in modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java [208:472]
public RampartMessageData(MessageContext msgCtx, boolean sender) throws RampartException {
this.msgContext = msgCtx;
try {
// Set the WSSConfig
this.config = WSSConfig.getNewInstance();
//Update the UsernameToken validator
this.config.setValidator(WSConstants.USERNAME_TOKEN, RampartUsernameTokenValidator.class);
// set the Time Source
WSTimeSource wsTimeSource = (WSTimeSource)msgCtx.getProperty(CUSTOM_WS_TIME_SOURCE);
if (wsTimeSource != null) {
this.config.setCurrentTime(wsTimeSource);
}
// First obtain the axis service as we have to do a null check, there can be situations
// where Axis Service is null
AxisService axisService = msgCtx.getAxisService();
if(axisService != null && axisService.getParameter(PARAM_CLIENT_SIDE) != null) {
this.isInitiator = true;
} else {
this.isInitiator = !msgCtx.isServerSide();
//TODO if Axis Service is null at this point, do we have to create a dummy one ??
if(this.isInitiator && axisService != null ) {
Parameter clientSideParam = new Parameter();
clientSideParam.setName(PARAM_CLIENT_SIDE);
clientSideParam.setLocked(true);
msgCtx.getAxisService().addParameter(clientSideParam);
}
}
if(msgCtx.getProperty(KEY_RAMPART_POLICY) != null) {
this.servicePolicy = (Policy)msgCtx.getProperty(KEY_RAMPART_POLICY);
}
// Checking which flow we are in
int flow = msgCtx.getFLOW();
// If we are IN flow or IN_FAULT flow and the KEY_RAMPART_IN_POLICY is set , we set the
// merge that policy to the KEY_RAMPART_POLICY if it is present. Else we set
// KEY_RAMPART_IN_POLICY as the service policy
if ( (flow == MessageContext.IN_FLOW || flow == MessageContext.IN_FAULT_FLOW )
&& msgCtx.getProperty(KEY_RAMPART_IN_POLICY) != null) {
if ( this.servicePolicy == null ) {
this.servicePolicy = (Policy)msgCtx.getProperty(KEY_RAMPART_IN_POLICY);
} else {
this.servicePolicy = this.servicePolicy.merge((Policy)msgCtx
.getProperty(KEY_RAMPART_IN_POLICY));
}
// If we are OUT flow or OUT_FAULT flow and the KEY_RAMPART_OUT_POLICY is set , we set
// the merge that policy to the KEY_RAMPART_POLICY if it is present. Else we set
// KEY_RAMPART_OUT_POLICY as the service policy
} else if ( (flow == MessageContext.OUT_FLOW || flow == MessageContext.OUT_FAULT_FLOW )
&& msgCtx.getProperty(KEY_RAMPART_OUT_POLICY) != null) {
if (this.servicePolicy == null) {
this.servicePolicy = (Policy)msgCtx.getProperty(KEY_RAMPART_OUT_POLICY);
} else {
this.servicePolicy = this.servicePolicy.merge((Policy)msgCtx
.getProperty(KEY_RAMPART_OUT_POLICY));
}
}
/*
* Init policy:
* When creating the RampartMessageData instance we
* extract the service policy is set in the msgCtx.
* If it is missing then try to obtain from the configuration files.
*/
if (this.servicePolicy == null) {
try {
this.servicePolicy = msgCtx.getEffectivePolicy();
} catch (NullPointerException e) {
//TODO remove this once AXIS2-4114 is fixed
if (axisService != null) {
Collection<PolicyComponent> policyList = new ArrayList<PolicyComponent>();
policyList.addAll(axisService.getPolicySubject().getAttachedPolicyComponents());
AxisConfiguration axisConfiguration = axisService.getAxisConfiguration();
policyList.addAll(axisConfiguration.getPolicySubject().getAttachedPolicyComponents());
this.servicePolicy = PolicyUtil.getMergedPolicy(policyList, axisService);
}
}
}
if(this.servicePolicy == null) {
Parameter param = msgCtx.getParameter(RampartMessageData.KEY_RAMPART_POLICY);
if(param != null) {
OMElement policyElem = param.getParameterElement().getFirstElement();
this.servicePolicy = PolicyEngine.getPolicy(policyElem);
}
}
if(this.servicePolicy != null){
List<Assertion> it = this.servicePolicy.getAlternatives().next();
//Process policy and build policy data
this.policyData = RampartPolicyBuilder.build(it);
//Set the version
setWSSecurityVersions(this.policyData.getWebServiceSecurityPolicyNS());
}
if(this.policyData != null) {
// Get the SOAP envelope as document, then create a security
// header and insert into the document (Envelope)
// WE SHOULD ONLY DO THE CONVERTION IF THERE IS AN APPLICABLE POLICY
this.document = Axis2Util.getDocumentFromSOAPEnvelope(msgCtx.getEnvelope(), true);
msgCtx.setEnvelope((SOAPEnvelope)this.document.getDocumentElement());
this.soapConstants = WSSecurityUtil.getSOAPConstants(this.document.getDocumentElement());
// Update the Rampart Config if RampartConfigCallbackHandler is present in the
// RampartConfig
RampartConfigCallbackHandler rampartConfigCallbackHandler = RampartUtil
.getRampartConfigCallbackHandler(msgCtx, policyData);
if (rampartConfigCallbackHandler != null) {
rampartConfigCallbackHandler.update(policyData.getRampartConfig());
}
// Update TTL and max skew time
RampartConfig policyDataRampartConfig = policyData.getRampartConfig();
if (policyDataRampartConfig != null) {
String timeToLiveString = policyDataRampartConfig.getTimestampTTL();
if (timeToLiveString != null && !timeToLiveString.equals("")) {
this.setTimeToLive(Integer.parseInt(timeToLiveString));
}
String maxSkewString = policyDataRampartConfig.getTimestampMaxSkew();
if (maxSkewString != null && !maxSkewString.equals("")) {
this.setTimestampMaxSkew(Integer.parseInt(maxSkewString));
}
}
//Check for RST and RSTR for an SCT
String wsaAction = msgContext.getWSAAction();
if(WSSHandlerConstants.RST_ACTON_SCT.equals(wsaAction)
|| WSSHandlerConstants.RSTR_ACTON_SCT.equals(wsaAction)) {
//submissive version
setTrustParameters();
}else if(WSSHandlerConstants.RST_ACTON_SCT_STANDARD.equals(wsaAction)
|| WSSHandlerConstants.RSTR_ACTON_SCT_STANDARD.equals(wsaAction)) {
//standard policy spec 1.2
setTrustParameters();
}
}
this.sender = sender;
OperationContext opCtx = this.msgContext.getOperationContext();
if(!this.isInitiator && this.sender) {
//Get hold of the incoming msg ctx
MessageContext inMsgCtx;
if (opCtx != null
&& (inMsgCtx = opCtx
.getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE)) != null
&& msgContext.getProperty(WSHandlerConstants.RECV_RESULTS) == null) {
msgContext.setProperty(WSHandlerConstants.RECV_RESULTS,
inMsgCtx.getProperty(WSHandlerConstants.RECV_RESULTS));
//If someone set the sct_id externally use it at the receiver
msgContext.setProperty(SCT_ID, inMsgCtx.getProperty(SCT_ID));
}
}
if(this.isInitiator && !this.sender) {
MessageContext outMsgCtx;
if (opCtx != null
&& (outMsgCtx = opCtx
.getMessageContext(WSDLConstants.MESSAGE_LABEL_OUT_VALUE)) != null) {
//If someone set the sct_id externally use it at the receiver
msgContext.setProperty(SCT_ID, outMsgCtx.getProperty(SCT_ID));
}
}
// Check whether RampartConfig is present
if (this.policyData != null && this.policyData.getRampartConfig() != null) {
// set some vars on WSS4J class RequestData via RamparConfig as desired in
// Jira issues RAMPART-205, RAMPART-361, RAMPART-432, RAMPART-435
// The precedence is MessageContext wins
Boolean timestampPrecisionInMsInput = (Boolean)msgCtx.getProperty(TIMESTAMP_PRECISION_IN_MS);
if (timestampPrecisionInMsInput != null) {
this.policyData.getRampartConfig().setDefaultTimestampPrecisionInMs(timestampPrecisionInMsInput);
}
Boolean timestampStrictInput = (Boolean)msgCtx.getProperty(TIMESTAMP_STRICT);
if (timestampStrictInput != null) {
this.policyData.getRampartConfig().setTimeStampStrict(timestampStrictInput);
}
// 1.8.0 and later
Boolean disableBSPEnforcementInput = (Boolean)msgCtx.getProperty(DISABLE_BSP_ENFORCEMENT);
if (disableBSPEnforcementInput != null) {
this.policyData.getRampartConfig().setDisableBSPEnforcement(disableBSPEnforcementInput);
}
Boolean handleCustomPasswordTypesInput = (Boolean)msgCtx.getProperty(HANDLE_CUSTOM_PASSWORD_TYPES);
if (handleCustomPasswordTypesInput != null) {
this.policyData.getRampartConfig().setHandleCustomPasswordTypes(handleCustomPasswordTypesInput);
}
Boolean allowNamespaceQualifiedPasswordTypesInput = (Boolean)msgCtx.getProperty(ALLOW_NAMESPACE_QUALIFIED_PASSWORDTYPES);
if (allowNamespaceQualifiedPasswordTypesInput != null) {
this.policyData.getRampartConfig().setAllowNamespaceQualifiedPasswordTypes(allowNamespaceQualifiedPasswordTypesInput);
}
Boolean allowUsernameTokenNoPasswordInput = (Boolean)msgCtx.getProperty(ALLOW_USERNAME_TOKEN_NO_PASSWORD);
if (allowUsernameTokenNoPasswordInput != null) {
this.policyData.getRampartConfig().setAllowUsernameTokenNoPassword(allowUsernameTokenNoPasswordInput);
}
Boolean allowRSA15KeyTransportAlgorithmInput = (Boolean)msgCtx.getProperty(ALLOW_RSA15_KEY_TRANSPORT_ALGORITHM);
if (allowRSA15KeyTransportAlgorithmInput != null) {
this.policyData.getRampartConfig().setAllowRSA15KeyTransportAlgorithm(allowRSA15KeyTransportAlgorithmInput);
}
Integer timeStampFutureTTLInput = (Integer)msgCtx.getProperty(TIMESTAMP_FUTURE_TTL);
if (timeStampFutureTTLInput != null) {
this.policyData.getRampartConfig().setTimeStampFutureTTL(timeStampFutureTTLInput);
}
Integer utTTLInput = (Integer)msgCtx.getProperty(UT_TTL);
if (utTTLInput != null) {
this.policyData.getRampartConfig().setUtTTL(utTTLInput);
}
Integer utFutureTTLInput = (Integer)msgCtx.getProperty(UT_FUTURE_TTL);
if (utFutureTTLInput != null) {
this.policyData.getRampartConfig().setUtFutureTTL(utFutureTTLInput);
}
}
if (axisService != null) {
this.customClassLoader = axisService.getClassLoader();
}
if(this.sender && this.policyData != null) {
this.secHeader = new WSSecHeader(this.document);
secHeader.insertSecurityHeader();
// RAMPART-261
Boolean mustUnderstandSecurityHeaderInput = (Boolean)msgCtx.getProperty(MUST_UNDERSTAND_SECURITY_HEADER);
if (mustUnderstandSecurityHeaderInput != null) {
secHeader.setMustUnderstand(mustUnderstandSecurityHeaderInput);
} else if (this.policyData != null && this.policyData.getRampartConfig() != null) {
secHeader.setMustUnderstand(this.policyData.getRampartConfig().isMustUnderstandSecurityHeader());
}
}
} catch (AxisFault e) {
throw new RampartException("errorInExtractingMsgProps", e);
} catch (WSSPolicyException e) {
throw new RampartException("errorInExtractingMsgProps", e);
} catch (WSSecurityException e) {
throw new RampartException("errorInExtractingMsgProps", e);
}
}