public Validator getValidator() { if (validator != null) { return validator; } return new UsernameTokenValidator(); }
/** * Verify a UsernameToken containing a plaintext password. It does this by querying a * CallbackHandler instance to obtain a password for the given username, and then comparing * it against the received password. * This method currently uses the same LOG.c as the verifyDigestPassword case, but it in * a separate protected method to allow users to override the validation of the plaintext * password specific case. * @param usernameToken The UsernameToken instance to verify * @throws WSSecurityException on a failed authentication. */ protected void verifyPlaintextPassword(UsernameToken usernameToken, RequestData data) throws WSSecurityException { verifyDigestPassword(usernameToken, data); }
/** * Verify a UsernameToken containing a password of some unknown (but specified) password * type. It does this by querying a CallbackHandler instance to obtain a password for the * given username, and then comparing it against the received password. * This method currently uses the same LOG.c as the verifyPlaintextPassword case, but it in * a separate protected method to allow users to override the validation of the custom * password type specific case. * @param usernameToken The UsernameToken instance to verify * @throws WSSecurityException on a failed authentication. */ protected void verifyCustomPassword(UsernameToken usernameToken, RequestData data) throws WSSecurityException { verifyPlaintextPassword(usernameToken, data); }
verifyDigestPassword(usernameToken, data); } else if (WSConstants.PASSWORD_TEXT.equals(pwType) || password != null && (pwType == null || "".equals(pwType.trim()))) { verifyPlaintextPassword(usernameToken, data); } else if (password != null) { if (!handleCustomPasswordTypes) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); verifyCustomPassword(usernameToken, data); } else { verifyUnknownPassword(usernameToken, data);
@Override public UserSubject createSubject(Client client, String user, String pass) { Document doc = DOMUtils.getEmptyDocument(); UsernameToken token = new UsernameToken(false, doc, WSS4JConstants.PASSWORD_TEXT); token.setName(user); token.setPassword(pass); Credential credential = new Credential(); credential.setUsernametoken(token); RequestData data = new RequestData(); data.setMsgContext(PhaseInterceptorChain.getCurrentMessage()); data.setCallbackHandler(callbackHandler); UsernameTokenValidator validator = new UsernameTokenValidator(); try { credential = validator.validate(credential, data); UserSubject subject = new UserSubject(); subject.setLogin(user); return subject; } catch (Exception ex) { throw ExceptionUtils.toInternalServerErrorException(ex, null); } }
public Credential validate(Credential credential, RequestData data) throws WSSecurityException { Credential cred = super.validate(credential, data); UsernameToken ut = credential.getUsernametoken(); WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed()); principal.setCreatedTime(ut.getCreated()); principal.setNonce(principal.getNonce()); principal.setPassword(ut.getPassword()); principal.setPasswordType(ut.getPasswordType()); Subject subject = new Subject(); subject.getPrincipals().add(principal); if ("Alice".equals(ut.getName())) { subject.getPrincipals().add(new SimpleGroup("manager", ut.getName())); } subject.getPrincipals().add(new SimpleGroup("worker", ut.getName())); cred.setSubject(subject); return cred; } }
final RequestData data) throws WSSecurityException { super.verifyDigestPassword(usernameToken, data);