public class XwsSecurityInterceptor extends AbstractWsSecurityInterceptor implements org.springframework.beans.factory.InitializingBean
This interceptor needs a CallbackHandler to operate. This handler is used to retrieve certificates,
private keys, validate user credentials, etc. Refer to the XWSS Javadoc to learn more about the specific
Callbacks fired by XWSS. You can also set multiple handlers, each of which will be used in turn.
Additionally, you must define a XWSS policy file by setting policyConfiguration property. The format of
the policy file is documented in the Java
Web Services Tutorial.
Note that this interceptor depends on SAAJ, and thus requires SaajSoapMessages to operate. This
means that you must use a SaajSoapMessageFactory to create the SOAP messages.
setCallbackHandler(javax.security.auth.callback.CallbackHandler),
setPolicyConfiguration(org.springframework.core.io.Resource),
XWSSCallback,
SaajSoapMessageFactory,
XWSSlogger, WS_SECURITY_NAME| Constructor and Description |
|---|
XwsSecurityInterceptor() |
| Modifier and Type | Method and Description |
|---|---|
void |
afterPropertiesSet() |
protected void |
cleanUp() |
protected void |
secureMessage(SoapMessage soapMessage,
MessageContext messageContext)
Secures the given SoapMessage message in accordance with the defined security policy.
|
void |
setCallbackHandler(CallbackHandler callbackHandler)
Sets the handler to resolve XWSS callbacks.
|
void |
setCallbackHandlers(CallbackHandler[] callbackHandler)
Sets the handlers to resolve XWSS callbacks.
|
void |
setPolicyConfiguration(org.springframework.core.io.Resource policyConfiguration)
Sets the policy configuration to use for XWSS.
|
protected void |
validateMessage(SoapMessage soapMessage,
MessageContext messageContext)
Validates the given SoapMessage message in accordance with the defined security policy.
|
afterCompletion, afterCompletion, handleFault, handleFault, handleFaultException, handleRequest, handleRequest, handleResponse, handleResponse, handleSecurementException, handleValidationException, setExceptionResolver, setSecureRequest, setSecureResponse, setSkipValidationIfNoHeaderPresent, setValidateRequest, setValidateResponse, understandspublic void setCallbackHandler(CallbackHandler callbackHandler)
callbackHandlers, is
required.XWSSCallback,
setCallbackHandlers(javax.security.auth.callback.CallbackHandler[])public void setCallbackHandlers(CallbackHandler[] callbackHandler)
callbackHandlers, is
required.XWSSCallback,
setCallbackHandler(javax.security.auth.callback.CallbackHandler)public void setPolicyConfiguration(org.springframework.core.io.Resource policyConfiguration)
public void afterPropertiesSet()
throws Exception
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBeanExceptionprotected void secureMessage(SoapMessage soapMessage, MessageContext messageContext) throws XwsSecuritySecurementException
secureMessage in class AbstractWsSecurityInterceptorsoapMessage - the message to be securedXwsSecuritySecurementException - in case of errorsIllegalArgumentException - when soapMessage is not a SaajSoapMessageprotected void validateMessage(SoapMessage soapMessage, MessageContext messageContext) throws WsSecurityValidationException
validateMessage in class AbstractWsSecurityInterceptorsoapMessage - the message to be validatedXwsSecurityValidationException - in case of errorsIllegalArgumentException - when soapMessage is not a SaajSoapMessageWsSecurityValidationException - in case of validation errorsprotected void cleanUp()
cleanUp in class AbstractWsSecurityInterceptor