本文整理汇总了Java中org.apache.ws.security.message.WSSecUsernameToken.prepare方法的典型用法代码示例。如果您正苦于以下问题:Java WSSecUsernameToken.prepare方法的具体用法?Java WSSecUsernameToken.prepare怎么用?Java WSSecUsernameToken.prepare使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.ws.security.message.WSSecUsernameToken的用法示例。
在下文中一共展示了WSSecUsernameToken.prepare方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createUserNameToken
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
private SOAPMessage createUserNameToken(Document soapEnvelopeRequest) throws IOException, SOAPException, TransformerException {
WSSecHeader wsSecHeader = new WSSecHeader(null, false);
wsSecHeader.insertSecurityHeader(soapEnvelopeRequest);
WSSecUsernameToken wsSecUsernameToken = new WSSecUsernameToken();
wsSecUsernameToken.setUserInfo(this.username, this.password);
wsSecUsernameToken.prepare(soapEnvelopeRequest);
wsSecUsernameToken.addCreated();
wsSecUsernameToken.addNonce();
Document secSOAPReqDoc = wsSecUsernameToken.build(soapEnvelopeRequest, wsSecHeader);
Element element = secSOAPReqDoc.getDocumentElement();
DOMSource source = new DOMSource(element);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
StreamResult streamResult = new StreamResult(baos);
TransformerFactory.newInstance().newTransformer().transform(source, streamResult);
String secSOAPReq = new String(baos.toByteArray());
SOAPMessage res = new org.apache.axis.soap.MessageFactoryImpl().createMessage(null, new ByteArrayInputStream(secSOAPReq.getBytes()));
return res;
}
示例2: handleOutboundMessage
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
private void handleOutboundMessage(SOAPMessageContext context)
throws SOAPException, WSSecurityException {
LOG.debug("adding WS-Security header");
SOAPMessage soapMessage = context.getMessage();
SOAPPart soapPart = soapMessage.getSOAPPart();
WSSecHeader wsSecHeader = new WSSecHeader();
wsSecHeader.insertSecurityHeader(soapPart);
WSSecUsernameToken usernameToken = new WSSecUsernameToken();
usernameToken.setUserInfo(this.packageLicenseKey.getUsername(),
this.packageLicenseKey.getPassword());
usernameToken.setPasswordType(WSConstants.PASSWORD_TEXT);
usernameToken.prepare(soapPart);
usernameToken.prependToHeader(wsSecHeader);
WSSecTimestamp wsSecTimeStamp = new WSSecTimestamp();
wsSecTimeStamp.build(soapPart, wsSecHeader);
WSSecurityCrypto crypto = new WSSecurityCrypto(this.sessionKey);
WSSConfig wssConfig = new WSSConfig();
wssConfig.setWsiBSPCompliant(false);
WSSecSignature sign = new WSSecSignature(wssConfig);
sign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
sign.prepare(soapPart, crypto, wsSecHeader);
sign.appendBSTElementToHeader(wsSecHeader);
Vector<WSEncryptionPart> signParts = new Vector<>();
signParts.add(new WSEncryptionPart(wsSecTimeStamp.getId()));
signParts.add(new WSEncryptionPart(usernameToken.getId()));
SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(soapPart
.getDocumentElement());
signParts.add(new WSEncryptionPart(soapConstants.getBodyQName()
.getLocalPart(), soapConstants.getEnvelopeURI(), "Content"));
sign.addReferencesToSign(signParts, wsSecHeader);
List<Reference> referenceList = sign.addReferencesToSign(signParts,
wsSecHeader);
sign.computeSignature(referenceList, false, null);
}
示例3: testUsernameTokenSigning
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test the specific signing method that use UsernameToken values
* <p/>
*
* @throws java.lang.Exception Thrown when there is any problem in signing or verification
*/
public void testUsernameTokenSigning() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
builder.setUserInfo("wernerd", "verySecret");
builder.addCreated();
builder.addNonce();
builder.prepare(doc);
WSSecSignature sign = new WSSecSignature();
sign.setUsernameToken(builder);
sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
LOG.info("Before signing with UT text....");
sign.build(doc, null, secHeader);
LOG.info("Before adding UsernameToken PW Text....");
builder.prependToHeader(secHeader);
Document signedDoc = doc;
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Text:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Text....");
verify(signedDoc);
}
示例4: testUsernameTokenSigningDigest
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test the specific signing method that use UsernameToken values
* <p/>
*
* @throws java.lang.Exception Thrown when there is any problem in signing or verification
*/
public void testUsernameTokenSigningDigest() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_DIGEST);
builder.setUserInfo("wernerd", "verySecret");
builder.addCreated();
builder.addNonce();
builder.prepare(doc);
WSSecSignature sign = new WSSecSignature();
sign.setUsernameToken(builder);
sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
LOG.info("Before signing with UT digest....");
sign.build(doc, null, secHeader);
LOG.info("Before adding UsernameToken PW Digest....");
builder.prependToHeader(secHeader);
Document signedDoc = doc;
if (LOG.isDebugEnabled()) {
LOG.debug("Message with UserNameToken PW Digest:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
LOG.info("After adding UsernameToken PW Digest....");
verify(signedDoc);
}
示例5: testDerivedKeyEncryption
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test using a UsernameToken derived key for encrypting a SOAP body
*/
public void testDerivedKeyEncryption() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("bob", "security");
builder.addDerivedKey(false, null, 1000);
builder.prepare(doc);
byte[] derivedKey = builder.getDerivedKey();
assertTrue(derivedKey.length == 20);
String tokenIdentifier = builder.getId();
//
// Derived key encryption
//
WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt();
encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_128);
encrBuilder.setExternalKey(derivedKey, tokenIdentifier);
Document encryptedDoc = encrBuilder.build(doc, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
assertTrue(outputString.indexOf("wsse:Username") != -1);
assertTrue(outputString.indexOf("wsse:Password") == -1);
assertTrue(outputString.indexOf("wsse11:Salt") != -1);
assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
assertTrue(outputString.indexOf("testMethod") == -1);
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
verify(encryptedDoc);
}
示例6: testDerivedKeyBadUserSignature
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test using a UsernameToken derived key for signing a SOAP body. In this test the
* user is "alice" rather than "bob", and so signature verification should fail.
*/
public void testDerivedKeyBadUserSignature() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("alice", "security");
builder.addDerivedKey(true, null, 1000);
builder.prepare(doc);
byte[] derivedKey = builder.getDerivedKey();
assertTrue(derivedKey.length == 20);
String tokenIdentifier = builder.getId();
//
// Derived key signature
//
WSSecDKSign sigBuilder = new WSSecDKSign();
sigBuilder.setExternalKey(derivedKey, tokenIdentifier);
sigBuilder.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
Document signedDoc = sigBuilder.build(doc, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
try {
verify(signedDoc);
throw new Exception("Failure expected on a bad derived signature");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例7: testSignature
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test using a UsernameToken derived key for signing a SOAP body
*/
public void testSignature() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("bob", "security");
builder.addDerivedKey(true, null, 1000);
builder.prepare(doc);
WSSecSignature sign = new WSSecSignature();
sign.setUsernameToken(builder);
sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
Document signedDoc = sign.build(doc, null, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
assertTrue(outputString.indexOf("wsse:Username") != -1);
assertTrue(outputString.indexOf("wsse:Password") == -1);
assertTrue(outputString.indexOf("wsse11:Salt") != -1);
assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
Vector results = verify(signedDoc);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.UT_SIGN);
java.security.Principal principal =
(java.security.Principal) actionResult.get(WSSecurityEngineResult.TAG_PRINCIPAL);
assertTrue(principal.getName().indexOf("bob") != -1);
}
示例8: testBadUserSignature
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test using a UsernameToken derived key for signing a SOAP body. In this test the
* user is "alice" rather than "bob", and so signature verification should fail.
*/
public void testBadUserSignature() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("alice", "security");
builder.addDerivedKey(true, null, 1000);
builder.prepare(doc);
WSSecSignature sign = new WSSecSignature();
sign.setUsernameToken(builder);
sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
Document signedDoc = sign.build(doc, null, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
try {
verify(signedDoc);
throw new Exception("Failure expected on a bad derived signature");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例9: testWSS226
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test that uses a 32 byte key length for the secret key, instead of the default 16 bytes.
*/
public void testWSS226() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordType(WSConstants.PASSWORD_TEXT);
builder.setUserInfo("wernerd", "verySecret");
builder.addCreated();
builder.setSecretKeyLength(32);
builder.addNonce();
builder.prepare(doc);
WSSecSignature sign = new WSSecSignature();
sign.setUsernameToken(builder);
sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
LOG.info("Before signing with UT text....");
sign.build(doc, null, secHeader);
LOG.info("Before adding UsernameToken PW Text....");
builder.prependToHeader(secHeader);
Document signedDoc = doc;
if (LOG.isDebugEnabled()) {
LOG.debug("Message using a 32 byte key length:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
//
// It should fail on the default key length of 16...
//
try {
secEngine.processSecurityHeader(doc, null, this, null);
fail ("An error was expected on verifying the signature");
} catch (Exception ex) {
// expected
}
WSSecurityEngine wss226SecurityEngine = new WSSecurityEngine();
WSSConfig wssConfig = WSSConfig.getNewInstance();
wssConfig.setSecretKeyLength(32);
wss226SecurityEngine.setWssConfig(wssConfig);
wss226SecurityEngine.processSecurityHeader(doc, null, this, null);
}
示例10: testDerivedKeyEncryptionWithEncodedPassword
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test using a UsernameToken derived key for encrypting a SOAP body
*/
public void testDerivedKeyEncryptionWithEncodedPassword() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordsAreEncoded(true);
builder.setUserInfo("bob", Base64.encode(MessageDigest.getInstance("SHA-1").digest("security".getBytes("UTF-8"))));
builder.addDerivedKey(false, null, 1000);
builder.prepare(doc);
byte[] derivedKey = builder.getDerivedKey();
assertTrue(derivedKey.length == 20);
String tokenIdentifier = builder.getId();
//
// Derived key encryption
//
WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt();
encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_128);
encrBuilder.setExternalKey(derivedKey, tokenIdentifier);
Document encryptedDoc = encrBuilder.build(doc, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
assertTrue(outputString.indexOf("wsse:Username") != -1);
assertTrue(outputString.indexOf("wsse:Password") == -1);
assertTrue(outputString.indexOf("wsse11:Salt") != -1);
assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
assertTrue(outputString.indexOf("testMethod") == -1);
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
boolean passwordsAreEnabledOrig = WSSecurityEngine.getInstance().getWssConfig().getPasswordsAreEncoded();
try {
WSSecurityEngine.getInstance().getWssConfig().setPasswordsAreEncoded(true);
verify(encryptedDoc);
} finally {
WSSecurityEngine.getInstance().getWssConfig().setPasswordsAreEncoded(passwordsAreEnabledOrig);
}
}
示例11: testDerivedKeyChangedEncryption
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test using a UsernameToken derived key for encrypting a SOAP body. In this test the
* derived key is modified before encryption, and so decryption should fail.
*/
public void testDerivedKeyChangedEncryption() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("bob", "security");
builder.addDerivedKey(false, null, 1000);
builder.prepare(doc);
byte[] derivedKey = builder.getDerivedKey();
derivedKey[5] = 12;
assertTrue(derivedKey.length == 20);
String tokenIdentifier = builder.getId();
//
// Derived key encryption
//
WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt();
encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_128);
encrBuilder.setExternalKey(derivedKey, tokenIdentifier);
Document encryptedDoc = encrBuilder.build(doc, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
assertTrue(outputString.indexOf("wsse:Username") != -1);
assertTrue(outputString.indexOf("wsse:Password") == -1);
assertTrue(outputString.indexOf("wsse11:Salt") != -1);
assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
assertTrue(outputString.indexOf("testMethod") == -1);
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
try {
verify(encryptedDoc);
throw new Exception("Failure expected on a bad derived encryption");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_CHECK);
// expected
}
}
示例12: testDerivedKeyBadUserEncryption
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test using a UsernameToken derived key for encrypting a SOAP body. In this test the
* user is "alice" rather than "bob", and so decryption should fail.
*/
public void testDerivedKeyBadUserEncryption() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("alice", "security");
builder.addDerivedKey(false, null, 1000);
builder.prepare(doc);
byte[] derivedKey = builder.getDerivedKey();
assertTrue(derivedKey.length == 20);
String tokenIdentifier = builder.getId();
//
// Derived key encryption
//
WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt();
encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_128);
encrBuilder.setExternalKey(derivedKey, tokenIdentifier);
Document encryptedDoc = encrBuilder.build(doc, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
assertTrue(outputString.indexOf("wsse:Username") != -1);
assertTrue(outputString.indexOf("wsse:Password") == -1);
assertTrue(outputString.indexOf("wsse11:Salt") != -1);
assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
assertTrue(outputString.indexOf("testMethod") == -1);
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
try {
verify(encryptedDoc);
throw new Exception("Failure expected on a bad derived encryption");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION);
// expected
}
}
示例13: testDerivedKeySignature
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test using a UsernameToken derived key for signing a SOAP body
*/
public void testDerivedKeySignature() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("bob", "security");
builder.addDerivedKey(true, null, 1000);
builder.prepare(doc);
byte[] derivedKey = builder.getDerivedKey();
assertTrue(derivedKey.length == 20);
String tokenIdentifier = builder.getId();
//
// Derived key signature
//
WSSecDKSign sigBuilder = new WSSecDKSign();
sigBuilder.setExternalKey(derivedKey, tokenIdentifier);
sigBuilder.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
Document signedDoc = sigBuilder.build(doc, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
assertTrue(outputString.indexOf("wsse:Username") != -1);
assertTrue(outputString.indexOf("wsse:Password") == -1);
assertTrue(outputString.indexOf("wsse11:Salt") != -1);
assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
Vector results = verify(signedDoc);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.SIGN);
java.security.Principal principal =
(java.security.Principal) actionResult.get(WSSecurityEngineResult.TAG_PRINCIPAL);
//System.out.println(principal.getName());
assertTrue(principal.getName().indexOf("derivedKey") != -1);
}
示例14: testDerivedKeySignatureWithEncodedPassword
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test using a UsernameToken derived key for signing a SOAP body
*/
public void testDerivedKeySignatureWithEncodedPassword() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setPasswordsAreEncoded(true);
builder.setUserInfo("bob", Base64.encode(MessageDigest.getInstance("SHA-1").digest("security".getBytes("UTF-8"))));
builder.addDerivedKey(true, null, 1000);
builder.prepare(doc);
byte[] derivedKey = builder.getDerivedKey();
assertTrue(derivedKey.length == 20);
String tokenIdentifier = builder.getId();
//
// Derived key signature
//
WSSecDKSign sigBuilder = new WSSecDKSign();
sigBuilder.setExternalKey(derivedKey, tokenIdentifier);
sigBuilder.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
Document signedDoc = sigBuilder.build(doc, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
assertTrue(outputString.indexOf("wsse:Username") != -1);
assertTrue(outputString.indexOf("wsse:Password") == -1);
assertTrue(outputString.indexOf("wsse11:Salt") != -1);
assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
boolean passwordsAreEnabledOrig = WSSecurityEngine.getInstance().getWssConfig().getPasswordsAreEncoded();
try {
WSSecurityEngine.getInstance().getWssConfig().setPasswordsAreEncoded(true);
Vector results = verify(signedDoc);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.SIGN);
java.security.Principal principal =
(java.security.Principal) actionResult.get(WSSecurityEngineResult.TAG_PRINCIPAL);
//System.out.println(principal.getName());
assertTrue(principal.getName().indexOf("derivedKey") != -1);
} finally {
WSSecurityEngine.getInstance().getWssConfig().setPasswordsAreEncoded(passwordsAreEnabledOrig);
}
}
示例15: testDerivedKeyChangedSignature
import org.apache.ws.security.message.WSSecUsernameToken; //导入方法依赖的package包/类
/**
* Test using a UsernameToken derived key for signing a SOAP body. In this test the
* derived key is modified before signature, and so signature verification should
* fail.
*/
public void testDerivedKeyChangedSignature() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.setUserInfo("bob", "security");
builder.addDerivedKey(true, null, 1000);
builder.prepare(doc);
byte[] derivedKey = builder.getDerivedKey();
derivedKey[5] = 12;
assertTrue(derivedKey.length == 20);
String tokenIdentifier = builder.getId();
//
// Derived key signature
//
WSSecDKSign sigBuilder = new WSSecDKSign();
sigBuilder.setExternalKey(derivedKey, tokenIdentifier);
sigBuilder.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
Document signedDoc = sigBuilder.build(doc, secHeader);
builder.prependToHeader(secHeader);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
try {
verify(signedDoc);
throw new Exception("Failure expected on a bad derived signature");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_CHECK);
// expected
}
}