result = 31 * result + nonce.hashCode(); String created = getCreated(); if (created != null) { result = 31 * result + created.hashCode();
/** * Creates a new <code>UsernameTokenProcessingResult</code> instance to indicate that processing of the username * token part was completed successfully. * * @param target The target of the WS-Security header this username token is part of * @param wss4jToken The WSS4J token that includes result of processing the username token */ public UsernameTokenProcessingResult(final SecurityHeaderTarget target, final UsernameToken wss4jToken) { super(target); this.username = wss4jToken.getName(); this.password = wss4jToken.getPassword(); this.passwordType = WSConstants.PASSWORD_DIGEST.equals(wss4jToken.getPasswordType()) ? UTPasswordType.DIGEST : UTPasswordType.TEXT; this.nonce = wss4jToken.getNonce(); this.created = wss4jToken.getCreated(); }
if (hashed) { if (passwordsAreEncoded) { node.setData(doPasswordDigest(getNonce(), getCreated(), org.apache.xml.security.utils.XMLUtils.decode(pwd))); } else { node.setData(doPasswordDigest(getNonce(), getCreated(), pwd));
@Override protected void verifyDigestPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { if (!supportDigestPasswords) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } String user = usernameToken.getName(); String password = usernameToken.getPassword(); boolean isHashed = usernameToken.isHashed(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( user, password, isHashed, nonce, createdTime ); }
@Override protected void verifyDigestPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { if (!supportDigestPasswords) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } String user = usernameToken.getName(); String password = usernameToken.getPassword(); boolean isHashed = usernameToken.isHashed(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( user, password, isHashed, nonce, createdTime ); }
@Override protected void verifyDigestPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { if (!supportDigestPasswords) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } String user = usernameToken.getName(); String password = usernameToken.getPassword(); boolean isHashed = usernameToken.isHashed(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); SubjectCreatingInterceptor.this.setSubject( user, password, isHashed, nonce, createdTime ); }
String createdString = getCreated(); if (createdString != null && !"".equals(createdString)) { try {
String password = usernameToken.getPassword(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); String pwType = usernameToken.getPasswordType(); boolean passwordsAreEncoded = usernameToken.getPasswordsAreEncoded();
/** * Create a WSUsernameTokenPrincipal from this UsernameToken object */ public Principal createPrincipal() throws WSSecurityException { WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(getName(), isHashed()); String nonce = getNonce(); if (nonce != null) { principal.setNonce(org.apache.xml.security.utils.XMLUtils.decode(nonce)); } principal.setPassword(getPassword()); principal.setCreatedTime(getCreated()); return principal; }
return false; if (!compare(usernameToken.getCreated(), getCreated())) { return false;
public Credential validate(Credential credential, RequestData data) throws WSSecurityException { Credential cred = super.validate(credential, data); UsernameToken ut = credential.getUsernametoken(); WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed()); principal.setCreatedTime(ut.getCreated()); principal.setNonce(principal.getNonce()); principal.setPassword(ut.getPassword()); principal.setPasswordType(ut.getPasswordType()); Subject subject = new Subject(); subject.getPrincipals().add(principal); if ("Alice".equals(ut.getName())) { subject.getPrincipals().add(new SimpleGroup("manager", ut.getName())); } subject.getPrincipals().add(new SimpleGroup("worker", ut.getName())); cred.setSubject(subject); return cred; } }
protected UsernameTokenPrincipal parseTokenAndCreatePrincipal(Element tokenElement, boolean bspCompliant) throws WSSecurityException, Base64DecodingException { BSPEnforcer bspEnforcer = new org.apache.wss4j.common.bsp.BSPEnforcer(!bspCompliant); org.apache.wss4j.dom.message.token.UsernameToken ut = new org.apache.wss4j.dom.message.token.UsernameToken(tokenElement, false, bspEnforcer); WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed()); if (ut.getNonce() != null) { principal.setNonce(XMLUtils.decode(ut.getNonce())); } principal.setPassword(ut.getPassword()); principal.setCreatedTime(ut.getCreated()); principal.setPasswordType(ut.getPasswordType()); return principal; }
protected UsernameTokenPrincipal parseTokenAndCreatePrincipal(Element tokenElement, boolean bspCompliant) throws WSSecurityException, Base64DecodingException { BSPEnforcer bspEnforcer = new org.apache.wss4j.common.bsp.BSPEnforcer(!bspCompliant); org.apache.wss4j.dom.message.token.UsernameToken ut = new org.apache.wss4j.dom.message.token.UsernameToken(tokenElement, false, bspEnforcer); WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed()); if (ut.getNonce() != null) { principal.setNonce(XMLUtils.decode(ut.getNonce())); } principal.setPassword(ut.getPassword()); principal.setCreatedTime(ut.getCreated()); principal.setPasswordType(ut.getPasswordType()); return principal; }
principal = createPrincipal( ut.getName(), ut.getPassword(), ut.getPasswordType(), ut.getNonce(), ut.getCreated() );
principal = createPrincipal( ut.getName(), ut.getPassword(), ut.getPasswordType(), ut.getNonce(), ut.getCreated() );
principal.setCreatedTime(token.getCreated()); principal.setPasswordType(token.getPasswordType()); result.put(WSSecurityEngineResult.TAG_PRINCIPAL, principal);
&& (usernameToken.getCreated() == null || usernameToken.isHashed())) { ai.setNotAsserted("Username Token Created policy not enforced"); return false;
&& (usernameToken.getCreated() == null || usernameToken.isHashed())) { ai.setNotAsserted("Username Token Created policy not enforced"); return false;