Class AbstractAuditInterceptor<T extends WsAuditDataset>

    • Field Detail

      • DATASET_CONTEXT_KEY

        public static final String DATASET_CONTEXT_KEY
        Key used to store audit datasets in Web Service contexts.
    • Constructor Detail

      • AbstractAuditInterceptor

        protected AbstractAuditInterceptor​(String phase,
                                           AuditStrategy<T> auditStrategy,
                                           AuditContext auditContext)
        Constructor which sets a strategy.
        Parameters:
        phase - the phase in which to use this interceptor.
        auditStrategy - an audit strategy instance.

        null values are explicitly prohibited.

    • Method Detail

      • getAuditDataset

        protected T getAuditDataset​(SoapMessage message)
        Returns an audit dataset instance which corresponds to the given message.

        When no such instance is currently associated with the message, a new one will be created by means of the corresponding AuditStrategy and registered in the message's exchange.

        Parameters:
        message - CXF message currently handled by this interceptor.
        Returns:
        an audit dataset instance, or null when this instance could be neither obtained nor created from scratch.
      • getAuditStrategy

        protected AuditStrategy<T> getAuditStrategy()
        Returns the audit strategy associated with this interceptor.
        Returns:
        an audit strategy instance or null when none configured.
      • extractUserIdFromWSAddressing

        protected static void extractUserIdFromWSAddressing​(SoapMessage message,
                                                            boolean isInbound,
                                                            boolean inverseWsaDirection,
                                                            WsAuditDataset auditDataset)
        Extracts user ID from an WS-Addressing SOAP header and stores it in the given audit dataset.
        Parameters:
        message - CXF message.
        isInbound - true when the CXF message is an inbound one, false otherwise.
        inverseWsaDirection - true when direction is actually inversed, i.e. when the user ID should be taken not from the "ReplyTo:" WS-Addressing header, but from "To:" --- useful for asynchronous responses, where the endpoint which receives the response is not the endpoint which sent the request.
        auditDataset - target audit dataset.
      • enrichAuditDatasetFromXuaToken

        protected static void enrichAuditDatasetFromXuaToken​(SoapMessage message,
                                                             Header.Direction headerDirection,
                                                             WsAuditDataset auditDataset)
        Enriches the given audit dataset with elements from the XUA token (SAML2 assertion) contained in the given CXF message.
        Parameters:
        message - source CXF message.
        headerDirection - direction of the header containing the SAML2 assertion.
        auditDataset - target ATNA audit dataset.
      • extractAddressesFromServletRequest

        protected static void extractAddressesFromServletRequest​(SoapMessage message,
                                                                 WsAuditDataset auditDataset)
        Extracts service URI and client IP address from the servlet request.
      • extractClientCertificateCommonName

        protected static void extractClientCertificateCommonName​(SoapMessage message,
                                                                 WsAuditDataset auditDataset)
        Extract TLS information from servlet request, if available
      • extractPojo

        protected static Object extractPojo​(Message message)
        Extracts POJO from the given CXF message.
        Returns:
        POJO or null when none found.
      • getXuaProcessor

        public static XuaProcessor getXuaProcessor()
        Processor for extracting SAML tokens when XUA is used
      • setXuaProcessor

        public static void setXuaProcessor​(XuaProcessor xuaProcessor)
        Processor for extracting SAML tokens when XUA is used