Examples of PasswordCallbackHandler

Examples of org.apache.cxf.sts.common.PasswordCallbackHandler

367
368
369
370
371
372
373
374
375
376
377
        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
        stsProperties.setEncryptionCrypto(crypto);
        stsProperties.setSignatureCrypto(crypto);
        stsProperties.setEncryptionUsername("myservicekey");
        stsProperties.setSignatureUsername("mystskey");
        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
        stsProperties.setIssuer("STS");
        issueOperation.setStsProperties(stsProperties);
       
        // Mock up a request
        RequestSecurityTokenType request = new RequestSecurityTokenType();
View Full Code Here

Examples of org.apache.cxf.sts.common.PasswordCallbackHandler

439
440
441
442
443
444
445
446
447
448
449
        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
        stsProperties.setEncryptionCrypto(crypto);
        stsProperties.setSignatureCrypto(crypto);
        stsProperties.setEncryptionUsername("myservicekey");
        stsProperties.setSignatureUsername("mystskey");
        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
        stsProperties.setIssuer("STS");
        issueOperation.setStsProperties(stsProperties);
       
        // Mock up a request
        RequestSecurityTokenType request = new RequestSecurityTokenType();
View Full Code Here

Examples of org.apache.cxf.sts.common.PasswordCallbackHandler

530
531
532
533
534
535
536
537
538
539
540
        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
        stsProperties.setEncryptionCrypto(crypto);
        stsProperties.setSignatureCrypto(crypto);
        stsProperties.setEncryptionUsername("myservicekey");
        stsProperties.setSignatureUsername("mystskey");
        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
        stsProperties.setIssuer("STS");
        issueOperation.setStsProperties(stsProperties);
       
        // Mock up a request
        RequestSecurityTokenType request = new RequestSecurityTokenType();
View Full Code Here

Examples of org.apache.cxf.sts.common.PasswordCallbackHandler

628
629
630
631
632
633
634
635
636
637
638
        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
        stsProperties.setEncryptionCrypto(crypto);
        stsProperties.setSignatureCrypto(crypto);
        stsProperties.setEncryptionUsername("myservicekey");
        stsProperties.setSignatureUsername("mystskey");
        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
        stsProperties.setIssuer("STS");
        issueOperation.setStsProperties(stsProperties);
       
        // Mock up a request
        RequestSecurityTokenType request = new RequestSecurityTokenType();
View Full Code Here

Examples of org.apache.cxf.sts.common.PasswordCallbackHandler

720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
        stsProperties.setEncryptionCrypto(crypto);
        stsProperties.setSignatureCrypto(crypto);
        stsProperties.setEncryptionUsername("myservicekey");
        stsProperties.setSignatureUsername("mystskey");
        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
        stsProperties.setIssuer("STS");
        issueOperation.setStsProperties(stsProperties);
       
        // Mock up a request
        RequestSecurityTokenType request = new RequestSecurityTokenType();
        JAXBElement<String> tokenType =
            new JAXBElement<String>(
                QNameConstants.TOKEN_TYPE, String.class, WSConstants.WSS_SAML2_TOKEN_TYPE
            );
        request.getAny().add(tokenType);
        JAXBElement<String> keyType =
            new JAXBElement<String>(
                QNameConstants.KEY_TYPE, String.class, STSConstants.SYMMETRIC_KEY_KEYTYPE
            );
        request.getAny().add(keyType);
        request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
       
        // Mock up message context
        MessageImpl msg = new MessageImpl();
        WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
        msgCtx.put(
            SecurityContext.class.getName(),
            createSecurityContext(new CustomTokenPrincipal("alice"))
        );
        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
       
        // Now add Entropy
        WSSecEncryptedKey builder = new WSSecEncryptedKey();
        builder.setUserInfo("mystskey");
        builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
        builder.setKeyEncAlgo(WSConstants.KEYTRANSPORT_RSAOEP);
       
        Document doc = DOMUtils.createDocument();
        builder.prepare(doc, stsProperties.getSignatureCrypto());
        Element encryptedKeyElement = builder.getEncryptedKeyElement();
        byte[] secret = builder.getEphemeralKey();
       
        EntropyType entropyType = new EntropyType();
        entropyType.getAny().add(encryptedKeyElement);
        JAXBElement<EntropyType> entropyJaxbType =
            new JAXBElement<EntropyType>(QNameConstants.ENTROPY, EntropyType.class, entropyType);
        request.getAny().add(entropyJaxbType);
       
        RequestSecurityTokenResponseCollectionType response =
            issueOperation.issue(request, webServiceContext);
        List<RequestSecurityTokenResponseType> securityTokenResponse =
            response.getRequestSecurityTokenResponse();
        assertTrue(!securityTokenResponse.isEmpty());
       
        // Test the generated token.
        Element assertion = null;
        for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
            if (tokenObject instanceof JAXBElement<?>
                && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>)tokenObject).getName())) {
                RequestedSecurityTokenType rstType =
                    (RequestedSecurityTokenType)((JAXBElement<?>)tokenObject).getValue();
                assertion = (Element)rstType.getAny();
            }
        }
       
        assertNotNull(assertion);
        String tokenString = DOM2Writer.nodeToString(assertion);
        assertTrue(tokenString.contains("AttributeStatement"));
        assertTrue(tokenString.contains("alice"));
        assertFalse(tokenString.contains(SAML2Constants.CONF_BEARER));
        assertTrue(tokenString.contains(SAML2Constants.CONF_HOLDER_KEY));
       
        // Test that the (encrypted) secret sent in Entropy was used in the SAML Subject KeyInfo
        AssertionWrapper assertionWrapper = new AssertionWrapper(assertion);
        RequestData data = new RequestData();
       
        Properties properties = new Properties();
        properties.put(
            "org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin"
        );
        properties.put("org.apache.ws.security.crypto.merlin.keystore.password", "sspass");
        properties.put("org.apache.ws.security.crypto.merlin.keystore.file", "servicestore.jks");
       
        data.setDecCrypto(CryptoFactory.getInstance(properties));
        data.setCallbackHandler(new PasswordCallbackHandler());
        data.setWssConfig(WSSConfig.getNewInstance());
       
        assertionWrapper.parseHOKSubject(data, new WSDocInfo(assertion.getOwnerDocument()));
        SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo();
        assertTrue(Arrays.equals(secret, samlKeyInfo.getSecret()));
View Full Code Here

Examples of org.apache.geronimo.security.realm.providers.PasswordCallbackHandler

262
263
264
265
266
267
268
269
     *                    username
     */
    public Principal authenticate(String username, String credentials) {

        char[] cred = credentials == null ? null : credentials.toCharArray();
        CallbackHandler callbackHandler = new PasswordCallbackHandler(username, cred);
        return authenticate(callbackHandler, username);
    }
View Full Code Here

Examples of org.apache.geronimo.security.realm.providers.PasswordCallbackHandler

71
72
73
74
75
76
77
78
79
80
81
82
83
84
                }

                ClearableCallbackHandler callbackHandler;
                if (credentials instanceof char[]) {
                    char[] password = (char[]) credentials;
                    callbackHandler = new PasswordCallbackHandler(username, password);
                } else if (credentials instanceof String) {
                    char[] password = ((String) credentials).toCharArray();
                    callbackHandler = new PasswordCallbackHandler(username, password);
                } else if (credentials instanceof X509Certificate[]) {
                    X509Certificate[] certs = (X509Certificate[]) credentials;
                    if (certs.length < 1) {
                        throw new LoginException("no certificates supplied");
                    }
View Full Code Here

Examples of org.apache.geronimo.security.realm.providers.PasswordCallbackHandler

263
264
265
266
267
268
269
270
     *                    username
     */
    public Principal authenticate(String username, String credentials) {

        char[] cred = credentials == null? null: credentials.toCharArray();
        CallbackHandler callbackHandler = new PasswordCallbackHandler(username, cred);
        return authenticate(callbackHandler, username);
    }
View Full Code Here

Examples of org.apache.geronimo.security.realm.providers.PasswordCallbackHandler

71
72
73
74
75
76
77
78
79
80
81
82
83
84
            }

            ClearableCallbackHandler callbackHandler;
            if (credentials instanceof char[]) {
                char[] password = (char[]) credentials;
                callbackHandler = new PasswordCallbackHandler(username, password);
            } else if (credentials instanceof String) {
                char[] password = ((String) credentials).toCharArray();
                callbackHandler = new PasswordCallbackHandler(username, password);
            } else if (credentials instanceof X509Certificate[]) {
                X509Certificate[] certs = (X509Certificate[]) credentials;
                if (certs.length < 1) {
                    throw new LoginException("no certificates supplied");
                }
View Full Code Here

Examples of org.apache.geronimo.security.realm.providers.PasswordCallbackHandler

269
270
271
272
273
274
275
276
     *                    username
     */
    public Principal authenticate(String username, String credentials) {

        char[] cred = credentials == null? null: credentials.toCharArray();
        CallbackHandler callbackHandler = new PasswordCallbackHandler(username, cred);
        return authenticate(callbackHandler, username);
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.