Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.sandesha2.security
Class SecurityManager

java.lang.Object
  extended by org.apache.sandesha2.security.SecurityManager
Direct Known Subclasses:
DummySecurityManager, RampartBasedSecurityManager
public abstract class SecurityManager
extends java.lang.Object

SecurityManager interface. This manages the link between the RM layer and Security, so that the CreateSequence message can be secured using a SecurityTokenReference. Once the sequence is secured using the STR, each inbound messgae must be checked to ensure the sender has demonstrated proof-of-possession of the referenced token. See the WS-RM 1.0 spec for details.

Constructor Summary
SecurityManager(org.apache.axis2.context.ConfigurationContext context)
           
 
Method Summary
abstract  void applySecurityToken(SecurityToken token, org.apache.axis2.context.MessageContext outboundMessage)
          Ensure that the given token will be associated with an outbound message.
abstract  void checkProofOfPossession(SecurityToken token, org.apache.axiom.om.OMElement messagePart, org.apache.axis2.context.MessageContext message)
          Check that the given element of the message demonstrated proof of possession of the given token.
abstract  org.apache.axiom.om.OMElement createSecurityTokenReference(SecurityToken token, org.apache.axis2.context.MessageContext message)
          Create a SecurityTokenReference, suitable for inclusion in the given message.
abstract  SecurityToken getSecurityToken(org.apache.axis2.context.MessageContext message)
          Get a security token to secure an outbound create sequence message.
abstract  SecurityToken getSecurityToken(org.apache.axiom.om.OMElement theSTR, org.apache.axis2.context.MessageContext message)
          Get a security token, from a SecurityTokenReference within an inbound message.
abstract  java.lang.String getTokenRecoveryData(SecurityToken token)
          Write the data from this token in to a String.
abstract  void initSecurity(org.apache.axis2.description.AxisModule moduleDesc)
          Initialize the security manager.
abstract  SecurityToken recoverSecurityToken(java.lang.String tokenData)
          Reconstruct a token from a String.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecurityManager

public SecurityManager(org.apache.axis2.context.ConfigurationContext context)
Method Detail

initSecurity

public abstract void initSecurity(org.apache.axis2.description.AxisModule moduleDesc)
Initialize the security manager. This may perfom setup such as checking the set of sequences that have been persisted over restart, and bootstrapping their security state.

getSecurityToken

public abstract SecurityToken getSecurityToken(org.apache.axis2.context.MessageContext message)
                                        throws SandeshaException
Get a security token to secure an outbound create sequence message. This token will be the one referenced with the body of the CreateSequence. This method may return null, in which case the CreateSequence message will not contain the SecurityTokenReference.

Throws:
SandeshaException

getSecurityToken

public abstract SecurityToken getSecurityToken(org.apache.axiom.om.OMElement theSTR,
                                               org.apache.axis2.context.MessageContext message)
                                        throws SandeshaException
Get a security token, from a SecurityTokenReference within an inbound message. This method should not return null, so if the Token cannot be found the implementation should throw an exception.

Throws:
SandeshaException

createSecurityTokenReference

public abstract org.apache.axiom.om.OMElement createSecurityTokenReference(SecurityToken token,
                                                                           org.apache.axis2.context.MessageContext message)
                                                                    throws SandeshaException
Create a SecurityTokenReference, suitable for inclusion in the given message. The imelementation may choose to insert security headers into the SOAP envelope at this point, or it may choose to simple place some state into the message context and defer the real work until the security handlers execute.

Throws:
SandeshaException

checkProofOfPossession

public abstract void checkProofOfPossession(SecurityToken token,
                                            org.apache.axiom.om.OMElement messagePart,
                                            org.apache.axis2.context.MessageContext message)
                                     throws SandeshaException
Check that the given element of the message demonstrated proof of possession of the given token. This allows Sandesha to implement the checking required by the RM spec. Proof is normally demonstrated by signing or encrypting the the given part using the token. If the elements is not secured with the given token the SecurityManager must throw an exception.

Throws:
SandeshaException

getTokenRecoveryData

public abstract java.lang.String getTokenRecoveryData(SecurityToken token)
                                               throws SandeshaException
Write the data from this token in to a String. This is here to simplify storing token data into the storage layer - rather than rely on Java serialization we use this method, and the matching SecurityManager method to rebuild the token object.

Throws:
SandeshaException

recoverSecurityToken

public abstract SecurityToken recoverSecurityToken(java.lang.String tokenData)
                                            throws SandeshaException
Reconstruct a token from a String. This method should not return null - if the security manager is unable to recover the token from the correlation data then it should throw an exception.

Throws:
SandeshaException

applySecurityToken

public abstract void applySecurityToken(SecurityToken token,
                                        org.apache.axis2.context.MessageContext outboundMessage)
                                 throws SandeshaException
Ensure that the given token will be associated with an outbound message. This gives the SecurityManager implementation an opportunity to decorate the message context with properties that will then be used by the security handlers.

Throws:
SandeshaException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © The Apache Software Foundation. All Rights Reserved.