public Node buildSecurityHeader(String username, String password) throws WSSecurityException, ParserConfigurationException, SAXException, IOException{ //XML Document builder with a root node DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setNamespaceAware(true); DocumentBuilder builder = factory.newDocumentBuilder(); InputSource inStream = new InputSource(); inStream.setCharacterStream(new StringReader("<root></root>")); Document document = builder.parse(inStream); //<wsse:UsernameToken> WSSecUsernameToken usernametoken = new WSSecUsernameToken(); usernametoken.setPasswordType(WSConstants.PASSWORD_DIGEST); usernametoken.setUserInfo(username, password); //<wsse:Security> WSSecHeader secHeader = new WSSecHeader(document); secHeader.insertSecurityHeader(); //Generates the Document with <root><Header><wsse:Security>... usernametoken.build(document, secHeader); //Extract the desired node Node securityNode = document.getElementsByTagName("wsse:Security").item(0); return securityNode; }
WSSecUsernameToken builder = new WSSecUsernameToken(); builder.setPasswordType(WSConstants.PASSWORD_TEXT); // set user name an password builder.setUserInfo("wernerd", "verySecret"); // create a sample soap message Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); WSSecHeader secHeader = new WSSecHeader(doc); secHeader.insertSecurityHeader(); // create the soap message with WSS headers Document signedDoc = builder.build(doc, secHeader); // simply print the result System.out.println(XMLUtils.prettyDocumentToString(signedDoc));
SOAPPart soappart = message.getSOAPPart(); SOAPEnvelope envelope = soappart.getEnvelope(); SOAPHeader header = envelope.getHeader(); WSSecHeader wsheader = new WSSecHeader(); wsheader.insertSecurityHeader(soappart); WSSecUsernameToken token = new WSSecUsernameToken(); token.setPasswordType(WSConstants.PASSWORD_DIGEST); token.setUserInfo("myuser", "mypass"); token.build(soappart, wsheader);
builder.setUserInfo(username, password);
utBuilder.setIdAllocator(wssConfig.getIdAllocator()); utBuilder.setWsTimeSource(wssConfig.getCurrentTime()); utBuilder.setUserInfo(userName, null); utBuilder.setPasswordType(null); return utBuilder; utBuilder.setUserInfo(userName, password); return utBuilder;
utBuilder.setIdAllocator(wssConfig.getIdAllocator()); utBuilder.setWsTimeSource(wssConfig.getCurrentTime()); utBuilder.setUserInfo(userName, null); utBuilder.setPasswordType(null); return utBuilder; utBuilder.setUserInfo(userName, password); return utBuilder;
utBuilder.setUserInfo(userName, null); utBuilder.setPasswordType(null); } else { utBuilder.setPasswordType(WSS4JConstants.PASSWORD_TEXT); utBuilder.setUserInfo(userName, password); } else { unassertPolicy(token, "No password available");
utBuilder.setUserInfo(userName, null); utBuilder.setPasswordType(null); } else { utBuilder.setPasswordType(WSS4JConstants.PASSWORD_TEXT); utBuilder.setUserInfo(userName, password); } else { unassertPolicy(token, "No password available");
protected WSSecUsernameToken addDKUsernameToken(UsernameToken token, boolean useMac) { assertToken(token); if (!isTokenRequired(token.getIncludeTokenType())) { return null; } String userName = (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.USERNAME, message); if (!StringUtils.isEmpty(userName)) { WSSecUsernameToken utBuilder = new WSSecUsernameToken(secHeader); utBuilder.setIdAllocator(wssConfig.getIdAllocator()); utBuilder.setWsTimeSource(wssConfig.getCurrentTime()); String password = (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.PASSWORD, message); if (StringUtils.isEmpty(password)) { password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN); } if (!StringUtils.isEmpty(password)) { // If the password is available then build the token utBuilder.setUserInfo(userName, password); utBuilder.addDerivedKey(useMac, null, 1000); utBuilder.prepare(); } else { unassertPolicy(token, "No password available"); return null; } return utBuilder; } unassertPolicy(token, "No username available"); return null; }
protected WSSecUsernameToken addDKUsernameToken(UsernameToken token, boolean useMac) { assertToken(token); if (!isTokenRequired(token.getIncludeTokenType())) { return null; } String userName = (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.USERNAME, message); if (!StringUtils.isEmpty(userName)) { WSSecUsernameToken utBuilder = new WSSecUsernameToken(secHeader); utBuilder.setIdAllocator(wssConfig.getIdAllocator()); utBuilder.setWsTimeSource(wssConfig.getCurrentTime()); String password = (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.PASSWORD, message); if (StringUtils.isEmpty(password)) { password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN); } if (!StringUtils.isEmpty(password)) { // If the password is available then build the token utBuilder.setUserInfo(userName, password); utBuilder.addDerivedKey(useMac, null, 1000); utBuilder.prepare(); } else { unassertPolicy(token, "No password available"); return null; } return utBuilder; } unassertPolicy(token, "No username available"); return null; }
builder.addDerivedKey(useMac, null, iterations); builder.setUserInfo(reqData.getUsername(), passwordCallback.getPassword()); builder.addCreated(); builder.addNonce();
builder.setPasswordType(reqData.getPwType()); builder.setPasswordsAreEncoded(reqData.isEncodePasswords()); builder.setUserInfo(username, password); builder.setWsDocInfo(reqData.getWsDocInfo()); builder.setExpandXopInclude(reqData.isExpandXopInclude());