本文整理汇总了Java中org.apache.ws.security.message.WSSecUsernameToken.build方法的典型用法代码示例。如果您正苦于以下问题:Java WSSecUsernameToken.build方法的具体用法?Java WSSecUsernameToken.build怎么用?Java WSSecUsernameToken.build使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.ws.security.message.WSSecUsernameToken的用法示例。
在下文中一共展示了WSSecUsernameToken.build方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createUserNameToken
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
private SOAPMessage createUserNameToken(Document soapEnvelopeRequest) throws IOException, SOAPException, TransformerException {
WSSecHeader wsSecHeader = new WSSecHeader(null, false);
wsSecHeader.insertSecurityHeader(soapEnvelopeRequest);
WSSecUsernameToken wsSecUsernameToken = new WSSecUsernameToken();
wsSecUsernameToken.setUserInfo(this.username, this.password);
wsSecUsernameToken.prepare(soapEnvelopeRequest);
wsSecUsernameToken.addCreated();
wsSecUsernameToken.addNonce();
Document secSOAPReqDoc = wsSecUsernameToken.build(soapEnvelopeRequest, wsSecHeader);
Element element = secSOAPReqDoc.getDocumentElement();
DOMSource source = new DOMSource(element);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
StreamResult streamResult = new StreamResult(baos);
TransformerFactory.newInstance().newTransformer().transform(source, streamResult);
String secSOAPReq = new String(baos.toByteArray());
SOAPMessage res = new org.apache.axis.soap.MessageFactoryImpl().createMessage(null, new ByteArrayInputStream(secSOAPReq.getBytes()));
return res;
}
示例2: testFailedAuthentication
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test for the wsse:FailedAuthentication faultcode. This will fail due to a bad password in
* the callback handler.
*/
public void testFailedAuthentication() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.addCreated();
builder.addNonce();
builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document timestampedDoc = builder.build(doc, secHeader);
try {
verify(timestampedDoc);
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == 5);
assertTrue(ex.getMessage().startsWith(
"The security token could not be authenticated or authorized"));
QName faultCode = new QName(WSConstants.WSSE_NS, "FailedAuthentication");
assertTrue(ex.getFaultCode().equals(faultCode));
}
}
示例3: testInvalidSecurityToken
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test for the wsse:InvalidSecurityToken faultcode. This will fail due to the fact
* that a null username is used.
*/
public void testInvalidSecurityToken() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.addCreated();
builder.addNonce();
builder.setUserInfo(null, "security");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
builder.build(doc, secHeader);
try {
new UsernameToken(doc.getDocumentElement());
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == 4);
assertTrue(ex.getMessage().startsWith(
"An invalid security token was provided"));
QName faultCode = new QName(WSConstants.WSSE_NS, "InvalidSecurityToken");
assertTrue(ex.getFaultCode().equals(faultCode));
}
}
示例4: testUsernameTokenDigest
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test that adds a UserNameToken with password Digest to a WS-Security envelope
*/
public void testUsernameTokenDigest() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("wernerd", "verySecret");
LOG.info("Before adding UsernameToken PW Digest....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Digest:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Digest....");
verify(signedDoc);
}
示例5: testUsernameTokenBadDigest
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test that adds a UserNameToken with a bad password Digest to a WS-Security envelope
*/
public void testUsernameTokenBadDigest() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("wernerd", "verySecre");
LOG.info("Before adding UsernameToken PW Digest....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Digest:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Digest....");
try {
verify(signedDoc);
throw new Exception("Failure expected on a bad password digest");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例6: testUsernameTokenText
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test that adds a UserNameToken with password text to a WS-Security envelope
*/
public void testUsernameTokenText() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
builder.setUserInfo("wernerd", "verySecret");
LOG.info("Before adding UsernameToken PW Text....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Text....");
verify(signedDoc);
}
示例7: testUsernameTokenDigestText
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test that adds a UserNameToken with a digested password but with type of
* password test.
*/
public void testUsernameTokenDigestText() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
byte[] password = "verySecret".getBytes();
MessageDigest sha = MessageDigest.getInstance("MD5");
sha.reset();
sha.update(password);
String passwdDigest = Base64.encode(sha.digest());
builder.setUserInfo("wernerd", passwdDigest);
LOG.info("Before adding UsernameToken PW Text....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
}
示例8: testUsernameTokenBadText
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test that adds a UserNameToken with (bad) password text to a WS-Security envelope
*/
public void testUsernameTokenBadText() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
builder.setUserInfo("wernerd", "verySecre");
LOG.info("Before adding UsernameToken PW Text....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Text....");
try {
verify(signedDoc);
throw new Exception("Failure expected on a bad password text");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例9: testUsernameTokenNoPassword
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test that adds a UserNameToken with no password
*/
public void testUsernameTokenNoPassword() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(null);
builder.setUserInfo("wernerd", null);
LOG.info("Before adding UsernameToken with no password....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
try {
verify(signedDoc);
throw new Exception("Failure expected on no password");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例10: testUsernameTokenEmptyPassword
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test that adds a UserNameToken with an empty password
*/
public void testUsernameTokenEmptyPassword() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
builder.setUserInfo("wernerd", "");
LOG.info("Before adding UsernameToken with an empty password....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
verify(signedDoc);
}
示例11: testUsernameTokenCustomFail
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test with a null token type. This will fail as the default is to reject custom
* token types.
*/
public void testUsernameTokenCustomFail() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(null);
builder.setUserInfo("wernerd", null);
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
try {
verify(signedDoc);
throw new Exception("Custom token types are not permitted");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例12: execute
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
throws WSSecurityException {
// Always call the callback for the username. We mis-use the configured password callback class and callback methods for this.
String providedUsername = reqData.getUsername();
WSPasswordCallback callbackData = handler.getPassword(reqData.getUsername(),
actionToDo,
WSHandlerConstants.PW_CALLBACK_CLASS,
WSHandlerConstants.PW_CALLBACK_REF, reqData);
providedUsername = callbackData.getIdentifier();
String password = callbackData.getPassword();
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setWsConfig(reqData.getWssConfig());
builder.setPasswordType(reqData.getPwType());
builder.setPasswordsAreEncoded(reqData.getWssConfig().getPasswordsAreEncoded());
builder.setUserInfo(providedUsername, password);
if (reqData.getUtElements() != null && reqData.getUtElements().length > 0) {
for (int j = 0; j < reqData.getUtElements().length; j++) {
reqData.getUtElements()[j].trim();
if (reqData.getUtElements()[j].equals("Nonce")) {
builder.addNonce();
}
if (reqData.getUtElements()[j].equals("Created")) {
builder.addCreated();
}
reqData.getUtElements()[j] = null;
}
}
builder.build(doc, reqData.getSecHeader());
}
示例13: testUsernameTokenWithEncodedPassword
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test that adds a UserNameToken with password Digest to a WS-Security envelope
*/
public void testUsernameTokenWithEncodedPassword() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordsAreEncoded(true);
builder.setUserInfo("wernerd", Base64.encode(MessageDigest.getInstance("SHA-1").digest("verySecret".getBytes("UTF-8"))));
LOG.info("Before adding UsernameToken PW Digest....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Digest:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Digest....");
boolean passwordsAreEnabledOrig = WSSecurityEngine.getInstance().getWssConfig().getPasswordsAreEncoded();
try {
WSSecurityEngine.getInstance().getWssConfig().setPasswordsAreEncoded(true);
verify(signedDoc);
} finally {
WSSecurityEngine.getInstance().getWssConfig().setPasswordsAreEncoded(passwordsAreEnabledOrig);
}
}
示例14: testUsernameTokenBadUsername
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test that a bad username with password digest does not leak whether the username
* is valid or not - see WSS-141.
*/
public void testUsernameTokenBadUsername() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("badusername", "verySecret");
LOG.info("Before adding UsernameToken PW Digest....");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Digest:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Digest....");
try {
verify(signedDoc);
throw new Exception("Failure expected on a bad username");
} catch (WSSecurityException ex) {
String message = ex.getMessage();
assertTrue(message.indexOf("badusername") == -1);
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例15: testUsernameTokenCustomPass
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test with a null password type. This will pass as the WSSConfig is configured to
* handle custom token types.
*/
public void testUsernameTokenCustomPass() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(null);
builder.setUserInfo("customUser", null);
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
Document signedDoc = builder.build(doc, secHeader);
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
//
// Configure so that custom token types are accepted
//
WSSConfig cfg = WSSConfig.getNewInstance();
cfg.setHandleCustomPasswordTypes(true);
secEngine.setWssConfig(cfg);
verify(signedDoc);
//
// Go back to default for other tests
//
cfg.setHandleCustomPasswordTypes(false);
secEngine.setWssConfig(cfg);
}