Package org.apache.ws.security

Examples of org.apache.ws.security.WSSConfig


        builder.setUserInfo("wernerd", "verySecret");
        Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);
       
        WSSConfig config = WSSConfig.getNewInstance();
        WSTimeSource spoofedTimeSource = new WSTimeSource() {

            public Date now() {
                Date currentTime = new Date();
                currentTime.setTime(currentTime.getTime() - (500L * 1000L));
                return currentTime;
            }
           
        };
        config.setCurrentTime(spoofedTimeSource);
       
        builder.setWsConfig(config);
        Document signedDoc = builder.build(doc, secHeader);

        if (LOG.isDebugEnabled()) {
View Full Code Here


    private List<WSSecurityEngineResult> verifyWithoutProfile(Document doc) throws Exception {
        SamlAssertionValidator validator = new SamlAssertionValidator();
        validator.setValidateSignatureAgainstProfile(false);
       
        WSSecurityEngine secEngine = new WSSecurityEngine();
        WSSConfig config = secEngine.getWssConfig();
        config.setValidator(WSSecurityEngine.SAML_TOKEN, validator);
        config.setValidator(WSSecurityEngine.SAML2_TOKEN, validator);
       
        List<WSSecurityEngineResult> results =
            secEngine.processSecurityHeader(
                doc, null, null, crypto
            );
View Full Code Here

     *
     * @throws java.lang.Exception Thrown when there is a problem in setup
     */
    @org.junit.Before
    public void setUp() throws Exception {
        WSSConfig wssConfig = WSSConfig.getNewInstance();
        wssConfig.setWsiBSPCompliant(true);
        secEngine.setWssConfig(wssConfig);
    }
View Full Code Here

            LOG.debug(outputString);
        }
        assertTrue(outputString.indexOf("counter_port_type") == -1 ? true : false);
       
        WSSecurityEngine newEngine = new WSSecurityEngine();
        WSSConfig wssConfig = WSSConfig.getNewInstance();
        wssConfig.setWsiBSPCompliant(false);
        newEngine.setWssConfig(wssConfig);
        verify(encryptedDoc, newEngine, keystoreCallbackHandler, SOAP_BODY);
    }
View Full Code Here

        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);
       
        UsernameToken usernameToken = new UsernameToken(true, doc, null);
        usernameToken.setName("bob");
        WSSConfig config = WSSConfig.getNewInstance();
        usernameToken.setID(config.getIdAllocator().createId("UsernameToken-", usernameToken));
       
        byte[] salt = UsernameToken.generateSalt(false);
        usernameToken.addIteration(doc, 1000);
       
        byte[] derivedKey = UsernameToken.generateDerivedKey("security", salt, 1000);
View Full Code Here

        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);
       
        UsernameToken usernameToken = new UsernameToken(true, doc, null);
        usernameToken.setName("bob");
        WSSConfig config = WSSConfig.getNewInstance();
        usernameToken.setID(config.getIdAllocator().createId("UsernameToken-", usernameToken));
       
        byte[] salt = usernameToken.addSalt(doc, null, false);
        byte[] derivedKey = UsernameToken.generateDerivedKey("security", salt, 1000);
       
        //
View Full Code Here

        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);
       
        UsernameToken usernameToken = new UsernameToken(true, doc, null);
        usernameToken.setName("bob");
        WSSConfig config = WSSConfig.getNewInstance();
        usernameToken.setID(config.getIdAllocator().createId("UsernameToken-", usernameToken));
       
        usernameToken.addIteration(doc, 500);
        byte[] salt = usernameToken.addSalt(doc, null, false);
        byte[] derivedKey = UsernameToken.generateDerivedKey("security", salt, 500);
       
        //
        // Derived key encryption
        //
        WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt();
        encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_128);
        encrBuilder.setExternalKey(derivedKey, usernameToken.getID());
        encrBuilder.setCustomValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
        Document encryptedDoc = encrBuilder.build(doc, secHeader);
       
        WSSecurityUtil.prependChildElement(
            secHeader.getSecurityHeader(), usernameToken.getElement()
        );
       
        String outputString =
            org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
        assertTrue(outputString.indexOf("wsse:Username") != -1);
        assertTrue(outputString.indexOf("wsse:Password") == -1);
        assertTrue(outputString.indexOf("wsse11:Salt") != -1);
        assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
        if (LOG.isDebugEnabled()) {
            LOG.debug(outputString);
        }
       
        try {
            verify(encryptedDoc);
            fail("Failure expected on a low iteration value");
        } catch (WSSecurityException ex) {
            // expected
        }
       
        // Turn off BSP compliance and it should work
        config.setWsiBSPCompliant(false);
        WSSecurityEngine newEngine = new WSSecurityEngine();
        newEngine.setWssConfig(config);
        config.setAllowUsernameTokenNoPassword(true);
        newEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
    }
View Full Code Here

        } catch (WSSecurityException ex) {
            // expected
        }
       
        // Turn off BSP compliance and it should work
        WSSConfig config = WSSConfig.getNewInstance();
        config.setWsiBSPCompliant(false);
        config.setAllowUsernameTokenNoPassword(true);
        WSSecurityEngine newEngine = new WSSecurityEngine();
        newEngine.setWssConfig(config);
        newEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
    }
View Full Code Here

        } catch (WSSecurityException ex) {
            // expected
        }
       
        // Turn off BSP compliance and it should work
        WSSConfig config = WSSConfig.getNewInstance();
        config.setWsiBSPCompliant(false);
        config.setAllowUsernameTokenNoPassword(true);
        WSSecurityEngine newEngine = new WSSecurityEngine();
        newEngine.setWssConfig(config);
        newEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
    }
View Full Code Here

    private static final org.apache.commons.logging.Log LOG =
        org.apache.commons.logging.LogFactory.getLog(SamlTokenTest.class);
    private WSSecurityEngine secEngine = new WSSecurityEngine();

    public SamlTokenTest() {
        WSSConfig config = WSSConfig.getNewInstance();
        config.setValidator(WSSecurityEngine.SAML_TOKEN, new CustomSamlAssertionValidator());
        config.setValidator(WSSecurityEngine.SAML2_TOKEN, new CustomSamlAssertionValidator());
        secEngine.setWssConfig(config);
    }
View Full Code Here

TOP

Related Classes of org.apache.ws.security.WSSConfig

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.