RampartBasedSecurityManager (Apache Sandesha2)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.sandesha2.security.rampart
Class RampartBasedSecurityManager

java.lang.Object
  org.apache.sandesha2.security.SecurityManager
      org.apache.sandesha2.security.rampart.RampartBasedSecurityManager

public class RampartBasedSecurityManager
extends SecurityManager
extends SecurityManager

Constructor Summary
`RampartBasedSecurityManager(org.apache.axis2.context.ConfigurationContext context)`

Method Summary
`void`	`applySecurityToken(SecurityToken token, org.apache.axis2.context.MessageContext outboundMessage)` Ensure that the given token will be associated with an outbound message.
`void`	`checkProofOfPossession(SecurityToken token, org.apache.axiom.om.OMElement messagePart, org.apache.axis2.context.MessageContext message)` Check that the given element of the message demonstrated proof of possession of the given token.
`org.apache.axiom.om.OMElement`	`createSecurityTokenReference(SecurityToken token, org.apache.axis2.context.MessageContext message)` Create a SecurityTokenReference, suitable for inclusion in the given message.
`SecurityToken`	`getSecurityToken(org.apache.axis2.context.MessageContext message)` Get a security token to secure an outbound create sequence message.
`SecurityToken`	`getSecurityToken(org.apache.axiom.om.OMElement theSTR, org.apache.axis2.context.MessageContext message)` Get a security token, from a SecurityTokenReference within an inbound message.
`java.lang.String`	`getTokenRecoveryData(SecurityToken token)` Write the data from this token in to a String.
`void`	`initSecurity(org.apache.axis2.description.AxisModule moduleDesc)` Initialize the security manager.
`SecurityToken`	`recoverSecurityToken(java.lang.String tokenData)` Reconstruct a token from a String.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

RampartBasedSecurityManager

public RampartBasedSecurityManager(org.apache.axis2.context.ConfigurationContext context)

Parameters:: context -

Method Detail

checkProofOfPossession

public void checkProofOfPossession(SecurityToken token,
                                   org.apache.axiom.om.OMElement messagePart,
                                   org.apache.axis2.context.MessageContext message)
                            throws SandeshaException

Description copied from class: SecurityManager

Check that the given element of the message demonstrated proof of possession of the given token. This allows Sandesha to implement the checking required by the RM spec. Proof is normally demonstrated by signing or encrypting the the given part using the token. If the elements is not secured with the given token the SecurityManager must throw an exception.

Specified by:: checkProofOfPossession in class SecurityManager

Throws:: SandeshaException

createSecurityTokenReference

public org.apache.axiom.om.OMElement createSecurityTokenReference(SecurityToken token,
                                                                  org.apache.axis2.context.MessageContext message)
                                                           throws SandeshaException

Description copied from class: SecurityManager

Create a SecurityTokenReference, suitable for inclusion in the given message. The imelementation may choose to insert security headers into the SOAP envelope at this point, or it may choose to simple place some state into the message context and defer the real work until the security handlers execute.

Specified by:: createSecurityTokenReference in class SecurityManager

Throws:: SandeshaException

getSecurityToken

public SecurityToken getSecurityToken(org.apache.axis2.context.MessageContext message)
                               throws SandeshaException

Description copied from class: SecurityManager

Get a security token to secure an outbound create sequence message. This token will be the one referenced with the body of the CreateSequence. This method may return null, in which case the CreateSequence message will not contain the SecurityTokenReference.

Specified by:: getSecurityToken in class SecurityManager

Throws:: SandeshaException

getSecurityToken

public SecurityToken getSecurityToken(org.apache.axiom.om.OMElement theSTR,
                                      org.apache.axis2.context.MessageContext message)
                               throws SandeshaException

Description copied from class: SecurityManager

Get a security token, from a SecurityTokenReference within an inbound message. This method should not return null, so if the Token cannot be found the implementation should throw an exception.

Specified by:: getSecurityToken in class SecurityManager

Throws:: SandeshaException

getTokenRecoveryData

public java.lang.String getTokenRecoveryData(SecurityToken token)
                                      throws SandeshaException

Description copied from class: SecurityManager

Write the data from this token in to a String. This is here to simplify storing token data into the storage layer - rather than rely on Java serialization we use this method, and the matching SecurityManager method to rebuild the token object.

Specified by:: getTokenRecoveryData in class SecurityManager

Throws:: SandeshaException

initSecurity

public void initSecurity(org.apache.axis2.description.AxisModule moduleDesc)

Description copied from class: SecurityManager

Initialize the security manager. This may perfom setup such as checking the set of sequences that have been persisted over restart, and bootstrapping their security state.

Specified by:: initSecurity in class SecurityManager

recoverSecurityToken

public SecurityToken recoverSecurityToken(java.lang.String tokenData)
                                   throws SandeshaException

Description copied from class: SecurityManager

Reconstruct a token from a String. This method should not return null - if the security manager is unable to recover the token from the correlation data then it should throw an exception.

Specified by:: recoverSecurityToken in class SecurityManager

Throws:: SandeshaException

applySecurityToken

public void applySecurityToken(SecurityToken token,
                               org.apache.axis2.context.MessageContext outboundMessage)
                        throws SandeshaException

Description copied from class: SecurityManager

Ensure that the given token will be associated with an outbound message. This gives the SecurityManager implementation an opportunity to decorate the message context with properties that will then be used by the security handlers.

Specified by:: applySecurityToken in class SecurityManager

Throws:: SandeshaException

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

Copyright © The Apache Software Foundation. All Rights Reserved.