1
2
3
4
5
6
7
8
9
10
11
12
13 package com.eviware.soapui.impl.wsdl.submit.filters;
14
15 import java.io.StringReader;
16 import java.io.StringWriter;
17
18 import javax.xml.parsers.DocumentBuilder;
19 import javax.xml.parsers.DocumentBuilderFactory;
20 import javax.xml.parsers.ParserConfigurationException;
21
22 import org.apache.ws.security.WSConstants;
23 import org.apache.ws.security.message.WSSecHeader;
24 import org.apache.ws.security.message.WSSecUsernameToken;
25 import org.w3c.dom.Document;
26 import org.xml.sax.InputSource;
27
28 import com.eviware.soapui.impl.wsdl.WsdlRequest;
29 import com.eviware.soapui.impl.wsdl.submit.RequestFilter;
30 import com.eviware.soapui.impl.wsdl.submit.transports.http.BaseHttpRequestTransport;
31 import com.eviware.soapui.model.iface.SubmitContext;
32 import com.eviware.soapui.support.xml.XmlUtils;
33
34 /***
35 * Modifies the request message to include WS-Securty Username tokens
36 *
37 * @author Ole.Matzura
38 */
39
40 public class WsSecurityAuthenticationRequestFilter implements RequestFilter
41 {
42 private static DocumentBuilderFactory dbf;
43 private static DocumentBuilder db;
44
45 static
46 {
47 dbf = DocumentBuilderFactory.newInstance();
48 dbf.setValidating(false);
49 dbf.setNamespaceAware(true);
50
51 try
52 {
53 db = dbf.newDocumentBuilder();
54 }
55 catch (ParserConfigurationException e)
56 {
57 e.printStackTrace();
58 }
59 }
60
61 public void filterRequest(SubmitContext context, WsdlRequest wsdlRequest)
62 {
63 try
64 {
65 String pwType = wsdlRequest.getWssPasswordType();
66 if (pwType == null || pwType.length() == 0 || WsdlRequest.PW_TYPE_NONE.equals(pwType))
67 {
68 return ;
69 }
70
71 String request = (String) context.getProperty( BaseHttpRequestTransport.REQUEST_CONTENT );
72 Document doc = db.parse(new InputSource( new StringReader( request )));
73
74 WSSecUsernameToken wsa = new WSSecUsernameToken();
75 if (WsdlRequest.PW_TYPE_DIGEST.equals(pwType))
76 {
77 wsa.setPasswordType(WSConstants.PASSWORD_DIGEST);
78 }
79 else
80 {
81 wsa.setPasswordType(WSConstants.PASSWORD_TEXT);
82 }
83
84 wsa.setUserInfo(wsdlRequest.getUsername(), wsdlRequest.getPassword() );
85
86 WSSecHeader secHeader = new WSSecHeader();
87 secHeader.insertSecurityHeader( doc );
88 wsa.build(doc, secHeader );
89
90 StringWriter writer = new StringWriter();
91 XmlUtils.serializePretty( doc, writer );
92 context.setProperty( BaseHttpRequestTransport.REQUEST_CONTENT, writer.toString() );
93 }
94 catch (Throwable e)
95 {
96 e.printStackTrace();
97 }
98 }
99 }