/** * Sets the web service specification settings. * <p> * The default settings follow the latest OASIS and changing anything might violate the OASIS specs. * * @param config web service security configuration or {@code null} to use default settings */ public void setWssConfig(WSSConfig config) { securityEngine.setWssConfig(config); wssConfig = config; }
/** * Sets the web service specification settings. * <p> * The default settings follow the latest OASIS and changing anything might violate the OASIS specs. * * @param config web service security configuration or {@code null} to use default settings */ public void setWssConfig(WSSConfig config) { securityEngine.setWssConfig(config); wssConfig = config; }
/** * Sets the web service specification settings. * <p> * The default settings follow the latest OASIS and changing anything might violate the OASIS specs. * * @param config web service security configuration or {@code null} to use default settings */ public void setWssConfig(WSSConfig config) { securityEngine.setWssConfig(config); wssConfig = config; }
SOAPMessage soapMessage = MessageFactory.newInstance().createMessage(null, new ByteArrayInputStream(soapRequest.getBytes())); FileInputStream is = new FileInputStream(keyStore); KeyPair keypair = null; KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(is, keyStorePwd.toCharArray()); Certificate cert = null; Key key = keystore.getKey(alias, keyStorePwd.toCharArray()); if (key instanceof PrivateKey) { cert = keystore.getCertificate(alias); PublicKey publicKey = cert.getPublicKey(); keypair = new KeyPair(publicKey, (PrivateKey) key); } Properties properties = new Properties(); properties.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin"); Crypto crypto = CryptoFactory.getInstance(properties); keystore.setKeyEntry(alias, keypair.getPrivate(), keyStorePwd.toCharArray(), new Certificate[]{cert}); ((Merlin) crypto).setKeyStore(keystore); crypto.loadCertificate(new ByteArrayInputStream(cert.getEncoded())); WSSecurityEngine engine = new WSSecurityEngine(); WSSConfig config = WSSConfig.getNewInstance(); config.setWsiBSPCompliant(false); engine.setWssConfig(config); List<WSSecurityEngineResult> res = engine.processSecurityHeader(toDocument(soapMessage), null, null, crypto); for (WSSecurityEngineResult ers : res) { LOG.trace("Details of security header after validation {}" , ers.toString()); } LOG.debug("Validation code executed");
@Override protected WSSecurityEngine getSecurityEngine(boolean utNoCallbacks) { WSSConfig config = WSSConfig.getNewInstance(); config.setValidator(WSConstants.USERNAME_TOKEN, new CustomValidator()); WSSecurityEngine ret = new WSSecurityEngine(); ret.setWssConfig(config); return ret; }
@Override protected WSSecurityEngine getSecurityEngine(boolean utNoCallbacks) { WSSConfig config = WSSConfig.getNewInstance(); config.setValidator(WSConstants.USERNAME_TOKEN, new CustomValidator()); WSSecurityEngine ret = new WSSecurityEngine(); ret.setWssConfig(config); return ret; }
secEngineOverride.setWssConfig(config);
secEngineOverride.setWssConfig(config);
/** * @return the WSSecurityEngine in use by this interceptor. * This engine is defined to be the secEngineOverride * instance, if defined in this class (and supplied through * construction); otherwise, it is taken to be the default * WSSecEngine instance (currently defined in the WSHandler * base class). */ protected WSSecurityEngine getSecurityEngine(boolean utWithCallbacks) { if (secEngineOverride != null) { return secEngineOverride; } if (!utWithCallbacks) { WSSConfig config = WSSConfig.getNewInstance(); config.setValidator(WSConstants.USERNAME_TOKEN, new NoOpValidator()); WSSecurityEngine ret = new WSSecurityEngine(); ret.setWssConfig(config); return ret; } return null; }
/** * @return the WSSecurityEngine in use by this interceptor. * This engine is defined to be the secEngineOverride * instance, if defined in this class (and supplied through * construction); otherwise, it is taken to be the default * WSSecEngine instance (currently defined in the WSHandler * base class). */ protected WSSecurityEngine getSecurityEngine(boolean utWithCallbacks) { if (secEngineOverride != null) { return secEngineOverride; } if (!utWithCallbacks) { WSSConfig config = WSSConfig.getNewInstance(); config.setValidator(WSConstants.USERNAME_TOKEN, new NoOpValidator()); WSSecurityEngine ret = new WSSecurityEngine(); ret.setWssConfig(config); return ret; } return null; }
if (config != null) { engine = new WSSecurityEngine(); engine.setWssConfig(config); } else { engine = getSecurityEngine(utWithCallbacks);
if (config != null) { engine = new WSSecurityEngine(); engine.setWssConfig(config); } else { engine = getSecurityEngine(utWithCallbacks);