Java Code Examples for org.apache.axis2.description.AxisService#disengageModule()

The following examples show how to use org.apache.axis2.description.AxisService#disengageModule() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SecurityConfigAdmin.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up 
protected boolean engageModules(String scenarioId, String serviceName, AxisService axisService)
        throws SecurityConfigException {

    boolean isRahasEngaged = false;
    SecurityScenario securityScenario = SecurityScenarioDatabase.get(scenarioId);
    String[] moduleNames = (String[]) securityScenario.getModules()
            .toArray(new String[securityScenario.getModules().size()]);
    // handle each module required
    try {

        for (String modName : moduleNames) {
            AxisModule module = axisService.getAxisConfiguration().getModule(modName);
            // engage at axis2
            axisService.disengageModule(module);
            axisService.engageModule(module);
            if (SecurityConstants.TRUST_MODULE.equalsIgnoreCase(modName)) {
                isRahasEngaged = true;
            }
        }
        return isRahasEngaged;

    } catch (AxisFault e) {
        log.error(e);
        throw new SecurityConfigException("Error in engaging modules", e);
    }
}
Example 2
Source File: SecurityDeploymentInterceptor.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up 
private void processPolicy (AxisService axisService, String policyId,
                            PolicyComponent currentPolicyComponent) throws UserStoreException,
        AxisFault {

    // Do not apply anything if no policy
    if(StringUtils.isNotEmpty(policyId) && NO_POLICY_ID.equalsIgnoreCase(policyId)){
        if(axisService != null){
            UserRealm userRealm = (UserRealm)PrivilegedCarbonContext.getThreadLocalCarbonContext()
                    .getUserRealm();
            String serviceGroupId = axisService.getAxisServiceGroup().getServiceGroupName();
            String serviceName = axisService.getName();
            removeAuthorization(userRealm,serviceGroupId,serviceName);
        }

        AxisModule module = axisService.getAxisConfiguration().getModule(SecurityConstants
                .RAMPART_MODULE_NAME);
        // disengage at axis2
        axisService.disengageModule(module);
        return;
    }

    if (policyId != null && isSecPolicy(policyId)) {

        if (log.isDebugEnabled()) {
            log.debug("Policy " + policyId + " is identified as a security " +
                    "policy and trying to apply security parameters");
        }

        SecurityScenario scenario = SecurityScenarioDatabase.getByWsuId(policyId);
        if (scenario == null) {
            // if there is no security scenario id,  put default id
            if (log.isDebugEnabled()) {
                log.debug("Policy " + policyId + " does not belongs to a" +
                        " pre-defined security scenario. " +
                        "So treating as a custom policy");
            }
            SecurityScenario securityScenario = new SecurityScenario();
            securityScenario.setScenarioId(
                    SecurityConstants.CUSTOM_SECURITY_SCENARIO);
            securityScenario.setWsuId(policyId);
            securityScenario.setGeneralPolicy(false);
            securityScenario.setSummary(
                    SecurityConstants.CUSTOM_SECURITY_SCENARIO_SUMMARY);
            SecurityScenarioDatabase.put(policyId, securityScenario);
            scenario = securityScenario;
        }
        applySecurityParameters(axisService, scenario,
                (Policy) currentPolicyComponent);
    }
}
Example 3
Source File: SecurityDeploymentInterceptor.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up 
private void applySecurityParameters(AxisService service, SecurityScenario secScenario,
                                     Policy policy) {
    try {

        UserRealm userRealm = (UserRealm) PrivilegedCarbonContext.getThreadLocalCarbonContext()
                .getUserRealm();

        UserRegistry govRegistry = (UserRegistry) PrivilegedCarbonContext
                .getThreadLocalCarbonContext().getRegistry(RegistryType.SYSTEM_GOVERNANCE);

        String serviceGroupId = service.getAxisServiceGroup().getServiceGroupName();
        String serviceName = service.getName();

        SecurityConfigParams configParams =
                SecurityConfigParamBuilder.getSecurityParams(getSecurityConfig(policy));

        // Set Trust (Rahas) Parameters
        if (secScenario.getModules().contains(SecurityConstants.TRUST_MODULE)) {
            AxisModule trustModule = service.getAxisConfiguration()
                    .getModule(SecurityConstants.TRUST_MODULE);
            if (log.isDebugEnabled()) {
                log.debug("Enabling trust module : " + SecurityConstants.TRUST_MODULE);
            }

            service.disengageModule(trustModule);
            service.engageModule(trustModule);

            Properties cryptoProps = new Properties();
            cryptoProps.setProperty(ServerCrypto.PROP_ID_PRIVATE_STORE,
                                    configParams.getPrivateStore());
            cryptoProps.setProperty(ServerCrypto.PROP_ID_DEFAULT_ALIAS,
                                    configParams.getKeyAlias());
            if (configParams.getTrustStores() != null) {
                cryptoProps.setProperty(ServerCrypto.PROP_ID_TRUST_STORES,
                                        configParams.getTrustStores());
            }
            service.addParameter(RahasUtil.getSCTIssuerConfigParameter(
                    ServerCrypto.class.getName(), cryptoProps, -1, null, true, true));

            service.addParameter(RahasUtil.getTokenCancelerConfigParameter());

        }

        // Authorization
        AuthorizationManager manager = userRealm.getAuthorizationManager();
        String resourceName = serviceGroupId + "/" + serviceName;
        removeAuthorization(userRealm,serviceGroupId,serviceName);
        String allowRolesParameter = configParams.getAllowedRoles();
        if (allowRolesParameter != null) {
            if (log.isDebugEnabled()) {
                log.debug("Authorizing roles " + allowRolesParameter);
            }
            String[] allowRoles = allowRolesParameter.split(",");
            if (allowRoles != null) {
                for (String role : allowRoles) {
                    manager.authorizeRole(role, resourceName,
                                          UserCoreConstants.INVOKE_SERVICE_PERMISSION);
                }
            }
        }

        // Password Callback Handler
        ServicePasswordCallbackHandler handler =
                new ServicePasswordCallbackHandler(configParams, serviceGroupId, serviceName,
                                                   govRegistry, userRealm);

        Parameter param = new Parameter();
        param.setName(WSHandlerConstants.PW_CALLBACK_REF);
        param.setValue(handler);
        service.addParameter(param);

    } catch (Throwable e) {
    //TODO: Copied from 4.2.2.
    //TODO: Not sure why we are catching throwable. Need to check error handling is correct
        String msg = "Cannot apply security parameters";
        log.error(msg, e);
    }
}