Package org.apache.ws.security.message

Examples of org.apache.ws.security.message.WSSecUsernameToken


     * Test with a null token type. This will fail as the default is to reject custom
     * token types.
     * <p/>
     */
    public void testUsernameTokenCustomFail() throws Exception {
        WSSecUsernameToken builder = new WSSecUsernameToken();
        builder.setPasswordType(null);
        builder.setUserInfo("wernerd", null);
       
        Document doc = unsignedEnvelope.getAsDocument();
        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);
        Document signedDoc = builder.build(doc, secHeader);
       
        if (LOG.isDebugEnabled()) {
            LOG.debug("Message with UserNameToken PW Text:");
            String outputString =
                org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
View Full Code Here


        if (suppTokens == null) {
            return ret;
        }
        for (Token token : suppTokens.getTokens()) {
            if (token instanceof UsernameToken) {
                WSSecUsernameToken utBuilder = addUsernameToken((UsernameToken)token);
                if (utBuilder != null) {
                    utBuilder.prepare(saaj.getSOAPPart());
                    addSupportingElement(utBuilder.getUsernameTokenElement());
                    ret.put(token, utBuilder);
                    //WebLogic and WCF always encrypt these
                    //See:  http://e-docs.bea.com/wls/docs103/webserv_intro/interop.html
                    //encryptedTokensIdList.add(utBuilder.getId());
                    if (suppTokens.isEncryptedToken()
                        || MessageUtils.getContextualBoolean(message,
                                                             SecurityConstants.ALWAYS_ENCRYPT_UT,
                                                             true)) {
                        encryptedTokensIdList.add(utBuilder.getId());
                    }
                }
            } else if (isRequestor()
                && (token instanceof IssuedToken
                    || token instanceof SecureConversationToken)) {
View Full Code Here

                    if (tempSig.getBSTTokenId() != null) {
                        part = new WSEncryptionPart(tempSig.getBSTTokenId());
                    }
                }
            } else if (tempTok instanceof WSSecUsernameToken) {
                WSSecUsernameToken unt = (WSSecUsernameToken)tempTok;
                part = new WSEncryptionPart(unt.getId());
            } else {
                policyNotAsserted(entry.getKey(), "UnsupportedTokenInSupportingToken: " + tempTok)
            }
            if (part != null) {
                sigParts.add(part);
View Full Code Here

        String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
       
        if (!StringUtils.isEmpty(userName)) {
            // If NoPassword property is set we don't need to set the password
            if (token.isNoPassword()) {
                WSSecUsernameToken utBuilder = new WSSecUsernameToken();
                utBuilder.setUserInfo(userName, null);
                utBuilder.setPasswordType(null);
                info.setAsserted(true);
                return utBuilder;
            }
           
            String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
            if (StringUtils.isEmpty(password)) {
                password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
            }
           
            if (!StringUtils.isEmpty(password)) {
                //If the password is available then build the token
                WSSecUsernameToken utBuilder = new WSSecUsernameToken();
                if (token.isHashPassword()) {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST)
                } else {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
                }
               
                utBuilder.setUserInfo(userName, password);
                info.setAsserted(true);
                return utBuilder;
            } else {
                policyNotAsserted(token, "No username available");
            }
View Full Code Here

        if (suppTokens == null) {
            return ret;
        }
        for (Token token : suppTokens.getTokens()) {
            if (token instanceof UsernameToken) {
                WSSecUsernameToken utBuilder = addUsernameToken((UsernameToken)token);
                if (utBuilder != null) {
                    utBuilder.prepare(saaj.getSOAPPart());
                    addSupportingElement(utBuilder.getUsernameTokenElement());
                    ret.put(token, utBuilder);
                    //WebLogic and WCF always encrypt these
                    //See:  http://e-docs.bea.com/wls/docs103/webserv_intro/interop.html
                    //encryptedTokensIdList.add(utBuilder.getId());
                    if (suppTokens.isEncryptedToken()
                        || MessageUtils.getContextualBoolean(message,
                                                             SecurityConstants.ALWAYS_ENCRYPT_UT,
                                                             true)) {
                        encryptedTokensIdList.add(utBuilder.getId());
                    }
                }
            } else if (isRequestor()
                && (token instanceof IssuedToken
                    || token instanceof SecureConversationToken)) {
View Full Code Here

                WSSecSignature tempSig = (WSSecSignature) tempTok;
                if (tempSig.getBSTTokenId() != null) {
                    part = new WSEncryptionPart(tempSig.getBSTTokenId());
                }
            } else if (tempTok instanceof WSSecUsernameToken) {
                WSSecUsernameToken unt = (WSSecUsernameToken)tempTok;
                part = new WSEncryptionPart(unt.getId());
            } else {
                policyNotAsserted(entry.getKey(), "UnsupportedTokenInSupportingToken: " + tempTok)
            }
            if (part != null) {
                sigParts.add(part);
View Full Code Here

        String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
       
        if (!StringUtils.isEmpty(userName)) {
            // If NoPassword property is set we don't need to set the password
            if (token.isNoPassword()) {
                WSSecUsernameToken utBuilder = new WSSecUsernameToken();
                utBuilder.setUserInfo(userName, null);
                utBuilder.setPasswordType(null);
                info.setAsserted(true);
                return utBuilder;
            }
           
            String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
            if (StringUtils.isEmpty(password)) {
                password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
            }
           
            if (!StringUtils.isEmpty(password)) {
                //If the password is available then build the token
                WSSecUsernameToken utBuilder = new WSSecUsernameToken();
                if (token.isHashPassword()) {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST)
                } else {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
                }
               
                utBuilder.setUserInfo(userName, password);
                info.setAsserted(true);
                return utBuilder;
            } else {
                policyNotAsserted(token, "No username available");
            }
View Full Code Here

                log.debug("User : " + user);
            }

            // If NoPassword property is set we don't need to set the password
            if (token.isNoPassword()) {
                WSSecUsernameToken utBuilder = new WSSecUsernameToken();
                utBuilder.setUserInfo(user, null);
                utBuilder.setPasswordType(null);
                if (rmd.getConfig() != null) {
                    utBuilder.setWsConfig(rmd.getConfig());
                }
                return utBuilder;
            }
           
            //Get the password

            //First check options object for a password
            String password = options.getPassword();
           
            if(password == null || password.length() == 0) {
               
                //Then try to get the password from the given callback handler
                CallbackHandler handler = RampartUtil.getPasswordCB(rmd);
           
                if(handler == null) {
                    //If the callback handler is missing
                    throw new RampartException("cbHandlerMissing");
                }
               
                WSPasswordCallback[] cb = { new WSPasswordCallback(user,
                        WSPasswordCallback.USERNAME_TOKEN) };
                try {
                    handler.handle(cb);
                } catch (Exception e) {
                    throw new RampartException("errorInGettingPasswordForUser",
                            new String[]{user}, e);
                }
               
                //get the password
                password = cb[0].getPassword();
            }

            if (log.isDebugEnabled()) {
                log.debug("Password : " + password);
            }

            if(password != null && !"".equals(password)) {
                //If the password is available then build the token
               
                WSSecUsernameToken utBuilder = new WSSecUsernameToken();
                if(rmd.getConfig() != null) {
                    utBuilder.setWsConfig(rmd.getConfig());
                }
                if (token.isHashPassword()) {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST)
                } else {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
                }
               
                utBuilder.setUserInfo(user, password);
               
                return utBuilder;
            } else {
                //If there's no password then throw an exception
                throw new RampartException("noPasswordForUser",
View Full Code Here

                            }
                        }
                        endSuppTokMap.put(token, sig);
                       
                } else if(token instanceof UsernameToken) {
                    WSSecUsernameToken utBuilder = addUsernameToken(rmd, (UsernameToken)token);
                   
                    utBuilder.prepare(rmd.getDocument());
                   
                    //Add the UT
                    Element elem = utBuilder.getUsernameTokenElement();
                    elem = RampartUtil.insertSiblingAfter(rmd, this.getInsertionLocation(), elem);
                   
                    encryptedTokensIdList.add(utBuilder.getId());
                   
                    //Move the insert location to the next element
                    this.setInsertionLocation(elem);
                    Date now = new Date();
                    try {
                        org.apache.rahas.Token tempTok = new org.apache.rahas.Token(
                                utBuilder.getId(), (OMElement) elem, now,
                                new Date(now.getTime() + 300000));
                        endSuppTokMap.put(token, tempTok);
                    } catch (TrustException e) {
                        throw new RampartException("errorCreatingRahasToken", e);
                    }
View Full Code Here

                ArrayList tokens = sgndSuppTokens.getTokens();
                for (Iterator iter = tokens.iterator(); iter.hasNext();) {
                   
                    Token token = (Token) iter.next();
                    if(token instanceof UsernameToken) {
                        WSSecUsernameToken utBuilder = addUsernameToken(rmd,(UsernameToken)token);
                       
                        utBuilder.prepare(rmd.getDocument());
                       
                        //Add the UT
                        utBuilder.appendToHeader(rmd.getSecHeader());
                       
                    } else {
                        throw new RampartException("unsupportedSignedSupportingToken",
                                new String[]{"{" +token.getName().getNamespaceURI()
                                + "}" + token.getName().getLocalPart()});
View Full Code Here

TOP

Related Classes of org.apache.ws.security.message.WSSecUsernameToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.