Package org.apache.ws.security

Examples of org.apache.ws.security.WSSecurityException

68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
     */
    public BinarySecurity(Element elem, boolean bspCompliant) throws WSSecurityException {
        element = elem;
        QName el = new QName(element.getNamespaceURI(), element.getLocalName());
        if (!(el.equals(TOKEN_BST) || el.equals(TOKEN_KI))) {
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY_TOKEN,
                "unhandledToken",
                new Object[] {el}
            );
        }
        String encoding = getEncodingType();
        if (bspCompliant && !BASE64_ENCODING.equals(encoding)) {
            // The EncodingType attribute must be specified, and must be equal to Base64Binary
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY_TOKEN,
                "badEncodingType",
                new Object[] {encoding}
            );
        }
       
        String valueType = getValueType();
        if (bspCompliant && (valueType == null || "".equals(valueType))) {
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY_TOKEN,
                "invalidValueType",
                new Object[]{valueType}
            );
        }
View Full Code Here
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
     * @throws WSSecurityException
     */
    public BinarySecurity(CallbackHandler callbackHandler) throws WSSecurityException {
        if (callbackHandler == null) {
            LOG.debug("Trying to create a BinarySecurityToken via a null CallbackHandler");
            throw new WSSecurityException(WSSecurityException.FAILURE);
        }
        TokenElementCallback[] callback = new TokenElementCallback[] { new TokenElementCallback() };

        try {
            callbackHandler.handle(callback);
        } catch (IOException e) {
            throw new IllegalStateException(
                "IOException while creating a token element", e
            );
        } catch (UnsupportedCallbackException e) {
            throw new IllegalStateException(
                "UnsupportedCallbackException while creating a token element", e
            );
        }
        element = callback[0].getTokenElement();
        if (element == null) {
            LOG.debug("CallbackHandler did not return a token element");
            throw new WSSecurityException(WSSecurityException.FAILURE);
        }
    }
View Full Code Here
88
89
90
91
92
93
94
95
96
97
98
     */
    public SecurityTokenReference(Element elem, boolean bspCompliant) throws WSSecurityException {
        element = elem;
        QName el = new QName(element.getNamespaceURI(), element.getLocalName());
        if (!STR_QNAME.equals(el)) {
            throw new WSSecurityException(WSSecurityException.FAILURE, "badElement", null);
        }
        if (bspCompliant) {
            checkBSPCompliance();
        }
        if (containsReference()) {
View Full Code Here
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
        if (log.isDebugEnabled()) {
            log.debug("Token reference uri: " + uri);
        }
       
        if (uri == null) {
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY, "badReferenceURI"
            );
        }
       
        Element tokElement =
            findProcessedTokenElement(doc, docInfo, cb, uri, valueType);
        if (tokElement == null) {
            tokElement = findUnprocessedTokenElement(doc, docInfo, cb, uri, valueType);
        }
       
        if (tokElement == null) {
            throw new WSSecurityException(
                WSSecurityException.SECURITY_TOKEN_UNAVAILABLE,
                "noToken",
                new Object[]{uri}
            );
        }
View Full Code Here
347
348
349
350
351
352
353
354
355
356
357
        Document doc = element.getOwnerDocument();
        byte data[] = null;
        try {
            data = cert.getEncoded();
        } catch (CertificateEncodingException e) {
            throw new WSSecurityException(
                WSSecurityException.SECURITY_TOKEN_UNAVAILABLE, "encodeError", null, e
            );
        }
        Text text = doc.createTextNode(Base64.encode(data));
       
View Full Code Here
371
372
373
374
375
376
377
378
379
380
381
        throws WSSecurityException {
        //
        // As per the 1.1 specification, SKI can only be used for a V3 certificate
        //
        if (cert.getVersion() != 3) {
            throw new WSSecurityException(
                WSSecurityException.UNSUPPORTED_SECURITY_TOKEN,
                "invalidCertForSKI",
                new Object[]{Integer.valueOf(cert.getVersion())}
            );
        }
View Full Code Here
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
        Document doc = element.getOwnerDocument();
        byte[] encodedCert = null;
        try {
            encodedCert = cert.getEncoded();
        } catch (CertificateEncodingException e1) {
            throw new WSSecurityException(
                WSSecurityException.SECURITY_TOKEN_UNAVAILABLE, "encodeError", null, e1
            );
        }
        try {
            byte[] encodedBytes = WSSecurityUtil.generateDigest(encodedCert);
            org.w3c.dom.Text text = doc.createTextNode(Base64.encode(encodedBytes));
            createKeyIdentifier(doc, THUMB_URI, text, true);
        } catch (WSSecurityException e1) {
            throw new WSSecurityException(
                WSSecurityException.FAILURE, "noSHA1availabe", null, e1
            );
        }
    }
View Full Code Here
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
                child = (Element)node;
            }
            node = node.getNextSibling();
        }
        if (result != 1) {
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY, "invalidDataRef"
            );
        }
        if ("KeyIdentifier".equals(child.getLocalName())
            && WSConstants.WSSE_NS.equals(child.getNamespaceURI())) {
           
            String valueType = getKeyIdentifierValueType();
            // ValueType cannot be null
            if (valueType == null || "".equals(valueType)) {
                throw new WSSecurityException(
                    WSSecurityException.INVALID_SECURITY, "invalidValueType"
                );
            }
            String encodingType = getFirstElement().getAttributeNS(null, "EncodingType");
            // Encoding Type must be equal to Base64Binary if it's specified
            if (encodingType != null && !"".equals(encodingType)
                && !BinarySecurity.BASE64_ENCODING.equals(encodingType)) {
                throw new WSSecurityException(
                    WSSecurityException.INVALID_SECURITY,
                    "badEncodingType",
                    new Object[] {encodingType}
                );
            }
            // Encoding type must be specified other than for a SAML Assertion
            if (!WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(valueType)
                && !WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(valueType)
                && (encodingType == null || "".equals(encodingType))) {
                throw new WSSecurityException(
                    WSSecurityException.INVALID_SECURITY, "noEncodingType"
                );
            }
        } else if ("Embedded".equals(child.getLocalName())) {
            result = 0;
            node = child.getFirstChild();
            while (node != null) {
                if (Node.ELEMENT_NODE == node.getNodeType()) {
                    result++;
                    // We cannot have a SecurityTokenReference child element
                    if ("SecurityTokenReference".equals(node.getLocalName())
                        && WSConstants.WSSE_NS.equals(node.getNamespaceURI())) {
                        throw new WSSecurityException(
                            WSSecurityException.INVALID_SECURITY, "invalidEmbeddedRef"
                        );
                    }
                }
                node = node.getNextSibling();
            }
            // We can only have one embedded child
            if (result != 1) {
                throw new WSSecurityException(
                    WSSecurityException.INVALID_SECURITY, "invalidEmbeddedRef"
                );
            }
        }
    }
View Full Code Here
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
                    //
                    // If there are no stored signature values, and we've received a
                    // SignatureConfirmation element then throw an Exception
                    //
                    if (sigVal.length != 0) {
                        throw new WSSecurityException(
                            "Received a SignatureConfirmation element, but there are no stored"
                             + " signature values"
                        );
                    }
                } else {
                    boolean found = false;
                    for (int j = 0; j < savedSignatures.size(); j++) {
                        byte[] storedValue = (byte[]) savedSignatures.get(j);
                        if (Arrays.equals(sigVal, storedValue)) {
                            found = true;
                            savedSignatures.remove(j);
                            break;
                        }
                    }
                    if (!found) {
                        throw new WSSecurityException(
                            "Received a SignatureConfirmation element, but there are no matching"
                            + " stored signature values"
                        );
                    }
                }
            }
        }

        //
        // This indicates this is the last handler: the list holding the
        // stored Signature values must be empty, otherwise we have an error
        //
        if (!reqData.isNoSerialization()) {
            if (doDebug) {
                log.debug("Check Signature confirmation - last handler");
            }
            if (savedSignatures != null && !savedSignatures.isEmpty()) {
                throw new WSSecurityException(
                    "Check Signature confirmation: the stored signature values list is not empty"
                );
            }
        }
    }
View Full Code Here
461
462
463
464
465
466
467
468
469
470
471
            } else if (WSConstants.PW_DIGEST.equals(type)) {
                reqData.setPwType(WSConstants.PASSWORD_DIGEST);
            } else if (WSConstants.PW_NONE.equals(type)) {
                reqData.setPwType(null);
            } else {
                throw new WSSecurityException("Unknown password type encoding: " + type);
            }
        }
       
        String add = getString(WSHandlerConstants.ADD_UT_ELEMENTS, mc);
        if (add != null) {
View Full Code Here
TOP

Related Classes of org.apache.ws.security.WSSecurityException

  • org.apache.axis2.security.util.Axis2Util
  • org.apache.cxf.fediz.core.saml.SamlAssertionValidator
  • org.apache.cxf.rs.security.saml.sso.SAMLProtocolResponseValidator
  • org.apache.cxf.rs.security.saml.sso.SAMLSSOResponseValidator
  • org.apache.cxf.rs.security.xml.EncryptionUtils
  • org.apache.cxf.rs.security.xml.XmlEncOutInterceptor
  • org.apache.cxf.sts.token.validator.SAMLTokenValidator
  • org.apache.cxf.systest.sts.batch.SimpleBatchSTSClient
  • org.apache.cxf.systest.sts.claims.ClaimsValidator
  • org.apache.cxf.systest.ws.saml.Saml2AudienceRestrictionValidator
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.