Examples of org.apache.wss4j.dom.WSSecurityEngine

org.apache.wss4j.dom.WSSecurityEngine
WS-Security Engine.

    }


    private List<WSSecurityEngineResult> verify(
        Element securityHeader, AlgorithmSuite algorithmSuite, Crypto decCrypto
    ) throws Exception {
        WSSecurityEngine secEngine = new WSSecurityEngine();
        RequestData data = new RequestData();
        data.setDecCrypto(decCrypto);
        
        data.setAlgorithmSuite(algorithmSuite);
        
        data.setCallbackHandler(new KeystoreCallbackHandler());
        
        return secEngine.processSecurityHeader(securityHeader, data);
    }

View Full Code Here

    
    private List<WSSecurityEngineResult> verify(
        Document doc, 
        boolean allowUsernameTokenDerivedKeys
    ) throws Exception {
        WSSecurityEngine secEngine = new WSSecurityEngine();
        WSSConfig config = WSSConfig.getNewInstance();
        config.setAllowUsernameTokenNoPassword(allowUsernameTokenDerivedKeys);
        secEngine.setWssConfig(config);
        return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
    }

View Full Code Here

            XMLUtils.PrettyDocumentToString(encryptedDoc);
        if (LOG.isDebugEnabled()) {
            LOG.debug(outputString);
        }
        
        WSSecurityEngine newEngine = new WSSecurityEngine();
        try {
            newEngine.processSecurityHeader(doc, null, new KeystoreCallbackHandler(), wssCrypto);
            fail("Failure expected on a modified EncryptedData structure");
        } catch (WSSecurityException ex) {
            // expected
        }
    }

View Full Code Here

            XMLUtils.PrettyDocumentToString(encryptedDoc);
        if (LOG.isDebugEnabled()) {
            LOG.debug(outputString);
        }
        
        WSSecurityEngine newEngine = new WSSecurityEngine();
        try {
            newEngine.processSecurityHeader(doc, null, new KeystoreCallbackHandler(), wssCrypto);
            fail("Failure expected on a modified EncryptedData CipherValue");
        } catch (WSSecurityException ex) {
            assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
            //the error message is not deterministic so we do not do a message comparison
        }

View Full Code Here

            XMLUtils.PrettyDocumentToString(encryptedDoc);
        if (LOG.isDebugEnabled()) {
            LOG.debug(outputString);
        }
        
        WSSecurityEngine newEngine = new WSSecurityEngine();
        try {
            newEngine.processSecurityHeader(doc, null, new KeystoreCallbackHandler(), wssCrypto);
            fail("Failure expected on a modified EncryptedData CipherValue");
        } catch (WSSecurityException ex) {
            assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
            //the error message is not deterministic so we do not do a message comparison
        }

View Full Code Here

     * 
     * @param doc
     * @throws Exception Thrown when there is a problem in verification
     */
    private List<WSSecurityEngineResult> verify(Document doc) throws Exception {
        WSSecurityEngine secEngine = new WSSecurityEngine();
        WSSConfig config = WSSConfig.getNewInstance();
        config.setValidateSamlSubjectConfirmation(false);
        secEngine.setWssConfig(config);
        
        List<WSSecurityEngineResult> results = 
            secEngine.processSecurityHeader(
                doc, null, null, crypto
            );
        String outputString = XMLUtils.PrettyDocumentToString(doc);
        assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);
        return results;

View Full Code Here


    private List<WSSecurityEngineResult> verifyWithoutProfile(Document doc) throws Exception {
        SamlAssertionValidator validator = new SamlAssertionValidator();
        validator.setValidateSignatureAgainstProfile(false);
        
        WSSecurityEngine secEngine = new WSSecurityEngine();
        WSSConfig config = secEngine.getWssConfig();
        config.setValidator(WSSecurityEngine.SAML_TOKEN, validator);
        config.setValidator(WSSecurityEngine.SAML2_TOKEN, validator);
        
        List<WSSecurityEngineResult> results = 
            secEngine.processSecurityHeader(
                doc, null, null, crypto
            );
        String outputString = XMLUtils.PrettyDocumentToString(doc);
        assertTrue(outputString.indexOf("counter_port_type") > 0 ? true : false);
        return results;

View Full Code Here

            LOG.debug("Encrypted message, RSA-OAEP keytransport, 3DES:");
            LOG.debug(outputString);
        }
        assertFalse(outputString.contains("counter_port_type"));
        
        WSSecurityEngine newEngine = new WSSecurityEngine();
        
        try {
            newEngine.processSecurityHeader(encryptedDoc, null, keystoreCallbackHandler, crypto);
            fail("Failure expected on a bad ValueType attribute");
        } catch (WSSecurityException ex) {
            // expected
        }
        
        RequestData data = new RequestData();
        data.setCallbackHandler(keystoreCallbackHandler);
        data.setDecCrypto(crypto);
        data.setIgnoredBSPRules(Collections.singletonList(BSPRule.R3063));
        List<WSSecurityEngineResult> results = 
            newEngine.processSecurityHeader(encryptedDoc, "", data);
        
        WSSecurityEngineResult actionResult =
                WSSecurityUtil.fetchActionResult(results, WSConstants.ENCR);
        assertNotNull(actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE));
        assertNotNull(actionResult.get(WSSecurityEngineResult.TAG_X509_REFERENCE_TYPE));

View Full Code Here

            XMLUtils.PrettyDocumentToString(encryptedDoc);
        if (LOG.isDebugEnabled()) {
            LOG.debug(outputString);
        }


        WSSecurityEngine newEngine = new WSSecurityEngine();
        try {
            newEngine.processSecurityHeader(encryptedDoc, null, keystoreCallbackHandler, crypto);
            fail("Failure expected on a bad attribute type");
        } catch (WSSecurityException ex) {
            // expected
        }
        
        RequestData data = new RequestData();
        data.setCallbackHandler(keystoreCallbackHandler);
        data.setDecCrypto(crypto);
        data.setIgnoredBSPRules(Collections.singletonList(BSPRule.R3209));
        newEngine.processSecurityHeader(encryptedDoc, "", data);
    }

View Full Code Here

            LOG.debug("Encrypted message, RSA-OAEP keytransport, 3DES:");
            LOG.debug(outputString);
        }
        assertTrue(!outputString.contains("counter_port_type") ? true : false);
        
        WSSecurityEngine newEngine = new WSSecurityEngine();
        List<WSSecurityEngineResult> results = 
            newEngine.processSecurityHeader(encryptedDoc, null, keystoreCallbackHandler, crypto);
        
        WSSecurityEngineResult actionResult =
                WSSecurityUtil.fetchActionResult(results, WSConstants.ENCR);
        assertNotNull(actionResult);
    }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.wss4j.dom.WSSecurityEngine

org.apache.cxf.sts.request.RequestParserUnitTest

org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

org.apache.wss4j.dom.components.crypto.CertificateStoreTest

org.apache.wss4j.dom.components.crypto.CryptoTest

org.apache.wss4j.dom.handler.CustomActionProcessorTest

org.apache.wss4j.dom.handler.CustomTokenTest

org.apache.wss4j.dom.handler.RequestData

org.apache.wss4j.dom.handler.SignatureConfirmationTest

org.apache.wss4j.dom.handler.UseReqSigCertTest

org.apache.wss4j.dom.message.DerivedKeyActionTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.