1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
|
12 | |
|
13 | |
|
14 | |
|
15 | |
|
16 | |
package org.kuali.student.security.cxf.interceptors; |
17 | |
|
18 | |
import java.io.StringWriter; |
19 | |
import java.util.Map; |
20 | |
import java.util.Vector; |
21 | |
|
22 | |
import javax.xml.namespace.QName; |
23 | |
import javax.xml.soap.SOAPException; |
24 | |
import javax.xml.soap.SOAPMessage; |
25 | |
import javax.xml.stream.XMLStreamException; |
26 | |
import javax.xml.transform.Transformer; |
27 | |
import javax.xml.transform.TransformerFactory; |
28 | |
import javax.xml.transform.dom.DOMSource; |
29 | |
import javax.xml.transform.stream.StreamResult; |
30 | |
|
31 | |
import org.apache.cxf.binding.soap.SoapMessage; |
32 | |
import org.apache.cxf.headers.Header; |
33 | |
import org.apache.cxf.interceptor.Fault; |
34 | |
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor; |
35 | |
import org.apache.ws.security.WSSecurityException; |
36 | |
import org.apache.ws.security.handler.RequestData; |
37 | |
import org.apache.ws.security.processor.SAMLTokenProcessor; |
38 | |
import org.opensaml.SAMLAssertion; |
39 | |
import org.springframework.security.cas.authentication.CasAuthenticationToken; |
40 | |
import org.springframework.security.core.context.SecurityContextHolder; |
41 | |
import org.w3c.dom.Element; |
42 | |
import org.w3c.dom.Node; |
43 | |
import org.w3c.dom.NodeList; |
44 | |
|
45 | 0 | public class SamlTokenCxfInInterceptor extends WSS4JInInterceptor { |
46 | |
|
47 | 0 | private String samlIssuerForUser = null; |
48 | |
|
49 | |
public SamlTokenCxfInInterceptor(Map<String, Object> properties) { |
50 | 0 | super(properties); |
51 | 0 | } |
52 | |
|
53 | |
@Override |
54 | |
protected void computeAction(SoapMessage msg, RequestData reqData) { |
55 | 0 | super.computeAction(msg, reqData); |
56 | 0 | } |
57 | |
|
58 | |
@Override |
59 | |
protected void doResults(SoapMessage msg, String actor, SOAPMessage doc, Vector wsResult) throws SOAPException, XMLStreamException, WSSecurityException { |
60 | 0 | super.doResults(msg, actor, doc, wsResult); |
61 | |
|
62 | 0 | QName wsseQN = new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security"); |
63 | 0 | if (msg.hasHeader(wsseQN)) { |
64 | 0 | Header wsseHeader = msg.getHeader(wsseQN); |
65 | |
|
66 | 0 | if (wsseHeader != null) { |
67 | 0 | Node domSecurityHeader = (Node) wsseHeader.getObject(); |
68 | 0 | NodeList nodeList = domSecurityHeader.getChildNodes(); |
69 | 0 | Node childNode = null; |
70 | |
|
71 | 0 | for (int i = 0; i < nodeList.getLength(); i++) { |
72 | 0 | childNode = nodeList.item(i); |
73 | |
|
74 | 0 | if ((childNode.getNodeName().equals("Assertion")) && (childNode.getNodeType() == Node.ELEMENT_NODE)) { |
75 | 0 | SAMLTokenProcessor stp = new SAMLTokenProcessor(); |
76 | |
|
77 | |
try { |
78 | 0 | SAMLAssertion samlAssertion = stp.handleSAMLToken((Element) childNode); |
79 | |
|
80 | 0 | if (samlAssertion.getIssuer().equals(samlIssuerForUser)) { |
81 | 0 | CasAuthenticationToken cat = (CasAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
82 | 0 | cat.setDetails(samlAssertion); |
83 | 0 | break; |
84 | |
} |
85 | 0 | } catch (Exception e) { |
86 | 0 | throw new RuntimeException(e); |
87 | 0 | } |
88 | |
} |
89 | |
} |
90 | |
} |
91 | |
|
92 | 0 | System.out.println("\n\n THE WHOLE MESSAGE RECEIVED IN INTERCEPTOR ...... "); |
93 | 0 | Node env = msg.getContent(Node.class); |
94 | 0 | DOMSource domSource = new DOMSource(env); |
95 | 0 | StringWriter writer = new StringWriter(); |
96 | 0 | StreamResult result = new StreamResult(writer); |
97 | |
|
98 | 0 | TransformerFactory tf = TransformerFactory.newInstance(); |
99 | |
Transformer transformer; |
100 | |
try { |
101 | 0 | transformer = tf.newTransformer(); |
102 | 0 | transformer.transform(domSource, result); |
103 | 0 | } catch (Exception e) { |
104 | 0 | e.printStackTrace(); |
105 | 0 | } |
106 | 0 | writer.flush(); |
107 | 0 | System.out.println(writer.toString()); |
108 | |
|
109 | |
} |
110 | 0 | } |
111 | |
|
112 | |
@Override |
113 | |
public void handleMessage(SoapMessage msg) throws Fault { |
114 | 0 | super.handleMessage(msg); |
115 | 0 | } |
116 | |
|
117 | |
@Override |
118 | |
public void setIgnoreActions(boolean i) { |
119 | 0 | super.setIgnoreActions(i); |
120 | 0 | } |
121 | |
|
122 | |
public String getSamlIssuerForUser() { |
123 | 0 | return samlIssuerForUser; |
124 | |
} |
125 | |
|
126 | |
public void setSamlIssuerForUser(String samlIssuerForUser) { |
127 | 0 | this.samlIssuerForUser = samlIssuerForUser; |
128 | 0 | } |
129 | |
|
130 | |
} |