SubjectCreatingInterceptor (JBoss Web Services

java.lang.Object
- org.apache.ws.security.handler.WSHandler
- - org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor
  - - org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
    - - org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor

All Implemented Interfaces:

org.apache.cxf.binding.soap.interceptor.SoapInterceptor, org.apache.cxf.interceptor.Interceptor<org.apache.cxf.binding.soap.SoapMessage>, org.apache.cxf.phase.PhaseInterceptor<org.apache.cxf.binding.soap.SoapMessage>
```
public class SubjectCreatingInterceptor
extends org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
```
Interceptor which authenticates a current principal and populates Subject

Author:

Sergey Beryozkin, alessio.soldano@jboss.com

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

protected class SubjectCreatingInterceptor.CustomValidator

Nested Classes
Modifier and Type	Class and Description
`protected class`	`SubjectCreatingInterceptor.CustomValidator`

Field Summary
- Fields inherited from class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
  PRINCIPAL_RESULT, PROCESSOR_MAP, SAML_ROLE_ATTRIBUTENAME_DEFAULT, SECURITY_PROCESSED, SIGNATURE_RESULT, TIMESTAMP_RESULT, VALIDATOR_MAP
- Fields inherited from class org.apache.ws.security.handler.WSHandler
  cryptos, secEngine

Constructor Summary

Constructors
Constructor and Description

SubjectCreatingInterceptor()

SubjectCreatingInterceptor(Map<String,Object> properties)

Constructors
Constructor and Description
`SubjectCreatingInterceptor()`
`SubjectCreatingInterceptor(Map<String,Object> properties)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected org.apache.cxf.security.SecurityContext`	`createSecurityContext(Principal p)`
`Subject`	`createSubject(String name, String password, boolean isDigest, String nonce, String created)`
`protected org.apache.cxf.security.SecurityContext`	`doCreateSecurityContext(Principal p, Subject subject)` Creates default SecurityContext which implements isUserInRole using the following approach : skip the first Subject principal, and then check optional Groups the principal is a member of.
`protected org.apache.ws.security.WSSecurityEngine`	`getSecurityEngine(boolean utNoCallbacks)`
`boolean`	`getSupportDigestPasswords()`
`void`	`handleMessage(org.apache.cxf.binding.soap.SoapMessage msg)`
`void`	`setDecodeNonce(boolean decodeNonce)`
`void`	`setNonceStore(NonceStore nonceStore)`
`void`	`setPropagateContext(boolean propagateContext)`
`protected void`	`setSubject(String name, String password, boolean isDigest, String nonce, String created)`
`void`	`setSupportDigestPasswords(boolean support)`
`void`	`setTimestampThreshold(int timestampThreshold)`

Methods inherited from class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
advanceBody, computeAction, createSecurityContext, createSecurityEngine, doResults, doResults, getAdditionalInterceptors, getCallback, getCallback, getProperty, getReplayCache, isGET, isSecurityContextPrincipal, setAlgorithmSuites, setIgnoreActions

Methods inherited from class org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor
getAfter, getBefore, getId, getOption, getPassword, getPhase, getProperties, getRoles, getUnderstoodHeaders, handleFault, isRequestor, loadCryptoFromPropertiesFile, postHandleMessage, setAfter, setBefore, setId, setPassword, setPhase, setProperties, setProperty, setProperty, translateProperties

Methods inherited from class org.apache.ws.security.handler.WSHandler
checkReceiverResults, checkReceiverResultsAnyOrder, checkSignatureConfirmation, decodeAlgorithmSuite, decodeAllowUsernameTokenNoPassword, decodeBooleanConfigValue, decodeBSPCompliance, decodeCustomPasswordTypes, decodeDecryptionParameter, decodeEnableSignatureConfirmation, decodeEncryptionParameter, decodeFutureTimeToLive, decodeMustUnderstand, decodeNamespaceQualifiedPasswordTypes, decodePasswordType, decodePasswordTypeStrict, decodeRequireSignedEncryptedDataElements, decodeSignatureParameter, decodeSignatureParameter2, decodeTimestampPrecision, decodeTimestampStrict, decodeTimeToLive, decodeUseEncodedPasswords, decodeUseSingleCertificate, decodeUTParameter, doReceiverAction, doSenderAction, getCallbackHandler, getClassLoader, getPasswordCallbackHandler, getPasswordCB, getString, getStringOption, loadCrypto, loadDecryptionCrypto, loadEncryptionCrypto, loadSignatureCrypto

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SubjectCreatingInterceptor
```
public SubjectCreatingInterceptor()
```

SubjectCreatingInterceptor

public SubjectCreatingInterceptor(Map<String,Object> properties)

Method Detail

setSupportDigestPasswords

public void setSupportDigestPasswords(boolean support)

getSupportDigestPasswords

public boolean getSupportDigestPasswords()

handleMessage
```
public void handleMessage(org.apache.cxf.binding.soap.SoapMessage msg)
                   throws org.apache.cxf.interceptor.Fault
```
Specified by:

handleMessage in interface org.apache.cxf.interceptor.Interceptor<org.apache.cxf.binding.soap.SoapMessage>

Overrides:

handleMessage in class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

Throws:

org.apache.cxf.interceptor.Fault

createSecurityContext
```
protected org.apache.cxf.security.SecurityContext createSecurityContext(Principal p)
```
Overrides:

createSecurityContext in class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

doCreateSecurityContext
```
protected org.apache.cxf.security.SecurityContext doCreateSecurityContext(Principal p,
                                                                          Subject subject)
```
Creates default SecurityContext which implements isUserInRole using the following approach : skip the first Subject principal, and then check optional Groups the principal is a member of. Subclasses can override this method and implement a custom strategy instead

Parameters:

p - principal

subject - subject

Returns:

security context

setSubject

protected void setSubject(String name,
                          String password,
                          boolean isDigest,
                          String nonce,
                          String created)
                   throws org.apache.ws.security.WSSecurityException

Throws:: org.apache.ws.security.WSSecurityException

getSecurityEngine
```
protected org.apache.ws.security.WSSecurityEngine getSecurityEngine(boolean utNoCallbacks)
```
Overrides:

getSecurityEngine in class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

createSubject

public Subject createSubject(String name,
                             String password,
                             boolean isDigest,
                             String nonce,
                             String created)

setPropagateContext

public void setPropagateContext(boolean propagateContext)

setTimestampThreshold

public void setTimestampThreshold(int timestampThreshold)

setNonceStore

public void setNonceStore(NonceStore nonceStore)

setDecodeNonce

public void setDecodeNonce(boolean decodeNonce)

Class SubjectCreatingInterceptor

Nested Class Summary

Field Summary

Fields inherited from class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

Fields inherited from class org.apache.ws.security.handler.WSHandler

Constructor Summary

Method Summary

Methods inherited from class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

Methods inherited from class org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor

Methods inherited from class org.apache.ws.security.handler.WSHandler

Methods inherited from class java.lang.Object

Constructor Detail

SubjectCreatingInterceptor

SubjectCreatingInterceptor

Method Detail

setSupportDigestPasswords

getSupportDigestPasswords

handleMessage

createSecurityContext

doCreateSecurityContext

setSubject

getSecurityEngine

createSubject

setPropagateContext

setTimestampThreshold

setNonceStore

setDecodeNonce