
089        /**
090         * This overridden method will not apply security headers if bus security is disabled.
091         * 
092         * @see org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor#handleMessage(org.apache.cxf.binding.soap.SoapMessage)
093         */
094        @Override
095        public void handleMessage(SoapMessage mc)  {
096                if (busSecurity) {
097                        super.handleMessage(mc);
098                }
099        }
100
101}