Examples of org.apache.wss4j.dom.WSSecurityEngine

• org.apache.wss4j.dom.WSSecurityEngine
  WS-Security Engine.

        assertFalse(outputString.contains("testMethod"));
        if (LOG.isDebugEnabled()) {
            LOG.debug(outputString);
        }

        WSSecurityEngine newEngine = new WSSecurityEngine();
        newEngine.getWssConfig().setPasswordsAreEncoded(true);
        newEngine.getWssConfig().setAllowUsernameTokenNoPassword(true);
        newEngine.processSecurityHeader(
            encryptedDoc, null, new EncodedPasswordCallbackHandler(), null
        );
    }

        assertTrue(outputString.contains("wsse11:Iteration"));
        if (LOG.isDebugEnabled()) {
            LOG.debug(outputString);
        }

        WSSecurityEngine newEngine = new WSSecurityEngine();
        newEngine.getWssConfig().setPasswordsAreEncoded(true);
        newEngine.getWssConfig().setAllowUsernameTokenNoPassword(true);
        List<WSSecurityEngineResult> results =  newEngine.processSecurityHeader(
            signedDoc, null, new EncodedPasswordCallbackHandler(), null
        );
        WSSecurityEngineResult actionResult =
            WSSecurityUtil.fetchActionResult(results, WSConstants.SIGN);
        java.security.Principal principal =

        RequestData data = new RequestData();
        data.setCallbackHandler(callbackHandler);
        data.setDecCrypto(crypto);
        data.setIgnoredBSPRules(Collections.singletonList(BSPRule.R4218));
        WSSecurityEngine engine = new WSSecurityEngine();
        config.setAllowUsernameTokenNoPassword(true);
        engine.setWssConfig(config);
        engine.processSecurityHeader(doc, "", data);
    }

        } catch (WSSecurityException ex) {
            // expected
        }

        // Turn off BSP compliance and it should work
        WSSecurityEngine newEngine = new WSSecurityEngine();
        RequestData data = new RequestData();
        data.setCallbackHandler(callbackHandler);
        data.setDecCrypto(crypto);
        WSSConfig config = WSSConfig.getNewInstance();
        config.setAllowUsernameTokenNoPassword(true);
        newEngine.setWssConfig(config);
        data.setIgnoredBSPRules(Collections.singletonList(BSPRule.R4214));
        newEngine.processSecurityHeader(encryptedDoc, "", data);
    }

            fail("Failure expected on a key identifier");
        } catch (WSSecurityException ex) {
            // expected
        }

        WSSecurityEngine newEngine = new WSSecurityEngine();
        RequestData data = new RequestData();
        data.setCallbackHandler(callbackHandler);
        data.setDecCrypto(crypto);
        data.setIgnoredBSPRules(Collections.singletonList(BSPRule.R4215));
        WSSConfig config = WSSConfig.getNewInstance();
        config.setAllowUsernameTokenNoPassword(true);
        newEngine.setWssConfig(config);
        newEngine.processSecurityHeader(encryptedDoc, "", data);
    }

    private List<WSSecurityEngineResult> verify(
        Document doc,
        boolean allowUsernameTokenDerivedKeys
    ) throws Exception {
        WSSecurityEngine secEngine = new WSSecurityEngine();
        WSSConfig config = WSSConfig.getNewInstance();
        config.setAllowUsernameTokenNoPassword(allowUsernameTokenDerivedKeys);
        secEngine.setWssConfig(config);
        return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
    }

            String outputString =
                XMLUtils.PrettyDocumentToString(doc);
            LOG.debug(outputString);
        }

        WSSecurityEngine secEngine = new WSSecurityEngine();
        secEngine.setWssConfig(WSSConfig.getNewInstance());
        List<WSSecurityEngineResult> results =
            secEngine.processSecurityHeader(doc, null, null, crypto);

        WSSecurityEngineResult actionResult =
            WSSecurityUtil.fetchActionResult(results, WSConstants.BST);
        BinarySecurity token =
            (BinarySecurity)actionResult.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);

            String outputString =
                XMLUtils.PrettyDocumentToString(doc);
            LOG.debug(outputString);
        }

        WSSecurityEngine secEngine = new WSSecurityEngine();
        secEngine.setWssConfig(WSSConfig.getNewInstance());
        List<WSSecurityEngineResult> results =
            secEngine.processSecurityHeader(doc, null, null, crypto);

        WSSecurityEngineResult actionResult =
            WSSecurityUtil.fetchActionResult(results, WSConstants.BST);
        PKIPathSecurity token =
            (PKIPathSecurity)actionResult.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);

            String outputString =
                XMLUtils.PrettyDocumentToString(doc);
            LOG.debug(outputString);
        }

        WSSecurityEngine secEngine = new WSSecurityEngine();
        secEngine.setWssConfig(WSSConfig.getNewInstance());
        // Processing should fail as we have no ValueType attribute
        try {
            secEngine.processSecurityHeader(doc, null, null, crypto);
            fail("Expected failure on no ValueType");
        } catch (WSSecurityException ex) {
            // expected
        }

        doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        bst = new BinarySecurity(doc);
        bst.setToken("12435677".getBytes());
        bst.setValueType("http://custom_value_Type");
        secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);
        WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), bst.getElement());

        List<WSSecurityEngineResult> results =
            secEngine.processSecurityHeader(doc, null, null, crypto);
        WSSecurityEngineResult actionResult =
            WSSecurityUtil.fetchActionResult(results, WSConstants.BST);
        BinarySecurity token =
            (BinarySecurity)actionResult.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
        assertNotNull(token);

     * Verifies the soap envelope
     */
    private List<WSSecurityEngineResult> verify(
        Document doc, List<BSPRule> ignoredRules
    ) throws Exception {
        WSSecurityEngine secEngine = new WSSecurityEngine();
        RequestData requestData = new RequestData();
        requestData.setIgnoredBSPRules(ignoredRules);
        requestData.setCallbackHandler(callbackHandler);
        return secEngine.processSecurityHeader(doc, "", requestData);
    }