aoqi@0: /* aoqi@0: * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. aoqi@0: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. aoqi@0: * aoqi@0: * This code is free software; you can redistribute it and/or modify it aoqi@0: * under the terms of the GNU General Public License version 2 only, as aoqi@0: * published by the Free Software Foundation. Oracle designates this aoqi@0: * particular file as subject to the "Classpath" exception as provided aoqi@0: * by Oracle in the LICENSE file that accompanied this code. aoqi@0: * aoqi@0: * This code is distributed in the hope that it will be useful, but WITHOUT aoqi@0: * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or aoqi@0: * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License aoqi@0: * version 2 for more details (a copy is included in the LICENSE file that aoqi@0: * accompanied this code). aoqi@0: * aoqi@0: * You should have received a copy of the GNU General Public License version aoqi@0: * 2 along with this work; if not, write to the Free Software Foundation, aoqi@0: * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. aoqi@0: * aoqi@0: * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA aoqi@0: * or visit www.oracle.com if you need additional information or have any aoqi@0: * questions. aoqi@0: */ aoqi@0: aoqi@0: package com.sun.xml.internal.ws.addressing; aoqi@0: aoqi@0: import com.sun.istack.internal.NotNull; aoqi@0: import com.sun.xml.internal.ws.addressing.model.InvalidAddressingHeaderException; aoqi@0: import com.sun.xml.internal.ws.addressing.model.MissingAddressingHeaderException; aoqi@0: import com.sun.xml.internal.ws.api.SOAPVersion; aoqi@0: import com.sun.xml.internal.ws.api.WSBinding; aoqi@0: import com.sun.xml.internal.ws.api.addressing.AddressingVersion; aoqi@0: import com.sun.xml.internal.ws.api.message.AddressingUtils; aoqi@0: import com.sun.xml.internal.ws.api.message.Header; aoqi@0: import com.sun.xml.internal.ws.api.message.Message; aoqi@0: import com.sun.xml.internal.ws.api.message.Messages; aoqi@0: import com.sun.xml.internal.ws.api.message.Packet; aoqi@0: import com.sun.xml.internal.ws.api.model.wsdl.WSDLBoundOperation; aoqi@0: import com.sun.xml.internal.ws.api.model.wsdl.WSDLPort; aoqi@0: import com.sun.xml.internal.ws.api.pipe.NextAction; aoqi@0: import com.sun.xml.internal.ws.api.pipe.Tube; aoqi@0: import com.sun.xml.internal.ws.api.pipe.TubeCloner; aoqi@0: import com.sun.xml.internal.ws.api.pipe.helper.AbstractFilterTubeImpl; aoqi@0: import com.sun.xml.internal.ws.developer.MemberSubmissionAddressingFeature; aoqi@0: import com.sun.xml.internal.ws.message.FaultDetailHeader; aoqi@0: import com.sun.xml.internal.ws.resources.AddressingMessages; aoqi@0: aoqi@0: import javax.xml.namespace.QName; aoqi@0: import javax.xml.soap.SOAPFault; aoqi@0: import javax.xml.stream.XMLStreamException; aoqi@0: import javax.xml.ws.WebServiceException; aoqi@0: import javax.xml.ws.soap.AddressingFeature; aoqi@0: import javax.xml.ws.soap.SOAPBinding; aoqi@0: import java.util.Iterator; aoqi@0: import java.util.logging.Logger; aoqi@0: import java.util.logging.Level; aoqi@0: aoqi@0: /** aoqi@0: * WS-Addressing processing code shared between client and server. aoqi@0: * aoqi@0: *

aoqi@0: * This tube is used only when WS-Addressing is enabled. aoqi@0: * aoqi@0: * @author Rama Pulavarthi aoqi@0: * @author Arun Gupta aoqi@0: */ aoqi@0: abstract class WsaTube extends AbstractFilterTubeImpl { aoqi@0: /** aoqi@0: * Port that we are processing. aoqi@0: */ aoqi@0: protected final @NotNull WSDLPort wsdlPort; aoqi@0: protected final WSBinding binding; aoqi@0: final WsaTubeHelper helper; aoqi@0: protected final @NotNull AddressingVersion addressingVersion; aoqi@0: protected final SOAPVersion soapVersion; aoqi@0: aoqi@0: /** aoqi@0: * True if the addressing headers are mandatory. aoqi@0: */ aoqi@0: private final boolean addressingRequired; aoqi@0: aoqi@0: public WsaTube(WSDLPort wsdlPort, WSBinding binding, Tube next) { aoqi@0: super(next); aoqi@0: this.wsdlPort = wsdlPort; aoqi@0: this.binding = binding; aoqi@0: addKnownHeadersToBinding(binding); aoqi@0: addressingVersion = binding.getAddressingVersion(); aoqi@0: soapVersion = binding.getSOAPVersion(); aoqi@0: helper = getTubeHelper(); aoqi@0: addressingRequired = AddressingVersion.isRequired(binding); aoqi@0: } aoqi@0: aoqi@0: public WsaTube(WsaTube that, TubeCloner cloner) { aoqi@0: super(that, cloner); aoqi@0: this.wsdlPort = that.wsdlPort; aoqi@0: this.binding = that.binding; aoqi@0: this.helper = that.helper; aoqi@0: addressingVersion = that.addressingVersion; aoqi@0: soapVersion = that.soapVersion; aoqi@0: addressingRequired = that.addressingRequired; aoqi@0: } aoqi@0: aoqi@0: private void addKnownHeadersToBinding(WSBinding binding) { aoqi@0: for (AddressingVersion addrVersion: AddressingVersion.values()) { aoqi@0: binding.addKnownHeader(addrVersion.actionTag); aoqi@0: binding.addKnownHeader(addrVersion.faultDetailTag); aoqi@0: binding.addKnownHeader(addrVersion.faultToTag); aoqi@0: binding.addKnownHeader(addrVersion.fromTag); aoqi@0: binding.addKnownHeader(addrVersion.messageIDTag); aoqi@0: binding.addKnownHeader(addrVersion.relatesToTag); aoqi@0: binding.addKnownHeader(addrVersion.replyToTag); aoqi@0: binding.addKnownHeader(addrVersion.toTag); aoqi@0: } aoqi@0: } aoqi@0: aoqi@0: @Override aoqi@0: public @NotNull NextAction processException(Throwable t) { aoqi@0: return super.processException(t); aoqi@0: } aoqi@0: aoqi@0: protected WsaTubeHelper getTubeHelper() { aoqi@0: if(binding.isFeatureEnabled(AddressingFeature.class)) { aoqi@0: return new WsaTubeHelperImpl(wsdlPort, null, binding); aoqi@0: } else if(binding.isFeatureEnabled(MemberSubmissionAddressingFeature.class)) { aoqi@0: //seiModel is null as it is not needed. aoqi@0: return new com.sun.xml.internal.ws.addressing.v200408.WsaTubeHelperImpl(wsdlPort, null, binding); aoqi@0: } else { aoqi@0: // Addressing is not enabled, WsaTube should not be included in the pipeline aoqi@0: throw new WebServiceException(AddressingMessages.ADDRESSING_NOT_ENABLED(this.getClass().getSimpleName())); aoqi@0: } aoqi@0: } aoqi@0: aoqi@0: /** aoqi@0: * Validates the inbound message. If an error is found, create aoqi@0: * a fault message and returns that. Otherwise aoqi@0: * it will pass through the parameter 'packet' object to the return value. aoqi@0: */ aoqi@0: protected Packet validateInboundHeaders(Packet packet) { aoqi@0: SOAPFault soapFault; aoqi@0: FaultDetailHeader s11FaultDetailHeader; aoqi@0: aoqi@0: try { aoqi@0: checkMessageAddressingProperties(packet); aoqi@0: return packet; aoqi@0: } catch (InvalidAddressingHeaderException e) { aoqi@0: LOGGER.log(Level.WARNING, aoqi@0: addressingVersion.getInvalidMapText()+", Problem header:" + e.getProblemHeader()+ ", Reason: "+ e.getSubsubcode(),e); aoqi@0: soapFault = helper.createInvalidAddressingHeaderFault(e, addressingVersion); aoqi@0: s11FaultDetailHeader = new FaultDetailHeader(addressingVersion, addressingVersion.problemHeaderQNameTag.getLocalPart(), e.getProblemHeader()); aoqi@0: } catch (MissingAddressingHeaderException e) { aoqi@0: LOGGER.log(Level.WARNING,addressingVersion.getMapRequiredText()+", Problem header:"+ e.getMissingHeaderQName(),e); aoqi@0: soapFault = helper.newMapRequiredFault(e); aoqi@0: s11FaultDetailHeader = new FaultDetailHeader(addressingVersion, addressingVersion.problemHeaderQNameTag.getLocalPart(), e.getMissingHeaderQName()); aoqi@0: } aoqi@0: aoqi@0: if (soapFault != null) { aoqi@0: // WS-A fault processing for one-way methods aoqi@0: if ((wsdlPort !=null) && packet.getMessage().isOneWay(wsdlPort)) { aoqi@0: return packet.createServerResponse(null, wsdlPort, null, binding); aoqi@0: } aoqi@0: aoqi@0: Message m = Messages.create(soapFault); aoqi@0: if (soapVersion == SOAPVersion.SOAP_11) { aoqi@0: m.getHeaders().add(s11FaultDetailHeader); aoqi@0: } aoqi@0: aoqi@0: return packet.createServerResponse(m, wsdlPort, null, binding); aoqi@0: } aoqi@0: aoqi@0: return packet; aoqi@0: } aoqi@0: aoqi@0: /** aoqi@0: * This method checks all the WS-Addressing headers are valid and as per the spec definded rules. aoqi@0: * Mainly it checks the cardinality of the WSA headers and checks that mandatory headers exist. aoqi@0: * It also checks if the SOAPAction is equal to wsa:Action value when non-empty. aoqi@0: * aoqi@0: * Override this method if you need to additional checking of headers other than just existence of the headers. aoqi@0: * For ex: On server-side, check Anonymous and Non-Anonymous semantics in addition to checking cardinality. aoqi@0: * aoqi@0: * Override checkMandatoryHeaders(Packet p) to have different validation rules for different versions aoqi@0: * aoqi@0: * @param packet aoqi@0: */ aoqi@0: protected void checkMessageAddressingProperties(Packet packet) { aoqi@0: checkCardinality(packet); aoqi@0: } aoqi@0: aoqi@0: final boolean isAddressingEngagedOrRequired(Packet packet, WSBinding binding) { aoqi@0: if (AddressingVersion.isRequired(binding)) aoqi@0: return true; aoqi@0: aoqi@0: if (packet == null) aoqi@0: return false; aoqi@0: aoqi@0: if (packet.getMessage() == null) aoqi@0: return false; aoqi@0: aoqi@0: if (packet.getMessage().getHeaders() != null) aoqi@0: return false; aoqi@0: aoqi@0: String action = AddressingUtils.getAction( aoqi@0: packet.getMessage().getHeaders(), aoqi@0: addressingVersion, soapVersion); aoqi@0: if (action == null) aoqi@0: return true; aoqi@0: aoqi@0: return true; aoqi@0: } aoqi@0: aoqi@0: /** aoqi@0: * Checks the cardinality of WS-Addressing headers on an inbound {@link Packet}. This method aoqi@0: * checks for the cardinality if WS-Addressing is engaged (detected by the presence of wsa:Action aoqi@0: * header) or wsdl:required=true. aoqi@0: * aoqi@0: * @param packet The inbound packet. aoqi@0: * @throws WebServiceException if: aoqi@0: *

aoqi@0: */ aoqi@0: protected void checkCardinality(Packet packet) { aoqi@0: Message message = packet.getMessage(); aoqi@0: if (message == null) { aoqi@0: if (addressingRequired) aoqi@0: throw new WebServiceException(AddressingMessages.NULL_MESSAGE()); aoqi@0: else aoqi@0: return; aoqi@0: } aoqi@0: aoqi@0: Iterator
hIter = message.getHeaders().getHeaders(addressingVersion.nsUri, true); aoqi@0: aoqi@0: if (!hIter.hasNext()) { aoqi@0: // no WS-A headers are found aoqi@0: if (addressingRequired) aoqi@0: // if WS-A is required, then throw an exception looking for wsa:Action header aoqi@0: throw new MissingAddressingHeaderException(addressingVersion.actionTag,packet); aoqi@0: else aoqi@0: // else no need to process aoqi@0: return; aoqi@0: } aoqi@0: aoqi@0: boolean foundFrom = false; aoqi@0: boolean foundTo = false; aoqi@0: boolean foundReplyTo = false; aoqi@0: boolean foundFaultTo = false; aoqi@0: boolean foundAction = false; aoqi@0: boolean foundMessageId = false; aoqi@0: boolean foundRelatesTo = false; aoqi@0: QName duplicateHeader = null; aoqi@0: aoqi@0: while (hIter.hasNext()) { aoqi@0: Header h = hIter.next(); aoqi@0: aoqi@0: // check if the Header is in current role aoqi@0: if (!isInCurrentRole(h, binding)) { aoqi@0: continue; aoqi@0: } aoqi@0: aoqi@0: String local = h.getLocalPart(); aoqi@0: if (local.equals(addressingVersion.fromTag.getLocalPart())) { aoqi@0: if (foundFrom) { aoqi@0: duplicateHeader = addressingVersion.fromTag; aoqi@0: break; aoqi@0: } aoqi@0: foundFrom = true; aoqi@0: } else if (local.equals(addressingVersion.toTag.getLocalPart())) { aoqi@0: if (foundTo) { aoqi@0: duplicateHeader = addressingVersion.toTag; aoqi@0: break; aoqi@0: } aoqi@0: foundTo = true; aoqi@0: } else if (local.equals(addressingVersion.replyToTag.getLocalPart())) { aoqi@0: if (foundReplyTo) { aoqi@0: duplicateHeader = addressingVersion.replyToTag; aoqi@0: break; aoqi@0: } aoqi@0: foundReplyTo = true; aoqi@0: try { // verify that the header is in a good shape aoqi@0: h.readAsEPR(addressingVersion); aoqi@0: } catch (XMLStreamException e) { aoqi@0: throw new WebServiceException(AddressingMessages.REPLY_TO_CANNOT_PARSE(), e); aoqi@0: } aoqi@0: } else if (local.equals(addressingVersion.faultToTag.getLocalPart())) { aoqi@0: if (foundFaultTo) { aoqi@0: duplicateHeader = addressingVersion.faultToTag; aoqi@0: break; aoqi@0: } aoqi@0: foundFaultTo = true; aoqi@0: try { // verify that the header is in a good shape aoqi@0: h.readAsEPR(addressingVersion); aoqi@0: } catch (XMLStreamException e) { aoqi@0: throw new WebServiceException(AddressingMessages.FAULT_TO_CANNOT_PARSE(), e); aoqi@0: } aoqi@0: } else if (local.equals(addressingVersion.actionTag.getLocalPart())) { aoqi@0: if (foundAction) { aoqi@0: duplicateHeader = addressingVersion.actionTag; aoqi@0: break; aoqi@0: } aoqi@0: foundAction = true; aoqi@0: } else if (local.equals(addressingVersion.messageIDTag.getLocalPart())) { aoqi@0: if (foundMessageId) { aoqi@0: duplicateHeader = addressingVersion.messageIDTag; aoqi@0: break; aoqi@0: } aoqi@0: foundMessageId = true; aoqi@0: } else if (local.equals(addressingVersion.relatesToTag.getLocalPart())) { aoqi@0: foundRelatesTo = true; aoqi@0: } else if (local.equals(addressingVersion.faultDetailTag.getLocalPart())) { aoqi@0: // TODO: should anything be done here ? aoqi@0: // TODO: fault detail element - only for SOAP 1.1 aoqi@0: } else { aoqi@0: System.err.println(AddressingMessages.UNKNOWN_WSA_HEADER()); aoqi@0: } aoqi@0: } aoqi@0: aoqi@0: // check for invalid cardinality first before checking for mandatory headers aoqi@0: if (duplicateHeader != null) { aoqi@0: throw new InvalidAddressingHeaderException(duplicateHeader, addressingVersion.invalidCardinalityTag); aoqi@0: } aoqi@0: aoqi@0: // WS-A is engaged if wsa:Action header is found aoqi@0: boolean engaged = foundAction; aoqi@0: aoqi@0: // check for mandatory set of headers only if: aoqi@0: // 1. WS-A is engaged or aoqi@0: // 2. wsdl:required=true aoqi@0: // Both wsa:Action and wsa:To MUST be present on request (for oneway MEP) and aoqi@0: // response messages (for oneway and request/response MEP only) aoqi@0: if (engaged || addressingRequired) { aoqi@0: // Check for mandatory headers always (even for Protocol messages). aoqi@0: // If it breaks any interop scenarios, Remove the comments. aoqi@0: /* aoqi@0: WSDLBoundOperation wbo = getWSDLBoundOperation(packet); aoqi@0: // no need to check for for non-application messages aoqi@0: if (wbo == null) aoqi@0: return; aoqi@0: */ aoqi@0: checkMandatoryHeaders(packet, foundAction, foundTo, foundReplyTo, aoqi@0: foundFaultTo, foundMessageId, foundRelatesTo); aoqi@0: } aoqi@0: } aoqi@0: aoqi@0: final boolean isInCurrentRole(Header header, WSBinding binding) { aoqi@0: // TODO: binding will be null for protocol messages aoqi@0: // TODO: returning true assumes that protocol messages are aoqi@0: // TODO: always in current role, this may not to be fixed. aoqi@0: if (binding == null) aoqi@0: return true; aoqi@0: return ((SOAPBinding)binding).getRoles().contains(header.getRole(soapVersion)); aoqi@0: aoqi@0: } aoqi@0: aoqi@0: protected final WSDLBoundOperation getWSDLBoundOperation(Packet packet) { aoqi@0: //we can find Req/Response or Oneway only with WSDLModel aoqi@0: if(wsdlPort == null) aoqi@0: return null; aoqi@0: QName opName = packet.getWSDLOperation(); aoqi@0: if(opName != null) aoqi@0: return wsdlPort.getBinding().get(opName); aoqi@0: return null; aoqi@0: } aoqi@0: aoqi@0: protected void validateSOAPAction(Packet packet) { aoqi@0: String gotA = AddressingUtils.getAction( aoqi@0: packet.getMessage().getHeaders(), aoqi@0: addressingVersion, soapVersion); aoqi@0: if (gotA == null) aoqi@0: throw new WebServiceException(AddressingMessages.VALIDATION_SERVER_NULL_ACTION()); aoqi@0: if(packet.soapAction != null && !packet.soapAction.equals("\"\"") && !packet.soapAction.equals("\""+gotA+"\"")) { aoqi@0: throw new InvalidAddressingHeaderException(addressingVersion.actionTag, addressingVersion.actionMismatchTag); aoqi@0: } aoqi@0: } aoqi@0: aoqi@0: protected abstract void validateAction(Packet packet); aoqi@0: aoqi@0: /** aoqi@0: * This should be called only when Addressing is engaged. aoqi@0: * aoqi@0: * Checks only for presence of wsa:Action and validates that wsa:Action aoqi@0: * equals SOAPAction header when non-empty aoqi@0: * Should be overridden if other wsa headers need to be checked based on version. aoqi@0: * aoqi@0: * @param packet aoqi@0: * @param foundAction aoqi@0: * @param foundTo aoqi@0: * @param foundReplyTo aoqi@0: * @param foundFaultTo aoqi@0: * @param foundMessageId aoqi@0: * @param foundRelatesTo aoqi@0: */ aoqi@0: protected void checkMandatoryHeaders( aoqi@0: Packet packet, boolean foundAction, boolean foundTo, boolean foundReplyTo, aoqi@0: boolean foundFaultTo, boolean foundMessageId, boolean foundRelatesTo) { aoqi@0: // if no wsa:Action header is found aoqi@0: if (!foundAction) aoqi@0: throw new MissingAddressingHeaderException(addressingVersion.actionTag,packet); aoqi@0: validateSOAPAction(packet); aoqi@0: } aoqi@0: private static final Logger LOGGER = Logger.getLogger(WsaTube.class.getName()); aoqi@0: }