View Javadoc

1   /*
2    *  soapUI, copyright (C) 2006 eviware.com 
3    *
4    *  soapUI is free software; you can redistribute it and/or modify it under the 
5    *  terms of the GNU Lesser General Public License as published by the Free Software Foundation; 
6    *  either version 2.1 of the License, or (at your option) any later version.
7    *
8    *  soapUI is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without 
9    *  even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
10   *  See the GNU Lesser General Public License for more details at gnu.org.
11   */
12  
13  package com.eviware.soapui.impl.wsdl.submit.filters;
14  
15  import java.io.StringReader;
16  import java.io.StringWriter;
17  
18  import javax.xml.parsers.DocumentBuilder;
19  import javax.xml.parsers.DocumentBuilderFactory;
20  import javax.xml.parsers.ParserConfigurationException;
21  
22  import org.apache.ws.security.WSConstants;
23  import org.apache.ws.security.message.WSSecHeader;
24  import org.apache.ws.security.message.WSSecUsernameToken;
25  import org.w3c.dom.Document;
26  import org.xml.sax.InputSource;
27  
28  import com.eviware.soapui.impl.wsdl.WsdlRequest;
29  import com.eviware.soapui.impl.wsdl.submit.RequestFilter;
30  import com.eviware.soapui.impl.wsdl.submit.transports.http.BaseHttpRequestTransport;
31  import com.eviware.soapui.model.iface.SubmitContext;
32  import com.eviware.soapui.support.xml.XmlUtils;
33  
34  /***
35   * Modifies the request message to include WS-Securty Username tokens
36   * 
37   * @author Ole.Matzura
38   */
39  
40  public class WsSecurityAuthenticationRequestFilter implements RequestFilter
41  {
42  	private static DocumentBuilderFactory dbf;
43  	private static DocumentBuilder db;
44  
45  	static
46  	{
47  		dbf = DocumentBuilderFactory.newInstance();
48  		dbf.setValidating(false);
49  	   dbf.setNamespaceAware(true);
50  	   
51  	   try
52  		{
53  			db = dbf.newDocumentBuilder();
54  		}
55  		catch (ParserConfigurationException e)
56  		{
57  			e.printStackTrace();
58  		}
59  	}
60  
61  	public void filterRequest(SubmitContext context, WsdlRequest wsdlRequest)
62  	{
63  		try 
64        {
65           String pwType = wsdlRequest.getWssPasswordType();
66           if (pwType == null || pwType.length() == 0 || WsdlRequest.PW_TYPE_NONE.equals(pwType)) 
67           {
68              return ;
69           }
70  
71           String request = (String) context.getProperty( BaseHttpRequestTransport.REQUEST_CONTENT );
72  			Document doc = db.parse(new InputSource( new StringReader( request )));
73  
74  			WSSecUsernameToken wsa = new WSSecUsernameToken();
75           if (WsdlRequest.PW_TYPE_DIGEST.equals(pwType)) 
76           {
77              wsa.setPasswordType(WSConstants.PASSWORD_DIGEST);
78           } 
79           else 
80           {
81              wsa.setPasswordType(WSConstants.PASSWORD_TEXT);
82           }
83           
84           wsa.setUserInfo(wsdlRequest.getUsername(), wsdlRequest.getPassword() ); 
85           
86           WSSecHeader secHeader = new WSSecHeader();
87           secHeader.insertSecurityHeader( doc );
88  			wsa.build(doc, secHeader );
89  
90           StringWriter writer = new StringWriter();
91   			XmlUtils.serializePretty( doc, writer );
92   			context.setProperty( BaseHttpRequestTransport.REQUEST_CONTENT, writer.toString() );
93        } 
94  		catch (Throwable e) 
95  		{
96            e.printStackTrace();
97        }
98  	}
99  }