com.sun.jbi.binding.security

Interface HttpSecurityHandler

public interface HttpSecurityHandler

HttpsSecurityHandler defines a set of methods which can be used by a Http binding.

Author:

Sun Microsystems, Inc.

Method Summary

Methods

Modifier and Type	Method and Description
Subject	authenticateSenderRequest(javax.servlet.http.HttpServletRequest request, Endpoint endpoint, Subject subject) Authenticate a HttpServletRequest.
Subject	authenticateSenderRequest(X509Certificate cert, Endpoint endpoint, Subject subject) Authenticate the Sender Request by getting the Sender identity from the Certificate.
URLConnection	createSecureClientConnection(URL serverURL, Endpoint endpoint) Make this a secure Connection.

Method Detail

authenticateSenderRequest

Subject authenticateSenderRequest(javax.servlet.http.HttpServletRequest request,
                                Endpoint endpoint,
                                Subject subject)
                                  throws HttpErrorResponseException

Authenticate a HttpServletRequest. If the Endpoint requires SSL Client Authentication, this method gets the Client Certificate from the request and authenticates the Sender. If a Client Certificate is missing an exception is thrown. If the Endpoint does not require SSL Client Authentication none of the above steps are performed and an empty Subject is returned. This method does not return a null Subject to avoid NullPOinterExceptions.

Parameters:

request - is the HttpServletRequest.

endpoint - is the targeted Endpoint

subject - is the Sender Subject to be updated, if null a new one is created.

Returns:

the authenticated Subject response to be sent to the client.

Throws:

HttpErrorResponseException - when the processing results in a Http Error

authenticateSenderRequest

Subject authenticateSenderRequest(X509Certificate cert,
                                Endpoint endpoint,
                                Subject subject)
                                  throws HttpErrorResponseException

Authenticate the Sender Request by getting the Sender identity from the Certificate.

Parameters:

cert - is the trusted X.509 Certificate.

endpoint - is the targeted Endpoint

subject - is the Sender Subject to be updated, if null a new one is created.

Returns:

the authenticated Subject

Throws:

HttpErrorResponseException - when the processing results in a Http Error response to be sent to the client.

createSecureClientConnection

URLConnection createSecureClientConnection(URL serverURL,
                                         Endpoint endpoint)
                                           throws IOException,
                                                  KeyStoreException,
                                                  NoSuchAlgorithmException,
                                                  KeyManagementException,
                                                  CertificateException,
                                                  UnrecoverableKeyException

Make this a secure Connection. The choice of using SSL3.0/TLS and the TrustStore Keystore details should come from the endpoint/operation details.

Parameters:

serverURL - Is the Server URL the secure connection is being made to.

endpoint - is the Endpoint on behalf of which the secure connection is being made.

Returns:

an instance of a Secure URL Connection

Throws:

KeyStoreException - when a problem is encountered accessing the KeyStore

NoSuchAlgorithmException - If the TLS algorithm is unknown

KeyManagementException - on KeyMamagement errors.

CertificateException - on certificate related problems.

UnrecoverableKeyException - If a required Key cannot be obtained from the store.

IOException - on IO realted errors.