private void extractWssParamService() throws ServiceException { m_wssParamService = m_wssParams.get(WSSRequestContext.PARAM_SERVICE); if (m_wssParamService == null) { LOG.warn("Missing SERVICE parameter. Assuming 'WSS'."); return; } if (!"WSS".equalsIgnoreCase(m_wssParamService)) { throw new ServiceException("Invalid SERVICE parameter <" + m_wssParamService + ">.", ServiceException.INVALID_FORMAT); } }
private Transferable createDefaultError() { return (new ServiceException(ServiceException.ERROR_MESSAGE, ServiceException.SERVICE_ERROR)).getAsTransferable(); }
private boolean isAuthenticationFailed(ServiceException e) { return e.getErrorCode().equals(ServiceException.AUTHENTICATION_FAILED); }
private Transferable forwardRequest(FacadeRequest facadeRequest) throws FacadeException, UnknownFacadeException, ServiceException { Facade facade = findFacade(facadeRequest); try { return facade.request(facadeRequest); } catch (ServiceException e) { if (isAuthenticationFailed(e)) { return prepareAndTryAgain(facadeRequest, facade); } return e.getAsTransferable(); } }
String responseXML = String.format("<SSOLoginResponse status=\"failed\">%s: %s</SSOLoginResponse>", e .getErrorCode(), e.getMessage()); writeToServletResponse(response, responseXML); return null;
public Transferable getAsTransferable() { StringBuffer buf = new StringBuffer(); buf.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"); buf.append("<ServiceExceptionReport version=\"1.1.0\">\n"); buf.append("<ServiceException code=\"" + m_code + "\">\n"); buf.append("<![CDATA["); buf.append(getMessage()); buf.append("]]>"); buf.append("</ServiceException>\n"); buf.append("</ServiceExceptionReport>\n"); return TransferableFactory.getInstance().createTextualTransferable(MIME_TYPE,buf.toString(),"UTF-8"); } }
public WSSCapabilitiesDocument getCapabilities(String version, String service) throws ClientException, ServiceException { HTTPRequest httpRequest = httpClientFactory.create(getWssURLString()).get(); httpRequest.parameter("SERVICE", service, "REQUEST", "GetCapabilities"); try { HTTPResponse<InputStream> httpResponse = httpRequest.asStream().start(); if (!httpResponse.getStatus().is(200)) { throw new ClientException("Error during WSS GetCapabilities request: " + httpResponse.getStatus().toString()); } String contentType = httpResponse.getContentType(); if (contentType.startsWith("text/xml")) { return WSSCapabilitiesDocument.parse(httpResponse.getContent()); } else if (contentType.startsWith("application/vnd.ogc.se_xml")) { throw ServiceException.createFromXML(new InputSource(httpResponse.getContent())); } else { throw new ClientException("WSS GetCapabilities response must be of MIME type text/xml. Found: " + contentType + ". Capabilities information unavailable.", ClientException.UNEXPECTED_MIME_TYPE); } } catch (Exception e) { LOG.error(e.getMessage(), e); throw new ClientException("Error while processing GETCAPABILITIES response from Security Service:\n" + e.getMessage(), ClientException.CONNECTION_FAILED); } }
public void authorize(final HttpServletResponse resp, PolicyEnforcementServiceImpl pes, SecuredServiceRequest secRequest, AuthenticationContext authCtx) { Transferable response; try { response = pes.doService(secRequest, authCtx); } catch (ServiceException e) { new TransferableServletWriter(e.getAsTransferable()).write(resp); return; } new TransferableServletWriter(response).write(resp); }
throw ServiceException.createFromXML(new InputSource(httpResponse.getContent()));
private void assertHttpPostOrGetOrEmpty() throws ServiceException { String httpMethod = m_servletRequest.getMethod(); if (httpMethod == null || httpMethod.isEmpty()) { return; } if (!("GET".equalsIgnoreCase(httpMethod) || "POST".equalsIgnoreCase(httpMethod))) { throw new ServiceException("HTTP Method <" + httpMethod + " > not allowed. Use <POST> or <GET>.", httpMethod); } }
getInsufficientRightsMessage())); } else { pInterceptorRequest.setAttribute(REQUEST_ATTRIBUTE_NOINFO, new ServiceException( getInsufficientRightsMessage(), ServiceException.AUTHORIZATION_FAILED).getAsTransferable());
public void authorize(final HttpServletResponse resp, PolicyEnforcementServiceImpl pes, SecuredServiceRequest secRequest) { AuthenticationContext authctx = AuthenticationContextUtil.getCurrentAuthenticationContext(); Transferable response; try { response = pes.doService(secRequest, authctx); } catch (ServiceException e) { new TransferableServletWriter(e.getAsTransferable()).write(resp); return; } new TransferableServletWriter(response).write(resp); }
public SessionInfo getSession(String version, Credential credential) throws ClientException, ServiceException { String authMethodUrn = guessAuthenticationMethodUrn(credential); // FIXME: if type of the credential is not given, the was urn is used. String authnMethod = authMethodUrn == null ? WASAuthenticationMethod.URN : authMethodUrn; String encodedCredential = getCredentialFactory().encode(authnMethod, credential); HTTPRequest httpRequest = httpClientFactory.create(getWssURLString()).post() .contentType("application/x-www-form-urlencoded", "UTF-8") .parameter("VERSION", version, "CREDENTIALS", encodedCredential, "SERVICE", "WSS", "REQUEST", "GetSession", "AUTHMETHOD", "authnMethod"); HTTPResponse<InputStream> httpResponse = httpRequest.asStream().start(); if (httpResponse.isError()) { LOG.error(httpResponse.getError().getMessage(), httpResponse.getError()); throw new ClientException("I/O exception during GETSESSION request to Security Service:\n" + httpResponse.getError(), ClientException.CONNECTION_FAILED); } String contentType = httpResponse.getContentType(); if (contentType.startsWith("text/xml")) { return SessionInfo.createFromXML(httpResponse.getContent()); } else if (contentType.startsWith("application/vnd.ogc.se_xml")) { throw ServiceException.createFromXML(new InputSource(httpResponse.getContent())); } else { LOG.error("GetSession response contained no session information. Response is: " + StringUtils.streamToString(httpResponse.getContent(), "UTF-8")); throw new ClientException("Security Service response specifies unknown/unexpected MIME type: " + contentType + ". Session information unavailable.", ClientException.UNEXPECTED_MIME_TYPE); } }
private void initWSSProtocolParameters() throws DOMParserException, ServiceException { try { m_wssParams = initWSSRequestContext(m_servletRequest); } catch (IOException e) { LOG.error("Error reading WSS request", e); throw new ServiceException("Error processing WSS request", ServiceException.SERVICE_ERROR); } }
public AuthenticationContext authenticate(ServletRequestResponseContext requestCtx, AuthenticationService authService) throws AuthenticationException { m_servletRequest = requestCtx.getRequest(); m_servletResponse = requestCtx.getResponse(); m_wssRequestUrl = getWssRequestUrlFactory().getInstance(m_servletRequest); m_authenticationService = authService; try { assertHttpPostOrGetOrEmpty(); initWSSProtocolParameters(); extractWssParamOperation(); extractWssParamService(); extractWssParamVersion(); if (wssParamOperationNotNull()) { LOG.debug("Missing REQUEST parameter"); return m_authenticationService.createAuthenticationContext(); } AuthenticationContext authCtx = handleWSSOperation(); //We only get here if request was "DoService", cause otherwise handleWSSOperation threw an Exception. WSSHttpServletRequest wssRequest = wrapServletRequest(m_servletRequest); requestCtx.setRequest(wssRequest); return authCtx; } catch (ServiceException e) { new TransferableServletWriter(e.getAsTransferable()).write(m_servletResponse); // TODO Check what we really must return. return null; } }
private void checkForErrors(final Element licClientResp) throws ServiceException { // check if response is an error message // if so, retrieve message from response // and throw ServiceException if (!licClientResp.getNodeName().equals("ExceptionReport")) { return; } try { String exceptionText = "undefined"; NodeList nl = licClientResp.getChildNodes(); for (int i = 0; i < nl.getLength(); i++) { if (nl.item(i).getNodeType() == Node.ELEMENT_NODE) { NodeList snl = nl.item(i).getChildNodes(); for (int j = 0; j < snl.getLength(); j++) { if (snl.item(j).getNodeType() == Node.ELEMENT_NODE) { exceptionText = snl.item(j).getTextContent(); break; } } break; } } throw new ServiceException(exceptionText, ServiceException.SERVICE_ERROR); } catch (Exception e) { throw new ServiceException(e.getMessage(), ServiceException.SERVICE_ERROR); } }
@Override public Transferable doRequest(Transferable owsRequest, String pDCP, PreconditionContext context) throws ServiceException { assertAssertionSentToConsumer(context); Transferable transferable; if (pDCP.equalsIgnoreCase("HTTP_GET")) { transferable = forwardGet(owsRequest); } else if (pDCP.equalsIgnoreCase("HTTP_POST")) { transferable = forwardPost(owsRequest); } else { throw new ServiceException("Unsupported DCP type <" + pDCP + ">", ServiceException.SERVICE_ERROR); } return transferable; }
private AuthenticationContext loginSessionId(final SessionIDCredential sessionIDCredential) throws ServiceException { try { // session are explicite handled SessionInfo session = m_sessionService.getSession(sessionIDCredential.getSessionId()); AuthenticationContext authContext = session.getAuthenticationContext(); if (authContext != null && authContext.isAuthenticated()) { // touch the session only if state is valid m_sessionService.touchSession(session.getId()); } return authContext; } catch (SessionExpiredException ex) { throw new ServiceException("Session expired, please reauthenticate.", ServiceException.SESSION_EXPIRED); } catch (UnknownSessionException ex) { throw new ServiceException("No matching session found. Session may already be closed.", ServiceException.INVALID_SESSION); } catch (SessionClosedException ex) { throw new ServiceException("Session already closed.", ServiceException.INVALID_SESSION); } }
private Element requestAvailableLicenseRefs(String wssBaseUrlString, SAMLTicket samlTicket, LicensePrecondition precondition) throws UnsupportedEncodingException, DOMParserException, ServiceException { // return license references String licenseBrokerClientURL = precondition.getSsoGetUrl(); String ticketString = samlTicket.asBase64String(); // replace whitespaces and line breaks ticketString = ticketString.replaceAll("\r\n", "").trim(); // TODO Why encoding strings that need not to be // URL-encoded? // TODO Use StringBuffer!!! String data = URLEncoder.encode("WSS", "UTF-8") + "=" + URLEncoder.encode(wssBaseUrlString, "UTF-8"); data += "&" + URLEncoder.encode("ticket", "UTF-8") + "=" + URLEncoder.encode(ticketString, "UTF-8"); Element licClientResp = null; try { InputStream is = postData(licenseBrokerClientURL, data); Document doc = DOMParser.createNew().parse(new InputSource(is)); licClientResp = doc.getDocumentElement(); } catch (MalformedURLException e) { sLogger.error("Error while retrieving license references from " + licenseBrokerClientURL + "!", e); throw new ServiceException(e.getMessage(), ServiceException.SERVICE_ERROR, e); } catch (IOException e) { sLogger.error("Error while retrieving license references from " + licenseBrokerClientURL + "!", e); throw new ServiceException(e.getMessage(), ServiceException.SERVICE_ERROR, e); } checkForErrors(licClientResp); return licClientResp; }
private void sessionLogout(final String sessionID) throws ServiceException { SessionInfo sessioninfo; try { sessioninfo = m_sessionService.closeSession(sessionID); } catch (SessionException e) { throw new ServiceException("Invalid Session. Session may already be closed.", ServiceException.INVALID_SESSION, e); } try { AuthenticationContext authctx = sessioninfo.getAuthenticationContext(); if (authctx != null) { m_authenticationService.logout(authctx); } } catch (AuthenticationException ex) { LOG.warn("logout failed during close session request", ex); } }