Java – TAXII – Collection Management Endpoint


As a followup to my last post, here’s a partial implementation of the collection management endpoint for a TAXII server. I added error handling via the TAXII status message response too.

    @POST
    @Path("collection")
    @Consumes (MediaType.APPLICATION_XML)
    @Produces (MediaType.APPLICATION_XML)
    public Response collection(@Context HttpServletRequest request, String x) {
        CollectionInformationRequest collectionRequest = null;
        SubscriptionManagementRequest subscriptionRequest = null;
        try {
            //printHeaders(request);

            System.out.println("---------- Request:");
            Object requestObject = getRequestObject(x);
            if(requestObject instanceof CollectionInformationRequest) {
                collectionRequest = (CollectionInformationRequest) requestObject;
            } else if(requestObject instanceof SubscriptionManagementRequest) {
                subscriptionRequest = (SubscriptionManagementRequest) requestObject;
            } else {
                throw new Exception("Unsupported request type");
            }
            
            System.out.println("---------- Response:");
            if(collectionRequest != null) {
                System.out.println(toXml(collectionRequest));

                List collections = new ArrayList();
                collections.add(factory.createCollectionRecordType()
                        .withAvailable(true)
                        .withCollectionType(CollectionTypeEnum.DATA_FEED)
                        .withCollectionName("default")
                        .withDescription("Default data set description")
                        .withPollingServices(factory.createServiceContactInfoType()
                                .withAddress("/poll")
                                .withMessageBindings(Versions.VID_TAXII_XML_11)
                                .withProtocolBinding(Versions.VID_TAXII_HTTP_10)
                        )
                        .withSubscriptionServices(factory.createServiceContactInfoType()
                                .withAddress("/collection")
                                .withMessageBindings(Versions.VID_TAXII_XML_11)
                                .withProtocolBinding(Versions.VID_TAXII_HTTP_10)
                        )
                        .withContentBindings(factory.createContentBindingIDType().withBindingId(ContentBindings.CB_STIX_XML_111))
                );

                CollectionInformationResponse collectionResponse = factory.createCollectionInformationResponse()
                        .withInResponseTo(collectionRequest.getMessageId())
                        .withMessageId(MessageHelper.generateMessageId())
                        .withCollections(collections);

                String responseString = toXml(collectionResponse);
                System.out.println(taxiiXml.marshalToString(collectionResponse, true));

                return generateResponse(responseString, request);
            } else {
                System.out.println(toXml(subscriptionRequest));
                
                String subscriptionId = subscriptionRequest.getSubscriptionID(); // Should be null on a subscribe
                CollectionActionEnum action = subscriptionRequest.getAction();
                PushParameterType pushLocation = subscriptionRequest.getPushParameters();
                
                // Gather type, query, content bindings so we know what kind of delivery they want
                // Store/update their subscription based on the desired action.  
                // Pause/Resume are tricky because you need to pick up where they paused and send what they missed
                
                SubscriptionManagementRequest subscriptionResponse = factory.createSubscriptionManagementRequest()
                        .withMessageId(MessageHelper.generateMessageId())
                        .withSubscriptionID(subscriptionId)
                        .withCollectionName(subscriptionRequest.getCollectionName())
                        .withAction(subscriptionRequest.getAction());
                
                String responseString = toXml(subscriptionResponse);
                return generateResponse(responseString, request);
            }
        } catch(Exception ex) {
            return handleError(ex, request, collectionRequest);
        }
    }

    private Response handleError(Exception ex, HttpServletRequest httpRequest, RequestMessageType taxiiRequest) {
        ex.printStackTrace();
        try {
            StatusMessage status = factory.createStatusMessage()
                    .withMessage("Error: " + ex.getMessage())
                    .withInResponseTo(taxiiRequest != null ? taxiiRequest.getMessageId() : null)
                    .withMessageId(MessageHelper.generateMessageId())
                    .withStatusType(StatusTypeEnum.FAILURE.value());
            String responseString = toXml(status);
            return generateResponse(responseString, httpRequest);
        } catch(Exception e) {
            e.printStackTrace();
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); 
        }
    }

Advertisements

One thought on “Java – TAXII – Collection Management Endpoint

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s