Examples of SecurityToken

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
        Bus bus = bf.createBus(busFile.toString());
        SpringBusFactory.setDefaultBus(bus);
        SpringBusFactory.setThreadDefaultBus(bus);

        // Get a token
        SecurityToken token =
            requestSecurityToken(SAML1_TOKEN_TYPE, SYMMETRIC_KEY_KEYTYPE, bus, DEFAULT_ADDRESS);
        assertTrue(token.getSecret() != null && token.getSecret().length > 0);
        assertTrue(SAML1_TOKEN_TYPE.equals(token.getTokenType()));
        assertTrue(token.getToken() != null);
       
        // Process the token
        List<WSSecurityEngineResult> results = processToken(token);

        assertTrue(results != null && results.size() == 1);
View Full Code Here

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
        Bus bus = bf.createBus(busFile.toString());
        SpringBusFactory.setDefaultBus(bus);
        SpringBusFactory.setThreadDefaultBus(bus);

        // Get a token
        SecurityToken token =
            requestSecurityToken(SAML2_TOKEN_TYPE, PUBLIC_KEY_KEYTYPE, bus, DEFAULT_ADDRESS);
        assertTrue(token.getSecret() == null && token.getX509Certificate() != null);
        assertTrue(SAML2_TOKEN_TYPE.equals(token.getTokenType()));
        assertTrue(token.getToken() != null);
       
        // Process the token
        List<WSSecurityEngineResult> results = processToken(token);
        assertTrue(results != null && results.size() == 1);
        AssertionWrapper assertion =
View Full Code Here

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

202
203
204
205
206
207
208
209
210
211
212
213
214
215
        Bus bus = bf.createBus(busFile.toString());
        SpringBusFactory.setDefaultBus(bus);
        SpringBusFactory.setThreadDefaultBus(bus);

        // Get a token
        SecurityToken token =
            requestSecurityToken(SAML1_TOKEN_TYPE, BEARER_KEYTYPE, bus, DEFAULT_ADDRESS);
        assertTrue(SAML1_TOKEN_TYPE.equals(token.getTokenType()));
        assertTrue(token.getToken() != null);
       
        // Process the token
        List<WSSecurityEngineResult> results = processToken(token);
        assertTrue(results != null && results.size() == 1);
        AssertionWrapper assertion =
View Full Code Here

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
        Bus bus = bf.createBus(busFile.toString());
        SpringBusFactory.setDefaultBus(bus);
        SpringBusFactory.setThreadDefaultBus(bus);
       
        // Get a token
        SecurityToken token =
            requestSecurityToken(
                SAML2_TOKEN_TYPE, BEARER_KEYTYPE, null, bus, DEFAULT_ADDRESS, null, null, null, null
            );
        assertTrue(SAML2_TOKEN_TYPE.equals(token.getTokenType()));
        assertTrue(token.getToken() != null);
       
        // Process the token
        List<WSSecurityEngineResult> results = processToken(token);
        assertTrue(results != null && results.size() == 1);
        AssertionWrapper assertion =
View Full Code Here

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

301
302
303
304
305
306
307
308
309
310
311
312
313
314
        SpringBusFactory.setDefaultBus(bus);
        SpringBusFactory.setThreadDefaultBus(bus);

        // Get a token
        String context = "AuthenticationContext";
        SecurityToken token =
            requestSecurityToken(SAML1_TOKEN_TYPE, BEARER_KEYTYPE, bus, DEFAULT_ADDRESS, context);
        assertTrue(SAML1_TOKEN_TYPE.equals(token.getTokenType()));
        assertTrue(token.getToken() != null);
       
        // Process the token
        List<WSSecurityEngineResult> results = processToken(token);
        assertTrue(results != null && results.size() == 1);
        AssertionWrapper assertion =
View Full Code Here

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

338
339
340
341
342
343
344
345
346
347
348
349
350
351
        Bus bus = bf.createBus(busFile.toString());
        SpringBusFactory.setDefaultBus(bus);
        SpringBusFactory.setThreadDefaultBus(bus);

        // Get a token
        SecurityToken token =
            requestSecurityTokenTTL(SAML1_TOKEN_TYPE, BEARER_KEYTYPE, bus, DEFAULT_ADDRESS);
        assertTrue(SAML1_TOKEN_TYPE.equals(token.getTokenType()));
        assertTrue(token.getToken() != null);
       
        // Process the token
        List<WSSecurityEngineResult> results = processToken(token);
        assertTrue(results != null && results.size() == 1);
        AssertionWrapper assertion =
View Full Code Here

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
        }
        if (id == null) {
            id = samlToken.getAttributeNS(WSConstants.WSU_NS, "Id");
        }
               
        SecurityToken wstoken = new SecurityToken(id, samlToken, null, null);
        Map<String, Object> properties = new HashMap<String, Object>();
        properties.put(SecurityConstants.TOKEN, wstoken);
        properties.put(SecurityConstants.TOKEN_ID, wstoken.getId());
       
        // Get a token
       
        SecurityToken token =
            requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, null,
                    bus, DEFAULT_ADDRESS, null, properties, "b-issuer", "Transport_SAML_Port");
       
        /*
        SecurityToken token =
                requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, null,
                        bus, DEFAULT_ADDRESS, null, properties, "b-issuer", null);
                        */
        assertTrue(SAML2_TOKEN_TYPE.equals(token.getTokenType()));
        assertTrue(token.getToken() != null);
       
        List<WSSecurityEngineResult> results = processToken(token);
        assertTrue(results != null && results.size() == 1);
        AssertionWrapper assertion =
            (AssertionWrapper)results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
View Full Code Here

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
                return response;
            }
           
            // See if the UsernameToken is stored in the cache
            int hash = ut.hashCode();
            SecurityToken secToken = null;
            if (tokenParameters.getTokenStore() != null) {
                secToken = tokenParameters.getTokenStore().getToken(Integer.toString(hash));
                if (secToken != null && secToken.getTokenHash() != hash) {
                    secToken = null;
                }
            }
           
            if (secToken == null) {
                Credential credential = new Credential();
                credential.setUsernametoken(ut);
                validator.validate(credential, requestData);
            }
           
            Principal principal =
                createPrincipal(
                    ut.getName(), ut.getPassword(), ut.getPasswordType(), ut.getNonce(), ut.getCreated()
                );
           
            // Get the realm of the UsernameToken
            String tokenRealm = null;
            if (usernameTokenRealmCodec != null) {
                tokenRealm = usernameTokenRealmCodec.getRealmFromToken(ut);
                // verify the realm against the cached token
                if (secToken != null) {
                    Properties props = secToken.getProperties();
                    if (props != null) {
                        String cachedRealm = props.getProperty(STSConstants.TOKEN_REALM);
                        if (!tokenRealm.equals(cachedRealm)) {
                            return response;
                        }
                    }
                }
            }
           
            // Store the successfully validated token in the cache
            if (tokenParameters.getTokenStore() != null && secToken == null) {
                secToken = new SecurityToken(ut.getID());
                secToken.setToken(ut.getElement());
                int hashCode = ut.hashCode();
                String identifier = Integer.toString(hashCode);
                secToken.setTokenHash(hashCode);
                tokenParameters.getTokenStore().add(identifier, secToken);
            }
           
            response.setPrincipal(principal);
            response.setTokenRealm(tokenRealm);
View Full Code Here

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
            // Verify the signature
            assertion.verifySignature(
                requestData, new WSDocInfo(validateTargetElement.getOwnerDocument())
            );
               
            SecurityToken secToken = null;
            byte[] signatureValue = assertion.getSignatureValue();
            if (tokenParameters.getTokenStore() != null && signatureValue != null
                && signatureValue.length > 0) {
                int hash = Arrays.hashCode(signatureValue);
                secToken = tokenParameters.getTokenStore().getToken(Integer.toString(hash));
                if (secToken != null && secToken.getTokenHash() != hash) {
                    secToken = null;
                }
            }
            if (secToken != null && secToken.isExpired()) {
                LOG.fine("Token: " + secToken.getId() + " is in the cache but expired - revalidating");
                secToken = null;
            }
           
            if (secToken == null) {
                // Validate the assertion against schemas/profiles
                validateAssertion(assertion);

                // Now verify trust on the signature
                Credential trustCredential = new Credential();
                SAMLKeyInfo samlKeyInfo = assertion.getSignatureKeyInfo();
                trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
                trustCredential.setCertificates(samlKeyInfo.getCerts());
   
                trustCredential = validator.validate(trustCredential, requestData);

                // Finally check that subject DN of the signing certificate matches a known constraint
                X509Certificate cert = null;
                if (trustCredential.getCertificates() != null) {
                    cert = trustCredential.getCertificates()[0];
                }
               
                if (!certConstraints.matches(cert)) {
                    return response;
                }
            }
           
            // Parse roles from the validated token
            if (samlRoleParser != null) {
                Set<Principal> roles =
                    samlRoleParser.parseRolesFromAssertion(samlPrincipal, null, assertion);
                response.setRoles(roles);
            }
          
            // Get the realm of the SAML token
            String tokenRealm = null;
            if (samlRealmCodec != null) {
                tokenRealm = samlRealmCodec.getRealmFromToken(assertion);
                // verify the realm against the cached token
                if (secToken != null) {
                    Properties props = secToken.getProperties();
                    if (props != null) {
                        String cachedRealm = props.getProperty(STSConstants.TOKEN_REALM);
                        if (cachedRealm != null && !tokenRealm.equals(cachedRealm)) {
                            return response;
                        }
View Full Code Here

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
                validTill = assertion.getSaml2().getConditions().getNotOnOrAfter();
            } else {
                validTill = assertion.getSaml1().getConditions().getNotOnOrAfter();
            }
           
            SecurityToken securityToken = new SecurityToken(assertion.getId(), null, validTill.toDate());
            securityToken.setToken(assertion.getElement());
            securityToken.setPrincipal(principal);
           
            if (tokenRealm != null) {
                Properties props = new Properties();
                props.setProperty(STSConstants.TOKEN_REALM, tokenRealm);
                securityToken.setProperties(props);
            }

            int hash = Arrays.hashCode(signatureValue);
            securityToken.setTokenHash(hash);
            String identifier = Integer.toString(hash);
            tokenStore.add(identifier, securityToken);
        }
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.