Package org.apache.ws.security.message.token

Examples of org.apache.ws.security.message.token.Timestamp


        }
        wssConfig = wsc;
        //
        // Decode Timestamp, add the found time (created/expiry) to result
        //
        Timestamp timestamp = new Timestamp(elem);
        handleTimestamp(timestamp);
        returnResults.add(
            0,
            new WSSecurityEngineResult(WSConstants.TS, timestamp)
        );
View Full Code Here


        // Extract the timestamp action result from the action vector
        actionResult = WSSecurityUtil.fetchActionResult(wsResult, WSConstants.TS);

        if (actionResult != null) {
            Timestamp timestamp =
                (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);

            if (timestamp != null && reqData.getWssConfig().isTimeStampStrict()
                && !verifyTimestamp(timestamp, decodeTimeToLive(reqData))) {
                throw new JAXRPCException("WSS4JHandler: The timestamp could not be validated");
View Full Code Here

            return;
        }
       
        // Find the Timestamp
        List<WSSecurityEngineResult> foundResults = wsDocInfo.getResultsByTag(WSConstants.TS);
        Timestamp timeStamp = null;
        if (foundResults.isEmpty()) {
            // Search for a Timestamp below the Signature
            Node sibling = signatureElement.getNextSibling();
            while (sibling != null) {
                if (sibling instanceof Element
                    && WSConstants.TIMESTAMP_TOKEN_LN.equals(((Element)sibling).getLocalName())
                    && WSConstants.WSU_NS.equals(((Element)sibling).getNamespaceURI())) {
                    timeStamp = new Timestamp((Element)sibling, requestData.getWssConfig().isWsiBSPCompliant());
                    break;
                }
                sibling = sibling.getNextSibling();
            }
        } else {
            timeStamp = (Timestamp)foundResults.get(0).get(WSSecurityEngineResult.TAG_TIMESTAMP);
        }
        if (timeStamp == null) {
            return;
        }
       
        // Test for replay attacks
        Date created = timeStamp.getCreated();
        DateFormat zulu = new XmlSchemaDateFormat();
        String identifier = zulu.format(created) + "" + Arrays.hashCode(signatureValue);

        if (replayCache.contains(identifier)) {
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY,
                "invalidTimestamp",
                new Object[] {"A replay attack has been detected"}
            );
        }

        // Store the Timestamp/SignatureValue combination in the cache
        Date expires = timeStamp.getExpires();
        if (expires != null) {
            Date rightNow = new Date();
            long currentTime = rightNow.getTime();
            long expiresTime = expires.getTime();
            replayCache.add(identifier, 1L + (expiresTime - currentTime) / 1000L);
View Full Code Here

            // Extract the timestamp action result from the action vector
            actionResult = WSSecurityUtil.fetchActionResult(wsResult,
                    WSConstants.TS);

            if (actionResult != null) {
                Timestamp timestamp = actionResult.getTimestamp();

                if (timestamp != null
                    && !verifyTimestamp(timestamp, decodeTimeToLive(reqData))) {
                    throw new AxisFault("WSDoAllReceiver: The timestamp could not be validated");
                }
View Full Code Here

     * value is not suitable.
     *
     * @param doc The SOAP envelope as W3C document
     */
    public void prepare(Document doc) {
        ts = new Timestamp(wssConfig.isPrecisionInMilliSeconds(), doc, timeToLive);
        String tsId = wssConfig.getIdAllocator().createId("Timestamp-", ts);
        ts.setID(tsId);
    }
View Full Code Here

     *             {@link WSSecTimestamp#setTimeToLive(int)}
     */
    public Document build(Document doc, int ttl) {
        log.debug("Begin add timestamp...");
        Element securityHeader = insertSecurityHeader(doc);
        ts = new Timestamp(wssConfig.isPrecisionInMilliSeconds(), doc, ttl);
        if (id != null) {
            ts.setID(id);
        }
        WSSecurityUtil.prependChildElement(securityHeader, ts.getElement());
        return doc;
View Full Code Here

            if (!timestampResults.isEmpty()) {
                for (int i = 0; i < timestampResults.size(); i++) {
                    WSSecurityEngineResult result =
                        (WSSecurityEngineResult) timestampResults.get(i);
                    Timestamp timestamp = (Timestamp)result.get(WSSecurityEngineResult.TAG_TIMESTAMP);
   
                    if (timestamp != null && !verifyTimestamp(timestamp, decodeTimeToLive(reqData))) {
                        LOG.warning("The timestamp could not be validated");
                        throw new WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
                    }
View Full Code Here

       
        // At this point we received a (required) Timestamp. Now check that it is integrity protected.
        if (transportBinding) {
            return true;
        } else if (!signedResults.isEmpty()) {
            Timestamp timestamp =
                (Timestamp)timestampResults.get(0).get(WSSecurityEngineResult.TAG_TIMESTAMP);
            for (WSSecurityEngineResult signedResult : signedResults) {
                List<WSDataRef> dataRefs =
                    CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
                for (WSDataRef dataRef : dataRefs) {
                    if (timestamp.getElement() == dataRef.getProtectedElement()) {
                        return true;
                    }
                }
            }
        }
View Full Code Here

            return;
        }
       
        // Find the Timestamp
        List<WSSecurityEngineResult> foundResults = wsDocInfo.getResultsByTag(WSConstants.TS);
        Timestamp timeStamp = null;
        if (foundResults.isEmpty()) {
            // Search for a Timestamp below the Signature
            Node sibling = signatureElement.getNextSibling();
            while (sibling != null) {
                if (sibling instanceof Element
                    && WSConstants.TIMESTAMP_TOKEN_LN.equals(((Element)sibling).getLocalName())
                    && WSConstants.WSU_NS.equals(((Element)sibling).getNamespaceURI())) {
                    timeStamp = new Timestamp((Element)sibling, requestData.getWssConfig().isWsiBSPCompliant());
                    break;
                }
                sibling = sibling.getNextSibling();
            }
        } else {
            timeStamp = (Timestamp)foundResults.get(0).get(WSSecurityEngineResult.TAG_TIMESTAMP);
        }
        if (timeStamp == null) {
            return;
        }
       
        // Test for replay attacks
        Date created = timeStamp.getCreated();
        DateFormat zulu = new XmlSchemaDateFormat();
        String identifier = zulu.format(created) + "" + Arrays.hashCode(signatureValue);

        if (replayCache.contains(identifier)) {
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY,
                "invalidTimestamp",
                new Object[] {"A replay attack has been detected"}
            );
        }

        // Store the Timestamp/SignatureValue combination in the cache
        Date expires = timeStamp.getExpires();
        if (expires != null) {
            Date rightNow = new Date();
            long currentTime = rightNow.getTime();
            long expiresTime = expires.getTime();
            replayCache.add(identifier, ((expiresTime - currentTime) / 1000L));
View Full Code Here

       
        // Store the timestamp element
        WSSecurityEngineResult tsResult = WSSecurityUtil.fetchActionResult(results, WSConstants.TS);
        Element timestamp = null;
        if (tsResult != null) {
            Timestamp ts = (Timestamp)tsResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
            timestamp = ts.getElement();
        }
       
        boolean check = true;
       
        SupportingTokenPolicyValidator validator = new SignedTokenPolicyValidator();
View Full Code Here

TOP

Related Classes of org.apache.ws.security.message.token.Timestamp

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.