Java Code Examples for org.apache.axis2.description.AxisService#addParameter()
The following examples show how to use
org.apache.axis2.description.AxisService#addParameter() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: STSConfigAdmin.java From carbon-identity with Apache License 2.0 | 6 votes |
|
/**
* Override WSAS callback handler to be able to auth users with usermanager.
*
* @param axisConfig
* @throws AxisFault
*/
public static void overrideCallbackHandler(AxisConfiguration axisConfig, String service) throws AxisFault {
AxisService sts = axisConfig.getService(service);
Parameter cbHandlerParam = sts.getParameter(WSHandlerConstants.PW_CALLBACK_REF);
if (cbHandlerParam != null) {
sts.removeParameter(cbHandlerParam);
if (log.isDebugEnabled()) {
log.debug("removedParameter");
}
}
Parameter param = getPasswordCallBackRefParameter();
sts.addParameter(param);
if (log.isDebugEnabled()) {
log.debug("addedParameter");
}
}
Example 2
| Source File: SecurityServiceAdmin.java From carbon-identity with Apache License 2.0 | 6 votes |
|
public void setServiceParameterElement(String serviceName, Parameter parameter)
throws AxisFault {
AxisService axisService = axisConfig.getService(serviceName);
if (axisService == null) {
throw new AxisFault("Invalid service name '" + serviceName + "'");
}
Parameter p = axisService.getParameter(parameter.getName());
if (p != null) {
if (!p.isLocked()) {
axisService.addParameter(parameter);
}
} else {
axisService.addParameter(parameter);
}
}
Example 3
| Source File: SecurityConfigAdmin.java From carbon-identity with Apache License 2.0 | 6 votes |
|
protected void disableRESTCalls(String serviceName, String scenrioId)
throws SecurityConfigException {
if (scenrioId.equals(SecurityConstants.USERNAME_TOKEN_SCENARIO_ID)) {
return;
}
try {
AxisService service = axisConfig.getServiceForActivation(serviceName);
if (service == null) {
throw new SecurityConfigException("nullService");
}
Parameter param = new Parameter();
param.setName(DISABLE_REST);
param.setValue(Boolean.TRUE.toString());
service.addParameter(param);
} catch (AxisFault e) {
log.error(e);
throw new SecurityConfigException("disablingREST", e);
}
}
Example 4
| Source File: SecurityConfigAdmin.java From carbon-identity with Apache License 2.0 | 6 votes |
|
private void setRahasParameters(AxisService service, OMElement carbonSecConfig)
throws Exception {
SecurityConfigParams configParams =
SecurityConfigParamBuilder.getSecurityParams(carbonSecConfig);
Properties cryptoProps = new Properties();
cryptoProps.setProperty(ServerCrypto.PROP_ID_PRIVATE_STORE,
configParams.getPrivateStore());
cryptoProps.setProperty(ServerCrypto.PROP_ID_DEFAULT_ALIAS,
configParams.getKeyAlias());
if (configParams.getTrustStores() != null) {
cryptoProps.setProperty(ServerCrypto.PROP_ID_TRUST_STORES,
configParams.getTrustStores());
}
service.addParameter(RahasUtil.getSCTIssuerConfigParameter(
ServerCrypto.class.getName(), cryptoProps, -1, null, true, true));
service.addParameter(RahasUtil.getTokenCancelerConfigParameter());
}
Example 5
| Source File: POXSecurityHandler.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private String getScenarioId(MessageContext msgCtx, AxisService service) throws SecurityConfigException {
String scenarioID = null;
try {
scenarioID = (String) service.getParameter(SecurityConstants.SCENARIO_ID_PARAM_NAME).getValue();
} catch (Exception e) {
}//ignore
if (scenarioID == null) {
synchronized (this) {
SecurityConfigAdmin securityAdmin = new SecurityConfigAdmin(msgCtx.
getConfigurationContext().getAxisConfiguration());
SecurityScenarioData data = securityAdmin.getCurrentScenario(service.getName());
if (data != null) {
scenarioID = data.getScenarioId();
try {
Parameter param = new Parameter();
param.setName(SecurityConstants.SCENARIO_ID_PARAM_NAME);
param.setValue(scenarioID);
service.addParameter(param);
} catch (AxisFault axisFault) {
log.error("Error while adding Scenario ID parameter", axisFault);
}
}
}
}
return scenarioID;
}
Example 6
| Source File: SystemStatisticsDeploymentInterceptor.java From carbon-commons with Apache License 2.0 | 5 votes |
|
public void serviceUpdate(AxisEvent axisEvent, AxisService axisService) {
if (SystemFilter.isFilteredOutService(axisService.getAxisServiceGroup()) || axisService.isClientSide()) {
return;
}
if (axisEvent.getEventType() == AxisEvent.SERVICE_DEPLOY) {
for (Iterator iter = axisService.getOperations(); iter.hasNext(); ) {
AxisOperation op = (AxisOperation) iter.next();
setCountersAndProcessors(op);
}
// see ESBJAVA-2327
if (JavaUtils.isTrueExplicitly(axisService.getParameterValue("disableOperationValidation"))) {
AxisOperation defaultOp = (AxisOperation) axisService.getParameterValue("_default_mediate_operation_");
if (defaultOp != null) {
setCountersAndProcessors(defaultOp);
}
}
// Service response time processor
Parameter responseTimeProcessor = new Parameter();
responseTimeProcessor.setName(StatisticsConstants.SERVICE_RESPONSE_TIME_PROCESSOR);
responseTimeProcessor.setValue(new ResponseTimeProcessor());
try {
axisService.addParameter(responseTimeProcessor);
} catch (AxisFault axisFault) {
// will not occur
}
}
}
Example 7
| Source File: SecurityDeploymentInterceptor.java From carbon-identity with Apache License 2.0 | 4 votes |
|
private void applySecurityParameters(AxisService service, SecurityScenario secScenario,
Policy policy) {
try {
UserRealm userRealm = (UserRealm) PrivilegedCarbonContext.getThreadLocalCarbonContext()
.getUserRealm();
UserRegistry govRegistry = (UserRegistry) PrivilegedCarbonContext
.getThreadLocalCarbonContext().getRegistry(RegistryType.SYSTEM_GOVERNANCE);
String serviceGroupId = service.getAxisServiceGroup().getServiceGroupName();
String serviceName = service.getName();
SecurityConfigParams configParams =
SecurityConfigParamBuilder.getSecurityParams(getSecurityConfig(policy));
// Set Trust (Rahas) Parameters
if (secScenario.getModules().contains(SecurityConstants.TRUST_MODULE)) {
AxisModule trustModule = service.getAxisConfiguration()
.getModule(SecurityConstants.TRUST_MODULE);
if (log.isDebugEnabled()) {
log.debug("Enabling trust module : " + SecurityConstants.TRUST_MODULE);
}
service.disengageModule(trustModule);
service.engageModule(trustModule);
Properties cryptoProps = new Properties();
cryptoProps.setProperty(ServerCrypto.PROP_ID_PRIVATE_STORE,
configParams.getPrivateStore());
cryptoProps.setProperty(ServerCrypto.PROP_ID_DEFAULT_ALIAS,
configParams.getKeyAlias());
if (configParams.getTrustStores() != null) {
cryptoProps.setProperty(ServerCrypto.PROP_ID_TRUST_STORES,
configParams.getTrustStores());
}
service.addParameter(RahasUtil.getSCTIssuerConfigParameter(
ServerCrypto.class.getName(), cryptoProps, -1, null, true, true));
service.addParameter(RahasUtil.getTokenCancelerConfigParameter());
}
// Authorization
AuthorizationManager manager = userRealm.getAuthorizationManager();
String resourceName = serviceGroupId + "/" + serviceName;
removeAuthorization(userRealm,serviceGroupId,serviceName);
String allowRolesParameter = configParams.getAllowedRoles();
if (allowRolesParameter != null) {
if (log.isDebugEnabled()) {
log.debug("Authorizing roles " + allowRolesParameter);
}
String[] allowRoles = allowRolesParameter.split(",");
if (allowRoles != null) {
for (String role : allowRoles) {
manager.authorizeRole(role, resourceName,
UserCoreConstants.INVOKE_SERVICE_PERMISSION);
}
}
}
// Password Callback Handler
ServicePasswordCallbackHandler handler =
new ServicePasswordCallbackHandler(configParams, serviceGroupId, serviceName,
govRegistry, userRealm);
Parameter param = new Parameter();
param.setName(WSHandlerConstants.PW_CALLBACK_REF);
param.setValue(handler);
service.addParameter(param);
} catch (Throwable e) {
//TODO: Copied from 4.2.2.
//TODO: Not sure why we are catching throwable. Need to check error handling is correct
String msg = "Cannot apply security parameters";
log.error(msg, e);
}
}
Example 8
| Source File: SecurityConfigAdmin.java From carbon-identity with Apache License 2.0 | 4 votes |
|
public void applySecurity(String serviceName, String scenarioId, String policyPath,
String[] trustedStores, String privateStore,
String[] userGroups) throws SecurityConfigException {
AxisService service = axisConfig.getServiceForActivation(serviceName);
OMElement carbonSecConfigs = null;
if (service == null) {
throw new SecurityConfigException("Service not available.");
}
if (userGroups != null) {
Arrays.sort(userGroups);
if (Arrays.binarySearch(userGroups, CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME) > -1) {
log.error("Security breach. A user is attempting to enable anonymous for UT access");
throw new SecurityConfigException("Invalid data provided"); // obscure error message
}
}
// First disable security and remove all applied policies before applying a new policy
this.disableSecurityOnService(serviceName);
OMElement policyElement = loadPolicyAsXML(scenarioId, policyPath);
SecurityScenario scenario = SecurityScenarioDatabase.get(scenarioId);
boolean isTrustEnabled = scenario.getModules().contains(SecurityConstants.TRUST_MODULE);
if ((isTrustEnabled || (userGroups != null && userGroups.length > 0))) {
carbonSecConfigs = addUserParameters(policyElement, trustedStores, privateStore, userGroups, null,
isTrustEnabled, policyPath);
}
// If policy is taken from registry (custom policy) it needs to have rampartConfigs defined it.
if (StringUtils.isNotBlank(policyPath)) {
policyElement.addChild(buildRampartConfigXML(privateStore, trustedStores, null));
}
Policy policy = PolicyEngine.getPolicy(policyElement);
try {
persistPolicy(service, policyElement, policy.getId());
applyPolicy(service, policy, carbonSecConfigs);
String serviceGroupId = service.getAxisServiceGroup().getServiceGroupName();
if (userGroups != null) {
for (String value : userGroups) {
AuthorizationManager acAdmin = realm.getAuthorizationManager();
acAdmin.authorizeRole(value, serviceGroupId + "/" + service.getName(),
UserCoreConstants.INVOKE_SERVICE_PERMISSION);
}
}
if (policyPath != null &&
scenarioId.equals(SecurityConstants.POLICY_FROM_REG_SCENARIO)) {
Parameter pathParam = new Parameter(SecurityConstants.SECURITY_POLICY_PATH,
policyPath);
service.addParameter(pathParam);
}
} catch (Exception e) {
throw new SecurityConfigException("Error while persisting policy in registry", e);
}
}
