/**
*
* geo-platform
* Rich webgis framework
* http://geo-platform.org
* ====================================================================
*
* Copyright (C) 2008-2017 geoSDI Group (CNR IMAA - Potenza - ITALY).
*
* This program is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version. This program is distributed in the
* hope that it will be useful, but WITHOUT ANY WARRANTY; without
* even the implied warranty of MERCHANTABILITY or FITNESS FOR
* A PARTICULAR PURPOSE. See the GNU General Public License
* for more details. You should have received a copy of the GNU General
* Public License along with this program. If not, see http://www.gnu.org/licenses/
*
* ====================================================================
*
* Linking this library statically or dynamically with other modules is
* making a combined work based on this library. Thus, the terms and
* conditions of the GNU General Public License cover the whole combination.
*
* As a special exception, the copyright holders of this library give you permission
* to link this library with independent modules to produce an executable, regardless
* of the license terms of these independent modules, and to copy and distribute
* the resulting executable under terms of your choice, provided that you also meet,
* for each linked independent module, the terms and conditions of the license of
* that module. An independent module is a module which is not derived from or
* based on this library. If you modify this library, you may extend this exception
* to your version of the library, but you are not obligated to do so. If you do not
* wish to do so, delete this exception statement from your version.
*/
package org.geosdi.geoplatform.support.cxf.server;
import java.util.HashMap;
import java.util.Map;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.handler.WSHandlerConstants;
import org.geosdi.geoplatform.configurator.cxf.server.ServerKeystorePasswordCallback;
import org.geosdi.geoplatform.support.cxf.api.interceptor.factory.strategy.AbstractInterceptorStrategyFactory;
/**
* @author Michele Santomauro - CNR IMAA geoSDI Group
* @email michele.santomauro@geosdi.org
*
* @author Vincenzo Monteverde <vincenzo.monteverde@geosdi.org>
*
* @author Giuseppe La Scaleia - CNR IMAA geoSDI Group
* @email giuseppe.lascaleia@geosdi.org
*/
public class ServerInterceptorStrategyFactory
extends AbstractInterceptorStrategyFactory<GPServerStrategyBean> {
public ServerInterceptorStrategyFactory(GPServerStrategyBean strategyBean) {
super(strategyBean);
}
@Override
protected Map<String, Object> createUsernameTokenInterceptor() {
Map<String, Object> props = new HashMap<>();
props.put(WSHandlerConstants.USER, strategyBean.getUsernameTokenUser());
props.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
props.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
props.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ServerKeystorePasswordCallback.class.getName());
return props;
}
@Override
protected WSS4JInInterceptor createEncryptionInInterceptor() {
Map<String, Object> inProps = new HashMap<>();
inProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
inProps.put(WSHandlerConstants.DEC_PROP_FILE,
strategyBean.getServerPrivateKeyPropertiesFile());
inProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ServerKeystorePasswordCallback.class.getName());
return new WSS4JInInterceptor(inProps);
}
@Override
protected WSS4JOutInterceptor createEncryptionOutInterceptor() {
Map<String, Object> outProps = new HashMap<>();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
outProps.put(WSHandlerConstants.ENC_PROP_FILE,
strategyBean.getClientPublicKeyPropertiesFile());
outProps.put(WSHandlerConstants.ENCRYPTION_USER,
strategyBean.getClientKeystoreUser());
return new WSS4JOutInterceptor(outProps);
}
@Override
protected WSS4JInInterceptor createSignatureInInterceptor() {
Map<String, Object> inProps = new HashMap<>();
inProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
inProps.put(WSHandlerConstants.SIG_PROP_FILE,
strategyBean.getClientPublicKeyPropertiesFile());
return new WSS4JInInterceptor(inProps);
}
@Override
protected WSS4JOutInterceptor createSignatureOutInterceptor() {
Map<String, Object> outProps = new HashMap<>();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
outProps.put(WSHandlerConstants.USER, strategyBean.getServerKeystoreUser());
outProps.put(WSHandlerConstants.SIG_PROP_FILE,
strategyBean.getServerPrivateKeyPropertiesFile());
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ServerKeystorePasswordCallback.class.getName());
return new WSS4JOutInterceptor(outProps);
}
@Override
protected WSS4JInInterceptor createTimestampSignatureEncryptionInInterceptor() {
Map<String, Object> inProps = new HashMap<>();
StringBuilder sb = new StringBuilder();
sb.append(WSHandlerConstants.TIMESTAMP + " ");
sb.append(WSHandlerConstants.SIGNATURE + " ");
sb.append(WSHandlerConstants.ENCRYPT);
inProps.put(WSHandlerConstants.ACTION, sb.toString());
inProps.put(WSHandlerConstants.SIG_PROP_FILE,
strategyBean.getClientPublicKeyPropertiesFile());
inProps.put(WSHandlerConstants.DEC_PROP_FILE,
strategyBean.getServerPrivateKeyPropertiesFile());
inProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ServerKeystorePasswordCallback.class.getName());
return new WSS4JInInterceptor(inProps);
}
@Override
protected WSS4JOutInterceptor createTimestampSignatureEncryptionOutInterceptor() {
Map<String, Object> outProps = new HashMap<>();
StringBuilder sb = new StringBuilder();
sb.append(WSHandlerConstants.TIMESTAMP + " ");
sb.append(WSHandlerConstants.SIGNATURE + " ");
sb.append(WSHandlerConstants.ENCRYPT);
outProps.put(WSHandlerConstants.ACTION, sb.toString());
outProps.put(WSHandlerConstants.USER, strategyBean.getServerKeystoreUser());
outProps.put(WSHandlerConstants.SIG_PROP_FILE,
strategyBean.getServerPrivateKeyPropertiesFile());
outProps.put(WSHandlerConstants.ENC_PROP_FILE,
strategyBean.getClientPublicKeyPropertiesFile());
outProps.put(WSHandlerConstants.ENCRYPTION_USER,
strategyBean.getClientKeystoreUser());
// outProps.put("signatureKeyIdentifier", "DirectReference");
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ServerKeystorePasswordCallback.class.getName());
// outProps.put("signatureParts", "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body");
// outProps.put("encryptionParts", "{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body");
// outProps.put("encryptionParts", "{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body");
// outProps.put("encryptionSymAlgorithm", "http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
return new WSS4JOutInterceptor(outProps);
}
}