View Javadoc
1   /*
2    * Copyright 2009 the original author or authors.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *     
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.openehealth.ipf.commons.ihe.ws.cxf.audit;
17  
18  import org.apache.cxf.binding.soap.SoapMessage;
19  import org.apache.cxf.headers.Header;
20  import org.apache.cxf.wsdl.interceptors.DocLiteralInInterceptor;
21  import org.apache.cxf.phase.Phase;
22  import org.openehealth.ipf.commons.audit.AuditContext;
23  import org.openehealth.ipf.commons.ihe.core.atna.AuditStrategy;
24  import org.openehealth.ipf.commons.ihe.ws.WsTransactionConfiguration;
25  import org.openehealth.ipf.commons.ihe.ws.cxf.payload.StringPayloadHolder;
26  
27  /**
28   * CXF interceptor for ATNA auditing in WS-based IHE transactions with
29   * WSA asynchrony support.  Handles <b>incoming</b> requests
30   * on <b>service</b> (consumer) side.
31   *
32   * @author Dmytro Rud
33   */
34  public class AuditInRequestInterceptor<T extends WsAuditDataset> extends AbstractAuditInterceptor<T> {
35  
36      private final WsTransactionConfiguration<T> wsTransactionConfiguration;
37  
38      /**
39       * Constructor.
40       */
41      public AuditInRequestInterceptor(AuditStrategy<T> auditStrategy, AuditContext auditContext, WsTransactionConfiguration<T> wsTransactionConfiguration) {
42          super(Phase.UNMARSHAL, auditStrategy, auditContext);
43          addAfter(DocLiteralInInterceptor.class.getName());
44          this.wsTransactionConfiguration = wsTransactionConfiguration;
45      }
46  
47      
48      @Override
49      protected void process(SoapMessage message) {
50          if (isGET(message)) {
51              return;
52          }
53  
54          T auditDataset = getAuditDataset(message);
55          extractAddressesFromServletRequest(message, auditDataset);
56          extractXuaUserNameFromSaml2Assertion(message, Header.Direction.DIRECTION_IN, auditDataset);
57          // TODO Also extract basic auth user?
58          extractClientCertificateCommonName(message, auditDataset);
59          
60          if (wsTransactionConfiguration.isAuditRequestPayload()) {
61              auditDataset.setRequestPayload(message.getContent(StringPayloadHolder.class));
62          }
63  
64          getAuditStrategy().enrichAuditDatasetFromRequest(auditDataset, extractPojo(message), message);
65      }
66  
67  }