Java Code Examples for org.apache.ws.security.message.WSSecUsernameToken#addNonce()

The following examples show how to use org.apache.ws.security.message.WSSecUsernameToken#addNonce() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 4 votes vote down vote up
protected WSSecUsernameToken addUsernameToken(UsernameToken token) {
    AssertionInfo info = null;
    Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
    for (AssertionInfo ai : ais) {
        if (ai.getAssertion() == token) {
            info = ai;
            if (!isRequestor()) {
                info.setAsserted(true);
                return null;
            }
        }
    }
    
    String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
    if (!StringUtils.isEmpty(userName)) {
        WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
        // If NoPassword property is set we don't need to set the password
        if (token.isNoPassword()) {
            utBuilder.setUserInfo(userName, null);
            utBuilder.setPasswordType(null);
        } else {
            String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
            if (StringUtils.isEmpty(password)) {
                password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
            }
        
            if (!StringUtils.isEmpty(password)) {
                // If the password is available then build the token
                if (token.isHashPassword()) {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);  
                } else {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
                }
                utBuilder.setUserInfo(userName, password);
            } else {
                policyNotAsserted(token, "No password available");
                return null;
            }
        }
        
        if (token.isRequireCreated() && !token.isHashPassword()) {
            utBuilder.addCreated();
        }
        if (token.isRequireNonce() && !token.isHashPassword()) {
            utBuilder.addNonce();
        }
        
        info.setAsserted(true);
        return utBuilder;
    } else {
        policyNotAsserted(token, "No username available");
        return null;
    }
}
 
Example 2
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 4 votes vote down vote up
protected WSSecUsernameToken addUsernameToken(UsernameToken token) {
    AssertionInfo info = null;
    Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
    for (AssertionInfo ai : ais) {
        if (ai.getAssertion() == token) {
            info = ai;
            if (!isRequestor()) {
                info.setAsserted(true);
                return null;
            }
        }
    }
    
    String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
    if (!StringUtils.isEmpty(userName)) {
        WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
        // If NoPassword property is set we don't need to set the password
        if (token.isNoPassword()) {
            utBuilder.setUserInfo(userName, null);
            utBuilder.setPasswordType(null);
        } else {
            String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
            if (StringUtils.isEmpty(password)) {
                password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
            }
        
            if (!StringUtils.isEmpty(password)) {
                // If the password is available then build the token
                if (token.isHashPassword()) {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);  
                } else {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
                }
                utBuilder.setUserInfo(userName, password);
            } else {
                policyNotAsserted(token, "No password available");
                return null;
            }
        }
        
        if (token.isRequireCreated() && !token.isHashPassword()) {
            utBuilder.addCreated();
        }
        if (token.isRequireNonce() && !token.isHashPassword()) {
            utBuilder.addNonce();
        }
        
        info.setAsserted(true);
        return utBuilder;
    } else {
        policyNotAsserted(token, "No username available");
        return null;
    }
}
 
Example 3
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 4 votes vote down vote up
protected WSSecUsernameToken addUsernameToken(UsernameToken token) {
    AssertionInfo info = null;
    Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
    for (AssertionInfo ai : ais) {
        if (ai.getAssertion() == token) {
            info = ai;
            if (!isRequestor()) {
                info.setAsserted(true);
                return null;
            }
        }
    }
    
    String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
    if (!StringUtils.isEmpty(userName)) {
        WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
        // If NoPassword property is set we don't need to set the password
        if (token.isNoPassword()) {
            utBuilder.setUserInfo(userName, null);
            utBuilder.setPasswordType(null);
        } else {
            String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
            if (StringUtils.isEmpty(password)) {
                password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
            }
        
            if (!StringUtils.isEmpty(password)) {
                // If the password is available then build the token
                if (token.isHashPassword()) {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);  
                } else {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
                }
                utBuilder.setUserInfo(userName, password);
            } else {
                policyNotAsserted(token, "No password available");
                return null;
            }
        }
        
        if (token.isRequireCreated() && !token.isHashPassword()) {
            utBuilder.addCreated();
        }
        if (token.isRequireNonce() && !token.isHashPassword()) {
            utBuilder.addNonce();
        }
        
        info.setAsserted(true);
        return utBuilder;
    } else {
        policyNotAsserted(token, "No username available");
        return null;
    }
}
 
Example 4
Source File: AbstractBindingBuilder.java    From steady with Apache License 2.0 4 votes vote down vote up
protected WSSecUsernameToken addUsernameToken(UsernameToken token) {
    AssertionInfo info = null;
    Collection<AssertionInfo> ais = aim.getAssertionInfo(token.getName());
    for (AssertionInfo ai : ais) {
        if (ai.getAssertion() == token) {
            info = ai;
            if (!isRequestor()) {
                info.setAsserted(true);
                return null;
            }
        }
    }
    
    String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
    if (!StringUtils.isEmpty(userName)) {
        WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
        // If NoPassword property is set we don't need to set the password
        if (token.isNoPassword()) {
            utBuilder.setUserInfo(userName, null);
            utBuilder.setPasswordType(null);
        } else {
            String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
            if (StringUtils.isEmpty(password)) {
                password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
            }
        
            if (!StringUtils.isEmpty(password)) {
                // If the password is available then build the token
                if (token.isHashPassword()) {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);  
                } else {
                    utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
                }
                utBuilder.setUserInfo(userName, password);
            } else {
                policyNotAsserted(token, "No password available");
                return null;
            }
        }
        
        if (token.isRequireCreated() && !token.isHashPassword()) {
            utBuilder.addCreated();
        }
        if (token.isRequireNonce() && !token.isHashPassword()) {
            utBuilder.addNonce();
        }
        
        info.setAsserted(true);
        return utBuilder;
    } else {
        policyNotAsserted(token, "No username available");
        return null;
    }
}
 
Example 5
Source File: SoapWrapper.java    From iaf with Apache License 2.0 4 votes vote down vote up
public String signMessage(String soapMessage, String user, String password, boolean passwordDigest) {
	try {
		WSSecurityEngine secEngine = WSSecurityEngine.getInstance();
		WSSConfig config = secEngine.getWssConfig();
		config.setPrecisionInMilliSeconds(false);

		// create context
		AxisClient tmpEngine = new AxisClient(new NullProvider());
		MessageContext msgContext = new MessageContext(tmpEngine);

		InputStream in = new ByteArrayInputStream(soapMessage.getBytes(StreamUtil.DEFAULT_INPUT_STREAM_ENCODING));
		Message msg = new Message(in);
		msg.setMessageContext(msgContext);

		// create unsigned envelope
		SOAPEnvelope unsignedEnvelope = msg.getSOAPEnvelope();
		Document doc = unsignedEnvelope.getAsDocument();

		// create security header and insert it into unsigned envelope
		WSSecHeader secHeader = new WSSecHeader();
		secHeader.insertSecurityHeader(doc);

		// add a UsernameToken
		WSSecUsernameToken tokenBuilder = new WSSecUsernameToken();
		if (passwordDigest) {
			tokenBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
		} else {
			tokenBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
		}
		tokenBuilder.setUserInfo(user, password);
		tokenBuilder.addNonce();
		tokenBuilder.addCreated();
		tokenBuilder.prepare(doc);

		WSSecSignature sign = new WSSecSignature();
		sign.setUsernameToken(tokenBuilder);
		sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
		sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
		sign.build(doc, null, secHeader);

		tokenBuilder.prependToHeader(secHeader);

		// add a Timestamp
		WSSecTimestamp timestampBuilder = new WSSecTimestamp();
		timestampBuilder.setTimeToLive(300);
		timestampBuilder.prepare(doc);
		timestampBuilder.prependToHeader(secHeader);

		Document signedDoc = doc;

		return DOM2Writer.nodeToString(signedDoc);

	} catch (Exception e) {
		throw new RuntimeException("Could not sign message", e);
	}
}