//I really need to configure syntax highlighting and formatting again in my blog :(
package test;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.xml.namespace.QName;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPFault;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPHeaderElement;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import javax.xml.ws.soap.SOAPFaultException;
public class XSecurityJaxWsHandler implements SOAPHandler
private class Credentials {
public String username = null;
public String password = null;
}
public Set
return null;
}
public void close(MessageContext arg0) {
}
public boolean handleFault(SOAPMessageContext arg0) {
return true;
}
public boolean handleMessage(SOAPMessageContext messagecontext) {
Boolean outbound = (Boolean)messagecontext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
if (!outbound) {
try {
SOAPMessage message = messagecontext.getMessage();
SOAPHeader header = message.getSOAPHeader();
Credentials credentials = null;
if (header != null) {
credentials = extractCredentialsFromSOAPHeader(header);
} else {
generateSOAPFault("No se recibieron credenciales de autenticaci\u00F3n (elemento UsernameToken en SOAP header");
return false;
}
//do something with sec info...
} catch (SOAPException e) {
generateSOAPFault(e.getMessage());
e.printStackTrace();
return false;
}
}
return true;
}
private void generateSOAPFault(String reason) {
try {
SOAPMessage msg = MessageFactory.newInstance().createMessage();
SOAPBody soapBody = msg.getSOAPPart().getEnvelope().getBody();
SOAPFault soapFault = soapBody.addFault();
soapFault.setFaultString(reason);
throw new SOAPFaultException(soapFault);
}
catch(SOAPException e) {
// uh?
}
}
private Credentials extractCredentialsFromSOAPHeader(SOAPHeader header) {
Credentials credentials = new Credentials();
Iterator headersIt = header.getChildElements();
while (headersIt.hasNext()) { //
Object nextHeader = headersIt.next();
if(nextHeader instanceof SOAPHeaderElement) {
SOAPHeaderElement soapHeader = (SOAPHeaderElement)nextHeader;
if(soapHeader.getLocalName().equals("Security")) { //
Iterator secIt = soapHeader.getChildElements();
while (secIt.hasNext()) {
Object nextSecurityElement = secIt.next();
if(nextSecurityElement instanceof SOAPElement) {
SOAPElement securitySoapElement = (SOAPElement)nextSecurityElement;
if(securitySoapElement.getLocalName().equals("UsernameToken")) { //
Iterator untSecIt = securitySoapElement.getChildElements();
while (untSecIt.hasNext()) {
Object nextUsernameTokenElement = untSecIt.next();
if(nextUsernameTokenElement instanceof SOAPElement) {
SOAPElement usernameTokenSoapChildElement = (SOAPElement)nextUsernameTokenElement;
if(usernameTokenSoapChildElement.getLocalName().equals("Username")) { //
credentials.username = usernameTokenSoapChildElement.getFirstChild().getTextContent();
} else if(usernameTokenSoapChildElement.getLocalName().equals("Password")) { //
credentials.password = usernameTokenSoapChildElement.getFirstChild().getTextContent();
}
}
}
}
}
}
}
}
}
return credentials;
}
}
No hay comentarios:
Publicar un comentario