Coverage Report

Coverage Report - org.kuali.rice.ksb.security.soap.CXFWSS4JOutInterceptor

Classes in this File

0/25

0/4

 /**
  * Copyright 2005-2011 The Kuali Foundation
  *
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.opensource.org/licenses/ecl2.php
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.ksb.security.soap;
 
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
 import org.apache.log4j.Logger;
 import org.apache.ws.security.components.crypto.Crypto;
 import org.apache.ws.security.components.crypto.Merlin;
 import org.apache.ws.security.handler.RequestData;
 import org.apache.ws.security.handler.WSHandlerConstants;
 import org.kuali.rice.core.api.config.property.ConfigContext;
 import org.kuali.rice.core.api.exception.RiceRuntimeException;
 import org.kuali.rice.core.api.util.ClassLoaderUtils;
 import org.kuali.rice.ksb.config.wss4j.CryptoPasswordCallbackHandler;
 
 import java.util.Properties;
 
 
 /**
  *
  * @author Kuali Rice Team (rice.collab@kuali.org)
  */
 
 public class CXFWSS4JOutInterceptor extends WSS4JOutInterceptor {
 
         private static final Logger LOG = Logger.getLogger(CXFWSS4JOutInterceptor.class);
 
         private final boolean busSecurity;
 
         public CXFWSS4JOutInterceptor(boolean busSecurity) {
                 this.busSecurity = busSecurity;
                 this.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
                 this.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, CryptoPasswordCallbackHandler.class.getName());
                 this.setProperty(WSHandlerConstants.SIG_KEY_ID, "IssuerSerial");
                 this.setProperty(WSHandlerConstants.USER, ConfigContext.getCurrentContextConfig().getKeystoreAlias());
         }
 
         @Override
         public Crypto loadSignatureCrypto(RequestData reqData) {
                 try {
                         return new Merlin(getMerlinProperties(), ClassLoaderUtils.getDefaultClassLoader());
                 } catch (Exception e) {
                         throw new RiceRuntimeException(e);
                 }
         }
 
         @Override
         public Crypto loadDecryptionCrypto(RequestData reqData) {
                 return loadSignatureCrypto(reqData);
         }
 
         protected Properties getMerlinProperties() {
                 Properties props = new Properties();
                 props.put("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
                 props.put("org.apache.ws.security.crypto.merlin.keystore.password", ConfigContext.getCurrentContextConfig().getKeystorePassword());
                 props.put("org.apache.ws.security.crypto.merlin.alias.password", ConfigContext.getCurrentContextConfig().getKeystorePassword());
                 props.put("org.apache.ws.security.crypto.merlin.keystore.alias", ConfigContext.getCurrentContextConfig().getKeystoreAlias());
                 props.put("org.apache.ws.security.crypto.merlin.file", ConfigContext.getCurrentContextConfig().getKeystoreFile());
 
                 if (LOG.isDebugEnabled()) {
                         LOG.debug("Using keystore location " + ConfigContext.getCurrentContextConfig().getKeystoreFile());
                 }
 
                 return props;
         }
 
         /**
          * This overridden method will not apply security headers if bus security is disabled.
          * 
          * @see org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor#handleMessage(org.apache.cxf.binding.soap.SoapMessage)
          */
         @Override
         public void handleMessage(SoapMessage mc) {
                 if (busSecurity) {
                         super.handleMessage(mc);
                 }
         }
 
 }

1		/**
2		* Copyright 2005-2011 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.ksb.security.soap;
17
18		import org.apache.cxf.binding.soap.SoapMessage;
19		import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
20		import org.apache.log4j.Logger;
21		import org.apache.ws.security.components.crypto.Crypto;
22		import org.apache.ws.security.components.crypto.Merlin;
23		import org.apache.ws.security.handler.RequestData;
24		import org.apache.ws.security.handler.WSHandlerConstants;
25		import org.kuali.rice.core.api.config.property.ConfigContext;
26		import org.kuali.rice.core.api.exception.RiceRuntimeException;
27		import org.kuali.rice.core.api.util.ClassLoaderUtils;
28		import org.kuali.rice.ksb.config.wss4j.CryptoPasswordCallbackHandler;
29
30		import java.util.Properties;
31
32
33		/**
34		*
35		* @author Kuali Rice Team (rice.collab@kuali.org)
36		*/
37
38	0	public class CXFWSS4JOutInterceptor extends WSS4JOutInterceptor {
39
40	0	private static final Logger LOG = Logger.getLogger(CXFWSS4JOutInterceptor.class);
41
42		private final boolean busSecurity;
43
44	0	public CXFWSS4JOutInterceptor(boolean busSecurity) {
45	0	this.busSecurity = busSecurity;
46	0	this.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
47	0	this.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, CryptoPasswordCallbackHandler.class.getName());
48	0	this.setProperty(WSHandlerConstants.SIG_KEY_ID, "IssuerSerial");
49	0	this.setProperty(WSHandlerConstants.USER, ConfigContext.getCurrentContextConfig().getKeystoreAlias());
50	0	}
51
52		@Override
53		public Crypto loadSignatureCrypto(RequestData reqData) {
54		try {
55	0	return new Merlin(getMerlinProperties(), ClassLoaderUtils.getDefaultClassLoader());
56	0	} catch (Exception e) {
57	0	throw new RiceRuntimeException(e);
58		}
59		}
60
61		@Override
62		public Crypto loadDecryptionCrypto(RequestData reqData) {
63	0	return loadSignatureCrypto(reqData);
64		}
65
66		protected Properties getMerlinProperties() {
67	0	Properties props = new Properties();
68	0	props.put("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
69	0	props.put("org.apache.ws.security.crypto.merlin.keystore.password", ConfigContext.getCurrentContextConfig().getKeystorePassword());
70	0	props.put("org.apache.ws.security.crypto.merlin.alias.password", ConfigContext.getCurrentContextConfig().getKeystorePassword());
71	0	props.put("org.apache.ws.security.crypto.merlin.keystore.alias", ConfigContext.getCurrentContextConfig().getKeystoreAlias());
72	0	props.put("org.apache.ws.security.crypto.merlin.file", ConfigContext.getCurrentContextConfig().getKeystoreFile());
73
74	0	if (LOG.isDebugEnabled()) {
75	0	LOG.debug("Using keystore location " + ConfigContext.getCurrentContextConfig().getKeystoreFile());
76		}
77
78	0	return props;
79		}
80
81		/**
82		* This overridden method will not apply security headers if bus security is disabled.
83		*
84		* @see org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor#handleMessage(org.apache.cxf.binding.soap.SoapMessage)
85		*/
86		@Override
87		public void handleMessage(SoapMessage mc) {
88	0	if (busSecurity) {
89	0	super.handleMessage(mc);
90		}
91	0	}
92
93		}