private SecurityToken createSecurityToken(BinarySecurity binarySecurityToken) { SecurityToken token = new SecurityToken(binarySecurityToken.getID()); token.setToken(binarySecurityToken.getElement()); token.setSecret(binarySecurityToken.getToken()); token.setTokenType(binarySecurityToken.getValueType()); return token; }
private Element convertToDOM( BinarySecurityTokenType binarySecurityTokenType, byte[] securityTokenData ) throws WSSecurityException { Document doc = DOMUtils.getEmptyDocument(); BinarySecurity binarySecurity = null; if (WSSConstants.NS_X509_V3_TYPE.equals(binarySecurityTokenType.getValueType())) { binarySecurity = new X509Security(doc); } else if (WSSConstants.NS_X509_PKIPATH_V1.equals(binarySecurityTokenType.getValueType())) { binarySecurity = new PKIPathSecurity(doc); } else if (WSSConstants.NS_GSS_KERBEROS5_AP_REQ.equals(binarySecurityTokenType.getValueType())) { binarySecurity = new KerberosSecurity(doc); } else { throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN); } binarySecurity.addWSSENamespace(); binarySecurity.addWSUNamespace(); binarySecurity.setEncodingType(binarySecurityTokenType.getEncodingType()); binarySecurity.setValueType(binarySecurityTokenType.getValueType()); binarySecurity.setID(binarySecurityTokenType.getId()); binarySecurity.setToken(securityTokenData); return binarySecurity.getElement(); } }
@Override public int hashCode() { int hashCode = 17; if (secretKey != null) { hashCode *= 31 + secretKey.hashCode(); } hashCode *= 31 + super.hashCode(); return hashCode; } }
@Override public int hashCode() { int result = 17; byte[] token = getToken(); if (token != null) { result = 31 * result + Arrays.hashCode(token); } result = 31 * result + getValueType().hashCode(); result = 31 * result + getEncodingType().hashCode(); return result; }
binarySecurity.setEncodingType(encodingType); binarySecurity.setValueType(binarySecurityType.getValueType()); String data = binarySecurityType.getValue(); binarySecurity.getElement().appendChild(textNode); } else if (validateTarget.isDOMElement()) { try { Document doc = DOMUtils.getEmptyDocument(); binarySecurity = new X509Security(doc); binarySecurity.setEncodingType(BASE64_ENCODING); X509Data x509Data = new X509Data((Element)validateTarget.getToken(), ""); if (x509Data.containsCertificate()) {
SoapMessage soapMessage = (SoapMessage) message; SOAPMessage doc = getSOAPMessage(soapMessage); Element elem = WSSecurityUtil.getSecurityHeader(doc.getSOAPPart(), ""); // get a BinarySignature tag Node binarySignatureTag = elem.getFirstChild(); BinarySecurity token = new X509Security((Element) binarySignatureTag); // a X509Certificate construction InputStream in = new ByteArrayInputStream(token.getToken()); CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate)certFactory.generateCertificate(in);
@org.junit.Test public void testBinarySecurityToken() throws Exception { SpringBusFactory bf = new SpringBusFactory(); URL busFile = BinarySecurityTokenTest.class.getResource("client.xml"); Bus bus = bf.createBus(busFile.toString()); BusFactory.setDefaultBus(bus); BusFactory.setThreadDefaultBus(bus); URL wsdl = BinarySecurityTokenTest.class.getResource("DoubleItTokens.wsdl"); Service service = Service.create(wsdl, SERVICE_QNAME); // Successful invocation QName portQName = new QName(NAMESPACE, "DoubleItBinarySecurityTokenPort"); DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class); updateAddressPort(port, PORT); // Mock up a BinarySecurityToken to add SecurityToken securityToken = new SecurityToken(); securityToken.setId("_" + UUID.randomUUID().toString()); Document doc = DOMUtils.newDocument(); BinarySecurity binarySecurity = new BinarySecurity(doc); binarySecurity.setValueType("http://custom-value-type"); binarySecurity.setToken("This is a token".getBytes()); securityToken.setToken(binarySecurity.getElement()); ((BindingProvider)port).getRequestContext().put(SecurityConstants.TOKEN, securityToken); assertEquals(50, port.doubleIt(25)); ((java.io.Closeable)port).close(); bus.shutdown(true); }
BinarySecurity bstToken = new X509Security(saaj.getSOAPPart()); ((X509Security)bstToken).setX509Certificate(encCert); bstToken.addWSUNamespace(); bstToken.setID(wssConfig.getIdAllocator().createSecureId("X509-", encCert)); WSSecurityUtil.prependChildElement( secHeader.getSecurityHeaderElement(), bstToken.getElement() ); bstElement = bstToken.getElement();
BinarySecurity binarySecurity = new X509Security(getDocument()); ((X509Security) binarySecurity).setX509Certificate(cert); binarySecurity.setID(certUri); bstToken = binarySecurity.getElement(); getWsDocInfo().addTokenElement(bstToken, false); ref.setValueType(binarySecurity.getValueType()); secRef.setReference(ref); break;
hash = credential.getUsernametoken().hashCode(); } else if (credential.getBinarySecurityToken() != null) { tokenElement = credential.getBinarySecurityToken().getElement(); hash = credential.getBinarySecurityToken().hashCode(); } else if (credential.getSecurityContextToken() != null) { tokenElement = credential.getSecurityContextToken().getElement();
} else if (tempTok instanceof BinarySecurity) { BinarySecurity bst = (BinarySecurity)tempTok; part = new WSEncryptionPart(bst.getID()); part.setElement(bst.getElement()); } else if (tempTok instanceof SamlAssertionWrapper) { SamlAssertionWrapper assertionWrapper = (SamlAssertionWrapper)tempTok;
/** * @return Returns the BinarySecurityToken element. */ public Element getBinarySecurityTokenElement() { if (bstToken != null) { return bstToken.getElement(); } return null; }
((X509Security) binarySecurity).setX509Certificate(certs[0]); binarySecurity.setID(certUri); bstToken = binarySecurity.getElement(); getWsDocInfo().addTokenElement(bstToken, false);
/** * Check the issued token template against the received BinarySecurityToken */ private boolean checkIssuedTokenTemplate(Element template, BinarySecurity binarySecurityToken) { Element child = DOMUtils.getFirstElement(template); while (child != null) { if ("TokenType".equals(child.getLocalName())) { String content = child.getTextContent(); String valueType = binarySecurityToken.getValueType(); if (!content.equals(valueType)) { return false; } } child = DOMUtils.getNextElement(child); } return true; }
bstToken = new X509Security(getDocument()); ((X509Security) bstToken).setX509Certificate(remoteCert); bstToken.setID(certUri); ref.setValueType(bstToken.getValueType()); secToken.setReference(ref); break;
/** * Constructor. * @param elem The BinarySecurityToken element to process * @param bspEnforcer a BSPEnforcer instance to enforce BSP rules * @throws WSSecurityException */ public BinarySecurity(Element elem, BSPEnforcer bspEnforcer) throws WSSecurityException { element = elem; QName el = new QName(element.getNamespaceURI(), element.getLocalName()); if (!(el.equals(TOKEN_BST) || el.equals(TOKEN_KI))) { throw new WSSecurityException( WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "unhandledToken", new Object[] {el}); } String encoding = getEncodingType(); if (encoding == null || "".equals(encoding)) { bspEnforcer.handleBSPRule(BSPRule.R3029); } if (!WSS4JConstants.BASE64_ENCODING.equals(encoding)) { bspEnforcer.handleBSPRule(BSPRule.R3030); } String valueType = getValueType(); if (valueType == null || "".equals(valueType)) { bspEnforcer.handleBSPRule(BSPRule.R3031); } }
token = new KerberosSecurity(element, data.getBSPEnforcer()); } else { token = new BinarySecurity(element, data.getBSPEnforcer()); if (xopUri != null && xopUri.startsWith("cid:")) { byte[] content = WSSecurityUtil.getBytesFromAttachment(xopUri, data); token.setRawToken(content);
/** * Constructor. * * @param doc */ public BinarySecurity(Document doc) { element = doc.createElementNS(WSS4JConstants.WSSE_NS, "wsse:BinarySecurityToken"); setEncodingType(WSS4JConstants.BASE64_ENCODING); }
Text node = getFirstNode(); node.setData(org.apache.xml.security.utils.XMLUtils.encodeToString(data)); setRawToken(data);
/** * Get the id of the BSt generated during <code>prepare()</code>. * * @return Returns the the value of wsu:Id attribute of the * BinaruSecurityToken element. */ public String getBSTTokenId() { if (bstToken == null) { return null; } return bstToken.getID(); }