summaryrefslogtreecommitdiffstats
path: root/java/sca/modules/binding-ws-axis2/src/main
diff options
context:
space:
mode:
authorslaws <slaws@13f79535-47bb-0310-9956-ffa450edef68>2008-09-15 08:07:58 +0000
committerslaws <slaws@13f79535-47bb-0310-9956-ffa450edef68>2008-09-15 08:07:58 +0000
commitfa51018b6c24f598ae8174afa183b0b46436e69b (patch)
treeb6c37b85d26f0755ba95200227ea942bd2135c00 /java/sca/modules/binding-ws-axis2/src/main
parent5c5b60f1525a5865a3c2bc35263224c2cd79c713 (diff)
More work exploring the policy extension model by implementing a token based authentication schema across binding.ws and binding.jm. No authentication is actually performed here. That is left for users to provide their own policy interceptors. However tokens are passed and security Subjects/Principals are created. This exercise has highlighted some awkwardness in the process of building policy implementations. I'll post about this on the mail list.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@695374 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'java/sca/modules/binding-ws-axis2/src/main')
-rw-r--r--java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java31
-rw-r--r--java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java2
-rw-r--r--java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java40
-rw-r--r--java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferenceBindingConfigurator.java86
-rw-r--r--java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java (renamed from java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServiceBindingConfigurator.java)68
-rw-r--r--java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java66
6 files changed, 182 insertions, 111 deletions
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java
index 81db43c701..d468370a7e 100644
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java
@@ -21,6 +21,7 @@ package org.apache.tuscany.sca.binding.ws.axis2;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
+import java.util.ArrayList;
import java.util.List;
import javax.xml.namespace.QName;
@@ -41,7 +42,10 @@ import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.axis2.wsdl.WSDLConstants;
import org.apache.tuscany.sca.assembly.xml.Constants;
import org.apache.tuscany.sca.binding.ws.WebServiceBinding;
-import org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic.Axis2BasicAuthenticationReferenceBindingConfigurator;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.token.Axis2TokenAuthenticationPolicy;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.configurator.Axis2BindingBasicAuthenticationConfigurator;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.configurator.Axis2BindingHeaderConfigurator;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2HeaderPolicy;
import org.apache.tuscany.sca.interfacedef.util.FaultException;
import org.apache.tuscany.sca.invocation.DataExchangeSemantics;
import org.apache.tuscany.sca.invocation.Invoker;
@@ -74,7 +78,10 @@ public class Axis2BindingInvoker implements Invoker, DataExchangeSemantics {
private SOAPFactory soapFactory;
private List<PolicyHandler> policyHandlerList = null;
private WebServiceBinding wsBinding;
+
private BasicAuthenticationPolicy basicAuthenticationPolicy = null;
+ private Axis2TokenAuthenticationPolicy axis2TokenAuthenticationPolicy = null;
+ private List<Axis2HeaderPolicy> axis2HeaderPolicies = new ArrayList<Axis2HeaderPolicy>();
public Axis2BindingInvoker(Axis2ServiceClient serviceClient,
QName wsdlOperationName,
@@ -96,7 +103,11 @@ public class Axis2BindingInvoker implements Invoker, DataExchangeSemantics {
for (Object p : ps.getPolicies()) {
if (BasicAuthenticationPolicy.class.isInstance(p)) {
basicAuthenticationPolicy = (BasicAuthenticationPolicy)p;
- } else {
+ } else if (Axis2TokenAuthenticationPolicy.class.isInstance(p)) {
+ axis2TokenAuthenticationPolicy = (Axis2TokenAuthenticationPolicy)p;
+ } else if (Axis2HeaderPolicy.class.isInstance(p)) {
+ axis2HeaderPolicies.add((Axis2HeaderPolicy)p);
+ }else {
// etc. check for other types of policy being present
}
}
@@ -138,8 +149,17 @@ public class Axis2BindingInvoker implements Invoker, DataExchangeSemantics {
policyHandler.beforeInvoke(msg, requestMC, operationClient);
}
+ // set policy specified headers
+ for (Axis2HeaderPolicy policy : axis2HeaderPolicies){
+ Axis2BindingHeaderConfigurator.setHeader(requestMC, msg, policy.getHeaderName());
+ }
+
if (basicAuthenticationPolicy != null) {
- Axis2BasicAuthenticationReferenceBindingConfigurator.setOperationOptions(operationClient, msg, basicAuthenticationPolicy);
+ Axis2BindingBasicAuthenticationConfigurator.setOperationOptions(operationClient, msg, basicAuthenticationPolicy);
+ }
+
+ if (axis2TokenAuthenticationPolicy != null) {
+ Axis2BindingHeaderConfigurator.setHeader(requestMC, msg, axis2TokenAuthenticationPolicy.getTokenName());
}
// Allow privileged access to read properties. Requires PropertiesPermission read in
@@ -238,6 +258,11 @@ public class Axis2BindingInvoker implements Invoker, DataExchangeSemantics {
sh.addChild(epr);
requestMC.setFrom(fromEPR);
}
+
+ // Set any message headers required by policy
+ // Get the header from the tuscany message
+ // If its not already an OM convert it to OM
+ // add it to the envelope header
// if target endpoint was not specified when this invoker was created,
// use dynamically specified target endpoint passed in on this call
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java
index 438e989d85..0d3916019f 100644
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java
@@ -69,12 +69,12 @@ import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
import org.apache.commons.httpclient.params.HttpConnectionManagerParams;
import org.apache.tuscany.sca.assembly.AbstractContract;
import org.apache.tuscany.sca.binding.ws.WebServiceBinding;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.configuration.Axis2ConfigParamPolicy;
import org.apache.tuscany.sca.interfacedef.Operation;
import org.apache.tuscany.sca.invocation.Invoker;
import org.apache.tuscany.sca.invocation.MessageFactory;
import org.apache.tuscany.sca.policy.PolicySet;
import org.apache.tuscany.sca.policy.PolicySetAttachPoint;
-import org.apache.tuscany.sca.policy.security.ws.Axis2ConfigParamPolicy;
import org.apache.tuscany.sca.policy.util.PolicyHandler;
import org.apache.tuscany.sca.policy.util.PolicyHandlerTuple;
import org.apache.tuscany.sca.policy.util.PolicyHandlerUtils;
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java
index 01eddb89d1..c51a5bad29 100644
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java
@@ -74,7 +74,12 @@ import org.apache.tuscany.sca.assembly.AbstractContract;
import org.apache.tuscany.sca.assembly.Binding;
import org.apache.tuscany.sca.binding.ws.WebServiceBinding;
import org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceClient.URIResolverImpl;
-import org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic.Axis2BasicAuthenticationServiceBindingConfigurator;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.token.Axis2TokenAuthenticationPolicy;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.configuration.Axis2ConfigParamPolicy;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.configurator.Axis2BindingBasicAuthenticationConfigurator;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.configurator.Axis2BindingHeaderConfigurator;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2HeaderPolicy;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2SOAPHeaderString;
import org.apache.tuscany.sca.core.assembly.EndpointReferenceImpl;
import org.apache.tuscany.sca.host.http.ServletHost;
import org.apache.tuscany.sca.interfacedef.Interface;
@@ -86,7 +91,6 @@ import org.apache.tuscany.sca.invocation.MessageFactory;
import org.apache.tuscany.sca.policy.PolicySet;
import org.apache.tuscany.sca.policy.PolicySetAttachPoint;
import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy;
-import org.apache.tuscany.sca.policy.security.ws.Axis2ConfigParamPolicy;
import org.apache.tuscany.sca.policy.util.PolicyHandler;
import org.apache.tuscany.sca.policy.util.PolicyHandlerTuple;
import org.apache.tuscany.sca.policy.util.PolicyHandlerUtils;
@@ -126,7 +130,10 @@ public class Axis2ServiceProvider {
private List<PolicyHandlerTuple> policyHandlerClassnames = null;
private List<PolicyHandler> policyHandlerList = new ArrayList<PolicyHandler>();
private Map<String, Port> urlMap = new HashMap<String, Port>();
+
private BasicAuthenticationPolicy basicAuthenticationPolicy = null;
+ private Axis2TokenAuthenticationPolicy axis2TokenAuthenticationPolicy = null;
+ private List<Axis2HeaderPolicy> axis2HeaderPolicies = new ArrayList<Axis2HeaderPolicy>();
public static final QName QNAME_WSA_ADDRESS =
new QName(AddressingConstants.Final.WSA_NAMESPACE, AddressingConstants.EPR_ADDRESS);
@@ -207,6 +214,10 @@ public class Axis2ServiceProvider {
for (Object p : ps.getPolicies()) {
if (BasicAuthenticationPolicy.class.isInstance(p)) {
basicAuthenticationPolicy = (BasicAuthenticationPolicy)p;
+ } else if (Axis2TokenAuthenticationPolicy.class.isInstance(p)) {
+ axis2TokenAuthenticationPolicy = (Axis2TokenAuthenticationPolicy)p;
+ } else if (Axis2HeaderPolicy.class.isInstance(p)) {
+ axis2HeaderPolicies.add((Axis2HeaderPolicy)p);
} else {
// etc. check for other types of policy being present
}
@@ -640,6 +651,11 @@ public class Axis2ServiceProvider {
String callbackAddress = null;
String callbackID = null;
Object conversationID = null;
+
+ // create a message object and set the args as its body
+ Message msg = messageFactory.createMessage();
+ msg.setBody(args);
+ msg.setOperation(op);
//FIXME: can we use the Axis2 addressing support for this?
SOAPHeader header = inMC.getEnvelope().getHeader();
@@ -668,12 +684,20 @@ public class Axis2ServiceProvider {
}
}
}
+
+ // get policy specified headers
+ for (Axis2HeaderPolicy policy : axis2HeaderPolicies){
+ //Axis2BindingHeaderConfigurator.getHeader(inMC, msg, policy.getHeaderName());
+ }
+
+ if (axis2TokenAuthenticationPolicy != null) {
+ Axis2SOAPHeaderString tokenHeader = new Axis2SOAPHeaderString();
+ Axis2BindingHeaderConfigurator.getHeader(inMC,
+ msg,
+ axis2TokenAuthenticationPolicy.getTokenName(),
+ tokenHeader);
+ }
}
-
- // create a message object and set the args as its body
- Message msg = messageFactory.createMessage();
- msg.setBody(args);
- msg.setOperation(op);
//fill message with QoS context info
fillQoSContext(msg, inMC);
@@ -705,7 +729,7 @@ public class Axis2ServiceProvider {
}
if (basicAuthenticationPolicy != null) {
- Axis2BasicAuthenticationServiceBindingConfigurator.parseHTTPHeader(inMC, msg, basicAuthenticationPolicy);
+ Axis2BindingBasicAuthenticationConfigurator.parseHTTPHeader(inMC, msg, basicAuthenticationPolicy);
}
// find the runtime wire and invoke it with the message
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferenceBindingConfigurator.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferenceBindingConfigurator.java
deleted file mode 100644
index 2bc6bff3c7..0000000000
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferenceBindingConfigurator.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
-
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.apache.axis2.AxisFault;
-import org.apache.axis2.client.OperationClient;
-import org.apache.axis2.client.ServiceClient;
-import org.apache.axis2.context.ConfigurationContext;
-import org.apache.axis2.context.MessageContext;
-import org.apache.axis2.description.Parameter;
-import org.apache.axis2.transport.http.HTTPConstants;
-import org.apache.axis2.transport.http.HttpTransportProperties;
-import org.apache.axis2.transport.http.HttpTransportProperties.Authenticator;
-import org.apache.tuscany.sca.invocation.Message;
-import org.apache.tuscany.sca.policy.Policy;
-import org.apache.tuscany.sca.policy.PolicySet;
-import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy;
-import org.osoa.sca.ServiceRuntimeException;
-
-/**
- * Policy handler to handle PolicySet that contain Axis2ConfigParamPolicy instances
- *
- * @version $Rev$ $Date$
- */
-public class Axis2BasicAuthenticationReferenceBindingConfigurator {
-
-
- public static void setOperationOptions(OperationClient operationClient, Message msg, BasicAuthenticationPolicy policy) {
-
- // get security context
- String securityPrincipal = (String)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL);
- String username = null;
- String password = null;
-
- // could use the security principal to look up basic auth credentials
- if ( securityPrincipal != null ) {
- // look up usename and password based on security principal
- } else {
- // take the message username and password
- username = (String)msg.getQoSContext().get(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_USERNAME);
- password = (String)msg.getQoSContext().get(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_PASSWORD);
-
- if (username == null){
- username = policy.getUserName();
- password = policy.getPassword();
- }
- }
-
- if (username == null || password == null ){
- throw new ServiceRuntimeException("Basic authenication username or password is null");
- }
-
- HttpTransportProperties.Authenticator authenticator = new HttpTransportProperties.Authenticator();
- List<String> auth = new ArrayList<String>();
- auth.add(Authenticator.BASIC);
- authenticator.setAuthSchemes(auth);
- authenticator.setPreemptiveAuthentication(true);
- authenticator.setUsername(username);
- authenticator.setPassword(password);
-
- operationClient.getOptions().setProperty(HTTPConstants.AUTHENTICATE,
- authenticator);
- }
-
-}
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServiceBindingConfigurator.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java
index 6d311faec5..58f7c11f60 100644
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServiceBindingConfigurator.java
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingBasicAuthenticationConfigurator.java
@@ -17,11 +17,15 @@
* under the License.
*/
-package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
+package org.apache.tuscany.sca.binding.ws.axis2.policy.configurator;
import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
import java.util.Map;
+import javax.security.auth.Subject;
+
import org.apache.axiom.om.util.Base64;
import org.apache.axis2.AxisFault;
import org.apache.axis2.client.OperationClient;
@@ -29,20 +33,58 @@ import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.Parameter;
+import org.apache.axis2.transport.http.HTTPConstants;
+import org.apache.axis2.transport.http.HttpTransportProperties;
+import org.apache.axis2.transport.http.HttpTransportProperties.Authenticator;
import org.apache.tuscany.sca.invocation.Message;
+import org.apache.tuscany.sca.policy.Policy;
import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.SecurityUtil;
import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy;
-import org.apache.tuscany.sca.policy.util.PolicyHandler;
+import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPrincipal;
+import org.osoa.sca.ServiceRuntimeException;
/**
- * Deal with basic authentication configuration at the service
+ * Policy handler to handle PolicySet that contain Axis2ConfigParamPolicy instances
*
* @version $Rev$ $Date$
*/
-public class Axis2BasicAuthenticationServiceBindingConfigurator {
+public class Axis2BindingBasicAuthenticationConfigurator {
+
+
+ public static void setOperationOptions(OperationClient operationClient, Message msg, BasicAuthenticationPolicy policy) {
+ String username = null;
+ String password = null;
+ // get the security context
+ Subject subject = SecurityUtil.getSubject(msg);
+ BasicAuthenticationPrincipal principal = SecurityUtil.getPrincipal(subject,
+ BasicAuthenticationPrincipal.class);
+
+ // could use the security principal to look up basic auth credentials
+ if ( principal != null ) {
+ username = ((BasicAuthenticationPrincipal)principal).getName();
+ password = ((BasicAuthenticationPrincipal)principal).getPassword();
+ }
+
+ if (username == null || password == null ){
+ throw new ServiceRuntimeException("Basic authentication username or password is null");
+ }
+
+ HttpTransportProperties.Authenticator authenticator = new HttpTransportProperties.Authenticator();
+ List<String> auth = new ArrayList<String>();
+ auth.add(Authenticator.BASIC);
+ authenticator.setAuthSchemes(auth);
+ authenticator.setPreemptiveAuthentication(true);
+ authenticator.setUsername(username);
+ authenticator.setPassword(password);
+
+ operationClient.getOptions().setProperty(HTTPConstants.AUTHENTICATE,
+ authenticator);
+ }
+
public static void parseHTTPHeader(MessageContext messageContext, Message msg, BasicAuthenticationPolicy policy) {
-
+
Map httpHeaderProperties = (Map)messageContext.getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
String basicAuthString = (String)httpHeaderProperties.get("Authorization");
@@ -67,11 +109,11 @@ public class Axis2BasicAuthenticationServiceBindingConfigurator {
}
}
- // set the security context.
- msg.getQoSContext().put(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_USERNAME,
- username);
- msg.getQoSContext().put(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_PASSWORD,
- password);
+ // get the security context
+ Subject subject = SecurityUtil.getSubject(msg);
+ BasicAuthenticationPrincipal principal = new BasicAuthenticationPrincipal(username,
+ password);
+ subject.getPrincipals().add(principal);
// Set the http headers
// This is just an experiment, looking at the alternatives to extracting
@@ -79,8 +121,8 @@ public class Axis2BasicAuthenticationServiceBindingConfigurator {
// could be deferred to the interceptor. Asymetric though when compared with the
// reference support.
// how to defined the scheme for message headers?
- msg.getHeader().put("httpheaders", httpHeaderProperties);
+ msg.getHeaders().put("httpheaders", httpHeaderProperties);
}
-
-
+
+
}
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java
new file mode 100644
index 0000000000..0c3577104b
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configurator/Axis2BindingHeaderConfigurator.java
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.tuscany.sca.binding.ws.axis2.policy.configurator;
+
+
+
+import javax.xml.namespace.QName;
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.axiom.soap.SOAPEnvelope;
+import org.apache.axiom.soap.SOAPHeader;
+import org.apache.axis2.context.MessageContext;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.header.Axis2SOAPHeader;
+import org.apache.tuscany.sca.invocation.Message;
+
+
+/**
+ * Policy handler to handle PolicySet that contain Axis2ConfigParamPolicy instances
+ *
+ * @version $Rev$ $Date$
+ */
+public class Axis2BindingHeaderConfigurator {
+
+
+ public static void setHeader(MessageContext messageContext, Message msg, QName headerQName) {
+
+ if (headerQName != null){
+ SOAPEnvelope envelope = messageContext.getEnvelope();
+ OMFactory factory = envelope.getOMFactory();
+ SOAPHeader soapHeader = envelope.getHeader();
+
+ Axis2SOAPHeader header = (Axis2SOAPHeader)msg.getHeaders().get(headerQName.toString());
+
+ soapHeader.addChild(header.getAsSOAPHeaderBlock(factory));
+ }
+ }
+
+ public static void getHeader(MessageContext messageContext, Message msg, QName headerQName, Axis2SOAPHeader header) {
+
+ SOAPEnvelope sev = messageContext.getEnvelope();
+ SOAPHeader sh = sev.getHeader();
+ OMElement omHeader = sh.getFirstChildWithName(headerQName);
+
+ header.setAsSOAPHeaderBlock(omHeader);
+
+ msg.getHeaders().put(headerQName.toString(), header);
+ }
+
+}