Example 11 with EncodeAction
use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.
the class AttributeValidator method encodedAttrs.
/**
* Encodes attribute value if it is of syntax password or encoded_password.
*
* @param attrs Map of the attributes and their values
* @param encryptObj Encryptor
* @return A map which is has replaced values with encrypted ones.
*/
Map encodedAttrs(Map attrs, AMEncryption encryptObj) {
Set values = (Set) attrs.get(as.getName());
if (values == null) {
return attrs;
}
if (as.getSyntax().equals(AttributeSchema.Syntax.PASSWORD) || as.getSyntax().equals(AttributeSchema.Syntax.ENCRYPTED_PASSWORD)) {
// Encrypt the password
Set vals = new HashSet();
for (Iterator items = values.iterator(); items.hasNext(); ) {
String tString = (String) items.next();
try {
vals.add(AccessController.doPrivileged(new EncodeAction(tString, encryptObj)));
} catch (Throwable e) {
debug.error("AttributeValidator.encodedAttrs: Unable to encode", e);
vals.add(tString);
}
}
attrs.put(as.getName(), vals);
}
return (attrs);
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
EncodeAction(com.sun.identity.security.EncodeAction)
Iterator(java.util.Iterator)
HashSet(java.util.HashSet)
Example 12 with EncodeAction
use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.
the class AttributeSchema method updateDefaultValues.
/**
* Method for modifying default values given the XML document
*/
protected void updateDefaultValues(Set defaultValues, Document doc) throws SMSException, SSOException {
// Check if the values are valid
if (ss != null) {
Map tempattrs = new HashMap(1);
tempattrs.put(getName(), defaultValues);
ss.validateAttributes(tempattrs);
}
// Check if the attributes have to be encoded
boolean encode = false;
if (getSyntax().equals(Syntax.PASSWORD) || getSyntax().equals(Syntax.ENCRYPTED_PASSWORD)) {
encode = true;
}
// Construct DefaultValues node
StringBuffer sb = new StringBuffer(100);
sb.append(XML_PREFIX).append(DEFAULT_VALUES_BEGIN);
Iterator items = defaultValues.iterator();
while (items.hasNext()) {
sb.append(VALUE_BEGIN);
if (encode) {
String encString = (String) items.next();
try {
encString = (String) AccessController.doPrivileged(new EncodeAction(encString));
} catch (Throwable e) {
debug.error("AttributeSchema: Unable to encode", e);
}
sb.append(encString);
} else {
sb.append(SMSSchema.escapeSpecialCharacters((String) items.next()));
}
sb.append(VALUE_END);
}
sb.append(DEFAULT_VALUES_END);
updateXMLDocument(sb, SMSUtils.ATTRIBUTE_DEFAULT_ELEMENT, doc);
}
Also used :
EncodeAction(com.sun.identity.security.EncodeAction)
HashMap(java.util.HashMap)
Iterator(java.util.Iterator)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 13 with EncodeAction
use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.
the class ServiceManager method checkAndEncryptPasswordSyntax.
protected static void checkAndEncryptPasswordSyntax(Document doc, boolean encrypt, AMEncryption encryptObj) throws SMSException {
// Get the node list of all AttributeSchema
NodeList nl = doc.getElementsByTagName(SMSUtils.SCHEMA_ATTRIBUTE);
for (int i = 0; i < nl.getLength(); i++) {
Node node = nl.item(i);
// Check if the "syntax" attribute is "password"
String syntax = XMLUtils.getNodeAttributeValue(node, SMSUtils.ATTRIBUTE_SYNTAX);
if (syntax.equals(AttributeSchema.Syntax.PASSWORD.toString())) {
if (debug.messageEnabled()) {
debug.message("ServiceManager: encrypting password syntax");
}
// Get the DefaultValues and encrypt then
Node defaultNode;
if ((defaultNode = XMLUtils.getChildNode(node, SMSUtils.ATTRIBUTE_DEFAULT_ELEMENT)) != null) {
// Get NodeList of "Value" nodes and encrypt them
for (Iterator items = XMLUtils.getChildNodes(defaultNode, SMSUtils.ATTRIBUTE_VALUE).iterator(); items.hasNext(); ) {
Node valueNode = (Node) items.next();
String value = XMLUtils.getValueOfValueNode(valueNode);
String encValue;
// skip empty passwords
if (value.equals("null")) {
continue;
}
if (encrypt) {
if (encryptObj != null) {
value = (String) AccessController.doPrivileged(new DecodeAction(value, encryptObj));
if (value.equals("&#160;")) {
try {
byte[] b = new byte[1];
b[0] = -96;
value = new String(b, "ISO-8859-1");
} catch (UnsupportedEncodingException e) {
//ignore
}
}
}
encValue = (String) AccessController.doPrivileged(new EncodeAction(value));
} else {
encValue = AccessController.doPrivileged(new DecodeAction(value));
if (encValue == null) {
encValue = "&#160;";
} else {
try {
//this is catch the whitespace for password
byte[] b = encValue.getBytes("ISO-8859-1");
if ((b.length == 1) && (b[0] == -96)) {
encValue = "&#160;";
}
} catch (UnsupportedEncodingException e) {
//ignore
}
}
if (encryptObj != null) {
encValue = (String) AccessController.doPrivileged(new EncodeAction(encValue, encryptObj));
}
}
// Construct the encrypted "Value" node
StringBuilder sb = new StringBuilder(100);
sb.append(AttributeSchema.VALUE_BEGIN).append(encValue).append(AttributeSchema.VALUE_END);
Document newDoc = SMSSchema.getXMLDocument(sb.toString(), false);
Node newValueNode = XMLUtils.getRootNode(newDoc, SMSUtils.ATTRIBUTE_VALUE);
// Replace the node
Node nValueNode = doc.importNode(newValueNode, true);
defaultNode.replaceChild(nValueNode, valueNode);
}
}
}
}
}
Also used :
EncodeAction(com.sun.identity.security.EncodeAction)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Iterator(java.util.Iterator)
DecodeAction(com.sun.identity.security.DecodeAction)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Document(org.w3c.dom.Document)
Example 14 with EncodeAction
use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.
the class AMKeyProviderTest method getPrivateKeyUsingProvidedPassword.
@Test
public void getPrivateKeyUsingProvidedPassword() {
String encodedPrivatePass = AccessController.doPrivileged(new EncodeAction(PRIVATE_KEY_PASS));
PrivateKey key = amKeyProvider.getPrivateKey(PRIVATE_KEY_ALIAS, encodedPrivatePass);
Assert.assertNotNull(key);
}
Also used :
PrivateKey(java.security.PrivateKey)
EncodeAction(com.sun.identity.security.EncodeAction)
Test(org.testng.annotations.Test)
Example 15 with EncodeAction
use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.
the class XMLSignatureManagerTest method signXMLWithPrivateKeyUsingPassword.
@Test
public void signXMLWithPrivateKeyUsingPassword() {
Document documentToSign = XMLUtils.toDOMDocument(ClassLoader.getSystemResourceAsStream(XML_DOCUMENT_TO_SIGN), SAML2Utils.debug);
Element signature = null;
String encodedPrivatePass = AccessController.doPrivileged(new EncodeAction(PRIVATE_KEY_PASS));
try {
signature = xmlSignatureManager.signXMLUsingKeyPass(documentToSign, PRIVATE_KEY_ALIAS, encodedPrivatePass, null, SAML2Constants.ID, ID_ATTRIBUTE_VALUE, true, null);
} catch (XMLSignatureException e) {
Assert.fail(e.getMessage());
}
Assert.assertNotNull(signature);
NodeList nodes = documentToSign.getElementsByTagName("ds:Signature");
Assert.assertTrue(nodes.getLength() > 0);
Assert.assertTrue(signature.isEqualNode(nodes.item(0)));
}
Also used :
EncodeAction(com.sun.identity.security.EncodeAction)
Element(org.w3c.dom.Element)
NodeList(org.w3c.dom.NodeList)
Document(org.w3c.dom.Document)
Test(org.testng.annotations.Test)
Aggregations
EncodeAction (com.sun.identity.security.EncodeAction)23
Iterator (java.util.Iterator)8
IOException (java.io.IOException)4
HashSet (java.util.HashSet)4
Set (java.util.Set)4
HashMap (java.util.HashMap)3
NodeList (org.w3c.dom.NodeList)3
DecodeAction (com.sun.identity.security.DecodeAction)2
BufferedReader (java.io.BufferedReader)2
ByteArrayOutputStream (java.io.ByteArrayOutputStream)2
InputStreamReader (java.io.InputStreamReader)2
ObjectOutputStream (java.io.ObjectOutputStream)2
Map (java.util.Map)2
Cookie (javax.servlet.http.Cookie)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
Test (org.testng.annotations.Test)2
Document (org.w3c.dom.Document)2
Node (org.w3c.dom.Node)2
SessionException (com.iplanet.dpro.session.SessionException)1
View (com.iplanet.jato.view.View)1
