View Javadoc
1   /**
2    * Copyright 2005-2014 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.ksb.security;
17  
18  import java.io.IOException;
19  import java.io.PrintWriter;
20  import java.security.Signature;
21  
22  import javax.servlet.ServletOutputStream;
23  import javax.servlet.http.HttpServletResponse;
24  import javax.servlet.http.HttpServletResponseWrapper;
25  
26  import org.kuali.rice.ksb.service.KSBServiceLocator;
27  
28  /**
29   * An HttpServletResponseWrapper which wraps the underlying response's OutputStream in a 
30   * SignatureSingingOutputStream which will generate a digital signature for the outgoing message.
31   *  
32   * @author Kuali Rice Team (rice.collab@kuali.org)
33   */
34  public class SignatureSigningResponseWrapper extends HttpServletResponseWrapper {
35  
36  	private DigitalSigner signer;
37  	private ServletOutputStream outputStream;
38  	private PrintWriter writer;
39  	
40  	public SignatureSigningResponseWrapper(HttpServletResponse response) {
41  		super(response);
42  		try {		
43  			Signature signature = KSBServiceLocator.getDigitalSignatureService().getSignatureForSigning();
44  			String alias = KSBServiceLocator.getJavaSecurityManagementService().getModuleKeyStoreAlias();	
45  			this.signer = new ResponseHeaderDigitalSigner(signature, alias, response);
46  		} catch (Exception e) {
47  			throw new RuntimeException("Failed to initialize digital signature verification.", e);
48  		}
49  	}
50  
51  	@Override
52  	public ServletOutputStream getOutputStream() throws IOException {
53  		if (this.outputStream == null) {
54  		    this.outputStream = new SignatureSigningOutputStream(this.signer, super.getOutputStream(), true);
55  		}
56  		return this.outputStream;
57  	}
58  
59  	@Override
60  	public PrintWriter getWriter() throws IOException {
61  		if (this.writer == null) {
62  		    this.writer =  new PrintWriter(getOutputStream());
63  		}
64  		return this.writer;
65  	}
66  	
67  }