Java Code Examples for org.apache.cxf.staxutils.W3CDOMStreamWriter#writeNamespace()
The following examples show how to use
org.apache.cxf.staxutils.W3CDOMStreamWriter#writeNamespace() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: STSInvoker.java From steady with Apache License 2.0 | 6 votes |
void writeLifetime( W3CDOMStreamWriter writer, Date created, Date expires, String prefix, String namespace ) throws Exception { XmlSchemaDateFormat fmt = new XmlSchemaDateFormat(); writer.writeStartElement(prefix, "Lifetime", namespace); writer.writeNamespace("wsu", WSConstants.WSU_NS); writer.writeStartElement("wsu", "Created", WSConstants.WSU_NS); writer.writeCharacters(fmt.format(created.getTime())); writer.writeEndElement(); writer.writeStartElement("wsu", "Expires", WSConstants.WSU_NS); writer.writeCharacters(fmt.format(expires.getTime())); writer.writeEndElement(); writer.writeEndElement(); }
Example 2
Source File: STSClientAction.java From cxf-fediz with Apache License 2.0 | 6 votes |
private Element createClaimsElement(List<RequestClaim> realmClaims) throws ParserConfigurationException, XMLStreamException { if (realmClaims == null || realmClaims.isEmpty()) { return null; } W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "Claims", STSUtils.WST_NS_05_12); writer.writeNamespace("wst", STSUtils.WST_NS_05_12); writer.writeNamespace("ic", HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY); writer.writeAttribute("Dialect", HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY); if (!realmClaims.isEmpty()) { for (RequestClaim item : realmClaims) { LOG.debug(" {}", item.getClaimType().toString()); writer.writeStartElement("ic", "ClaimType", HTTP_SCHEMAS_XMLSOAP_ORG_WS_2005_05_IDENTITY); writer.writeAttribute("Uri", item.getClaimType().toString()); writer.writeAttribute("Optional", Boolean.toString(item.isOptional())); writer.writeEndElement(); } } writer.writeEndElement(); return writer.getDocument().getDocumentElement(); }
Example 3
Source File: STSInvoker.java From steady with Apache License 2.0 | 6 votes |
void writeLifetime( W3CDOMStreamWriter writer, Date created, Date expires, String prefix, String namespace ) throws Exception { XmlSchemaDateFormat fmt = new XmlSchemaDateFormat(); writer.writeStartElement(prefix, "Lifetime", namespace); writer.writeNamespace("wsu", WSConstants.WSU_NS); writer.writeStartElement("wsu", "Created", WSConstants.WSU_NS); writer.writeCharacters(fmt.format(created.getTime())); writer.writeEndElement(); writer.writeStartElement("wsu", "Expires", WSConstants.WSU_NS); writer.writeCharacters(fmt.format(expires.getTime())); writer.writeEndElement(); writer.writeEndElement(); }
Example 4
Source File: SimpleBatchSTSClient.java From cxf with Apache License 2.0 | 5 votes |
protected void writeElementsForRSTPublicKey(W3CDOMStreamWriter writer, X509Certificate cert) throws Exception { writer.writeStartElement("wst", "UseKey", namespace); writer.writeStartElement("dsig", "KeyInfo", "http://www.w3.org/2000/09/xmldsig#"); writer.writeNamespace("dsig", "http://www.w3.org/2000/09/xmldsig#"); boolean useCert = useCertificateForConfirmationKeyInfo; String useCertStr = (String)getProperty(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO); if (useCertStr != null) { useCert = Boolean.parseBoolean(useCertStr); } if (useCert) { X509Data certElem = new X509Data(writer.getDocument()); certElem.addCertificate(cert); writer.getCurrentNode().appendChild(certElem.getElement()); } else { writer.writeStartElement("dsig", "KeyValue", "http://www.w3.org/2000/09/xmldsig#"); PublicKey key = cert.getPublicKey(); String pubKeyAlgo = key.getAlgorithm(); if ("DSA".equalsIgnoreCase(pubKeyAlgo)) { DSAKeyValue dsaKeyValue = new DSAKeyValue(writer.getDocument(), key); writer.getCurrentNode().appendChild(dsaKeyValue.getElement()); } else if ("RSA".equalsIgnoreCase(pubKeyAlgo)) { RSAKeyValue rsaKeyValue = new RSAKeyValue(writer.getDocument(), key); writer.getCurrentNode().appendChild(rsaKeyValue.getElement()); } writer.writeEndElement(); } writer.writeEndElement(); writer.writeEndElement(); }
Example 5
Source File: AbstractSTSClient.java From cxf with Apache License 2.0 | 5 votes |
protected void writeElementsForRSTPublicKey(W3CDOMStreamWriter writer, X509Certificate cert) throws Exception { writer.writeStartElement("wst", "UseKey", namespace); writer.writeStartElement("ds", "KeyInfo", "http://www.w3.org/2000/09/xmldsig#"); writer.writeNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); boolean useCert = useCertificateForConfirmationKeyInfo; String useCertStr = (String)getProperty(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO); if (useCertStr != null) { useCert = Boolean.parseBoolean(useCertStr); } if (useCert) { X509Data certElem = new X509Data(writer.getDocument()); certElem.addCertificate(cert); writer.getCurrentNode().appendChild(certElem.getElement()); } else { writer.writeStartElement("ds", "KeyValue", "http://www.w3.org/2000/09/xmldsig#"); PublicKey key = cert.getPublicKey(); String pubKeyAlgo = key.getAlgorithm(); if ("DSA".equalsIgnoreCase(pubKeyAlgo)) { DSAKeyValue dsaKeyValue = new DSAKeyValue(writer.getDocument(), key); writer.getCurrentNode().appendChild(dsaKeyValue.getElement()); } else if ("RSA".equalsIgnoreCase(pubKeyAlgo)) { RSAKeyValue rsaKeyValue = new RSAKeyValue(writer.getDocument(), key); writer.getCurrentNode().appendChild(rsaKeyValue.getElement()); } writer.writeEndElement(); } writer.writeEndElement(); writer.writeEndElement(); }
Example 6
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 5 votes |
protected void writeElementsForRSTPublicKey(W3CDOMStreamWriter writer, X509Certificate cert) throws Exception { writer.writeStartElement("wst", "UseKey", namespace); writer.writeStartElement("ds", "KeyInfo", "http://www.w3.org/2000/09/xmldsig#"); writer.writeNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); boolean useCert = useCertificateForConfirmationKeyInfo; String useCertStr = (String)getProperty(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO); if (useCertStr != null) { useCert = Boolean.parseBoolean(useCertStr); } if (useCert) { X509Data certElem = new X509Data(writer.getDocument()); certElem.addCertificate(cert); writer.getCurrentNode().appendChild(certElem.getElement()); } else { writer.writeStartElement("ds", "KeyValue", "http://www.w3.org/2000/09/xmldsig#"); PublicKey key = cert.getPublicKey(); String pubKeyAlgo = key.getAlgorithm(); if ("DSA".equalsIgnoreCase(pubKeyAlgo)) { DSAKeyValue dsaKeyValue = new DSAKeyValue(writer.getDocument(), key); writer.getCurrentNode().appendChild(dsaKeyValue.getElement()); } else if ("RSA".equalsIgnoreCase(pubKeyAlgo)) { RSAKeyValue rsaKeyValue = new RSAKeyValue(writer.getDocument(), key); writer.getCurrentNode().appendChild(rsaKeyValue.getElement()); } writer.writeEndElement(); } writer.writeEndElement(); writer.writeEndElement(); }
Example 7
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 5 votes |
protected void writeElementsForRSTPublicKey(W3CDOMStreamWriter writer, X509Certificate cert) throws Exception { writer.writeStartElement("wst", "UseKey", namespace); writer.writeStartElement("ds", "KeyInfo", "http://www.w3.org/2000/09/xmldsig#"); writer.writeNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); boolean useCert = useCertificateForConfirmationKeyInfo; String useCertStr = (String)getProperty(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO); if (useCertStr != null) { useCert = Boolean.parseBoolean(useCertStr); } if (useCert) { X509Data certElem = new X509Data(writer.getDocument()); certElem.addCertificate(cert); writer.getCurrentNode().appendChild(certElem.getElement()); } else { writer.writeStartElement("ds", "KeyValue", "http://www.w3.org/2000/09/xmldsig#"); PublicKey key = cert.getPublicKey(); String pubKeyAlgo = key.getAlgorithm(); if ("DSA".equalsIgnoreCase(pubKeyAlgo)) { DSAKeyValue dsaKeyValue = new DSAKeyValue(writer.getDocument(), key); writer.getCurrentNode().appendChild(dsaKeyValue.getElement()); } else if ("RSA".equalsIgnoreCase(pubKeyAlgo)) { RSAKeyValue rsaKeyValue = new RSAKeyValue(writer.getDocument(), key); writer.getCurrentNode().appendChild(rsaKeyValue.getElement()); } writer.writeEndElement(); } writer.writeEndElement(); writer.writeEndElement(); }
Example 8
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 5 votes |
protected void writeElementsForRSTPublicKey(W3CDOMStreamWriter writer, X509Certificate cert) throws Exception { writer.writeStartElement("wst", "UseKey", namespace); writer.writeStartElement("ds", "KeyInfo", "http://www.w3.org/2000/09/xmldsig#"); writer.writeNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); boolean useCert = useCertificateForConfirmationKeyInfo; String useCertStr = (String)getProperty(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO); if (useCertStr != null) { useCert = Boolean.parseBoolean(useCertStr); } if (useCert) { X509Data certElem = new X509Data(writer.getDocument()); certElem.addCertificate(cert); writer.getCurrentNode().appendChild(certElem.getElement()); } else { writer.writeStartElement("ds", "KeyValue", "http://www.w3.org/2000/09/xmldsig#"); PublicKey key = cert.getPublicKey(); String pubKeyAlgo = key.getAlgorithm(); if ("DSA".equalsIgnoreCase(pubKeyAlgo)) { DSAKeyValue dsaKeyValue = new DSAKeyValue(writer.getDocument(), key); writer.getCurrentNode().appendChild(dsaKeyValue.getElement()); } else if ("RSA".equalsIgnoreCase(pubKeyAlgo)) { RSAKeyValue rsaKeyValue = new RSAKeyValue(writer.getDocument(), key); writer.getCurrentNode().appendChild(rsaKeyValue.getElement()); } writer.writeEndElement(); } writer.writeEndElement(); writer.writeEndElement(); }
Example 9
Source File: SimpleBatchSTSClient.java From cxf with Apache License 2.0 | 4 votes |
public List<SecurityToken> requestBatchSecurityTokens( List<BatchRequest> batchRequestList, String action, String requestType ) throws Exception { createClient(); BindingOperationInfo boi = findOperation("/BatchIssue"); client.getRequestContext().putAll(ctx); client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, action); W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityTokenCollection", namespace); writer.writeNamespace("wst", namespace); for (BatchRequest batchRequest : batchRequestList) { writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); addRequestType(requestType, writer); if (enableAppliesTo) { addAppliesTo(writer, batchRequest.getAppliesTo()); } writeKeyType(writer, batchRequest.getKeyType()); addLifetime(writer); addTokenType(writer, batchRequest.getTokenType()); writer.writeEndElement(); } writer.writeEndElement(); Object[] obj = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); Element responseCollection = getDocumentElement((DOMSource)obj[0]); Node child = responseCollection.getFirstChild(); List<SecurityToken> tokens = new ArrayList<>(); while (child != null) { if (child instanceof Element && "RequestSecurityTokenResponse".equals(((Element)child).getLocalName())) { SecurityToken token = createSecurityToken((Element)child, null); tokens.add(token); } child = child.getNextSibling(); } return tokens; }
Example 10
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 4 votes |
/** * Make an "Validate" invocation and return the response as a STSResponse Object */ protected STSResponse validate(SecurityToken tok, String tokentype) throws Exception { createClient(); if (tokentype == null) { tokentype = tokenType; } if (tokentype == null) { tokentype = namespace + "/RSTR/Status"; } if (addressingNamespace == null) { addressingNamespace = "http://www.w3.org/2005/08/addressing"; } Policy validatePolicy = new Policy(); ExactlyOne one = new ExactlyOne(); validatePolicy.addPolicyComponent(one); All all = new All(); one.addPolicyComponent(all); all.addAssertion(getAddressingAssertion()); client.getRequestContext().clear(); client.getRequestContext().putAll(ctx); client.getRequestContext().put(SecurityConstants.TOKEN, tok); BindingOperationInfo boi = findOperation("/RST/Validate"); if (boi == null) { boi = findOperation("/RST/Issue"); client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, validatePolicy); } client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Validate"); W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); writer.writeStartElement("wst", "RequestType", namespace); writer.writeCharacters(namespace + "/Validate"); writer.writeEndElement(); writer.writeStartElement("wst", "TokenType", namespace); writer.writeCharacters(tokentype); writer.writeEndElement(); writer.writeStartElement("wst", "ValidateTarget", namespace); Element el = tok.getToken(); StaxUtils.copy(el, writer); writer.writeEndElement(); writer.writeEndElement(); Object o[] = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); return new STSResponse((DOMSource)o[0], null); }
Example 11
Source File: AbstractSTSClient.java From cxf with Apache License 2.0 | 4 votes |
/** * Make an "Renew" invocation and return the response as a STSResponse Object */ public STSResponse renew(SecurityToken tok) throws Exception { createClient(); BindingOperationInfo boi = findOperation("/RST/Renew"); client.getRequestContext().putAll(ctx); client.getRequestContext().remove(SecurityConstants.TOKEN_ID); if (isSecureConv) { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/SCT/Renew"); } else { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Renew"); } W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); if (context != null) { writer.writeAttribute(null, "Context", context); } String sptt = null; if (template != null && DOMUtils.getFirstElement(template) != null) { if (this.useSecondaryParameters()) { writer.writeStartElement("wst", "SecondaryParameters", namespace); } Element tl = DOMUtils.getFirstElement(template); while (tl != null) { StaxUtils.copy(tl, writer); if ("TokenType".equals(tl.getLocalName())) { sptt = DOMUtils.getContent(tl); } tl = DOMUtils.getNextElement(tl); } if (this.useSecondaryParameters()) { writer.writeEndElement(); } } if (isSpnego) { tokenType = STSUtils.getTokenTypeSCT(namespace); } if (sptt == null) { addTokenType(writer); } addRequestType("/Renew", writer); if (enableAppliesTo) { addAppliesTo(writer, tok.getIssuerAddress()); } if (isSecureConv || enableLifetime) { addLifetime(writer); } writer.writeStartElement("wst", "RenewTarget", namespace); StaxUtils.copy(tok.getToken(), writer); writer.writeEndElement(); // Write out renewal semantics writeRenewalSemantics(writer); writer.writeEndElement(); Object[] obj = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); @SuppressWarnings("unchecked") Collection<Attachment> attachments = (Collection<Attachment>)client.getResponseContext().get(Message.ATTACHMENTS); return new STSResponse((DOMSource)obj[0], null, null, null, attachments); }
Example 12
Source File: MetadataWriter.java From cxf with Apache License 2.0 | 4 votes |
public Document getMetaData( String serviceURL, String assertionConsumerServiceURL, String logoutURL, Key signingKey, X509Certificate signingCert, boolean wantRequestsSigned ) throws Exception { W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartDocument(StandardCharsets.UTF_8.name(), "1.0"); String referenceID = IDGenerator.generateID("_"); writer.writeStartElement("md", "EntityDescriptor", SSOConstants.SAML2_METADATA_NS); writer.writeAttribute("ID", referenceID); writer.writeAttribute("entityID", serviceURL); writer.writeNamespace("md", SSOConstants.SAML2_METADATA_NS); writer.writeNamespace("wsa", SSOConstants.WS_ADDRESSING_NS); writer.writeNamespace("xsi", SSOConstants.SCHEMA_INSTANCE_NS); writeSAMLMetadata(writer, assertionConsumerServiceURL, logoutURL, signingCert, wantRequestsSigned); writer.writeEndElement(); // EntityDescriptor writer.writeEndDocument(); writer.close(); if (LOG.isDebugEnabled()) { String out = DOM2Writer.nodeToString(writer.getDocument()); LOG.debug("***************** unsigned ****************"); LOG.debug(out); LOG.debug("***************** unsigned ****************"); } Document doc = writer.getDocument(); if (signingKey != null) { return signMetaInfo(signingCert, signingKey, doc, referenceID); } return doc; }
Example 13
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 4 votes |
/** * Make an "Cancel" invocation and return the response as a STSResponse Object */ protected STSResponse cancel(SecurityToken token) throws Exception { createClient(); if (addressingNamespace == null) { addressingNamespace = "http://www.w3.org/2005/08/addressing"; } client.getRequestContext().clear(); client.getRequestContext().putAll(ctx); client.getRequestContext().put(SecurityConstants.TOKEN, token); BindingOperationInfo boi = findOperation("/RST/Cancel"); boolean attachTokenDirectly = true; if (boi == null) { attachTokenDirectly = false; boi = findOperation("/RST/Issue"); Policy cancelPolicy = new Policy(); ExactlyOne one = new ExactlyOne(); cancelPolicy.addPolicyComponent(one); All all = new All(); one.addPolicyComponent(all); all.addAssertion(getAddressingAssertion()); PolicyBuilder pbuilder = bus.getExtension(PolicyBuilder.class); SymmetricBinding binding = new SymmetricBinding(pbuilder); all.addAssertion(binding); all.addAssertion(getAddressingAssertion()); ProtectionToken ptoken = new ProtectionToken(pbuilder); binding.setProtectionToken(ptoken); binding.setIncludeTimestamp(true); binding.setEntireHeadersAndBodySignatures(true); binding.setTokenProtection(false); AlgorithmSuite suite = new AlgorithmSuite(); binding.setAlgorithmSuite(suite); SecureConversationToken sct = new SecureConversationToken(); sct.setOptional(true); ptoken.setToken(sct); SignedEncryptedParts parts = new SignedEncryptedParts(true); parts.setOptional(true); parts.setBody(true); parts.addHeader(new Header("To", addressingNamespace)); parts.addHeader(new Header("From", addressingNamespace)); parts.addHeader(new Header("FaultTo", addressingNamespace)); parts.addHeader(new Header("ReplyTo", addressingNamespace)); parts.addHeader(new Header("Action", addressingNamespace)); parts.addHeader(new Header("MessageID", addressingNamespace)); parts.addHeader(new Header("RelatesTo", addressingNamespace)); all.addPolicyComponent(parts); client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, cancelPolicy); } if (isSecureConv) { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/SCT/Cancel"); } else { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Cancel"); } W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); writer.writeStartElement("wst", "RequestType", namespace); writer.writeCharacters(namespace + "/Cancel"); writer.writeEndElement(); writer.writeStartElement("wst", "CancelTarget", namespace); Element el = null; if (attachTokenDirectly) { el = token.getToken(); } else { el = token.getUnattachedReference(); if (el == null) { el = token.getAttachedReference(); } } StaxUtils.copy(el, writer); writer.writeEndElement(); writer.writeEndElement(); Object[] obj = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); return new STSResponse((DOMSource)obj[0], null); }
Example 14
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 4 votes |
/** * Make an "Validate" invocation and return the response as a STSResponse Object */ protected STSResponse validate(SecurityToken tok, String tokentype) throws Exception { createClient(); if (tokentype == null) { tokentype = tokenType; } if (tokentype == null) { tokentype = namespace + "/RSTR/Status"; } if (addressingNamespace == null) { addressingNamespace = "http://www.w3.org/2005/08/addressing"; } Policy validatePolicy = new Policy(); ExactlyOne one = new ExactlyOne(); validatePolicy.addPolicyComponent(one); All all = new All(); one.addPolicyComponent(all); all.addAssertion(getAddressingAssertion()); client.getRequestContext().clear(); client.getRequestContext().putAll(ctx); client.getRequestContext().put(SecurityConstants.TOKEN, tok); BindingOperationInfo boi = findOperation("/RST/Validate"); if (boi == null) { boi = findOperation("/RST/Issue"); client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, validatePolicy); } client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Validate"); W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); writer.writeStartElement("wst", "RequestType", namespace); writer.writeCharacters(namespace + "/Validate"); writer.writeEndElement(); writer.writeStartElement("wst", "TokenType", namespace); writer.writeCharacters(tokentype); writer.writeEndElement(); writer.writeStartElement("wst", "ValidateTarget", namespace); Element el = tok.getToken(); StaxUtils.copy(el, writer); writer.writeEndElement(); writer.writeEndElement(); Object o[] = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); return new STSResponse((DOMSource)o[0], null); }
Example 15
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 4 votes |
/** * Make an "Renew" invocation and return the response as a STSResponse Object */ public STSResponse renew(SecurityToken tok) throws Exception { createClient(); BindingOperationInfo boi = findOperation("/RST/Renew"); client.getRequestContext().putAll(ctx); if (isSecureConv) { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/SCT/Renew"); } else { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Renew"); } W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); if (context != null) { writer.writeAttribute(null, "Context", context); } String sptt = null; if (template != null && DOMUtils.getFirstElement(template) != null) { if (this.useSecondaryParameters()) { writer.writeStartElement("wst", "SecondaryParameters", namespace); } Element tl = DOMUtils.getFirstElement(template); while (tl != null) { StaxUtils.copy(tl, writer); if ("TokenType".equals(tl.getLocalName())) { sptt = DOMUtils.getContent(tl); } tl = DOMUtils.getNextElement(tl); } if (this.useSecondaryParameters()) { writer.writeEndElement(); } } if (isSpnego) { tokenType = STSUtils.getTokenTypeSCT(namespace); } addRequestType("/Renew", writer); if (enableAppliesTo) { addAppliesTo(writer, tok.getIssuerAddress()); } if (sptt == null) { addTokenType(writer); } if (isSecureConv || enableLifetime) { addLifetime(writer); } writer.writeStartElement("wst", "RenewTarget", namespace); client.getRequestContext().put(SecurityConstants.TOKEN, tok); StaxUtils.copy(tok.getToken(), writer); writer.writeEndElement(); writer.writeEndElement(); Object obj[] = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); return new STSResponse((DOMSource)obj[0], null); }
Example 16
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 4 votes |
/** * Make an "Validate" invocation and return the response as a STSResponse Object */ protected STSResponse validate(SecurityToken tok, String tokentype) throws Exception { createClient(); if (tokentype == null) { tokentype = tokenType; } if (tokentype == null) { tokentype = namespace + "/RSTR/Status"; } if (addressingNamespace == null) { addressingNamespace = "http://www.w3.org/2005/08/addressing"; } Policy validatePolicy = new Policy(); ExactlyOne one = new ExactlyOne(); validatePolicy.addPolicyComponent(one); All all = new All(); one.addPolicyComponent(all); all.addAssertion(getAddressingAssertion()); client.getRequestContext().clear(); client.getRequestContext().putAll(ctx); client.getRequestContext().put(SecurityConstants.TOKEN, tok); BindingOperationInfo boi = findOperation("/RST/Validate"); if (boi == null) { boi = findOperation("/RST/Issue"); client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, validatePolicy); } client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Validate"); W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); writer.writeStartElement("wst", "RequestType", namespace); writer.writeCharacters(namespace + "/Validate"); writer.writeEndElement(); writer.writeStartElement("wst", "TokenType", namespace); writer.writeCharacters(tokentype); writer.writeEndElement(); writer.writeStartElement("wst", "ValidateTarget", namespace); Element el = tok.getToken(); StaxUtils.copy(el, writer); writer.writeEndElement(); writer.writeEndElement(); Object o[] = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); return new STSResponse((DOMSource)o[0], null); }
Example 17
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 4 votes |
/** * Make an "Renew" invocation and return the response as a STSResponse Object */ public STSResponse renew(SecurityToken tok) throws Exception { createClient(); BindingOperationInfo boi = findOperation("/RST/Renew"); client.getRequestContext().putAll(ctx); if (isSecureConv) { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/SCT/Renew"); } else { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Renew"); } W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); if (context != null) { writer.writeAttribute(null, "Context", context); } String sptt = null; if (template != null && DOMUtils.getFirstElement(template) != null) { if (this.useSecondaryParameters()) { writer.writeStartElement("wst", "SecondaryParameters", namespace); } Element tl = DOMUtils.getFirstElement(template); while (tl != null) { StaxUtils.copy(tl, writer); if ("TokenType".equals(tl.getLocalName())) { sptt = DOMUtils.getContent(tl); } tl = DOMUtils.getNextElement(tl); } if (this.useSecondaryParameters()) { writer.writeEndElement(); } } if (isSpnego) { tokenType = STSUtils.getTokenTypeSCT(namespace); } addRequestType("/Renew", writer); if (enableAppliesTo) { addAppliesTo(writer, tok.getIssuerAddress()); } if (sptt == null) { addTokenType(writer); } if (isSecureConv || enableLifetime) { addLifetime(writer); } writer.writeStartElement("wst", "RenewTarget", namespace); client.getRequestContext().put(SecurityConstants.TOKEN, tok); StaxUtils.copy(tok.getToken(), writer); writer.writeEndElement(); writer.writeEndElement(); Object obj[] = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); return new STSResponse((DOMSource)obj[0], null); }
Example 18
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 4 votes |
/** * Make an "Cancel" invocation and return the response as a STSResponse Object */ protected STSResponse cancel(SecurityToken token) throws Exception { createClient(); if (addressingNamespace == null) { addressingNamespace = "http://www.w3.org/2005/08/addressing"; } client.getRequestContext().clear(); client.getRequestContext().putAll(ctx); client.getRequestContext().put(SecurityConstants.TOKEN, token); BindingOperationInfo boi = findOperation("/RST/Cancel"); boolean attachTokenDirectly = true; if (boi == null) { attachTokenDirectly = false; boi = findOperation("/RST/Issue"); Policy cancelPolicy = new Policy(); ExactlyOne one = new ExactlyOne(); cancelPolicy.addPolicyComponent(one); All all = new All(); one.addPolicyComponent(all); all.addAssertion(getAddressingAssertion()); PolicyBuilder pbuilder = bus.getExtension(PolicyBuilder.class); SymmetricBinding binding = new SymmetricBinding(pbuilder); all.addAssertion(binding); all.addAssertion(getAddressingAssertion()); ProtectionToken ptoken = new ProtectionToken(pbuilder); binding.setProtectionToken(ptoken); binding.setIncludeTimestamp(true); binding.setEntireHeadersAndBodySignatures(true); binding.setTokenProtection(false); AlgorithmSuite suite = new AlgorithmSuite(); binding.setAlgorithmSuite(suite); SecureConversationToken sct = new SecureConversationToken(); sct.setOptional(true); ptoken.setToken(sct); SignedEncryptedParts parts = new SignedEncryptedParts(true); parts.setOptional(true); parts.setBody(true); parts.addHeader(new Header("To", addressingNamespace)); parts.addHeader(new Header("From", addressingNamespace)); parts.addHeader(new Header("FaultTo", addressingNamespace)); parts.addHeader(new Header("ReplyTo", addressingNamespace)); parts.addHeader(new Header("Action", addressingNamespace)); parts.addHeader(new Header("MessageID", addressingNamespace)); parts.addHeader(new Header("RelatesTo", addressingNamespace)); all.addPolicyComponent(parts); client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, cancelPolicy); } if (isSecureConv) { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/SCT/Cancel"); } else { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Cancel"); } W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); writer.writeStartElement("wst", "RequestType", namespace); writer.writeCharacters(namespace + "/Cancel"); writer.writeEndElement(); writer.writeStartElement("wst", "CancelTarget", namespace); Element el = null; if (attachTokenDirectly) { el = token.getToken(); } else { el = token.getUnattachedReference(); if (el == null) { el = token.getAttachedReference(); } } StaxUtils.copy(el, writer); writer.writeEndElement(); writer.writeEndElement(); Object[] obj = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); return new STSResponse((DOMSource)obj[0], null); }
Example 19
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 4 votes |
/** * Make an "Validate" invocation and return the response as a STSResponse Object */ protected STSResponse validate(SecurityToken tok, String tokentype) throws Exception { createClient(); if (tokentype == null) { tokentype = tokenType; } if (tokentype == null) { tokentype = namespace + "/RSTR/Status"; } if (addressingNamespace == null) { addressingNamespace = "http://www.w3.org/2005/08/addressing"; } Policy validatePolicy = new Policy(); ExactlyOne one = new ExactlyOne(); validatePolicy.addPolicyComponent(one); All all = new All(); one.addPolicyComponent(all); all.addAssertion(getAddressingAssertion()); client.getRequestContext().clear(); client.getRequestContext().putAll(ctx); client.getRequestContext().put(SecurityConstants.TOKEN, tok); BindingOperationInfo boi = findOperation("/RST/Validate"); if (boi == null) { boi = findOperation("/RST/Issue"); client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, validatePolicy); } client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Validate"); W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); writer.writeStartElement("wst", "RequestType", namespace); writer.writeCharacters(namespace + "/Validate"); writer.writeEndElement(); writer.writeStartElement("wst", "TokenType", namespace); writer.writeCharacters(tokentype); writer.writeEndElement(); writer.writeStartElement("wst", "ValidateTarget", namespace); Element el = tok.getToken(); StaxUtils.copy(el, writer); writer.writeEndElement(); writer.writeEndElement(); Object o[] = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); return new STSResponse((DOMSource)o[0], null); }
Example 20
Source File: AbstractSTSClient.java From steady with Apache License 2.0 | 4 votes |
/** * Make an "Renew" invocation and return the response as a STSResponse Object */ public STSResponse renew(SecurityToken tok) throws Exception { createClient(); BindingOperationInfo boi = findOperation("/RST/Renew"); client.getRequestContext().putAll(ctx); if (isSecureConv) { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/SCT/Renew"); } else { client.getRequestContext().put(SoapBindingConstants.SOAP_ACTION, namespace + "/RST/Renew"); } W3CDOMStreamWriter writer = new W3CDOMStreamWriter(); writer.writeStartElement("wst", "RequestSecurityToken", namespace); writer.writeNamespace("wst", namespace); if (context != null) { writer.writeAttribute(null, "Context", context); } String sptt = null; if (template != null && DOMUtils.getFirstElement(template) != null) { if (this.useSecondaryParameters()) { writer.writeStartElement("wst", "SecondaryParameters", namespace); } Element tl = DOMUtils.getFirstElement(template); while (tl != null) { StaxUtils.copy(tl, writer); if ("TokenType".equals(tl.getLocalName())) { sptt = DOMUtils.getContent(tl); } tl = DOMUtils.getNextElement(tl); } if (this.useSecondaryParameters()) { writer.writeEndElement(); } } if (isSpnego) { tokenType = STSUtils.getTokenTypeSCT(namespace); } addRequestType("/Renew", writer); if (enableAppliesTo) { addAppliesTo(writer, tok.getIssuerAddress()); } if (sptt == null) { addTokenType(writer); } if (isSecureConv || enableLifetime) { addLifetime(writer); } writer.writeStartElement("wst", "RenewTarget", namespace); client.getRequestContext().put(SecurityConstants.TOKEN, tok); StaxUtils.copy(tok.getToken(), writer); writer.writeEndElement(); writer.writeEndElement(); Object obj[] = client.invoke(boi, new DOMSource(writer.getDocument().getDocumentElement())); return new STSResponse((DOMSource)obj[0], null); }