Search in sources :

Example 11 with EncodeAction

use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.

the class AttributeValidator method encodedAttrs.

/**
     * Encodes attribute value if it is of syntax password or encoded_password.
     * 
     * @param attrs Map of the attributes and their values
     * @param encryptObj Encryptor
     * @return A map which is has replaced values with encrypted ones.
     */
Map encodedAttrs(Map attrs, AMEncryption encryptObj) {
    Set values = (Set) attrs.get(as.getName());
    if (values == null) {
        return attrs;
    }
    if (as.getSyntax().equals(AttributeSchema.Syntax.PASSWORD) || as.getSyntax().equals(AttributeSchema.Syntax.ENCRYPTED_PASSWORD)) {
        // Encrypt the password
        Set vals = new HashSet();
        for (Iterator items = values.iterator(); items.hasNext(); ) {
            String tString = (String) items.next();
            try {
                vals.add(AccessController.doPrivileged(new EncodeAction(tString, encryptObj)));
            } catch (Throwable e) {
                debug.error("AttributeValidator.encodedAttrs: Unable to encode", e);
                vals.add(tString);
            }
        }
        attrs.put(as.getName(), vals);
    }
    return (attrs);
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) EncodeAction(com.sun.identity.security.EncodeAction) Iterator(java.util.Iterator) HashSet(java.util.HashSet)

Example 12 with EncodeAction

use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.

the class AttributeSchema method updateDefaultValues.

/**
     * Method for modifying default values given the XML document
     */
protected void updateDefaultValues(Set defaultValues, Document doc) throws SMSException, SSOException {
    // Check if the values are valid
    if (ss != null) {
        Map tempattrs = new HashMap(1);
        tempattrs.put(getName(), defaultValues);
        ss.validateAttributes(tempattrs);
    }
    // Check if the attributes have to be encoded
    boolean encode = false;
    if (getSyntax().equals(Syntax.PASSWORD) || getSyntax().equals(Syntax.ENCRYPTED_PASSWORD)) {
        encode = true;
    }
    // Construct DefaultValues node
    StringBuffer sb = new StringBuffer(100);
    sb.append(XML_PREFIX).append(DEFAULT_VALUES_BEGIN);
    Iterator items = defaultValues.iterator();
    while (items.hasNext()) {
        sb.append(VALUE_BEGIN);
        if (encode) {
            String encString = (String) items.next();
            try {
                encString = (String) AccessController.doPrivileged(new EncodeAction(encString));
            } catch (Throwable e) {
                debug.error("AttributeSchema: Unable to encode", e);
            }
            sb.append(encString);
        } else {
            sb.append(SMSSchema.escapeSpecialCharacters((String) items.next()));
        }
        sb.append(VALUE_END);
    }
    sb.append(DEFAULT_VALUES_END);
    updateXMLDocument(sb, SMSUtils.ATTRIBUTE_DEFAULT_ELEMENT, doc);
}
Also used : EncodeAction(com.sun.identity.security.EncodeAction) HashMap(java.util.HashMap) Iterator(java.util.Iterator) HashMap(java.util.HashMap) Map(java.util.Map)

Example 13 with EncodeAction

use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.

the class ServiceManager method checkAndEncryptPasswordSyntax.

protected static void checkAndEncryptPasswordSyntax(Document doc, boolean encrypt, AMEncryption encryptObj) throws SMSException {
    // Get the node list of all AttributeSchema
    NodeList nl = doc.getElementsByTagName(SMSUtils.SCHEMA_ATTRIBUTE);
    for (int i = 0; i < nl.getLength(); i++) {
        Node node = nl.item(i);
        // Check if the "syntax" attribute is "password"
        String syntax = XMLUtils.getNodeAttributeValue(node, SMSUtils.ATTRIBUTE_SYNTAX);
        if (syntax.equals(AttributeSchema.Syntax.PASSWORD.toString())) {
            if (debug.messageEnabled()) {
                debug.message("ServiceManager: encrypting password syntax");
            }
            // Get the DefaultValues and encrypt then
            Node defaultNode;
            if ((defaultNode = XMLUtils.getChildNode(node, SMSUtils.ATTRIBUTE_DEFAULT_ELEMENT)) != null) {
                // Get NodeList of "Value" nodes and encrypt them
                for (Iterator items = XMLUtils.getChildNodes(defaultNode, SMSUtils.ATTRIBUTE_VALUE).iterator(); items.hasNext(); ) {
                    Node valueNode = (Node) items.next();
                    String value = XMLUtils.getValueOfValueNode(valueNode);
                    String encValue;
                    // skip empty passwords
                    if (value.equals("null")) {
                        continue;
                    }
                    if (encrypt) {
                        if (encryptObj != null) {
                            value = (String) AccessController.doPrivileged(new DecodeAction(value, encryptObj));
                            if (value.equals("&amp;#160;")) {
                                try {
                                    byte[] b = new byte[1];
                                    b[0] = -96;
                                    value = new String(b, "ISO-8859-1");
                                } catch (UnsupportedEncodingException e) {
                                //ignore
                                }
                            }
                        }
                        encValue = (String) AccessController.doPrivileged(new EncodeAction(value));
                    } else {
                        encValue = AccessController.doPrivileged(new DecodeAction(value));
                        if (encValue == null) {
                            encValue = "&amp;#160;";
                        } else {
                            try {
                                //this is catch the whitespace for password
                                byte[] b = encValue.getBytes("ISO-8859-1");
                                if ((b.length == 1) && (b[0] == -96)) {
                                    encValue = "&amp;#160;";
                                }
                            } catch (UnsupportedEncodingException e) {
                            //ignore
                            }
                        }
                        if (encryptObj != null) {
                            encValue = (String) AccessController.doPrivileged(new EncodeAction(encValue, encryptObj));
                        }
                    }
                    // Construct the encrypted "Value" node
                    StringBuilder sb = new StringBuilder(100);
                    sb.append(AttributeSchema.VALUE_BEGIN).append(encValue).append(AttributeSchema.VALUE_END);
                    Document newDoc = SMSSchema.getXMLDocument(sb.toString(), false);
                    Node newValueNode = XMLUtils.getRootNode(newDoc, SMSUtils.ATTRIBUTE_VALUE);
                    // Replace the node
                    Node nValueNode = doc.importNode(newValueNode, true);
                    defaultNode.replaceChild(nValueNode, valueNode);
                }
            }
        }
    }
}
Also used : EncodeAction(com.sun.identity.security.EncodeAction) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) Iterator(java.util.Iterator) DecodeAction(com.sun.identity.security.DecodeAction) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Document(org.w3c.dom.Document)

Example 14 with EncodeAction

use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.

the class AMKeyProviderTest method getPrivateKeyUsingProvidedPassword.

@Test
public void getPrivateKeyUsingProvidedPassword() {
    String encodedPrivatePass = AccessController.doPrivileged(new EncodeAction(PRIVATE_KEY_PASS));
    PrivateKey key = amKeyProvider.getPrivateKey(PRIVATE_KEY_ALIAS, encodedPrivatePass);
    Assert.assertNotNull(key);
}
Also used : PrivateKey(java.security.PrivateKey) EncodeAction(com.sun.identity.security.EncodeAction) Test(org.testng.annotations.Test)

Example 15 with EncodeAction

use of com.sun.identity.security.EncodeAction in project OpenAM by OpenRock.

the class XMLSignatureManagerTest method signXMLWithPrivateKeyUsingPassword.

@Test
public void signXMLWithPrivateKeyUsingPassword() {
    Document documentToSign = XMLUtils.toDOMDocument(ClassLoader.getSystemResourceAsStream(XML_DOCUMENT_TO_SIGN), SAML2Utils.debug);
    Element signature = null;
    String encodedPrivatePass = AccessController.doPrivileged(new EncodeAction(PRIVATE_KEY_PASS));
    try {
        signature = xmlSignatureManager.signXMLUsingKeyPass(documentToSign, PRIVATE_KEY_ALIAS, encodedPrivatePass, null, SAML2Constants.ID, ID_ATTRIBUTE_VALUE, true, null);
    } catch (XMLSignatureException e) {
        Assert.fail(e.getMessage());
    }
    Assert.assertNotNull(signature);
    NodeList nodes = documentToSign.getElementsByTagName("ds:Signature");
    Assert.assertTrue(nodes.getLength() > 0);
    Assert.assertTrue(signature.isEqualNode(nodes.item(0)));
}
Also used : EncodeAction(com.sun.identity.security.EncodeAction) Element(org.w3c.dom.Element) NodeList(org.w3c.dom.NodeList) Document(org.w3c.dom.Document) Test(org.testng.annotations.Test)

Aggregations

EncodeAction (com.sun.identity.security.EncodeAction)23 Iterator (java.util.Iterator)8 IOException (java.io.IOException)4 HashSet (java.util.HashSet)4 Set (java.util.Set)4 HashMap (java.util.HashMap)3 NodeList (org.w3c.dom.NodeList)3 DecodeAction (com.sun.identity.security.DecodeAction)2 BufferedReader (java.io.BufferedReader)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 InputStreamReader (java.io.InputStreamReader)2 ObjectOutputStream (java.io.ObjectOutputStream)2 Map (java.util.Map)2 Cookie (javax.servlet.http.Cookie)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 Test (org.testng.annotations.Test)2 Document (org.w3c.dom.Document)2 Node (org.w3c.dom.Node)2 SessionException (com.iplanet.dpro.session.SessionException)1 View (com.iplanet.jato.view.View)1