package at.gv.util.client.szr; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.util.Set; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.namespace.QName; import javax.xml.parsers.ParserConfigurationException; import javax.xml.soap.SOAPElement; import javax.xml.soap.SOAPEnvelope; import javax.xml.soap.SOAPException; import javax.xml.soap.SOAPFactory; import javax.xml.soap.SOAPHeader; import javax.xml.soap.SOAPMessage; import javax.xml.ws.handler.MessageContext; import javax.xml.ws.handler.soap.SOAPHandler; import javax.xml.ws.handler.soap.SOAPMessageContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.w3c.dom.Element; import org.xml.sax.SAXException; import at.gv.util.DOMUtils; import at.gv.util.MiscUtil; import at.gv.util.xsd.szr.pvp.ObjectFactory; import at.gv.util.xsd.szr.pvp.PvpTokenType; public class SZRSOAPHandler implements SOAPHandler { private static final String AUTH_NS = "http://schemas.xmlsoap.org/ws/2002/04/secext"; private static final String AUTH_PREFIX="wss"; private PvpTokenType pvpTokenType = null; private Logger log = LoggerFactory.getLogger(SZRSOAPHandler.class); public void close(MessageContext arg0) { } public boolean handleFault(SOAPMessageContext arg0) { return true; } public void configure(PvpTokenType pvpToken) { MiscUtil.assertNotNull(pvpToken, "pvpToken"); this.pvpTokenType = pvpToken; } public boolean handleMessage(SOAPMessageContext smc) { log.trace("Initializing SZR SOAP message handler."); boolean isOutMessage = ((Boolean) smc.get(SOAPMessageContext.MESSAGE_OUTBOUND_PROPERTY)).booleanValue(); log.trace("Outbound message: " + isOutMessage); if (pvpTokenType == null) { throw new NullPointerException("Please configure first the PVP token."); } if (!isOutMessage) { return true; } try { SOAPMessage message = smc.getMessage(); SOAPEnvelope envelope = message.getSOAPPart().getEnvelope(); SOAPFactory soapFactory = SOAPFactory.newInstance(); // Creating WS-Security header element SOAPElement wsSecHeaderElm = soapFactory.createElement( "Security", AUTH_PREFIX, AUTH_NS); // serialize pvp token JAXBContext ctx = JAXBContext.newInstance(PvpTokenType.class); ObjectFactory of = new ObjectFactory(); ByteArrayOutputStream bos = new ByteArrayOutputStream(); ctx.createMarshaller().marshal(of.createPvpToken(pvpTokenType), bos); Element pvpTokenElement = DOMUtils.parseXmlNonValidating(new ByteArrayInputStream(bos.toByteArray())); SOAPElement pvpToken = soapFactory.createElement(pvpTokenElement); // adding elements wsSecHeaderElm.addChildElement(pvpToken); SOAPHeader header = envelope.getHeader(); if (header == null) header = envelope.addHeader(); header.addChildElement(wsSecHeaderElm); return true; } catch(SOAPException e) { log.warn("Cannot add WS-Security header.", e); return false; } catch (JAXBException e) { log.warn("Cannot add WS-Security header.", e); return false; } catch (ParserConfigurationException e) { log.warn("Cannot add WS-Security header.", e); return false; } catch (SAXException e) { log.warn("Cannot add WS-Security header.", e); return false; } catch (IOException e) { log.warn("Cannot add WS-Security header.", e); return false; } } public Set getHeaders() { return null; } }