Package org.apache.ws.security

Examples of org.apache.ws.security.WSUsernameTokenPrincipal

500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
                Collection<AssertionInfo> ais = aim.get(SP12Constants.USERNAME_TOKEN);
                if (ais != null) {
                    for (AssertionInfo ai : ais) {
                        ai.setAsserted(true);
                    }
                    WSUsernameTokenPrincipal princ
                        = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    for (AssertionInfo ai : ais) {
                        UsernameToken tok = (UsernameToken)ai.getAssertion();
                        if (tok.isHashPassword() != princ.isPasswordDigest()) {
                            ai.setNotAsserted("Password hashing policy not enforced");
                        }
                    }
                }
                break;
View Full Code Here
276
277
278
279
280
281
282
283
284
285
286
287
288
            }
           
            AbstractUsernameTokenAuthenticatingInterceptor.this.setSubject(
                user, password, ut.isHashed(), nonce, createdTime);   
           
            WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(user, ut.isHashed());
            principal.setNonce(nonce);
            principal.setPassword(password);
            principal.setCreatedTime(createdTime);
            principal.setPasswordType(pwType);

            return principal;
        }
View Full Code Here
390
391
392
393
394
395
396
397
398
399
400
401
402
        if ("PasswordDigest".equals(pwType)) {
            //CXF-2150 - we need to check the UsernameTokens
            for (WSSecurityEngineResult o : CastUtils.cast(wsResult, WSSecurityEngineResult.class)) {
                Integer actInt = (Integer)o.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt == WSConstants.UT) {
                    WSUsernameTokenPrincipal princ
                        = (WSUsernameTokenPrincipal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    if (!princ.isPasswordDigest()) {
                        LOG.warning("Non-digest UsernameToken found, but digest required");
                        throw new WSSecurityException(WSSecurityException.INVALID_SECURITY);
                    }
                }
            }           
View Full Code Here
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
        Element el = (Element)h.getObject();
        Element child = DOMUtils.getFirstElement(el);
        while (child != null) {
            if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())) {
                try  {
                    final WSUsernameTokenPrincipal princ = getPrincipal(child, message);
                    if (princ != null) {
                        Vector<WSSecurityEngineResult>v = new Vector<WSSecurityEngineResult>();
                        v.add(0, new WSSecurityEngineResult(WSConstants.UT, princ, null, null, null));
                        List<Object> results = CastUtils.cast((List)message
                                                                  .get(WSHandlerConstants.RECV_RESULTS));
                        if (results == null) {
                            results = new Vector<Object>();
                            message.put(WSHandlerConstants.RECV_RESULTS, results);
                        }
                        WSHandlerResult rResult = new WSHandlerResult(null, v);
                        results.add(0, rResult);

                        assertUsernameTokens(message, princ);
                        message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, princ);                  
                        SecurityContext sc = message.get(SecurityContext.class);
                        if (sc == null || sc.getUserPrincipal() == null) {
                            Subject subject = createSubject(princ.getName(), princ.getPassword(),
                                princ.isPasswordDigest(), princ.getNonce(), princ.getCreatedTime());
                            message.put(SecurityContext.class,
                                        createSecurityContext(princ, subject));
                        }

                    }
View Full Code Here
172
173
174
175
176
177
178
179
180
181
182
183
184
    protected WSUsernameTokenPrincipal parseTokenAndCreatePrincipal(Element tokenElement)
        throws WSSecurityException {
        org.apache.ws.security.message.token.UsernameToken ut =
            new org.apache.ws.security.message.token.UsernameToken(tokenElement, false);
       
        WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(ut.getName(), ut.isHashed());
        principal.setNonce(ut.getNonce());
        principal.setPassword(ut.getPassword());
        principal.setCreatedTime(ut.getCreated());
        principal.setPasswordType(ut.getPasswordType());

        return principal;
    }
View Full Code Here
82
83
84
85
86
87
88
89
90
91
92
93
        List<WSSecurityEngineResult> results = verify(signedDoc, null);
       
        Principal principal = (Principal)results.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL);
        assert principal instanceof WSUsernameTokenPrincipal;
        assert "wernerd".equals(principal.getName());
        WSUsernameTokenPrincipal userPrincipal = (WSUsernameTokenPrincipal)principal;
        assert userPrincipal.getCreatedTime() != null;
        assert userPrincipal.getNonce() != null;
        assert userPrincipal.getPassword() != null;
        assert userPrincipal.isPasswordDigest();
        assert WSConstants.PASSWORD_DIGEST.equals(userPrincipal.getPasswordType());
    }
View Full Code Here
123
124
125
126
127
128
129
130
131
132
133
134
            try {
                WSSecurityHandler handler = WSSecurityHandler.getCurrentHandler();
                lastPrincipalFound = verifyXMLSignature((Element) elem,
                        crypto, returnCert, returnElements, null, signatureValue, cb);
                if (lastPrincipalFound instanceof WSUsernameTokenPrincipal) {
                    WSUsernameTokenPrincipal p = (WSUsernameTokenPrincipal) lastPrincipalFound;
                    handler.checkUser(p.getName(), p.getPassword());
                } else {
                    handler.checkUser(returnCert[0].getSubjectX500Principal().getName(), returnCert[0]);
                }
            } catch (GeneralSecurityException e) {
                throw new WSSecurityException("Unable to authenticate user", e);
View Full Code Here
430
431
432
433
434
435
436
437
438
439
440
441
442
        if ("PasswordDigest".equals(pwType)) {
            //CXF-2150 - we need to check the UsernameTokens
            for (WSSecurityEngineResult o : CastUtils.cast(wsResult, WSSecurityEngineResult.class)) {
                Integer actInt = (Integer)o.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt == WSConstants.UT) {
                    WSUsernameTokenPrincipal princ
                        = (WSUsernameTokenPrincipal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    if (!princ.isPasswordDigest()) {
                        LOG.warning("Non-digest UsernameToken found, but digest required");
                        throw new WSSecurityException(WSSecurityException.INVALID_SECURITY);
                    }
                }
            }           
View Full Code Here
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
             * of this token to set the alias for the encryption user
             */
            for (WSSecurityEngineResult wser : wsSecEngineResults) {
                Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt.intValue() == WSConstants.UT) {
                    WSUsernameTokenPrincipal principal
                        = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                    return principal.getName();
                }
            }
        }
        
        return null;
View Full Code Here
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
                    for (AssertionInfo ai : ais) {
                        ai.setAsserted(true);
                    }
                   
                    if (utWithCallbacks) {
                        WSUsernameTokenPrincipal princ
                            = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                        for (AssertionInfo ai : ais) {
                            UsernameToken tok = (UsernameToken)ai.getAssertion();
                            if (tok.isHashPassword() != princ.isPasswordDigest()) {
                                ai.setNotAsserted("Password hashing policy not enforced");
                            }
                        }
                    }
                }
View Full Code Here
TOP

Related Classes of org.apache.ws.security.WSUsernameTokenPrincipal

  • org.apache.camel.itest.security.MyAuthenticationAdapter
  • org.apache.cxf.sts.token.validator.UsernameTokenValidator
  • org.apache.cxf.systest.ws.ut.server.CustomUTValidator
  • org.apache.cxf.ws.security.wss4j.AbstractUsernameTokenAuthenticatingInterceptor$CustomUsernameTokenProcessor
  • org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor
  • org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
  • org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor
  • org.apache.cxf.ws.security.wss4j.UsernameTokenProcessorWithoutCallbacks
  • org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
  • org.apache.cxf.ws.security.wss4j.WSS4JTokenConverter
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.