Package org.apache.ws.security.message.token

Examples of org.apache.ws.security.message.token.KerberosSecurity


            Message message,
            AssertionInfoMap aim
        ) {
            List<WSSecurityEngineResult> kerberosResults = findKerberosResults(rResult.getResults());
            for (WSSecurityEngineResult wser : kerberosResults) {
                KerberosSecurity kerberosToken =
                    (KerberosSecurity)wser.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
                KerberosTokenPolicyValidator kerberosValidator =
                    new KerberosTokenPolicyValidator(message);
                boolean valid = kerberosValidator.validatePolicy(aim, kerberosToken);
                if (valid) {
View Full Code Here


        if (X509Security.X509_V3_TYPE.equals(type)) {
            token = new X509Security(element, config.isWsiBSPCompliant());
        } else if (PKIPathSecurity.getType().equals(type)) {
            token = new PKIPathSecurity(element, config.isWsiBSPCompliant());
        } else if (KerberosSecurity.isKerberosToken(type)) {
            token = new KerberosSecurity(element, config.isWsiBSPCompliant());
        } else {
            token = new BinarySecurity(element, config.isWsiBSPCompliant());
        }
        return token;
    }
View Full Code Here

        if (X509Security.X509_V3_TYPE.equals(type)) {
            token = new X509Security(element, config.isWsiBSPCompliant());
        } else if (PKIPathSecurity.getType().equals(type)) {
            token = new PKIPathSecurity(element, config.isWsiBSPCompliant());
        } else if (KerberosSecurity.isKerberosToken(type)) {
            token = new KerberosSecurity(element, config.isWsiBSPCompliant());
        } else {
            token = new BinarySecurity(element, config.isWsiBSPCompliant());
        }
        return token;
    }
View Full Code Here

            Message message,
            AssertionInfoMap aim
        ) {
            List<WSSecurityEngineResult> kerberosResults = findKerberosResults(rResult.getResults());
            for (WSSecurityEngineResult wser : kerberosResults) {
                KerberosSecurity kerberosToken =
                    (KerberosSecurity)wser.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
                KerberosTokenPolicyValidator kerberosValidator =
                    new KerberosTokenPolicyValidator(message);
                boolean valid = kerberosValidator.validatePolicy(aim, kerberosToken);
                if (valid) {
View Full Code Here

    public SecurityToken requestSecurityToken() throws Exception {
        if (LOG.isLoggable(Level.FINE)) {
            LOG.fine("Requesting Kerberos ticket for " + serviceName
                    + " using JAAS Login Module: " + getContextName());
        }
        KerberosSecurity bst = new KerberosSecurity(DOMUtils.createDocument());
        bst.retrieveServiceTicket(getContextName(), callbackHandler, serviceName);
        bst.addWSUNamespace();
        bst.setID(wssConfig.getIdAllocator().createSecureId("BST-", bst));
       
        SecurityToken token = new SecurityToken(bst.getID());
        token.setToken(bst.getElement());
        token.setWsuId(bst.getID());
        SecretKey secretKey = bst.getSecretKey();
        if (secretKey != null) {
            token.setSecret(secretKey.getEncoded());
        }
        String sha1 = Base64.encode(WSSecurityUtil.generateDigest(bst.getToken()));
        token.setSHA1(sha1);
        token.setTokenType(bst.getValueType());

        return token;
    }
View Full Code Here

            Message message,
            AssertionInfoMap aim
        ) {
            List<WSSecurityEngineResult> kerberosResults = findKerberosResults(rResult.getResults());
            for (WSSecurityEngineResult wser : kerberosResults) {
                KerberosSecurity kerberosToken =
                    (KerberosSecurity)wser.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
                KerberosTokenPolicyValidator kerberosValidator =
                    new KerberosTokenPolicyValidator(message);
                boolean valid = kerberosValidator.validatePolicy(aim, kerberosToken);
                if (valid) {
View Full Code Here

    SecretKey secretKey = null;
    KerberosTokenPrincipal principal = null;

    try {
      authenticate(handler);
      KerberosSecurity ks = createSecurityToken(elem);
      GSSContext context = acceptSecurityContext(ks);
      secretKey = getSessionKey(ks.getToken());

      if (log.isDebugEnabled()) {
        log.debug((new StringBuilder())
            .append("security context accepted with ")
            .append(context.getSrcName().toString())
            .append(",")
            .append(context.getSrcName().getStringNameType()
                .toString()).toString());
      }

      principal = new KerberosTokenPrincipal(context.getSrcName()
          .toString());
      principal.setTokenElement(elem);

      if (secretKey != null) {
        principal.setSessionKey(secretKey.getEncoded());
      } else {
        log.error("null secret key");
        throw new WSSecurityException(3, "nullSecretKey",
            new Object[] { "null secret key" });
      }

      principal.setSecretKey(secretKey);

      KrbSession kerberosSession = new KrbSession(ks.getSHA1(), secretKey);
      kerberosSession.setClientPrincipalName(context.getSrcName()
          .toString());
      kerberosSession.setServerPrincipalName(context.getTargName()
          .toString());
      KrbSessionCache.getInstance().addSession(kerberosSession);
View Full Code Here

            token.getLocalName());
        if (el.equals(WSSecurityEngine.binaryToken))
          try {
            if (lastPrincipalFound == null) {
              authenticate(cb);
              KerberosSecurity ks = createSecurityToken(token);
              GSSContext context = acceptSecurityContext(ks);
              secretKey = getSessionKey(ks.getToken());
              if (log.isDebugEnabled()) {
                log.debug("security context accepted with "
                    + context.getSrcName().toString()
                    + ","
                    + context.getSrcName()
                        .getStringNameType());
              }
              principal = new KerberosTokenPrincipal(context
                  .getSrcName().toString());
              principal.setTokenElement(token);
              principal.setSessionKey(secretKey.getEncoded());
              principal.setSecretKey(secretKey);
              KrbSession kerberosSession = new KrbSession(
                  ks.getSHA1(), secretKey);
              kerberosSession.setClientPrincipalName(context
                  .getSrcName().toString());
              kerberosSession.setServerPrincipalName(context
                  .getTargName().toString());
              KrbSessionCache.getInstance().addSession(
View Full Code Here

   */
  private KerberosSecurity createSecurityToken(Element element)
      throws WSSecurityException {
    BinarySecurity token = new BinarySecurity(element);
    String type = token.getValueType();
    KerberosSecurity krbTkn = null;
    if (KerberosSecurity.GSS_KERBEROSv5_AP_REQ.equals(type)) {
      krbTkn = new KerberosSecurity(element);
      return krbTkn;
    } else {
      throw new WSSecurityException(1, "unsupportedBinaryTokenType",
          new Object[] { type });
    }
View Full Code Here

    wsDocInfo = new WSDocInfo(document);
    switch (keyIdentifierType) {
    case WSConstants.BST_DIRECT_REFERENCE:
      Reference ref = new Reference(document);
      ref.setURI((new StringBuilder()).append("#").append(tokenUri).toString());
      bstToken = new KerberosSecurity(document);
      ((KerberosSecurity) bstToken).setKerberosToken(tokenData);
      ref.setValueType(bstToken.getValueType());
      secRef.setReference(ref);
      bstToken.setID(tokenUri);
      wsDocInfo.setBst(bstToken.getElement());
View Full Code Here

TOP

Related Classes of org.apache.ws.security.message.token.KerberosSecurity

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.