Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * JBoss, Home of Professional Open Source.
   * Copyright 2008, Red Hat Middleware LLC, and individual contributors
   * as indicated by the @author tags. See the copyright.txt file in the
   * distribution for a full listing of individual contributors.
   *
   * This is free software; you can redistribute it and/or modify it
   * under the terms of the GNU Lesser General Public License as
   * published by the Free Software Foundation; either version 2.1 of
  * the License, or (at your option) any later version.
  *
  * This software is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this software; if not, write to the Free
  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  */
 package org.picketlink.trust.jbossws.jaas;
 
 import java.net.URI;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
 
A subclass of org.picketlink.identity.federation.core.wstrust.auth.STSIssuingLoginModule that adds in JBoss WS specific details

Author(s):
Anil.Saldhana@redhat.com
Since:
Apr 22, 2011
 
 @SuppressWarnings("restriction")
 
     private static final PicketLinkLogger logger = PicketLinkLoggerFactory.getLogger();

    
Key in the options to customize the WS-Addressing Issuer in the WS-T Call
 
     public static final String WSA_ISSUER = "wsaIssuer";

    
Key in the options to customize the WS-Policy Applies To in the WS-T Call
 
     public static final String WSP_APPIESTO = "wspAppliesTo";
 
     @Override
     protected Builder createBuilder() {
         Builder builder = super.createBuilder();
         builder.wsaIssuer((String.get());
         builder.wspAppliesTo((String.get());
         return builder;
     }
 
     @Override
     protected STSClient createWSTrustClient(final STSClientConfig config) {
         try {
 	        return STSClientFactory.getInstance().create(new STSClientCreationCallBack() {
	    		@Override
	    		public STSClient createClient() {
	    			
	    	        String binaryTokenKey = (String.get(.);
	    	        if (binaryTokenKey == null) {
	    	            binaryTokenKey = SecurityActions.getSystemProperty(.
	    	                    .);
	    	        }
	    	        Object binaryToken = .get(binaryTokenKey);
	    	        Map<String, ? super ObjectSTSClientOptions = new HashMap<StringObject> ();
	    	        if (binaryToken != null) {
	    	            STSClientOptions.put(binaryTokenKeybinaryToken);
	    	        }
	    			
	    			return new JBWSTokenClient(configSTSClientOptions);
	    		}
	    		@Override
	    		public String getKey() {
	    			return config.getServiceName() + "|" + config.getPortName() + "|" + config.getEndPointAddress();
	    		}
	        });
        } catch (final Exception e) {
            throw .authCouldNotCreateWSTrustClient(e);
        }
    }
    @SuppressWarnings("unchecked")
    @Override
    public boolean commit() throws LoginException {
        boolean result = super.commit();
        if (result) {
            SamlCredential samlCredential = null;
            Set<Objectcreds = .getPublicCredentials();
            for (Object cred : creds) {
                if (cred instanceof SamlCredential) {
                    samlCredential = (SamlCredentialcred;
                    break;
                }
            }
            if (samlCredential == null)
                throw .authSAMLCredentialNotAvailable();
            Principal principal = new PicketLinkPrincipal("");
            if (super.isUseFirstPass()) {
                this..put("javax.security.auth.login.name"principal);
                super..put("javax.security.auth.login.password"samlCredential);
            }
        }
        return result;
    }
    public class JBWSTokenClient extends STSClient {

        
Indicates request type, could be either WSTrustConstants.ISSUE_REQUEST or WSTrustConstants.VALIDATE_REQUEST.
        private String requestType = .;
        
        private DatatypeFactory dataTypefactory;
        public JBWSTokenClient() {
            super();
            try {
                this. = DatatypeFactory.newInstance();
            } catch (DatatypeConfigurationException dce) {
                throw .wsTrustUnableToGetDataTypeFactory(dce);
            }
        }
        public JBWSTokenClient(STSClientConfig config) {
            super(config);
             = config.getRequestType();
            
            try {
                this. = DatatypeFactory.newInstance();
            } catch (DatatypeConfigurationException dce) {
                throw .wsTrustUnableToGetDataTypeFactory(dce);
            }
        }
        
        @SuppressWarnings("rawtypes")
        public JBWSTokenClient(STSClientConfig configMap<String, ? super Objectoptions) {
            super(config);
        
            try {
                this. = DatatypeFactory.newInstance();
            } catch (DatatypeConfigurationException dce) {
                throw .wsTrustUnableToGetDataTypeFactory(dce);
            }
            
             = (Stringoptions.get(.);
            if ( == null) {
                 = config.getRequestType();
            }
            String soapBinding = (Stringoptions.get(.);
            if (soapBinding != null) {
                setSoapBinding(soapBinding);
            }
            
            
            // Get pre-constructed Dispatch from super
            Dispatch<Sourcedispatch = super.getDispatch();
            String overrideDispatchStr = (Stringoptions.get("overrideDispatch");
            if (StringUtil.isNotNull(overrideDispatchStr)) {
                boolean bool = Boolean.valueOf(overrideDispatchStr);
                if (bool) {
                    dispatch = new PicketLinkDispatch(dispatch, (Stringoptions.get("endpointAddress"));
                    String useWSSE = (Stringoptions.get("useWSSE");
                    if (StringUtil.isNotNull(useWSSE) && useWSSE.equalsIgnoreCase("true")) {
                        ((PicketLinkDispatchdispatch).setUseWSSE(true);
                    }
                }
            }
            Binding binding = dispatch.getBinding();
            List<Handlerhandlers = binding.getHandlerChain();
            String handlerStr = (Stringoptions.get("handlerChain");
            
            if (StringUtil.isNotNull(handlerStr)) {
                List<Stringtokens = StringUtil.tokenize(handlerStr);
                for (String token : tokens) {
                    if (token.equalsIgnoreCase("binary")) {
                        BinaryTokenHandler binaryTokenHandler = new BinaryTokenHandler();
                        handlers.add(binaryTokenHandler);
                    } else if (token.equalsIgnoreCase("map")) {
                        MapBasedTokenHandler mapBasedHandler = new MapBasedTokenHandler(
                                options);
                        handlers.add(mapBasedHandler);
                    } else {
                        String className = (token.equalsIgnoreCase("saml2") ? "org.picketlink.trust.jbossws.handler.SAML2Handler"
                                : token);
                        ClassLoader cl = SecurityActions
                                .getClassLoader(getClass());
                        try {
                            handlers.add((Handlercl.loadClass(className)
                                    .newInstance());
                        } catch (Exception e) {
                            throw .authUnableToInstantiateHandler(token,
                                    e);
                        }
                    }
                }
            }
            binding.setHandlerChain(handlers);
            setDispatch(dispatch);
            String securityDomainForFactory = (Stringoptions.get("securityDomainForFactory");
            if (StringUtil.isNotNull(securityDomainForFactory)) {
                .trace("We got security domain for domain ssl factory = " + securityDomainForFactory);
                .trace("Setting it on the system property org.jboss.security.ssl.domain.name");
                String sslFactoryName = "org.jboss.security.ssl.JaasSecurityDomainSocketFactory";
                SecurityActions.setSystemProperty("org.jboss.security.ssl.domain.name"securityDomainForFactory);
                // StubExt.PROPERTY_SOCKET_FACTORY
                dispatch.getRequestContext().put("org.jboss.ws.socketFactory"sslFactoryName);
                // If we are using PL Dispatch. Then we need to set the SSL Socket Factory
                if (dispatch instanceof PicketLinkDispatch) {
                    ClassLoader cl = SecurityActions.getClassLoader(getClass());
                    SSLSocketFactory socketFactory = null;
                    if (cl != null) {
                        try {
                            Class<?> clazz = cl.loadClass(sslFactoryName);
                            socketFactory = (SSLSocketFactoryclazz.newInstance();
                        } catch (Exception e) {
                            cl = SecurityActions.getContextClassLoader();
                            try {
                                Class<?> clazz = cl.loadClass(sslFactoryName);
                                socketFactory = (SSLSocketFactoryclazz.newInstance();
                            } catch (Exception e1) {
                                throw .jbossWSUnableToCreateSSLSocketFactory(e1);
                            }
                        } finally {
                            if (socketFactory != null) {
                                ((PicketLinkDispatchdispatch).setSSLSocketFactory(socketFactory);
                            } else
                                throw .jbossWSUnableToFindSSLSocketFactory();
                        }
                    } else {
                        .trace("Classloader is null. Unable to set the SSLSocketFactory on PicketLinkDispatch");
                    }
                }
            }
        }
        
        @Override
        public Element issueToken(RequestSecurityToken request)
                throws WSTrustException {
            
            if (.equals(.)) {
                request.setRequestType(URI.create());
                ValidateTargetType validateTarget = new ValidateTargetType();
                try {
                    String sUserName = JBWSTokenIssuingLoginModule.this.getSharedUsername();
                    char[] cPassword = JBWSTokenIssuingLoginModule.this.getSharedPassword();
                    Element wsseUsernameToken = createUsernameToken(sUserName
                            (cPassword != null ? new String(cPassword) : null)); 
                    validateTarget.add(wsseUsernameToken);
                    request.setValidateTarget(validateTarget);
                }
                catch (SOAPException e) {
                    throw new WSTrustException(e);
                }
            }            
            
            return super.issueToken(request);
            
        }
        private Element createUsernameToken(String usernameValueString passwordValuethrows SOAPException {
            
            QName usernameTokenName = new QName(...);
            QName usernameName = new QName(...);
            QName passwordName = new QName(...);
            QName createdName = new QName(."Created".);
            
            SOAPFactory factory = SOAPFactory.newInstance();
            SOAPElement usernametoken = factory.createElement(usernameTokenName);
            usernametoken.addNamespaceDeclaration(..);
            usernametoken.addNamespaceDeclaration(..);
            SOAPElement username = factory.createElement(usernameName);
            username.addTextNode(usernameValue);
            SOAPElement password = factory.createElement(passwordName);
            password.addAttribute(new QName("Type"), .);
            password.addTextNode(passwordValue);
            SOAPElement created = factory.createElement(createdName);
            created.addTextNode(createdCal.toXMLFormat());
            
            usernametoken.addChildElement(username);
            usernametoken.addChildElement(password);
            usernametoken.addChildElement(created);
            return usernametoken;
        }
    }
    
New to GrepCode? Check out our FAQ X