Examples of org.apache.ws.security.message.token.Timestamp

Package org.apache.ws.security.message.token

Examples of org.apache.ws.security.message.token.Timestamp

org.apache.ws.security.message.token.Timestamp
Timestamp according to SOAP Message Security 1.0, chapter 10 / appendix A.2
@author Christof Soehngen (christof.soehngen@syracom.de)


            Element expiresElement = document.createElementNS( WSConstants.WSU_NS,WSConstants.EXPIRES_LN);
            expiresElement.setTextContent(validityPeriod[1]);
            element.appendChild(expiresElement);


            return new Timestamp(element);


        } catch (ParserConfigurationException e) {
            throw new WSSecurityException(WSSecurityException.FAILURE,"SAMLTimeStampBuildError", null , e );
        } catch (WSSecurityException e) {
            throw new WSSecurityException(WSSecurityException.FAILURE,"SAMLTimeStampBuildError", null , e );

View Full Code Here

            return;
        }
        
        // Find the Timestamp
        List<WSSecurityEngineResult> foundResults = wsDocInfo.getResultsByTag(WSConstants.TS);
        Timestamp timeStamp = null;
        if (foundResults.isEmpty()) {
            // Search for a Timestamp below the Signature
            Node sibling = signatureElement.getNextSibling();
            while (sibling != null) {
                if (sibling instanceof Element 
                    && WSConstants.TIMESTAMP_TOKEN_LN.equals(((Element)sibling).getLocalName())
                    && WSConstants.WSU_NS.equals(((Element)sibling).getNamespaceURI())) {
                    timeStamp = new Timestamp((Element)sibling, requestData.getWssConfig().isWsiBSPCompliant());
                    break;
                }
                sibling = sibling.getNextSibling();
            }
        } else {
            timeStamp = (Timestamp)foundResults.get(0).get(WSSecurityEngineResult.TAG_TIMESTAMP);
        }
        if (timeStamp == null) {
            return;
        }
        
        // Test for replay attacks
        Date created = timeStamp.getCreated();
        DateFormat zulu = new XmlSchemaDateFormat();
        String identifier = zulu.format(created) + "" + Arrays.hashCode(signatureValue);


        if (replayCache.contains(identifier)) {
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY,
                "invalidTimestamp",
                new Object[] {"A replay attack has been detected"}
            );
        }


        // Store the Timestamp/SignatureValue combination in the cache
        Date expires = timeStamp.getExpires();
        if (expires != null) {
            Date rightNow = new Date();
            long currentTime = rightNow.getTime();
            long expiresTime = expires.getTime();
            replayCache.add(identifier, 1L + (expiresTime - currentTime) / 1000L);

View Full Code Here


            // Extract the timestamp action result from the action vector
            actionResult = WSSecurityUtil.fetchActionResult(wsResult, WSConstants.TS);


            if (actionResult != null) {
                Timestamp timestamp = actionResult.getTimestamp();


                if (timestamp != null) {
                    if (!verifyTimestamp(timestamp, decodeTimeToLive(reqData))) {
                        throw new SoapFault(new WSSecurityException(
                                        "WSSecurityHandler: the timestamp could not be validated"));

View Full Code Here


            // Extract the timestamp action result from the action vector
            actionResult = WSSecurityUtil.fetchActionResult(wsResult, WSConstants.TS);


            if (actionResult != null) {
                Timestamp timestamp = (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);


                if (timestamp != null && !verifyTimestamp(timestamp, decodeTimeToLive(reqData))) {
                    LOG.warning("The timestamp could not be validated");
                    throw new WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
                }

View Full Code Here

        
        // Store the timestamp element
        WSSecurityEngineResult tsResult = WSSecurityUtil.fetchActionResult(results, WSConstants.TS);
        Element timestamp = null;
        if (tsResult != null) {
            Timestamp ts = (Timestamp)tsResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
            timestamp = ts.getElement();
        }
        
        boolean check = true;
        
        SupportingTokenPolicyValidator validator = new ConcreteSupportingTokenPolicyValidator();

View Full Code Here

        // Extract the timestamp action result from the action vector
        actionResult = WSSecurityUtil.fetchActionResult(wsResult,
                WSConstants.TS);


        if (actionResult != null) {
            Timestamp timestamp = actionResult.getTimestamp();


            if (timestamp != null) {
                String ttl = null;
                if ((ttl = (String) getOption(WSHandlerConstants.TTL_TIMESTAMP)) == null) {
                    ttl = (String) getProperty(msgContext,

View Full Code Here


        // Extract the timestamp action result from the action vector
        actionResult = WSSecurityUtil.fetchActionResult(results, WSConstants.TS);


        if (actionResult != null) {
            Timestamp timestamp = actionResult.getTimestamp();


            if (timestamp != null) {
                if (!verifyTimestamp(timestamp, rmd.getTimeToLive())) {
                    throw new RampartException("cannotValidateTimestamp");
                }

View Full Code Here

        
        // Store the timestamp element
        WSSecurityEngineResult tsResult = WSSecurityUtil.fetchActionResult(results, WSConstants.TS);
        Element timestamp = null;
        if (tsResult != null) {
            Timestamp ts = (Timestamp)tsResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
            timestamp = ts.getElement();
        }
        
        boolean check = true;
        
        SupportingTokenPolicyValidator validator = new SignedTokenPolicyValidator();

View Full Code Here


        if (!timestampResults.isEmpty()) {
            for (int i = 0; i < timestampResults.size(); i++) {
                WSSecurityEngineResult result = 
                    (WSSecurityEngineResult) timestampResults.get(i);
                Timestamp timestamp = (Timestamp)result.get(WSSecurityEngineResult.TAG_TIMESTAMP);


                if (timestamp != null && !verifyTimestamp(timestamp, decodeTimeToLive(reqData))) {
                    LOG.warning("The timestamp could not be validated");
                    throw new WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
                }

View Full Code Here

        List<WSSecurityEngineResult> wsResult = verify(createdDoc, WSSConfig.getNewInstance());
        WSSecurityEngineResult actionResult = 
            WSSecurityUtil.fetchActionResult(wsResult, WSConstants.TS);
        assertTrue(actionResult != null);
        
        Timestamp receivedTimestamp = 
            (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
        assertTrue(receivedTimestamp != null);
    }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.ws.security.message.token.Timestamp

org.apache.axis2.security.WSDoAllReceiver

org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor

org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractBindingPolicyValidator

org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

org.apache.rampart.handler.WSDoAllReceiver

org.apache.rampart.PolicyBasedResultsValidator

org.apache.servicemix.soap.handlers.security.WSSecurityHandler

org.apache.ws.axis.security.WSDoAllReceiver

org.apache.ws.security.handler.WSS4JHandler

org.apache.ws.security.message.TimestampTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.