001: /*
002: * soapUI, copyright (C) 2004-2007 eviware.com
003: *
004: * soapUI is free software; you can redistribute it and/or modify it under the
005: * terms of version 2.1 of the GNU Lesser General Public License as published by
006: * the Free Software Foundation.
007: *
008: * soapUI is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
009: * even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
010: * See the GNU Lesser General Public License for more details at gnu.org.
011: */
012:
013: package com.eviware.soapui.impl.wsdl.submit.filters;
014:
015: import java.io.StringReader;
016: import java.io.StringWriter;
017:
018: import javax.xml.parsers.DocumentBuilder;
019: import javax.xml.parsers.DocumentBuilderFactory;
020: import javax.xml.parsers.ParserConfigurationException;
021:
022: import org.apache.ws.security.WSConstants;
023: import org.apache.ws.security.message.WSSecHeader;
024: import org.apache.ws.security.message.WSSecTimestamp;
025: import org.apache.ws.security.message.WSSecUsernameToken;
026: import org.w3c.dom.Document;
027: import org.xml.sax.InputSource;
028:
029: import com.eviware.soapui.SoapUI;
030: import com.eviware.soapui.impl.wsdl.WsdlRequest;
031: import com.eviware.soapui.impl.wsdl.submit.RequestFilter;
032: import com.eviware.soapui.impl.wsdl.submit.transports.http.BaseHttpRequestTransport;
033: import com.eviware.soapui.model.iface.SubmitContext;
034: import com.eviware.soapui.support.xml.XmlUtils;
035:
036: /**
037: * Modifies the request message to include WS-Securty Username and Timestamp tokens
038: *
039: * @author Ole.Matzura
040: */
041:
042: public class WsSecurityAuthenticationRequestFilter implements
043: RequestFilter {
044: private static DocumentBuilderFactory dbf;
045: private static DocumentBuilder db;
046:
047: static {
048: dbf = DocumentBuilderFactory.newInstance();
049: dbf.setValidating(false);
050: dbf.setNamespaceAware(true);
051:
052: try {
053: db = dbf.newDocumentBuilder();
054: } catch (ParserConfigurationException e) {
055: SoapUI.logError(e);
056: }
057: }
058:
059: public void filterRequest(SubmitContext context,
060: WsdlRequest wsdlRequest) {
061: String pwType = wsdlRequest.getWssPasswordType();
062: String wsTimestamp = wsdlRequest.getWssTimeToLive();
063:
064: if ((WsdlRequest.PW_TYPE_NONE.equals(pwType) || pwType == null || pwType
065: .length() == 0)
066: && (wsTimestamp == null || wsTimestamp.length() == 0))
067: return;
068:
069: try {
070: {
071: String request = (String) context
072: .getProperty(BaseHttpRequestTransport.REQUEST_CONTENT);
073: Document doc = null;
074:
075: // this should be solved with pooling for performance-reasons..
076: synchronized (db) {
077: doc = db.parse(new InputSource(new StringReader(
078: request)));
079: }
080:
081: if (pwType != null && pwType.length() > 0
082: && !pwType.equals(WsdlRequest.PW_TYPE_NONE))
083: addWssUsernameToken(wsdlRequest, pwType, doc);
084:
085: if (wsTimestamp != null && wsTimestamp.length() > 0)
086: addWsTimestampToken(wsdlRequest, wsTimestamp, doc);
087:
088: StringWriter writer = new StringWriter();
089: XmlUtils.serializePretty(doc, writer);
090: context.setProperty(
091: BaseHttpRequestTransport.REQUEST_CONTENT,
092: writer.toString());
093: }
094: } catch (Throwable e) {
095: SoapUI.logError(e);
096: }
097: }
098:
099: private void addWsTimestampToken(WsdlRequest wsdlRequest,
100: String ttl, Document doc) {
101: WSSecTimestamp addTimestamp = new WSSecTimestamp();
102: addTimestamp.setTimeToLive(Integer.parseInt(ttl));
103: WSSecHeader secHeader = new WSSecHeader();
104: secHeader.insertSecurityHeader(doc);
105: addTimestamp.build(doc, secHeader);
106: }
107:
108: private void addWssUsernameToken(WsdlRequest wsdlRequest,
109: String pwType, Document doc) {
110: WSSecUsernameToken wsa = new WSSecUsernameToken();
111: if (WsdlRequest.PW_TYPE_DIGEST.equals(pwType)) {
112: wsa.setPasswordType(WSConstants.PASSWORD_DIGEST);
113: } else {
114: wsa.setPasswordType(WSConstants.PASSWORD_TEXT);
115: }
116:
117: wsa.setUserInfo(wsdlRequest.getUsername(), wsdlRequest
118: .getPassword());
119:
120: WSSecHeader secHeader = new WSSecHeader();
121: secHeader.insertSecurityHeader(doc);
122: wsa.build(doc, secHeader);
123: }
124: }
|