Package org.apache.ws.security

Examples of org.apache.ws.security.KerberosTokenPrincipal

96
97
98
99
100
101
102
103
104
105
106
      WSSConfig wsc) throws WSSecurityException {
    X509Certificate returnCert[];
    Set returnElements;
    Set protectedElements;
    byte signatureValue[][];
    KerberosTokenPrincipal lastPrincipalFound;

    WSDocInfoStore.store(wsDocInfo);
    returnCert = new X509Certificate[1];
    returnElements = new HashSet();
    protectedElements = new TreeSet();
View Full Code Here
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
      X509Certificate returnCert[], Set returnElements,
      Set protectedElements, byte signatureValue[][],
      CallbackHandler handler) throws WSSecurityException {

    SecretKey secretKey = null;
    KerberosTokenPrincipal principal = null;

    try {
      authenticate(handler);
      KerberosSecurity ks = createSecurityToken(elem);
      GSSContext context = acceptSecurityContext(ks);
      secretKey = getSessionKey(ks.getToken());

      if (log.isDebugEnabled()) {
        log.debug((new StringBuilder())
            .append("security context accepted with ")
            .append(context.getSrcName().toString())
            .append(",")
            .append(context.getSrcName().getStringNameType()
                .toString()).toString());
      }

      principal = new KerberosTokenPrincipal(context.getSrcName()
          .toString());
      principal.setTokenElement(elem);

      if (secretKey != null) {
        principal.setSessionKey(secretKey.getEncoded());
      } else {
        log.error("null secret key");
        throw new WSSecurityException(3, "nullSecretKey",
            new Object[] { "null secret key" });
      }

      principal.setSecretKey(secretKey);

      KrbSession kerberosSession = new KrbSession(ks.getSHA1(), secretKey);
      kerberosSession.setClientPrincipalName(context.getSrcName()
          .toString());
      kerberosSession.setServerPrincipalName(context.getTargName()
          .toString());
      KrbSessionCache.getInstance().addSession(kerberosSession);

      principal.setClientPrincipalName(kerberosSession
          .getClientPrincipalName());
      principal.setServicePrincipalName(kerberosSession
          .getServerPrincipalName());

    } catch (RuntimeException e) {
      log.error(e.getMessage(), e);
      throw new WSSecurityException(3, "kerberosAcceptCtxFailed",
View Full Code Here
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
    sig.addResourceResolver(EnvelopeIdResolver.getInstance());
    KeyInfo info = sig.getKeyInfo();
    SecretKey secretKey = null;

    KerberosTokenPrincipal principal = null;

    if (info != null) {
      org.w3c.dom.Node node = WSSecurityUtil.getDirectChild(
          info.getElement(), "SecurityTokenReference",
          WSConstants.WSSE_NS);

      if (node == null) {
        throw new WSSecurityException(3, "unsupportedKeyInfo");
      }

      SecurityTokenReference secRef = new SecurityTokenReference(
          (Element) node);
      WSDocInfo wsDocInfo = WSDocInfoStore
          .lookup(elem.getOwnerDocument());

      if (secRef.containsReference()) {
        Element token = secRef.getTokenElement(elem.getOwnerDocument(),
            wsDocInfo, cb);
        QName el = new QName(token.getNamespaceURI(),
            token.getLocalName());
        if (el.equals(WSSecurityEngine.binaryToken))
          try {
            if (lastPrincipalFound == null) {
              authenticate(cb);
              KerberosSecurity ks = createSecurityToken(token);
              GSSContext context = acceptSecurityContext(ks);
              secretKey = getSessionKey(ks.getToken());
              if (log.isDebugEnabled()) {
                log.debug("security context accepted with "
                    + context.getSrcName().toString()
                    + ","
                    + context.getSrcName()
                        .getStringNameType());
              }
              principal = new KerberosTokenPrincipal(context
                  .getSrcName().toString());
              principal.setTokenElement(token);
              principal.setSessionKey(secretKey.getEncoded());
              principal.setSecretKey(secretKey);
              KrbSession kerberosSession = new KrbSession(
                  ks.getSHA1(), secretKey);
              kerberosSession.setClientPrincipalName(context
                  .getSrcName().toString());
              kerberosSession.setServerPrincipalName(context
                  .getTargName().toString());
              KrbSessionCache.getInstance().addSession(
                  kerberosSession);
              principal.setClientPrincipalName(kerberosSession
                  .getClientPrincipalName());
              principal.setServicePrincipalName(kerberosSession
                  .getServerPrincipalName());
            } else {
              secretKey = lastPrincipalFound.getSecretKey();
            }
          } catch (RuntimeException e) {
View Full Code Here
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
            Vector wsSecEngineResults = rResult.getResults();
            for (int j = 0; j < wsSecEngineResults.size(); j++) {
                WSSecurityEngineResult wser = (WSSecurityEngineResult) wsSecEngineResults.get(j);
                Integer actInt = (Integer) wser.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt.intValue() == org.apache.ws.security.WSConstants.KERBEROS_SIGN) {
                    KerberosTokenPrincipal principal = (KerberosTokenPrincipal) wser
                            .get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    BinarySecurity token;
                    try {
                        token = new BinarySecurity(principal.getTokenElement());
                        krbToken.setBSTToken(token);
                    } catch (WSSecurityException e) {
                        throw new RampartException("errorExtractingKereberosToken");
                    }
                }
View Full Code Here
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
            } else if (WSConstants.SIGN == actInt.intValue()) {
                X509Certificate cert = (X509Certificate) wser
                        .get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
                msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
            } else if (WSConstants.KERBEROS == actInt.intValue()) {
                KerberosTokenPrincipal principal = null;
                principal = ((KerberosTokenPrincipal) wser
                        .get(WSSecurityEngineResult.TAG_PRINCIPAL));
                if (principal != null) {
                    String clientPricipalName = principal.getClientPrincipalName();
                    String servicePricipalName = principal.getServicePrincipalName();
                    if (clientPricipalName != null) {
                        msgCtx.getOptions().setProperty(KerberosConfig.CLIENT_PRINCIPLE_NAME,
                                clientPricipalName);
                    }
                    if (servicePricipalName != null) {
                        msgCtx.getOptions().setProperty(KerberosConfig.SERVICE_PRINCIPLE_NAME,
                                servicePricipalName);
                    }
                }
            } else if (WSConstants.KERBEROS_ENCR == actInt.intValue()) {
                KerberosTokenPrincipal principal = null;
                principal = ((KerberosTokenPrincipal) wser
                        .get(WSSecurityEngineResult.TAG_PRINCIPAL));
                if (principal != null) {
                    String clientPricipalName = principal.getClientPrincipalName();
                    String servicePricipalName = principal.getServicePrincipalName();
                    if (clientPricipalName != null) {
                        msgCtx.getOptions().setProperty(KerberosConfig.CLIENT_PRINCIPLE_NAME,
                                clientPricipalName);
                    }
                    if (servicePricipalName != null) {
                        msgCtx.getOptions().setProperty(KerberosConfig.SERVICE_PRINCIPLE_NAME,
                                servicePricipalName);
                    }
                }
            } else if (WSConstants.KERBEROS_SIGN == actInt.intValue()) {
                KerberosTokenPrincipal principal = null;
                principal = ((KerberosTokenPrincipal) wser
                        .get(WSSecurityEngineResult.TAG_PRINCIPAL));
                if (principal != null) {
                    String clientPricipalName = principal.getClientPrincipalName();
                    String servicePricipalName = principal.getServicePrincipalName();
                    if (clientPricipalName != null) {
                        msgCtx.getOptions().setProperty(KerberosConfig.CLIENT_PRINCIPLE_NAME,
                                clientPricipalName);
                    }
                    if (servicePricipalName != null) {
View Full Code Here
TOP

Related Classes of org.apache.ws.security.KerberosTokenPrincipal

  • org.apache.rampart.builder.BindingBuilder
  • org.apache.rampart.RampartEngine
  • org.apache.ws.security.processor.KerberosTokenProcessor
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.