Examples with AuthorizationPolicy org.apache.cxf.configuration.security.AuthorizationPolicy used on opensource projects

Search in sources :

Example 76 with AuthorizationPolicy

use of org.apache.cxf.configuration.security.AuthorizationPolicy in project testcases by coheigea.

the class WSS4JBasicAuthFilter method filter.

public void filter(ContainerRequestContext requestContext) throws IOException {
    Message message = JAXRSUtils.getCurrentMessage();
    AuthorizationPolicy policy = message.get(AuthorizationPolicy.class);
    if (policy == null || policy.getUserName() == null || policy.getPassword() == null) {
        requestContext.abortWith(Response.status(401).header("WWW-Authenticate", "Basic realm=\"IdP\"").build());
        return;
    }
    try {
        super.validate(message);
    } catch (Exception ex) {
        throw ExceptionUtils.toInternalServerErrorException(ex, null);
    }
}
Also used : AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) Message(org.apache.cxf.message.Message) IOException(java.io.IOException)

Example 77 with AuthorizationPolicy

use of org.apache.cxf.configuration.security.AuthorizationPolicy in project ipf by oehf.

the class WsSecurityInformation method configureHttpConduit.

protected void configureHttpConduit(HTTPConduit httpConduit) {
    if (isSecure()) {
        var tlsClientParameters = httpConduit.getTlsClientParameters();
        // otherwise we overwrite TLSClientParameters if a custom SslContext is configured
        if (tlsClientParameters == null) {
            tlsClientParameters = new TLSClientParameters();
            maybeUpdateSslContext(tlsClientParameters, true);
        } else {
            maybeUpdateSslContext(tlsClientParameters, false);
        }
        if (getHostnameVerifier() != null) {
            tlsClientParameters.setHostnameVerifier(getHostnameVerifier());
        }
        httpConduit.setTlsClientParameters(tlsClientParameters);
    }
    if (getUsername() != null) {
        var authorizationPolicy = new AuthorizationPolicy();
        authorizationPolicy.setUserName(getUsername());
        authorizationPolicy.setPassword(getPassword());
        httpConduit.setAuthorization(authorizationPolicy);
    }
}
Also used : TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters) AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy)

Example 78 with AuthorizationPolicy

use of org.apache.cxf.configuration.security.AuthorizationPolicy in project fh by assecopl.

the class WebServiceClientUtil method createBasicPort.

protected <E> E createBasicPort(Class<E> serviceCalzz, String address, String user, String password, AuthorizationTypeEnum authType, boolean logOn, Map<String, List<String>> headers, String proxyHost, Integer proxyPort, String proxyUser, String proxyPassword) {
    JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
    factory.setServiceClass(serviceCalzz);
    factory.setAddress(address);
    List features = new ArrayList<>(factory.getFeatures());
    WSPolicyFeature wsPolicyFeature = new WSPolicyFeature();
    wsPolicyFeature.setEnabled(true);
    wsPolicyFeature.setIgnoreUnknownAssertions(true);
    features.add(wsPolicyFeature);
    factory.setFeatures(features);
    E port = (E) factory.create();
    Client client = ClientProxy.getClient(port);
    HTTPConduit http = (HTTPConduit) client.getConduit();
    if (authType != null) {
        AuthorizationPolicy authPolicy = new AuthorizationPolicy();
        authPolicy.setAuthorizationType(authType.name());
        authPolicy.setUserName(user);
        authPolicy.setPassword(password);
        http.setAuthorization(authPolicy);
    }
    HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
    httpClientPolicy.setConnectionTimeout(conectTimeout);
    httpClientPolicy.setReceiveTimeout(requestTimeout);
    if (StringUtils.isNotBlank(proxyHost) && proxyPort != null) {
        httpClientPolicy.setProxyServerType(ProxyServerType.HTTP);
        httpClientPolicy.setProxyServer(proxyHost);
        httpClientPolicy.setProxyServerPort(proxyPort);
    }
    http.setClient(httpClientPolicy);
    Map<String, Object> requestContext = client.getRequestContext();
    requestContext.put(CONNECT_TIMEOUT, httpClientPolicy.getConnectionTimeout());
    // Timeout in millis
    requestContext.put(REQUEST_TIMEOUT, httpClientPolicy.getReceiveTimeout());
    // Add HTTP headers to the web service request
    if (headers != null) {
        requestContext.put(Message.PROTOCOL_HEADERS, headers);
    }
    if (address.startsWith("https") || customSSLSocketFactory != null) {
        HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
        if (customSSLSocketFactory == null) {
            customSSLSocketFactory = new BlindSSLSocketFactory();
        }
        TLSClientParameters tlsCP = new TLSClientParameters();
        // you can set up the SSLSocketFactory on the TLSClientParameter
        tlsCP.setSSLSocketFactory(customSSLSocketFactory);
        tlsCP.setDisableCNCheck(true);
        // setup the TLSClientParameters on the HttpConduit
        httpConduit.setTlsClientParameters(tlsCP);
    }
    if (configInterceptors != null) {
        configInterceptors.addInterceptor(client);
    }
    if (!logOn) {
        removeLoggingInterceptors(client);
    }
    if (configWebServiceClient != null) {
        configWebServiceClient.configPort(port);
    }
    return port;
}
Also used : TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters) WSPolicyFeature(org.apache.cxf.ws.policy.WSPolicyFeature) JaxWsProxyFactoryBean(org.apache.cxf.jaxws.JaxWsProxyFactoryBean) ArrayList(java.util.ArrayList) HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) HTTPClientPolicy(org.apache.cxf.transports.http.configuration.HTTPClientPolicy) BlindSSLSocketFactory(pl.fhframework.dp.commons.utils.net.BlindSSLSocketFactory) ArrayList(java.util.ArrayList) List(java.util.List) Client(org.apache.cxf.endpoint.Client)

Example 79 with AuthorizationPolicy

use of org.apache.cxf.configuration.security.AuthorizationPolicy in project liima by liimaorg.

the class DynWSAuthHTTPConduitConfigurer method configure.

@Override
public void configure(String name, String address, HTTPConduit conduit) {
    if (username != null) {
        AuthorizationPolicy ap = new AuthorizationPolicy();
        ap.setUserName(username);
        ap.setPassword(password);
        conduit.setAuthorization(ap);
    }
    // override the ssl configuration of cxf and use the default implementation instead
    // CXF doesn't like pkcs12 keystore for some reason (Default key managers cannot be initialized: Invalid keystore format)
    TLSClientParameters tls = new TLSClientParameters();
    try {
        tls.setSSLSocketFactory(SSLContext.getDefault().getSocketFactory());
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }
    conduit.setTlsClientParameters(tls);
}
Also used : AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)

Example 80 with AuthorizationPolicy

use of org.apache.cxf.configuration.security.AuthorizationPolicy in project jbpm by kiegroup.

the class WebServiceWorkItemHandler method applyAuthorization.

protected void applyAuthorization(String userName, String password, Client client) {
    if (userName != null && password != null) {
        HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
        AuthorizationPolicy authorizationPolicy = new AuthorizationPolicy();
        authorizationPolicy.setUserName(userName);
        authorizationPolicy.setPassword(password);
        authorizationPolicy.setAuthorizationType("Basic");
        httpConduit.setAuthorization(authorizationPolicy);
    } else {
        logger.warn("UserName and Password must be provided to set the authorization policy.");
    }
}
Also used : HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy)

Aggregations

AuthorizationPolicy (org.apache.cxf.configuration.security.AuthorizationPolicy)86 Message (org.apache.cxf.message.Message)25 Test (org.junit.Test)22 HTTPConduit (org.apache.cxf.transport.http.HTTPConduit)16 IOException (java.io.IOException)15 ArrayList (java.util.ArrayList)11 Client (org.apache.cxf.endpoint.Client)11 List (java.util.List)9 HTTPClientPolicy (org.apache.cxf.transports.http.configuration.HTTPClientPolicy)9 URL (java.net.URL)7 HashMap (java.util.HashMap)7 ProxyAuthorizationPolicy (org.apache.cxf.configuration.security.ProxyAuthorizationPolicy)7 Map (java.util.Map)6 SecurityContext (org.apache.cxf.security.SecurityContext)6 Bus (org.apache.cxf.Bus)5 TLSClientParameters (org.apache.cxf.configuration.jsse.TLSClientParameters)5 WebClient (org.apache.cxf.jaxrs.client.WebClient)5 MessageImpl (org.apache.cxf.message.MessageImpl)5 EndpointInfo (org.apache.cxf.service.model.EndpointInfo)5 Principal (java.security.Principal)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial