View Javadoc

1   /*
2    * Copyright [2006] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.opensaml.ws.security;
18  
19  import java.security.cert.X509Certificate;
20  import java.util.Arrays;
21  
22  import javax.servlet.ServletRequest;
23  
24  import org.opensaml.xml.security.credential.UsageType;
25  import org.opensaml.xml.security.x509.BasicX509Credential;
26  import org.opensaml.xml.security.x509.X509Credential;
27  
28  /**
29   * An adapter that exposes the X.509 certificates contained in the servlet request attribute.
30   */
31  public class ServletRequestX509CredentialAdapter extends BasicX509Credential implements X509Credential {
32  
33      /** Servlet request attribute to pull certificate info from. */
34      public static final String X509_CERT_REQUEST_ATTRIBUTE = "javax.servlet.request.X509Certificate";
35  
36      /**
37       * Constructor.
38       *
39       * @param request the servlet request
40       */
41      public ServletRequestX509CredentialAdapter(ServletRequest request) {
42          X509Certificate[] chain = (X509Certificate[]) request.getAttribute(X509_CERT_REQUEST_ATTRIBUTE);
43          if (chain == null || chain.length == 0) {
44              throw new IllegalArgumentException("Servlet request does not contain X.509 certificates in attribute "
45                      + X509_CERT_REQUEST_ATTRIBUTE);
46          }
47  
48          setEntityCertificate(chain[0]);
49          setEntityCertificateChain(Arrays.asList(chain));
50          setUsageType(UsageType.SIGNING);
51      }
52  }