Examples of SecurityContextToken

Examples of org.apache.wss4j.dom.message.token.SecurityContextToken

46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
    public List<WSSecurityEngineResult> handleToken(
        Element elem,
        RequestData data,
        WSDocInfo wsDocInfo
    ) throws WSSecurityException {
        SecurityContextToken sct = new SecurityContextToken(elem);
       
        Validator validator =
            data.getValidator(new QName(elem.getNamespaceURI(), elem.getLocalName()));

        WSSecurityEngineResult result =
            new WSSecurityEngineResult(WSConstants.SCT, sct);
        if (validator != null) {
            // Hook to allow the user to validate the SecurityContextToken
            Credential credential = new Credential();
            credential.setSecurityContextToken(sct);
           
            Credential returnedCredential = validator.validate(credential, data);
            result.put(WSSecurityEngineResult.TAG_VALIDATED_TOKEN, Boolean.TRUE);
            result.put(WSSecurityEngineResult.TAG_ID, sct.getID());
            result.put(WSSecurityEngineResult.TAG_SECRET, returnedCredential.getSecretKey());
        } else {
            String id = sct.getID();
            if (!"".equals(id) && id.charAt(0) == '#') {
                id = id.substring(1);
            }
            byte[] secret = null;
            try {
                secret = getSecret(data.getCallbackHandler(), sct.getIdentifier());
            } catch (WSSecurityException ex) {
                secret = getSecret(data.getCallbackHandler(), id);
            }
            if (secret == null || secret.length == 0) {
                secret = getSecret(data.getCallbackHandler(), id);
            }
            result.put(WSSecurityEngineResult.TAG_ID, sct.getID());
            result.put(WSSecurityEngineResult.TAG_SECRET, secret);
        }
       
        wsDocInfo.addTokenElement(elem);
        wsDocInfo.addResult(result);
View Full Code Here

Examples of org.apache.wss4j.dom.message.token.SecurityContextToken

126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
            List<WSSecurityEngineResult> results = verify(doc);
           
            WSSecurityEngineResult actionResult =
                WSSecurityUtil.fetchActionResult(results, WSConstants.SCT);
            SecurityContextToken receivedToken =
                (SecurityContextToken) actionResult.get(WSSecurityEngineResult.TAG_SECURITY_CONTEXT_TOKEN);
            assertTrue(receivedToken != null);
            assertTrue(WSConstants.WSC_SCT_05_12.equals(receivedToken.getTokenType()));
           
            SecurityContextToken clone = new SecurityContextToken(receivedToken.getElement());
            assertTrue(clone.equals(receivedToken));
            assertTrue(clone.hashCode() == receivedToken.hashCode());
           
        } catch (Exception e) {
            e.printStackTrace();
            fail(e.getMessage());
        }
View Full Code Here

Examples of org.apache.wss4j.dom.message.token.SecurityContextToken

176
177
178
179
180
181
182
183
184
185
186
187
188
189
            List<WSSecurityEngineResult> results = verify(doc);
           
            WSSecurityEngineResult actionResult =
                WSSecurityUtil.fetchActionResult(results, WSConstants.SCT);
            SecurityContextToken receivedToken =
                (SecurityContextToken) actionResult.get(WSSecurityEngineResult.TAG_SECURITY_CONTEXT_TOKEN);
            assertTrue(receivedToken != null);
            assertTrue(WSConstants.WSC_SCT_05_12.equals(receivedToken.getTokenType()));
           
        } catch (Exception e) {
            e.printStackTrace();
            fail(e.getMessage());
        }
View Full Code Here

Examples of org.apache.wss4j.policy.model.SecurityContextToken

50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
                               AbstractToken abstractToken) throws WSSPolicyException {
        if (!(tokenSecurityEvent instanceof SecurityContextTokenSecurityEvent)) {
            throw new WSSPolicyException("Expected a SecurityContextTokenSecurityEvent but got " + tokenSecurityEvent.getClass().getName());
        }
        SecurityContextTokenSecurityEvent securityContextTokenSecurityEvent = (SecurityContextTokenSecurityEvent) tokenSecurityEvent;
        SecurityContextToken securityContextToken = (SecurityContextToken) abstractToken;

        if (securityContextToken.getIssuerName() != null && !securityContextToken.getIssuerName().equals(securityContextTokenSecurityEvent.getIssuerName())) {
            setErrorMessage("IssuerName in Policy (" + securityContextToken.getIssuerName() + ") didn't match with the one in the SecurityContextToken (" + securityContextTokenSecurityEvent.getIssuerName() + ")");
            return false;
        }
        if (securityContextToken.isRequireExternalUriReference() && !securityContextTokenSecurityEvent.isExternalUriRef()) {
            setErrorMessage("Policy enforces externalUriRef but we didn't got one");
            return false;
        }
        //todo sp:SC13SecurityContextToken:
        //always return true to prevent false alarm in case additional tokens with the same usage
View Full Code Here

Examples of org.apache.wss4j.policy.model.SecurityContextToken

41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
    public SecurityContextTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted,
                                              PolicyAsserter policyAsserter, boolean initiator) {
        super(assertion, asserted, policyAsserter, initiator);
       
        if (asserted) {
            SecurityContextToken token = (SecurityContextToken) getAssertion();
            String namespace = token.getName().getNamespaceURI();
            if (token.isRequireExternalUriReference()) {
                getPolicyAsserter().assertPolicy(new QName(namespace, SPConstants.REQUIRE_EXTERNAL_URI_REFERENCE));
            }
            if (token.isSc10SecurityContextToken()) {
                getPolicyAsserter().assertPolicy(new QName(namespace, SPConstants.SC10_SECURITY_CONTEXT_TOKEN));
            }
            if (token.isSc13SecurityContextToken()) {
                getPolicyAsserter().assertPolicy(new QName(namespace, SPConstants.SC13_SECURITY_CONTEXT_TOKEN));
            }
        }
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.