SWS-285

Author: poutsma

security/src/main/java/org/springframework/ws/soap/security/AbstractWsSecurityInterceptor.java

@@ -127,27 +127,33 @@ public final boolean handleRequest(MessageContext messageContext, Object endpoin
      * @see #secureMessage(org.springframework.ws.soap.SoapMessage,org.springframework.ws.context.MessageContext)
      */
     public final boolean handleResponse(MessageContext messageContext, Object endpoint) throws Exception {
-        if (secureResponse) {
-            Assert.isTrue(messageContext.hasResponse(), "MessageContext contains no response");
-            Assert.isInstanceOf(SoapMessage.class, messageContext.getResponse());
-            try {
-                secureMessage((SoapMessage) messageContext.getResponse(), messageContext);
-                return true;
-            }
-            catch (WsSecuritySecurementException ex) {
-                return handleSecurementException(ex, messageContext);
+        try {
+            if (secureResponse) {
+                Assert.isTrue(messageContext.hasResponse(), "MessageContext contains no response");
+                Assert.isInstanceOf(SoapMessage.class, messageContext.getResponse());
+                try {
+                    secureMessage((SoapMessage) messageContext.getResponse(), messageContext);
+                    return true;
+                }
+                catch (WsSecuritySecurementException ex) {
+                    return handleSecurementException(ex, messageContext);
+                }
+                catch (WsSecurityFaultException ex) {
+                    return handleFaultException(ex, messageContext);
+                }
             }
-            catch (WsSecurityFaultException ex) {
-                return handleFaultException(ex, messageContext);
+            else {
+                return true;
             }
         }
-        else {
-            return true;
+        finally {
+            cleanUp();
         }
     }
 
     /** Returns <code>true</code>, i.e. fault responses are not secured. */
     public boolean handleFault(MessageContext messageContext, Object endpoint) throws Exception {
+        cleanUp();
         return true;
     }
 
@@ -296,4 +302,6 @@ protected abstract void validateMessage(SoapMessage soapMessage, MessageContext
      */
     protected abstract void secureMessage(SoapMessage soapMessage, MessageContext messageContext)
             throws WsSecuritySecurementException;
+
+    protected abstract void cleanUp();
 }

security/src/main/java/org/springframework/ws/soap/security/callback/CleanupCallback.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright 2008 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.ws.soap.security.callback;
+
+import java.io.Serializable;
+import javax.security.auth.callback.Callback;
+
+/**
+ * Underlying security services instantiate and pass a <code>CleanupCallback</code> to the <code>handle</code> method of
+ * a <code>CallbackHandler</code> to clean up security state.
+ *
+ * @author Arjen Poutsma
+ * @since 1.0.4
+ */
+public class CleanupCallback implements Callback, Serializable {
+
+    private static final long serialVersionUID = 4744181820980888237L;
+
+}

security/src/main/java/org/springframework/ws/soap/security/wss4j/Wss4jSecurityInterceptor.java

@@ -16,9 +16,12 @@
 
 package org.springframework.ws.soap.security.wss4j;
 
+import java.io.IOException;
 import java.security.cert.X509Certificate;
 import java.util.Vector;
+import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
 
 import org.apache.axiom.soap.SOAPEnvelope;
 import org.apache.axiom.soap.SOAPFactory;
@@ -47,6 +50,7 @@
 import org.springframework.ws.soap.security.WsSecuritySecurementException;
 import org.springframework.ws.soap.security.WsSecurityValidationException;
 import org.springframework.ws.soap.security.callback.CallbackHandlerChain;
+import org.springframework.ws.soap.security.callback.CleanupCallback;
 
 /**
  * A WS-Security endpoint interceptor based on Apache's WSS4J. This inteceptor supports messages created by the {@link
@@ -599,4 +603,18 @@ private void replaceMessage(SoapMessage soapMessage, Document envelope) {
         }
     }
 
+    protected void cleanUp() {
+        if (validationCallbackHandler != null) {
+            try {
+                CleanupCallback cleanupCallback = new CleanupCallback();
+                validationCallbackHandler.handle(new Callback[]{cleanupCallback});
+            }
+            catch (IOException ex) {
+                logger.warn("Cleanup callback resulted in IOException", ex);
+            }
+            catch (UnsupportedCallbackException ex) {
+                // ignore
+            }
+        }
+    }
 }

security/src/main/java/org/springframework/ws/soap/security/wss4j/callback/AbstractWsPasswordCallbackHandler.java

@@ -23,6 +23,7 @@
 import org.apache.ws.security.WSPasswordCallback;
 
 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
+import org.springframework.ws.soap.security.callback.CleanupCallback;
 
 /**
  * Abstract base class for {@link javax.security.auth.callback.CallbackHandler} implementations that handle {@link
@@ -74,6 +75,10 @@ protected final void handleInternal(Callback callback) throws IOException, Unsup
                             "Unknown usage [" + passwordCallback.getUsage() + "]");
             }
         }
+        else if (callback instanceof CleanupCallback) {
+            CleanupCallback cleanupCallback = (CleanupCallback) callback;
+            handleCleanup(cleanupCallback);
+        }
         else {
             throw new UnsupportedCallbackException(callback);
         }
@@ -173,4 +178,13 @@ protected void handleCustomToken(WSPasswordCallback callback) throws IOException
     protected void handleEncryptedKeyToken(Callback callback) throws IOException, UnsupportedCallbackException {
         throw new UnsupportedCallbackException(callback);
     }
+
+    /**
+     * Invoked when a {@link CleanupCallback} is passed to {@link #handle(Callback[])}.
+     * <p/>
+     * Default implementation throws an {@link UnsupportedCallbackException}.
+     */
+    protected void handleCleanup(CleanupCallback callback) throws IOException, UnsupportedCallbackException {
+        throw new UnsupportedCallbackException(callback);
+    }
 }

security/src/main/java/org/springframework/ws/soap/security/wss4j/callback/acegi/AcegiDigestPasswordValidationCallbackHandler.java

@@ -19,6 +19,7 @@
 import java.io.IOException;
 import javax.security.auth.callback.UnsupportedCallbackException;
 
+import org.acegisecurity.context.SecurityContextHolder;
 import org.acegisecurity.providers.dao.UserCache;
 import org.acegisecurity.providers.dao.cache.NullUserCache;
 import org.acegisecurity.userdetails.UserDetails;
@@ -28,6 +29,7 @@
 
 import org.springframework.dao.DataAccessException;
 import org.springframework.util.Assert;
+import org.springframework.ws.soap.security.callback.CleanupCallback;
 import org.springframework.ws.soap.security.wss4j.callback.AbstractWsPasswordCallbackHandler;
 
 /**
@@ -70,6 +72,10 @@ protected void handleUsernameToken(WSPasswordCallback callback) throws IOExcepti
         }
     }
 
+    protected void handleCleanup(CleanupCallback callback) throws IOException, UnsupportedCallbackException {
+        SecurityContextHolder.clearContext();
+    }
+
     private UserDetails loadUserDetails(String username) throws DataAccessException {
         UserDetails user = userCache.getUserFromCache(username);
 

security/src/main/java/org/springframework/ws/soap/security/wss4j/callback/acegi/AcegiPlainTextPasswordValidationCallbackHandler.java

@@ -28,6 +28,7 @@
 import org.apache.ws.security.WSSecurityException;
 
 import org.springframework.util.Assert;
+import org.springframework.ws.soap.security.callback.CleanupCallback;
 import org.springframework.ws.soap.security.wss4j.callback.AbstractWsPasswordCallbackHandler;
 
 /**
@@ -62,6 +63,10 @@ public void afterPropertiesSet() throws Exception {
         Assert.notNull(authenticationManager, "authenticationManager is required");
     }
 
+    protected void handleCleanup(CleanupCallback callback) throws IOException, UnsupportedCallbackException {
+        SecurityContextHolder.clearContext();
+    }
+
     protected void handleUsernameTokenUnknown(WSPasswordCallback callback)
             throws IOException, UnsupportedCallbackException {
         String identifier = callback.getIdentifer();
@@ -77,7 +82,7 @@ protected void handleUsernameTokenUnknown(WSPasswordCallback callback)
             if (logger.isDebugEnabled()) {
                 logger.debug("Authentication request for user '" + identifier + "' failed: " + failed.toString());
             }
-            SecurityContextHolder.getContext().setAuthentication(null);
+            SecurityContextHolder.clearContext();
             if (!ignoreFailure) {
                 throw new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION);
             }

security/src/main/java/org/springframework/ws/soap/security/xwss/XwsSecurityInterceptor.java

@@ -16,8 +16,11 @@
 
 package org.springframework.ws.soap.security.xwss;
 
+import java.io.IOException;
 import java.io.InputStream;
+import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.xml.soap.SOAPMessage;
 
 import com.sun.xml.wss.ProcessingContext;
@@ -34,6 +37,7 @@
 import org.springframework.ws.soap.saaj.SaajSoapMessage;
 import org.springframework.ws.soap.security.AbstractWsSecurityInterceptor;
 import org.springframework.ws.soap.security.WsSecurityValidationException;
+import org.springframework.ws.soap.security.callback.CleanupCallback;
 import org.springframework.ws.soap.security.xwss.callback.XwssCallbackHandlerChain;
 
 /**
@@ -164,4 +168,18 @@ protected void validateMessage(SoapMessage soapMessage, MessageContext messageCo
         }
     }
 
+    protected void cleanUp() {
+        if (callbackHandler != null) {
+            try {
+                CleanupCallback cleanupCallback = new CleanupCallback();
+                callbackHandler.handle(new Callback[]{cleanupCallback});
+            }
+            catch (IOException ex) {
+                logger.warn("Cleanup callback resulted in IOException", ex);
+            }
+            catch (UnsupportedCallbackException ex) {
+                // ignore
+            }
+        }
+    }
 }

security/src/main/java/org/springframework/ws/soap/security/xwss/callback/acegi/AcegiCertificateValidationCallbackHandler.java

@@ -30,6 +30,7 @@
 
 import org.springframework.util.Assert;
 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
+import org.springframework.ws.soap.security.callback.CleanupCallback;
 
 /**
  * Callback handler that validates a certificate using an Acegi <code>AuthenticationManager</code>. Logic based on
@@ -76,6 +77,9 @@ protected void handleInternal(Callback callback) throws IOException, Unsupported
         if (callback instanceof CertificateValidationCallback) {
             ((CertificateValidationCallback) callback).setValidator(new AcegiCertificateValidator());
         }
+        else if (callback instanceof CleanupCallback) {
+            SecurityContextHolder.clearContext();
+        }
         else {
             throw new UnsupportedCallbackException(callback);
         }
@@ -101,7 +105,7 @@ public boolean validate(X509Certificate certificate)
                     logger.debug("Authentication request for certificate with DN [" +
                             certificate.getSubjectX500Principal().getName() + "] failed: " + failed.toString());
                 }
-                SecurityContextHolder.getContext().setAuthentication(null);
+                SecurityContextHolder.clearContext();
                 result = ignoreFailure;
             }
             return result;

security/src/main/java/org/springframework/ws/soap/security/xwss/callback/acegi/AcegiDigestPasswordValidationCallbackHandler.java

@@ -33,6 +33,7 @@
 import org.springframework.dao.DataAccessException;
 import org.springframework.util.Assert;
 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
+import org.springframework.ws.soap.security.callback.CleanupCallback;
 import org.springframework.ws.soap.security.xwss.callback.DefaultTimestampValidator;
 
 /**
@@ -99,6 +100,10 @@ else if (callback instanceof TimestampValidationCallback) {
             timestampCallback.setValidator(new DefaultTimestampValidator());
 
         }
+        else if (callback instanceof CleanupCallback) {
+            SecurityContextHolder.clearContext();
+            return;
+        }
         throw new UnsupportedCallbackException(callback);
     }
 

security/src/main/java/org/springframework/ws/soap/security/xwss/callback/acegi/AcegiPlainTextPasswordValidationCallbackHandler.java

@@ -29,6 +29,7 @@
 
 import org.springframework.util.Assert;
 import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
+import org.springframework.ws.soap.security.callback.CleanupCallback;
 
 /**
  * Callback handler that validates a certificate uses an Acegi <code>AuthenticationManager</code>. Logic based on
@@ -81,6 +82,10 @@ protected void handleInternal(Callback callback) throws IOException, Unsupported
                 return;
             }
         }
+        else if (callback instanceof CleanupCallback) {
+            SecurityContextHolder.clearContext();
+            return;
+        }
         throw new UnsupportedCallbackException(callback);
     }
 
@@ -104,7 +109,7 @@ public boolean validate(PasswordValidationCallback.Request request)
                     logger.debug("Authentication request for user '" + plainTextRequest.getUsername() + "' failed: " +
                             failed.toString());
                 }
-                SecurityContextHolder.getContext().setAuthentication(null);
+                SecurityContextHolder.clearContext();
                 return ignoreFailure;
             }
         }

security/src/main/java/org/springframework/ws/soap/security/xwss/callback/jaas/JaasCertificateValidationCallbackHandler.java

@@ -58,9 +58,9 @@ private class JaasCertificateValidator implements CertificateValidationCallback.
 
         public boolean validate(X509Certificate certificate)
                 throws CertificateValidationCallback.CertificateValidationException {
-            LoginContext loginContext = null;
             Subject subject = new Subject();
             subject.getPrincipals().add(certificate.getSubjectX500Principal());
+            LoginContext loginContext;
             try {
                 loginContext = new LoginContext(getLoginContextName(), subject);
             }

security/src/test/java/org/springframework/ws/soap/security/wss4j/Wss4jMessageInterceptorAcegiCallbackHandlerTestCase.java

@@ -35,6 +35,7 @@ protected void onSetup() throws Exception {
 
     protected void tearDown() throws Exception {
         control.verify();
+        SecurityContextHolder.clearContext();
     }
 
     public void testValidateUsernameTokenPlainText() throws Exception {
@@ -43,6 +44,11 @@ public void testValidateUsernameTokenPlainText() throws Exception {
         MessageContext messageContext = new DefaultMessageContext(message, getMessageFactory());
         interceptor.handleRequest(messageContext, null);
         assertValidateUsernameToken(message);
+
+        // test clean up
+        messageContext.getResponse();
+        interceptor.handleResponse(messageContext, null);
+        assertNull("Authentication created", SecurityContextHolder.getContext().getAuthentication());
     }
 
     public void testValidateUsernameTokenDigest() throws Exception {
@@ -51,16 +57,19 @@ public void testValidateUsernameTokenDigest() throws Exception {
         MessageContext messageContext = new DefaultMessageContext(message, getMessageFactory());
         interceptor.handleRequest(messageContext, null);
         assertValidateUsernameToken(message);
+
+        // test clean up
+        messageContext.getResponse();
+        interceptor.handleResponse(messageContext, null);
+        assertNull("Authentication created", SecurityContextHolder.getContext().getAuthentication());
     }
 
     protected void assertValidateUsernameToken(SoapMessage message) throws Exception {
         Object result = getMessage(message);
         assertNotNull("No result returned", result);
         assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
                 getDocument(message));
-        Authentication authentication = SecurityContextHolder.getContext()
-                .getAuthentication();
-        assertNotNull("authentication must not be null", authentication);
+        assertNotNull("No Authentication created", SecurityContextHolder.getContext().getAuthentication());
     }
 
     protected EndpointInterceptor prepareInterceptor(String actions, boolean validating, boolean digest)