Package org.apache.cxf.security.transport

Examples of org.apache.cxf.security.transport.TLSSessionInfo

382
383
384
385
386
387
388
389
390
391
            (String) request.getAttribute(SSL_CIPHER_SUITE_ATTRIBUTE);
        if (cipherSuite != null) {
            final java.security.cert.Certificate[] certs =
                (java.security.cert.Certificate[]) request.getAttribute(SSL_PEER_CERT_CHAIN_ATTRIBUTE);
            message.put(TLSSessionInfo.class,
                        new TLSSessionInfo(cipherSuite,
                                           null,
                                           certs));
        }
    }
View Full Code Here
168
169
170
171
172
173
174
175
            message.put(SecurityContext.class, sc);
        }
    }
   
    private Certificate[] getTLSCertificates(Message message) {
        TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
        return tlsInfo != null ? tlsInfo.getPeerCertificates() : null;
    }
View Full Code Here
130
131
132
133
134
135
136
137
138
139
140
        return tok;
    }
   
    protected boolean isTLSInUse(SoapMessage message) {
        // See whether TLS is in use or not
        TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
        if (tlsInfo != null) {
            return true;
        }
        return false;
    }
View Full Code Here
96
97
98
99
100
101
102
103
104
105
106
107
            } catch (UntrustedURLConnectionIOException ex) {
                throw new Fault(ex);
            }
        } else {
            try {
                TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
                final Certificate[] certs = tlsInfo.getPeerCertificates();
                if (certs == null || certs.length == 0) {
                    throw new UntrustedURLConnectionIOException(
                        "No client certificates were found"
                    );
                } else {
View Full Code Here
171
172
173
174
175
176
177
178
179
180
181
182
183
184
       
        for (WSSecurityEngineResult samlResult : samlResults) {
            AssertionWrapper assertionWrapper =
                (AssertionWrapper)samlResult.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
           
            TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
            Certificate[] tlsCerts = null;
            if (tlsInfo != null) {
                tlsCerts = tlsInfo.getPeerCertificates();
            }
            if (!SAMLUtils.checkHolderOfKey(assertionWrapper, signedResults, tlsCerts)) {
                LOG.warning("Assertion fails holder-of-key requirements");
                throw new WSSecurityException(WSSecurityException.INVALID_SECURITY);
            }
View Full Code Here
90
91
92
93
94
95
96
97
98
99
100
101
102
103
               
                if (!checkVersion(samlToken, assertionWrapper)) {
                    ai.setNotAsserted("Wrong SAML Version");
                    continue;
                }
                TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
                Certificate[] tlsCerts = null;
                if (tlsInfo != null) {
                    tlsCerts = tlsInfo.getPeerCertificates();
                }
                if (!checkHolderOfKey(assertionWrapper, signedResults, tlsCerts)) {
                    ai.setNotAsserted("Assertion fails holder-of-key requirements");
                    continue;
                }
View Full Code Here
196
197
198
199
200
201
202
203
            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
        }
    }
   
    private Certificate[] getTLSCertificates(Message message) {
        TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
        return tlsInfo != null ? tlsInfo.getPeerCertificates() : null;
    }
View Full Code Here
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
                if (!isRequestor(message)) {
                    assertHttps(ais, message);
                    // Store the TLS principal on the message context
                    SecurityContext sc = message.get(SecurityContext.class);
                    if (sc == null || sc.getUserPrincipal() == null) {
                        TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);     
                        if (tlsInfo != null && tlsInfo.getPeerCertificates() != null
                                && tlsInfo.getPeerCertificates().length > 0
                                && (tlsInfo.getPeerCertificates()[0] instanceof X509Certificate)
                        ) {
                            X509Certificate cert = (X509Certificate)tlsInfo.getPeerCertificates()[0];
                            message.put(
                                SecurityContext.class, createSecurityContext(cert.getSubjectX500Principal())
                            );
                        }
                    }
View Full Code Here
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
                        || !auth.get(0).startsWith("Digest")) {
                        asserted = false;
                    }                       
                }

                TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);               
                if (tlsInfo != null) {
                    if (token.isRequireClientCertificate()
                        && (tlsInfo.getPeerCertificates() == null
                            || tlsInfo.getPeerCertificates().length == 0)) {
                        asserted = false;
                    }
                } else {
                    asserted = false;
                }               
View Full Code Here
456
457
458
459
460
461
462
463
464
465
466
        return null;
    }
   
    private boolean isTLSInUse() {
        // See whether TLS is in use or not
        TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
        if (tlsInfo != null) {
            return true;
        }
        return false;
    }
View Full Code Here
TOP

Related Classes of org.apache.cxf.security.transport.TLSSessionInfo

  • org.apache.cxf.interceptor.security.callback.CallbackHandlerTlsCert
  • org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrantHandler
  • org.apache.cxf.rs.security.oauth2.services.AbstractTokenService
  • org.apache.cxf.rs.security.saml.AbstractSamlInHandler
  • org.apache.cxf.sts.token.renewer.SAMLTokenRenewer$ProofOfPossessionValidator
  • org.apache.cxf.transport.http.AbstractHTTPDestination
  • org.apache.cxf.transport.http.netty.server.integration.SSLNettyServerTest$MySSLInterceptor
  • org.apache.cxf.transport.https.CertConstraintsInterceptor
  • org.apache.cxf.transport.https.SSLUtils
  • org.apache.cxf.ws.security.policy.interceptors.HttpsTokenInterceptorProvider$HttpsTokenInInterceptor
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.