Package org.apache.wss4j.dom.message.token

Examples of org.apache.wss4j.dom.message.token.Timestamp

649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
            return;
        }
       
        // Find the Timestamp
        List<WSSecurityEngineResult> foundResults = wsDocInfo.getResultsByTag(WSConstants.TS);
        Timestamp timeStamp = null;
        if (foundResults.isEmpty()) {
            // Search for a Timestamp below the Signature
            Node sibling = signatureElement.getNextSibling();
            while (sibling != null) {
                if (sibling instanceof Element
                    && WSConstants.TIMESTAMP_TOKEN_LN.equals(sibling.getLocalName())
                    && WSConstants.WSU_NS.equals(sibling.getNamespaceURI())) {
                    timeStamp = new Timestamp((Element)sibling, requestData.getBSPEnforcer());
                    break;
                }
                sibling = sibling.getNextSibling();
            }
        } else {
            timeStamp = (Timestamp)foundResults.get(0).get(WSSecurityEngineResult.TAG_TIMESTAMP);
        }
        if (timeStamp == null) {
            return;
        }
       
        // Test for replay attacks
        Date created = timeStamp.getCreated();
        DateFormat zulu = new XmlSchemaDateFormat();
        String identifier = zulu.format(created) + "" + Arrays.hashCode(signatureValue);

        if (replayCache.contains(identifier)) {
            throw new WSSecurityException(
                WSSecurityException.ErrorCode.INVALID_SECURITY,
                "invalidTimestamp",
                "A replay attack has been detected");
        }

        // Store the Timestamp/SignatureValue combination in the cache
        Date expires = timeStamp.getExpires();
        if (expires != null) {
            Date rightNow = new Date();
            long currentTime = rightNow.getTime();
            long expiresTime = expires.getTime();
            replayCache.add(identifier, 1L + (expiresTime - currentTime) / 1000L);
View Full Code Here
928
929
930
931
932
933
934
935
936
937
938
939
       
        // Store the timestamp element
        WSSecurityEngineResult tsResult = WSSecurityUtil.fetchActionResult(results, WSConstants.TS);
        Element timestamp = null;
        if (tsResult != null) {
            Timestamp ts = (Timestamp)tsResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
            timestamp = ts.getElement();
        }
       
        boolean check = true;
       
        SupportingTokenPolicyValidator validator = new ConcreteSupportingTokenPolicyValidator();
View Full Code Here
100
101
102
103
104
105
106
107
108
            secEngine.processSecurityHeader(doc, null, null, null);
        WSSecurityEngineResult actionResult =
            WSSecurityUtil.fetchActionResult(wsResults, WSConstants.TS);
        assertTrue(actionResult != null);
       
        Timestamp receivedTimestamp =
            (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
        assertTrue(receivedTimestamp != null);
    }
View Full Code Here
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
            LOG.debug("Found Timestamp list element");
        }
        //
        // Decode Timestamp, add the found time (created/expiry) to result
        //
        Timestamp timestamp = new Timestamp(elem, data.getBSPEnforcer());
        Credential credential = new Credential();
        credential.setTimestamp(timestamp);
       
        WSSecurityEngineResult result =
            new WSSecurityEngineResult(WSConstants.TS, timestamp);
        result.put(WSSecurityEngineResult.TAG_ID, timestamp.getID());
       
        Validator validator = data.getValidator(WSSecurityEngine.TIMESTAMP);
        if (validator != null) {
            validator.validate(credential, data);
           
View Full Code Here
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
            return;
        }
       
        // Find the Timestamp
        List<WSSecurityEngineResult> foundResults = wsDocInfo.getResultsByTag(WSConstants.TS);
        Timestamp timeStamp = null;
        if (foundResults.isEmpty()) {
            // Search for a Timestamp below the Signature
            Node sibling = signatureElement.getNextSibling();
            while (sibling != null) {
                if (sibling instanceof Element
                    && WSConstants.TIMESTAMP_TOKEN_LN.equals(sibling.getLocalName())
                    && WSConstants.WSU_NS.equals(sibling.getNamespaceURI())) {
                    timeStamp = new Timestamp((Element)sibling, requestData.getBSPEnforcer());
                    break;
                }
                sibling = sibling.getNextSibling();
            }
        } else {
            timeStamp = (Timestamp)foundResults.get(0).get(WSSecurityEngineResult.TAG_TIMESTAMP);
        }
        if (timeStamp == null) {
            return;
        }
       
        // Test for replay attacks
        Date created = timeStamp.getCreated();
        DateFormat zulu = new XmlSchemaDateFormat();
        String identifier = zulu.format(created) + "" + Arrays.hashCode(signatureValue);

        if (replayCache.contains(identifier)) {
            throw new WSSecurityException(
                WSSecurityException.ErrorCode.INVALID_SECURITY,
                "invalidTimestamp",
                "A replay attack has been detected");
        }

        // Store the Timestamp/SignatureValue combination in the cache
        Date expires = timeStamp.getExpires();
        if (expires != null) {
            Date rightNow = new Date();
            long currentTime = rightNow.getTime();
            long expiresTime = expires.getTime();
            replayCache.add(identifier, 1L + (expiresTime - currentTime) / 1000L);
View Full Code Here
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
            log.debug("Found Timestamp list element");
        }
        //
        // Decode Timestamp, add the found time (created/expiry) to result
        //
        Timestamp timestamp = new Timestamp(elem, data.getBSPEnforcer());
        Credential credential = new Credential();
        credential.setTimestamp(timestamp);
       
        WSSecurityEngineResult result =
            new WSSecurityEngineResult(WSConstants.TS, timestamp);
        result.put(WSSecurityEngineResult.TAG_ID, timestamp.getID());
       
        Validator validator = data.getValidator(WSSecurityEngine.TIMESTAMP);
        if (validator != null) {
            validator.validate(credential, data);
           
View Full Code Here
83
84
85
86
87
88
89
90
91
92
93
94
95
        List<WSSecurityEngineResult> wsResult = verify(createdDoc, WSSConfig.getNewInstance());
        WSSecurityEngineResult actionResult =
            WSSecurityUtil.fetchActionResult(wsResult, WSConstants.TS);
        assertTrue(actionResult != null);
       
        Timestamp receivedTimestamp =
            (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
        assertTrue(receivedTimestamp != null);
       
        Timestamp clone = new Timestamp(receivedTimestamp.getElement(), new BSPEnforcer(true));
        assertTrue(clone.equals(receivedTimestamp));
        assertTrue(clone.hashCode() == receivedTimestamp.hashCode());
    }
View Full Code Here
121
122
123
124
125
126
127
128
129
        List<WSSecurityEngineResult> wsResult = verify(createdDoc, WSSConfig.getNewInstance());
        WSSecurityEngineResult actionResult =
            WSSecurityUtil.fetchActionResult(wsResult, WSConstants.TS);
        assertTrue(actionResult != null);
       
        Timestamp receivedTimestamp =
            (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
        assertTrue(receivedTimestamp != null);
    }
View Full Code Here
53
54
55
56
57
58
59
60
61
62
63
64
65
66
            timeStampStrict = wssConfig.isTimeStampStrict();
            timeStampTTL = wssConfig.getTimeStampTTL();
            futureTimeToLive = wssConfig.getTimeStampFutureTTL();
        }
       
        Timestamp timeStamp = credential.getTimestamp();
        // Validate whether the security semantics have expired
        if (timeStampStrict && timeStamp.isExpired()
            || !timeStamp.verifyCreated(timeStampTTL, futureTimeToLive)) {
            throw new WSSecurityException(
                WSSecurityException.ErrorCode.MESSAGE_EXPIRED,
                "invalidTimestamp",
                "The security semantics of the message have expired");
        }
View Full Code Here
66
67
68
69
70
71
72
73
74
75
     * value is not suitable.
     *
     * @param doc The SOAP envelope as W3C document
     */
    public void prepare(Document doc) {
        ts = new Timestamp(getWsConfig().isPrecisionInMilliSeconds(), doc,
                           getWsConfig().getCurrentTime(), timeToLive);
        String tsId = getWsConfig().getIdAllocator().createId("TS-", ts);
        ts.setID(tsId);
    }
View Full Code Here
TOP

Related Classes of org.apache.wss4j.dom.message.token.Timestamp

  • org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor
  • org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractBindingPolicyValidator
  • org.apache.wss4j.common.util.WSCurrentTimeSource
  • org.apache.wss4j.dom.handler.CustomTokenTest
  • org.apache.wss4j.dom.message.TimestampTest
  • org.apache.wss4j.dom.message.WSSecTimestamp
  • org.apache.wss4j.dom.processor.SignatureProcessor
  • org.apache.wss4j.dom.processor.TimestampProcessor
  • org.apache.wss4j.dom.util.XmlSchemaDateFormat
  • org.apache.wss4j.dom.validate.TimestampValidator
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.