Package org.apache.ws.security.saml

Examples of org.apache.ws.security.saml.WSSecSignatureSAML

134
135
136
137
138
139
140
141
142
143
144
145
146
147
        SAMLIssuer saml = SAMLIssuerFactory.getInstance("saml.properties");
        SAMLAssertion assertion = saml.newAssertion();
        String issuerKeyName = saml.getIssuerKeyName();
        String issuerKeyPW = saml.getIssuerKeyPassword();
        Crypto issuerCrypto = saml.getIssuerCrypto();
        WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
        wsSign.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
        Document samlDoc =
            wsSign.build(doc, null, assertion, issuerCrypto,
                issuerKeyName, issuerKeyPW, secHeader
            );
       
        WSSecEncrypt builder = new WSSecEncrypt();
        builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e");
View Full Code Here
181
182
183
184
185
186
187
188
189
190
191
192
193
194
        SAMLIssuer saml = SAMLIssuerFactory.getInstance("saml.properties");
        SAMLAssertion assertion = saml.newAssertion();
        String issuerKeyName = saml.getIssuerKeyName();
        String issuerKeyPW = saml.getIssuerKeyPassword();
        Crypto issuerCrypto = saml.getIssuerCrypto();
        WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
        wsSign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
        Document samlDoc =
            wsSign.build(doc, null, assertion, issuerCrypto,
                issuerKeyName, issuerKeyPW, secHeader
            );
       
        WSSecEncrypt builder = new WSSecEncrypt();
        builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e");
View Full Code Here
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
        saml.setInstanceDoc(doc);
        saml.setUserCrypto(crypto);
        saml.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
        SAMLAssertion assertion = saml.newAssertion();

        WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
        wsSign.setDigestAlgo("http://www.w3.org/2001/04/xmlenc#sha256");
        wsSign.setSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
        wsSign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
        wsSign.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");

        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);

        LOG.info("Before SAMLSignedKeyHolder....");
       
        //
        // set up for keyHolder
        //
        Document signedDoc = wsSign.build(doc, crypto, assertion, null, null, null, secHeader);
        LOG.info("After SAMLSignedKeyHolder....");

        String outputString =
            org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
        if (LOG.isDebugEnabled()) {
View Full Code Here
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
        saml.setInstanceDoc(doc);
        saml.setUserCrypto(crypto);
        saml.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
        SAMLAssertion assertion = saml.newAssertion();

        WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
        wsSign.setDigestAlgo("http://www.w3.org/2001/04/xmlenc#sha256");
        wsSign.setSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
        wsSign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
        wsSign.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");

        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);

        LOG.info("Before SAMLSignedKeyHolder....");
       
        //
        // set up for keyHolder
        //
        Document signedDoc = wsSign.build(doc, crypto, assertion, null, null, null, secHeader);
        LOG.info("After SAMLSignedKeyHolder....");

        String outputString =
            org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
        if (LOG.isDebugEnabled()) {
View Full Code Here
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
        saml.setInstanceDoc(doc);
        saml.setUserCrypto(crypto);
        saml.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
        SAMLAssertion assertion = saml.newAssertion();

        WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
        wsSign.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
        wsSign.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");

        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);

        LOG.info("Before SAMLSignedKeyHolder....");
       
        //
        // set up for keyHolder
        //
        Document signedDoc = wsSign.build(doc, crypto, assertion, null, null, null, secHeader);
        LOG.info("After SAMLSignedKeyHolder....");

        if (LOG.isDebugEnabled()) {
            LOG.debug("Signed SAML message (key holder):");
            String outputString =
View Full Code Here
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
        }
        String issuerKeyName = null;
        String issuerKeyPW = null;
        Crypto issuerCrypto = null;

        WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
        wsSign.setWsConfig(reqData.getWssConfig());

        String password = null;
        if (saml.isSenderVouches()) {
            issuerKeyName = saml.getIssuerKeyName();
            issuerKeyPW = saml.getIssuerKeyPassword();
            issuerCrypto = saml.getIssuerCrypto();
        } else {
            password =
                    handler.getPassword(reqData.getUsername(),
                            actionToDo,
                            WSHandlerConstants.PW_CALLBACK_CLASS,
                            WSHandlerConstants.PW_CALLBACK_REF, reqData)
                            .getPassword();
            wsSign.setUserInfo(reqData.getUsername(), password);
        }
        if (reqData.getSigKeyId() != 0) {
            wsSign.setKeyIdentifierType(reqData.getSigKeyId());
        }

         /*
         * required to add support for the
         * signatureParts parameter.
         * If not set WSSecSignatureSAML
         * defaults to only sign the body.
         */
        if (reqData.getSignatureParts().size() > 0) {
            wsSign.setParts(reqData.getSignatureParts());
        }

        try {
            wsSign.build(
                    doc,
                    crypto,
                    assertion,
                    issuerCrypto,
                    issuerKeyName,
                    issuerKeyPW,
                    reqData.getSecHeader());
            reqData.getSignatureValues().add(wsSign.getSignatureValue());
        } catch (WSSecurityException e) {
            throw new WSSecurityException("Error when signing the SAML token: ", e);
        }
    }
View Full Code Here
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
        AssertionWrapper assertion = saml.newAssertion();
        if (assertion == null) {
            throw new WSSecurityException("WSHandler: Signed SAML: no SAML token received");
        }

        WSSecSignatureSAML wsSign = new WSSecSignatureSAML(reqData.getWssConfig());

        CallbackHandler callbackHandler =
            handler.getPasswordCallbackHandler(reqData);
        WSPasswordCallback passwordCallback =
            handler.getPasswordCB(reqData.getUsername(), actionToDo, callbackHandler, reqData);
        wsSign.setUserInfo(reqData.getUsername(), passwordCallback.getPassword());
       
        if (reqData.getSigKeyId() != 0) {
            wsSign.setKeyIdentifierType(reqData.getSigKeyId());
        }
        if (reqData.getSigAlgorithm() != null) {
            wsSign.setSignatureAlgorithm(reqData.getSigAlgorithm());
        }
        if (reqData.getSigDigestAlgorithm() != null) {
            wsSign.setDigestAlgo(reqData.getSigDigestAlgorithm());
        }

         /*
         * required to add support for the
         * signatureParts parameter.
         * If not set WSSecSignatureSAML
         * defaults to only sign the body.
         */
        if (reqData.getSignatureParts().size() > 0) {
            wsSign.setParts(reqData.getSignatureParts());
        }

        try {
            wsSign.build(
                    doc,
                    crypto,
                    assertion,
                    saml.getIssuerCrypto(),
                    saml.getIssuerKeyName(),
                    saml.getIssuerKeyPassword(),
                    reqData.getSecHeader());
            reqData.getSignatureValues().add(wsSign.getSignatureValue());
        } catch (WSSecurityException e) {
            throw new WSSecurityException("Error when signing the SAML token: ", e);
        }
    }
View Full Code Here
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
        saml.setIssuerKeyPassword("security");
        saml.setSignAssertion(true);
        saml.setCallbackHandler(callbackHandler);
        AssertionWrapper assertion = saml.newAssertion();

        WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
        wsSign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
        wsSign.setUserInfo("wss40", "security");
       
        Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);
       
        List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
        WSEncryptionPart encP =
            new WSEncryptionPart("STRTransform", "", "Element");
        parts.add(encP);
        wsSign.setParts(parts);

        //
        // set up for keyHolder
        //
        Document signedDoc = wsSign.build(doc, userCrypto, assertion, null, null, null, secHeader);

        if (LOG.isDebugEnabled()) {
            LOG.debug("Signed SAML message (key holder):");
            String outputString =
                org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
View Full Code Here
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
       
        SAMLParms samlParms = new SAMLParms();
        samlParms.setCallbackHandler(callbackHandler);
        AssertionWrapper assertion = new AssertionWrapper(samlParms);
       
        WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
        wsSign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
       
        Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);
       
        Document signedDoc =
            wsSign.build(
                doc, null, assertion, crypto, "16c73ab6-b892-458f-abf5-2f875f74882e",
                "security", secHeader
            );
        Element assertionElement = (Element)assertion.getElement().cloneNode(true);
        assertionElement.removeChild(assertionElement.getFirstChild());
View Full Code Here
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
                    throw new IllegalArgumentException(NOT_A_VALID_SAML_VERSION);
                }
                AssertionWrapper assertion = createAssertion(context, samlParms, callbackHandler);
                wsSecSAMLToken.build(doc, assertion, secHeader);
            } else {
                WSSecSignatureSAML wsSecSignatureSAML = new WSSecSignatureSAML();
                WssCrypto wssCrypto = getWssContainer().getCryptoByName(crypto, true);
                String alias = context.expand(getUsername());

                if (wssCrypto == null) {
                    throw new RuntimeException("Missing keystore [" + crypto + "] for signature entry");
                } else if (Strings.isNullOrEmpty(alias)) {
                    throw new RuntimeException(" No alias was provided for the keystore '" + crypto + "'. Please check your SAML (Form) configurations");
                }

                if (samlVersion.equals(SAML_VERSION_1)) {
                    callbackHandler = new SAML1CallbackHandler(wssCrypto.getCrypto(), alias,
                            assertionType, confirmationMethod);
                } else if (samlVersion.equals(SAML_VERSION_2)) {
                    callbackHandler = new SAML2CallbackHandler(wssCrypto.getCrypto(), alias,
                            assertionType, confirmationMethod);
                } else {
                    throw new IllegalArgumentException(NOT_A_VALID_SAML_VERSION);
                }

                AssertionWrapper assertion = createAssertion(context, samlParms, callbackHandler);

                assertion.signAssertion(context.expand(getUsername()), context.expand(getPassword()),
                        wssCrypto.getCrypto(), false);

                wsSecSignatureSAML.setUserInfo(context.expand(getUsername()), context.expand(getPassword()));

                if (confirmationMethod.equals(SENDER_VOUCHES_CONFIRMATION_METHOD)) {
                    wsSecSignatureSAML.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);

                    wsSecSignatureSAML.build(doc, null, assertion, wssCrypto.getCrypto(), context.expand(getUsername()),
                            context.expand(getPassword()), secHeader);
                } else if (confirmationMethod.equals(HOLDER_OF_KEY_CONFIRMATION_METHOD)) {
                    wsSecSignatureSAML.setDigestAlgo(digestAlgorithm);

                    if (assertionType.equals(AUTHENTICATION_ASSERTION_TYPE)) {
                        wsSecSignatureSAML.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
                        wsSecSignatureSAML.setSignatureAlgorithm(signatureAlgorithm);
                    } else if (assertionType.equals(ATTRIBUTE_ASSERTION_TYPE)) {

                        wsSecSignatureSAML.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
                        wsSecSignatureSAML.setSignatureAlgorithm(signatureAlgorithm);

                        byte[] ephemeralKey = callbackHandler.getEphemeralKey();
                        wsSecSignatureSAML.setSecretKey(ephemeralKey);
                    }

                    wsSecSignatureSAML.build(doc, wssCrypto.getCrypto(), assertion, null, null, null, secHeader);
                }
            }

        } catch (Exception e) {
            SoapUI.logError(e);
View Full Code Here
TOP

Related Classes of org.apache.ws.security.saml.WSSecSignatureSAML

  • com.eviware.soapui.impl.wsdl.support.wss.entries.AutomaticSAMLEntry
  • org.apache.ws.security.action.SAMLTokenSignedAction
  • org.apache.ws.security.components.crypto.CryptoType
  • org.apache.ws.security.handler.RequestData
  • org.apache.ws.security.message.DOMURIDereferencer
  • org.apache.ws.security.message.EnvelopeIdResolver
  • org.apache.ws.security.message.ModifiedRequestTest
  • org.apache.ws.security.message.SignaturePartsTest
  • org.apache.ws.security.message.token.DOMX509Data
  • org.apache.ws.security.message.token.DOMX509IssuerSerial
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.