Coverage Report

Coverage Report - org.kuali.student.security.cxf.interceptors.SamlTokenCxfInInterceptor

Classes in this File

Line Coverage

Branch Coverage

Complexity

SamlTokenCxfInInterceptor

0/47

0/12

2.286

 /**
  * Copyright 2010 The Kuali Foundation Licensed under the
  * Educational Community License, Version 2.0 (the "License"); you may
  * not use this file except in compliance with the License. You may
  * obtain a copy of the License at
  *
  * http://www.osedu.org/licenses/ECL-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an "AS IS"
  * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
  * or implied. See the License for the specific language governing
  * permissions and limitations under the License.
  */
 
 package org.kuali.student.security.cxf.interceptors;
 
 import java.io.StringWriter;
 import java.util.Map;
 import java.util.Vector;
 
 import javax.xml.namespace.QName;
 import javax.xml.soap.SOAPException;
 import javax.xml.soap.SOAPMessage;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.transform.Transformer;
 import javax.xml.transform.TransformerFactory;
 import javax.xml.transform.dom.DOMSource;
 import javax.xml.transform.stream.StreamResult;
 
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.headers.Header;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.handler.RequestData;
 import org.apache.ws.security.processor.SAMLTokenProcessor;
 import org.opensaml.SAMLAssertion;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.providers.cas.CasAuthenticationToken;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 
 public class SamlTokenCxfInInterceptor extends WSS4JInInterceptor {
 
         private String samlIssuerForUser = null;
 
         public SamlTokenCxfInInterceptor(Map<String, Object> properties) {
                 super(properties);
         }
 
         @Override
         protected void computeAction(SoapMessage msg, RequestData reqData) {
                 super.computeAction(msg, reqData);
         }
 
         @Override
         protected void doResults(SoapMessage msg, String actor, SOAPMessage doc, Vector wsResult) throws SOAPException, XMLStreamException, WSSecurityException {
                 super.doResults(msg, actor, doc, wsResult);
 
                 QName wsseQN = new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
                 if (msg.hasHeader(wsseQN)) {
                         Header wsseHeader = msg.getHeader(wsseQN);
 
                         if (wsseHeader != null) {
                                 Node domSecurityHeader = (Node) wsseHeader.getObject();
                                 NodeList nodeList = domSecurityHeader.getChildNodes();
                                 Node childNode = null;
 
                                 for (int i = 0; i < nodeList.getLength(); i++) {
                                         childNode = nodeList.item(i);
 
                                         if ((childNode.getNodeName().equals("Assertion")) && (childNode.getNodeType() == Node.ELEMENT_NODE)) {
                                                 SAMLTokenProcessor stp = new SAMLTokenProcessor();
 
                                                 try {
                                                         SAMLAssertion samlAssertion = stp.handleSAMLToken((Element) childNode);
 
                                                         if (samlAssertion.getIssuer().equals(samlIssuerForUser)) {
                                                                 CasAuthenticationToken cat = (CasAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
                                                                 cat.setDetails(samlAssertion);
                                                                 break;
                                                         }
                                                 } catch (Exception e) {
                                                         throw new RuntimeException(e);
                                                 }
                                         }
                                 }
                         }
 
                         System.out.println("\n\n THE WHOLE MESSAGE RECEIVED IN INTERCEPTOR ...... ");
                         Node env = msg.getContent(Node.class);
                         DOMSource domSource = new DOMSource(env);
                         StringWriter writer = new StringWriter();
                         StreamResult result = new StreamResult(writer);
 
                         TransformerFactory tf = TransformerFactory.newInstance();
                         Transformer transformer;
                         try {
                                 transformer = tf.newTransformer();
                                 transformer.transform(domSource, result);
                         } catch (Exception e) {
                                 e.printStackTrace();
                         }
                         writer.flush();
                         System.out.println(writer.toString());
 
                 }
         }
 
         @Override
         public void handleMessage(SoapMessage msg) throws Fault {
                 super.handleMessage(msg);
         }
 
         @Override
         public void setIgnoreActions(boolean i) {
                 super.setIgnoreActions(i);
         }
 
         public String getSamlIssuerForUser() {
                 return samlIssuerForUser;
         }
 
         public void setSamlIssuerForUser(String samlIssuerForUser) {
                 this.samlIssuerForUser = samlIssuerForUser;
         }
 
 }

1		/**
2		* Copyright 2010 The Kuali Foundation Licensed under the
3		* Educational Community License, Version 2.0 (the "License"); you may
4		* not use this file except in compliance with the License. You may
5		* obtain a copy of the License at
6		*
7		* http://www.osedu.org/licenses/ECL-2.0
8		*
9		* Unless required by applicable law or agreed to in writing,
10		* software distributed under the License is distributed on an "AS IS"
11		* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
12		* or implied. See the License for the specific language governing
13		* permissions and limitations under the License.
14		*/
15
16		package org.kuali.student.security.cxf.interceptors;
17
18		import java.io.StringWriter;
19		import java.util.Map;
20		import java.util.Vector;
21
22		import javax.xml.namespace.QName;
23		import javax.xml.soap.SOAPException;
24		import javax.xml.soap.SOAPMessage;
25		import javax.xml.stream.XMLStreamException;
26		import javax.xml.transform.Transformer;
27		import javax.xml.transform.TransformerFactory;
28		import javax.xml.transform.dom.DOMSource;
29		import javax.xml.transform.stream.StreamResult;
30
31		import org.apache.cxf.binding.soap.SoapMessage;
32		import org.apache.cxf.headers.Header;
33		import org.apache.cxf.interceptor.Fault;
34		import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
35		import org.apache.ws.security.WSSecurityException;
36		import org.apache.ws.security.handler.RequestData;
37		import org.apache.ws.security.processor.SAMLTokenProcessor;
38		import org.opensaml.SAMLAssertion;
39		import org.springframework.security.context.SecurityContextHolder;
40		import org.springframework.security.providers.cas.CasAuthenticationToken;
41		import org.w3c.dom.Element;
42		import org.w3c.dom.Node;
43		import org.w3c.dom.NodeList;
44
45	0	public class SamlTokenCxfInInterceptor extends WSS4JInInterceptor {
46
47	0	private String samlIssuerForUser = null;
48
49		public SamlTokenCxfInInterceptor(Map<String, Object> properties) {
50	0	super(properties);
51	0	}
52
53		@Override
54		protected void computeAction(SoapMessage msg, RequestData reqData) {
55	0	super.computeAction(msg, reqData);
56	0	}
57
58		@Override
59		protected void doResults(SoapMessage msg, String actor, SOAPMessage doc, Vector wsResult) throws SOAPException, XMLStreamException, WSSecurityException {
60	0	super.doResults(msg, actor, doc, wsResult);
61
62	0	QName wsseQN = new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
63	0	if (msg.hasHeader(wsseQN)) {
64	0	Header wsseHeader = msg.getHeader(wsseQN);
65
66	0	if (wsseHeader != null) {
67	0	Node domSecurityHeader = (Node) wsseHeader.getObject();
68	0	NodeList nodeList = domSecurityHeader.getChildNodes();
69	0	Node childNode = null;
70
71	0	for (int i = 0; i < nodeList.getLength(); i++) {
72	0	childNode = nodeList.item(i);
73
74	0	if ((childNode.getNodeName().equals("Assertion")) && (childNode.getNodeType() == Node.ELEMENT_NODE)) {
75	0	SAMLTokenProcessor stp = new SAMLTokenProcessor();
76
77		try {
78	0	SAMLAssertion samlAssertion = stp.handleSAMLToken((Element) childNode);
79
80	0	if (samlAssertion.getIssuer().equals(samlIssuerForUser)) {
81	0	CasAuthenticationToken cat = (CasAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
82	0	cat.setDetails(samlAssertion);
83	0	break;
84		}
85	0	} catch (Exception e) {
86	0	throw new RuntimeException(e);
87	0	}
88		}
89		}
90		}
91
92	0	System.out.println("\n\n THE WHOLE MESSAGE RECEIVED IN INTERCEPTOR ...... ");
93	0	Node env = msg.getContent(Node.class);
94	0	DOMSource domSource = new DOMSource(env);
95	0	StringWriter writer = new StringWriter();
96	0	StreamResult result = new StreamResult(writer);
97
98	0	TransformerFactory tf = TransformerFactory.newInstance();
99		Transformer transformer;
100		try {
101	0	transformer = tf.newTransformer();
102	0	transformer.transform(domSource, result);
103	0	} catch (Exception e) {
104	0	e.printStackTrace();
105	0	}
106	0	writer.flush();
107	0	System.out.println(writer.toString());
108
109		}
110	0	}
111
112		@Override
113		public void handleMessage(SoapMessage msg) throws Fault {
114	0	super.handleMessage(msg);
115	0	}
116
117		@Override
118		public void setIgnoreActions(boolean i) {
119	0	super.setIgnoreActions(i);
120	0	}
121
122		public String getSamlIssuerForUser() {
123	0	return samlIssuerForUser;
124		}
125
126		public void setSamlIssuerForUser(String samlIssuerForUser) {
127	0	this.samlIssuerForUser = samlIssuerForUser;
128	0	}
129
130		}