com.sun.identity.wss.security.handler

Class SOAPRequestHandler

java.lang.Object

com.sun.identity.wss.security.handler.SOAPRequestHandler

All Implemented Interfaces:

SOAPRequestHandlerInterface

public class SOAPRequestHandler
extends Object
implements SOAPRequestHandlerInterface

This class SOAPRequestHandler is to process and secure the in-bound or out-bound SOAPMessages of the web service clients and web service providers.

This class processes the SOAPMessages for the web services security according to the processing rules defined in OASIS web services security specification and as well as the Liberty Identity Web services security framework.

Constructor Summary

Constructors

Constructor and Description
SOAPRequestHandler()

Method Summary

Modifier and Type	Method and Description
static MessageAuthenticator	getAuthenticator() Returns the configured message authenticator.
static MessageAuthorizer	getAuthorizer() Returns the configured message authenticator.
void	init(Map config) Initializes the handler with the given configuration.
String	print(Node node) Prints a Node tree recursively.
SOAPMessage	secureRequest(SOAPMessage soapMessage, Subject subject, Map sharedState) Secures the SOAPMessage request by adding necessary credential information.
SOAPMessage	secureResponse(SOAPMessage soapMessage, Map sharedState) Secures the SOAP Message response to the client.
Object	validateRequest(SOAPMessage soapRequest, Subject subject, Map sharedState, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Authenticates the SOAPMessage from a remote client.
void	validateResponse(SOAPMessage soapMessage, Map sharedState) Validates the SOAP Response from the service provider.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SOAPRequestHandler

public SOAPRequestHandler()

Method Detail

init

public void init(Map config)
          throws SecurityException

Initializes the handler with the given configuration.

Specified by:

init in interface SOAPRequestHandlerInterface

Parameters:

config - the configuration map to initializate the provider.

Throws:

SecurityException - if the initialization fails.

validateRequest

public Object validateRequest(SOAPMessage soapRequest,
                              Subject subject,
                              Map sharedState,
                              javax.servlet.http.HttpServletRequest request,
                              javax.servlet.http.HttpServletResponse response)
                       throws SecurityException

Authenticates the SOAPMessage from a remote client.

Specified by:

validateRequest in interface SOAPRequestHandlerInterface

Parameters:

soapRequest - SOAPMessage that needs to be validated.

subject - the subject that may be used by the callers to store Principals and credentials validated in the request.

sharedState - that may be used to store any shared state information between validateRequest and

request - the HttpServletRequest associated with this SOAP Message request.

response - the HttpServletResponse associated with this SOAP Message response.

Returns:

Object the authenticated token.

Throws:

SecurityException - if any error occured during validation.

secureResponse

public SOAPMessage secureResponse(SOAPMessage soapMessage,
                                  Map sharedState)
                           throws SecurityException

Secures the SOAP Message response to the client.

Specified by:

secureResponse in interface SOAPRequestHandlerInterface

Parameters:

soapMessage - SOAP Message that needs to be secured.

sharedState - a map for the callers to store any state information between validateRequest and secureResponse.

Throws:

SecurityException - if any error occurs during securing.

secureRequest

public SOAPMessage secureRequest(SOAPMessage soapMessage,
                                 Subject subject,
                                 Map sharedState)
                          throws SecurityException

Secures the SOAPMessage request by adding necessary credential information.

Specified by:

secureRequest in interface SOAPRequestHandlerInterface

Parameters:

soapMessage - the SOAPMessage that needs to be secured.

subject - the Subject of the authenticating entity.

sharedState - Any shared state information that may be used between the secureRequest and validateResponse.

Throws:

SecurityException - if any failure for securing the request.

validateResponse

public void validateResponse(SOAPMessage soapMessage,
                             Map sharedState)
                      throws SecurityException

Validates the SOAP Response from the service provider.

Specified by:

validateResponse in interface SOAPRequestHandlerInterface

Parameters:

soapMessage - the SOAPMessage that needs to be validated.

sharedState - Any shared data that may be used between the secureRequest and validateResponse.

Throws:

SecurityException - if any failure occured for validating the response.

getAuthenticator

public static MessageAuthenticator getAuthenticator()
                                             throws SecurityException

Returns the configured message authenticator.

Throws:

SecurityException

getAuthorizer

public static MessageAuthorizer getAuthorizer()
                                       throws SecurityException

Returns the configured message authenticator.

Throws:

SecurityException

print

public String print(Node node)

Prints a Node tree recursively.

Specified by:

print in interface SOAPRequestHandlerInterface

Parameters:

node - A DOM tree Node

Returns:

An xml String representation of the DOM tree.