Examples of org.apache.ws.security.WSSConfig

org.apache.ws.security.WSSConfig
WSSConfig
Carries configuration data so the WSS4J spec compliance can be modified in runtime. Configure an instance of this object only if you need WSS4J to emulate certain industry clients or previous OASIS specifications for WS-Security interoperability testing purposes.
The default settings follow the latest OASIS and changing anything might violate the OASIS specs.
WARNING: changing the default settings will break the compliance with the latest specs. Do this only if you know what you are doing.
@author Rami Jaamour (rjaamour@parasoft.com) @author Werner Dittmann (werner@apache.org)

     * Test signing a message body using a symmetric key with EncryptedKeySHA1. 
     * The request is generated using WSHandler, instead of coding it.
     */
    @org.junit.Test
    public void testSymmetricSignatureSHA1Handler() throws Exception {
        final WSSConfig cfg = WSSConfig.getNewInstance();
        RequestData reqData = new RequestData();
        reqData.setWssConfig(cfg);
        java.util.Map<String, Object> messageContext = new java.util.TreeMap<String, Object>();
        messageContext.put(WSHandlerConstants.SIG_KEY_ID, "EncryptedKeySHA1");
        messageContext.put(WSHandlerConstants.SIG_ALGO, SignatureMethod.HMAC_SHA1);

View Full Code Here

            LOG.debug(outputString);
        }
        
        // Turn off BSP spec compliance
        WSSecurityEngine newEngine = new WSSecurityEngine();
        WSSConfig config = WSSConfig.getNewInstance();
        config.setWsiBSPCompliant(false);
        newEngine.setWssConfig(config);
        newEngine.processSecurityHeader(doc, null, null, crypto);
        
        // Now turn on BSP spec compliance
        config.setWsiBSPCompliant(true);
        newEngine.setWssConfig(config);
        try {
            newEngine.processSecurityHeader(doc, null, null, crypto);
            fail("Failure expected on a bad c14n algorithm");
        } catch (WSSecurityException ex) {

View Full Code Here

     * 
     * @throws java.lang.Exception Thrown when there is any problem in signing or verification
     */
    @org.junit.Test
    public void testSignatureInclusivePrefixes() throws Exception {
        WSSConfig wssConfig = WSSConfig.getNewInstance();
        wssConfig.setWsiBSPCompliant(true);
        WSSecSignature builder = new WSSecSignature();
        builder.setWsConfig(wssConfig);
        builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
        LOG.info("Before Signing....");
        Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);

View Full Code Here

            LOG.debug(outputString);
        }
        
        // Turn off BSP spec compliance
        WSSecurityEngine newEngine = new WSSecurityEngine();
        WSSConfig config = WSSConfig.getNewInstance();
        config.setWsiBSPCompliant(false);
        newEngine.setWssConfig(config);
        List<WSSecurityEngineResult> results = newEngine.processSecurityHeader(doc, null, null, crypto);
        
        WSSecurityEngineResult actionResult =
                WSSecurityUtil.fetchActionResult(results, WSConstants.SIGN);
        assertNotNull(actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE));
        assertNotNull(actionResult.get(WSSecurityEngineResult.TAG_X509_REFERENCE_TYPE));
        REFERENCE_TYPE referenceType = 
            (REFERENCE_TYPE)actionResult.get(WSSecurityEngineResult.TAG_X509_REFERENCE_TYPE);
        assertTrue(referenceType == REFERENCE_TYPE.KEY_IDENTIFIER);
        
        // Now turn on BSP spec compliance
        config.setWsiBSPCompliant(true);
        newEngine.setWssConfig(config);
        try {
            newEngine.processSecurityHeader(doc, null, null, crypto);
            fail("Failure expected on a bad ValueType attribute");
        } catch (WSSecurityException ex) {

View Full Code Here

     * A test for "SignatureAction does not set DigestAlgorithm on WSSecSignature instance"
     */
    @org.junit.Test
    public void
    testWSS170() throws Exception {
        final WSSConfig cfg = WSSConfig.getNewInstance();
        final int action = WSConstants.SIGN;
        final RequestData reqData = new RequestData();
        reqData.setWssConfig(cfg);
        reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();

View Full Code Here

     * <Security> header when using WSS4J calling .NET Web Services with WS-Security."
     */
    @org.junit.Test
    public void
    testWSS231() throws Exception {
        final WSSConfig cfg = WSSConfig.getNewInstance();
        final int action = WSConstants.SIGN | WSConstants.TS;
        final RequestData reqData = new RequestData();
        reqData.setWssConfig(cfg);
        reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");

View Full Code Here

        Call call = (Call) service.createCall();
        call.setTargetEndpointAddress(opts.getURL());


        SOAPEnvelope env = new SOAPEnvelope();
        Document doc = env.getAsDocument();
        WSSConfig wssConfig = WSSConfig.getDefaultWSConfig();


        // Create a new request object passing an XML document for element creation and the RequestType (in this case issue)
        RequestSecurityToken tokenRequest = new RequestSecurityToken(doc, TrustConstants.REQUEST_ISSUE);
    
        // Setting the context and the token type we want to be returned
        tokenRequest.setContext(new URI("http://context.context"));
        tokenRequest.setTokenType(TokenTypes.X509);
    
        // Construct a bunch of username tokens to be used as <Base> and <Supporting> elements
        UsernameToken userToken = new UsernameToken(wssConfig.isPrecisionInMilliSeconds(), doc);
        userToken.setName("bob");
        userToken.setPassword("bobspass");
        tokenRequest.setBase(new SecurityTokenOrReference(userToken));


        UsernameToken user2Token = new UsernameToken(wssConfig.isPrecisionInMilliSeconds(), doc);
        user2Token.setName("joe");
        user2Token.setPassword("bobspass");
        tokenRequest.addSupporting(new SecurityTokenOrReference(user2Token));


        UsernameToken user3Token = new UsernameToken(wssConfig.isPrecisionInMilliSeconds(), doc);
        user3Token.setName("mike");
        user3Token.setPassword("bobspass");
        tokenRequest.addSupporting(new SecurityTokenOrReference(user3Token));


        // Set the desired Lifetime of the token being requested in this case to 250 seconds

View Full Code Here

            if (timestamp != null && timestampStrict) {
                Credential credential = new Credential();
                credential.setTimestamp(timestamp);


                RequestData requestData = new RequestData();
                WSSConfig config = new WSSConfig();
                config.setTimeStampTTL(validationTimeToLive);
                config.setTimeStampStrict(timestampStrict);
              config.setTimeStampFutureTTL(futureTimeToLive);
                requestData.setWssConfig(config);


                TimestampValidator validator = new TimestampValidator();
                validator.validate(credential, requestData);
            }

View Full Code Here

        msg.put(SECURITY_PROCESSED, Boolean.TRUE);
        
        boolean utWithCallbacks = 
            !MessageUtils.getContextualBoolean(msg, SecurityConstants.USERNAME_TOKEN_NO_CALLBACKS, false);
        
        WSSConfig config = (WSSConfig)msg.getContextualProperty(WSSConfig.class.getName()); 
        WSSecurityEngine engine;
        if (config != null) {
            engine = new WSSecurityEngine();
            engine.setWssConfig(config);
        } else {

View Full Code Here

    protected static WSSecurityEngine
    createSecurityEngine(
        final Map<QName, Object> map
    ) {
        assert map != null;
        final WSSConfig config = WSSConfig.getNewInstance();
        for (Map.Entry<QName, Object> entry : map.entrySet()) {
            final QName key = entry.getKey();
            Object val = entry.getValue();
            
            if (val instanceof String) {
                String valStr = ((String)val).trim();
                if ("null".equals(valStr) || valStr.length() == 0) {
                    valStr = null;
                }
                config.setProcessor(key, valStr);
            } else if (val instanceof Processor) {
                config.setProcessor(key, (Processor)val);
            } else if (val == null) {
                config.setProcessor(key, (String)val);
            }
        }
        final WSSecurityEngine ret = new WSSecurityEngine();
        ret.setWssConfig(config);
        return ret;

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.ws.security.WSSConfig

com.eviware.soapui.impl.wsdl.submit.filters.WssAuthenticationRequestFilter

com.eviware.soapui.impl.wsdl.support.wss.entries.AddTimestampEntry

com.eviware.soapui.impl.wsdl.support.wss.entries.EncryptionEntry

com.eviware.soapui.impl.wsdl.support.wss.entries.TimestampEntry

org.apache.cxf.fediz.core.FederationProcessorImpl

org.apache.cxf.fediz.core.saml.SAMLTokenValidator

org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrantHandler

org.apache.cxf.rs.security.saml.AbstractSamlInHandler

org.apache.cxf.rs.security.saml.sso.SAMLProtocolResponseValidator

org.apache.cxf.sts.token.renewer.SAMLTokenRenewer

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.