LOG.debug("UsernameToken password type {}", pwType); if (usernameToken.isHashed()) { LOG.warn("Authentication failed as hashed username token not supported"); throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
@Override protected void verifyDigestPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { if (!supportDigestPasswords) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } String user = usernameToken.getName(); String password = usernameToken.getPassword(); boolean isHashed = usernameToken.isHashed(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( user, password, isHashed, nonce, createdTime ); }
@Override protected void verifyDigestPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { if (!supportDigestPasswords) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } String user = usernameToken.getName(); String password = usernameToken.getPassword(); boolean isHashed = usernameToken.isHashed(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject( user, password, isHashed, nonce, createdTime ); }
if (usernameToken.isHashed()) { verifyDigestPassword(usernameToken, data); } else if (WSConstants.PASSWORD_TEXT.equals(pwType)
boolean isHashPassword = passwordType == PasswordType.HashPassword; boolean isNoPassword = passwordType == PasswordType.NoPassword; if (isHashPassword != usernameToken.isHashed()) { ai.setNotAsserted("Password hashing policy not enforced"); return false; && (usernameToken.getCreated() == null || usernameToken.isHashed())) { ai.setNotAsserted("Username Token Created policy not enforced"); return false; && (usernameToken.getNonce() == null || usernameToken.isHashed())) { ai.setNotAsserted("Username Token Nonce policy not enforced"); return false;
boolean isHashPassword = passwordType == PasswordType.HashPassword; boolean isNoPassword = passwordType == PasswordType.NoPassword; if (isHashPassword != usernameToken.isHashed()) { ai.setNotAsserted("Password hashing policy not enforced"); return false; && (usernameToken.getCreated() == null || usernameToken.isHashed())) { ai.setNotAsserted("Username Token Created policy not enforced"); return false; && (usernameToken.getNonce() == null || usernameToken.isHashed())) { ai.setNotAsserted("Username Token Nonce policy not enforced"); return false;
@Override protected void verifyDigestPassword( org.apache.wss4j.dom.message.token.UsernameToken usernameToken, RequestData data ) throws WSSecurityException { if (!supportDigestPasswords) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } String user = usernameToken.getName(); String password = usernameToken.getPassword(); boolean isHashed = usernameToken.isHashed(); String nonce = usernameToken.getNonce(); String createdTime = usernameToken.getCreated(); SubjectCreatingInterceptor.this.setSubject( user, password, isHashed, nonce, createdTime ); }
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); if (usernameToken.isHashed()) { String passDigest; if (passwordsAreEncoded) {
/** * Create a WSUsernameTokenPrincipal from this UsernameToken object */ public Principal createPrincipal() throws WSSecurityException { WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(getName(), isHashed()); String nonce = getNonce(); if (nonce != null) { principal.setNonce(org.apache.xml.security.utils.XMLUtils.decode(nonce)); } principal.setPassword(getPassword()); principal.setCreatedTime(getCreated()); return principal; }
public Credential validate(Credential credential, RequestData data) throws WSSecurityException { Credential cred = super.validate(credential, data); UsernameToken ut = credential.getUsernametoken(); WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed()); principal.setCreatedTime(ut.getCreated()); principal.setNonce(principal.getNonce()); principal.setPassword(ut.getPassword()); principal.setPasswordType(ut.getPasswordType()); Subject subject = new Subject(); subject.getPrincipals().add(principal); if ("Alice".equals(ut.getName())) { subject.getPrincipals().add(new SimpleGroup("manager", ut.getName())); } subject.getPrincipals().add(new SimpleGroup("worker", ut.getName())); cred.setSubject(subject); return cred; } }
protected UsernameTokenPrincipal parseTokenAndCreatePrincipal(Element tokenElement, boolean bspCompliant) throws WSSecurityException, Base64DecodingException { BSPEnforcer bspEnforcer = new org.apache.wss4j.common.bsp.BSPEnforcer(!bspCompliant); org.apache.wss4j.dom.message.token.UsernameToken ut = new org.apache.wss4j.dom.message.token.UsernameToken(tokenElement, false, bspEnforcer); WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed()); if (ut.getNonce() != null) { principal.setNonce(XMLUtils.decode(ut.getNonce())); } principal.setPassword(ut.getPassword()); principal.setCreatedTime(ut.getCreated()); principal.setPasswordType(ut.getPasswordType()); return principal; }
protected UsernameTokenPrincipal parseTokenAndCreatePrincipal(Element tokenElement, boolean bspCompliant) throws WSSecurityException, Base64DecodingException { BSPEnforcer bspEnforcer = new org.apache.wss4j.common.bsp.BSPEnforcer(!bspCompliant); org.apache.wss4j.dom.message.token.UsernameToken ut = new org.apache.wss4j.dom.message.token.UsernameToken(tokenElement, false, bspEnforcer); WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed()); if (ut.getNonce() != null) { principal.setNonce(XMLUtils.decode(ut.getNonce())); } principal.setPassword(ut.getPassword()); principal.setCreatedTime(ut.getCreated()); principal.setPasswordType(ut.getPasswordType()); return principal; }
} else { WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(token.getName(), token.isHashed()); if (token.getNonce() != null) { principal.setNonce(XMLUtils.decode(token.getNonce()));