diff options
Diffstat (limited to 'spss.server/src/at/gv/egovernment/moa/spss/server/service')
6 files changed, 747 insertions, 0 deletions
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/service/AxisHandler.java b/spss.server/src/at/gv/egovernment/moa/spss/server/service/AxisHandler.java new file mode 100644 index 000000000..9d6b255c2 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/service/AxisHandler.java @@ -0,0 +1,252 @@ +package at.gv.egovernment.moa.spss.server.service; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.security.cert.X509Certificate; + +import javax.servlet.http.HttpServletRequest; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import org.apache.axis.AxisFault; +import org.apache.axis.MessageContext; +import org.apache.axis.handlers.BasicHandler; +import org.apache.axis.transport.http.HTTPConstants; +import org.apache.axis.utils.Messages; +import org.apache.axis.utils.XMLUtils; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.logging.LoggingContext; +import at.gv.egovernment.moa.logging.LoggingContextManager; + +import at.gv.egovernment.moa.spss.MOASystemException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import at.gv.egovernment.moa.spss.server.transaction.TransactionIDGenerator; +import at.gv.egovernment.moa.spss.util.MessageProvider; + +/** + * An handler that is invoked on each web service request and performs some + * central message handling. + * + * Mainly sets up the <code>TransactionContext</code> for the current + * transaction (i.e. web service request). + * + * @author Patrick Peck + * @author Stefan Knirsch + * @version $Id$ + */ +public class AxisHandler extends BasicHandler { + + /** The property name for accessing the HTTP request. */ + private static final String REQUEST_PROPERTY = + HTTPConstants.MC_HTTP_SERVLETREQUEST; + /** The property name for accessing the X509 client certificate chain. */ + private static final String X509_CERTIFICATE_PROPERTY = + "javax.servlet.request.X509Certificate"; + /** The property name for accessing the SOAP action header. */ + private static final String SOAP_ACTION_HEADER = "soapaction"; + + /** + * Handle an invocation of this handler. + * + * @param msgContext Information about this request/response. + * @throws AxisFault An error occurred during processing of the request. + * @see org.apache.axis.Handler#invoke(MessageContext) + */ + public void invoke(MessageContext msgContext) throws AxisFault { + if (!msgContext.getPastPivot()) { + handleRequest(msgContext); + } else { + handleResponse(msgContext); + } + } + + /** + * This method is called by <code>invoke</code> to handle incoming requests. + * + * @param msgContext The context as provided to <code>invoke</code>. + * @throws AxisFault An error occurred during processing of the request. + */ + private void handleRequest(MessageContext msgContext) throws AxisFault { + try { + // generate a unique transaction id and build the TransactionContext + // for this request + HttpServletRequest request = + (HttpServletRequest) msgContext.getProperty(REQUEST_PROPERTY); + + X509Certificate[] clientCert = + (X509Certificate[]) request.getAttribute(X509_CERTIFICATE_PROPERTY); + + ConfigurationProvider configuration = + ConfigurationProvider.getInstance(); + + TransactionContext context = + new TransactionContext( + TransactionIDGenerator.nextID(), + clientCert, + configuration); + + context.setRequestName((String) request.getHeader(SOAP_ACTION_HEADER)); + + setUpContexts(context); + + // log some information about the request + info( + "handler.00", + new Object[] { + context.getTransactionID(), + msgContext.getTargetService()}); + info("handler.01", new Object[] { request.getRemoteAddr()}); + if (clientCert != null) { + info( + "handler.02", + new Object[] { + clientCert[0].getSubjectDN(), + clientCert[0].getSerialNumber(), + clientCert[0].getIssuerDN()}); + + } else { + info("handler.03", null); + } + if (Logger.isDebugEnabled()) { + String msg = msgContext.getCurrentMessage().getSOAPPartAsString(); + Logger.debug(new LogMsg(msg)); + } + } catch (MOASystemException e) { + MOASystemException se = new MOASystemException("2900", null, e); + AxisFault fault = AxisFault.makeFault(se); + fault.setFaultDetail(new Element[] { se.toErrorResponse()}); + throw fault; + } catch (Throwable t) { + MOASystemException e = new MOASystemException("2900", null, t); + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + throw fault; + } + } + + /** + * This method is called by <code>invoke</code> to handle outgoing + * responses. + * + * @param msgContext The context as provided to <code>invoke</code>. + * @throws AxisFault An error occurred during processing of the response. + */ + private void handleResponse(MessageContext msgContext) throws AxisFault { + info("handler.04", null); + if (Logger.isDebugEnabled()) { + String msg = msgContext.getCurrentMessage().getSOAPPartAsString(); + Logger.debug(new LogMsg(msg)); + } + tearDownContexts(); + } + + /** + * Called, when the processing of the web service fails. + * + * @param msgContext Information about the current request. + * @see org.apache.axis.Handler#onFault(org.apache.axis.MessageContext) + */ + public void onFault(MessageContext msgContext) { + info("handler.05", null); + tearDownContexts(); + } + + /** + * Set up the thread-local contexts (<code>TransactionContext</code> and + * <code>LoggingContext</code>). + * + * @param context The <code>TransactionContext</code> to set for the current + * request. + */ + private void setUpContexts(TransactionContext context) { + // set the transaction context in the TransactionContextManager + TransactionContextManager tcm = TransactionContextManager.getInstance(); + tcm.setTransactionContext(context); + + // set the logging context in the LoggingContextManager + LoggingContextManager lcm = LoggingContextManager.getInstance(); + LoggingContext lc = new LoggingContext(context.getTransactionID()); + lcm.setLoggingContext(lc); + } + + /** + * Tear down the thread-local contexts. + */ + private void tearDownContexts() { + // unset the transaction context + TransactionContextManager tcm = TransactionContextManager.getInstance(); + tcm.setTransactionContext(null); + + // unset the logging context + LoggingContextManager lcm = LoggingContextManager.getInstance(); + lcm.setLoggingContext(null); + } + + /** + * Generate the WSDL into the <code>msgContext</code>. + * + * The code of this method is more or less copied from the + * <code>org.apache.axis.handlers.soap.SOAPService</code> class contained in + * the 1.1 release of Axis to allow for a missing <code>wsdlFile</code> (so + * that a resource by the same name is searched for in the classpath). The + * implementation of this method should be obsolete if Axis 1.1 or higher is + * used. + * + * @param msgContext The <code>MessageContext</code> that will contain the + * WSDL description of the current web service. + * @throws AxisFault An error occurred producing the WSDL. + */ + public void generateWSDL(MessageContext msgContext) throws AxisFault { + InputStream instream = null; + + // Got a WSDL file in the service description, so try and read it + try { + String filename = "/resources/wsdl/MOA-SP-SS-1.0-20020829.wsdl"; + msgContext.getService().getServiceDescription().getWSDLFile(); + File file = new File(filename); + if (file.exists()) { + //if this resolves to a file, load it + instream = new FileInputStream(filename); + } else { + //else load a named resource in our classloader. + instream = this.getClass().getResourceAsStream(filename); + if (instream == null) { + String errorText = Messages.getMessage("wsdlFileMissing", filename); + throw new AxisFault(errorText); + } + } + Document doc = XMLUtils.newDocument(instream); + msgContext.setProperty("WSDL", doc); + } catch (Exception e) { + throw AxisFault.makeFault(e); + } finally { + if (instream != null) { + try { + instream.close(); + } catch (IOException e) { + // ok to do nothing here + } + } + } + } + + /** + * Utility function to issue an info message to the log. + * + * @param messageId The ID of the message to log. + * @param parameters Additional message parameters. + */ + private static void info(String messageId, Object[] parameters) { + MessageProvider msg = MessageProvider.getInstance(); + + Logger.info(new LogMsg(msg.getMessage(messageId, parameters))); + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/service/ConfigurationServlet.java b/spss.server/src/at/gv/egovernment/moa/spss/server/service/ConfigurationServlet.java new file mode 100644 index 000000000..7783ed3f6 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/service/ConfigurationServlet.java @@ -0,0 +1,120 @@ +package at.gv.egovernment.moa.spss.server.service; + +import java.io.IOException; +import java.io.PrintWriter; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.logging.LoggingContext; +import at.gv.egovernment.moa.logging.LoggingContextManager; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator; +import at.gv.egovernment.moa.spss.server.init.*; +import at.gv.egovernment.moa.spss.util.MessageProvider; + +/** + * A servlet to initialize and update the MOA configuration. + * + * @author Fatemeh Philippi + * @author Patrick Peck + * @version $Id$ + */ +public class ConfigurationServlet extends HttpServlet { + /** The document type of the HTML to generate. */ + private static final String DOC_TYPE = + "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\n"; + + /** + * Handle a HTTP GET request, used to indicated that the MOA + * configuration needs to be updated (reloaded). + * + * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) + */ + public void doGet(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + + MessageProvider msg = MessageProvider.getInstance(); + PrintWriter out; + + // set up a logging context for logging the reconfiguration + LoggingContextManager.getInstance().setLoggingContext( + new LoggingContext("configuration update")); + + response.setContentType("text/html"); + out = response.getWriter(); + out.println(DOC_TYPE); + out.println("<head><title>MOA configuration update</title></head>"); + out.println("<body bgcolor=\"#FFFFFF\">"); + try { + // reconfigure the system + ConfigurationProvider config = ConfigurationProvider.reload(); + IaikConfigurator iaikConfigurator = new IaikConfigurator(); + + iaikConfigurator.configure(config); + + // print a status message + out.println("<p><b>" + msg.getMessage("config.06", null) + "</b></p>"); + Logger.info(new LogMsg(msg.getMessage("config.06", null))); + + if (!config.getWarnings().isEmpty()) { + // print the warnings + List allWarnings = new ArrayList(); + Iterator iter; + + allWarnings.addAll(config.getWarnings()); + allWarnings.addAll(iaikConfigurator.getWarnings()); + + out.println("<p><b>" + msg.getMessage("config.29", null) + "</b></p>"); + for (iter = allWarnings.iterator(); iter.hasNext();) { + out.println(iter.next() + "<br />"); + } + out.println("<p><b>" + msg.getMessage("config.28", null) + "</b></p>"); + } + + } catch (Throwable t) { + out.println("<p><b>" + msg.getMessage("config.20", null) + "</b></p>"); + out.println("<p><b>" + msg.getMessage("config.28", null) + "</b></p>"); + Logger.warn(new LogMsg(msg.getMessage("config.20", null)), t); + } + out.println("</body>"); + + out.flush(); + out.close(); + + // tear down the logging context + LoggingContextManager.getInstance().setLoggingContext(null); + } + + /** + * Do the same as <code>doGet</code>. + * + * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) + */ + public void doPost(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + doGet(request, response); + } + + /** + * Perform some initial initialization tasks for the MOA web services + * application. + * + * Does an initial load of the MOA configuration to test if a working web + * service can be provided. + * + * @see javax.servlet.GenericServlet#init() + */ + public void init() throws ServletException { + SystemInitializer.init(); + } + +}
\ No newline at end of file diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java b/spss.server/src/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java new file mode 100644 index 000000000..997375305 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java @@ -0,0 +1,83 @@ +package at.gv.egovernment.moa.spss.server.service; + +import java.util.Date; + +import iaik.pki.revocation.RevocationSourceTypes; +import iaik.pki.store.revocation.archive.Archive; +import iaik.pki.store.revocation.archive.ArchiveFactory; + +import at.gv.egovernment.moa.logging.LogMsg; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.BoolUtils; + +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import at.gv.egovernment.moa.spss.util.MessageProvider; + +/** + * A <code>Runnable</code> for periodically cleaning up the revocation archive. + * @author Patrick Peck + * @version $Id$ + */ +public class RevocationArchiveCleaner implements Runnable { + + /** The inverval between two clean-ups of the revocation archive. */ + private long archiveCleanupInterval; + + /** + * Create a new <code>RevocationArchiveCleaner</code>. + * + * @param archiveCleanupInterval The interval between two clean-ups of the + * revocation archive. + */ + public RevocationArchiveCleaner(long archiveCleanupInterval) { + this.archiveCleanupInterval = archiveCleanupInterval; + } + + /** + * Run the <code>RevocationArchiveCleaner</code> in its own + * <code>Thread</code>. + */ + public void run() { + while (true) { + try { + ConfigurationProvider config = + ConfigurationProvider.getInstance(); + String archiveInfo = + config.getGenericConfiguration( + ConfigurationProvider.ARCHIVE_REVOCATION_INFO_PROPERTY, + "false"); + + if (BoolUtils.valueOf(archiveInfo)) { + Archive archive = ArchiveFactory.getInstance().getArchive(); + long archiveDurationMillis = + (long) config.getCRLArchiveDuration() * 86400000; + + // delete old archive data + if (archiveDurationMillis > 0) { + Date olderThan = + new Date(System.currentTimeMillis() - archiveDurationMillis); + + archive.deleteOldArchiveEntries( + RevocationSourceTypes.CRL, + olderThan, + new TransactionId("RevocationArchiveCleaner")); + } + } + + } catch (Exception e) { + MessageProvider msg = MessageProvider.getInstance(); + Logger.error(new LogMsg(msg.getMessage("init.02", null)), e); + } + + // sleep + try { + Thread.sleep(archiveCleanupInterval * 1000); + } catch (InterruptedException e) { + // ok to do nothing here + } + + } + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java b/spss.server/src/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java new file mode 100644 index 000000000..4224f5665 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java @@ -0,0 +1,72 @@ +package at.gv.egovernment.moa.spss.server.service; + +import java.io.ByteArrayInputStream; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +import at.gv.egovernment.moa.spss.MOAApplicationException; + +/** + * Helper methods for the Service classes. + * + * @author Patrick Peck + * @version $Id$ + */ +public class ServiceUtils { + + /** + * Schema-validate a request. + * + * @param request The request to validate. + * @throws MOAApplicationException An error occurred validating the requst. + */ + public static void validateRequest(Element[] request) + throws MOAApplicationException { + + // validate the request + try { + DOMUtils.validateElement( + request[0], + Constants.ALL_SCHEMA_LOCATIONS, + null); + } catch (Exception e) { + throw new MOAApplicationException( + "1100", + new Object[] { e.getMessage()}, + e); + } + } + + /** + * Reparse the request with schema-validation turned on so that ID references + * are resolved. + * + * @param request The request to reparse. + * @return The reparsed request. + * @throws MOAApplicationException An error occurred parsing the request. + */ + public static Element reparseRequest(Element request) + throws MOAApplicationException { + + try { + byte[] requestBytes = DOMUtils.serializeNode(request, "UTF-8"); + Document validatedRequest = + DOMUtils.parseDocument( + new ByteArrayInputStream(requestBytes), + true, + Constants.ALL_SCHEMA_LOCATIONS, + null); + return validatedRequest.getDocumentElement(); + } catch (Exception e) { + throw new MOAApplicationException( + "1100", + new Object[] { e.getMessage()}, + e); + } + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java b/spss.server/src/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java new file mode 100644 index 000000000..07d7ab371 --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/service/SignatureCreationService.java @@ -0,0 +1,90 @@ +package at.gv.egovernment.moa.spss.server.service; + +import java.util.Collections; + +import javax.xml.namespace.QName; + +import org.w3c.dom.Element; + +import org.apache.axis.AxisFault; +import org.apache.axis.i18n.Messages; + +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.MOASystemException; +import at.gv.egovernment.moa.spss.api.xmlbind.CreateXMLSignatureRequestParser; +import at.gv.egovernment.moa.spss.api.xmlbind.CreateXMLSignatureResponseBuilder; +import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureCreationInvoker; + +/** + * The service endpoint for the <code>SignatureCreation</code> web service. + * + * @author Patrick Peck + * @version $Id$ + */ +public class SignatureCreationService { + + /** + * Handle a <code>CreateXMLSignatureRequest</code>. + * + * @param request The <code>CreateXMLSignatureRequest</code> to work on + * (contained in the 0th element of the array). + * @return A <code>CreateXMLSignatureResponse</code> as the only element of + * the <code>Element</code> array. + * @throws AxisFault An error occurred during handling of the message. + */ + public Element[] CreateXMLSignatureRequest(Element[] request) + throws AxisFault { + XMLSignatureCreationInvoker invoker = + XMLSignatureCreationInvoker.getInstance(); + Element[] response = new Element[1]; + + // check that we have a CreateXMLSignatureRequest; if not, create an + // AxisFault, just like the org.apache.axis.providers.java.MsgProvider + if (request[0].getNodeName() != "CreateXMLSignatureRequest") { + QName qname = + new QName(request[0].getNamespaceURI(), request[0].getNodeName()); + throw new AxisFault( + Messages.getMessage("noOperationForQName", qname.toString())); + } + + // handle the request + try { + // create a parser and builder for binding API objects to/from XML + CreateXMLSignatureRequestParser requestParser = + new CreateXMLSignatureRequestParser(); + CreateXMLSignatureResponseBuilder responseBuilder = + new CreateXMLSignatureResponseBuilder(); + Element reparsedReq; + CreateXMLSignatureRequest requestObj; + CreateXMLSignatureResponse responseObj; + + // validate the request + reparsedReq = ServiceUtils.reparseRequest(request[0]); + + // convert to API objects + requestObj = requestParser.parse(reparsedReq); + + // invoke the core logic + responseObj = + invoker.createXMLSignature(requestObj, Collections.EMPTY_SET); + + // map back to XML + response[0] = responseBuilder.build(responseObj).getDocumentElement(); + + } catch (MOAException e) { + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + throw fault; + } catch (Throwable t) { + MOASystemException e = new MOASystemException("2900", null, t); + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + throw fault; + } + + return response; + } + +} diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java b/spss.server/src/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java new file mode 100644 index 000000000..adb09ca0a --- /dev/null +++ b/spss.server/src/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java @@ -0,0 +1,130 @@ +package at.gv.egovernment.moa.spss.server.service; + +import org.w3c.dom.Element; + +import org.apache.axis.AxisFault; + +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.MOASystemException; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyCMSSignatureRequestParser; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyCMSSignatureResponseBuilder; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; + +/** + * The service endpoint for the <code>SignatureVerification</code> web service. + * + * @author Patrick Peck + * @version $Id$ + */ +public class SignatureVerificationService { + + /** + * Handle a <code>VerifyCMSSignatureRequest</code>. + * + * @param request The <code>VerifyCMSSignatureRequest</code> to work on + * (contained in the 0th element of the array). + * @return A <code>VerifyCMSSignatureResponse</code> as the only element of + * the <code>Element</code> array. + * @throws AxisFault An error occurred during handling of the message. + */ + public Element[] VerifyCMSSignatureRequest(Element[] request) + throws AxisFault { + CMSSignatureVerificationInvoker invoker = + CMSSignatureVerificationInvoker.getInstance(); + Element[] response = new Element[1]; + + try { + // create a parser and builder for binding API objects to/from XML + VerifyCMSSignatureRequestParser requestParser = + new VerifyCMSSignatureRequestParser(); + VerifyCMSSignatureResponseBuilder responseBuilder = + new VerifyCMSSignatureResponseBuilder(); + Element reparsedReq; + VerifyCMSSignatureRequest requestObj; + VerifyCMSSignatureResponse responseObj; + + // validate the request + reparsedReq = ServiceUtils.reparseRequest(request[0]); + + // convert to API objects + requestObj = requestParser.parse(reparsedReq); + + // invoke the core logic + responseObj = invoker.verifyCMSSignature(requestObj); + + // map back to XML + response[0] = responseBuilder.build(responseObj).getDocumentElement(); + + } catch (MOAException e) { + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + throw fault; + } catch (Throwable t) { + MOASystemException e = new MOASystemException("2900", null, t); + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + throw fault; + } + + return response; + } + + /** + * Handle a <code>VerifyXMLSignatureRequest</code>. + * + * @param request The <code>VerifyXMLSignatureRequest</code> to work on + * (contained in the 0th element of the array). + * @return A <code>VerifyXMLSignatureResponse</code> as the only element of + * the <code>Element</code> array. + * @throws AxisFault An error occurred during handling of the message. + */ + public Element[] VerifyXMLSignatureRequest(Element[] request) + throws AxisFault { + XMLSignatureVerificationInvoker invoker = + XMLSignatureVerificationInvoker.getInstance(); + Element[] response = new Element[1]; + + try { + // create a parser and builder for binding API objects to/from XML + VerifyXMLSignatureRequestParser requestParser = + new VerifyXMLSignatureRequestParser(); + VerifyXMLSignatureResponseBuilder responseBuilder = + new VerifyXMLSignatureResponseBuilder(); + Element reparsedReq; + VerifyXMLSignatureRequest requestObj; + VerifyXMLSignatureResponse responseObj; + + // validate the request + reparsedReq = ServiceUtils.reparseRequest(request[0]); + + // convert to API objects + requestObj = requestParser.parse(reparsedReq); + + // invoke the core logic + responseObj = invoker.verifyXMLSignature(requestObj); + + // map back to XML + response[0] = responseBuilder.build(responseObj).getDocumentElement(); + + } catch (MOAException e) { + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + throw fault; + } catch (Throwable t) { + MOASystemException e = new MOASystemException("2900", null, t); + AxisFault fault = AxisFault.makeFault(e); + fault.setFaultDetail(new Element[] { e.toErrorResponse()}); + throw fault; + } + + return response; + } + +} |