Examples of STSPropertiesMBean

Examples of org.apache.cxf.sts.STSPropertiesMBean

92
93
94
95
96
97
98
99
100
101
102
103
104
    /**
     * Validate a Token using the given TokenValidatorParameters.
     */
    public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters) {
        LOG.fine("Validating X.509 Token");
        STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
        Crypto sigCrypto = stsProperties.getSignatureCrypto();
        CallbackHandler callbackHandler = stsProperties.getCallbackHandler();

        RequestData requestData = new RequestData();
        requestData.setSigCrypto(sigCrypto);
        requestData.setWssConfig(WSSConfig.getNewInstance());
        requestData.setCallbackHandler(callbackHandler);
View Full Code Here

Examples of org.apache.cxf.sts.STSPropertiesMBean

473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
        Element token = providerResponse.getToken();
        String tokenString = DOM2Writer.nodeToString(token);
        assertFalse(tokenString.contains(WSConstants.C14N_EXCL_WITH_COMMENTS));
        assertTrue(tokenString.contains(WSConstants.C14N_EXCL_OMIT_COMMENTS));
       
        STSPropertiesMBean stsProperties = providerParameters.getStsProperties();
        SignatureProperties sigProperties = new SignatureProperties();
        List<String> acceptedC14nAlgorithms = new ArrayList<String>();
        acceptedC14nAlgorithms.add(WSConstants.C14N_EXCL_OMIT_COMMENTS);
        acceptedC14nAlgorithms.add(WSConstants.C14N_EXCL_WITH_COMMENTS);
        sigProperties.setAcceptedC14nAlgorithms(acceptedC14nAlgorithms);
        stsProperties.setSignatureProperties(sigProperties);
       
        // This will succeed as the requested c14n algorithm is accepted
        providerResponse = samlTokenProvider.createToken(providerParameters);
        assertTrue(providerResponse != null);
        assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
View Full Code Here

Examples of org.apache.cxf.sts.STSPropertiesMBean

518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
        Element token = providerResponse.getToken();
        String tokenString = DOM2Writer.nodeToString(token);
        assertFalse(tokenString.contains(signatureAlgorithm));
        assertTrue(tokenString.contains(WSConstants.RSA_SHA1));
       
        STSPropertiesMBean stsProperties = providerParameters.getStsProperties();
        SignatureProperties sigProperties = new SignatureProperties();
        List<String> acceptedSignatureAlgorithms = new ArrayList<String>();
        acceptedSignatureAlgorithms.add(signatureAlgorithm);
        acceptedSignatureAlgorithms.add(WSConstants.RSA_SHA1);
        sigProperties.setAcceptedSignatureAlgorithms(acceptedSignatureAlgorithms);
        stsProperties.setSignatureProperties(sigProperties);
       
        // This will succeed as the requested signature algorithm is accepted
        providerResponse = samlTokenProvider.createToken(providerParameters);
        assertTrue(providerResponse != null);
        assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
View Full Code Here

Examples of org.apache.cxf.sts.STSPropertiesMBean

52
53
54
55
56
57
58
59
60
61
62
63
   
    public SymmetricKeyHandler(TokenProviderParameters tokenParameters) {
        KeyRequirements keyRequirements = tokenParameters.getKeyRequirements();
       
        keySize = Long.valueOf(keyRequirements.getKeySize()).intValue();
        STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
        SignatureProperties signatureProperties = stsProperties.getSignatureProperties();
       
        // Test EncryptWith
        String encryptWith = keyRequirements.getEncryptWith();
        if (encryptWith != null) {
            if ((WSConstants.AES_128.equals(encryptWith) || WSConstants.AES_128_GCM.equals(encryptWith))
View Full Code Here

Examples of org.apache.cxf.sts.STSPropertiesMBean

306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
    /**
     * @param issueOperation
     * @throws WSSecurityException
     */
    private void addSTSProperties(TokenIssueOperation issueOperation) throws WSSecurityException {
        STSPropertiesMBean stsProperties = new StaticSTSProperties();
        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
        stsProperties.setEncryptionCrypto(crypto);
        stsProperties.setSignatureCrypto(crypto);
        stsProperties.setEncryptionUsername("myservicekey");
        stsProperties.setSignatureUsername("mystskey");
        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
        stsProperties.setIssuer("STS");
        issueOperation.setStsProperties(stsProperties);
    }
View Full Code Here

Examples of org.apache.cxf.sts.STSPropertiesMBean

451
452
453
454
455
456
457
458
459
460
461
462
463
464
        Relationship rs = createRelationship();
        relationshipList.add(rs);
       
        // Add STSProperties object
        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
        STSPropertiesMBean stsProperties = createSTSPropertiesMBean(crypto);
        stsProperties.setRealmParser(new CustomRealmParser());
        stsProperties.setIdentityMapper(new CustomIdentityMapper());
        stsProperties.setRelationships(relationshipList);
        issueOperation.setStsProperties(stsProperties);
       
        // Set the ClaimsManager
        ClaimsManager claimsManager = new ClaimsManager();
        ClaimsHandler claimsHandler = new CustomClaimsHandler();
View Full Code Here

Examples of org.apache.cxf.sts.STSPropertiesMBean

601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
        rs.setIdentityMapper(new CustomIdentityMapper());
        relationshipList.add(rs);
       
        // Add STSProperties object
        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
        STSPropertiesMBean stsProperties = createSTSPropertiesMBean(crypto);
        stsProperties.setRealmParser(new CustomRealmParser());
       
        if (useGlobalIdentityMapper) {
            stsProperties.setIdentityMapper(new CustomIdentityMapper());
        } else {
            stsProperties.setRelationships(relationshipList);
       

        issueOperation.setStsProperties(stsProperties);
       
        // Set the ClaimsManager
View Full Code Here

Examples of org.apache.cxf.sts.STSPropertiesMBean

709
710
711
712
713
714
715
716
717
718
719
720
721
722
   
    /*
     * Create STSPropertiesMBean object
     */
    private STSPropertiesMBean createSTSPropertiesMBean(Crypto crypto) throws WSSecurityException {
        STSPropertiesMBean stsProperties = new StaticSTSProperties();
        stsProperties.setEncryptionCrypto(crypto);
        stsProperties.setSignatureCrypto(crypto);
        stsProperties.setEncryptionUsername("myservicekey");
        stsProperties.setSignatureUsername("mystskey");
        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
        stsProperties.setIssuer("STS");
        return stsProperties;
    }
View Full Code Here

Examples of org.apache.cxf.sts.STSPropertiesMBean

110
111
112
113
114
115
116
117
118
119
120
121
122
    /**
     * Validate a Token using the given TokenValidatorParameters.
     */
    public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters) {
        LOG.fine("Validating UsernameToken");
        STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
        Crypto sigCrypto = stsProperties.getSignatureCrypto();
        CallbackHandler callbackHandler = stsProperties.getCallbackHandler();

        RequestData requestData = new RequestData();
        requestData.setSigCrypto(sigCrypto);
        WSSConfig wssConfig = WSSConfig.getNewInstance();
        requestData.setWssConfig(wssConfig);
View Full Code Here

Examples of org.apache.cxf.sts.STSPropertiesMBean

83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
    public SubjectBean getSubject(
        TokenProviderParameters providerParameters, Document doc, byte[] secret
    ) {
        TokenRequirements tokenRequirements = providerParameters.getTokenRequirements();
        KeyRequirements keyRequirements = providerParameters.getKeyRequirements();
        STSPropertiesMBean stsProperties = providerParameters.getStsProperties();

        String tokenType = tokenRequirements.getTokenType();
        String keyType = keyRequirements.getKeyType();
        String confirmationMethod = getSubjectConfirmationMethod(tokenType, keyType);
       
        Principal principal = null;
        ReceivedToken receivedToken = null;
        //[TODO] ActAs support
        //TokenValidator in IssueOperation has validated the ReceivedToken
        //if validation was successful, the principal was set in ReceivedToken
        if (providerParameters.getTokenRequirements().getOnBehalfOf() != null) {
            receivedToken = providerParameters.getTokenRequirements().getOnBehalfOf();   
            if (receivedToken.getState().equals(STATE.VALID)) {
                principal = receivedToken.getPrincipal();
            }
        } else if (providerParameters.getTokenRequirements().getValidateTarget() != null) {
            receivedToken = providerParameters.getTokenRequirements().getValidateTarget();
            if (receivedToken.getState().equals(STATE.VALID)) {
                principal = receivedToken.getPrincipal();
            }
        } else {
            principal = providerParameters.getPrincipal();
        }
       
        if (principal == null) {
            LOG.fine("Error in getting principal");
            throw new STSException("Error in getting principal", STSException.REQUEST_FAILED);
        }
       
        SubjectBean subjectBean =
            new SubjectBean(principal.getName(), subjectNameQualifier, confirmationMethod);
        LOG.fine("Creating new subject with principal name: " + principal.getName());
        if (subjectNameIDFormat != null && subjectNameIDFormat.length() > 0) {
            subjectBean.setSubjectNameIDFormat(subjectNameIDFormat);
        }
       
        if (STSConstants.SYMMETRIC_KEY_KEYTYPE.equals(keyType)) {
            Crypto crypto = stsProperties.getEncryptionCrypto();
            CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
            EncryptionProperties encryptionProperties = providerParameters.getEncryptionProperties();
            String encryptionName = encryptionProperties.getEncryptionName();
            if (encryptionName == null) {
                // Fall back on the STS encryption name
                encryptionName = stsProperties.getEncryptionUsername();
            }
            if (encryptionName == null) {
                LOG.fine("No encryption Name is configured for Symmetric KeyType");
                throw new STSException("No Encryption Name is configured", STSException.REQUEST_FAILED);
            }
            cryptoType.setAlias(encryptionName);
            try {
                X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
                if (certs == null || certs.length <= 0) {
                    new STSException("Encryption certificate is not found for alias: " + encryptionName,
                                     STSException.REQUEST_FAILED);
                }
                KeyInfoBean keyInfo =
                    createKeyInfo(certs[0], secret, doc, encryptionProperties, crypto);
                subjectBean.setKeyInfo(keyInfo);
            } catch (WSSecurityException ex) {
                LOG.log(Level.WARNING, "", ex);
                throw new STSException(ex.getMessage(), ex);
            }
        } else if (STSConstants.PUBLIC_KEY_KEYTYPE.equals(keyType)) {
            ReceivedKey receivedKey = keyRequirements.getReceivedKey();
           
            // Validate UseKey trust
            if (stsProperties.isValidateUseKey() && stsProperties.getSignatureCrypto() != null) {
                if (receivedKey.getX509Cert() != null) {
                    try {
                        if (!stsProperties.getSignatureCrypto().verifyTrust(
                            new X509Certificate[]{receivedKey.getX509Cert()}, false)) {
                            LOG.log(Level.FINE, "Error in trust validation of UseKey");
                            throw new STSException("Error in trust validation of UseKey", STSException.REQUEST_FAILED);
                        }
                    } catch (WSSecurityException e) {
                        LOG.log(Level.FINE, "Error in trust validation of UseKey: ", e);
                        throw new STSException("Error in trust validation of UseKey", STSException.REQUEST_FAILED);
                    }
                }
                if (receivedKey.getPublicKey() != null) {
                    try {
                        if (!stsProperties.getSignatureCrypto().verifyTrust(receivedKey.getPublicKey())) {
                            LOG.log(Level.FINE, "Error in trust validation of UseKey");
                            throw new STSException("Error in trust validation of UseKey", STSException.REQUEST_FAILED);
                        }
                    } catch (WSSecurityException e) {
                        LOG.log(Level.FINE, "Error in trust validation of UseKey: ", e);
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.