@Override protected void verifyUnknownPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( usernameToken.getName(), null, false, null, null ); }
@Override protected void verifyUnknownPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( usernameToken.getName(), null, false, null, null ); }
@Override protected void verifyUnknownPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { SubjectCreatingInterceptor.this.setSubject( usernameToken.getName(), null, false, null, null ); }
@Override protected void verifyCustomPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( usernameToken.getName(), usernameToken.getPassword(), false, null, null ); }
@Override protected void verifyCustomPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( usernameToken.getName(), usernameToken.getPassword(), false, null, null ); }
@Override protected void verifyPlaintextPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( usernameToken.getName(), usernameToken.getPassword(), false, null, null ); }
@Override protected void verifyPlaintextPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( usernameToken.getName(), usernameToken.getPassword(), false, null, null ); }
@Override protected void verifyPlaintextPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { SubjectCreatingInterceptor.this.setSubject( usernameToken.getName(), usernameToken.getPassword(), false, null, null ); }
@Override protected void verifyCustomPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { SubjectCreatingInterceptor.this.setSubject( usernameToken.getName(), usernameToken.getPassword(), false, null, null ); }
@Override public int hashCode() { int result = 17; String username = getName(); if (username != null) { result = 31 * result + username.hashCode();
/** * Creates a new <code>UsernameTokenProcessingResult</code> instance to indicate that processing of the username * token part was completed successfully. * * @param target The target of the WS-Security header this username token is part of * @param wss4jToken The WSS4J token that includes result of processing the username token */ public UsernameTokenProcessingResult(final SecurityHeaderTarget target, final UsernameToken wss4jToken) { super(target); this.username = wss4jToken.getName(); this.password = wss4jToken.getPassword(); this.passwordType = WSConstants.PASSWORD_DIGEST.equals(wss4jToken.getPasswordType()) ? UTPasswordType.DIGEST : UTPasswordType.TEXT; this.nonce = wss4jToken.getNonce(); this.created = wss4jToken.getCreated(); }
/** * Set the raw (plain text) password used to compute secret key. */ public void setRawPassword(CallbackHandler callbackHandler) throws WSSecurityException { if (callbackHandler == null) { LOG.debug("CallbackHandler is null"); throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } WSPasswordCallback pwCb = new WSPasswordCallback( getName(), getPassword(), getPasswordType(), WSPasswordCallback.USERNAME_TOKEN ); try { callbackHandler.handle(new Callback[]{pwCb}); } catch (IOException | UnsupportedCallbackException e) { LOG.debug(e.getMessage(), e); throw new WSSecurityException( WSSecurityException.ErrorCode.FAILED_AUTHENTICATION, e ); } rawPassword = pwCb.getPassword(); }
final WSPasswordCallback pwCb = new WSPasswordCallback(usernameToken.getName(), null, usernameToken.getPasswordType(), WSPasswordCallback.USERNAME_TOKEN); try { data.getCallbackHandler().handle(new Callback[]{pwCb}); final String user = usernameToken.getName(); final String password = pwCb.getPassword(); final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
public Credential validate(Credential credential, RequestData data) throws WSSecurityException { Credential cred = super.validate(credential, data); UsernameToken ut = credential.getUsernametoken(); WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed()); principal.setCreatedTime(ut.getCreated()); principal.setNonce(principal.getNonce()); principal.setPassword(ut.getPassword()); principal.setPasswordType(ut.getPasswordType()); Subject subject = new Subject(); subject.getPrincipals().add(principal); if ("Alice".equals(ut.getName())) { subject.getPrincipals().add(new SimpleGroup("manager", ut.getName())); } subject.getPrincipals().add(new SimpleGroup("worker", ut.getName())); cred.setSubject(subject); return cred; } }
@Override protected void verifyDigestPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { if (!supportDigestPasswords) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } String user = usernameToken.getName(); String password = usernameToken.getPassword(); boolean isHashed = usernameToken.isHashed(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( user, password, isHashed, nonce, createdTime ); }
@Override protected void verifyDigestPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { if (!supportDigestPasswords) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } String user = usernameToken.getName(); String password = usernameToken.getPassword(); boolean isHashed = usernameToken.isHashed(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( user, password, isHashed, nonce, createdTime ); }
@Override protected void verifyDigestPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { if (!supportDigestPasswords) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } String user = usernameToken.getName(); String password = usernameToken.getPassword(); boolean isHashed = usernameToken.isHashed(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); SubjectCreatingInterceptor.this.setSubject( user, password, isHashed, nonce, createdTime ); }
/** * Create a WSUsernameTokenPrincipal from this UsernameToken object */ public Principal createPrincipal() throws WSSecurityException { WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(getName(), isHashed()); String nonce = getNonce(); if (nonce != null) { principal.setNonce(org.apache.xml.security.utils.XMLUtils.decode(nonce)); } principal.setPassword(getPassword()); principal.setCreatedTime(getCreated()); return principal; }
protected UsernameTokenPrincipal parseTokenAndCreatePrincipal(Element tokenElement, boolean bspCompliant) throws WSSecurityException, Base64DecodingException { BSPEnforcer bspEnforcer = new org.apache.wss4j.common.bsp.BSPEnforcer(!bspCompliant); org.apache.wss4j.dom.message.token.UsernameToken ut = new org.apache.wss4j.dom.message.token.UsernameToken(tokenElement, false, bspEnforcer); WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed()); if (ut.getNonce() != null) { principal.setNonce(XMLUtils.decode(ut.getNonce())); } principal.setPassword(ut.getPassword()); principal.setCreatedTime(ut.getCreated()); principal.setPasswordType(ut.getPasswordType()); return principal; }
protected UsernameTokenPrincipal parseTokenAndCreatePrincipal(Element tokenElement, boolean bspCompliant) throws WSSecurityException, Base64DecodingException { BSPEnforcer bspEnforcer = new org.apache.wss4j.common.bsp.BSPEnforcer(!bspCompliant); org.apache.wss4j.dom.message.token.UsernameToken ut = new org.apache.wss4j.dom.message.token.UsernameToken(tokenElement, false, bspEnforcer); WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed()); if (ut.getNonce() != null) { principal.setNonce(XMLUtils.decode(ut.getNonce())); } principal.setPassword(ut.getPassword()); principal.setCreatedTime(ut.getCreated()); principal.setPasswordType(ut.getPasswordType()); return principal; }