Source code

001/*
002 * (C) Copyright 2013 Nuxeo SA (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl-2.1.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     Arnaud Kervern
016 */
017
018package org.nuxeo.ecm.core.opencmis.bindings;
019
020import java.util.HashMap;
021import java.util.Map;
022import java.util.Set;
023
024import javax.xml.bind.JAXBElement;
025import javax.xml.namespace.QName;
026import javax.xml.ws.handler.MessageContext;
027import javax.xml.ws.handler.soap.SOAPHandler;
028import javax.xml.ws.handler.soap.SOAPMessageContext;
029
030import org.apache.chemistry.opencmis.server.impl.webservices.AbstractService;
031import org.apache.chemistry.opencmis.server.impl.webservices.AbstractUsernameTokenAuthHandler;
032
033/**
034 * Extracts username and password from a UsernameToken
035 *
036 * @author <a href="mailto:ak@nuxeo.com">Arnaud Kervern</a>
037 * @since 5.7.3
038 */
039public class CXFAuthHandler extends AbstractUsernameTokenAuthHandler implements SOAPHandler<SOAPMessageContext> {
040
041    public Set<QName> getHeaders() {
042        return HEADERS;
043    }
044
045    public void close(MessageContext context) {
046    }
047
048    public boolean handleFault(SOAPMessageContext context) {
049        return true;
050    }
051
052    @SuppressWarnings("unchecked")
053    public boolean handleMessage(SOAPMessageContext context) {
054        if ((Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY)) {
055            // we are only looking at inbound messages
056            return true;
057        }
058
059        Map<String, String> callContextMap = null;
060
061        Object[] secHeaders = context.getHeaders(WSSE_SECURITY, WSSE_CONTEXT, true);
062        if (secHeaders != null && secHeaders.length > 0) {
063            for (Object header : secHeaders) {
064                if (!(header instanceof JAXBElement)) {
065                    continue;
066                }
067
068                if (!(((JAXBElement) header).getValue() instanceof SecurityHeaderType)) {
069                    continue;
070                }
071
072                callContextMap = extractUsernamePassword((JAXBElement<SecurityHeaderType>) header);
073                if (callContextMap != null) {
074                    break;
075                }
076            }
077        }
078
079        // add user and password to context
080        if (callContextMap == null) {
081            callContextMap = new HashMap<String, String>();
082        }
083
084        context.put(AbstractService.CALL_CONTEXT_MAP, callContextMap);
085        context.setScope(AbstractService.CALL_CONTEXT_MAP, MessageContext.Scope.APPLICATION);
086
087        return true;
088    }
089}