Source Code: AuthenticateHandler.java

PRODUCTS
Database
Middleware
Developer Tools
Enterprise Management
Applications Technology
Products A-Z
TECHNOLOGIES
BI & Data Warehousing
Embedded
Java
Linux
.NET
PHP
Security
Windows Server System
Technologies A-Z
ARCHITECTURE
Enterprise 2.0
Extreme Transaction Processing
Grid
Service-Oriented Architecture
Virtualization
COMMUNITY
Join OTN
Oracle ACEs
Oracle Wiki
Blogs
Podcasts
Events
Newsletters
Oracle Magazine
Oracle Books
Certification
User Groups
Partner White Papers
Printer View
E-mail this page
Bookmark
/**
 * Created : Anirban
 * Date: May 19, 2003
 * Modified by : Chandar
 *
 *  File : AuthenticateHandler.java
 *
 * Overview :
 *     This file defines the service side handler class of Credit Card
 *   Web Service. The handler intercepts the SOAP request from
 *  client, check is the authentication information supplied in header
  *   is correct and sends the message to the Web  service.
 */


package oracle.demo.header;

import java.io.*;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.rpc.handler.MessageContext;
import javax.xml.rpc.handler.HandlerInfo;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import javax.xml.soap.*;

import java.text.DateFormat;

import java.util.Date;


/**
 * Handler to authenticate the requests send in by the user
 * from information provided through soap-headers
*/
public class AuthenticateHandler implements javax.xml.rpc.handler.Handler
{
  // variable for output stream
  private PrintStream out =System.out;
  private QName[] headers;
  private DateFormat formater = DateFormat.getDateTimeInstance();

  //the default valid ID and PASSWORD , the same can be set through
  //webservices.xml
  private static String VALID_ID="SCOTT";
  private static String VALID_PASSWORD="TIGER";

/*
 *  Constructor definition
 */

  public AuthenticateHandler () {
        out.println("--- In AuthenticateHandler Constructor.");
  }

/*
 * This method initializes the handler class
 */

  public void init(HandlerInfo info) {
     out.println("--- In AuthenticateHandler.init ()");

     // get the authentication information from config file
     // webservices.xml
     headers = info.getHeaders();
     Map config = info.getHandlerConfig();
     if( config!=null){
         VALID_ID =(String)config.get("id");
         VALID_PASSWORD=(String)config.get("password");
     }
  }


/*
 * The handleFault method processes the SOAP faults based
 * on the SOAP message processing model.
 */

  public boolean handleFault(MessageContext context) {
     out.println("--- In AuthenticateHandler.handleFault (), context=" + context);
     return true;
  }


 /*
 *The handleRequest method processes the request message.
 * It retrieves the authentication information for the request header
 * and validates it.
 */

  public boolean handleRequest (MessageContext context) {
    boolean exit =true;
    String name;
    out.println("--- In AuthenticateHandler.handleRequest () at "
                 +formater.format(new Date()));

    try {
         // get SOAP message context
          SOAPMessageContext smc = (SOAPMessageContext) context;

          // get SOAP envelope from SOAP message
          SOAPEnvelope se = smc.getMessage().getSOAPPart().getEnvelope();

          // get the headers from envelope
           SOAPHeader sh = se.getHeader();

         if(sh==null){
            out.println("--- No headers found in the input SOAP request");
            exit = false;
          } else
            // call method to process header
            exit=processSOAPHeader(sh);
  }
    catch (Exception ex) {
        ex.printStackTrace();
    }

    return exit;
}


 /*
 *This method is called by handleRequest method
 * It retrieves the SOAP headers in the message and authenticates
 * the client.
 */
  private boolean processSOAPHeader (SOAPHeader sh) {

    boolean authenticated = false;
    boolean found = false;

   // get the headers in the SOAPHeader
   QName[] headers = getHeaders();
   javax.xml.soap.Name sName;

   // if there are no headers
   if(headers.length==0)  {
      out.println("no headers to process");
   }else{
     // process each header
     for(int x=0;x<headers.length;x++){
        out.println("SOAP Header that it can process :"+headers[x]);

      //look for authentication header element inside the HEADER block
      java.util.Iterator childElems = sh.getChildElements();
      SOAPElement child;

      // iterate through child elements
      while (childElems.hasNext()) {
           Object elem = childElems.next();
        if(elem instanceof SOAPElement ){
           // get child element and its name
           child = (SOAPElement) elem;
           sName = child.getElementName();

               // check if this is required header
           if (sName.getLocalName().equals(headers[x].getLocalPart()) &&
                 sName.getURI().equals(headers[x].getNamespaceURI()))  {
                 found = true;// found a SOAP header by this name

                  // call method to perform authentication
               authenticated= processSOAPHeaderInfo (child);
            }
         }
      }

      if(found){
         out.println("----  header element "+headers[x]+
                        " found in SOAP req");
             break;
          }
       else
         out.println("----  header element "+headers[x]+
                        " not found in SOAP req");

    }
   }
   return authenticated;
  }



 /*
 * This method retrieves the authentication information for the
 * request header  and validates it.
 */
  private boolean processSOAPHeaderInfo (SOAPElement e) {
    boolean authenticated = true;
    // variable for user id and password
    String _id="";
    String _password="";
    javax.xml.soap.Name sName;

    // ge the name of  SOAP element
    sName = e.getElementName();

    out.println("--- \tElement="+e.getElementName().getQualifiedName());

   // get an iterator on child elements of SOAP element
   java.util.Iterator childElems = e.getChildElements();

    SOAPElement child;
    // loop through child elements

    while (childElems.hasNext()) {
      // get next child element
         Object elem = childElems.next();

      if(elem instanceof SOAPElement ){
            child = (SOAPElement) elem;
         sName = child.getElementName();

         // get the value of id element
         if (sName.getLocalName().equals("id"))  {
           out.println("---\t\tid ="+child.getValue());
            _id=child.getValue();
          }

             // get the value of password element
          if (sName.getLocalName().equals("password"))  {
                out.println("---\t\tpassword ="+child.getValue());
             _password =child.getValue();
          }
     }
       }

    // check if id and password combination is valid
    if(_id.equals(VALID_ID) && _password.equals(VALID_PASSWORD)){
        out.println("Authenticated by the Second handler !!!!!");
        }else{
        out.println("could not authenticate ,WRONG id or password");
        authenticated = false;
     }

    return authenticated;

  }

  public boolean handleResponse (MessageContext context) {
        out.println("--- In AuthenticateHandler.handleResponse ()");
    return true;
    }


  public javax.xml.namespace.QName[] getHeaders() {
      out.println("--- In AuthenticateHandler.getHeaders ()");
      return headers;
  }


  public void destroy() {
      out.println("--- In AuthenticateHandler.destroy ()");
      out.close();
  }

   }
E-mail this page
Printer View
	About Oracle \| \| Careers \| Contact Us \| Site Maps \| Legal Notices \| Terms of Use \| Privacy