Examples of BinarySecurity

• org.apache.ws.security.message.token.BinarySecurity
  Binary Security Token. @author Davanum Srinivas (dims@yahoo.com). @author Werner Dittmann (Werner.Dittmann@t-onile.de).
• org.apache.wss4j.dom.message.token.BinarySecurity
  Binary Security Token.

Examples of org.apache.ws.security.message.token.BinarySecurity

            } else if (tempTok instanceof WSSecUsernameToken) {
                WSSecUsernameToken unt = (WSSecUsernameToken)tempTok;
                part = new WSEncryptionPart(unt.getId());
                part.setElement(unt.getUsernameTokenElement());
            } else if (tempTok instanceof BinarySecurity) {
                BinarySecurity bst = (BinarySecurity)tempTok;
                part = new WSEncryptionPart(bst.getID());
                part.setElement(bst.getElement());
            } else if (tempTok instanceof AssertionWrapper) {
                boolean selfSignAssertion =
                    MessageUtils.getContextualBoolean(
                        message, SecurityConstants.SELF_SIGN_SAML_ASSERTION, false
                    );

Examples of org.apache.ws.security.message.token.BinarySecurity

        if (alsoIncludeToken) {
            CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
            cryptoType.setAlias(encrUser);
            X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
            BinarySecurity bstToken = new X509Security(saaj.getSOAPPart());
            ((X509Security) bstToken).setX509Certificate(certs[0]);
            bstToken.addWSUNamespace();
            bstToken.setID(wssConfig.getIdAllocator().createSecureId("X509-", certs[0]));
            WSSecurityUtil.prependChildElement(
                secHeader.getSecurityHeader(), bstToken.getElement()
            );
            bstElement = bstToken.getElement();
        }

        return encrKey;
    }

Examples of org.apache.ws.security.message.token.BinarySecurity

    private void includeToken(String user, Crypto crypto, WSSecSignature sig) throws WSSecurityException {
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias(user);
        X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
        BinarySecurity bstToken = null;
        if (!sig.isUseSingleCertificate()) {
            bstToken = new PKIPathSecurity(saaj.getSOAPPart());
            ((PKIPathSecurity) bstToken).setX509Certificates(certs, crypto);
        } else {
            bstToken = new X509Security(saaj.getSOAPPart());
            ((X509Security) bstToken).setX509Certificate(certs[0]);
        }
        bstToken.setID(wssConfig.getIdAllocator().createSecureId("X509-", certs[0]));
        WSSecurityUtil.prependChildElement(
            secHeader.getSecurityHeader(), bstToken.getElement()
        );
        bstElement = bstToken.getElement();
    }

Examples of org.apache.ws.security.message.token.BinarySecurity

        //
        // Turn the received JAXB object into a DOM element
        //
        Document doc = DOMUtils.createDocument();
        BinarySecurity binarySecurity = new X509Security(doc);
        binarySecurity.setEncodingType(encodingType);
        binarySecurity.setValueType(binarySecurityType.getValueType());
        String data = binarySecurityType.getValue();
        ((Text)binarySecurity.getElement().getFirstChild()).setData(data);

        //
        // Validate the token
        //
        try {

Examples of org.apache.ws.security.message.token.BinarySecurity

        ) {
            List<WSSecurityEngineResult> results = new ArrayList<WSSecurityEngineResult>();
            for (WSSecurityEngineResult wser : wsSecEngineResults) {
                Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt.intValue() == WSConstants.BST) {
                    BinarySecurity binarySecurity =
                        (BinarySecurity)wser.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
                    if (binarySecurity instanceof KerberosSecurity) {
                        results.add(wser);
                    }
                }

Examples of org.apache.ws.security.message.token.BinarySecurity

            Integer actInt = (Integer)token.get(WSSecurityEngineResult.TAG_ACTION);
            if (actInt == WSConstants.SIGN) {
                continue;
            }

            BinarySecurity binarySecurity =
                (BinarySecurity)token.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
            PublicKey foundPublicKey =
                (PublicKey)token.get(WSSecurityEngineResult.TAG_PUBLIC_KEY);
            if (binarySecurity instanceof X509Security
                || binarySecurity instanceof PKIPathSecurity) {

Examples of org.apache.ws.security.message.token.BinarySecurity

                    WSSecurityException.INVALID_SECURITY_TOKEN, "duplicateError"
                );
            }
        }

        BinarySecurity token = createSecurityToken(elem, data.getWssConfig());
        X509Certificate[] certs = null;
        Validator validator = data.getValidator(new QName(elem.getNamespaceURI(),
                                                          elem.getLocalName()));

        if (data.getSigCrypto() == null) {

Examples of org.apache.ws.security.message.token.BinarySecurity

    private BinarySecurity createSecurityToken(
        Element element,
        WSSConfig config
    ) throws WSSecurityException {
        String type = element.getAttributeNS(null, "ValueType");
        BinarySecurity token = null;
        if (X509Security.X509_V3_TYPE.equals(type)) {
            token = new X509Security(element, config.isWsiBSPCompliant());
        } else if (PKIPathSecurity.getType().equals(type)) {
            token = new PKIPathSecurity(element, config.isWsiBSPCompliant());
        } else if (KerberosSecurity.isKerberosToken(type)) {
            token = new KerberosSecurity(element, config.isWsiBSPCompliant());
        } else {
            token = new BinarySecurity(element, config.isWsiBSPCompliant());
        }
        return token;
    }

Examples of org.apache.ws.security.message.token.BinarySecurity

                QName el = new QName(token.getNamespaceURI(), token.getLocalName());
                if (el.equals(WSSecurityEngine.BINARY_TOKEN)) {
                    Processor proc = data.getWssConfig().getProcessor(WSSecurityEngine.BINARY_TOKEN);
                    List<WSSecurityEngineResult> bstResult =
                            proc.handleToken(token, data, wsDocInfo);
                    BinarySecurity bstToken =
                            (BinarySecurity)bstResult.get(0).get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
                    if (bspCompliant) {
                        BSPEnforcer.checkBinarySecurityBSPCompliance(secRef, bstToken);
                    }
                    secretKey = (byte[])bstResult.get(0).get(WSSecurityEngineResult.TAG_SECRET);
                }
            }
            if (secretKey == null) {
                throw new WSSecurityException(
                    WSSecurityException.FAILED_CHECK, "unsupportedKeyId", new Object[] {uri}
                );
            }
        } else if (secRef.containsKeyIdentifier()) {
            String valueType = secRef.getKeyIdentifierValueType();
            if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(valueType)
                || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(valueType)) {
                AssertionWrapper assertion =
                    SAMLUtil.getAssertionFromKeyIdentifier(
                        secRef, strElement,
                        data, wsDocInfo
                    );
                secretKey =
                    getSecretKeyFromAssertion(assertion, secRef, data, wsDocInfo, bspCompliant);
            } else if (WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(valueType)) {
                secretKey =
                    getSecretKeyFromToken(secRef.getKeyIdentifierValue(), valueType, data);
                if (secretKey == null) {
                    byte[] keyBytes = secRef.getSKIBytes();
                    List<WSSecurityEngineResult> resultsList =
                        wsDocInfo.getResultsByTag(WSConstants.BST);
                    for (WSSecurityEngineResult bstResult : resultsList) {
                        BinarySecurity bstToken =
                            (BinarySecurity)bstResult.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
                        byte[] tokenDigest = WSSecurityUtil.generateDigest(bstToken.getToken());
                        if (Arrays.equals(tokenDigest, keyBytes)) {
                            secretKey = (byte[])bstResult.get(WSSecurityEngineResult.TAG_SECRET);
                            break;
                        }
                    }

Examples of org.apache.ws.security.message.token.BinarySecurity

     *
     * @return
     * @throws WSSecurityException
     */
    public BinarySecurity getBinarySecurityToken() throws WSSecurityException {
        BinarySecurity binarySecToken;

        binarySecToken = null;
        String firstChild = this.element.getFirstChild().getLocalName();

        if ("BinarySecurityToken" == firstChild) {

            binarySecToken =
                    new BinarySecurity((Element) this.element.getFirstChild());
            return binarySecToken;
        } else if ("SecurityTokenReference" == firstChild) {

            SecurityTokenReference secTokRef =
                    new SecurityTokenReference((Element) this.element.getFirstChild());
            binarySecToken =
                    new BinarySecurity(secTokRef.getTokenElement(element.getOwnerDocument(),
                                    null));
            return binarySecToken;
        } else {
            throw new WSSecurityException(WSSecurityException.INVALID_SECURITY_TOKEN,
                    "badTokenType");