Examples of org.apache.ws.security.WSUsernameTokenPrincipal

• org.apache.ws.security.WSUsernameTokenPrincipal
  This class implements the Principal interface and represents a UsernameToken user.

  In addition to the principal's name this principal object also contains the nonce and created time of the UsernameToken (refer to the OASIS WS Security specification, UsernameToken profile). These values are set only if the password of UsernameToken was of type PasswordDigest.

  Furthermore the password type is provided to the application. The password type is the string of the type attribute of the password element inside the username token. Refer to the OASIS WSS specification for predefined password types.

  The equals() method use the prinicipal's name only and does not compare nonce or created time.

  Modelled according to the example provided by JAAS documentation

  @author Davanum Srinivas (dims@yahoo.com). @author Werner Dittmann (Werner.Dittmann@siemens.com). @see java.security.Principal @see javax.security.auth.Subject

        callbackHandler = new SpringSecurityPasswordValidationCallbackHandler();

        grantedAuthority = new SimpleGrantedAuthority("ROLE_1");
        user = new User("Ernie", "Bert", true, true, true, true, Collections.singleton(grantedAuthority));

        WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal("Ernie", true);
        callback = new UsernameTokenPrincipalCallback(principal);
    }

    @Override
    protected void handleUsernameTokenPrincipal(UsernameTokenPrincipalCallback callback)
            throws IOException, UnsupportedCallbackException {
        UserDetails user = loadUserDetails(callback.getPrincipal().getName());
        WSUsernameTokenPrincipal principal = callback.getPrincipal();
        UsernamePasswordAuthenticationToken authRequest =
                new UsernamePasswordAuthenticationToken(principal, principal.getPassword(), user.getAuthorities());
        if (logger.isDebugEnabled()) {
            logger.debug("Authentication success: " + authRequest.toString());
        }
        SecurityContextHolder.getContext().setAuthentication(authRequest);
    }

        WSSecurityEngineResult actionResult = WSSecurityUtil.fetchActionResult(results, WSConstants.UT);

        if (actionResult != null) {
            Principal principal = (Principal) actionResult.get(WSSecurityEngineResult.TAG_PRINCIPAL);
            if (principal != null && principal instanceof WSUsernameTokenPrincipal) {
                WSUsernameTokenPrincipal usernameTokenPrincipal = (WSUsernameTokenPrincipal) principal;
                UsernameTokenPrincipalCallback callback = new UsernameTokenPrincipalCallback(usernameTokenPrincipal);
                try {
                    validationCallbackHandler.handle(new Callback[]{callback});
                }
                catch (IOException ex) {

        if ("PasswordDigest".equals(pwType)) {
            //CXF-2150 - we need to check the UsernameTokens
            for (WSSecurityEngineResult o : CastUtils.cast(wsResult, WSSecurityEngineResult.class)) {
                Integer actInt = (Integer)o.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt == WSConstants.UT) {
                    WSUsernameTokenPrincipal princ
                        = (WSUsernameTokenPrincipal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    if (!princ.isPasswordDigest()) {
                        LOG.warning("Non-digest UsernameToken found, but digest required");
                        throw new WSSecurityException(WSSecurityException.INVALID_SECURITY);
                    }
                }
            }

                                                       String password,
                                                       boolean isHashed,
                                                       String nonce,
                                                       String createdTime,
                                                       String pwType) throws WSSecurityException {
        WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(user, isHashed);
        principal.setNonce(nonce);
        principal.setPassword(password);
        principal.setCreatedTime(createdTime);
        principal.setPasswordType(pwType);

        return principal;
    }

    ) {
        boolean hashed = false;
        if (WSConstants.PASSWORD_DIGEST.equals(passwordType)) {
            hashed = true;
        }
        WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(username, hashed);
        principal.setNonce(nonce);
        principal.setPassword(passwordValue);
        principal.setCreatedTime(createdTime);
        principal.setPasswordType(passwordType);
        return principal;
    }

             * of this token to set the alias for the encryption user
             */
            for (WSSecurityEngineResult wser : wsSecEngineResults) {
                Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt.intValue() == WSConstants.UT) {
                    WSUsernameTokenPrincipal principal
                        = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    return principal.getName();
                }
            }
        }

        return null;

            for (int j = 0; j < wsSecEngineResults.size(); j++) {
                WSSecurityEngineResult wser =
                         (WSSecurityEngineResult) wsSecEngineResults.get(j);
                Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt.intValue() == WSConstants.UT) {
                    WSUsernameTokenPrincipal principal
                        = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    return principal.getName();
                }
            }
        }

        return null;

        if ("PasswordDigest".equals(pwType)) {
            //CXF-2150 - we need to check the UsernameTokens
            for (WSSecurityEngineResult o : CastUtils.cast(wsResult, WSSecurityEngineResult.class)) {
                Integer actInt = (Integer)o.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt == WSConstants.UT) {
                    WSUsernameTokenPrincipal princ
                        = (WSUsernameTokenPrincipal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    if (!princ.isPasswordDigest()) {
                        LOG.warning("Non-digest UsernameToken found, but digest required");
                        throw new WSSecurityException(WSSecurityException.INVALID_SECURITY);
                    }
                }
            }

            }

            AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject(
                user, password, ut.isHashed(), nonce, createdTime);

            WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(user, ut.isHashed());
            principal.setNonce(nonce);
            principal.setPassword(password);
            principal.setCreatedTime(createdTime);
            principal.setPasswordType(pwType);

            return principal;
        }