Package org.apache.wss4j.policy.model

Examples of org.apache.wss4j.policy.model.IssuedToken

158
159
160
161
162
163
164
165
166
167
168
            assertSecurityContextToken(scToken);
        } else if (token instanceof SpnegoContextToken) {
            SpnegoContextToken scToken = (SpnegoContextToken)token;
            assertSpnegoContextToken(scToken);
        } else if (token instanceof IssuedToken) {
            IssuedToken issuedToken = (IssuedToken)token;
            assertIssuedToken(issuedToken);
        } else if (token instanceof KerberosToken) {
            KerberosToken kerberosToken = (KerberosToken)token;
            assertKerberosToken(kerberosToken);
        } else if (token instanceof SamlToken) {
View Full Code Here
556
557
558
559
560
561
562
563
564
565
566
                    NegotiationUtils.getAllAssertionsByLocalname(aim, SPConstants.ISSUED_TOKEN);
                if (ais.isEmpty()) {
                    return;
                }
               
                IssuedToken itok = (IssuedToken)ais.iterator().next().getAssertion();
                assertIssuedToken(itok, aim);
               
                if (!isRequestor(message)) {
                    message.getExchange().remove(SecurityConstants.TOKEN);
                    List<WSHandlerResult> results =
View Full Code Here
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
                    NegotiationUtils.getAllAssertionsByLocalname(aim, SPConstants.ISSUED_TOKEN);
                if (ais.isEmpty()) {
                    return;
                }
                if (isRequestor(message)) {
                    IssuedToken itok = (IssuedToken)ais.iterator().next().getAssertion();
                    assertIssuedToken(itok, aim);
                   
                    SecurityToken tok = retrieveCachedToken(message);
                    if (tok == null) {
                        tok = issueToken(message, aim, itok);
                    } else {
                        tok = renewToken(message, aim, itok, tok);
                    }
                    if (tok != null) {
                        for (AssertionInfo ai : ais) {
                            ai.setAsserted(true);
                        }
                        boolean cacheIssuedToken =
                            MessageUtils.getContextualBoolean(
                                message, SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, true
                            ) && !isOneTimeUse(tok);
                        if (cacheIssuedToken) {
                            message.getExchange().get(Endpoint.class).put(SecurityConstants.TOKEN, tok);
                            message.getExchange().put(SecurityConstants.TOKEN, tok);
                            message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getId());
                            message.getExchange().get(Endpoint.class).put(SecurityConstants.TOKEN_ID,
                                                                          tok.getId());
                        } else {
                            message.put(SecurityConstants.TOKEN, tok);
                            message.put(SecurityConstants.TOKEN_ID, tok.getId());
                        }
                        WSS4JUtils.getTokenStore(message).add(tok);
                    }
                } else {
                    //server side should be checked on the way in
                    for (AssertionInfo ai : ais) {
                        ai.setAsserted(true);
                    }
                    IssuedToken itok = (IssuedToken)ais.iterator().next().getAssertion();
                    assertIssuedToken(itok, aim);
                }
            }
        }
View Full Code Here
160
161
162
163
164
165
166
167
168
169
170
            assertSecurityContextToken(scToken);
        } else if (token instanceof SpnegoContextToken) {
            SpnegoContextToken scToken = (SpnegoContextToken)token;
            assertSpnegoContextToken(scToken);
        } else if (token instanceof IssuedToken) {
            IssuedToken issuedToken = (IssuedToken)token;
            assertIssuedToken(issuedToken);
        } else if (token instanceof KerberosToken) {
            KerberosToken kerberosToken = (KerberosToken)token;
            assertKerberosToken(kerberosToken);
        } else if (token instanceof SamlToken) {
View Full Code Here
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
        if (ais == null || ais.isEmpty()) {
            return true;
        }
       
        for (AssertionInfo ai : ais) {
            IssuedToken issuedToken = (IssuedToken)ai.getAssertion();
            ai.setAsserted(true);

            if (!isTokenRequired(issuedToken, message)) {
                continue;
            }
           
            if (assertionWrapper == null) {
                ai.setNotAsserted(
                    "The received token does not match the token inclusion requirement"
                );
                continue;
            }

            Element template = issuedToken.getRequestSecurityTokenTemplate();
            if (template != null && !checkIssuedTokenTemplate(template, assertionWrapper)) {
                ai.setNotAsserted("Error in validating the IssuedToken policy");
                continue;
            }
           
            Element claims = issuedToken.getClaims();
            if (claims != null) {
                String dialect = claims.getAttributeNS(null, "Dialect");
                if (claimsValidator.getDialect().equals(dialect)
                    && !claimsValidator.validatePolicy(claims, assertionWrapper)) {
                    ai.setNotAsserted("Error in validating the Claims policy");
View Full Code Here
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
        if (ais == null || ais.isEmpty()) {
            return true;
        }
       
        for (AssertionInfo ai : ais) {
            IssuedToken issuedToken = (IssuedToken)ai.getAssertion();
            ai.setAsserted(true);

            if (!isTokenRequired(issuedToken, message)) {
                continue;
            }
            if (binarySecurityToken == null) {
                ai.setNotAsserted(
                    "The received token does not match the token inclusion requirement"
                );
                return false;
            }

            Element template = issuedToken.getRequestSecurityTokenTemplate();
            if (template != null && !checkIssuedTokenTemplate(template, binarySecurityToken)) {
                ai.setNotAsserted("Error in validating the IssuedToken policy");
                return false;
            }
        }
View Full Code Here
162
163
164
165
166
167
168
169
170
171
172
            assertSecurityContextToken(scToken);
        } else if (token instanceof SpnegoContextToken) {
            SpnegoContextToken scToken = (SpnegoContextToken)token;
            assertSpnegoContextToken(scToken);
        } else if (token instanceof IssuedToken) {
            IssuedToken issuedToken = (IssuedToken)token;
            assertIssuedToken(issuedToken);
        } else if (token instanceof KerberosToken) {
            KerberosToken kerberosToken = (KerberosToken)token;
            assertKerberosToken(kerberosToken);
        } else if (token instanceof SamlToken) {
View Full Code Here
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
                    NegotiationUtils.getAllAssertionsByLocalname(aim, SPConstants.ISSUED_TOKEN);
                if (ais.isEmpty()) {
                    return;
                }
                if (isRequestor(message)) {
                    IssuedToken itok = (IssuedToken)ais.iterator().next().getAssertion();
                    assertIssuedToken(itok, aim);
                   
                    SecurityToken tok = retrieveCachedToken(message);
                    if (tok == null) {
                        tok = issueToken(message, aim, itok);
                    } else {
                        tok = renewToken(message, aim, itok, tok);
                    }
                    if (tok != null) {
                        for (AssertionInfo ai : ais) {
                            ai.setAsserted(true);
                        }
                        boolean cacheIssuedToken =
                            MessageUtils.getContextualBoolean(
                                message, SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, true
                            ) && !isOneTimeUse(tok);
                        if (cacheIssuedToken) {
                            message.getExchange().get(Endpoint.class).put(SecurityConstants.TOKEN, tok);
                            message.getExchange().put(SecurityConstants.TOKEN, tok);
                            message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getId());
                            message.getExchange().get(Endpoint.class).put(SecurityConstants.TOKEN_ID,
                                                                          tok.getId());
                        } else {
                            message.put(SecurityConstants.TOKEN, tok);
                            message.put(SecurityConstants.TOKEN_ID, tok.getId());
                        }
                        WSS4JUtils.getTokenStore(message).add(tok);
                    }
                } else {
                    //server side should be checked on the way in
                    for (AssertionInfo ai : ais) {
                        ai.setAsserted(true);
                    }
                    IssuedToken itok = (IssuedToken)ais.iterator().next().getAssertion();
                    assertIssuedToken(itok, aim);
                }
            }
        }
View Full Code Here
534
535
536
537
538
539
540
541
542
543
544
                }
               
                for (AssertionInfo ai : ais) {
                    ai.setAsserted(true);
                }
                IssuedToken itok = (IssuedToken)ais.iterator().next().getAssertion();
                assertIssuedToken(itok, aim);
               
                if (!isRequestor(message)) {
                    List<WSHandlerResult> results =
                        CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
View Full Code Here
TOP

Related Classes of org.apache.wss4j.policy.model.IssuedToken

  • org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenInInterceptor
  • org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor
  • org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler
  • org.apache.cxf.ws.security.wss4j.policyvalidators.IssuedTokenPolicyValidator
  • org.apache.neethi.Assertion
  • org.apache.wss4j.policy.builders.IssuedTokenBuilder
  • org.apache.wss4j.policy.stax.assertionStates.IssuedTokenAssertionState
  • org.apache.wss4j.policy.tests.IssuedTokenTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.