Source code

001/**
002 * Copyright 2005-2017 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.ksb.security;
017
018import java.io.IOException;
019import java.io.PrintWriter;
020import java.security.Signature;
021
022import javax.servlet.ServletOutputStream;
023import javax.servlet.http.HttpServletResponse;
024import javax.servlet.http.HttpServletResponseWrapper;
025
026import org.kuali.rice.ksb.service.KSBServiceLocator;
027
028/**
029 * An HttpServletResponseWrapper which wraps the underlying response's OutputStream in a 
030 * SignatureSingingOutputStream which will generate a digital signature for the outgoing message.
031 *  
032 * @author Kuali Rice Team (rice.collab@kuali.org)
033 */
034public class SignatureSigningResponseWrapper extends HttpServletResponseWrapper {
035
036        private DigitalSigner signer;
037        private ServletOutputStream outputStream;
038        private PrintWriter writer;
039        
040        public SignatureSigningResponseWrapper(HttpServletResponse response) {
041                super(response);
042                try {           
043                        Signature signature = KSBServiceLocator.getDigitalSignatureService().getSignatureForSigning();
044                        String alias = KSBServiceLocator.getJavaSecurityManagementService().getModuleKeyStoreAlias();   
045                        this.signer = new ResponseHeaderDigitalSigner(signature, alias, response);
046                } catch (Exception e) {
047                        throw new RuntimeException("Failed to initialize digital signature verification.", e);
048                }
049        }
050
051        @Override
052        public ServletOutputStream getOutputStream() throws IOException {
053                if (this.outputStream == null) {
054                    this.outputStream = new SignatureSigningOutputStream(this.signer, super.getOutputStream(), true);
055                }
056                return this.outputStream;
057        }
058
059        @Override
060        public PrintWriter getWriter() throws IOException {
061                if (this.writer == null) {
062                    this.writer =  new PrintWriter(getOutputStream());
063                }
064                return this.writer;
065        }
066        
067}