/** * Sets the security token reference of the derived key token * This is the reference to the shared secret used in the conversation/context * * @param ref Security token reference */ public void setSecurityTokenReference(SecurityTokenReference ref) { elementSecurityTokenReference = ref.getElement(); WSSecurityUtil.prependChildElement(element, ref.getElement()); }
protected void marshalKeyInfo(WSDocInfo wsDocInfo) throws WSSecurityException { List<XMLStructure> kiChildren = null; if (customKeyInfoElement == null) { XMLStructure structure = new DOMStructure(secRef.getElement()); wsDocInfo.addTokenElement(secRef.getElement(), false); kiChildren = Collections.singletonList(structure); } else { Node kiChild = customKeyInfoElement.getFirstChild(); kiChildren = new ArrayList<>(); while (kiChild != null) { kiChildren.add(new DOMStructure(kiChild)); kiChild = kiChild.getNextSibling(); } } KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); keyInfo = keyInfoFactory.newKeyInfo(kiChildren, keyInfoUri); }
Element writeSecurityTokenReference( W3CDOMStreamWriter writer, String id, String refValueType ) { Reference ref = new Reference(writer.getDocument()); ref.setURI(id); if (refValueType != null) { ref.setValueType(refValueType); } SecurityTokenReference str = new SecurityTokenReference(writer.getDocument()); str.addWSSENamespace(); str.setReference(ref); writer.getCurrentNode().appendChild(str.getElement()); return str.getElement(); }
Element writeSecurityTokenReference( W3CDOMStreamWriter writer, String id, String refValueType ) { Reference ref = new Reference(writer.getDocument()); ref.setURI(id); if (refValueType != null) { ref.setValueType(refValueType); } SecurityTokenReference str = new SecurityTokenReference(writer.getDocument()); str.addWSSENamespace(); str.setReference(ref); writer.getCurrentNode().appendChild(str.getElement()); return str.getElement(); }
/** * Prepend the SAML elements to the elements already in the Security header. * * The method can be called any time after <code>prepare()</code>. This * allows to insert the SAML elements at any position in the Security * header. * * This methods first prepends the SAML security reference if mode is * <code>senderVouches</code>, then the SAML token itself, */ public void prependSAMLElementsToHeader() { Element securityHeaderElement = getSecurityHeader().getSecurityHeaderElement(); if (senderVouches) { WSSecurityUtil.prependChildElement(securityHeaderElement, secRefSaml.getElement()); } WSSecurityUtil.prependChildElement(securityHeaderElement, samlToken); }
SecurityTokenReference secRef = createSTRForSamlAssertion(el.getOwnerDocument(), id, saml1, false); Element clone = cloneElement(secRef.getElement()); addSupportingElement(clone); part = new WSEncryptionPart("STRTransform", null, "Element");
Element writeSecurityTokenReference( W3CDOMStreamWriter writer, String id, String instance, String refValueType ) { Reference ref = new Reference(writer.getDocument()); ref.setURI(id); if (refValueType != null) { ref.setValueType(refValueType); } SecurityTokenReference str = new SecurityTokenReference(writer.getDocument()); str.addWSSENamespace(); str.setReference(ref); if (instance != null) { try { Element firstChildElement = str.getFirstElement(); if (firstChildElement != null) { int version = NegotiationUtils.getWSCVersion(refValueType); String ns = ConversationConstants.getWSCNs(version); firstChildElement.setAttributeNS(ns, "wsc:" + ConversationConstants.INSTANCE_LN, instance); } } catch (WSSecurityException e) { //just return without wsc:Instance } } writer.getCurrentNode().appendChild(str.getElement()); return str.getElement(); }
); keyId.appendChild(doc.createTextNode(id)); Element elem = secRefSaml.getElement(); elem.appendChild(keyId);
Element writeSecurityTokenReference( W3CDOMStreamWriter writer, String id, String instance, String refValueType ) { Reference ref = new Reference(writer.getDocument()); ref.setURI(id); if (refValueType != null) { ref.setValueType(refValueType); } SecurityTokenReference str = new SecurityTokenReference(writer.getDocument()); str.addWSSENamespace(); str.setReference(ref); if (instance != null) { try { Element firstChildElement = str.getFirstElement(); if (firstChildElement != null) { int version = NegotiationUtils.getWSCVersion(refValueType); String ns = ConversationConstants.getWSCNs(version); firstChildElement.setAttributeNS(ns, "wsc:" + ConversationConstants.INSTANCE_LN, instance); } } catch (WSSecurityException e) { //just return without wsc:Instance } } writer.getCurrentNode().appendChild(str.getElement()); return str.getElement(); }
); keyId.appendChild(doc.createTextNode(id)); Element elem = secRefSaml.getElement(); elem.appendChild(keyId);
WSSecurityUtil.setNamespace(secRef.getElement(), WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK); return createBSTX509(doc, certs[0], secRef.getElement(), secRef.getKeyIdentifierEncodingType()); } else if (secRef.containsKeyIdentifier()) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK); return createBSTX509(doc, certs[0], secRef.getElement());
/** * Create a KeyInfo object * @throws ConversationException */ private KeyInfo createKeyInfo() throws WSSecurityException { KeyInfo keyInfo = new KeyInfo(getDocument()); SecurityTokenReference secToken = new SecurityTokenReference(getDocument()); secToken.addWSSENamespace(); Reference ref = new Reference(getDocument()); ref.setURI("#" + getId()); String ns = ConversationConstants.getWSCNs(getWscVersion()) + ConversationConstants.TOKEN_TYPE_DERIVED_KEY_TOKEN; ref.setValueType(ns); secToken.setReference(ref); keyInfo.addUnknownElement(secToken.getElement()); Element keyInfoElement = keyInfo.getElement(); keyInfoElement.setAttributeNS( WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS ); return keyInfo; }
computeSignature(referenceList, secRefSaml.getElement()); } else { computeSignature(referenceList, samlToken);
secRef.setReference(ref); XMLStructure structure = new DOMStructure(secRef.getElement()); wsDocInfo.addTokenElement(secRef.getElement(), false); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); keyInfo =
); keyId.appendChild(getDocument().createTextNode(samlAssertion.getId())); Element elem = secRef.getElement(); elem.appendChild(keyId);
SamlAssertionWrapper samlAssertion = STRParserUtil.getAssertionFromKeyIdentifier( secRef, secRef.getElement(), data ); STRParserUtil.checkSamlTokenBSPCompliance(secRef, samlAssertion, data.getBSPEnforcer());
dkEncr.setExternalKey(encrTok.getSecret(), tokenRef.getElement()); } else { if (attached) {
tokenRef.addTokenType(WSS4JConstants.WSS_ENC_KEY_VALUE_TYPE); dkSign.setExternalKey(tok.getSecret(), tokenRef.getElement());
tokenRef.addTokenType(WSS4JConstants.WSS_ENC_KEY_VALUE_TYPE); dkSign.setExternalKey(tok.getSecret(), tokenRef.getElement());