protected SecurityContext createSecurityContext(Message msg, Credential credential) { SamlAssertionWrapper samlAssertion = credential.getTransformedToken(); if (samlAssertion == null) { samlAssertion = credential.getSamlAssertion(); } if (samlAssertion != null) { String roleAttributeName = (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.SAML_ROLE_ATTRIBUTENAME, msg); if (roleAttributeName == null || roleAttributeName.length() == 0) { roleAttributeName = SAML_ROLE_ATTRIBUTENAME_DEFAULT; } ClaimCollection claims = SAMLUtils.getClaims(samlAssertion); Set<Principal> roles = SAMLUtils.parseRolesFromClaims(claims, roleAttributeName, null); SAMLSecurityContext context = new SAMLSecurityContext(credential.getPrincipal(), roles, claims); context.setIssuer(SAMLUtils.getIssuer(samlAssertion)); context.setAssertionElement(SAMLUtils.getAssertionElement(samlAssertion)); return context; } return createSecurityContext(credential.getPrincipal()); }
WSSecurityEngineResult.TAG_TRANSFORMED_TOKEN, credential.getTransformedToken() ); if (credential.getPrincipal() != null) { result.put(WSSecurityEngineResult.TAG_PRINCIPAL, credential.getPrincipal()); } else { SAMLTokenPrincipalImpl samlPrincipal = result.put(WSSecurityEngineResult.TAG_PRINCIPAL, samlPrincipal); } else if (credential.getPrincipal() != null) { result.put(WSSecurityEngineResult.TAG_PRINCIPAL, credential.getPrincipal()); } else { result.put(WSSecurityEngineResult.TAG_PRINCIPAL, new SAMLTokenPrincipalImpl(samlAssertion));
returnedCredential.getTransformedToken() ); if (credential.getPrincipal() != null) { result.put(WSSecurityEngineResult.TAG_PRINCIPAL, credential.getPrincipal()); } else { SAMLTokenPrincipalImpl samlPrincipal = result.put(WSSecurityEngineResult.TAG_PRINCIPAL, samlPrincipal); } else if (credential.getPrincipal() != null) { result.put(WSSecurityEngineResult.TAG_PRINCIPAL, credential.getPrincipal()); } else if (certs != null && certs[0] != null) { result.put(WSSecurityEngineResult.TAG_PRINCIPAL, certs[0].getSubjectX500Principal());
WSSecurityEngineResult.TAG_TRANSFORMED_TOKEN, credential.getTransformedToken() ); if (credential.getPrincipal() != null) { result.put(WSSecurityEngineResult.TAG_PRINCIPAL, credential.getPrincipal()); } else { SAMLTokenPrincipalImpl samlPrincipal = result.put(WSSecurityEngineResult.TAG_PRINCIPAL, samlPrincipal); } else if (credential.getPrincipal() != null) { result.put(WSSecurityEngineResult.TAG_PRINCIPAL, credential.getPrincipal()); } else { WSUsernameTokenPrincipalImpl principal =
protected void validate(Message message) throws WSSecurityException { AuthorizationPolicy policy = message.get(AuthorizationPolicy.class); if (policy == null || policy.getUserName() == null || policy.getPassword() == null) { String name = null; if (policy != null) { name = policy.getUserName(); } String errorMsg = "No user name and/or password is available, name: " + name; LOG.warning(errorMsg); throw new SecurityException(errorMsg); } UsernameToken token = convertPolicyToToken(policy); Credential credential = new Credential(); credential.setUsernametoken(token); RequestData data = new RequestData(); data.setMsgContext(message); data.setCallbackHandler(callbackHandler); credential = getValidator().validate(credential, data); // Create a Principal/SecurityContext SecurityContext sc = null; if (credential != null && credential.getPrincipal() != null) { sc = createSecurityContext(message, credential); } else { Principal p = new WSUsernameTokenPrincipalImpl(policy.getUserName(), false); ((WSUsernameTokenPrincipalImpl)p).setPassword(policy.getPassword()); sc = createSecurityContext(p); } message.put(SecurityContext.class, sc); }
credential.setUsernametoken(ut); credential = validator.validate(credential, requestData); principal = credential.getPrincipal(); if (credential.getSubject() != null && roleParser != null) {
principal = trustCredential.getPrincipal();
credential.setUsernametoken(ut); credential = validator.validate(credential, requestData); principal = credential.getPrincipal(); if (credential.getSubject() != null && roleParser != null) {
Principal principal = returnedCredential.getPrincipal(); if (principal == null) { principal = returnedCredential.getCertificates()[0].getSubjectX500Principal();
Principal principal = returnedCredential.getPrincipal(); if (principal == null) { principal = returnedCredential.getCertificates()[0].getSubjectX500Principal();
principal = trustCredential.getPrincipal();