Package org.apache.wss4j.dom.message.token

Examples of org.apache.wss4j.dom.message.token.UsernameToken


public class CustomUTValidator extends UsernameTokenValidator {

    public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
        Credential cred = super.validate(credential, data);
       
        UsernameToken ut = credential.getUsernametoken();
        WSUsernameTokenPrincipalImpl principal =
            new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed());
        principal.setCreatedTime(ut.getCreated());
        principal.setNonce(principal.getNonce());
        principal.setPassword(ut.getPassword());
        principal.setPasswordType(ut.getPasswordType());
       
        Subject subject = new Subject();
        subject.getPrincipals().add(principal);
        if ("Alice".equals(ut.getName())) {
            subject.getPrincipals().add(new SimpleGroup("manager", ut.getName()));
        }
        subject.getPrincipals().add(new SimpleGroup("worker", ut.getName()));
        cred.setSubject(subject);
       
        return cred;
    }
View Full Code Here


        }
       
        @Override
        public Credential validateWithSTS(Credential credential, Message message)
            throws WSSecurityException {
            UsernameToken token = credential.getUsernametoken();
            if ("bob".equals(token.getName()) && "pswd".equals(token.getPassword())) {
                // TODO: mock STS
                validated = true;
            }
            return credential;
        }
View Full Code Here

    private Element convertToDOM(
        String username, String password, String passwordType, String id
    ) {
        Document doc = DOMUtils.newDocument();
       
        UsernameToken usernameToken = new UsernameToken(true, doc, passwordType);
        usernameToken.setName(username);
        usernameToken.setPassword(password);
        usernameToken.setID(id);
       
        usernameToken.addWSSENamespace();
        usernameToken.addWSUNamespace();
       
        return usernameToken.getElement();
    }
View Full Code Here

            LOG.warning(errorMsg.toString());
            throw new SecurityException(errorMsg.toString());
        }
       
        try {
            UsernameToken token = convertPolicyToToken(policy);
            Credential credential = new Credential();
            credential.setUsernametoken(token);
           
            RequestData data = new RequestData();
            data.setMsgContext(message);
View Full Code Here

    protected UsernameToken convertPolicyToToken(AuthorizationPolicy policy)
        throws Exception {

        Document doc = DOMUtils.createDocument();
        UsernameToken token = new UsernameToken(false, doc,
                                                WSConstants.PASSWORD_TEXT);
        token.setName(policy.getUserName());
        token.setPassword(policy.getPassword());
        return token;
    }
View Full Code Here

        // Validate the token
        //
        try {
            boolean allowNamespaceQualifiedPasswordTypes =
                wssConfig.getAllowNamespaceQualifiedPasswordTypes();
            UsernameToken ut =
                new UsernameToken(usernameTokenElement, allowNamespaceQualifiedPasswordTypes,
                                  new BSPEnforcer());
            // The parsed principal is set independent whether validation is successful or not
            response.setPrincipal(new CustomTokenPrincipal(ut.getName()));
            if (ut.getPassword() == null) {
                return response;
            }
           
            // See if the UsernameToken is stored in the cache
            int hash = ut.hashCode();
            SecurityToken secToken = null;
            if (tokenParameters.getTokenStore() != null) {
                secToken = tokenParameters.getTokenStore().getToken(Integer.toString(hash));
                if (secToken != null && secToken.getTokenHash() != hash) {
                    secToken = null;
                }
            }
           
            if (secToken == null) {
                Credential credential = new Credential();
                credential.setUsernametoken(ut);
                validator.validate(credential, requestData);
            }
           
            Principal principal =
                createPrincipal(
                    ut.getName(), ut.getPassword(), ut.getPasswordType(), ut.getNonce(), ut.getCreated()
                );
           
            // Get the realm of the UsernameToken
            String tokenRealm = null;
            if (usernameTokenRealmCodec != null) {
                tokenRealm = usernameTokenRealmCodec.getRealmFromToken(ut);
                // verify the realm against the cached token
                if (secToken != null) {
                    Properties props = secToken.getProperties();
                    if (props != null) {
                        String cachedRealm = props.getProperty(STSConstants.TOKEN_REALM);
                        if (!tokenRealm.equals(cachedRealm)) {
                            return response;
                        }
                    }
                }
            }
           
            // Store the successfully validated token in the cache
            if (tokenParameters.getTokenStore() != null && secToken == null) {
                secToken = new SecurityToken(ut.getID());
                secToken.setToken(ut.getElement());
                int hashCode = ut.hashCode();
                String identifier = Integer.toString(hashCode);
                secToken.setTokenHash(hashCode);
                tokenParameters.getTokenStore().add(identifier, secToken);
            }
           
View Full Code Here

            handleCustomPasswordTypes = wssConfig.getHandleCustomPasswordTypes();
            passwordsAreEncoded = wssConfig.getPasswordsAreEncoded();
            requiredPasswordType = wssConfig.getRequiredPasswordType();
        }
       
        UsernameToken usernameToken = credential.getUsernametoken();
        usernameToken.setPasswordsAreEncoded(passwordsAreEncoded);
       
        String pwType = usernameToken.getPasswordType();
        if (LOG.isDebugEnabled()) {
            LOG.debug("UsernameToken user " + usernameToken.getName());
            LOG.debug("UsernameToken password type " + pwType);
        }
       
        if (requiredPasswordType != null && !requiredPasswordType.equals(pwType)) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Authentication failed as the received password type does not "
                    + "match the required password type of: " + requiredPasswordType);
            }
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
        }
       
        //
        // If the UsernameToken is hashed or plaintext, then retrieve the password from the
        // callback handler and compare directly. If the UsernameToken is of some unknown type,
        // then delegate authentication to the callback handler
        //
        String password = usernameToken.getPassword();
        if (usernameToken.isHashed()) {
            verifyDigestPassword(usernameToken, data);
        } else if (WSConstants.PASSWORD_TEXT.equals(pwType)
            || password != null && (pwType == null || "".equals(pwType.trim()))) {
            verifyPlaintextPassword(usernameToken, data);
        } else if (password != null) {
View Full Code Here

            secretKey = getSecretKeyFromAssertion(samlAssertion, secRef, data, wsDocInfo);
        } else if (WSConstants.SCT == action || WSConstants.BST == action) {
            secretKey = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET);
        } else if (WSConstants.UT_NOPASSWORD == action || WSConstants.UT == action) {
            STRParserUtil.checkUsernameTokenBSPCompliance(secRef, data.getBSPEnforcer());
            UsernameToken usernameToken =
                (UsernameToken)result.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);

            usernameToken.setRawPassword(data);
            secretKey = usernameToken.getDerivedKey(data.getBSPEnforcer());
        }
    }
View Full Code Here

        }
       
        String user = null;
        String password = null;
       
        UsernameToken usernameToken = credential.getUsernametoken();
       
        user = usernameToken.getName();
        String pwType = usernameToken.getPasswordType();
        if (LOG.isDebugEnabled()) {
            LOG.debug("UsernameToken user " + usernameToken.getName());
            LOG.debug("UsernameToken password type " + pwType);
        }
       
        if (usernameToken.isHashed()) {
            LOG.warn("Authentication failed as hashed username token not supported");
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
        }
       
        password = usernameToken.getPassword();
       
        if (!WSConstants.PASSWORD_TEXT.equals(pwType)) {
            LOG.warn("Password type " + pwType + " not supported");
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);         
        }
View Full Code Here

    ) throws WSSecurityException {
        int action = (Integer) result.get(WSSecurityEngineResult.TAG_ACTION);
        if (WSConstants.UT_NOPASSWORD == action || WSConstants.UT == action) {
            STRParserUtil.checkUsernameTokenBSPCompliance(secRef, data.getBSPEnforcer());
           
            UsernameToken usernameToken =
                (UsernameToken)result.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);

            usernameToken.setRawPassword(data);
            secretKey = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET);
          
            principal = usernameToken.createPrincipal();
        } else if (WSConstants.BST == action) {
            BinarySecurity token =
                (BinarySecurity)result.get(
                    WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN
                );
View Full Code Here

TOP

Related Classes of org.apache.wss4j.dom.message.token.UsernameToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.