Package org.apache.ws.security

Examples of org.apache.ws.security.WSUsernameTokenPrincipal


                Collection<AssertionInfo> ais = aim.get(SP12Constants.USERNAME_TOKEN);
                if (ais != null) {
                    for (AssertionInfo ai : ais) {
                        ai.setAsserted(true);
                    }
                    WSUsernameTokenPrincipal princ
                        = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    for (AssertionInfo ai : ais) {
                        UsernameToken tok = (UsernameToken)ai.getAssertion();
                        if (tok.isHashPassword() != princ.isPasswordDigest()) {
                            ai.setNotAsserted("Password hashing policy not enforced");
                        }
                    }
                }
                break;
View Full Code Here


                    }

                }
            } else if (WSConstants.UT == actInt.intValue()) {

            WSUsernameTokenPrincipal userNameTokenPrincipal = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);

                String username = userNameTokenPrincipal.getName();
                msgCtx.setProperty(RampartMessageData.USERNAME, username);
               
                if (userNameTokenPrincipal.getNonce() != null) {
                    // Check whether this is a replay attack. To verify that we need to check whether nonce value
                    // is a repeating one
                    int nonceLifeTimeInSeconds = 0;

                    if (rpd.getRampartConfig() != null) {
                       
                        String stringLifeTime = rpd.getRampartConfig().getNonceLifeTime();

                        try {
                            nonceLifeTimeInSeconds = Integer.parseInt(stringLifeTime);

                        } catch (NumberFormatException e) {
                            log.error("Invalid value for nonceLifeTime in rampart configuration file.", e);
                            throw new RampartException(
                                        "invalidNonceLifeTime", e);

                        }
                    }

                    String serviceEndpointName = msgCtx.getAxisService().getEndpointName();

                    boolean valueRepeating = serviceNonceCache.isNonceRepeatingForService(serviceEndpointName, username, userNameTokenPrincipal.getNonce());

                    if (valueRepeating){
                        throw new RampartException("repeatingNonceValue", new Object[]{ userNameTokenPrincipal.getNonce(), username} );
                    }

                    serviceNonceCache.addNonceForService(serviceEndpointName, username, userNameTokenPrincipal.getNonce(), nonceLifeTimeInSeconds);
                }
            } else if (WSConstants.SIGN == actInt.intValue()) {
                X509Certificate cert = (X509Certificate) wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
                msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
            }
View Full Code Here

             for (int j = 0; j < wsSecEngineResults.size(); j++) {
                 WSSecurityEngineResult wser =
                         (WSSecurityEngineResult) wsSecEngineResults.get(j);
                 Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                 if (actInt.intValue() == WSConstants.UT) {
                   WSUsernameTokenPrincipal principal = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                     return principal.getName();
                 }
             }
         }
        
         return null;
View Full Code Here

            for (int j = 0; j < wsSecEngineResults.size(); j++) {
                WSSecurityEngineResult wser =
                         (WSSecurityEngineResult) wsSecEngineResults.get(j);
                Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt.intValue() == WSConstants.UT) {
                    WSUsernameTokenPrincipal principal
                        = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    return principal.getName();
                }
            }
        }
        
        return null;
View Full Code Here

                    result.put(WSSecurityEngineResult.TAG_PRINCIPAL, samlPrincipal);
                }
            } else if (credential.getPrincipal() != null) {
                result.put(WSSecurityEngineResult.TAG_PRINCIPAL, credential.getPrincipal());
            } else {
                WSUsernameTokenPrincipal principal =
                    new WSUsernameTokenPrincipal(token.getName(), token.isHashed());
                principal.setNonce(token.getNonce());
                principal.setPassword(token.getPassword());
                principal.setCreatedTime(token.getCreated());
                principal.setPasswordType(token.getPasswordType());
                result.put(WSSecurityEngineResult.TAG_PRINCIPAL, principal);
            }
            result.put(WSSecurityEngineResult.TAG_SUBJECT, credential.getSubject());
        }
       
View Full Code Here

                    }
                    return certs[0].getSubjectX500Principal();
                } else if (publicKey != null) {
                    return new PublicKeyPrincipal(publicKey);
                } else if (ut != null) {
                    WSUsernameTokenPrincipal principal =
                        new WSUsernameTokenPrincipal(ut.getName(), ut.isHashed());
                    principal.setNonce(ut.getNonce());
                    principal.setPassword(ut.getPassword());
                    principal.setCreatedTime(ut.getCreated());
                    return principal;
                } else if (dkt != null) {
                    WSDerivedKeyTokenPrincipal principal = new WSDerivedKeyTokenPrincipal(dkt.getID());
                    principal.setNonce(dkt.getNonce());
                    principal.setLabel(dkt.getLabel());
                    principal.setLength(dkt.getLength());
                    principal.setOffset(dkt.getOffset());
                    String basetokenId = null;
                    SecurityTokenReference securityTokenReference = dkt.getSecurityTokenReference();
                    if (securityTokenReference.containsReference()) {
                        basetokenId = securityTokenReference.getReference().getURI();
                        if (basetokenId.charAt(0) == '#') {
                            basetokenId = basetokenId.substring(1);
                        }
                    } else {
                        // KeyIdentifier
                        basetokenId = securityTokenReference.getKeyIdentifierValue();
                    }
                    principal.setBasetokenId(basetokenId);
                    return principal;
                } else if (samlKi != null) {
                    final SAMLAssertion assertion = samlKi.getAssertion();
                    CustomTokenPrincipal principal = new CustomTokenPrincipal(assertion.getId());
                    principal.setTokenObject(assertion);
                    return principal;
                } else if (secretKey != null) {
                    // This is the custom key scenario
                    return new CustomTokenPrincipal(customTokenId);
                } else {
View Full Code Here

                );
            }
            origPassword = pwCb.getPassword();
            ut.setRawPassword(origPassword);
        }
        WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(user, ut.isHashed());
        principal.setNonce(nonce);
        principal.setPassword(password);
        principal.setCreatedTime(createdTime);
        principal.setPasswordType(pwType);

        return principal;
    }
View Full Code Here

        if ("PasswordDigest".equals(pwType)) {
            //CXF-2150 - we need to check the UsernameTokens
            for (WSSecurityEngineResult o : CastUtils.cast(wsResult, WSSecurityEngineResult.class)) {
                Integer actInt = (Integer)o.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt == WSConstants.UT) {
                    WSUsernameTokenPrincipal princ
                        = (WSUsernameTokenPrincipal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    if (!princ.isPasswordDigest()) {
                        LOG.warning("Non-digest UsernameToken found, but digest required");
                        throw new WSSecurityException(WSSecurityException.INVALID_SECURITY);
                    }
                }
            }           
View Full Code Here

                Collection<AssertionInfo> ais = aim.get(SP12Constants.USERNAME_TOKEN);
                if (ais != null) {
                    for (AssertionInfo ai : ais) {
                        ai.setAsserted(true);
                    }
                    WSUsernameTokenPrincipal princ
                        = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    for (AssertionInfo ai : ais) {
                        UsernameToken tok = (UsernameToken)ai.getAssertion();
                        if (tok.isHashPassword() != princ.isPasswordDigest()) {
                            ai.setNotAsserted("Password hashing policy not enforced");
                        }
                    }
                }
                break;
View Full Code Here

   
    /**
     * Create a WSUsernameTokenPrincipal from this UsernameToken object
     */
    public Principal createPrincipal() {
        WSUsernameTokenPrincipal principal =
            new WSUsernameTokenPrincipal(getName(), isHashed());
        principal.setNonce(getNonce());
        principal.setPassword(getPassword());
        principal.setCreatedTime(getCreated());
        return principal;
    }
View Full Code Here

TOP

Related Classes of org.apache.ws.security.WSUsernameTokenPrincipal

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.