Java Code Examples for org.apache.ws.security.WSConstants#UT_NOPASSWORD

The following examples show how to use org.apache.ws.security.WSConstants#UT_NOPASSWORD . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SymmetricBindingHandler.java    From steady with Apache License 2.0 5 votes vote down vote up
private String getUTDerivedKey() throws WSSecurityException {
    
    List<WSHandlerResult> results = CastUtils.cast((List<?>)message.getExchange().getInMessage()
        .get(WSHandlerConstants.RECV_RESULTS));
    
    for (WSHandlerResult rResult : results) {
        List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
        
        for (WSSecurityEngineResult wser : wsSecEngineResults) {
            Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
            String utID = (String)wser.get(WSSecurityEngineResult.TAG_ID);
            if (actInt.intValue() == WSConstants.UT_NOPASSWORD) {
                if (utID == null || utID.length() == 0) {
                    utID = wssConfig.getIdAllocator().createId("UsernameToken-", null);
                }
                Date created = new Date();
                Date expires = new Date();
                expires.setTime(created.getTime() + 300000);
                SecurityToken tempTok = new SecurityToken(utID, created, expires);
                
                byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
                tempTok.setSecret(secret);
                tokenStore.add(tempTok);

                return utID;
            }
        }
    }
    return null;
}
 
Example 2
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
protected CallbackHandler getCallback(RequestData reqData, int doAction, boolean utWithCallbacks) 
    throws WSSecurityException {
    if (!utWithCallbacks 
        && ((doAction & WSConstants.UT) != 0 || (doAction & WSConstants.UT_NOPASSWORD) != 0)) {
        CallbackHandler pwdCallback = null;
        try {
            pwdCallback = getCallback(reqData, doAction);
        } catch (Exception ex) {
            // ignore
        }
        return new DelegatingCallbackHandler(pwdCallback);
    } else {
        return getCallback(reqData, doAction);
    }
}
 
Example 3
Source File: SymmetricBindingHandler.java    From steady with Apache License 2.0 5 votes vote down vote up
private String getUTDerivedKey() throws WSSecurityException {
    
    List<WSHandlerResult> results = CastUtils.cast((List<?>)message.getExchange().getInMessage()
        .get(WSHandlerConstants.RECV_RESULTS));
    
    for (WSHandlerResult rResult : results) {
        List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
        
        for (WSSecurityEngineResult wser : wsSecEngineResults) {
            Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
            String utID = (String)wser.get(WSSecurityEngineResult.TAG_ID);
            if (actInt.intValue() == WSConstants.UT_NOPASSWORD) {
                if (utID == null || utID.length() == 0) {
                    utID = wssConfig.getIdAllocator().createId("UsernameToken-", null);
                }
                Date created = new Date();
                Date expires = new Date();
                expires.setTime(created.getTime() + 300000);
                SecurityToken tempTok = new SecurityToken(utID, created, expires);
                
                byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
                tempTok.setSecret(secret);
                tokenStore.add(tempTok);

                return utID;
            }
        }
    }
    return null;
}
 
Example 4
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
protected CallbackHandler getCallback(RequestData reqData, int doAction, boolean utWithCallbacks) 
    throws WSSecurityException {
    if (!utWithCallbacks 
        && ((doAction & WSConstants.UT) != 0 || (doAction & WSConstants.UT_NOPASSWORD) != 0)) {
        CallbackHandler pwdCallback = null;
        try {
            pwdCallback = getCallback(reqData, doAction);
        } catch (Exception ex) {
            // ignore
        }
        return new DelegatingCallbackHandler(pwdCallback);
    } else {
        return getCallback(reqData, doAction);
    }
}
 
Example 5
Source File: SymmetricBindingHandler.java    From steady with Apache License 2.0 5 votes vote down vote up
private String getUTDerivedKey() throws WSSecurityException {
    
    List<WSHandlerResult> results = CastUtils.cast((List<?>)message.getExchange().getInMessage()
        .get(WSHandlerConstants.RECV_RESULTS));
    
    for (WSHandlerResult rResult : results) {
        List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
        
        for (WSSecurityEngineResult wser : wsSecEngineResults) {
            Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
            String utID = (String)wser.get(WSSecurityEngineResult.TAG_ID);
            if (actInt.intValue() == WSConstants.UT_NOPASSWORD) {
                if (utID == null || utID.length() == 0) {
                    utID = wssConfig.getIdAllocator().createId("UsernameToken-", null);
                }
                Date created = new Date();
                Date expires = new Date();
                expires.setTime(created.getTime() + 300000);
                SecurityToken tempTok = new SecurityToken(utID, created, expires);
                
                byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
                tempTok.setSecret(secret);
                tokenStore.add(tempTok);

                return utID;
            }
        }
    }
    return null;
}
 
Example 6
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
protected CallbackHandler getCallback(RequestData reqData, int doAction, boolean utWithCallbacks) 
    throws WSSecurityException {
    if (!utWithCallbacks 
        && ((doAction & WSConstants.UT) != 0 || (doAction & WSConstants.UT_NOPASSWORD) != 0)) {
        CallbackHandler pwdCallback = null;
        try {
            pwdCallback = getCallback(reqData, doAction);
        } catch (Exception ex) {
            // ignore
        }
        return new DelegatingCallbackHandler(pwdCallback);
    } else {
        return getCallback(reqData, doAction);
    }
}
 
Example 7
Source File: SymmetricBindingHandler.java    From steady with Apache License 2.0 5 votes vote down vote up
private String getUTDerivedKey() throws WSSecurityException {
    
    List<WSHandlerResult> results = CastUtils.cast((List<?>)message.getExchange().getInMessage()
        .get(WSHandlerConstants.RECV_RESULTS));
    
    for (WSHandlerResult rResult : results) {
        List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults();
        
        for (WSSecurityEngineResult wser : wsSecEngineResults) {
            Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
            String utID = (String)wser.get(WSSecurityEngineResult.TAG_ID);
            if (actInt.intValue() == WSConstants.UT_NOPASSWORD) {
                if (utID == null || utID.length() == 0) {
                    utID = wssConfig.getIdAllocator().createId("UsernameToken-", null);
                }
                Date created = new Date();
                Date expires = new Date();
                expires.setTime(created.getTime() + 300000);
                SecurityToken tempTok = new SecurityToken(utID, created, expires);
                
                byte[] secret = (byte[])wser.get(WSSecurityEngineResult.TAG_SECRET);
                tempTok.setSecret(secret);
                tokenStore.add(tempTok);

                return utID;
            }
        }
    }
    return null;
}
 
Example 8
Source File: WSS4JInInterceptor.java    From steady with Apache License 2.0 5 votes vote down vote up
protected CallbackHandler getCallback(RequestData reqData, int doAction, boolean utWithCallbacks) 
    throws WSSecurityException {
    if (!utWithCallbacks 
        && ((doAction & WSConstants.UT) != 0 || (doAction & WSConstants.UT_NOPASSWORD) != 0)) {
        CallbackHandler pwdCallback = null;
        try {
            pwdCallback = getCallback(reqData, doAction);
        } catch (Exception ex) {
            // ignore
        }
        return new DelegatingCallbackHandler(pwdCallback);
    } else {
        return getCallback(reqData, doAction);
    }
}
 
Example 9
Source File: UsernameTokenInterceptor.java    From steady with Apache License 2.0 4 votes vote down vote up
private void processUsernameToken(SoapMessage message) {
    Header h = findSecurityHeader(message, false);
    if (h == null) {
        return;
    }
    Element el = (Element)h.getObject();
    Element child = DOMUtils.getFirstElement(el);
    while (child != null) {
        if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())) {
            try  {
                final WSUsernameTokenPrincipal princ = getPrincipal(child, message);
                if (princ != null) {
                    List<WSSecurityEngineResult>v = new ArrayList<WSSecurityEngineResult>();
                    int action = WSConstants.UT;
                    if (princ.getPassword() == null) {
                        action = WSConstants.UT_NOPASSWORD;
                    }
                    v.add(0, new WSSecurityEngineResult(action, princ, null, null, null));
                    List<WSHandlerResult> results = CastUtils.cast((List<?>)message
                                                              .get(WSHandlerConstants.RECV_RESULTS));
                    if (results == null) {
                        results = new ArrayList<WSHandlerResult>();
                        message.put(WSHandlerConstants.RECV_RESULTS, results);
                    }
                    WSHandlerResult rResult = new WSHandlerResult(null, v);
                    results.add(0, rResult);

                    assertUsernameTokens(message, princ);
                    message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, princ);                   
                    
                    SecurityContext sc = message.get(SecurityContext.class);
                    if (sc == null || sc.getUserPrincipal() == null) {
                        Subject subject = createSubject(princ.getName(), princ.getPassword(),
                            princ.isPasswordDigest(), princ.getNonce(), princ.getCreatedTime());
                        message.put(SecurityContext.class, 
                                    createSecurityContext(princ, subject));
                    }

                }
            } catch (WSSecurityException ex) {
                throw new Fault(ex);
            }
        }
        child = DOMUtils.getNextElement(child);
    }
}
 
Example 10
Source File: UsernameTokenInterceptor.java    From steady with Apache License 2.0 4 votes vote down vote up
private void processUsernameToken(SoapMessage message) {
    Header h = findSecurityHeader(message, false);
    if (h == null) {
        return;
    }
    Element el = (Element)h.getObject();
    Element child = DOMUtils.getFirstElement(el);
    while (child != null) {
        if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())) {
            try  {
                final WSUsernameTokenPrincipal princ = getPrincipal(child, message);
                if (princ != null) {
                    List<WSSecurityEngineResult>v = new ArrayList<WSSecurityEngineResult>();
                    int action = WSConstants.UT;
                    if (princ.getPassword() == null) {
                        action = WSConstants.UT_NOPASSWORD;
                    }
                    v.add(0, new WSSecurityEngineResult(action, princ, null, null, null));
                    List<WSHandlerResult> results = CastUtils.cast((List<?>)message
                                                              .get(WSHandlerConstants.RECV_RESULTS));
                    if (results == null) {
                        results = new ArrayList<WSHandlerResult>();
                        message.put(WSHandlerConstants.RECV_RESULTS, results);
                    }
                    WSHandlerResult rResult = new WSHandlerResult(null, v);
                    results.add(0, rResult);

                    assertUsernameTokens(message, princ);
                    message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, princ);                   
                    
                    SecurityContext sc = message.get(SecurityContext.class);
                    if (sc == null || sc.getUserPrincipal() == null) {
                        Subject subject = createSubject(princ.getName(), princ.getPassword(),
                            princ.isPasswordDigest(), princ.getNonce(), princ.getCreatedTime());
                        message.put(SecurityContext.class, 
                                    createSecurityContext(princ, subject));
                    }

                }
            } catch (WSSecurityException ex) {
                throw new Fault(ex);
            }
        }
        child = DOMUtils.getNextElement(child);
    }
}
 
Example 11
Source File: UsernameTokenInterceptor.java    From steady with Apache License 2.0 4 votes vote down vote up
private void processUsernameToken(SoapMessage message) {
    Header h = findSecurityHeader(message, false);
    if (h == null) {
        return;
    }
    Element el = (Element)h.getObject();
    Element child = DOMUtils.getFirstElement(el);
    while (child != null) {
        if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())) {
            try  {
                final WSUsernameTokenPrincipal princ = getPrincipal(child, message);
                if (princ != null) {
                    List<WSSecurityEngineResult>v = new ArrayList<WSSecurityEngineResult>();
                    int action = WSConstants.UT;
                    if (princ.getPassword() == null) {
                        action = WSConstants.UT_NOPASSWORD;
                    }
                    v.add(0, new WSSecurityEngineResult(action, princ, null, null, null));
                    List<WSHandlerResult> results = CastUtils.cast((List<?>)message
                                                              .get(WSHandlerConstants.RECV_RESULTS));
                    if (results == null) {
                        results = new ArrayList<WSHandlerResult>();
                        message.put(WSHandlerConstants.RECV_RESULTS, results);
                    }
                    WSHandlerResult rResult = new WSHandlerResult(null, v);
                    results.add(0, rResult);

                    assertUsernameTokens(message, princ);
                    message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, princ);                   
                    
                    SecurityContext sc = message.get(SecurityContext.class);
                    if (sc == null || sc.getUserPrincipal() == null) {
                        Subject subject = createSubject(princ.getName(), princ.getPassword(),
                            princ.isPasswordDigest(), princ.getNonce(), princ.getCreatedTime());
                        message.put(SecurityContext.class, 
                                    createSecurityContext(princ, subject));
                    }

                }
            } catch (WSSecurityException ex) {
                throw new Fault(ex);
            }
        }
        child = DOMUtils.getNextElement(child);
    }
}
 
Example 12
Source File: UsernameTokenInterceptor.java    From steady with Apache License 2.0 4 votes vote down vote up
private void processUsernameToken(SoapMessage message) {
    Header h = findSecurityHeader(message, false);
    if (h == null) {
        return;
    }
    Element el = (Element)h.getObject();
    Element child = DOMUtils.getFirstElement(el);
    while (child != null) {
        if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName())) {
            try  {
                final WSUsernameTokenPrincipal princ = getPrincipal(child, message);
                if (princ != null) {
                    List<WSSecurityEngineResult>v = new ArrayList<WSSecurityEngineResult>();
                    int action = WSConstants.UT;
                    if (princ.getPassword() == null) {
                        action = WSConstants.UT_NOPASSWORD;
                    }
                    v.add(0, new WSSecurityEngineResult(action, princ, null, null, null));
                    List<WSHandlerResult> results = CastUtils.cast((List<?>)message
                                                              .get(WSHandlerConstants.RECV_RESULTS));
                    if (results == null) {
                        results = new ArrayList<WSHandlerResult>();
                        message.put(WSHandlerConstants.RECV_RESULTS, results);
                    }
                    WSHandlerResult rResult = new WSHandlerResult(null, v);
                    results.add(0, rResult);

                    assertUsernameTokens(message, princ);
                    message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, princ);                   
                    
                    SecurityContext sc = message.get(SecurityContext.class);
                    if (sc == null || sc.getUserPrincipal() == null) {
                        Subject subject = createSubject(princ.getName(), princ.getPassword(),
                            princ.isPasswordDigest(), princ.getNonce(), princ.getCreatedTime());
                        message.put(SecurityContext.class, 
                                    createSecurityContext(princ, subject));
                    }

                }
            } catch (WSSecurityException ex) {
                throw new Fault(ex);
            }
        }
        child = DOMUtils.getNextElement(child);
    }
}