org.apache.ws.security.message.WSSecUsernameToken Java Examples
The following examples show how to use
org.apache.ws.security.message.WSSecUsernameToken.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SymmetricBindingHandler.java From steady with Apache License 2.0 | 6 votes |
|
private String setupUTDerivedKey(UsernameToken sigToken) throws WSSecurityException {
boolean useMac = hasSignedPartsOrElements();
WSSecUsernameToken usernameToken = addDKUsernameToken(sigToken, useMac);
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok =
new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
tempTok.setSecret(secret);
tokenStore.add(tempTok);
return id;
}
Example #2
| Source File: SymmetricBindingHandler.java From steady with Apache License 2.0 | 6 votes |
|
private String setupUTDerivedKey(UsernameToken sigToken) throws WSSecurityException {
boolean useMac = hasSignedPartsOrElements();
WSSecUsernameToken usernameToken = addDKUsernameToken(sigToken, useMac);
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok =
new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
tempTok.setSecret(secret);
tokenStore.add(tempTok);
return id;
}
Example #3
| Source File: UsernameTokenInterceptor.java From steady with Apache License 2.0 | 6 votes |
|
private void addUsernameToken(SoapMessage message) {
UsernameToken tok = assertUsernameTokens(message, null);
Header h = findSecurityHeader(message, true);
WSSecUsernameToken utBuilder =
addUsernameToken(message, tok);
if (utBuilder == null) {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
Collection<AssertionInfo> ais = aim.getAssertionInfo(SP12Constants.USERNAME_TOKEN);
for (AssertionInfo ai : ais) {
if (ai.isAsserted()) {
ai.setAsserted(false);
}
}
return;
}
Element el = (Element)h.getObject();
utBuilder.prepare(el.getOwnerDocument());
el.appendChild(utBuilder.getUsernameTokenElement());
}
Example #4
| Source File: SymmetricBindingHandler.java From steady with Apache License 2.0 | 6 votes |
|
private String setupUTDerivedKey(UsernameToken sigToken) throws WSSecurityException {
boolean useMac = hasSignedPartsOrElements();
WSSecUsernameToken usernameToken = addDKUsernameToken(sigToken, useMac);
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok =
new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
tempTok.setSecret(secret);
tokenStore.add(tempTok);
return id;
}
Example #5
| Source File: UsernameTokenInterceptor.java From steady with Apache License 2.0 | 6 votes |
|
private void addUsernameToken(SoapMessage message) {
UsernameToken tok = assertUsernameTokens(message, null);
Header h = findSecurityHeader(message, true);
WSSecUsernameToken utBuilder =
addUsernameToken(message, tok);
if (utBuilder == null) {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
Collection<AssertionInfo> ais = aim.getAssertionInfo(SP12Constants.USERNAME_TOKEN);
for (AssertionInfo ai : ais) {
if (ai.isAsserted()) {
ai.setAsserted(false);
}
}
return;
}
Element el = (Element)h.getObject();
utBuilder.prepare(el.getOwnerDocument());
el.appendChild(utBuilder.getUsernameTokenElement());
}
Example #6
| Source File: SymmetricBindingHandler.java From steady with Apache License 2.0 | 6 votes |
|
private String setupUTDerivedKey(UsernameToken sigToken) throws WSSecurityException {
boolean useMac = hasSignedPartsOrElements();
WSSecUsernameToken usernameToken = addDKUsernameToken(sigToken, useMac);
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok =
new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
tempTok.setSecret(secret);
tokenStore.add(tempTok);
return id;
}
Example #7
| Source File: UsernameTokenInterceptor.java From steady with Apache License 2.0 | 6 votes |
|
private void addUsernameToken(SoapMessage message) {
UsernameToken tok = assertUsernameTokens(message, null);
Header h = findSecurityHeader(message, true);
WSSecUsernameToken utBuilder =
addUsernameToken(message, tok);
if (utBuilder == null) {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
Collection<AssertionInfo> ais = aim.getAssertionInfo(SP12Constants.USERNAME_TOKEN);
for (AssertionInfo ai : ais) {
if (ai.isAsserted()) {
ai.setAsserted(false);
}
}
return;
}
Element el = (Element)h.getObject();
utBuilder.prepare(el.getOwnerDocument());
el.appendChild(utBuilder.getUsernameTokenElement());
}
Example #8
| Source File: UsernameTokenInterceptor.java From steady with Apache License 2.0 | 6 votes |
|
private void addUsernameToken(SoapMessage message) {
UsernameToken tok = assertUsernameTokens(message, null);
Header h = findSecurityHeader(message, true);
WSSecUsernameToken utBuilder =
addUsernameToken(message, tok);
if (utBuilder == null) {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
Collection<AssertionInfo> ais = aim.getAssertionInfo(SP12Constants.USERNAME_TOKEN);
for (AssertionInfo ai : ais) {
if (ai.isAsserted()) {
ai.setAsserted(false);
}
}
return;
}
Element el = (Element)h.getObject();
utBuilder.prepare(el.getOwnerDocument());
el.appendChild(utBuilder.getUsernameTokenElement());
}
Example #9
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 5 votes |
|
protected WSSecUsernameToken addDKUsernameToken(UsernameToken token, boolean useMac) {
AssertionInfo info = null;
Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == token) {
info = ai;
if (!isRequestor()) {
info.setAsserted(true);
return null;
}
}
}
String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
if (!StringUtils.isEmpty(userName)) {
WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
if (StringUtils.isEmpty(password)) {
password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
}
if (!StringUtils.isEmpty(password)) {
// If the password is available then build the token
utBuilder.setUserInfo(userName, password);
utBuilder.addDerivedKey(useMac, null, 1000);
utBuilder.prepare(saaj.getSOAPPart());
} else {
policyNotAsserted(token, "No password available");
return null;
}
info.setAsserted(true);
return utBuilder;
} else {
policyNotAsserted(token, "No username available");
return null;
}
}
Example #10
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 5 votes |
|
protected WSSecUsernameToken addDKUsernameToken(UsernameToken token, boolean useMac) {
AssertionInfo info = null;
Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == token) {
info = ai;
if (!isRequestor()) {
info.setAsserted(true);
return null;
}
}
}
String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
if (!StringUtils.isEmpty(userName)) {
WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
if (StringUtils.isEmpty(password)) {
password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
}
if (!StringUtils.isEmpty(password)) {
// If the password is available then build the token
utBuilder.setUserInfo(userName, password);
utBuilder.addDerivedKey(useMac, null, 1000);
utBuilder.prepare(saaj.getSOAPPart());
} else {
policyNotAsserted(token, "No password available");
return null;
}
info.setAsserted(true);
return utBuilder;
} else {
policyNotAsserted(token, "No username available");
return null;
}
}
Example #11
| Source File: TransportBindingHandler.java From steady with Apache License 2.0 | 5 votes |
|
private void handleEndorsingToken(
Token token, SupportingToken wrapper
) throws Exception {
if (token instanceof IssuedToken
|| token instanceof SecureConversationToken
|| token instanceof SecurityContextToken
|| token instanceof KerberosToken
|| token instanceof SpnegoContextToken) {
addSig(doIssuedTokenSignature(token, wrapper));
} else if (token instanceof X509Token
|| token instanceof KeyValueToken) {
addSig(doX509TokenSignature(token, wrapper));
} else if (token instanceof SamlToken) {
AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
assertionWrapper.toDOM(saaj.getSOAPPart());
storeAssertionAsSecurityToken(assertionWrapper);
addSig(doIssuedTokenSignature(token, wrapper));
} else if (token instanceof UsernameToken) {
// Create a UsernameToken object for derived keys and store the security token
WSSecUsernameToken usernameToken = addDKUsernameToken((UsernameToken)token, true);
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok =
new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
tempTok.setSecret(secret);
getTokenStore().add(tempTok);
message.setContextualProperty(SecurityConstants.TOKEN_ID, tempTok.getId());
addSig(doIssuedTokenSignature(token, wrapper));
}
}
Example #12
| Source File: TransportBindingHandler.java From steady with Apache License 2.0 | 5 votes |
|
private void addSignedSupportingTokens(SupportingToken sgndSuppTokens)
throws Exception {
for (Token token : sgndSuppTokens.getTokens()) {
if (token instanceof UsernameToken) {
WSSecUsernameToken utBuilder = addUsernameToken((UsernameToken)token);
if (utBuilder != null) {
utBuilder.prepare(saaj.getSOAPPart());
utBuilder.appendToHeader(secHeader);
}
} else if (token instanceof IssuedToken || token instanceof KerberosToken) {
SecurityToken secTok = getSecurityToken();
if (includeToken(token.getInclusion())) {
//Add the token
addEncryptedKeyElement(cloneElement(secTok.getToken()));
}
} else if (token instanceof SamlToken) {
AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
if (assertionWrapper != null) {
addSupportingElement(assertionWrapper.toDOM(saaj.getSOAPPart()));
}
} else {
//REVISIT - not supported for signed. Exception?
}
}
}
Example #13
| Source File: TransportBindingHandler.java From steady with Apache License 2.0 | 5 votes |
|
private void addSignedSupportingTokens(SupportingToken sgndSuppTokens)
throws Exception {
for (Token token : sgndSuppTokens.getTokens()) {
if (token instanceof UsernameToken) {
WSSecUsernameToken utBuilder = addUsernameToken((UsernameToken)token);
if (utBuilder != null) {
utBuilder.prepare(saaj.getSOAPPart());
utBuilder.appendToHeader(secHeader);
}
} else if (token instanceof IssuedToken || token instanceof KerberosToken) {
SecurityToken secTok = getSecurityToken();
if (includeToken(token.getInclusion())) {
//Add the token
addEncryptedKeyElement(cloneElement(secTok.getToken()));
}
} else if (token instanceof SamlToken) {
AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
if (assertionWrapper != null) {
addSupportingElement(assertionWrapper.toDOM(saaj.getSOAPPart()));
}
} else {
//REVISIT - not supported for signed. Exception?
}
}
}
Example #14
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 5 votes |
|
protected WSSecUsernameToken addDKUsernameToken(UsernameToken token, boolean useMac) {
AssertionInfo info = null;
Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == token) {
info = ai;
if (!isRequestor()) {
info.setAsserted(true);
return null;
}
}
}
String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
if (!StringUtils.isEmpty(userName)) {
WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
if (StringUtils.isEmpty(password)) {
password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
}
if (!StringUtils.isEmpty(password)) {
// If the password is available then build the token
utBuilder.setUserInfo(userName, password);
utBuilder.addDerivedKey(useMac, null, 1000);
utBuilder.prepare(saaj.getSOAPPart());
} else {
policyNotAsserted(token, "No password available");
return null;
}
info.setAsserted(true);
return utBuilder;
} else {
policyNotAsserted(token, "No username available");
return null;
}
}
Example #15
| Source File: TransportBindingHandler.java From steady with Apache License 2.0 | 5 votes |
|
private void handleEndorsingToken(
Token token, SupportingToken wrapper
) throws Exception {
if (token instanceof IssuedToken
|| token instanceof SecureConversationToken
|| token instanceof SecurityContextToken
|| token instanceof KerberosToken
|| token instanceof SpnegoContextToken) {
addSig(doIssuedTokenSignature(token, wrapper));
} else if (token instanceof X509Token
|| token instanceof KeyValueToken) {
addSig(doX509TokenSignature(token, wrapper));
} else if (token instanceof SamlToken) {
AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
assertionWrapper.toDOM(saaj.getSOAPPart());
storeAssertionAsSecurityToken(assertionWrapper);
addSig(doIssuedTokenSignature(token, wrapper));
} else if (token instanceof UsernameToken) {
// Create a UsernameToken object for derived keys and store the security token
WSSecUsernameToken usernameToken = addDKUsernameToken((UsernameToken)token, true);
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok =
new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
tempTok.setSecret(secret);
getTokenStore().add(tempTok);
message.setContextualProperty(SecurityConstants.TOKEN_ID, tempTok.getId());
addSig(doIssuedTokenSignature(token, wrapper));
}
}
Example #16
| Source File: TransportBindingHandler.java From steady with Apache License 2.0 | 5 votes |
|
private void addSignedSupportingTokens(SupportingToken sgndSuppTokens)
throws Exception {
for (Token token : sgndSuppTokens.getTokens()) {
if (token instanceof UsernameToken) {
WSSecUsernameToken utBuilder = addUsernameToken((UsernameToken)token);
if (utBuilder != null) {
utBuilder.prepare(saaj.getSOAPPart());
utBuilder.appendToHeader(secHeader);
}
} else if (token instanceof IssuedToken || token instanceof KerberosToken) {
SecurityToken secTok = getSecurityToken();
if (includeToken(token.getInclusion())) {
//Add the token
addEncryptedKeyElement(cloneElement(secTok.getToken()));
}
} else if (token instanceof SamlToken) {
AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
if (assertionWrapper != null) {
addSupportingElement(assertionWrapper.toDOM(saaj.getSOAPPart()));
}
} else {
//REVISIT - not supported for signed. Exception?
}
}
}
Example #17
| Source File: TransportBindingHandler.java From steady with Apache License 2.0 | 5 votes |
|
private void handleEndorsingToken(
Token token, SupportingToken wrapper
) throws Exception {
if (token instanceof IssuedToken
|| token instanceof SecureConversationToken
|| token instanceof SecurityContextToken
|| token instanceof KerberosToken
|| token instanceof SpnegoContextToken) {
addSig(doIssuedTokenSignature(token, wrapper));
} else if (token instanceof X509Token
|| token instanceof KeyValueToken) {
addSig(doX509TokenSignature(token, wrapper));
} else if (token instanceof SamlToken) {
AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
assertionWrapper.toDOM(saaj.getSOAPPart());
storeAssertionAsSecurityToken(assertionWrapper);
addSig(doIssuedTokenSignature(token, wrapper));
} else if (token instanceof UsernameToken) {
// Create a UsernameToken object for derived keys and store the security token
WSSecUsernameToken usernameToken = addDKUsernameToken((UsernameToken)token, true);
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok =
new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
tempTok.setSecret(secret);
getTokenStore().add(tempTok);
message.setContextualProperty(SecurityConstants.TOKEN_ID, tempTok.getId());
addSig(doIssuedTokenSignature(token, wrapper));
}
}
Example #18
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 5 votes |
|
protected WSSecUsernameToken addDKUsernameToken(UsernameToken token, boolean useMac) {
AssertionInfo info = null;
Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == token) {
info = ai;
if (!isRequestor()) {
info.setAsserted(true);
return null;
}
}
}
String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
if (!StringUtils.isEmpty(userName)) {
WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
if (StringUtils.isEmpty(password)) {
password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
}
if (!StringUtils.isEmpty(password)) {
// If the password is available then build the token
utBuilder.setUserInfo(userName, password);
utBuilder.addDerivedKey(useMac, null, 1000);
utBuilder.prepare(saaj.getSOAPPart());
} else {
policyNotAsserted(token, "No password available");
return null;
}
info.setAsserted(true);
return utBuilder;
} else {
policyNotAsserted(token, "No username available");
return null;
}
}
Example #19
| Source File: TransportBindingHandler.java From steady with Apache License 2.0 | 5 votes |
|
private void handleEndorsingToken(
Token token, SupportingToken wrapper
) throws Exception {
if (token instanceof IssuedToken
|| token instanceof SecureConversationToken
|| token instanceof SecurityContextToken
|| token instanceof KerberosToken
|| token instanceof SpnegoContextToken) {
addSig(doIssuedTokenSignature(token, wrapper));
} else if (token instanceof X509Token
|| token instanceof KeyValueToken) {
addSig(doX509TokenSignature(token, wrapper));
} else if (token instanceof SamlToken) {
AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
assertionWrapper.toDOM(saaj.getSOAPPart());
storeAssertionAsSecurityToken(assertionWrapper);
addSig(doIssuedTokenSignature(token, wrapper));
} else if (token instanceof UsernameToken) {
// Create a UsernameToken object for derived keys and store the security token
WSSecUsernameToken usernameToken = addDKUsernameToken((UsernameToken)token, true);
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok =
new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
tempTok.setSecret(secret);
getTokenStore().add(tempTok);
message.setContextualProperty(SecurityConstants.TOKEN_ID, tempTok.getId());
addSig(doIssuedTokenSignature(token, wrapper));
}
}
Example #20
| Source File: TransportBindingHandler.java From steady with Apache License 2.0 | 5 votes |
|
private void addSignedSupportingTokens(SupportingToken sgndSuppTokens)
throws Exception {
for (Token token : sgndSuppTokens.getTokens()) {
if (token instanceof UsernameToken) {
WSSecUsernameToken utBuilder = addUsernameToken((UsernameToken)token);
if (utBuilder != null) {
utBuilder.prepare(saaj.getSOAPPart());
utBuilder.appendToHeader(secHeader);
}
} else if (token instanceof IssuedToken || token instanceof KerberosToken) {
SecurityToken secTok = getSecurityToken();
if (includeToken(token.getInclusion())) {
//Add the token
addEncryptedKeyElement(cloneElement(secTok.getToken()));
}
} else if (token instanceof SamlToken) {
AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
if (assertionWrapper != null) {
addSupportingElement(assertionWrapper.toDOM(saaj.getSOAPPart()));
}
} else {
//REVISIT - not supported for signed. Exception?
}
}
}
Example #21
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 4 votes |
|
protected WSSecUsernameToken addUsernameToken(UsernameToken token) {
AssertionInfo info = null;
Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == token) {
info = ai;
if (!isRequestor()) {
info.setAsserted(true);
return null;
}
}
}
String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
if (!StringUtils.isEmpty(userName)) {
WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
// If NoPassword property is set we don't need to set the password
if (token.isNoPassword()) {
utBuilder.setUserInfo(userName, null);
utBuilder.setPasswordType(null);
} else {
String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
if (StringUtils.isEmpty(password)) {
password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
}
if (!StringUtils.isEmpty(password)) {
// If the password is available then build the token
if (token.isHashPassword()) {
utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
} else {
utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
}
utBuilder.setUserInfo(userName, password);
} else {
policyNotAsserted(token, "No password available");
return null;
}
}
if (token.isRequireCreated() && !token.isHashPassword()) {
utBuilder.addCreated();
}
if (token.isRequireNonce() && !token.isHashPassword()) {
utBuilder.addNonce();
}
info.setAsserted(true);
return utBuilder;
} else {
policyNotAsserted(token, "No username available");
return null;
}
}
Example #22
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 4 votes |
|
protected WSSecUsernameToken addUsernameToken(UsernameToken token) {
AssertionInfo info = null;
Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == token) {
info = ai;
if (!isRequestor()) {
info.setAsserted(true);
return null;
}
}
}
String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
if (!StringUtils.isEmpty(userName)) {
WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
// If NoPassword property is set we don't need to set the password
if (token.isNoPassword()) {
utBuilder.setUserInfo(userName, null);
utBuilder.setPasswordType(null);
} else {
String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
if (StringUtils.isEmpty(password)) {
password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
}
if (!StringUtils.isEmpty(password)) {
// If the password is available then build the token
if (token.isHashPassword()) {
utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
} else {
utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
}
utBuilder.setUserInfo(userName, password);
} else {
policyNotAsserted(token, "No password available");
return null;
}
}
if (token.isRequireCreated() && !token.isHashPassword()) {
utBuilder.addCreated();
}
if (token.isRequireNonce() && !token.isHashPassword()) {
utBuilder.addNonce();
}
info.setAsserted(true);
return utBuilder;
} else {
policyNotAsserted(token, "No username available");
return null;
}
}
Example #23
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 4 votes |
|
protected WSSecUsernameToken addUsernameToken(UsernameToken token) {
AssertionInfo info = null;
Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == token) {
info = ai;
if (!isRequestor()) {
info.setAsserted(true);
return null;
}
}
}
String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
if (!StringUtils.isEmpty(userName)) {
WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
// If NoPassword property is set we don't need to set the password
if (token.isNoPassword()) {
utBuilder.setUserInfo(userName, null);
utBuilder.setPasswordType(null);
} else {
String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
if (StringUtils.isEmpty(password)) {
password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
}
if (!StringUtils.isEmpty(password)) {
// If the password is available then build the token
if (token.isHashPassword()) {
utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
} else {
utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
}
utBuilder.setUserInfo(userName, password);
} else {
policyNotAsserted(token, "No password available");
return null;
}
}
if (token.isRequireCreated() && !token.isHashPassword()) {
utBuilder.addCreated();
}
if (token.isRequireNonce() && !token.isHashPassword()) {
utBuilder.addNonce();
}
info.setAsserted(true);
return utBuilder;
} else {
policyNotAsserted(token, "No username available");
return null;
}
}
Example #24
| Source File: AbstractBindingBuilder.java From steady with Apache License 2.0 | 4 votes |
|
protected WSSecUsernameToken addUsernameToken(UsernameToken token) {
AssertionInfo info = null;
Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
for (AssertionInfo ai : ais) {
if (ai.getAssertion() == token) {
info = ai;
if (!isRequestor()) {
info.setAsserted(true);
return null;
}
}
}
String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
if (!StringUtils.isEmpty(userName)) {
WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
// If NoPassword property is set we don't need to set the password
if (token.isNoPassword()) {
utBuilder.setUserInfo(userName, null);
utBuilder.setPasswordType(null);
} else {
String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
if (StringUtils.isEmpty(password)) {
password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
}
if (!StringUtils.isEmpty(password)) {
// If the password is available then build the token
if (token.isHashPassword()) {
utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
} else {
utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
}
utBuilder.setUserInfo(userName, password);
} else {
policyNotAsserted(token, "No password available");
return null;
}
}
if (token.isRequireCreated() && !token.isHashPassword()) {
utBuilder.addCreated();
}
if (token.isRequireNonce() && !token.isHashPassword()) {
utBuilder.addNonce();
}
info.setAsserted(true);
return utBuilder;
} else {
policyNotAsserted(token, "No username available");
return null;
}
}
Example #25
| Source File: SoapWrapper.java From iaf with Apache License 2.0 | 4 votes |
|
public String signMessage(String soapMessage, String user, String password, boolean passwordDigest) {
try {
WSSecurityEngine secEngine = WSSecurityEngine.getInstance();
WSSConfig config = secEngine.getWssConfig();
config.setPrecisionInMilliSeconds(false);
// create context
AxisClient tmpEngine = new AxisClient(new NullProvider());
MessageContext msgContext = new MessageContext(tmpEngine);
InputStream in = new ByteArrayInputStream(soapMessage.getBytes(StreamUtil.DEFAULT_INPUT_STREAM_ENCODING));
Message msg = new Message(in);
msg.setMessageContext(msgContext);
// create unsigned envelope
SOAPEnvelope unsignedEnvelope = msg.getSOAPEnvelope();
Document doc = unsignedEnvelope.getAsDocument();
// create security header and insert it into unsigned envelope
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
// add a UsernameToken
WSSecUsernameToken tokenBuilder = new WSSecUsernameToken();
if (passwordDigest) {
tokenBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
} else {
tokenBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
}
tokenBuilder.setUserInfo(user, password);
tokenBuilder.addNonce();
tokenBuilder.addCreated();
tokenBuilder.prepare(doc);
WSSecSignature sign = new WSSecSignature();
sign.setUsernameToken(tokenBuilder);
sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
sign.build(doc, null, secHeader);
tokenBuilder.prependToHeader(secHeader);
// add a Timestamp
WSSecTimestamp timestampBuilder = new WSSecTimestamp();
timestampBuilder.setTimeToLive(300);
timestampBuilder.prepare(doc);
timestampBuilder.prependToHeader(secHeader);
Document signedDoc = doc;
return DOM2Writer.nodeToString(signedDoc);
} catch (Exception e) {
throw new RuntimeException("Could not sign message", e);
}
}
