/** * @return the WSSConfig object set on this instance */ public final WSSConfig getWssConfig() { if (wssConfig == null) { wssConfig = WSSConfig.getNewInstance(); } return wssConfig; }
private WSSConfig getWsConfig() { if (wssConfig == null) { wssConfig = WSSConfig.getNewInstance(); } return wssConfig; } }
@Override protected WSSecurityEngine getSecurityEngine(boolean utNoCallbacks) { WSSConfig config = WSSConfig.getNewInstance(); config.setValidator(WSConstants.USERNAME_TOKEN, new CustomValidator()); WSSecurityEngine ret = new WSSecurityEngine(); ret.setWssConfig(config); return ret; }
@Override protected WSSecurityEngine getSecurityEngine(boolean utNoCallbacks) { WSSConfig config = WSSConfig.getNewInstance(); config.setValidator(WSConstants.USERNAME_TOKEN, new CustomValidator()); WSSecurityEngine ret = new WSSecurityEngine(); ret.setWssConfig(config); return ret; }
/** * @return the WSSecurityEngine in use by this interceptor. * This engine is defined to be the secEngineOverride * instance, if defined in this class (and supplied through * construction); otherwise, it is taken to be the default * WSSecEngine instance (currently defined in the WSHandler * base class). */ protected WSSecurityEngine getSecurityEngine(boolean utWithCallbacks) { if (secEngineOverride != null) { return secEngineOverride; } if (!utWithCallbacks) { WSSConfig config = WSSConfig.getNewInstance(); config.setValidator(WSConstants.USERNAME_TOKEN, new NoOpValidator()); WSSecurityEngine ret = new WSSecurityEngine(); ret.setWssConfig(config); return ret; } return null; }
/** * @return the WSSecurityEngine in use by this interceptor. * This engine is defined to be the secEngineOverride * instance, if defined in this class (and supplied through * construction); otherwise, it is taken to be the default * WSSecEngine instance (currently defined in the WSHandler * base class). */ protected WSSecurityEngine getSecurityEngine(boolean utWithCallbacks) { if (secEngineOverride != null) { return secEngineOverride; } if (!utWithCallbacks) { WSSConfig config = WSSConfig.getNewInstance(); config.setValidator(WSConstants.USERNAME_TOKEN, new NoOpValidator()); WSSecurityEngine ret = new WSSecurityEngine(); ret.setWssConfig(config); return ret; } return null; }
/** Verifies the timestamp. * @param result*/ protected void verifyTimestamp(WSHandlerResult result) throws WSSecurityException { List<WSSecurityEngineResult> results = result.getActionResults().get(WSConstants.TS); if (!CollectionUtils.isEmpty(results)) { WSSecurityEngineResult actionResult = results.get(0); Timestamp timestamp = (Timestamp) actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP); if (timestamp != null && timestampStrict) { Credential credential = new Credential(); credential.setTimestamp(timestamp); RequestData requestData = new RequestData(); requestData.setWssConfig(WSSConfig.getNewInstance()); requestData.setTimeStampTTL(validationTimeToLive); requestData.setTimeStampStrict(timestampStrict); requestData.setTimeStampFutureTTL(futureTimeToLive); TimestampValidator validator = new TimestampValidator(); validator.validate(credential, requestData); } } }
/** Verifies the timestamp. * @param result*/ protected void verifyTimestamp(WSHandlerResult result) throws WSSecurityException { List<WSSecurityEngineResult> results = result.getActionResults().get(WSConstants.TS); if (!CollectionUtils.isEmpty(results)) { WSSecurityEngineResult actionResult = results.get(0); Timestamp timestamp = (Timestamp) actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP); if (timestamp != null && timestampStrict) { Credential credential = new Credential(); credential.setTimestamp(timestamp); RequestData requestData = new RequestData(); requestData.setWssConfig(WSSConfig.getNewInstance()); requestData.setTimeStampTTL(validationTimeToLive); requestData.setTimeStampStrict(timestampStrict); requestData.setTimeStampFutureTTL(futureTimeToLive); TimestampValidator validator = new TimestampValidator(); validator.validate(credential, requestData); } } }
/** Verifies the timestamp. * @param result*/ protected void verifyTimestamp(WSHandlerResult result) throws WSSecurityException { List<WSSecurityEngineResult> results = result.getActionResults().get(WSConstants.TS); if (!CollectionUtils.isEmpty(results)) { WSSecurityEngineResult actionResult = results.get(0); Timestamp timestamp = (Timestamp) actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP); if (timestamp != null && timestampStrict) { Credential credential = new Credential(); credential.setTimestamp(timestamp); RequestData requestData = new RequestData(); requestData.setWssConfig(WSSConfig.getNewInstance()); requestData.setTimeStampTTL(validationTimeToLive); requestData.setTimeStampStrict(timestampStrict); requestData.setTimeStampFutureTTL(futureTimeToLive); TimestampValidator validator = new TimestampValidator(); validator.validate(credential, requestData); } } }
private List<WSSecurityEngineResult> processToken(Element tokenElement, final SoapMessage message) throws WSSecurityException { RequestData data = new CXFRequestData(); Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message); try { data.setCallbackHandler(SecurityUtils.getCallbackHandler(o)); } catch (Exception ex) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex); } data.setMsgContext(message); data.setWssConfig(WSSConfig.getNewInstance()); WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument()); data.setWsDocInfo(wsDocInfo); BinarySecurityTokenProcessor p = new BinarySecurityTokenProcessor(); return p.handleToken(tokenElement, data); }
private List<WSSecurityEngineResult> processToken(Element tokenElement, final SoapMessage message) throws WSSecurityException { RequestData data = new CXFRequestData(); Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message); try { data.setCallbackHandler(SecurityUtils.getCallbackHandler(o)); } catch (Exception ex) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex); } data.setMsgContext(message); data.setWssConfig(WSSConfig.getNewInstance()); WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument()); data.setWsDocInfo(wsDocInfo); BinarySecurityTokenProcessor p = new BinarySecurityTokenProcessor(); return p.handleToken(tokenElement, data); }
ut.setPassword(password); WSSConfig config = WSSConfig.getNewInstance(); ut.setID(config.getIdAllocator().createId("UsernameToken-", ut));
private List<WSSecurityEngineResult> processToken(Element tokenElement, final SoapMessage message) throws WSSecurityException { RequestData data = new CXFRequestData(); Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message); try { data.setCallbackHandler(SecurityUtils.getCallbackHandler(o)); } catch (Exception ex) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex); } data.setMsgContext(message); data.setWssConfig(WSSConfig.getNewInstance()); data.setSigVerCrypto(getCrypto(null, SecurityConstants.SIGNATURE_CRYPTO, SecurityConstants.SIGNATURE_PROPERTIES, message)); WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument()); data.setWsDocInfo(wsDocInfo); SAMLTokenProcessor p = new SAMLTokenProcessor(); return p.handleToken(tokenElement, data); }
private List<WSSecurityEngineResult> processToken(Element tokenElement, final SoapMessage message) throws WSSecurityException { RequestData data = new CXFRequestData(); Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message); try { data.setCallbackHandler(SecurityUtils.getCallbackHandler(o)); } catch (Exception ex) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex); } data.setMsgContext(message); data.setWssConfig(WSSConfig.getNewInstance()); data.setSigVerCrypto(getCrypto(null, SecurityConstants.SIGNATURE_CRYPTO, SecurityConstants.SIGNATURE_PROPERTIES, message)); WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument()); data.setWsDocInfo(wsDocInfo); SAMLTokenProcessor p = new SAMLTokenProcessor(); return p.handleToken(tokenElement, data); }
WSDocInfo docInfo = new WSDocInfo(child.getOwnerDocument()); RequestData data = new RequestData(); data.setWssConfig(WSSConfig.getNewInstance()); data.setDecCrypto(createCrypto(true)); data.setCallbackHandler(createHandler());
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof NameCallback) { NameCallback nameCallback = (NameCallback)callbacks[i]; nameCallback.setName("alice"); } else if (callbacks[i] instanceof PasswordCallback) { PasswordCallback passwordCallback = (PasswordCallback)callbacks[i]; passwordCallback.setPassword("alice".toCharArray()); } else if (callbacks[i] instanceof WSPasswordCallback) { WSPasswordCallback wsPasswordCallback = (WSPasswordCallback)callbacks[i]; // Get a custom (Kerberos) token directly using the WSS4J APIs if (wsPasswordCallback.getUsage() == WSPasswordCallback.CUSTOM_TOKEN) { KerberosSecurity kerberosSecurity = new KerberosSecurity(DOMUtils.getEmptyDocument()); try { kerberosSecurity.retrieveServiceTicket("alice", this, "bob@service.ws.apache.org", false, false, null); kerberosSecurity.addWSUNamespace(); WSSConfig wssConfig = WSSConfig.getNewInstance(); kerberosSecurity.setID(wssConfig.getIdAllocator().createSecureId("BST-", kerberosSecurity)); wsPasswordCallback.setCustomToken(kerberosSecurity.getElement()); } catch (WSSecurityException e) { // TODO Auto-generated catch block e.printStackTrace(); } } } } }
static String setupClient(STSClient client, SoapMessage message, AssertionInfoMap aim) { client.setTrust(NegotiationUtils.getTrust10(aim)); client.setTrust(NegotiationUtils.getTrust13(aim)); Policy p = new Policy(); ExactlyOne ea = new ExactlyOne(); p.addPolicyComponent(ea); All all = new All(); all.addPolicyComponent(NegotiationUtils.getAddressingPolicy(aim, false)); ea.addPolicyComponent(all); client.setPolicy(p); client.setSoap11(message.getVersion() == Soap11.getInstance()); client.setSpnego(true); WSSConfig config = WSSConfig.getNewInstance(); String context = config.getIdAllocator().createSecureId("_", null); client.setContext(context); String s = message.getContextualProperty(Message.ENDPOINT_ADDRESS).toString(); client.setLocation(s); AlgorithmSuite suite = NegotiationUtils.getAlgorithmSuite(aim); if (suite != null) { client.setAlgorithmSuite(suite); int x = suite.getAlgorithmSuiteType().getMaximumSymmetricKeyLength(); if (x < 256) { client.setKeySize(x); } } Map<String, Object> ctx = client.getRequestContext(); mapSecurityProps(message, ctx); return s; }
@Override public SecurityToken requestSecurityToken() throws Exception { KerberosSecurity bst = new KerberosSecurity(DOMUtils.createDocument()); bst.setValueType(WSConstants.WSS_GSS_KRB_V5_AP_REQ); bst.setToken(token); bst.addWSUNamespace(); bst.setID(WSSConfig.getNewInstance().getIdAllocator().createSecureId("BST-", bst)); SecurityToken securityToken = new SecurityToken(bst.getID()); securityToken.setToken(bst.getElement()); securityToken.setWsuId(bst.getID()); securityToken.setData(bst.getToken()); String sha1 = Base64.encode(KeyUtils.generateDigest(bst.getToken())); securityToken.setSHA1(sha1); securityToken.setTokenType(bst.getValueType()); return securityToken; }
static String setupClient(STSClient client, SoapMessage message, AssertionInfoMap aim) { client.setTrust(NegotiationUtils.getTrust10(aim)); client.setTrust(NegotiationUtils.getTrust13(aim)); Policy p = new Policy(); ExactlyOne ea = new ExactlyOne(); p.addPolicyComponent(ea); All all = new All(); all.addPolicyComponent(NegotiationUtils.getAddressingPolicy(aim, false)); ea.addPolicyComponent(all); client.setPolicy(p); client.setSoap11(message.getVersion() == Soap11.getInstance()); client.setSpnego(true); WSSConfig config = WSSConfig.getNewInstance(); String context = config.getIdAllocator().createSecureId("_", null); client.setContext(context); String s = message.getContextualProperty(Message.ENDPOINT_ADDRESS).toString(); client.setLocation(s); AlgorithmSuite suite = NegotiationUtils.getAlgorithmSuite(aim); if (suite != null) { client.setAlgorithmSuite(suite); int x = suite.getAlgorithmSuiteType().getMaximumSymmetricKeyLength(); if (x < 256) { client.setKeySize(x); } } Map<String, Object> ctx = client.getRequestContext(); mapSecurityProps(message, ctx); return s; }
requestData.setWsDocInfo(new WSDocInfo(doc)); requestData.setSigVerCrypto(crypto.getSignatureCrypto()); WSSConfig wssConfig = WSSConfig.getNewInstance(); requestData.setWssConfig(wssConfig);