Package org.apache.wss4j.stax.securityToken

Examples of org.apache.wss4j.stax.securityToken.UsernameSecurityToken


    public boolean assertToken(TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent,
                               AbstractToken abstractToken) throws WSSPolicyException, XMLSecurityException {
        if (!(tokenSecurityEvent instanceof UsernameTokenSecurityEvent)) {
            throw new WSSPolicyException("Expected a UsernameSecurityTokenEvent but got " + tokenSecurityEvent.getClass().getName());
        }
        UsernameSecurityToken usernameSecurityToken = (UsernameSecurityToken) tokenSecurityEvent.getSecurityToken();
        UsernameTokenSecurityEvent usernameTokenSecurityEvent = (UsernameTokenSecurityEvent) tokenSecurityEvent;
        UsernameToken usernameToken = (UsernameToken) abstractToken;

        if (usernameToken.getPasswordType() != null) {
            switch (usernameToken.getPasswordType()) {
                case NoPassword:
                    if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE) {
                        setErrorMessage("UsernameToken contains a password but the policy prohibits it");
                        return false;
                    }
                    break;
                case HashPassword:
                    if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST) {
                        setErrorMessage("UsernameToken does not contain a hashed password");
                        return false;
                    }
                    break;
            }
        } else if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() == WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE) {
            // We must have a password for the default case
            setErrorMessage("UsernameToken must contain a password");
            return false;
        } else if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST) {
            // We must have a plaintext password for the default case
            setErrorMessage("UsernameToken password must not be hashed");
            return false;
        }
        if (usernameToken.isCreated() && (usernameSecurityToken.getCreatedTime() == null || usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT)) {
            setErrorMessage("UsernameToken does not contain a created timestamp or password is not plain text");
            return false;
        }
        if (usernameToken.isNonce() && (usernameSecurityToken.getNonce() == null || usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT)) {
            setErrorMessage("UsernameToken does not contain a nonce or password is not plain text");
            return false;
        }
        if (usernameToken.getUsernameTokenType() != null && usernameTokenSecurityEvent.getUsernameTokenProfile() != null) {
            switch (usernameToken.getUsernameTokenType()) {
View Full Code Here


            // Check principal
            UsernameTokenSecurityEvent event =
                (UsernameTokenSecurityEvent)securityEventListener.getSecurityEvent(WSSecurityEventConstants.UsernameToken);
            Assert.assertNotNull(event);
            UsernameSecurityToken usernameSecurityToken = event.getSecurityToken();
            Principal principal = usernameSecurityToken.getPrincipal();
            Assert.assertTrue(principal instanceof UsernameTokenPrincipal);
            UsernameTokenPrincipal usernameTokenPrincipal = (UsernameTokenPrincipal)principal;
            Assert.assertTrue("transmitter".equals(usernameTokenPrincipal.getName()));
            Assert.assertTrue(usernameTokenPrincipal.getCreatedTime() != null);
            Assert.assertTrue(usernameTokenPrincipal.getNonce() != null);
View Full Code Here

            // Check principal
            UsernameTokenSecurityEvent event =
                (UsernameTokenSecurityEvent)securityEventListener.getSecurityEvent(WSSecurityEventConstants.UsernameToken);
            Assert.assertNotNull(event);
            UsernameSecurityToken usernameSecurityToken = event.getSecurityToken();
            Principal principal = usernameSecurityToken.getPrincipal();
            Assert.assertTrue(principal instanceof UsernameTokenPrincipal);
            UsernameTokenPrincipal usernameTokenPrincipal = (UsernameTokenPrincipal)principal;
            Assert.assertTrue("transmitter".equals(usernameTokenPrincipal.getName()));
            Assert.assertTrue(usernameTokenPrincipal.getCreatedTime() != null);
            Assert.assertTrue(usernameTokenPrincipal.getNonce() != null);
View Full Code Here

    public boolean assertToken(TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent,
                               AbstractToken abstractToken) throws WSSPolicyException, XMLSecurityException {
        if (!(tokenSecurityEvent instanceof UsernameTokenSecurityEvent)) {
            throw new WSSPolicyException("Expected a UsernameSecurityTokenEvent but got " + tokenSecurityEvent.getClass().getName());
        }
        UsernameSecurityToken usernameSecurityToken = (UsernameSecurityToken) tokenSecurityEvent.getSecurityToken();
        UsernameTokenSecurityEvent usernameTokenSecurityEvent = (UsernameTokenSecurityEvent) tokenSecurityEvent;
        UsernameToken usernameToken = (UsernameToken) abstractToken;

        String namespace = getAssertion().getName().getNamespaceURI();
        if (usernameToken.getPasswordType() != null) {
            switch (usernameToken.getPasswordType()) {
                case NoPassword:
                    if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE) {
                        setErrorMessage("UsernameToken contains a password but the policy prohibits it");
                        getPolicyAsserter().unassertPolicy(new QName(namespace, SPConstants.NO_PASSWORD),
                                                           getErrorMessage());
                        return false;
                    }
                    getPolicyAsserter().assertPolicy(new QName(namespace, SPConstants.NO_PASSWORD));
                    break;
                case HashPassword:
                    if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST) {
                        setErrorMessage("UsernameToken does not contain a hashed password");
                        getPolicyAsserter().unassertPolicy(new QName(namespace, SPConstants.HASH_PASSWORD),
                                                           getErrorMessage());
                        return false;
                    }
                    getPolicyAsserter().assertPolicy(new QName(namespace, SPConstants.HASH_PASSWORD));
                    break;
            }
        } else if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() == WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE) {
            // We must have a password for the default case
            setErrorMessage("UsernameToken must contain a password");
            getPolicyAsserter().unassertPolicy(getAssertion(), getErrorMessage());
            return false;
        } else if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST) {
            // We must have a plaintext password for the default case
            setErrorMessage("UsernameToken password must not be hashed");
            getPolicyAsserter().unassertPolicy(getAssertion(), getErrorMessage());
            return false;
        }
        if (usernameToken.isCreated()) {
            if (usernameSecurityToken.getCreatedTime() == null || usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT) {
                setErrorMessage("UsernameToken does not contain a created timestamp or password is not plain text");
                getPolicyAsserter().unassertPolicy(SP13Constants.CREATED, getErrorMessage());
                return false;
            } else {
                getPolicyAsserter().assertPolicy(SP13Constants.CREATED);
            }
        }
       
        if (usernameToken.isNonce()) {
            if (usernameSecurityToken.getNonce() == null || usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT) {
                setErrorMessage("UsernameToken does not contain a nonce or password is not plain text");
                getPolicyAsserter().unassertPolicy(SP13Constants.NONCE, getErrorMessage());
                return false;
            } else {
                getPolicyAsserter().assertPolicy(SP13Constants.NONCE);
View Full Code Here

    public boolean assertToken(TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent,
                               AbstractToken abstractToken) throws WSSPolicyException, XMLSecurityException {
        if (!(tokenSecurityEvent instanceof UsernameTokenSecurityEvent)) {
            throw new WSSPolicyException("Expected a UsernameSecurityTokenEvent but got " + tokenSecurityEvent.getClass().getName());
        }
        UsernameSecurityToken usernameSecurityToken = (UsernameSecurityToken) tokenSecurityEvent.getSecurityToken();
        UsernameTokenSecurityEvent usernameTokenSecurityEvent = (UsernameTokenSecurityEvent) tokenSecurityEvent;
        UsernameToken usernameToken = (UsernameToken) abstractToken;

        if (usernameToken.getPasswordType() != null) {
            switch (usernameToken.getPasswordType()) {
                case NoPassword:
                    if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE) {
                        setErrorMessage("UsernameToken contains a password but the policy prohibits it");
                        return false;
                    }
                    break;
                case HashPassword:
                    if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST) {
                        setErrorMessage("UsernameToken does not contain a hashed password");
                        return false;
                    }
                    break;
            }
        } else if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() == WSSConstants.UsernameTokenPasswordType.PASSWORD_NONE) {
            // We must have a password for the default case
            setErrorMessage("UsernameToken must contain a password");
            return false;
        } else if (usernameTokenSecurityEvent.getUsernameTokenPasswordType() == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST) {
            // We must have a plaintext password for the default case
            setErrorMessage("UsernameToken password must not be hashed");
            return false;
        }
        if (usernameToken.isCreated() && (usernameSecurityToken.getCreatedTime() == null || usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT)) {
            setErrorMessage("UsernameToken does not contain a created timestamp or password is not plain text");
            return false;
        }
        if (usernameToken.isNonce() && (usernameSecurityToken.getNonce() == null || usernameTokenSecurityEvent.getUsernameTokenPasswordType() != WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT)) {
            setErrorMessage("UsernameToken does not contain a nonce or password is not plain text");
            return false;
        }
        if (usernameToken.getUsernameTokenType() != null && usernameTokenSecurityEvent.getUsernameTokenProfile() != null) {
            switch (usernameToken.getUsernameTokenType()) {
View Full Code Here

                                         String correlationID) throws XMLSecurityException {
                        byte[] secret;
                        InboundSecurityToken referencedSecurityToken = getReferencedSecurityToken();
                        if (referencedSecurityToken != null) {
                            if (referencedSecurityToken instanceof UsernameSecurityToken) {
                                UsernameSecurityToken usernameSecurityToken = (UsernameSecurityToken) referencedSecurityToken;
                                secret = usernameSecurityToken.generateDerivedKey();
                            } else {
                                secret = referencedSecurityToken.getSecretKey(algorithmURI, algorithmUsage, correlationID).getEncoded();
                            }
                        } else {
                            throw new WSSecurityException(WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "unsupportedKeyId");
View Full Code Here

        //type parameters of <T>T cannot be determined; no unique maximal instance exists for type variable T with
        // upper bounds org.apache.wss4j.stax.securityToken.UsernameSecurityToken,
        // org.apache.wss4j.stax.securityToken.UsernameSecurityToken,
        // org.apache.xml.security.stax.ext.securityToken.InboundSecurityToken
        //works fine on jdk 1.7
        final UsernameSecurityToken usernameSecurityToken =
                usernameTokenValidator.</*fake @see above*/UsernameSecurityTokenImpl>
                        validate(usernameTokenType, tokenContext);

        SecurityTokenProvider<InboundSecurityToken> securityTokenProvider =
                new SecurityTokenProvider<InboundSecurityToken>() {
View Full Code Here

            // Check principal
            UsernameTokenSecurityEvent event =
                (UsernameTokenSecurityEvent)securityEventListener.getSecurityEvent(WSSecurityEventConstants.UsernameToken);
            Assert.assertNotNull(event);
            UsernameSecurityToken usernameSecurityToken = event.getSecurityToken();
            Principal principal = usernameSecurityToken.getPrincipal();
            Assert.assertTrue(principal instanceof UsernameTokenPrincipal);
            UsernameTokenPrincipal usernameTokenPrincipal = (UsernameTokenPrincipal)principal;
            Assert.assertTrue("transmitter".equals(usernameTokenPrincipal.getName()));
            Assert.assertTrue(usernameTokenPrincipal.getCreatedTime() != null);
            Assert.assertTrue(usernameTokenPrincipal.getNonce() != null);
View Full Code Here

                                         String correlationID) throws XMLSecurityException {
                        byte[] secret;
                        InboundSecurityToken referencedSecurityToken = getReferencedSecurityToken();
                        if (referencedSecurityToken != null) {
                            if (referencedSecurityToken instanceof UsernameSecurityToken) {
                                UsernameSecurityToken usernameSecurityToken = (UsernameSecurityToken) referencedSecurityToken;
                                secret = usernameSecurityToken.generateDerivedKey();
                            } else {
                                secret = referencedSecurityToken.getSecretKey(algorithmURI, algorithmUsage, correlationID).getEncoded();
                            }
                        } else {
                            throw new WSSecurityException(WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE, "unsupportedKeyId");
View Full Code Here

TOP

Related Classes of org.apache.wss4j.stax.securityToken.UsernameSecurityToken

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.