org.apache.wss4j.common.ext.WSPasswordCallback Java Examples
The following examples show how to use
org.apache.wss4j.common.ext.WSPasswordCallback.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: RequestedClaimsTest.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
private String createSamlToken(SamlAssertionWrapper assertion, String alias, boolean sign, String rstr)
throws IOException, UnsupportedCallbackException, WSSecurityException, Exception {
WSPasswordCallback[] cb = {
new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)
};
cbPasswordHandler.handle(cb);
String password = cb[0].getPassword();
if (sign) {
assertion.signAssertion(alias, password, crypto, false);
}
Document doc = STSUtil.toSOAPPart(rstr);
Element token = assertion.toDOM(doc);
Element e = XMLUtils.findElement(doc, "RequestedSecurityToken",
FederationConstants.WS_TRUST_13_NS);
if (e == null) {
e = XMLUtils.findElement(doc, "RequestedSecurityToken",
FederationConstants.WS_TRUST_2005_02_NS);
}
e.appendChild(token);
return DOM2Writer.nodeToString(doc);
}
Example #2
| Source File: AudienceRestrictionTest.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
private String createSamlToken(SamlAssertionWrapper assertion, String alias, boolean sign, String rstr)
throws IOException, UnsupportedCallbackException, WSSecurityException, Exception {
WSPasswordCallback[] cb = {
new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)
};
cbPasswordHandler.handle(cb);
String password = cb[0].getPassword();
if (sign) {
assertion.signAssertion(alias, password, crypto, false);
}
Document doc = STSUtil.toSOAPPart(rstr);
Element token = assertion.toDOM(doc);
Element e = XMLUtils.findElement(doc, "RequestedSecurityToken",
FederationConstants.WS_TRUST_13_NS);
if (e == null) {
e = XMLUtils.findElement(doc, "RequestedSecurityToken",
FederationConstants.WS_TRUST_2005_02_NS);
}
e.appendChild(token);
return DOM2Writer.nodeToString(doc);
}
Example #3
| Source File: FederationResponseTest.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
private String createSamlToken(SamlAssertionWrapper assertion, String alias, boolean sign, String rstr)
throws IOException, UnsupportedCallbackException, WSSecurityException, Exception {
WSPasswordCallback[] cb = {
new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)
};
cbPasswordHandler.handle(cb);
String password = cb[0].getPassword();
if (sign) {
assertion.signAssertion(alias, password, crypto, false);
}
Document doc = STSUtil.toSOAPPart(rstr);
Element token = assertion.toDOM(doc);
Element e = XMLUtils.findElement(doc, "RequestedSecurityToken",
FederationConstants.WS_TRUST_13_NS);
if (e == null) {
e = XMLUtils.findElement(doc, "RequestedSecurityToken",
FederationConstants.WS_TRUST_2005_02_NS);
}
e.appendChild(token);
return DOM2Writer.nodeToString(doc);
}
Example #4
| Source File: ClientCallbackHandler.java From cxf with Apache License 2.0 | 6 votes |
|
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
if (pc.getUsage() == WSPasswordCallback.DECRYPT
|| pc.getUsage() == WSPasswordCallback.SIGNATURE) {
if ("myclientkey".equals(pc.getIdentifier())) {
pc.setPassword("ckpass");
}
} else if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN) {
if ("alice".equals(pc.getIdentifier())) {
pc.setPassword("clarinet");
break;
} else if ("bob".equals(pc.getIdentifier())) {
pc.setPassword("trombone");
break;
}
}
}
}
}
Example #5
| Source File: STSCallbackHandler.java From cxf with Apache License 2.0 | 6 votes |
|
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
if (pc.getUsage() == WSPasswordCallback.DECRYPT
|| pc.getUsage() == WSPasswordCallback.SIGNATURE) {
if ("mystskey".equals(pc.getIdentifier())) {
pc.setPassword("stskpass");
}
} else if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN) {
if ("alice".equals(pc.getIdentifier())) {
pc.setPassword("clarinet");
}
}
}
}
}
Example #6
| Source File: UsernamePasswordCallback.java From cxf with Apache License 2.0 | 6 votes |
|
/**
* Here, we attempt to get the password from the private alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
// System.out.println("**************** Server checking id: "+pc.getIdentifer());
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
//
// Password not found
//
throw new IOException();
}
Example #7
| Source File: CustomPasswordHandler.java From tomee with Apache License 2.0 | 6 votes |
|
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN) {
// TODO get the password from the users.properties if possible
pc.setPassword("waterfall");
} else if (pc.getUsage() == WSPasswordCallback.DECRYPT) {
pc.setPassword("serverPassword");
} else if (pc.getUsage() == WSPasswordCallback.SIGNATURE) {
pc.setPassword("serverPassword");
}
}
Example #8
| Source File: KeystorePasswordCallback.java From cxf with Apache License 2.0 | 6 votes |
|
/**
* It attempts to get the password from the private
* alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
if (pc.getUsage() == WSPasswordCallback.PASSWORD_ENCRYPTOR_PASSWORD) {
pc.setPassword("this-is-a-secret");
} else {
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
pc.setPassword("password");
}
}
}
Example #9
| Source File: KeystorePasswordCallback.java From cxf with Apache License 2.0 | 6 votes |
|
/**
* It attempts to get the password from the private
* alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
if ("alice".equals(pc.getIdentifier())) {
pc.setPassword("password");
} else if ("bob".equals(pc.getIdentifier())) {
pc.setPassword("password");
} else if ("morpit".equals(pc.getIdentifier())) {
pc.setPassword("password");
} else if ("bethal".equals(pc.getIdentifier())) {
pc.setPassword("password");
} else {
pc.setPassword("abcd!1234");
}
}
}
Example #10
| Source File: CallbackHandlerImpl.java From cxf with Apache License 2.0 | 6 votes |
|
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) { // CXF
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
if ("alice".equals(pc.getIdentifier())) {
pc.setPassword("security");
break;
} else if ("bob".equals(pc.getIdentifier())) {
pc.setPassword("security");
break;
} else if (pc.getIdentifier() != null
&& pc.getIdentifier().startsWith("consumer-id")) {
pc.setPassword("this-is-a-secret");
break;
} else if ("service".equals(pc.getIdentifier())) {
pc.setPassword("service-pass");
break;
} else if (dataProvider != null) {
Client client = dataProvider.getClient(pc.getIdentifier());
pc.setPassword(client.getClientSecret());
break;
}
}
}
}
Example #11
| Source File: KeystorePasswordCallback.java From cxf with Apache License 2.0 | 6 votes |
|
/**
* It attempts to get the password from the private
* alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
if (pc.getUsage() == WSPasswordCallback.PASSWORD_ENCRYPTOR_PASSWORD) {
pc.setPassword("this-is-a-secret");
} else {
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
pc.setPassword("password");
}
}
}
Example #12
| Source File: KeystorePasswordCallback.java From cxf with Apache License 2.0 | 6 votes |
|
/**
* It attempts to get the password from the private
* alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
if (pc.getUsage() == WSPasswordCallback.PASSWORD_ENCRYPTOR_PASSWORD) {
pc.setPassword("this-is-a-secret");
} else {
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
pc.setPassword("password");
}
}
}
Example #13
| Source File: PasswordCallbackHandler.java From cxf with Apache License 2.0 | 6 votes |
|
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) { // CXF
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
if ("alice".equals(pc.getIdentifier())) {
pc.setPassword("clarinet");
break;
} else if ("bob".equals(pc.getIdentifier())) {
pc.setPassword("trombone");
break;
} else if ("mystskey".equals(pc.getIdentifier())) {
pc.setPassword("stskpass");
break;
} else if ("myservicekey".equals(pc.getIdentifier())) {
pc.setPassword("skpass");
break;
}
}
}
}
Example #14
| Source File: KerberosServicePasswordCallback.java From cxf with Apache License 2.0 | 6 votes |
|
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
super.handle(new Callback[]{callbacks[i]});
} else if (callbacks[i] instanceof KerberosContextAndServiceNameCallback) {
KerberosContextAndServiceNameCallback pc =
(KerberosContextAndServiceNameCallback)callbacks[i];
pc.setContextName("bob");
pc.setServiceName("[email protected]");
} else if (callbacks[i] instanceof NameCallback) {
NameCallback nameCallback = (NameCallback)callbacks[i];
nameCallback.setName(username);
} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback passwordCallback = (PasswordCallback)callbacks[i];
passwordCallback.setPassword(password.toCharArray());
}
}
}
Example #15
| Source File: SAMLTokenValidatorOldTest.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
private String createSamlToken(SamlAssertionWrapper assertion, String alias, boolean sign, String rstr)
throws IOException, UnsupportedCallbackException, WSSecurityException, Exception {
WSPasswordCallback[] cb = {
new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)
};
cbPasswordHandler.handle(cb);
String password = cb[0].getPassword();
if (sign) {
assertion.signAssertion(alias, password, crypto, false);
}
Document doc = STSUtil.toSOAPPart(rstr);
Element token = assertion.toDOM(doc);
Element e = XMLUtils.findElement(doc, "RequestedSecurityToken",
FederationConstants.WS_TRUST_13_NS);
if (e == null) {
e = XMLUtils.findElement(doc, "RequestedSecurityToken",
FederationConstants.WS_TRUST_2005_02_NS);
}
e.appendChild(token);
return DOM2Writer.nodeToString(doc);
}
Example #16
| Source File: ClaimsProcessorTest.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
private String createSamlToken(SamlAssertionWrapper assertion, String alias, boolean sign, String rstr)
throws IOException, UnsupportedCallbackException, WSSecurityException, SAXException,
ParserConfigurationException {
WSPasswordCallback[] cb = {
new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)
};
cbPasswordHandler.handle(cb);
String password = cb[0].getPassword();
if (sign) {
assertion.signAssertion(alias, password, crypto, false);
}
Document doc = STSUtil.toSOAPPart(rstr);
Element token = assertion.toDOM(doc);
Element e = XMLUtils.findElement(doc, "RequestedSecurityToken",
FederationConstants.WS_TRUST_13_NS);
if (e == null) {
e = XMLUtils.findElement(doc, "RequestedSecurityToken",
FederationConstants.WS_TRUST_2005_02_NS);
}
e.appendChild(token);
return DOM2Writer.nodeToString(doc);
}
Example #17
| Source File: KeystorePasswordCallback.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
/**
* It attempts to get the password from the private
* alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
if (pc.getUsage() == WSPasswordCallback.PASSWORD_ENCRYPTOR_PASSWORD) {
pc.setPassword("this-is-a-secret");
} else {
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
} else {
pc.setPassword("password");
}
}
}
}
Example #18
| Source File: CommonCallbackHandler.java From cxf-fediz with Apache License 2.0 | 6 votes |
|
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) { // CXF
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
if ("ALICE".equals(pc.getIdentifier())) {
pc.setPassword("ECILA");
break;
} else if ("realmb".equals(pc.getIdentifier())) {
pc.setPassword("realmb");
break;
} else if (pc.getIdentifier() != null
&& pc.getIdentifier().startsWith("consumer-id")) {
pc.setPassword("this-is-a-secret");
break;
}
}
}
}
Example #19
| Source File: RSSecurityUtils.java From cxf with Apache License 2.0 | 6 votes |
|
public static String getSignaturePassword(Message message, String userName,
Class<?> callingClass) throws WSSecurityException {
CallbackHandler handler = getCallbackHandler(message, callingClass);
if (handler == null) {
// See if we have a signature password we can use here instead
return (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.SIGNATURE_PASSWORD, message);
}
WSPasswordCallback[] cb = {new WSPasswordCallback(userName, WSPasswordCallback.SIGNATURE)};
try {
handler.handle(cb);
} catch (Exception e) {
return null;
}
//get the password
String password = cb[0].getPassword();
return password == null ? "" : password;
}
Example #20
| Source File: AbstractTokenInterceptor.java From cxf with Apache License 2.0 | 6 votes |
|
protected String getPassword(String userName, AbstractToken info,
int usage, SoapMessage message) {
//Then try to get the password from the given callback handler
CallbackHandler handler = null;
try {
Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message);
handler = SecurityUtils.getCallbackHandler(o);
if (handler == null) {
policyNotAsserted(info, "No callback handler and no password available", message);
return null;
}
} catch (Exception ex) {
policyNotAsserted(info, "No callback handler and no password available", message);
return null;
}
WSPasswordCallback[] cb = {new WSPasswordCallback(userName, usage)};
try {
handler.handle(cb);
} catch (Exception e) {
policyNotAsserted(info, e, message);
}
//get the password
return cb[0].getPassword();
}
Example #21
| Source File: TokenStoreCallbackHandler.java From cxf with Apache License 2.0 | 6 votes |
|
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback)callback;
String id = pc.getIdentifier();
SecurityToken tok = store.getToken(id);
if (tok != null && !tok.isExpired()) {
if (tok.getSHA1() == null && pc.getKey() != null) {
tok.setSHA1(getSHA1(pc.getKey()));
// Create another cache entry with the SHA1 Identifier as the key for easy retrieval
store.add(tok.getSHA1(), tok);
}
pc.setKey(tok.getSecret());
pc.setKey(tok.getKey());
pc.setCustomToken(tok.getToken());
return;
}
}
}
if (internal != null) {
internal.handle(callbacks);
}
}
Example #22
| Source File: STSStaxTokenValidator.java From cxf with Apache License 2.0 | 6 votes |
|
/**
* Verify a UsernameToken containing a plaintext password.
*/
private void verifyPlaintextPassword(
String username,
PasswordString passwordType,
TokenContext tokenContext
) throws WSSecurityException {
WSPasswordCallback pwCb = new WSPasswordCallback(username,
null,
passwordType.getType(),
WSPasswordCallback.USERNAME_TOKEN);
try {
WSSUtils.doPasswordCallback(tokenContext.getWssSecurityProperties().getCallbackHandler(), pwCb);
} catch (WSSecurityException e) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION, e);
}
if (pwCb.getPassword() == null) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
}
if (!passwordType.getValue().equals(pwCb.getPassword())) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
}
passwordType.setValue(pwCb.getPassword());
}
Example #23
| Source File: CryptoProviderUtils.java From cxf with Apache License 2.0 | 6 votes |
|
public static String getCallbackPwd(String userName, int usage, CallbackHandler handler) {
if (handler == null) {
return null;
}
WSPasswordCallback[] cb = {
new WSPasswordCallback(userName, usage)
};
try {
handler.handle(cb);
} catch (Exception e) {
throw new CryptoProviderException("Cannot get password from callback: " + e, e);
}
// get the password
return cb[0].getPassword();
}
Example #24
| Source File: SCTSAMLTokenProvider.java From cxf with Apache License 2.0 | 6 votes |
|
private SamlAssertionWrapper createSamlToken(
TokenProviderParameters tokenParameters, byte[] secret, Document doc
) throws Exception {
SamlCallbackHandler handler = createCallbackHandler(tokenParameters, secret, doc);
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(handler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
if (signToken) {
STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
// Get the password
String alias = stsProperties.getSignatureUsername();
WSPasswordCallback[] cb = {new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)};
LOG.fine("Creating SAML Token");
stsProperties.getCallbackHandler().handle(cb);
String password = cb[0].getPassword();
LOG.fine("Signing SAML Token");
boolean useKeyValue = stsProperties.getSignatureProperties().isUseKeyValue();
assertion.signAssertion(alias, password, stsProperties.getSignatureCrypto(), useKeyValue);
}
return assertion;
}
Example #25
| Source File: CredentialsOutHandler.java From rice with Educational Community License v2.0 | 5 votes |
|
public WSPasswordCallback getPassword(final String username,
final int doAction, final String clsProp, final String refProp,
final RequestData reqData) throws WSSecurityException {
final UsernamePasswordCredentials c = (UsernamePasswordCredentials) this.credentialsSource
.getCredentials(this.serviceConfiguration.getEndpointUrl().toString());
return new WSPasswordCallback(c.getUsername(), c.getPassword(), null,
WSPasswordCallback.USERNAME_TOKEN);
}
Example #26
| Source File: AbstractBindingBuilder.java From cxf with Apache License 2.0 | 5 votes |
|
protected String getPassword(String userName, Assertion info, int usage) {
//Then try to get the password from the given callback handler
Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message);
CallbackHandler handler = null;
try {
handler = SecurityUtils.getCallbackHandler(o);
if (handler == null) {
// Don't unassert for signature as we might get the password from the crypto properties
if (usage == WSPasswordCallback.SIGNATURE) {
LOG.info("No CallbackHandler available to retrieve a password. We will now try the crypto "
+ "properties file for a private password");
} else {
unassertPolicy(info, "No callback handler and no password available");
}
return null;
}
} catch (Exception ex) {
// Don't unassert for signature as we might get the password from the crypto properties
if (usage == WSPasswordCallback.SIGNATURE) {
LOG.info("No CallbackHandler available to retrieve a password. We will now try the crypto "
+ "properties file for a private password");
} else {
unassertPolicy(info, "No callback handler and no password available");
}
return null;
}
WSPasswordCallback[] cb = {new WSPasswordCallback(userName, usage)};
try {
handler.handle(cb);
} catch (Exception e) {
unassertPolicy(info, e);
}
//get the password
return cb[0].getPassword();
}
Example #27
| Source File: AbstractBindingBuilder.java From cxf with Apache License 2.0 | 5 votes |
|
protected WSSecUsernameToken addDKUsernameToken(UsernameToken token, byte[] salt, boolean useMac) {
assertToken(token);
if (!isTokenRequired(token.getIncludeTokenType())) {
return null;
}
String userName = (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.USERNAME, message);
if (!StringUtils.isEmpty(userName)) {
WSSecUsernameToken utBuilder = new WSSecUsernameToken(secHeader);
utBuilder.setIdAllocator(wssConfig.getIdAllocator());
utBuilder.setWsTimeSource(wssConfig.getCurrentTime());
String password =
(String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.PASSWORD, message);
if (StringUtils.isEmpty(password)) {
password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
}
if (!StringUtils.isEmpty(password)) {
// If the password is available then build the token
utBuilder.setUserInfo(userName, password);
utBuilder.addDerivedKey(useMac, 1000);
utBuilder.prepare(salt);
} else {
unassertPolicy(token, "No password available");
return null;
}
return utBuilder;
}
unassertPolicy(token, "No username available");
return null;
}
Example #28
| Source File: FederationResponseTest.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
private Element createResponseWithMultipleAssertions(SamlAssertionWrapper assertion1,
boolean signFirstAssertion,
SamlAssertionWrapper assertion2,
boolean signSecondAssertion,
String alias) throws Exception {
WSPasswordCallback[] cb = {
new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)
};
cbPasswordHandler.handle(cb);
String password = cb[0].getPassword();
if (signFirstAssertion) {
assertion1.signAssertion(alias, password, crypto, false);
}
if (signSecondAssertion) {
assertion2.signAssertion(alias, password, crypto, false);
}
Document doc = STSUtil.toSOAPPart(SAMPLE_MULTIPLE_RSTR_COLL_MSG);
Element token1 = assertion1.toDOM(doc);
Element token2 = assertion2.toDOM(doc);
List<Element> requestedTokenElements =
XMLUtils.findElements(doc, "RequestedSecurityToken", FederationConstants.WS_TRUST_13_NS);
Assert.assertEquals(2, requestedTokenElements.size());
requestedTokenElements.get(0).appendChild(token1);
requestedTokenElements.get(1).appendChild(token2);
return doc.getDocumentElement();
}
Example #29
| Source File: SAMLResponseConformanceTest.java From cxf-fediz with Apache License 2.0 | 5 votes |
|
private Element createSamlResponse(SamlAssertionWrapper assertion, String alias,
boolean sign, String requestID, Issuer issuer)
throws IOException, UnsupportedCallbackException, WSSecurityException, Exception {
WSPasswordCallback[] cb = {
new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE)
};
cbPasswordHandler.handle(cb);
String password = cb[0].getPassword();
if (sign) {
assertion.signAssertion(alias, password, crypto, false);
}
DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder();
Document doc = docBuilder.newDocument();
Status status =
SAML2PResponseComponentBuilder.createStatus(
"urn:oasis:names:tc:SAML:2.0:status:Success", null
);
Issuer responseIssuer = issuer;
if (responseIssuer == null) {
responseIssuer = SAML2PResponseComponentBuilder.createIssuer(assertion.getIssuerString());
}
Response response =
SAML2PResponseComponentBuilder.createSAMLResponse(requestID,
responseIssuer,
status);
response.getAssertions().add(assertion.getSaml2());
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
return policyElement;
}
Example #30
| Source File: UTPasswordCallback.java From cxf with Apache License 2.0 | 5 votes |
|
/**
* Here, we attempt to get the password from the private
* alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
}
