Examples of org.apache.ws.security.WSSecurityEngine

org.apache.ws.security.WSSecurityEngine
WS-Security Engine.
@author Davanum Srinivas (dims@yahoo.com). @author Werner Dittmann (Werner.Dittmann@t-online.de).

        translateProperties(msg);
        
        RequestData reqData = new CXFRequestData();


        WSSConfig config = (WSSConfig)msg.getContextualProperty(WSSConfig.class.getName()); 
        WSSecurityEngine engine;
        if (config != null) {
            engine = new WSSecurityEngine();
            engine.setWssConfig(config);
        } else {
            engine = getSecurityEngine(utWithCallbacks);
            if (engine == null) {
                engine = new WSSecurityEngine();
            }
            config = engine.getWssConfig();
        }
        reqData.setWssConfig(config);
        
        SOAPMessage doc = getSOAPMessage(msg);
        
        boolean doDebug = LOG.isLoggable(Level.FINE);
        boolean doTimeLog = TIME_LOG.isLoggable(Level.FINE);


        SoapVersion version = msg.getVersion();
        if (doDebug) {
            LOG.fine("WSS4JInInterceptor: enter handleMessage()");
        }


        long t0 = 0;
        long t1 = 0;
        long t2 = 0;
        long t3 = 0;


        if (doTimeLog) {
            t0 = System.currentTimeMillis();
        }


        /*
         * The overall try, just to have a finally at the end to perform some
         * housekeeping.
         */
        try {
            reqData.setMsgContext(msg);
            computeAction(msg, reqData);
            List<Integer> actions = new ArrayList<Integer>();
            String action = getAction(msg, version);


            int doAction = WSSecurityUtil.decodeAction(action, actions);


            String actor = (String)getOption(WSHandlerConstants.ACTOR);


            reqData.setCallbackHandler(getCallback(reqData, doAction, utWithCallbacks));
            
            String passwordTypeStrict = (String)getOption(WSHandlerConstants.PASSWORD_TYPE_STRICT);
            if (passwordTypeStrict == null) {
                setProperty(WSHandlerConstants.PASSWORD_TYPE_STRICT, "true");
            }


            /*
             * Get and check the Signature specific parameters first because
             * they may be used for encryption too.
             */
            doReceiverAction(doAction, reqData);
            
            if (doTimeLog) {
                t1 = System.currentTimeMillis();
            }
            Element elem = WSSecurityUtil.getSecurityHeader(doc.getSOAPPart(), actor);


            List<WSSecurityEngineResult> wsResult = engine.processSecurityHeader(
                elem, reqData
            );


            if (doTimeLog) {
                t2 = System.currentTimeMillis();

View Full Code Here

                config.setValidator(key, (Validator)val);
            } else if (val == null) {
                config.setProcessor(key, (Class<?>)null);
            }
        }
        final WSSecurityEngine ret = new WSSecurityEngine();
        ret.setWssConfig(config);
        return ret;
    }

View Full Code Here

                    val = null;
                }
            }
            config.setProcessor(key, val);
        }
        final WSSecurityEngine ret = new WSSecurityEngine();
        ret.setWssConfig(config);
        return ret;
    }

View Full Code Here

        String p = "wssec.MyProcessor";
        cfg.setProcessor(
            WSSecurityEngine.SIGNATURE,
            p
        );
        final WSSecurityEngine engine = new WSSecurityEngine();
        engine.setWssConfig(cfg);
        final java.util.List results = 
            engine.processSecurityHeader(doc, null, null, crypto);
        boolean found = false;
        for (final java.util.Iterator pos = results.iterator();  pos.hasNext(); ) {
            final java.util.Map result = (java.util.Map) pos.next();
            Object obj = result.get("foo");
            if (obj != null) {

View Full Code Here

        WSSConfig cfg = WSSConfig.getNewInstance();
        cfg.setProcessor(
            WSSecurityEngine.SIGNATURE,
            new wssec.MyProcessor()
        );
        final WSSecurityEngine engine = new WSSecurityEngine();
        engine.setWssConfig(cfg);
        final java.util.List results = 
            engine.processSecurityHeader(doc, null, null, crypto);
        boolean found = false;
        for (final java.util.Iterator pos = results.iterator();  pos.hasNext(); ) {
            final java.util.Map result = (java.util.Map) pos.next();
            Object obj = result.get("foo");
            if (obj != null) {

View Full Code Here

        if (msg.containsKey(SECURITY_PROCESSED)) {
            return;
        }
        msg.put(SECURITY_PROCESSED, Boolean.TRUE);
        WSSConfig config = (WSSConfig)msg.getContextualProperty(WSSConfig.class.getName()); 
        WSSecurityEngine engine;
        if (config != null) {
            engine = new WSSecurityEngine();
            engine.setWssConfig(config);
        } else {
            engine = getSecurityEngine();
        }
        
        SOAPMessage doc = getSOAPMessage(msg);
        
        boolean doDebug = LOG.isLoggable(Level.FINE);
        boolean doTimeLog = TIME_LOG.isLoggable(Level.FINE);


        SoapVersion version = msg.getVersion();
        if (doDebug) {
            LOG.fine("WSS4JInInterceptor: enter handleMessage()");
        }


        long t0 = 0;
        long t1 = 0;
        long t2 = 0;
        long t3 = 0;


        if (doTimeLog) {
            t0 = System.currentTimeMillis();
        }


        RequestData reqData = new RequestData();
        /*
         * The overall try, just to have a finally at the end to perform some
         * housekeeping.
         */
        try {
            reqData.setMsgContext(msg);
            computeAction(msg, reqData);
            Vector actions = new Vector();
            String action = getAction(msg, version);


            int doAction = WSSecurityUtil.decodeAction(action, actions);


            String actor = (String)getOption(WSHandlerConstants.ACTOR);


            CallbackHandler cbHandler = getCallback(reqData, doAction);


            /*
             * Get and check the Signature specific parameters first because
             * they may be used for encryption too.
             */
            doReceiverAction(doAction, reqData);
            
            Vector wsResult = null;
            if (doTimeLog) {
                t1 = System.currentTimeMillis();
            }


            wsResult = engine.processSecurityHeader(
                doc.getSOAPPart(), 
                actor, 
                cbHandler, 
                reqData.getSigCrypto(), 
                reqData.getDecCrypto()

View Full Code Here

                config.setProcessor(key, (Processor)val);
            } else if (val == null) {
                config.setProcessor(key, (String)val);
            }
        }
        final WSSecurityEngine ret = new WSSecurityEngine();
        ret.setWssConfig(config);
        return ret;
    }

View Full Code Here

        
        boolean utWithCallbacks = 
            !MessageUtils.getContextualBoolean(msg, SecurityConstants.USERNAME_TOKEN_NO_CALLBACKS, false);
        
        WSSConfig config = (WSSConfig)msg.getContextualProperty(WSSConfig.class.getName()); 
        WSSecurityEngine engine;
        if (config != null) {
            engine = new WSSecurityEngine();
            engine.setWssConfig(config);
        } else {
            engine = getSecurityEngine(utWithCallbacks);
        }
        
        SOAPMessage doc = getSOAPMessage(msg);
        
        boolean doDebug = LOG.isLoggable(Level.FINE);
        boolean doTimeLog = TIME_LOG.isLoggable(Level.FINE);


        SoapVersion version = msg.getVersion();
        if (doDebug) {
            LOG.fine("WSS4JInInterceptor: enter handleMessage()");
        }


        long t0 = 0;
        long t1 = 0;
        long t2 = 0;
        long t3 = 0;


        if (doTimeLog) {
            t0 = System.currentTimeMillis();
        }


        RequestData reqData = new RequestData();
        /*
         * The overall try, just to have a finally at the end to perform some
         * housekeeping.
         */
        try {
            reqData.setMsgContext(msg);
            computeAction(msg, reqData);
            Vector actions = new Vector();
            String action = getAction(msg, version);


            int doAction = WSSecurityUtil.decodeAction(action, actions);


            String actor = (String)getOption(WSHandlerConstants.ACTOR);


            CallbackHandler cbHandler = getCallback(reqData, doAction, utWithCallbacks);


            /*
             * Get and check the Signature specific parameters first because
             * they may be used for encryption too.
             */
            doReceiverAction(doAction, reqData);
            
            Vector wsResult = null;
            if (doTimeLog) {
                t1 = System.currentTimeMillis();
            }


            wsResult = engine.processSecurityHeader(
                doc.getSOAPPart(), 
                actor, 
                cbHandler, 
                reqData.getSigCrypto(), 
                reqData.getDecCrypto()

View Full Code Here

                config.setProcessor(key, (Processor)val);
            } else if (val == null) {
                config.setProcessor(key, (String)val);
            }
        }
        final WSSecurityEngine ret = new WSSecurityEngine();
        ret.setWssConfig(config);
        return ret;
    }

View Full Code Here

            return null;
        }


        Vector results = null;


        WSSecurityEngine engine = new WSSecurityEngine();


        ValidatorData data = new ValidatorData(rmd);


        SOAPHeader header = rmd.getMsgContext().getEnvelope().getHeader();
        if (header == null) {
            throw new RampartException("missingSOAPHeader");
        }


        ArrayList headerBlocks = header.getHeaderBlocksWithNSURI(WSConstants.WSSE_NS);
        SOAPHeaderBlock secHeader = null;
        // Issue is axiom - a returned collection must not be null
        if (headerBlocks != null) {
            Iterator headerBlocksIterator = headerBlocks.iterator();
            while (headerBlocksIterator.hasNext()) {
                SOAPHeaderBlock elem = (SOAPHeaderBlock) headerBlocksIterator.next();
                if (elem.getLocalName().equals(WSConstants.WSSE_LN)) {
                    secHeader = elem;
                    break;
                }
            }
        }


        if (secHeader == null) {
            throw new RampartException("missingSecurityHeader");
        }


        long t0 = 0, t1 = 0, t2 = 0, t3 = 0;
        if (dotDebug) {
            t0 = System.currentTimeMillis();
        }


        String actorValue = secHeader.getAttributeValue(new QName(rmd.getSoapConstants()
                .getEnvelopeURI(), "actor"));


        Crypto signatureCrypto = RampartUtil.getSignatureCrypto(rpd.getRampartConfig(), msgCtx
                .getAxisService().getClassLoader());


        TokenCallbackHandler tokenCallbackHandler = null;
        
        if (rpd != null) {
            tokenCallbackHandler = new TokenCallbackHandler(rmd.getTokenStorage(),
                    RampartUtil.getPasswordCB(rmd), rpd.getRampartConfig());
        } else {
            tokenCallbackHandler = new TokenCallbackHandler(rmd.getTokenStorage(),
                    RampartUtil.getPasswordCB(rmd));
        }


        if (rpd.isSymmetricBinding()) {
            // Here we have to create the CB handler to get the tokens from the
            // token storage
            log.debug("Processing security header using SymetricBinding");
            results = engine.processSecurityHeader(rmd.getDocument(), actorValue,
                    tokenCallbackHandler, signatureCrypto, RampartUtil.getEncryptionCrypto(
                            rpd.getRampartConfig(), msgCtx.getAxisService().getClassLoader()));


            // Remove encryption tokens if this is the initiator and if initiator is receiving a
            // message


            if (rmd.isInitiator()
                    && (msgCtx.getFLOW() == MessageContext.IN_FLOW || msgCtx.getFLOW() == MessageContext.IN_FAULT_FLOW)) {
                tokenCallbackHandler.removeEncryptedToken();
            }


        } else {
            log.debug("Processing security header in normal path");
            results = engine.processSecurityHeader(rmd.getDocument(), actorValue,
                    tokenCallbackHandler, signatureCrypto, RampartUtil.getEncryptionCrypto(
                            rpd.getRampartConfig(), msgCtx.getAxisService().getClassLoader()));
        }


        if (dotDebug) {

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.ws.security.WSSecurityEngine

br.net.woodstock.rockframework.web.ws.wss4j.WSS4JHelper

br.net.woodstock.rockframework.ws.wss4j.WSS4JHelper

com.eviware.soapui.impl.wsdl.support.wss.entries.SignatureEntryTest

com.eviware.soapui.impl.wsdl.support.wss.IncomingWss

org.apache.cxf.sts.request.RequestParserUnitTest

org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

org.apache.rampart.RampartEngine

org.apache.ws.sandbox.security.conversation.ConversationEngine

org.apache.ws.sandbox.security.trust.message.token.RequestedProofToken

org.apache.ws.security.components.crypto.CertificateStoreTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.