本文整理汇总了Java中org.apache.ws.security.WSSConfig类的典型用法代码示例。如果您正苦于以下问题:Java WSSConfig类的具体用法?Java WSSConfig怎么用?Java WSSConfig使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
WSSConfig类属于org.apache.ws.security包,在下文中一共展示了WSSConfig类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: handleToken
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
public void handleToken(
Element elem,
Crypto crypto,
Crypto decCrypto,
CallbackHandler cb,
WSDocInfo wsDocInfo,
Vector returnResults,
WSSConfig config
) throws WSSecurityException {
SecurityContextToken sct = new SecurityContextToken(elem);
this.identifier = sct.getIdentifier();
this.secret = this.getSecret(cb, sct);
this.sctId = sct.getID();
returnResults.add(
0,
new WSSecurityEngineResult(WSConstants.SCT, sct)
);
}
示例2: handleToken
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
public void handleToken(
Element elem,
Crypto crypto,
Crypto decCrypto,
CallbackHandler cb,
WSDocInfo wsDocInfo,
Vector returnResults,
WSSConfig wsc
) throws WSSecurityException {
if (log.isDebugEnabled()) {
log.debug("Found SignatureConfirmation list element");
}
//
// Decode SignatureConfirmation, just store in result
//
SignatureConfirmation sigConf = new SignatureConfirmation(elem);
returnResults.add(
0,
new WSSecurityEngineResult(WSConstants.SC, sigConf)
);
scId = elem.getAttributeNS(WSConstants.WSU_NS, "Id");
}
示例3: handleToken
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
/**
* {@inheritDoc}
*/
public void handleToken(
Element elem,
Crypto crypto,
Crypto decCrypto,
CallbackHandler cb,
WSDocInfo wsDocInfo,
Vector returnResults,
WSSConfig config
) throws WSSecurityException {
if (crypto == null) {
this.getCertificatesTokenReference(elem, decCrypto);
} else {
this.getCertificatesTokenReference(elem, crypto);
}
returnResults.add(
0,
new WSSecurityEngineResult(WSConstants.BST, this.token, this.certificates)
);
id = elem.getAttributeNS(WSConstants.WSU_NS, "Id");
}
示例4: handleToken
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
public void handleToken(
Element elem,
Crypto crypto,
Crypto decCrypto,
CallbackHandler cb,
WSDocInfo wsDocInfo,
Vector returnResults,
WSSConfig wsc
) throws WSSecurityException {
if (log.isDebugEnabled()) {
log.debug("Found Timestamp list element");
}
wssConfig = wsc;
//
// Decode Timestamp, add the found time (created/expiry) to result
//
Timestamp timestamp = new Timestamp(elem);
handleTimestamp(timestamp);
returnResults.add(
0,
new WSSecurityEngineResult(WSConstants.TS, timestamp)
);
tsId = elem.getAttributeNS(WSConstants.WSU_NS, "Id");
}
示例5: handleToken
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
public void handleToken(Element elem, Crypto crypto, Crypto decCrypto, CallbackHandler cb,
WSDocInfo wsDocInfo, Vector returnResults, WSSConfig wsc) throws WSSecurityException {
if (log.isDebugEnabled()) {
log.debug("Found UsernameToken list element");
}
handleCustomPasswordTypes = wsc.getHandleCustomPasswordTypes();
allowNamespaceQualifiedPasswordTypes = wsc.getAllowNamespaceQualifiedPasswordTypes();
passwordsAreEncoded = wsc.getPasswordsAreEncoded();
Principal lastPrincipalFound = handleUsernameToken((Element) elem, cb);
returnResults.add(
0,
new WSSecurityEngineResult(WSConstants.UT, lastPrincipalFound, null, null, null)
);
utId = ut.getID();
}
示例6: testCreateBinarySecurityToken
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
/**
* A unit test for creating BinarySecurityTokens
*/
public void testCreateBinarySecurityToken() throws Exception {
SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
Document doc = unsignedEnvelope.getAsDocument();
WSSConfig.getNewInstance();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
BinarySecurity bst = new BinarySecurity(doc);
bst.setValueType(AP_REQ);
bst.setEncodingType(BASE64_NS);
bst.setToken("12345678".getBytes());
WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), bst.getElement());
if (LOG.isDebugEnabled()) {
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
LOG.debug(outputString);
}
assertTrue(AP_REQ.equals(bst.getValueType()));
assertTrue(BASE64_NS.equals(bst.getEncodingType()));
assertTrue(bst.getToken() != null);
}
示例7: handleToken
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
public final void
handleToken(
final org.w3c.dom.Element elem,
final Crypto crypto,
final Crypto decCrypto,
final javax.security.auth.callback.CallbackHandler cb,
final WSDocInfo wsDocInfo,
final java.util.Vector returnResults,
final WSSConfig config
) throws WSSecurityException {
final java.util.Map result =
new WSSecurityEngineResult(
WSConstants.UT_SIGN,
(SecurityContextToken) null
);
result.put("foo", this);
returnResults.add(result);
}
示例8: testSignatureInclusivePrefixes
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
/**
* Test that signs and verifies a WS-Security envelope
* <p/>
*
* @throws java.lang.Exception Thrown when there is any problem in signing or verification
*/
public void testSignatureInclusivePrefixes() throws Exception {
WSSConfig wssConfig = WSSConfig.getNewInstance();
wssConfig.setWsiBSPCompliant(true);
WSSecSignature builder = new WSSecSignature();
builder.setWsConfig(wssConfig);
builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
LOG.info("Before Signing....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, crypto, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("After Signing....");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
verify(signedDoc);
}
示例9: testGetPasswordRequestContextUnit
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
/**
* A unit test for {@link WSHandler#getPassword(String, int, String, String, RequestData)},
* where the password is obtained from the Message Context.
*/
public void
testGetPasswordRequestContextUnit() throws Exception {
final WSSConfig cfg = WSSConfig.getNewInstance();
final RequestData reqData = new RequestData();
reqData.setWssConfig(cfg);
java.util.Map messageContext = new java.util.TreeMap();
messageContext.put("password", "securityPassword");
reqData.setMsgContext(messageContext);
WSHandler handler = new MyHandler();
WSPasswordCallback callback =
handler.getPassword(
"bob",
WSConstants.UT,
"SomeCallbackTag",
"SomeCallbackRef",
reqData
);
assertTrue("bob".equals(callback.getIdentifier()));
assertTrue("securityPassword".equals(callback.getPassword()));
assertTrue(WSPasswordCallback.USERNAME_TOKEN == callback.getUsage());
}
示例10: testNamespaceQualifiedTypeRejected
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
/**
* Test that adds a UserNameToken with a namespace qualified type. This should fail
* as WSS4J rejects these tokens by default.
*/
public void testNamespaceQualifiedTypeRejected() throws Exception {
Document doc = SOAPUtil.toSOAPPart(SOAPUTMSG);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Digest:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
LOG.debug(outputString);
}
try {
WSSConfig wssConfig = secEngine.getWssConfig();
wssConfig.setAllowNamespaceQualifiedPasswordTypes(false);
secEngine.setWssConfig(wssConfig);
verify(doc);
fail("Failure expected on a bad password type");
} catch (WSSecurityException ex) {
// expected
}
}
示例11: testCustomAction
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
/**
* Test to see that a custom action configured through a
* WSSConfig instance is called
*/
public void
testCustomAction() throws Exception {
final WSSConfig cfg = WSSConfig.getNewInstance();
final int action = 0xDEADF000;
cfg.setAction(action, "wssec.MyAction");
final RequestData reqData = new RequestData();
reqData.setWssConfig(cfg);
reqData.setMsgContext(new java.util.TreeMap());
final java.util.Vector actions = new java.util.Vector();
actions.add(new Integer(action));
final Document doc = unsignedEnvelope.getAsDocument();
MyHandler handler = new MyHandler();
reqData.setMsgContext("bread");
assertEquals(reqData.getMsgContext(), "bread");
handler.doit(
action,
doc,
reqData,
actions
);
assertEquals(reqData.getMsgContext(), "crumb");
}
示例12: testCustomActionObject
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
/**
* Test to see that a custom action object configured through a
* WSSConfig instance is called
*/
public void
testCustomActionObject() throws Exception {
final WSSConfig cfg = WSSConfig.getNewInstance();
final int action = 0xDEADF000;
cfg.setAction(action, new wssec.MyAction());
final RequestData reqData = new RequestData();
reqData.setWssConfig(cfg);
reqData.setMsgContext(new java.util.TreeMap());
final java.util.Vector actions = new java.util.Vector();
actions.add(new Integer(action));
final Document doc = unsignedEnvelope.getAsDocument();
MyHandler handler = new MyHandler();
reqData.setMsgContext("bread");
assertEquals(reqData.getMsgContext(), "bread");
handler.doit(
action,
doc,
reqData,
actions
);
assertEquals(reqData.getMsgContext(), "crumb");
}
示例13: handleOutboundMessage
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
private void handleOutboundMessage(SOAPMessageContext context)
throws SOAPException, WSSecurityException {
LOG.debug("adding WS-Security header");
SOAPMessage soapMessage = context.getMessage();
SOAPPart soapPart = soapMessage.getSOAPPart();
WSSecHeader wsSecHeader = new WSSecHeader();
wsSecHeader.insertSecurityHeader(soapPart);
WSSecUsernameToken usernameToken = new WSSecUsernameToken();
usernameToken.setUserInfo(this.packageLicenseKey.getUsername(),
this.packageLicenseKey.getPassword());
usernameToken.setPasswordType(WSConstants.PASSWORD_TEXT);
usernameToken.prepare(soapPart);
usernameToken.prependToHeader(wsSecHeader);
WSSecTimestamp wsSecTimeStamp = new WSSecTimestamp();
wsSecTimeStamp.build(soapPart, wsSecHeader);
WSSecurityCrypto crypto = new WSSecurityCrypto(this.sessionKey);
WSSConfig wssConfig = new WSSConfig();
wssConfig.setWsiBSPCompliant(false);
WSSecSignature sign = new WSSecSignature(wssConfig);
sign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
sign.prepare(soapPart, crypto, wsSecHeader);
sign.appendBSTElementToHeader(wsSecHeader);
Vector<WSEncryptionPart> signParts = new Vector<>();
signParts.add(new WSEncryptionPart(wsSecTimeStamp.getId()));
signParts.add(new WSEncryptionPart(usernameToken.getId()));
SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(soapPart
.getDocumentElement());
signParts.add(new WSEncryptionPart(soapConstants.getBodyQName()
.getLocalPart(), soapConstants.getEnvelopeURI(), "Content"));
sign.addReferencesToSign(signParts, wsSecHeader);
List<Reference> referenceList = sign.addReferencesToSign(signParts,
wsSecHeader);
sign.computeSignature(referenceList, false, null);
}
示例14: handleToken
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
public void handleToken(
Element elem,
Crypto crypto,
Crypto decCrypto,
CallbackHandler cb,
WSDocInfo wsDocInfo,
Vector returnResults,
WSSConfig wsc
) throws WSSecurityException {
if (log.isDebugEnabled()) {
log.debug("Found SAML Assertion element");
}
SAMLAssertion assertion = handleSAMLToken((Element) elem);
// validate the signature of the token against the Signature Crypto
if(assertion.isSigned()){
SAMLUtil.validateSignature(assertion, crypto);
}
this.id = assertion.getId();
wsDocInfo.setAssertion((Element) elem);
WSSecurityEngineResult wsSecurityEngineResult = new WSSecurityEngineResult(
WSConstants.ST_UNSIGNED, assertion);
returnResults.add(0, wsSecurityEngineResult);
//set the SAML version
wsSecurityEngineResult.put(WSConstants.SAML_VERSION, WSConstants.SAML_NS);
// Adding a timeStamp element for validating the SAMLToken
returnResults.add(0, new WSSecurityEngineResult(WSConstants.SAML_TIMESTAMP, SAMLUtil.getTimestampForSAMLAssertion(elem)));
// Adding the token issuer name
wsSecurityEngineResult.put(WSConstants.SAML_ISSUER_NAME, assertion.getIssuer());
// Adding the set of attributes included in a SAML assertion
wsSecurityEngineResult.put(WSConstants.SAML_CLAIM_SET, SAMLUtil.getClaims(assertion));
// set whether the SAML assertion is signed or not
wsSecurityEngineResult.put(WSConstants.SAML_TOKEN_SIGNED, Boolean.valueOf(assertion.isSigned()));
this.samlTokenElement = elem;
}
示例15: handleToken
import org.apache.ws.security.WSSConfig; //导入依赖的package包/类
public void handleToken(
Element elem,
Crypto crypto,
Crypto decCrypto,
CallbackHandler cb,
WSDocInfo wsDocInfo,
Vector returnResults,
WSSConfig config
) throws WSSecurityException {
// Deserialize the DKT
dkt = new DerivedKeyToken(elem);
this.extractSecret(wsDocInfo, dkt, cb, crypto);
String tempNonce = dkt.getNonce();
if (tempNonce == null) {
throw new WSSecurityException("Missing wsc:Nonce value");
}
this.nonce = Base64.decode(tempNonce);
this.length = dkt.getLength();
this.label = dkt.getLabel();
this.algorithm = dkt.getAlgorithm();
this.id = dkt.getID();
if (length > 0) {
this.deriveKey();
returnResults.add(
0,
new WSSecurityEngineResult(WSConstants.DKT,
secret,
keyBytes,
id,
null)
);
}
}