ServletSystemHandlerDelegate


1   /*
2    * The contents of this file are subject to the terms 
3    * of the Common Development and Distribution License 
4    * (the License).  You may not use this file except in
5    * compliance with the License.
6    * 
7    * You can obtain a copy of the license at 
8    * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9    * glassfish/bootstrap/legal/CDDLv1.0.txt.
10   * See the License for the specific language governing 
11   * permissions and limitations under the License.
12   * 
13   * When distributing Covered Code, include this CDDL 
14   * Header Notice in each file and include the License file 
15   * at glassfish/bootstrap/legal/CDDLv1.0.txt.  
16   * If applicable, add the following below the CDDL Header, 
17   * with the fields enclosed by brackets [] replaced by
18   * you own identifying information: 
19   * "Portions Copyrighted [year] [name of copyright owner]"
20   * 
21   * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22   */
23  package com.sun.enterprise.webservice;
24  
25  import java.util.logging.*;
26  import java.security.PrivilegedActionException  ;
27  import java.security.PrivilegedExceptionAction  ;
28  
29  import java.lang.reflect.Method  ;
30  
31  import javax.xml.soap.SOAPMessage  ;
32  
33  import javax.security.auth.Subject  ;
34  
35  import com.sun.enterprise.security.jauth.*;
36  
37  import com.sun.xml.rpc.spi.runtime.Implementor;
38  import com.sun.xml.rpc.spi.runtime.SOAPMessageContext;
39  import com.sun.xml.rpc.spi.runtime.StreamingHandler;
40  import com.sun.xml.rpc.spi.runtime.SystemHandlerDelegate;
41  import com.sun.xml.rpc.spi.runtime.Tie;
42  
43  //import com.sun.xml.rpc.server.http.MessageContextProperties;
44  
45  import com.sun.enterprise.security.SecurityContext;
46  import com.sun.enterprise.security.jauth.ServerAuthConfig;
47  import com.sun.enterprise.security.wss.WebServiceSecurity;
48  
49  import com.sun.logging.*;
50  
51  import com.sun.enterprise.util.i18n.StringManager;
52  
53  /**
54   * The methods of this interface are invoked by the JAXRPCServletDelegate
55   * on the path to web sevice endpoints deployed as servlets.
56   *
57   * NOTE: The methods of this interface may also be called on the client side of
58   * jaxrpc invocations, although at this time, we have not decided from
59   * where such invocations would be made.
60   *
61   * @author Ron Monzillo
62   */
63  
64  public class ServletSystemHandlerDelegate implements SystemHandlerDelegate {
65  
66      protected static Logger _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);
67  
68      private static final String   IMPLEMENTOR = 
69      "com.sun.xml.rpc.server.http.Implementor";
70      private static final String   SERVER_AUTH_CONTEXT = 
71      "com.sun.enterprise.security.jauth.ServerAuthContext";
72  
73      // resources...
74      private static StringManager localStrings = StringManager.getManager(ServletSystemHandlerDelegate.class);
75  
76      ServerAuthConfig config_;
77  
78      public ServletSystemHandlerDelegate(ServerAuthConfig config) {
79      config_ = config;
80      }
81  
82     /**
83      * The processRequest method is invoked with an object that 
84      * implements com.sun.xml.rpc.spi.runtime.SOAPMessageContext.
85      * <p>
86      * When this method is called by the JAXRPCServletDelegate
87      * (on the server side of jaxrpc servlet container invocation processing)
88      * it must be called just before the call to implementor.getTie().handle(),
89      * and at the time of the request message and the following properties 
90      * must have been set on the SOAPMessageContext.
91      * <p>
92      * com.sun.xml.rpc.server.http.MessageContextProperties.IMPLEMENTOR
93      * <br>
94      * This property must be set to the com.sun.xml.rpc.spi.runtime.Implementor 
95      * object corresponding to the target endpoint.
96      * <p>
97      * com.sun.xml.rpc.server.http.MessageContextProperties.HTTP_SERVLET_REQUEST
98      * <br>
99      * This property must be
100     * set to the javax.servlet.http.HttpServletRequest object containing the 
101     * JAXRPC invocation.
102     * <p>
103     * com.sun.xml.rpc.server.http.MessageContextProperties.HTTP_SERVLET_RESPONSE
104     * <br>
105     * This property must be
106     * set to the javax.servlet.http.HttpServletResponse object corresponding to
107     * the JAXRPC invocation.
108     * <p>
109     * com.sun.xml.rpc.server.MessageContextProperties.HTTP_SERVLET_CONTEXT
110     * <br>
111     * This property must be
112     * set to the javax.servlet.ServletContext object corresponding to web application
113     * in which the JAXRPC servlet is running.
114     * @param messageContext the SOAPMessageContext object containing the request
115     * message and the properties described above.
116     * @return true if processing by the delegate was such that the caller
117     * should continue with its normal message processing. Returns false if the
118     * processing by the delegate resulted in the messageContext containing a response
119     * message that should be returned without the caller proceding to its normal
120     * message processing. 
121     * @throws java.lang.RuntimeException when the processing by the delegate failed,
122     * without yielding a response message. In this case, the expectation is that
123     * the caller will return a HTTP layer response code reporting that an internal
124     * error occured.
125     */
126     public boolean processRequest(SOAPMessageContext messageContext) {
127 
128     if(_logger.isLoggable(Level.FINE)){
129         _logger.fine("ws.processRequest");
130     }
131 
132         final SOAPMessageContext finalMC = messageContext;
133     Implementor implementor = (Implementor) messageContext.getProperty( IMPLEMENTOR );
134         final Tie tie = implementor.getTie();
135     StreamingHandler handler = (StreamingHandler) implementor.getTie();
136     SOAPMessage   request = finalMC.getMessage();
137     final ServerAuthContext sAC = config_.getAuthContext(handler,request);
138 
139         boolean status = true;
140     try {
141         if (sAC != null) {
142         status = false;
143                 // proceed to process message security
144                 status = WebServiceSecurity.validateRequest(finalMC,sAC);
145 
146         if (status) {
147             messageContext.setProperty(SERVER_AUTH_CONTEXT, sAC);
148         }
149             } 
150     } catch (AuthException ae) {
151         _logger.log(Level.SEVERE, "ws.error_validate_request", ae);
152         throw new RuntimeException  (ae);
153     } finally {
154         WebServiceSecurity.auditInvocation(messageContext,status); 
155         }
156 
157         if (status) {
158 
159         // only do doAsPriv if SecurityManager in effect.
160 
161         if (System.getSecurityManager() != null) {
162 
163         // on this branch, the endpoint invocation and the 
164         // processing of the response will be initiated from
165         // within the system handler delegate. delegate returns
166         // false so that dispatcher will not invoke the endpoint.
167 
168         status = false;
169 
170         try {
171 
172             Subject.doAsPrivileged
173             (SecurityContext.getCurrent().getSubject(),
174              new PrivilegedExceptionAction  () {
175                 public Object   run() throws Exception   {
176                 tie.handle(finalMC);
177                 processResponse(finalMC);
178                 return null;
179                 }
180                      }, null);
181 
182         } catch (PrivilegedActionException   pae) {
183             Throwable   cause = pae.getCause();
184             if (cause instanceof AuthException){
185             _logger.log(Level.SEVERE, "ws.error_secure_response", cause);
186             }
187             RuntimeException   re = null;
188             if (cause instanceof RuntimeException  ) {
189             re = (RuntimeException  ) cause;
190             } else {
191             re = new RuntimeException  (cause);
192             }
193             throw re;
194         }
195         }
196         }
197     return status;
198     }
199 
200    /**
201     * The processResponse method is invoked with an object that 
202     * implements com.sun.xml.rpc.spi.runtime.SOAPMessageContext.
203     * <p>
204     * When this method is called by the JAXRPCServletDelegate
205     * (on the server side of jaxrpc servlet container invocation processing)
206     * it must be called just just after the call to implementor.getTie().handle().
207     * In the special case where the handle method throws an exception, the
208     * processResponse message must not be called.
209     * <p>
210     * The SOAPMessageContext passed to the processRequest and handle messages is
211     * passed to the processResponse method.
212     * @throws java.lang.RuntimeException when the processing by the delegate failed,
213     * in which case the caller is expected to return an HTTP layer 
214     * response code reporting that an internal error occured.
215     */
216     public void processResponse(SOAPMessageContext messageContext) {
217 
218     if(_logger.isLoggable(Level.FINE)){
219         _logger.fine("ws.processResponse");
220     }
221 
222     ServerAuthContext sAC = 
223         (ServerAuthContext) messageContext.getProperty( SERVER_AUTH_CONTEXT );
224 
225     if (sAC == null) {
226         return;
227     }
228 
229     try {
230         WebServiceSecurity.secureResponse(messageContext,sAC);
231     } catch (AuthException ae) {
232             _logger.log(Level.SEVERE, "ws.error_secure_response", ae);
233         throw new RuntimeException  (ae);
234     }
235     }
236 }
237 
238     
239
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags