Source code

001/**
002 * Copyright 2010 The Kuali Foundation Licensed under the
003 * Educational Community License, Version 2.0 (the "License"); you may
004 * not use this file except in compliance with the License. You may
005 * obtain a copy of the License at
006 *
007 * http://www.osedu.org/licenses/ECL-2.0
008 *
009 * Unless required by applicable law or agreed to in writing,
010 * software distributed under the License is distributed on an "AS IS"
011 * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
012 * or implied. See the License for the specific language governing
013 * permissions and limitations under the License.
014 */
015
016package org.kuali.student.security.cxf.interceptors;
017
018import java.io.StringWriter;
019import java.util.List;
020import java.util.Map;
021import java.util.Vector;
022
023import javax.wsdl.extensions.soap.SOAPBody;
024import javax.wsdl.extensions.soap.SOAPHeader;
025import javax.xml.namespace.QName;
026import javax.xml.soap.SOAPException;
027import javax.xml.soap.SOAPMessage;
028import javax.xml.stream.XMLStreamException;
029import javax.xml.transform.Transformer;
030import javax.xml.transform.TransformerFactory;
031import javax.xml.transform.dom.DOMSource;
032import javax.xml.transform.stream.StreamResult;
033
034import org.apache.cxf.binding.soap.SoapMessage;
035import org.apache.cxf.headers.Header;
036import org.apache.cxf.interceptor.Fault;
037import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
038import org.apache.ws.security.WSSecurityEngineResult;
039import org.apache.ws.security.WSSecurityException;
040import org.apache.ws.security.handler.RequestData;
041import org.apache.ws.security.processor.SAMLTokenProcessor;
042import org.apache.ws.security.validate.Credential;
043import org.opensaml.SAMLAssertion;
044import org.springframework.security.cas.authentication.CasAuthenticationToken;
045import org.springframework.security.core.context.SecurityContextHolder;
046import org.w3c.dom.Element;
047import org.w3c.dom.Node;
048import org.w3c.dom.NodeList;
049
050public class SamlTokenCxfInInterceptor extends WSS4JInInterceptor {
051
052        private String samlIssuerForUser = null;
053
054        public SamlTokenCxfInInterceptor(Map<String, Object> properties) {
055                super(properties);
056        }
057
058        @Override
059        protected void computeAction(SoapMessage msg, RequestData reqData) throws WSSecurityException {
060                super.computeAction(msg, reqData);
061        }
062
063        @Override
064    protected void doResults(SoapMessage msg, String actor, Element soapHeader, Element soapBody, List<WSSecurityEngineResult> wsResult) throws javax.xml.soap.SOAPException, javax.xml.stream.XMLStreamException, org.apache.ws.security.WSSecurityException {
065                super.doResults(msg, actor, soapHeader, soapBody, wsResult);
066
067                QName wsseQN = new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
068                if (msg.hasHeader(wsseQN)) {
069                        Header wsseHeader = msg.getHeader(wsseQN);
070
071                        if (wsseHeader != null) {
072                                Node domSecurityHeader = (Node) wsseHeader.getObject();
073                                NodeList nodeList = domSecurityHeader.getChildNodes();
074                                Node childNode = null;
075
076                                for (int i = 0; i < nodeList.getLength(); i++) {
077                                        childNode = nodeList.item(i);
078
079                                        if ((childNode.getNodeName().equals("Assertion")) && (childNode.getNodeType() == Node.ELEMENT_NODE)) {
080                                                SAMLTokenProcessor stp = new SAMLTokenProcessor();
081
082                                                try {
083                            //TODO: KSENROLL-4172 this will probably fail if it ever gets invoked!!!
084                            Credential credential = stp.handleSAMLToken((Element) childNode, null, null, null);
085                                                        SAMLAssertion samlAssertion = null;
086
087                                                        if (samlAssertion.getIssuer().equals(samlIssuerForUser)) {
088                                                                CasAuthenticationToken cat = (CasAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
089                                                                cat.setDetails(samlAssertion);
090                                                                break;
091                                                        }
092                                                } catch (Exception e) {
093                                                        throw new RuntimeException(e);
094                                                }
095                                        }
096                                }
097                        }
098
099                        System.out.println("\n\n THE WHOLE MESSAGE RECEIVED IN INTERCEPTOR ...... ");
100                        Node env = msg.getContent(Node.class);
101                        DOMSource domSource = new DOMSource(env);
102                        StringWriter writer = new StringWriter();
103                        StreamResult result = new StreamResult(writer);
104
105                        TransformerFactory tf = TransformerFactory.newInstance();
106                        Transformer transformer;
107                        try {
108                                transformer = tf.newTransformer();
109                                transformer.transform(domSource, result);
110                        } catch (Exception e) {
111                                e.printStackTrace();
112                        }
113                        writer.flush();
114                        System.out.println(writer.toString());
115
116                }
117        }
118
119        @Override
120        public void handleMessage(SoapMessage msg) throws Fault {
121                super.handleMessage(msg);
122        }
123
124        @Override
125        public void setIgnoreActions(boolean i) {
126                super.setIgnoreActions(i);
127        }
128
129        public void setSamlIssuerForUser(String samlIssuerForUser) {
130                this.samlIssuerForUser = samlIssuerForUser;
131        }
132
133    public String getSamlIssuerForUser() {
134        return samlIssuerForUser;
135    }
136
137}