Package com.sun.xml.wss

Examples of com.sun.xml.wss.XWSSecurityException

1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
                encContent = true;

                encContentparser = new EncryptedContentHeaderParser(reader, parentNS, context);
                ed = encContentparser.getEncryptedData();
            } else {
                throw new XWSSecurityException("Wrong Encrypted SOAP Header");
            }
            if (ed != null) {
                context.setEdIdforEh(ed.getId());
            }

            //for policy verification
            if (!encContent) {
                if (ek != null) {
                    if (ek.getPolicy() != null) {
                        ek.getPolicy().setKeyBinding(ek.getInferredKB());
                    }
                    decryptedData = ed.getDecryptedData(ek.getKey(ed.getEncryptionAlgorithm()));
                } else if (rlh != null) {
                    rlh.getPolicy().setKeyBinding(ed.getInferredKB());
                    decryptedData = ed.getDecryptedData();
                } else {
                    throw new XWSSecurityException("Internal Error: Both EncryptedKey and ReferenceList set to null");
                }
                //

                if (decryptedData.getEventType() == XMLStreamReader.START_DOCUMENT) {
                    decryptedData.next();
                }
                if (decryptedData.getEventType() != XMLStreamReader.START_ELEMENT) {
                    StreamUtil.moveToNextElement(decryptedData);
                }
            } else {
                if (ek != null) {
                    if (ek.getPolicy() != null) {
                        ek.getPolicy().setKeyBinding(ek.getInferredKB());
                    }
                    decryptedIS = ed.getCipherInputStream(ek.getKey(ed.getEncryptionAlgorithm()));
                } else if (rlh != null) {
                    rlh.getPolicy().setKeyBinding(ed.getInferredKB());
                    decryptedIS = ed.getCipherInputStream();
                }
            }

            GenericSecuredHeader gsh = null;
            if (!encContent) {
                Map<String, String> headerBlockNamespaces = parentNS;
                // Collect namespaces on SOAP header block
                if (decryptedData.getNamespaceCount() > 0) {
                    headerBlockNamespaces = new HashMap<String, String>(parentNS);
                    for (int k = 0; k < decryptedData.getNamespaceCount(); k++) {
                        headerBlockNamespaces.put(decryptedData.getNamespacePrefix(k), decryptedData.getNamespaceURI(k));
                    }
                }
                // Mark
                //XMLStreamBuffer mark = new XMLStreamBufferMark(headerBlockNamespaces, creator);
                gsh = new GenericSecuredHeader(decryptedData, soapVersion, creator, (HashMap) headerBlockNamespaces, staxIF, context.getEncHeaderContent());
            } else {

                XMLStreamReader decryptedHeader = encContentparser.getDecryptedElement(decryptedIS);

                if (decryptedHeader.getEventType() == XMLStreamReader.START_DOCUMENT) {
                    decryptedHeader.next();
                }
                if (decryptedHeader.getEventType() != XMLStreamReader.START_ELEMENT) {
                    StreamUtil.moveToNextElement(decryptedHeader);
                }
                Map<String, String> headerBlockNamespaces = parentNS;
                // Collect namespaces on SOAP header block
                if (decryptedHeader.getNamespaceCount() > 0) {
                    headerBlockNamespaces = new HashMap<String, String>(parentNS);
                    for (int k = 0; k < decryptedHeader.getNamespaceCount(); k++) {
                        String prefix = decryptedHeader.getNamespacePrefix(k);
                        if (prefix == null) {
                            prefix = "";
                        }
                        headerBlockNamespaces.put(prefix, decryptedHeader.getNamespaceURI(k));
                    }
                }
                gsh = new GenericSecuredHeader(decryptedHeader, soapVersion, creator, (HashMap) headerBlockNamespaces, staxIF, context.getEncHeaderContent());
            }
            QName gshQName = new QName(gsh.getNamespaceURI(), gsh.getLocalPart());
            if (eh != null) {
                encQNames.put(eh.getId(), gshQName);
                edAlgos.put(eh.getId(), ed.getEncryptionAlgorithm());
            } else {
                encQNames.put(ed.getId(), gshQName);
                edAlgos.put(ed.getId(), ed.getEncryptionAlgorithm());
            }

            return gsh;
        } catch (XMLStreamException ex) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1615_ERROR_DECRYPTING_ENCRYPTED_DATA(), ex);
            throw new XWSSecurityException("Error occurred while decrypting EncryptedData ", ex);
        } catch (XMLStreamBufferException ex) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1615_ERROR_DECRYPTING_ENCRYPTED_DATA(), ex);
            throw new XWSSecurityException("Error occurred while decrypting EncryptedData", ex);
        }
    }
View Full Code Here
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
        if (samlCbHandler != null) {
            try {
                samlHandler = (CallbackHandler) samlCbHandler.newInstance();
            } catch (InstantiationException ex) {
                log.log(Level.SEVERE, LogStringsMessages.WSS_0715_EXCEPTION_CREATING_NEWINSTANCE(), ex);
                throw new XWSSecurityException(ex);
            } catch (IllegalAccessException ex) {
                log.log(Level.SEVERE, LogStringsMessages.WSS_0715_EXCEPTION_CREATING_NEWINSTANCE(), ex);
                throw new XWSSecurityException(ex);
            }
        }

        sV = configAssertions.getProperty(DefaultCallbackHandler.SAML_VALIDATOR);
        if (sV != null) {
            samlValidator = loadClass(sV);
        }

        if (samlValidator != null) {
            try {
                sValidator = (SAMLAssertionValidator) samlValidator.newInstance();
            } catch (InstantiationException ex) {
                log.log(Level.SEVERE, LogStringsMessages.WSS_0715_EXCEPTION_CREATING_NEWINSTANCE(), ex);
                throw new XWSSecurityException(ex);
            } catch (IllegalAccessException ex) {
                log.log(Level.SEVERE, LogStringsMessages.WSS_0715_EXCEPTION_CREATING_NEWINSTANCE(), ex);
                throw new XWSSecurityException(ex);
            }
        }

        mcs = configAssertions.getProperty(DefaultCallbackHandler.MAX_CLOCK_SKEW_PROPERTY);
        tfl = configAssertions.getProperty(DefaultCallbackHandler.TIMESTAMP_FRESHNESS_LIMIT_PROPERTY);
        mna = configAssertions.getProperty(DefaultCallbackHandler.MAX_NONCE_AGE_PROPERTY);

        revocationEnabledAttr = configAssertions.getProperty(DefaultCallbackHandler.REVOCATION_ENABLED);
        if (revocationEnabledAttr != null) {
            this.revocationEnabled = Boolean.parseBoolean(revocationEnabledAttr);
        }
        maxClockSkewG = SecurityUtil.toLong(mcs);
        timestampFreshnessLimitG = SecurityUtil.toLong(tfl);
        if (mna != null) {
            maxNonceAge = SecurityUtil.toLong(mna);
        }

        useXWSSCallbacksStr = configAssertions.getProperty(DefaultCallbackHandler.USE_XWSS_CALLBACKS);
        if (useXWSSCallbacksStr != null) {
            this.useXWSSCallbacks = Boolean.parseBoolean(useXWSSCallbacksStr);
        }
        String cV = configAssertions.getProperty(DefaultCallbackHandler.CERTIFICATE_VALIDATOR);
        certificateValidator = loadClass(cV);
        String uV = configAssertions.getProperty(DefaultCallbackHandler.USERNAME_VALIDATOR);
        String tV = configAssertions.getProperty(DefaultCallbackHandler.TIMESTAMP_VALIDATOR);
        usernameValidator = loadClass(uV);
        timestampValidator = loadClass(tV);
        usernameCbHandler = loadClass(uCBH);
        passwordCbHandler = loadClass(pCBH);
       
        try {
            if (certificateValidator != null) {
                certValidator = (CertificateValidationCallback.CertificateValidator) certificateValidator.newInstance();
            }
            if (usernameValidator != null) {
                pwValidator = (com.sun.xml.wss.impl.callback.PasswordValidationCallback.PasswordValidator) usernameValidator.newInstance();
            }
            if (timestampValidator != null) {
                tsValidator = (TimestampValidationCallback.TimestampValidator) timestampValidator.newInstance();
            }
        } catch (Exception e) {
            log.log(Level.SEVERE, com.sun.xml.wss.logging.impl.misc.LogStringsMessages.WSS_1523_ERROR_GETTING_NEW_INSTANCE_CALLBACK_HANDLER(), e);
            throw new XWSSecurityException(e);
        }

        //determine if we are in an AppClient
        NameCallback nameCallback = new NameCallback("Username: ");
        try {
View Full Code Here
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
            privateKey = (PrivateKey) pkCallback.getKey();
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0216_CALLBACKHANDLER_HANDLE_EXCEPTION("PrivateKeyCallback.AliasRequest"),
                    new Object[] { "PrivateKeyCallback.AliasRequest"});
            log.log(Level.SEVERE,LogStringsMessages.WSS_0217_CALLBACKHANDLER_HANDLE_EXCEPTION_LOG(),e);
             throw new XWSSecurityException(e);
        }

        if (privateKey == null) {
            log.log(Level.SEVERE,LogStringsMessages.WSS_0222_CANNOT_LOCATE_PRIVKEY(alias), new Object[] {alias});
           throw new XWSSecurityException(
             "Unable to locate private key for the alias: " + alias);
        }

        return privateKey;
    }
View Full Code Here
525
526
527
528
529
530
531
532
           return pkCallback.getKey();
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0216_CALLBACKHANDLER_HANDLE_EXCEPTION("PrivateKeyCallback.SubjectKeyIDRequest"),
                    new Object[] { "PrivateKeyCallback.SubjectKeyIDRequest"});
            log.log(Level.SEVERE,LogStringsMessages.WSS_0217_CALLBACKHANDLER_HANDLE_EXCEPTION_LOG(),e);
            throw new XWSSecurityException(e);
        }
    }
View Full Code Here
592
593
594
595
596
597
598
599
           return pkCallback.getKey();
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0216_CALLBACKHANDLER_HANDLE_EXCEPTION("PrivateKeyCallback.IssuerSerialNumRequest"),
                    new Object[] { "PrivateKeyCallback.IssuerSerialNumRequest"});
            log.log(Level.SEVERE,LogStringsMessages.WSS_0217_CALLBACKHANDLER_HANDLE_EXCEPTION_LOG(),e);
            throw new XWSSecurityException(e);
        }
     }
View Full Code Here
660
661
662
663
664
665
666
667
           return pkCallback.getKey();
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0216_CALLBACKHANDLER_HANDLE_EXCEPTION("PrivateKeyCallback.IssuerSerialNumRequest"),
                    new Object[] { "PrivateKeyCallback.IssuerSerialNumRequest"});
            log.log(Level.SEVERE,LogStringsMessages.WSS_0217_CALLBACKHANDLER_HANDLE_EXCEPTION_LOG(),e);
            throw new XWSSecurityException(e);
        }
    }
View Full Code Here
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
            _handler.handle(_callbacks);
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0216_CALLBACKHANDLER_HANDLE_EXCEPTION("PrivateKeyCallback with null argument"),
                    new Object[] { "PrivateKeyCallback with null argument"});
            log.log(Level.SEVERE,LogStringsMessages.WSS_0217_CALLBACKHANDLER_HANDLE_EXCEPTION_LOG(),e);
            throw new XWSSecurityException(e);
        }
       
        Certificate[] chain = pkCallback.getChain();
        if (chain == null) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0296_NULL_CHAIN_CERT());
           throw new XWSSecurityException(
            "Empty certificate chain returned by PrivateKeyCallback");
        }
        return (X509Certificate)chain[0];
    }
View Full Code Here
762
763
764
765
766
767
768
769
770
771
772
        try {
           _handler.handle(callbacks);
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0216_CALLBACKHANDLER_HANDLE_EXCEPTION( "Authenticating User against list of Known username-password pairs"),
                    new Object[] { "Authenticating User against list of Known username-password pairs"});
           throw new XWSSecurityException(e);
        }

        // zero the password
        if (pwd != null)
           pvCallback.clearPassword();
View Full Code Here
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
                if (log.isLoggable(Level.FINE)) {
                    log.log(Level.FINE, "The Supplied JMAC CallbackHandler does not support com.sun.xml.wss.impl.callback.PasswordValidationCallback.DigestPasswordRequest");
                }
            } catch (Exception e) {
                log.log(Level.SEVERE, LogStringsMessages.WSS_0225_FAILED_PASSWORD_VALIDATION_CALLBACK(), e);
                throw new XWSSecurityException(e);
            }
        }
        try {
            RealmAuthenticationAdapter adapter = RealmAuthenticationAdapter.newInstance(null);
            if (adapter != null) {
                result = adapter.authenticate(getSubject(context), username, passwordDigest, nonce, created, context);
            } else {
                log.log(Level.SEVERE, LogStringsMessages.WSS_0295_PASSWORD_VAL_NOT_CONFIG_USERNAME_VAL());
                throw new XWSSecurityException("Error: No PasswordValidator Configured for UsernameToken Validation");
            }
        } catch (Exception e) {
            log.log(Level.SEVERE, LogStringsMessages.WSS_0225_FAILED_PASSWORD_VALIDATION_CALLBACK(), e);
            throw new XWSSecurityException(e);
        }
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, "Username Authentication done for " + username);
        }
        return result;
View Full Code Here
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
        if(cert.getIssuerX500Principal().equals(cert.getSubjectX500Principal())){
            if(isTrustedSelfSigned(cert)){
                return true;
            }else{
                log.log(Level.SEVERE, com.sun.xml.wss.logging.impl.misc.LogStringsMessages.WSS_1533_X_509_SELF_SIGNED_CERTIFICATE_NOT_VALID());
                throw new XWSSecurityException("Validation of self signed certificate failed");
            }
        }

        //check keyUsage
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(cert);
        PKIXBuilderParameters parameters;
        CertPathValidator certPathValidator = null;
        CertPath certPath = null;       
        List<Certificate> certChainList = new ArrayList<Certificate>();
        boolean caFound = false;
        Principal certChainIssuer = null;       
        int noOfEntriesInTrustStore = 0;
        boolean isIssuerCertMatched = false;
       
        try {
            Callback[] callbacks = null;
            CertStoreCallback csCallback = null;
            TrustStoreCallback tsCallback = null;

            if (tsCallback == null && csCallback == null) {
               csCallback = new CertStoreCallback();
               tsCallback = new TrustStoreCallback();
               callbacks = new Callback[] { csCallback, tsCallback };
            } else if (csCallback == null) {
               csCallback = new CertStoreCallback();
               callbacks = new Callback[] { csCallback };
            } else if (tsCallback == null) {
               tsCallback = new TrustStoreCallback();
               callbacks = new Callback[] { tsCallback };
            }

           
           try {
             _handler.handle(callbacks);
           } catch (Exception e) {
               log.log(Level.SEVERE, LogStringsMessages.WSS_0216_CALLBACKHANDLER_HANDLE_EXCEPTION("Validate an X509Certificate"),
                    new Object[] { "Validate an X509Certificate"});
             throw new XWSSecurityException(e);
           }
          
            Certificate[] certChain = null;
            String certAlias = tsCallback.getTrustStore().getCertificateAlias(cert);
            if(certAlias!= null){
View Full Code Here
TOP

Related Classes of com.sun.xml.wss.XWSSecurityException

  • com.sun.xml.rpc.security.SecurityPluginUtil
  • com.sun.xml.ws.security.impl.IssuedTokenContextImpl
  • com.sun.xml.ws.security.impl.kerberos.KerberosLogin
  • com.sun.xml.ws.security.opt.impl.crypto.JAXBDataImpl
  • com.sun.xml.ws.security.opt.impl.dsig.DSigResolver
  • com.sun.xml.ws.security.opt.impl.dsig.SignatureElementFactory
  • com.sun.xml.ws.security.opt.impl.incoming.DerivedKeyToken
  • com.sun.xml.ws.security.opt.impl.incoming.EncryptedData
  • com.sun.xml.ws.security.opt.impl.incoming.EncryptedKey
  • com.sun.xml.ws.security.opt.impl.incoming.KeySelectorImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.