Refine search
protected SecurityToken createSecurityToken(Element el, byte[] requestorEntropy) throws WSSecurityException, Base64DecodingException { if ("RequestSecurityTokenResponseCollection".equals(el.getLocalName())) { el = DOMUtils.getFirstElement(el); if (!"RequestSecurityTokenResponse".equals(el.getLocalName())) { throw new Fault("Unexpected element " + el.getLocalName(), LOG); el = DOMUtils.getFirstElement(el); Element rst = null; Element rar = null; lte = el; } else if ("RequestedSecurityToken".equals(ln)) { rst = DOMUtils.getFirstElement(el); } else if ("RequestedAttachedReference".equals(ln)) { rar = DOMUtils.getFirstElement(el); if (StringUtils.isEmpty(id)) { LOG.fine("No ID extracted from token, so just making one up"); id = WSSConfig.getNewInstance().getIdAllocator().createSecureId("_", null);
protected void addToken(SoapMessage message) { WSSConfig.init(); SamlToken tok = (SamlToken)assertTokens(message); Header h = findSecurityHeader(message, true); try { SamlAssertionWrapper wrapper = addSamlToken(tok, message); if (wrapper == null) { AssertionInfoMap aim = message.get(AssertionInfoMap.class); Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.SAML_TOKEN); for (AssertionInfo ai : ais) { if (ai.isAsserted()) { ai.setAsserted(false); } } return; } Element el = (Element)h.getObject(); el = (Element)DOMUtils.getDomElement(el); el.appendChild(wrapper.toDOM(el.getOwnerDocument())); } catch (WSSecurityException ex) { policyNotAsserted(tok, ex.getMessage(), message); } }
public void execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData) throws WSSecurityException { String username = reqData.getUsername(); String password = null; if (reqData.getPwType() != null) { CallbackHandler callbackHandler = handler.getPasswordCallbackHandler(reqData); WSPasswordCallback passwordCallback = handler.getPasswordCB(reqData.getUsername(), WSConstants.UT, callbackHandler, reqData); username = passwordCallback.getIdentifier(); password = passwordCallback.getPassword(); throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noUser"); WSSecUsernameToken builder = new WSSecUsernameToken(reqData.getSecHeader()); builder.setIdAllocator(reqData.getWssConfig().getIdAllocator()); builder.setPrecisionInMilliSeconds(reqData.isPrecisionInMilliSeconds()); builder.setWsTimeSource(reqData.getWssConfig().getCurrentTime()); builder.setPasswordType(reqData.getPwType()); builder.setPasswordsAreEncoded(reqData.isEncodePasswords());
@Override protected WSSecurityEngine getSecurityEngine(boolean utNoCallbacks) { WSSConfig config = WSSConfig.getNewInstance(); config.setValidator(WSConstants.USERNAME_TOKEN, new CustomValidator()); WSSecurityEngine ret = new WSSecurityEngine(); ret.setWssConfig(config); return ret; }
public WSS4JInInterceptor(Map<String, Object> properties) { this(); setProperties(properties); WSSConfig config = WSSConfig.getNewInstance(); Object val = entry.getValue(); if (val instanceof Class<?>) { config.setProcessor(entry.getKey(), (Class<?>)val); } else if (val instanceof Processor) { config.setProcessor(entry.getKey(), (Processor)val); } else if (val == null) { config.setProcessor(entry.getKey(), (Class<?>)null); Object val = entry.getValue(); if (val instanceof Class<?>) { config.setValidator(entry.getKey(), (Class<?>)val); } else if (val instanceof Validator) { config.setValidator(entry.getKey(), (Validator)val);
long ttl = WSS4JUtils.getSecurityTokenLifetime(exchange.getOutMessage()); String tokenType = null; Element el = DOMUtils.getFirstElement(requestEl); while (el != null) { String localName = el.getLocalName(); if (namespace.equals(el.getNamespaceURI())) { if ("Entropy".equals(localName)) { Element bs = DOMUtils.getFirstElement(el); if (bs != null) { clientEntropy = XMLUtils.decode(bs.getTextContent()); el = DOMUtils.getNextElement(el); NegotiationUtils.getWSCVersion(tokenType), writer.getDocument(), tokenIdToRenew, instance); sct.setID(WSSConfig.getNewInstance().getIdAllocator() .createSecureId("sctId-", sct.getElement())); } else { sct = new SecurityContextToken( NegotiationUtils.getWSCVersion(tokenType), writer.getDocument()); sct.setID(WSSConfig.getNewInstance().getIdAllocator() .createSecureId("sctId-", sct.getElement()));
) { SecurityTokenReference secRefSaml = new SecurityTokenReference(doc); String secRefID = wssConfig.getIdAllocator().createSecureId("STR-", secRefSaml); secRefSaml.setID(secRefID); secRefSaml.addTokenType(WSS4JConstants.WSS_SAML2_TOKEN_TYPE); keyId.setAttributeNS( null, "ValueType", valueType ); keyId.appendChild(doc.createTextNode(id)); Element elem = secRefSaml.getElement(); elem.appendChild(keyId);
CAS4.DS_NS, "SignatureMethod"); String sAlgorithm = aSignatureAlgorithm == null ? null : aSignatureAlgorithm.getAttribute ("Algorithm"); final ECryptoAlgorithmSign eSignAlgo = ECryptoAlgorithmSign.getFromURIOrNull (sAlgorithm); sAlgorithm = aSignedNode == null ? null : aSignedNode.getAttribute ("Algorithm"); final ECryptoAlgorithmSignDigest eSignDigestAlgo = ECryptoAlgorithmSignDigest.getFromURIOrNull (sAlgorithm); final RequestData aRequestData = new RequestData (); aRequestData.setCallbackHandler (aKeyStoreCallback); if (aAttachments.isNotEmpty ()) aRequestData.setAttachmentCallbackHandler (aAttachmentCallbackHandler); aRequestData.setSigVerCrypto (AS4ServerSettings.getAS4CryptoFactory ().getCrypto ()); aRequestData.setDecCrypto (AS4ServerSettings.getAS4CryptoFactory ().getCrypto ()); aRequestData.setWssConfig (WSSConfig.getNewInstance ());
RequestData requestData = new RequestData(); requestData.setSigVerCrypto(crypto); requestData.setWssConfig(WSSConfig.getNewInstance()); requestData.setCallbackHandler(callbackHandler); requestData.setMsgContext(tokenParameters.getMessageContext()); Document doc = DOMUtils.getEmptyDocument(); binarySecurity = new X509Security(doc); binarySecurity.setEncodingType(encodingType); binarySecurity.getElement().appendChild(textNode); } else if (validateTarget.isDOMElement()) { try { Document doc = DOMUtils.getEmptyDocument(); binarySecurity = new X509Security(doc); binarySecurity.setEncodingType(BASE64_ENCODING);
&& "EncryptedKey".equals(((Element)entropyObject).getLocalName())) { EncryptedKeyProcessor processor = new EncryptedKeyProcessor(); Element entropyElement = (Element)entropyObject; RequestData requestData = new RequestData(); requestData.setDecCrypto(stsProperties.getSignatureCrypto()); requestData.setCallbackHandler(stsProperties.getCallbackHandler()); requestData.setWssConfig(WSSConfig.getNewInstance()); requestData.setWsDocInfo(new WSDocInfo(entropyElement.getOwnerDocument())); try { List<WSSecurityEngineResult> results = } catch (WSSecurityException e) { LOG.log(Level.WARNING, "", e); throw new STSException(e.getMessage(), e, STSException.INVALID_REQUEST);
WSSecEncrypt encr = new WSSecEncrypt(secHeader); encr.setEncryptionSerializer(new StaxSerializer()); encr.setIdAllocator(wssConfig.getIdAllocator()); encr.setCallbackLookup(callbackLookup); encr.setAttachmentCallbackHandler(new AttachmentCallbackHandler(message)); encryptedKeyElement.appendChild(refList); LOG.log(Level.FINE, e.getMessage(), e); unassertPolicy(recToken, e);
config = WSSConfig.getNewInstance(); if (el.getFirstChild() == null) { el.getParentNode().removeChild(el);
Attr idAttr = elem.getAttributeNodeNS(null, "Id"); if (idAttr == null) { idAttr = elem.getAttributeNodeNS(PolicyConstants.WSU_NAMESPACE_URI, "Id"); } else { id = wssConfig.getIdAllocator().createId("_", elem); String pfx = null; try { pfx = elem.lookupPrefix(PolicyConstants.WSU_NAMESPACE_URI); } catch (Throwable t) { pfx = DOMUtils.getPrefixRecursive(elem, PolicyConstants.WSU_NAMESPACE_URI); ns = elem.lookupNamespaceURI(pfx); } catch (Throwable t) { ns = DOMUtils.getNamespace(elem, pfx);
protected void validateToken(Message message, SamlAssertionWrapper assertion) { try { RequestData data = new RequestData(); if (assertion.isSigned()) { WSSConfig cfg = WSSConfig.getNewInstance(); data.setWssConfig(cfg); data.setCallbackHandler(RSSecurityUtils.getCallbackHandler(message, this.getClass())); try { data.setSigVerCrypto(new CryptoLoader().getCrypto(message, WSDocInfo docInfo = new WSDocInfo(sig.getDOM().getOwnerDocument()); data.setWsDocInfo(docInfo); KeyInfo keyInfo = sig.getKeyInfo();
private List<WSSecurityEngineResult> processToken(Element tokenElement, final SoapMessage message) throws WSSecurityException { RequestData data = new CXFRequestData(); Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message); try { data.setCallbackHandler(SecurityUtils.getCallbackHandler(o)); } catch (Exception ex) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex); } data.setMsgContext(message); data.setWssConfig(WSSConfig.getNewInstance()); WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument()); data.setWsDocInfo(wsDocInfo); BinarySecurityTokenProcessor p = new BinarySecurityTokenProcessor(); return p.handleToken(tokenElement, data); }
CallbackHandler callbackHandler = stsProperties.getCallbackHandler(); RequestData requestData = new RequestData(); requestData.setSigVerCrypto(sigCrypto); WSSConfig wssConfig = WSSConfig.getNewInstance(); requestData.setWssConfig(wssConfig); requestData.setCallbackHandler(callbackHandler); requestData.setMsgContext(tokenParameters.getMessageContext()); Document doc = DOMUtils.getEmptyDocument(); Element rootElement = doc.createElement("root-element"); JAXBElement<UsernameTokenType> tokenType = ); marshaller.marshal(tokenType, rootElement); usernameTokenElement = (Element)rootElement.getFirstChild(); } catch (JAXBException ex) { LOG.log(Level.WARNING, "", ex);
Crypto sigCrypto = stsProperties.getSignatureCrypto(); CallbackHandler callbackHandler = stsProperties.getCallbackHandler(); RequestData requestData = new RequestData(); requestData.setSigVerCrypto(sigCrypto); WSSConfig wssConfig = WSSConfig.getNewInstance(); requestData.setWssConfig(wssConfig); WSDocInfo docInfo = new WSDocInfo(((Element)tokenToRenew.getToken()).getOwnerDocument()); requestData.setWsDocInfo(docInfo);
XMLUtils.getDirectChildElement(tmpE, "CipherValue", WSS4JConstants.ENC_NS); if (tmpE != null) { String content = DOMUtils.getContent(tmpE); cipherValue = org.apache.xml.security.utils.XMLUtils.decode(content); throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, "noCipher"); WSDocInfo docInfo = new WSDocInfo(child.getOwnerDocument()); RequestData data = new RequestData(); data.setWssConfig(WSSConfig.getNewInstance()); data.setDecCrypto(createCrypto(true)); data.setCallbackHandler(createHandler()); data.setWsDocInfo(docInfo);
RequestData requestData = new RequestData(); requestData.setSigVerCrypto(sigCrypto); WSSConfig wssConfig = WSSConfig.getNewInstance(); requestData.setWssConfig(wssConfig); requestData.setCallbackHandler(callbackHandler); requestData.setMsgContext(tokenParameters.getMessageContext()); requestData.setSubjectCertConstraints(certConstraints.getCompiledSubjectContraints()); requestData.setWsDocInfo(new WSDocInfo(validateTargetElement.getOwnerDocument()));