/** * We use this method to prevent the singleton behavior of WSSConfig * @return WSSConfig object with the latest settings. */ public static WSSConfig getWSSConfigInstance() { WSSConfig defaultWssConfig = WSSConfig.getNewInstance(); WSSConfig wssConfig = WSSConfig.getNewInstance(); wssConfig.setEnableSignatureConfirmation(defaultWssConfig.isEnableSignatureConfirmation()); wssConfig.setTimeStampStrict(defaultWssConfig.isTimeStampStrict()); wssConfig.setWsiBSPCompliant(defaultWssConfig.isWsiBSPCompliant()); wssConfig.setPrecisionInMilliSeconds(defaultWssConfig.isPrecisionInMilliSeconds()); return wssConfig; }
id = wssConfig.getIdAllocator().createId("id-", bodyElement); String prefix = WSSecurityUtil.setNamespace(bodyElement, newAttrNs, newAttrPrefix);
protected String setWsuId(Element bodyElement) { String id = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id"); if ((id == null) || (id.length() == 0)) { id = WSSConfig.getNewInstance().getIdAllocator().createId("id-", bodyElement); String prefix = WSSecurityUtil.setNamespace(bodyElement, WSConstants.WSU_NS, WSConstants.WSU_PREFIX); bodyElement.setAttributeNS(WSConstants.WSU_NS, prefix + ":Id", id); } return id; } }
wssConfig.setEnableSignatureConfirmation( enableSigConf || ((doAction & WSConstants.SC) != 0) ); wssConfig.setTimeStampStrict(decodeTimestampStrict(reqData)); if (decodePasswordTypeStrict(reqData)) { String passwordType = decodePasswordType(reqData); wssConfig.setRequiredPasswordType(passwordType); wssConfig.setTimeStampTTL(decodeTimeToLive(reqData, true)); wssConfig.setTimeStampFutureTTL(decodeFutureTimeToLive(reqData, true)); wssConfig.setUtTTL(decodeTimeToLive(reqData, false)); wssConfig.setUtFutureTTL(decodeFutureTimeToLive(reqData, false)); wssConfig.setHandleCustomPasswordTypes(decodeCustomPasswordTypes(reqData)); wssConfig.setPasswordsAreEncoded(decodeUseEncodedPasswords(reqData)); wssConfig.setAllowNamespaceQualifiedPasswordTypes( decodeNamespaceQualifiedPasswordTypes(reqData) ); wssConfig.setAllowUsernameTokenNoPassword( decodeAllowUsernameTokenNoPassword(reqData) ); wssConfig.setSecretKeyLength(reqData.getSecretKeyLength()); wssConfig.setWsiBSPCompliant(decodeBSPCompliance(reqData)); reqData.setWssConfig(wssConfig);
wssConfig.setEnableSignatureConfirmation( enableSigConf || ((doAction & WSConstants.SC) != 0) ); wssConfig.setPasswordsAreEncoded(decodeUseEncodedPasswords(reqData)); wssConfig.setPrecisionInMilliSeconds( decodeTimestampPrecision(reqData) ); WSSecurityUtil.getSOAPConstants(doc.getDocumentElement()) ); wssConfig.setWsiBSPCompliant(decodeBSPCompliance(reqData)); if (wssConfig.isEnableSignatureConfirmation() && !isRequest) { String done = (String)getProperty(reqData.getMsgContext(), WSHandlerConstants.SIG_CONF_DONE); if (done == null) { wssConfig.getAction(WSConstants.SC).execute(this, WSConstants.SC, doc, reqData); case WSConstants.TS: case WSConstants.UT_SIGN: wssConfig.getAction(actionToDo).execute(this, actionToDo, doc, reqData); break; Action doit = null; try { doit = wssConfig.getAction(actionToDo); } catch (final WSSecurityException e) { log.warn(
public WSSConfig getWsConfig() { if (wssConfig == null) { wssConfig = WSSConfig.getNewInstance(); } return wssConfig; }
WSSConfig wssConfig = WSSConfig.getNewInstance(); .setEnableSignatureConfirmation(decodeEnableSignatureConfirmation(reqData)); .setPrecisionInMilliSeconds(decodeTimestampPrecision(reqData)); reqData.setWssConfig(wssConfig); if (wssConfig.isEnableSignatureConfirmation() && !isRequest) { String done; if ((done = (String) getProperty(reqData.getMsgContext(), if ((results = (Vector) getProperty(reqData.getMsgContext(), WSHandlerConstants.RECV_RESULTS)) != null) { wssConfig.getAction(WSConstants.SC).execute(this, WSConstants.SC, doc, reqData); if (wssConfig.isEnableSignatureConfirmation() && isRequest) { if (reqData.getSignatureValues().size() > 0) { Vector sigv = null;
this.config = WSSConfig.getNewInstance(); this.config.setValidator(WSSecurityEngine.USERNAME_TOKEN, RampartUsernameTokenValidator.class); this.config.setTimeStampStrict(timestampStrict); this.config.setPrecisionInMilliSeconds(timestampPrecisionInMilliseconds); this.config.setHandleCustomPasswordTypes(true);
/** * Creates a Timestamp element. * * The method prepares and initializes a WSSec Timestamp structure after the * relevant information was set. Before calling <code>prepare()</code> the * parameter such as <code>timeToLive</code> can be set if the default * value is not suitable. * * @param doc The SOAP envelope as W3C document */ public void prepare(Document doc) { ts = new Timestamp(getWsConfig().isPrecisionInMilliSeconds(), doc, getWsConfig().getCurrentTime(), timeToLive); String tsId = getWsConfig().getIdAllocator().createId("TS-", ts); ts.setID(tsId); }
if (getWsConfig().isWsiBSPCompliant() && canonAlgo.equals(WSConstants.C14N_EXCL_OMIT_COMMENTS)) { List<String> prefixes = getInclusivePrefixes(secHeader.getSecurityHeader(), false); keyInfoUri = getWsConfig().getIdAllocator().createSecureId("KI-", keyInfo); strUri = getWsConfig().getIdAllocator().createSecureId("STR-", secRef); secRef.setID(strUri);
WSSConfig wssConfig = new WSSConfig(); wssConfig.setWsiBSPCompliant(false); WSSecSignature sign = new WSSecSignature(wssConfig); sign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
int futureTimeToLive = 60; if (wssConfig != null) { timeStampStrict = wssConfig.isTimeStampStrict(); timeStampTTL = wssConfig.getTimeStampTTL(); futureTimeToLive = wssConfig.getTimeStampFutureTTL();
SOAPMessage soapMessage = MessageFactory.newInstance().createMessage(null, new ByteArrayInputStream(soapRequest.getBytes())); FileInputStream is = new FileInputStream(keyStore); KeyPair keypair = null; KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(is, keyStorePwd.toCharArray()); Certificate cert = null; Key key = keystore.getKey(alias, keyStorePwd.toCharArray()); if (key instanceof PrivateKey) { cert = keystore.getCertificate(alias); PublicKey publicKey = cert.getPublicKey(); keypair = new KeyPair(publicKey, (PrivateKey) key); } Properties properties = new Properties(); properties.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin"); Crypto crypto = CryptoFactory.getInstance(properties); keystore.setKeyEntry(alias, keypair.getPrivate(), keyStorePwd.toCharArray(), new Certificate[]{cert}); ((Merlin) crypto).setKeyStore(keystore); crypto.loadCertificate(new ByteArrayInputStream(cert.getEncoded())); WSSecurityEngine engine = new WSSecurityEngine(); WSSConfig config = WSSConfig.getNewInstance(); config.setWsiBSPCompliant(false); engine.setWssConfig(config); List<WSSecurityEngineResult> res = engine.processSecurityHeader(toDocument(soapMessage), null, null, crypto); for (WSSecurityEngineResult ers : res) { LOG.trace("Details of security header after validation {}" , ers.toString()); } LOG.debug("Validation code executed");
protected String setWsuId(Element bodyElement) { String id = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id"); if ((id == null) || (id.length() == 0)) { id = WSSConfig.getDefaultWSConfig().getIdAllocator().createId("id-", bodyElement); String prefix = WSSecurityUtil.setNamespace(bodyElement, WSConstants.WSU_NS, WSConstants.WSU_PREFIX); bodyElement.setAttributeNS(WSConstants.WSU_NS, prefix + ":Id", id); } return id; } }
try { int parsedAction = Integer.parseInt(single[i]); if (wssConfig.getAction(parsedAction) == null) { throw new WSSecurityException( "Unknown action defined: " + single[i]
wssConfig.setEnableSignatureConfirmation( enableSigConf || ((doAction & WSConstants.SC) != 0) ); wssConfig.setTimeStampStrict(decodeTimestampStrict(reqData)); if (decodePasswordTypeStrict(reqData)) { String passwordType = decodePasswordType(reqData); wssConfig.setRequiredPasswordType(passwordType); wssConfig.setTimeStampTTL(decodeTimeToLive(reqData, true)); wssConfig.setTimeStampFutureTTL(decodeFutureTimeToLive(reqData, true)); wssConfig.setUtTTL(decodeTimeToLive(reqData, false)); wssConfig.setUtFutureTTL(decodeFutureTimeToLive(reqData, false)); wssConfig.setHandleCustomPasswordTypes(decodeCustomPasswordTypes(reqData)); wssConfig.setPasswordsAreEncoded(decodeUseEncodedPasswords(reqData)); wssConfig.setAllowNamespaceQualifiedPasswordTypes( decodeNamespaceQualifiedPasswordTypes(reqData) ); wssConfig.setAllowUsernameTokenNoPassword( decodeAllowUsernameTokenNoPassword(reqData) ); wssConfig.setSecretKeyLength(reqData.getSecretKeyLength()); wssConfig.setWsiBSPCompliant(decodeBSPCompliance(reqData)); reqData.setWssConfig(wssConfig);
wssConfig.setEnableSignatureConfirmation( enableSigConf || ((doAction & WSConstants.SC) != 0) ); wssConfig.setPasswordsAreEncoded(decodeUseEncodedPasswords(reqData)); wssConfig.setPrecisionInMilliSeconds( decodeTimestampPrecision(reqData) ); WSSecurityUtil.getSOAPConstants(doc.getDocumentElement()) ); wssConfig.setWsiBSPCompliant(decodeBSPCompliance(reqData)); if (wssConfig.isEnableSignatureConfirmation() && !isRequest) { String done = (String)getProperty(reqData.getMsgContext(), WSHandlerConstants.SIG_CONF_DONE); if (done == null) { wssConfig.getAction(WSConstants.SC).execute(this, WSConstants.SC, doc, reqData); case WSConstants.TS: case WSConstants.UT_SIGN: wssConfig.getAction(actionToDo).execute(this, actionToDo, doc, reqData); break; Action doit = null; try { doit = wssConfig.getAction(actionToDo); } catch (final WSSecurityException e) { log.warn(
/** * @return the WSSConfig object set on this instance */ public final WSSConfig getWssConfig() { if (wssConfig == null) { wssConfig = WSSConfig.getNewInstance(); } return wssConfig; }
/** * Creates a Timestamp element. * * The method prepares and initializes a WSSec Timestamp structure after the * relevant information was set. Before calling <code>prepare()</code> the * parameter such as <code>timeToLive</code> can be set if the default * value is not suitable. * * @param doc The SOAP envelope as W3C document */ public void prepare(Document doc) { ts = new Timestamp(getWsConfig().isPrecisionInMilliSeconds(), doc, getWsConfig().getCurrentTime(), timeToLive); String tsId = getWsConfig().getIdAllocator().createId("TS-", ts); ts.setID(tsId); }