org.apache.ws.security.handler.WSHandlerConstants Java Examples
The following examples show how to use
org.apache.ws.security.handler.WSHandlerConstants.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: WSS4JInOutTest.java From steady with Apache License 2.0 | 6 votes |
|
@Test
public void testSignature() throws Exception {
Map<String, String> outProperties = new HashMap<String, String>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
outProperties.put(WSHandlerConstants.USER, "myalias");
outProperties.put("password", "myAliasPassword");
Map<String, String> inProperties = new HashMap<String, String>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
inProperties.put(WSHandlerConstants.SIG_PROP_FILE, "insecurity.properties");
List<String> xpaths = new ArrayList<String>();
xpaths.add("//wsse:Security");
xpaths.add("//wsse:Security/ds:Signature");
List<WSHandlerResult> handlerResults =
getResults(makeInvocation(outProperties, xpaths, inProperties));
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(handlerResults.get(0).getResults(), WSConstants.SIGN);
X509Certificate certificate =
(X509Certificate) actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
assertNotNull(certificate);
}
Example #2
| Source File: IssuedTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = aim.get(SP12Constants.ISSUED_TOKEN);
if (ais == null) {
return;
}
if (!isRequestor(message)) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
parseHandlerResults(results.get(0), message, aim);
}
} else {
//client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
Example #3
| Source File: IssuedTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = aim.get(SP12Constants.ISSUED_TOKEN);
if (ais == null) {
return;
}
if (!isRequestor(message)) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
parseHandlerResults(results.get(0), message, aim);
}
} else {
//client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
Example #4
| Source File: WSS4JOutInterceptorTest.java From steady with Apache License 2.0 | 6 votes |
|
@Test
public void testSignature() throws Exception {
SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
msg.setContent(SOAPMessage.class, saaj);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myAlias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
SOAPPart doc = saaj.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
}
Example #5
| Source File: ImportExportSDKServiceProxy.java From Knowage-Server with GNU Affero General Public License v3.0 | 6 votes |
|
private void _initImportExportSDKServiceProxy() {
try {
it.eng.spagobi.sdk.importexport.stub.ImportExportSDKServiceServiceLocator locator = new it.eng.spagobi.sdk.importexport.stub.ImportExportSDKServiceServiceLocator();
Remote remote = locator.getPort(it.eng.spagobi.sdk.importexport.stub.ImportExportSDKService.class);
Stub axisPort = (Stub) remote;
axisPort._setProperty(WSHandlerConstants.USER, cch.getUsername());
axisPort._setProperty(WSHandlerConstants.PW_CALLBACK_REF, cch);
//axisPort.setTimeout(30000); //used in SpagoBIStudio
importExportSDKService = (it.eng.spagobi.sdk.importexport.stub.ImportExportSDKService) axisPort;
if (importExportSDKService != null) {
if (_endpoint != null)
((javax.xml.rpc.Stub)importExportSDKService)._setProperty("javax.xml.rpc.service.endpoint.address", _endpoint);
else
_endpoint = (String)((javax.xml.rpc.Stub)importExportSDKService)._getProperty("javax.xml.rpc.service.endpoint.address");
}
}
catch (javax.xml.rpc.ServiceException serviceException) {}
}
Example #6
| Source File: WSS4JOutInterceptorTest.java From steady with Apache License 2.0 | 6 votes |
|
@Test
public void testTimestamp() throws Exception {
SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
msg.setContent(SOAPMessage.class, saaj);
ohandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
ohandler.setProperty(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myalias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
SOAPPart doc = saaj.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/wsu:Timestamp", doc);
}
Example #7
| Source File: WSS4JOutInterceptorTest.java From steady with Apache License 2.0 | 6 votes |
|
@Test
public void testEncrypt() throws Exception {
SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
msg.setContent(SOAPMessage.class, saaj);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.ENC_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myalias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
SOAPPart doc = saaj.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//s:Body/xenc:EncryptedData", doc);
}
Example #8
| Source File: UserNameTokenAuthorizationTest.java From steady with Apache License 2.0 | 6 votes |
|
@Test
public void testDigestPasswordUnauthorized() throws Exception {
setUpService("managers", true, false);
String actions = WSHandlerConstants.ENCRYPT + " " + WSHandlerConstants.SIGNATURE + " "
+ WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.USERNAME_TOKEN;
wsIn.setProperty(WSHandlerConstants.ACTION, actions);
wsOut.setProperty(WSHandlerConstants.ACTION, actions);
try {
echo.echo("test");
fail("Exception expected");
} catch (Exception ex) {
assertEquals("Unauthorized", ex.getMessage());
}
}
Example #9
| Source File: KerberosTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
if (ais == null) {
return;
}
if (!isRequestor(message)) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
parseHandlerResults(results.get(0), message, aim);
}
} else {
//client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
Example #10
| Source File: UserNameTokenAuthorizationTest.java From steady with Apache License 2.0 | 6 votes |
|
@Test
public void testDigestPasswordUnauthorized() throws Exception {
setUpService("managers", true, false);
String actions = WSHandlerConstants.ENCRYPT + " " + WSHandlerConstants.SIGNATURE + " "
+ WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.USERNAME_TOKEN;
wsIn.setProperty(WSHandlerConstants.ACTION, actions);
wsOut.setProperty(WSHandlerConstants.ACTION, actions);
try {
echo.echo("test");
fail("Exception expected");
} catch (Exception ex) {
assertEquals("Unauthorized", ex.getMessage());
}
}
Example #11
| Source File: WSS4JOutInterceptorTest.java From steady with Apache License 2.0 | 6 votes |
|
@Test
public void testTimestamp() throws Exception {
SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
msg.setContent(SOAPMessage.class, saaj);
ohandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
ohandler.setProperty(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myalias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
SOAPPart doc = saaj.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/wsu:Timestamp", doc);
}
Example #12
| Source File: UserNameTokenAuthorizationTest.java From steady with Apache License 2.0 | 6 votes |
|
@Test
public void testDigestPasswordUnauthorized() throws Exception {
setUpService("managers", true, false);
String actions = WSHandlerConstants.ENCRYPT + " " + WSHandlerConstants.SIGNATURE + " "
+ WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.USERNAME_TOKEN;
wsIn.setProperty(WSHandlerConstants.ACTION, actions);
wsOut.setProperty(WSHandlerConstants.ACTION, actions);
try {
echo.echo("test");
fail("Exception expected");
} catch (Exception ex) {
assertEquals("Unauthorized", ex.getMessage());
}
}
Example #13
| Source File: AbstractWSS4JInterceptor.java From steady with Apache License 2.0 | 6 votes |
|
protected void translateProperties(SoapMessage msg) {
String bspCompliant = (String)msg.getContextualProperty(SecurityConstants.IS_BSP_COMPLIANT);
if (bspCompliant != null) {
msg.setContextualProperty(WSHandlerConstants.IS_BSP_COMPLIANT, bspCompliant);
}
String futureTTL =
(String)msg.getContextualProperty(SecurityConstants.TIMESTAMP_FUTURE_TTL);
if (futureTTL != null) {
msg.setContextualProperty(WSHandlerConstants.TTL_FUTURE_TIMESTAMP, futureTTL);
}
String ttl =
(String)msg.getContextualProperty(SecurityConstants.TIMESTAMP_TTL);
if (ttl != null) {
msg.setContextualProperty(WSHandlerConstants.TTL_TIMESTAMP, ttl);
}
String certConstraints =
(String)msg.getContextualProperty(SecurityConstants.SUBJECT_CERT_CONSTRAINTS);
if (certConstraints != null) {
msg.setContextualProperty(WSHandlerConstants.SIG_SUBJECT_CERT_CONSTRAINTS, certConstraints);
}
}
Example #14
| Source File: KerberosTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
if (ais == null) {
return;
}
if (!isRequestor(message)) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
parseHandlerResults(results.get(0), message, aim);
}
} else {
//client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
Example #15
| Source File: WSS4JInOutTest.java From steady with Apache License 2.0 | 5 votes |
|
@Test
public void testUsernameTokenSignature() throws Exception {
Map<String, String> outProperties = new HashMap<String, String>();
outProperties.put(
WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.SIGNATURE);
outProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProperties.put(WSHandlerConstants.USER, "alice");
outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
outProperties.put(WSHandlerConstants.SIGNATURE_USER, "myalias");
outProperties.put(
WSHandlerConstants.PW_CALLBACK_CLASS,
"org.apache.cxf.ws.security.wss4j.TestPwdCallback"
);
Map<String, String> inProperties = new HashMap<String, String>();
inProperties.put(
WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.SIGNATURE
);
inProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
inProperties.put(
WSHandlerConstants.PW_CALLBACK_CLASS,
"org.apache.cxf.ws.security.wss4j.TestPwdCallback"
);
inProperties.put(WSHandlerConstants.SIG_PROP_FILE, "insecurity.properties");
List<String> xpaths = new ArrayList<String>();
xpaths.add("//wsse:Security");
xpaths.add("//wsse:Security/ds:Signature");
xpaths.add("//wsse:Security/wsse:UsernameToken");
makeInvocation(outProperties, xpaths, inProperties);
}
Example #16
| Source File: WSS4JOutInterceptorTest.java From steady with Apache License 2.0 | 5 votes |
|
@Test
public void testAddCustomAction() throws Exception {
SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
msg.setContent(SOAPMessage.class, saaj);
CountingUsernameTokenAction action = new CountingUsernameTokenAction();
Map<Object, Object> customActions = new HashMap<Object, Object>(1);
customActions.put(12345, action);
msg.put(WSHandlerConstants.ACTION, "12345");
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "username");
msg.put("password", "myAliasPassword");
msg.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
msg.put(WSS4JOutInterceptor.WSS4J_ACTION_MAP, customActions);
handler.handleMessage(msg);
SOAPPart doc = saaj.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/wsse:UsernameToken", doc);
assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
// Test to see that the plaintext password is used in the header
assertValid("//wsse:Security/wsse:UsernameToken/wsse:Password[text()='myAliasPassword']", doc);
assertEquals(1, action.getExecutions());
}
Example #17
| Source File: UserNameTokenAuthorizationTest.java From steady with Apache License 2.0 | 5 votes |
|
@Test
public void testEncyptedClearPasswordAuthorized() throws Exception {
setUpService("developers", false, true);
String actions = WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.ENCRYPT;
wsIn.setProperty(WSHandlerConstants.ACTION, actions);
wsOut.setProperty(WSHandlerConstants.ACTION, actions);
assertEquals("test", echo.echo("test"));
}
Example #18
| Source File: STSConfigAdmin.java From carbon-identity with Apache License 2.0 | 5 votes |
|
public static Parameter getPasswordCallBackRefParameter() throws AxisFault {
Parameter param = new Parameter();
param.setName(WSHandlerConstants.PW_CALLBACK_REF);
try {
param.setValue(new IPPasswordCallbackHandler());
} catch (Exception e) {
log.error(e.getMessage(), e);
throw new AxisFault(e.getMessage(), e);
}
return param;
}
Example #19
| Source File: WSS4JInOutTest.java From steady with Apache License 2.0 | 5 votes |
|
@Test
public void testUsernameTokenSignature() throws Exception {
Map<String, String> outProperties = new HashMap<String, String>();
outProperties.put(
WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.SIGNATURE);
outProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProperties.put(WSHandlerConstants.USER, "alice");
outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
outProperties.put(WSHandlerConstants.SIGNATURE_USER, "myalias");
outProperties.put(
WSHandlerConstants.PW_CALLBACK_CLASS,
"org.apache.cxf.ws.security.wss4j.TestPwdCallback"
);
Map<String, String> inProperties = new HashMap<String, String>();
inProperties.put(
WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.SIGNATURE
);
inProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
inProperties.put(
WSHandlerConstants.PW_CALLBACK_CLASS,
"org.apache.cxf.ws.security.wss4j.TestPwdCallback"
);
inProperties.put(WSHandlerConstants.SIG_PROP_FILE, "insecurity.properties");
List<String> xpaths = new ArrayList<String>();
xpaths.add("//wsse:Security");
xpaths.add("//wsse:Security/ds:Signature");
xpaths.add("//wsse:Security/wsse:UsernameToken");
makeInvocation(outProperties, xpaths, inProperties);
}
Example #20
| Source File: ReceivedTokenCallbackHandler.java From steady with Apache License 2.0 | 5 votes |
|
private Element getTokenFromMessage(SoapMessage soapMessage) {
if (soapMessage != null) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)soapMessage.get(WSHandlerConstants.RECV_RESULTS));
if (results != null) {
for (WSHandlerResult rResult : results) {
Element token = findToken(rResult.getResults());
if (token != null) {
return token;
}
}
}
}
return null;
}
Example #21
| Source File: SamlTokenInterceptor.java From steady with Apache License 2.0 | 5 votes |
|
private void processSamlToken(SoapMessage message) {
Header h = findSecurityHeader(message, false);
if (h == null) {
return;
}
Element el = (Element)h.getObject();
Element child = DOMUtils.getFirstElement(el);
while (child != null) {
if ("Assertion".equals(child.getLocalName())) {
try {
List<WSSecurityEngineResult> samlResults = processToken(child, message);
if (samlResults != null) {
List<WSHandlerResult> results = CastUtils.cast((List<?>)message
.get(WSHandlerConstants.RECV_RESULTS));
if (results == null) {
results = new ArrayList<WSHandlerResult>();
message.put(WSHandlerConstants.RECV_RESULTS, results);
}
WSHandlerResult rResult = new WSHandlerResult(null, samlResults);
results.add(0, rResult);
assertSamlTokens(message);
Principal principal =
(Principal)samlResults.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL);
message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, principal);
SecurityContext sc = message.get(SecurityContext.class);
if (sc == null || sc.getUserPrincipal() == null) {
message.put(SecurityContext.class, new DefaultSecurityContext(principal, null));
}
}
} catch (WSSecurityException ex) {
throw new Fault(ex);
}
}
child = DOMUtils.getNextElement(child);
}
}
Example #22
| Source File: SamlTokenInterceptor.java From steady with Apache License 2.0 | 5 votes |
|
private void processSamlToken(SoapMessage message) {
Header h = findSecurityHeader(message, false);
if (h == null) {
return;
}
Element el = (Element)h.getObject();
Element child = DOMUtils.getFirstElement(el);
while (child != null) {
if ("Assertion".equals(child.getLocalName())) {
try {
List<WSSecurityEngineResult> samlResults = processToken(child, message);
if (samlResults != null) {
List<WSHandlerResult> results = CastUtils.cast((List<?>)message
.get(WSHandlerConstants.RECV_RESULTS));
if (results == null) {
results = new ArrayList<WSHandlerResult>();
message.put(WSHandlerConstants.RECV_RESULTS, results);
}
WSHandlerResult rResult = new WSHandlerResult(null, samlResults);
results.add(0, rResult);
assertSamlTokens(message);
Principal principal =
(Principal)samlResults.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL);
message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, principal);
SecurityContext sc = message.get(SecurityContext.class);
if (sc == null || sc.getUserPrincipal() == null) {
message.put(SecurityContext.class, new DefaultSecurityContext(principal, null));
}
}
} catch (WSSecurityException ex) {
throw new Fault(ex);
}
}
child = DOMUtils.getNextElement(child);
}
}
Example #23
| Source File: SymmetricBindingHandler.java From steady with Apache License 2.0 | 5 votes |
|
private String getEncryptedKey() {
List<WSHandlerResult> results = CastUtils.cast((List<?>)message.getExchange().getInMessage()
.get(WSHandlerConstants.RECV_RESULTS));
for (WSHandlerResult rResult : results) {
List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
for (WSSecurityEngineResult wser : wsSecEngineResults) {
Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
String encryptedKeyID = (String)wser.get(WSSecurityEngineResult.TAG_ID);
if (actInt.intValue() == WSConstants.ENCR
&& encryptedKeyID != null
&& encryptedKeyID.length() != 0) {
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok = new SecurityToken(encryptedKeyID, created, expires);
tempTok.setSecret((byte[])wser.get(WSSecurityEngineResult.TAG_SECRET));
tempTok.setSHA1(getSHA1((byte[])wser
.get(WSSecurityEngineResult.TAG_ENCRYPTED_EPHEMERAL_KEY)));
tokenStore.add(tempTok);
return encryptedKeyID;
}
}
}
return null;
}
Example #24
| Source File: BehaviouralServiceProxy.java From Knowage-Server with GNU Affero General Public License v3.0 | 5 votes |
|
private void _initBehaviouralServiceProxy() {
// try {
// behaviouralService = (new
// BehaviouralServiceServiceLocator()).getBehaviouralService();
// if (behaviouralService != null) {
// if (_endpoint != null)
// ((javax.xml.rpc.Stub)
// behaviouralService)._setProperty("javax.xml.rpc.service.endpoint.address",
// _endpoint);
// else
// _endpoint = (String) ((javax.xml.rpc.Stub)
// behaviouralService)._getProperty("javax.xml.rpc.service.endpoint.address");
// }
//
// } catch (javax.xml.rpc.ServiceException serviceException) {
// }
try {
it.eng.spagobi.sdk.behavioural.stub.BehaviouralServiceServiceLocator locator = new it.eng.spagobi.sdk.behavioural.stub.BehaviouralServiceServiceLocator();
Remote remote = locator.getPort(it.eng.spagobi.sdk.behavioural.stub.BehaviouralService.class);
Stub axisPort = (Stub) remote;
axisPort._setProperty(WSHandlerConstants.USER, cch.getUsername());
axisPort._setProperty(WSHandlerConstants.PW_CALLBACK_REF, cch);
// axisPort.setTimeout(30000); //used in SpagoBIStudio
behaviouralService = (it.eng.spagobi.sdk.behavioural.stub.BehaviouralService) axisPort;
if (behaviouralService != null) {
if (_endpoint != null)
((javax.xml.rpc.Stub) behaviouralService)._setProperty("javax.xml.rpc.service.endpoint.address", _endpoint);
else
_endpoint = (String) ((javax.xml.rpc.Stub) behaviouralService)._getProperty("javax.xml.rpc.service.endpoint.address");
}
} catch (javax.xml.rpc.ServiceException serviceException) {
}
}
Example #25
| Source File: UserNameTokenAuthorizationTest.java From steady with Apache License 2.0 | 5 votes |
|
@Test
public void testEncyptedClearPasswordAuthorized() throws Exception {
setUpService("developers", false, true);
String actions = WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.ENCRYPT;
wsIn.setProperty(WSHandlerConstants.ACTION, actions);
wsOut.setProperty(WSHandlerConstants.ACTION, actions);
assertEquals("test", echo.echo("test"));
}
Example #26
| Source File: ReceivedTokenCallbackHandler.java From steady with Apache License 2.0 | 5 votes |
|
private Element getTokenFromMessage(SoapMessage soapMessage) {
if (soapMessage != null) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)soapMessage.get(WSHandlerConstants.RECV_RESULTS));
if (results != null) {
for (WSHandlerResult rResult : results) {
Element token = findToken(rResult.getResults());
if (token != null) {
return token;
}
}
}
}
return null;
}
Example #27
| Source File: AbstractPolicySecurityTest.java From steady with Apache License 2.0 | 5 votes |
|
protected PolicyBasedWSS4JInInterceptor getInInterceptor(List<CoverageType> types) {
PolicyBasedWSS4JInInterceptor inHandler = new PolicyBasedWSS4JInInterceptor();
String action = "";
for (CoverageType type : types) {
switch(type) {
case SIGNED:
action += " " + WSHandlerConstants.SIGNATURE;
break;
case ENCRYPTED:
action += " " + WSHandlerConstants.ENCRYPT;
break;
default:
fail("Unsupported coverage type.");
}
}
inHandler.setProperty(WSHandlerConstants.ACTION, action);
inHandler.setProperty(WSHandlerConstants.SIG_PROP_FILE,
"insecurity.properties");
inHandler.setProperty(WSHandlerConstants.DEC_PROP_FILE,
"insecurity.properties");
inHandler.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,
TestPwdCallback.class.getName());
inHandler.setProperty(WSHandlerConstants.IS_BSP_COMPLIANT, "false");
return inHandler;
}
Example #28
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 5 votes |
|
public AbstractBindingBuilder(
WSSConfig config,
Binding binding,
SOAPMessage saaj,
WSSecHeader secHeader,
AssertionInfoMap aim,
SoapMessage message) {
this.wssConfig = config;
this.binding = binding;
this.aim = aim;
this.secHeader = secHeader;
this.saaj = saaj;
this.message = message;
message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures);
}
Example #29
| Source File: WSS4JInOutTest.java From steady with Apache License 2.0 | 5 votes |
|
@Test
public void testUsernameToken() throws Exception {
Map<String, String> outProperties = new HashMap<String, String>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
outProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProperties.put(WSHandlerConstants.USER, "alice");
outProperties.put("password", "alicePassword");
Map<String, String> inProperties = new HashMap<String, String>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
inProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
inProperties.put(WSHandlerConstants.PASSWORD_TYPE_STRICT, "false");
inProperties.put(
WSHandlerConstants.PW_CALLBACK_CLASS,
"org.apache.cxf.ws.security.wss4j.TestPwdCallback"
);
List<String> xpaths = new ArrayList<String>();
xpaths.add("//wsse:Security");
//
// This should pass, as even though passwordType is set to digest, we are
// overriding the default handler behaviour of requiring a strict password
// type
//
makeInvocation(outProperties, xpaths, inProperties);
//
// This should fail, as we are requiring a digest password type
//
inProperties.put(WSHandlerConstants.PASSWORD_TYPE_STRICT, "true");
try {
makeInvocation(outProperties, xpaths, inProperties);
fail("Failure expected on the wrong password type");
} catch (org.apache.cxf.interceptor.Fault fault) {
// expected
}
}
Example #30
| Source File: WSS4JOutInterceptor.java From steady with Apache License 2.0 | 5 votes |
|
@Override
public Object getProperty(Object msgContext, String key) {
// use the superclass first
Object result = super.getProperty(msgContext, key);
// handle the special case of the RECV_RESULTS
if (result == null
&& WSHandlerConstants.RECV_RESULTS.equals(key)
&& !this.isRequestor((SoapMessage)msgContext)) {
result = ((SoapMessage)msgContext).getExchange().getInMessage().get(key);
}
return result;
}
