001/* 002 * (C) Copyright 2013 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl-2.1.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * Arnaud Kervern 016 */ 017 018package org.nuxeo.ecm.core.opencmis.bindings; 019 020import java.util.HashMap; 021import java.util.Map; 022import java.util.Set; 023 024import javax.xml.bind.JAXBElement; 025import javax.xml.namespace.QName; 026import javax.xml.ws.handler.MessageContext; 027import javax.xml.ws.handler.soap.SOAPHandler; 028import javax.xml.ws.handler.soap.SOAPMessageContext; 029 030import org.apache.chemistry.opencmis.server.impl.webservices.AbstractService; 031import org.apache.chemistry.opencmis.server.impl.webservices.AbstractUsernameTokenAuthHandler; 032 033/** 034 * Extracts username and password from a UsernameToken 035 * 036 * @author <a href="mailto:ak@nuxeo.com">Arnaud Kervern</a> 037 * @since 5.7.3 038 */ 039public class CXFAuthHandler extends AbstractUsernameTokenAuthHandler implements SOAPHandler<SOAPMessageContext> { 040 041 public Set<QName> getHeaders() { 042 return HEADERS; 043 } 044 045 public void close(MessageContext context) { 046 } 047 048 public boolean handleFault(SOAPMessageContext context) { 049 return true; 050 } 051 052 @SuppressWarnings("unchecked") 053 public boolean handleMessage(SOAPMessageContext context) { 054 if ((Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY)) { 055 // we are only looking at inbound messages 056 return true; 057 } 058 059 Map<String, String> callContextMap = null; 060 061 Object[] secHeaders = context.getHeaders(WSSE_SECURITY, WSSE_CONTEXT, true); 062 if (secHeaders != null && secHeaders.length > 0) { 063 for (Object header : secHeaders) { 064 if (!(header instanceof JAXBElement)) { 065 continue; 066 } 067 068 if (!(((JAXBElement) header).getValue() instanceof SecurityHeaderType)) { 069 continue; 070 } 071 072 callContextMap = extractUsernamePassword((JAXBElement<SecurityHeaderType>) header); 073 if (callContextMap != null) { 074 break; 075 } 076 } 077 } 078 079 // add user and password to context 080 if (callContextMap == null) { 081 callContextMap = new HashMap<String, String>(); 082 } 083 084 context.put(AbstractService.CALL_CONTEXT_MAP, callContextMap); 085 context.setScope(AbstractService.CALL_CONTEXT_MAP, MessageContext.Scope.APPLICATION); 086 087 return true; 088 } 089}