if (!compare(usernameToken.getName(), getName())) { return false; if (!compare(usernameToken.getPassword(), getPassword())) { return false; if (!compare(usernameToken.getPasswordType(), getPasswordType())) { return false; if (!compare(usernameToken.getNonce(), getNonce())) { return false; if (!compare(usernameToken.getCreated(), getCreated())) { return false; byte[] salt = usernameToken.getSalt(); if (!Arrays.equals(salt, getSalt())) { return false; int iteration = usernameToken.getIteration(); if (iteration != getIteration()) { return false;
/** * Create a WSUsernameTokenPrincipal from this UsernameToken object */ public Principal createPrincipal() { WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(getName(), isHashed()); principal.setNonce(getNonce()); principal.setPassword(getPassword()); principal.setCreatedTime(getCreated()); return principal; }
/** * Creates a Username token. * * The method prepares and initializes a WSSec UsernameToken structure after * the relevant information was set. A Before calling * <code>prepare()</code> all parameters such as user, password, * passwordType etc. must be set. A complete <code>UsernameToken</code> is * constructed. * * @param doc The SOAP envelope as W3C document */ public void prepare(Document doc) { ut = new UsernameToken(getWsConfig().isPrecisionInMilliSeconds(), doc, getWsConfig().getCurrentTime(), passwordType); ut.setPasswordsAreEncoded(passwordsAreEncoded); ut.setName(user); if (useDerivedKey) { saltValue = ut.addSalt(doc, saltValue, useMac); ut.addIteration(doc, iteration); } else { ut.setPassword(password); } if (nonce) { ut.addNonce(doc); } if (created) { ut.addCreated(getWsConfig().isPrecisionInMilliSeconds(), getWsConfig().getCurrentTime(), doc); } ut.setID(getWsConfig().getIdAllocator().createId("UsernameToken-", ut)); }
public UsernameToken(boolean milliseconds, Document doc, WSTimeSource timeSource, String pwType) { element = doc.createElementNS(WSConstants.WSSE_NS, "wsse:" + WSConstants.USERNAME_TOKEN_LN); elementUsername = doc.createElementNS(WSConstants.WSSE_NS, "wsse:" + WSConstants.USERNAME_LN); elementUsername.appendChild(doc.createTextNode("")); element.appendChild(elementUsername); if (pwType != null) { elementPassword = doc.createElementNS(WSConstants.WSSE_NS, "wsse:" + WSConstants.PASSWORD_LN); elementPassword.appendChild(doc.createTextNode("")); element.appendChild(elementPassword); passwordType = pwType; if (passwordType.equals(WSConstants.PASSWORD_DIGEST)) { addNonce(doc); addCreated(milliseconds, timeSource, doc); } else { hashed = false; } } }
if (token.getPassword() == null) { action = WSConstants.UT_NOPASSWORD; if (token.isDerivedKey()) { token.setRawPassword(data); secretKey = token.getDerivedKey(); String tokenId = token.getID(); if (!"".equals(tokenId)) { result.put(WSSecurityEngineResult.TAG_ID, tokenId); } else { WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(token.getName(), token.isHashed()); principal.setNonce(token.getNonce()); principal.setPassword(token.getPassword()); principal.setCreatedTime(token.getCreated()); principal.setPasswordType(token.getPasswordType()); result.put(WSSecurityEngineResult.TAG_PRINCIPAL, principal);
user = usernameToken.getName(); String pwType = usernameToken.getPasswordType(); if (log.isDebugEnabled()) { log.debug("UsernameToken user " + usernameToken.getName()); log.debug("UsernameToken password type " + pwType); if (usernameToken.isHashed()) { log.warn("Authentication failed as hashed username token not supported"); throw new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION); password = usernameToken.getPassword();
String user = usernameToken.getName(); String password = usernameToken.getPassword(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); String pwType = usernameToken.getPasswordType(); boolean passwordsAreEncoded = usernameToken.getPasswordsAreEncoded(); if (usernameToken.isHashed()) { String passDigest; if (passwordsAreEncoded) { passDigest = UsernameToken.doPasswordDigest(nonce, createdTime, Base64.decode(origPassword)); } else { passDigest = UsernameToken.doPasswordDigest(nonce, createdTime, origPassword);
@Override protected void verifyPlaintextPassword(UsernameToken usernameToken, RequestData data) throws WSSecurityException { String user = usernameToken.getName(); String password = usernameToken.getPassword(); String pwType = usernameToken.getPasswordType(); // Provide the password to the user for validation WSPasswordCallback pwCb = new WSPasswordCallback(user, password, pwType, WSPasswordCallback.USERNAME_TOKEN, data); try { data.getCallbackHandler().handle(new Callback[] { pwCb }); } catch (IOException e) { if (mlog.isDebugEnabled()) { mlog.debug(e); } throw new WSSecurityException( WSSecurityException.FAILED_AUTHENTICATION); } catch (UnsupportedCallbackException e) { if (mlog.isDebugEnabled()) { mlog.debug(e); } throw new WSSecurityException( WSSecurityException.FAILED_AUTHENTICATION); } } }
(org.apache.ws.security.message.token.UsernameToken) utResult.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN); if(ut.isNoPassword() && wssUt.getPassword() != null) { throw new RampartException("invalidUsernameTokenType"); if(ut.isHashPassword() && !wssUt.isHashed()) { throw new RampartException("invalidUsernameTokenType"); } else if (!ut.isHashPassword() && (wssUt.getPassword() == null || !wssUt.getPasswordType().equals(WSConstants.PASSWORD_TEXT))) { throw new RampartException("invalidUsernameTokenType");
final WSPasswordCallback pwCb = new WSPasswordCallback(usernameToken.getName(), null, usernameToken.getPasswordType(), WSPasswordCallback.USERNAME_TOKEN, data); try { data.getCallbackHandler().handle(new Callback[]{pwCb}); final String user = usernameToken.getName(); final String password = pwCb.getPassword(); final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
new UsernameToken(token, allowNamespaceQualifiedPasswordTypes, bspCompliant); if (replayCache != null && ut.getNonce() != null) { if (replayCache.contains(ut.getNonce())) { throw new WSSecurityException( WSSecurityException.INVALID_SECURITY, Date created = ut.getCreatedDate(); if (created == null || utTTL <= 0) { replayCache.add(ut.getNonce()); } else { replayCache.add(ut.getNonce(), utTTL + 1L); if (!ut.verifyCreated(utTTL, futureTimeToLive)) { throw new WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
new MuleCredentials(credential.getUsernametoken().getName(), credential.getUsernametoken().getPassword().toCharArray()));
byte[] nonce = Base64.decode(getNonce()); byte[] created = getCreated().getBytes("UTF-8"); byte[] seed = new byte[label.length + nonce.length + created.length]; key = P_hash(password, seed, mac, keylen);
/** * Creates and adds a Created element to this UsernameToken */ public void addCreated(boolean milliseconds, Document doc) { addCreated(milliseconds, new WSCurrentTimeSource(), doc); }
if (token.getPassword() == null) { action = WSConstants.UT_NOPASSWORD; if (token.isDerivedKey()) { token.setRawPassword(data); secretKey = token.getDerivedKey(); String tokenId = token.getID(); if (!"".equals(tokenId)) { result.put(WSSecurityEngineResult.TAG_ID, tokenId); } else { WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(token.getName(), token.isHashed()); principal.setNonce(token.getNonce()); principal.setPassword(token.getPassword()); principal.setCreatedTime(token.getCreated()); principal.setPasswordType(token.getPasswordType()); result.put(WSSecurityEngineResult.TAG_PRINCIPAL, principal);
user = usernameToken.getName(); String pwType = usernameToken.getPasswordType(); if (log.isDebugEnabled()) { log.debug("UsernameToken user " + usernameToken.getName()); log.debug("UsernameToken password type " + pwType); if (usernameToken.isHashed()) { log.warn("Authentication failed as hashed username token not supported"); throw new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION); password = usernameToken.getPassword();
String user = usernameToken.getName(); String password = usernameToken.getPassword(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); String pwType = usernameToken.getPasswordType(); boolean passwordsAreEncoded = usernameToken.getPasswordsAreEncoded(); if (usernameToken.isHashed()) { String passDigest; if (passwordsAreEncoded) { passDigest = UsernameToken.doPasswordDigest(nonce, createdTime, Base64.decode(origPassword)); } else { passDigest = UsernameToken.doPasswordDigest(nonce, createdTime, origPassword);
WSPasswordCallback pwCb = new WSPasswordCallback( getName(), getPassword(), getPasswordType(), WSPasswordCallback.USERNAME_TOKEN, data );
new UsernameToken(token, allowNamespaceQualifiedPasswordTypes, bspCompliant); if (replayCache != null && ut.getNonce() != null) { if (replayCache.contains(ut.getNonce())) { throw new WSSecurityException( WSSecurityException.INVALID_SECURITY, Date created = ut.getCreatedDate(); if (created == null || utTTL <= 0) { replayCache.add(ut.getNonce()); } else { replayCache.add(ut.getNonce(), utTTL + 1L); if (!ut.verifyCreated(utTTL, futureTimeToLive)) { throw new WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
byte[] nonce = Base64.decode(getNonce()); byte[] created = getCreated().getBytes("UTF-8"); byte[] seed = new byte[label.length + nonce.length + created.length]; key = P_hash(password, seed, mac, keylen);