Java Code Examples for org.apache.ws.security.WSConstants#UT

The following examples show how to use org.apache.ws.security.WSConstants#UT . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 6 votes vote down vote up
/**
 * Scan through <code>WSHandlerResult<code> list for a Username token and return
 * the username if a Username Token found 
 * @param results
 * @return
 */
public static String getUsername(List<WSHandlerResult> results) {
    /*
     * Scan the results for a matching actor. Use results only if the
     * receiving Actor and the sending Actor match.
     */
    for (WSHandlerResult rResult : results) {
        List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
        /*
         * Scan the results for a username token. Use the username
         * of this token to set the alias for the encryption user
         */
        for (WSSecurityEngineResult wser : wsSecEngineResults) {
            Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
            if (actInt.intValue() == WSConstants.UT) {
                WSUsernameTokenPrincipal principal 
                    = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                return principal.getName();
            }
        }
    }
     
    return null;
}
 
Example 2
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 6 votes vote down vote up
/**
 * Scan through <code>WSHandlerResult<code> list for a Username token and return
 * the username if a Username Token found 
 * @param results
 * @return
 */
public static String getUsername(List<WSHandlerResult> results) {
    /*
     * Scan the results for a matching actor. Use results only if the
     * receiving Actor and the sending Actor match.
     */
    for (WSHandlerResult rResult : results) {
        List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
        /*
         * Scan the results for a username token. Use the username
         * of this token to set the alias for the encryption user
         */
        for (WSSecurityEngineResult wser : wsSecEngineResults) {
            Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
            if (actInt.intValue() == WSConstants.UT) {
                WSUsernameTokenPrincipal principal 
                    = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                return principal.getName();
            }
        }
    }
     
    return null;
}
 
Example 3
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 6 votes vote down vote up
/**
 * Scan through <code>WSHandlerResult<code> list for a Username token and return
 * the username if a Username Token found 
 * @param results
 * @return
 */
public static String getUsername(List<WSHandlerResult> results) {
    /*
     * Scan the results for a matching actor. Use results only if the
     * receiving Actor and the sending Actor match.
     */
    for (WSHandlerResult rResult : results) {
        List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
        /*
         * Scan the results for a username token. Use the username
         * of this token to set the alias for the encryption user
         */
        for (WSSecurityEngineResult wser : wsSecEngineResults) {
            Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
            if (actInt.intValue() == WSConstants.UT) {
                WSUsernameTokenPrincipal principal 
                    = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                return principal.getName();
            }
        }
    }
     
    return null;
}
 
Example 4
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 6 votes vote down vote up
/**
 * Scan through <code>WSHandlerResult<code> list for a Username token and return
 * the username if a Username Token found 
 * @param results
 * @return
 */
public static String getUsername(List<WSHandlerResult> results) {
    /*
     * Scan the results for a matching actor. Use results only if the
     * receiving Actor and the sending Actor match.
     */
    for (WSHandlerResult rResult : results) {
        List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
        /*
         * Scan the results for a username token. Use the username
         * of this token to set the alias for the encryption user
         */
        for (WSSecurityEngineResult wser : wsSecEngineResults) {
            Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
            if (actInt.intValue() == WSConstants.UT) {
                WSUsernameTokenPrincipal principal 
                    = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
                return principal.getName();
            }
        }
    }
     
    return null;
}
 
Example 5
Source File: WSS4JUtil.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * Returns the UsernameTokenPrincipal from the security results.
 *
 * @param mc The message context of the message
 * @return the UsernameTokenPrincipal from the security results as an
 * <code>org.apache.ws.security.WSUsernameTokenPrincipal</code>.
 * If a wsse:UsernameToken was not present in the wsse:Security header then
 * <code>null</code> will be returned.
 * @throws Exception If there are no security results.
 * @see org.apache.ws.security.WSUsernameTokenPrincipal
 */
public static WSUsernameTokenPrincipal getUsernameTokenPrincipal(
        MessageContext mc) throws Exception {

    Vector results;
    if ((results = (Vector) mc.getProperty(WSHandlerConstants.RECV_RESULTS)) == null) {
        throw new Exception("No security results available in the message context");
    } else {
        for (int i = 0; i < results.size(); i++) {
            WSHandlerResult rResult = (WSHandlerResult) results.get(i);
            Vector wsSecEngineResults = rResult.getResults();
            for (int j = 0; j < wsSecEngineResults.size(); j++) {
                WSSecurityEngineResult wser =
                        (WSSecurityEngineResult) wsSecEngineResults.get(j);

                Integer actInt = (Integer) wser
                        .get(WSSecurityEngineResult.TAG_ACTION);
                if (actInt.intValue() == WSConstants.UT) {
                    return (WSUsernameTokenPrincipal) wser
                            .get(WSSecurityEngineResult.TAG_PRINCIPAL);
                }
            }
        }
    }
    return null;
}
 
Example 6
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
protected CallbackHandler getCallback(RequestData reqData, int doAction, boolean utWithCallbacks) 
    throws WSSecurityException {
    if (!utWithCallbacks 
        && ((doAction & WSConstants.UT) != 0 || (doAction & WSConstants.UT_NOPASSWORD) != 0)) {
        CallbackHandler pwdCallback = null;
        try {
            pwdCallback = getCallback(reqData, doAction);
        } catch (Exception ex) {
            // ignore
        }
        return new DelegatingCallbackHandler(pwdCallback);
    } else {
        return getCallback(reqData, doAction);
    }
}
 
Example 7
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
protected CallbackHandler getCallback(RequestData reqData, int doAction, boolean utWithCallbacks) 
    throws WSSecurityException {
    if (!utWithCallbacks 
        && ((doAction & WSConstants.UT) != 0 || (doAction & WSConstants.UT_NOPASSWORD) != 0)) {
        CallbackHandler pwdCallback = null;
        try {
            pwdCallback = getCallback(reqData, doAction);
        } catch (Exception ex) {
            // ignore
        }
        return new DelegatingCallbackHandler(pwdCallback);
    } else {
        return getCallback(reqData, doAction);
    }
}
 
Example 8
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
protected CallbackHandler getCallback(RequestData reqData, int doAction, boolean utWithCallbacks) 
    throws WSSecurityException {
    if (!utWithCallbacks 
        && ((doAction & WSConstants.UT) != 0 || (doAction & WSConstants.UT_NOPASSWORD) != 0)) {
        CallbackHandler pwdCallback = null;
        try {
            pwdCallback = getCallback(reqData, doAction);
        } catch (Exception ex) {
            // ignore
        }
        return new DelegatingCallbackHandler(pwdCallback);
    } else {
        return getCallback(reqData, doAction);
    }
}
 
Example 9
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
protected CallbackHandler getCallback(RequestData reqData, int doAction, boolean utWithCallbacks) 
    throws WSSecurityException {
    if (!utWithCallbacks 
        && ((doAction & WSConstants.UT) != 0 || (doAction & WSConstants.UT_NOPASSWORD) != 0)) {
        CallbackHandler pwdCallback = null;
        try {
            pwdCallback = getCallback(reqData, doAction);
        } catch (Exception ex) {
            // ignore
        }
        return new DelegatingCallbackHandler(pwdCallback);
    } else {
        return getCallback(reqData, doAction);
    }
}
 
Example 10
Source File: IdentityProviderData.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * @param data
 * @throws IdentityProviderException
 */
@Override
protected void readAuthenticationMechanism(RahasData data) throws IdentityProviderException {
    MessageContext inContext = null;
    Vector results = null;

    if (log.isDebugEnabled()) {
        log.debug("Reading authentication mechanism");
    }

    inContext = data.getInMessageContext();

    if ((results = (Vector) inContext.getProperty(WSHandlerConstants.RECV_RESULTS)) == null) {
        log.error("Missing authentication mechanism");
        throw new IdentityProviderException("Missing authentication mechanism");
    } else {
        for (int i = 0; i < results.size(); i++) {
            WSHandlerResult rResult = (WSHandlerResult) results.get(i);
            Vector wsSecEngineResults = rResult.getResults();

            for (int j = 0; j < wsSecEngineResults.size(); j++) {
                WSSecurityEngineResult wser = (WSSecurityEngineResult) wsSecEngineResults.get(j);
                int action = ((Integer) wser.get(WSSecurityEngineResult.TAG_ACTION)).intValue();
                if (action == WSConstants.ST_UNSIGNED) {

                    this.authMechanism = IdentityConstants.AUTH_TYPE_SELF_ISSUED;
                    this.assertion = (SAMLAssertion) wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
                } else if (action == WSConstants.UT && wser.get(WSSecurityEngineResult.TAG_PRINCIPAL) != null) {
                    this.authMechanism = IdentityConstants.AUTH_TYPE_USERNAME_TOKEN;
                }
            }
        }
    }
}
 
Example 11
Source File: UsernameTokenInterceptor.java    From steady with Apache License 2.0 4 votes vote down vote up
private void processUsernameToken(SoapMessage message) {
    Header h = findSecurityHeader(message, false);
    if (h == null) {
        return;
    }
    Element el = (Element)h.getObject();
    Element child = DOMUtils.getFirstElement(el);
    while (child != null) {
        if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())) {
            try  {
                final WSUsernameTokenPrincipal princ = getPrincipal(child, message);
                if (princ != null) {
                    List<WSSecurityEngineResult>v = new ArrayList<WSSecurityEngineResult>();
                    int action = WSConstants.UT;
                    if (princ.getPassword() == null) {
                        action = WSConstants.UT_NOPASSWORD;
                    }
                    v.add(0, new WSSecurityEngineResult(action, princ, null, null, null));
                    List<WSHandlerResult> results = CastUtils.cast((List<?>)message
                                                              .get(WSHandlerConstants.RECV_RESULTS));
                    if (results == null) {
                        results = new ArrayList<WSHandlerResult>();
                        message.put(WSHandlerConstants.RECV_RESULTS, results);
                    }
                    WSHandlerResult rResult = new WSHandlerResult(null, v);
                    results.add(0, rResult);

                    assertUsernameTokens(message, princ);
                    message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, princ);                   
                    
                    SecurityContext sc = message.get(SecurityContext.class);
                    if (sc == null || sc.getUserPrincipal() == null) {
                        Subject subject = createSubject(princ.getName(), princ.getPassword(),
                            princ.isPasswordDigest(), princ.getNonce(), princ.getCreatedTime());
                        message.put(SecurityContext.class, 
                                    createSecurityContext(princ, subject));
                    }

                }
            } catch (WSSecurityException ex) {
                throw new Fault(ex);
            }
        }
        child = DOMUtils.getNextElement(child);
    }
}
 
Example 12
Source File: UsernameTokenInterceptor.java    From steady with Apache License 2.0 4 votes vote down vote up
private void processUsernameToken(SoapMessage message) {
    Header h = findSecurityHeader(message, false);
    if (h == null) {
        return;
    }
    Element el = (Element)h.getObject();
    Element child = DOMUtils.getFirstElement(el);
    while (child != null) {
        if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())) {
            try  {
                final WSUsernameTokenPrincipal princ = getPrincipal(child, message);
                if (princ != null) {
                    List<WSSecurityEngineResult>v = new ArrayList<WSSecurityEngineResult>();
                    int action = WSConstants.UT;
                    if (princ.getPassword() == null) {
                        action = WSConstants.UT_NOPASSWORD;
                    }
                    v.add(0, new WSSecurityEngineResult(action, princ, null, null, null));
                    List<WSHandlerResult> results = CastUtils.cast((List<?>)message
                                                              .get(WSHandlerConstants.RECV_RESULTS));
                    if (results == null) {
                        results = new ArrayList<WSHandlerResult>();
                        message.put(WSHandlerConstants.RECV_RESULTS, results);
                    }
                    WSHandlerResult rResult = new WSHandlerResult(null, v);
                    results.add(0, rResult);

                    assertUsernameTokens(message, princ);
                    message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, princ);                   
                    
                    SecurityContext sc = message.get(SecurityContext.class);
                    if (sc == null || sc.getUserPrincipal() == null) {
                        Subject subject = createSubject(princ.getName(), princ.getPassword(),
                            princ.isPasswordDigest(), princ.getNonce(), princ.getCreatedTime());
                        message.put(SecurityContext.class, 
                                    createSecurityContext(princ, subject));
                    }

                }
            } catch (WSSecurityException ex) {
                throw new Fault(ex);
            }
        }
        child = DOMUtils.getNextElement(child);
    }
}
 
Example 13
Source File: UsernameTokenInterceptor.java    From steady with Apache License 2.0 4 votes vote down vote up
private void processUsernameToken(SoapMessage message) {
    Header h = findSecurityHeader(message, false);
    if (h == null) {
        return;
    }
    Element el = (Element)h.getObject();
    Element child = DOMUtils.getFirstElement(el);
    while (child != null) {
        if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())) {
            try  {
                final WSUsernameTokenPrincipal princ = getPrincipal(child, message);
                if (princ != null) {
                    List<WSSecurityEngineResult>v = new ArrayList<WSSecurityEngineResult>();
                    int action = WSConstants.UT;
                    if (princ.getPassword() == null) {
                        action = WSConstants.UT_NOPASSWORD;
                    }
                    v.add(0, new WSSecurityEngineResult(action, princ, null, null, null));
                    List<WSHandlerResult> results = CastUtils.cast((List<?>)message
                                                              .get(WSHandlerConstants.RECV_RESULTS));
                    if (results == null) {
                        results = new ArrayList<WSHandlerResult>();
                        message.put(WSHandlerConstants.RECV_RESULTS, results);
                    }
                    WSHandlerResult rResult = new WSHandlerResult(null, v);
                    results.add(0, rResult);

                    assertUsernameTokens(message, princ);
                    message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, princ);                   
                    
                    SecurityContext sc = message.get(SecurityContext.class);
                    if (sc == null || sc.getUserPrincipal() == null) {
                        Subject subject = createSubject(princ.getName(), princ.getPassword(),
                            princ.isPasswordDigest(), princ.getNonce(), princ.getCreatedTime());
                        message.put(SecurityContext.class, 
                                    createSecurityContext(princ, subject));
                    }

                }
            } catch (WSSecurityException ex) {
                throw new Fault(ex);
            }
        }
        child = DOMUtils.getNextElement(child);
    }
}
 
Example 14
Source File: UsernameTokenInterceptor.java    From steady with Apache License 2.0 4 votes vote down vote up
private void processUsernameToken(SoapMessage message) {
    Header h = findSecurityHeader(message, false);
    if (h == null) {
        return;
    }
    Element el = (Element)h.getObject();
    Element child = DOMUtils.getFirstElement(el);
    while (child != null) {
        if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())) {
            try  {
                final WSUsernameTokenPrincipal princ = getPrincipal(child, message);
                if (princ != null) {
                    List<WSSecurityEngineResult>v = new ArrayList<WSSecurityEngineResult>();
                    int action = WSConstants.UT;
                    if (princ.getPassword() == null) {
                        action = WSConstants.UT_NOPASSWORD;
                    }
                    v.add(0, new WSSecurityEngineResult(action, princ, null, null, null));
                    List<WSHandlerResult> results = CastUtils.cast((List<?>)message
                                                              .get(WSHandlerConstants.RECV_RESULTS));
                    if (results == null) {
                        results = new ArrayList<WSHandlerResult>();
                        message.put(WSHandlerConstants.RECV_RESULTS, results);
                    }
                    WSHandlerResult rResult = new WSHandlerResult(null, v);
                    results.add(0, rResult);

                    assertUsernameTokens(message, princ);
                    message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, princ);                   
                    
                    SecurityContext sc = message.get(SecurityContext.class);
                    if (sc == null || sc.getUserPrincipal() == null) {
                        Subject subject = createSubject(princ.getName(), princ.getPassword(),
                            princ.isPasswordDigest(), princ.getNonce(), princ.getCreatedTime());
                        message.put(SecurityContext.class, 
                                    createSecurityContext(princ, subject));
                    }

                }
            } catch (WSSecurityException ex) {
                throw new Fault(ex);
            }
        }
        child = DOMUtils.getNextElement(child);
    }
}
 
Example 15
Source File: AttributeRequestProcessor.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
public ResponseToken process(RequestToken request) throws TrustException {

        MessageContext context = MessageContext.getCurrentMessageContext();
        SAMLPassiveTokenIssuer issuer = null;
        WSHandlerResult handlerResults = null;
        WSSecurityEngineResult engineResult = null;
        WSUsernameTokenPrincipal principal = null;
        Vector<WSSecurityEngineResult> wsResults = null;
        ResponseToken reponseToken = null;
        Vector<WSHandlerResult> handlerResultsVector = null;
        OMElement rstr = null;

        try {

            if (request.getAttributes() == null || request.getAttributes().trim().length() == 0) {
                throw new TrustException("attributesMissing");
            }

            principal = new WSUsernameTokenPrincipal(request.getUserName(), false);

            engineResult = new WSSecurityEngineResult(WSConstants.UT, principal, null, null, null);

            wsResults = new Vector<WSSecurityEngineResult>();
            wsResults.add(engineResult);

            handlerResults = new WSHandlerResult("", wsResults);

            handlerResultsVector = new Vector<WSHandlerResult>();
            handlerResultsVector.add(handlerResults);

            MessageContext.getCurrentMessageContext().setProperty(WSHandlerConstants.RECV_RESULTS,
                    handlerResultsVector);
            MessageContext.getCurrentMessageContext().setProperty(RahasConstants.PASSIVE_STS_RST,
                    getRST(request.getRealm(), request.getAttributes(), request.getDialect()));

            ConfigurationContext configurationContext = context.getConfigurationContext();
            configurationContext.setProperty(TokenStorage.TOKEN_STORAGE_KEY, PassiveSTSUtil.getTokenStorage());

            rahasData = new RahasData(context);
            issuer = new SAMLPassiveTokenIssuer();
            issuer.setAudienceRestrictionCondition(request.getRealm());
            issuer.setConfig(getSAMLTokenIssuerConfig(MessageContext.getCurrentMessageContext()
                    .getAxisService(), true));
            rstr = issuer.issuePassiveRSTR(rahasData);
            reponseToken = new ResponseToken();
            reponseToken.setResults(rstr.toStringWithConsume());

        } catch (Exception e) {
            throw new TrustException("errorWhileProcessingAttributeRequest", e);
        }

        return reponseToken;
    }