001    /**
002     * Copyright 2005-2014 The Kuali Foundation
003     *
004     * Licensed under the Educational Community License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     *
008     * http://www.opensource.org/licenses/ecl2.php
009     *
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package org.kuali.rice.ksb.security.soap;
017    
018    import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
019    import org.apache.ws.security.WSPasswordCallback;
020    import org.apache.ws.security.WSSecurityException;
021    import org.apache.ws.security.handler.RequestData;
022    import org.apache.ws.security.handler.WSHandlerConstants;
023    import org.kuali.rice.core.api.security.credentials.Credentials;
024    import org.kuali.rice.core.api.security.credentials.CredentialsSource;
025    import org.kuali.rice.ksb.api.bus.ServiceConfiguration;
026    import org.kuali.rice.ksb.security.credentials.UsernamePasswordCredentials;
027    import org.springframework.util.Assert;
028    
029    
030    /**
031     * 
032     * @author Kuali Rice Team (rice.collab@kuali.org)
033     * @since 0.9
034     * 
035     */
036    public class CredentialsOutHandler extends WSS4JOutInterceptor {
037    
038            private final CredentialsSource credentialsSource;
039    
040            private final ServiceConfiguration serviceConfiguration;
041    
042            public CredentialsOutHandler(final CredentialsSource credentialsSource,
043                            final ServiceConfiguration serviceConfiguration) {
044                    Assert.notNull(credentialsSource, "credentialsSource cannot be null.");
045                    Assert.notNull(serviceConfiguration, "serviceConfiguration cannot be null.");
046                    this.credentialsSource = credentialsSource;
047                    this.serviceConfiguration = serviceConfiguration;
048    
049                    final Credentials credentials = this.credentialsSource
050                                    .getCredentials(this.serviceConfiguration.getEndpointUrl().toString());
051    
052                    Assert.isTrue(credentials instanceof UsernamePasswordCredentials,
053                                    "Credentials must be of type usernamepassword.");
054    
055                    final UsernamePasswordCredentials c = (UsernamePasswordCredentials) credentials;
056                    setProperty(WSHandlerConstants.USER, c.getUsername());
057            }
058    
059            public WSPasswordCallback getPassword(final String username,
060                            final int doAction, final String clsProp, final String refProp,
061                            final RequestData reqData) throws WSSecurityException {
062                    final UsernamePasswordCredentials c = (UsernamePasswordCredentials) this.credentialsSource
063                                    .getCredentials(this.serviceConfiguration.getEndpointUrl().toString());
064    
065                    return new WSPasswordCallback(c.getUsername(), c.getPassword(), null,
066                                    WSPasswordCallback.USERNAME_TOKEN);
067            }
068    }
069