本文整理汇总了Java中org.apache.ws.security.message.WSSecUsernameToken类的典型用法代码示例。如果您正苦于以下问题:Java WSSecUsernameToken类的具体用法?Java WSSecUsernameToken怎么用?Java WSSecUsernameToken使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
WSSecUsernameToken类属于org.apache.ws.security.message包,在下文中一共展示了WSSecUsernameToken类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createUserNameToken
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
private SOAPMessage createUserNameToken(Document soapEnvelopeRequest) throws IOException, SOAPException, TransformerException {
WSSecHeader wsSecHeader = new WSSecHeader(null, false);
wsSecHeader.insertSecurityHeader(soapEnvelopeRequest);
WSSecUsernameToken wsSecUsernameToken = new WSSecUsernameToken();
wsSecUsernameToken.setUserInfo(this.username, this.password);
wsSecUsernameToken.prepare(soapEnvelopeRequest);
wsSecUsernameToken.addCreated();
wsSecUsernameToken.addNonce();
Document secSOAPReqDoc = wsSecUsernameToken.build(soapEnvelopeRequest, wsSecHeader);
Element element = secSOAPReqDoc.getDocumentElement();
DOMSource source = new DOMSource(element);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
StreamResult streamResult = new StreamResult(baos);
TransformerFactory.newInstance().newTransformer().transform(source, streamResult);
String secSOAPReq = new String(baos.toByteArray());
SOAPMessage res = new org.apache.axis.soap.MessageFactoryImpl().createMessage(null, new ByteArrayInputStream(secSOAPReq.getBytes()));
return res;
}
示例2: testFailedAuthentication
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test for the wsse:FailedAuthentication faultcode. This will fail due to a bad password in
* the callback handler.
*/
public void testFailedAuthentication() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.addCreated();
builder.addNonce();
builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document timestampedDoc = builder.build(doc, secHeader);
try {
verify(timestampedDoc);
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == 5);
assertTrue(ex.getMessage().startsWith(
"The security token could not be authenticated or authorized"));
QName faultCode = new QName(WSConstants.WSSE_NS, "FailedAuthentication");
assertTrue(ex.getFaultCode().equals(faultCode));
}
}
示例3: testInvalidSecurityToken
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test for the wsse:InvalidSecurityToken faultcode. This will fail due to the fact
* that a null username is used.
*/
public void testInvalidSecurityToken() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.addCreated();
builder.addNonce();
builder.setUserInfo(null, "security");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
builder.build(doc, secHeader);
try {
new UsernameToken(doc.getDocumentElement());
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == 4);
assertTrue(ex.getMessage().startsWith(
"An invalid security token was provided"));
QName faultCode = new QName(WSConstants.WSSE_NS, "InvalidSecurityToken");
assertTrue(ex.getFaultCode().equals(faultCode));
}
}
示例4: testUsernameTokenDigest
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test that adds a UserNameToken with password Digest to a WS-Security envelope
*/
public void testUsernameTokenDigest() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("wernerd", "verySecret");
LOG.info("Before adding UsernameToken PW Digest....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Digest:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Digest....");
verify(signedDoc);
}
示例5: testUsernameTokenBadDigest
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test that adds a UserNameToken with a bad password Digest to a WS-Security envelope
*/
public void testUsernameTokenBadDigest() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("wernerd", "verySecre");
LOG.info("Before adding UsernameToken PW Digest....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Digest:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Digest....");
try {
verify(signedDoc);
throw new Exception("Failure expected on a bad password digest");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例6: testUsernameTokenText
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test that adds a UserNameToken with password text to a WS-Security envelope
*/
public void testUsernameTokenText() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
builder.setUserInfo("wernerd", "verySecret");
LOG.info("Before adding UsernameToken PW Text....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Text....");
verify(signedDoc);
}
示例7: testUsernameTokenDigestText
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test that adds a UserNameToken with a digested password but with type of
* password test.
*/
public void testUsernameTokenDigestText() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
byte[] password = "verySecret".getBytes();
MessageDigest sha = MessageDigest.getInstance("MD5");
sha.reset();
sha.update(password);
String passwdDigest = Base64.encode(sha.digest());
builder.setUserInfo("wernerd", passwdDigest);
LOG.info("Before adding UsernameToken PW Text....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
}
示例8: testUsernameTokenBadText
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test that adds a UserNameToken with (bad) password text to a WS-Security envelope
*/
public void testUsernameTokenBadText() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
builder.setUserInfo("wernerd", "verySecre");
LOG.info("Before adding UsernameToken PW Text....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Text....");
try {
verify(signedDoc);
throw new Exception("Failure expected on a bad password text");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例9: testUsernameTokenNoPassword
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test that adds a UserNameToken with no password
*/
public void testUsernameTokenNoPassword() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(null);
builder.setUserInfo("wernerd", null);
LOG.info("Before adding UsernameToken with no password....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
try {
verify(signedDoc);
throw new Exception("Failure expected on no password");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例10: testUsernameTokenEmptyPassword
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test that adds a UserNameToken with an empty password
*/
public void testUsernameTokenEmptyPassword() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
builder.setUserInfo("wernerd", "");
LOG.info("Before adding UsernameToken with an empty password....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
verify(signedDoc);
}
示例11: testUsernameTokenCustomFail
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test with a null token type. This will fail as the default is to reject custom
* token types.
*/
public void testUsernameTokenCustomFail() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(null);
builder.setUserInfo("wernerd", null);
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
try {
verify(signedDoc);
throw new Exception("Custom token types are not permitted");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例12: handleOutboundMessage
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
private void handleOutboundMessage(SOAPMessageContext context)
throws SOAPException, WSSecurityException {
LOG.debug("adding WS-Security header");
SOAPMessage soapMessage = context.getMessage();
SOAPPart soapPart = soapMessage.getSOAPPart();
WSSecHeader wsSecHeader = new WSSecHeader();
wsSecHeader.insertSecurityHeader(soapPart);
WSSecUsernameToken usernameToken = new WSSecUsernameToken();
usernameToken.setUserInfo(this.packageLicenseKey.getUsername(),
this.packageLicenseKey.getPassword());
usernameToken.setPasswordType(WSConstants.PASSWORD_TEXT);
usernameToken.prepare(soapPart);
usernameToken.prependToHeader(wsSecHeader);
WSSecTimestamp wsSecTimeStamp = new WSSecTimestamp();
wsSecTimeStamp.build(soapPart, wsSecHeader);
WSSecurityCrypto crypto = new WSSecurityCrypto(this.sessionKey);
WSSConfig wssConfig = new WSSConfig();
wssConfig.setWsiBSPCompliant(false);
WSSecSignature sign = new WSSecSignature(wssConfig);
sign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
sign.prepare(soapPart, crypto, wsSecHeader);
sign.appendBSTElementToHeader(wsSecHeader);
Vector<WSEncryptionPart> signParts = new Vector<>();
signParts.add(new WSEncryptionPart(wsSecTimeStamp.getId()));
signParts.add(new WSEncryptionPart(usernameToken.getId()));
SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(soapPart
.getDocumentElement());
signParts.add(new WSEncryptionPart(soapConstants.getBodyQName()
.getLocalPart(), soapConstants.getEnvelopeURI(), "Content"));
sign.addReferencesToSign(signParts, wsSecHeader);
List<Reference> referenceList = sign.addReferencesToSign(signParts,
wsSecHeader);
sign.computeSignature(referenceList, false, null);
}
示例13: execute
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
throws WSSecurityException {
// Always call the callback for the username. We mis-use the configured password callback class and callback methods for this.
String providedUsername = reqData.getUsername();
WSPasswordCallback callbackData = handler.getPassword(reqData.getUsername(),
actionToDo,
WSHandlerConstants.PW_CALLBACK_CLASS,
WSHandlerConstants.PW_CALLBACK_REF, reqData);
providedUsername = callbackData.getIdentifier();
String password = callbackData.getPassword();
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setWsConfig(reqData.getWssConfig());
builder.setPasswordType(reqData.getPwType());
builder.setPasswordsAreEncoded(reqData.getWssConfig().getPasswordsAreEncoded());
builder.setUserInfo(providedUsername, password);
if (reqData.getUtElements() != null && reqData.getUtElements().length > 0) {
for (int j = 0; j < reqData.getUtElements().length; j++) {
reqData.getUtElements()[j].trim();
if (reqData.getUtElements()[j].equals("Nonce")) {
builder.addNonce();
}
if (reqData.getUtElements()[j].equals("Created")) {
builder.addCreated();
}
reqData.getUtElements()[j] = null;
}
}
builder.build(doc, reqData.getSecHeader());
}
示例14: testUsernameTokenSigning
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test the specific signing method that use UsernameToken values
* <p/>
*
* @throws java.lang.Exception Thrown when there is any problem in signing or verification
*/
public void testUsernameTokenSigning() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
builder.setUserInfo("wernerd", "verySecret");
builder.addCreated();
builder.addNonce();
builder.prepare(doc);
WSSecSignature sign = new WSSecSignature();
sign.setUsernameToken(builder);
sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
LOG.info("Before signing with UT text....");
sign.build(doc, null, secHeader);
LOG.info("Before adding UsernameToken PW Text....");
builder.prependToHeader(secHeader);
Document signedDoc = doc;
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Text....");
verify(signedDoc);
}
示例15: testUsernameTokenSigningDigest
import org.apache.ws.security.message.WSSecUsernameToken; //导入依赖的package包/类
/**
* Test the specific signing method that use UsernameToken values
* <p/>
*
* @throws java.lang.Exception Thrown when there is any problem in signing or verification
*/
public void testUsernameTokenSigningDigest() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_DIGEST);
builder.setUserInfo("wernerd", "verySecret");
builder.addCreated();
builder.addNonce();
builder.prepare(doc);
WSSecSignature sign = new WSSecSignature();
sign.setUsernameToken(builder);
sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
LOG.info("Before signing with UT digest....");
sign.build(doc, null, secHeader);
LOG.info("Before adding UsernameToken PW Digest....");
builder.prependToHeader(secHeader);
Document signedDoc = doc;
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Digest:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Digest....");
verify(signedDoc);
}