Examples with ClaimCollection org.apache.cxf.rt.security.claims.ClaimCollection used on opensource projects

Search in sources :

Example 36 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class LDAPClaimsTest method testRetrieveClaims.

@org.junit.Test
public void testRetrieveClaims() throws Exception {
    LdapClaimsHandler claimsHandler = (LdapClaimsHandler) appContext.getBean("testClaimsHandler");
    ClaimsManager claimsManager = new ClaimsManager();
    claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
    String user = props.getProperty("claimUser");
    Assert.assertNotNull(user, "Property 'claimUser' not configured");
    ClaimCollection requestedClaims = createRequestClaimCollection();
    List<String> expectedClaims = new ArrayList<>();
    expectedClaims.add(ClaimTypes.FIRSTNAME.toString());
    expectedClaims.add(ClaimTypes.LASTNAME.toString());
    expectedClaims.add(ClaimTypes.EMAILADDRESS.toString());
    ClaimsParameters params = new ClaimsParameters();
    params.setPrincipal(new CustomTokenPrincipal(user));
    ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params);
    Assert.assertTrue("Retrieved number of claims [" + retrievedClaims.size() + "] doesn't match with expected [" + expectedClaims.size() + "]", retrievedClaims.size() == expectedClaims.size());
    for (ProcessedClaim c : retrievedClaims) {
        if (expectedClaims.contains(c.getClaimType())) {
            expectedClaims.remove(c.getClaimType());
        } else {
            Assert.assertTrue("Claim '" + c.getClaimType() + "' not requested", false);
        }
    }
}
Also used : CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) ArrayList(java.util.ArrayList) LdapClaimsHandler(org.apache.cxf.sts.claims.LdapClaimsHandler) ClaimsManager(org.apache.cxf.sts.claims.ClaimsManager) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters)

Example 37 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class LDAPClaimsTest method testRetrieveBinaryClaims.

@org.junit.Test
public void testRetrieveBinaryClaims() throws Exception {
    LdapClaimsHandler claimsHandler = (LdapClaimsHandler) appContext.getBean("testClaimsHandler");
    ClaimsManager claimsManager = new ClaimsManager();
    claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
    String user = props.getProperty("binaryClaimUser");
    Assert.assertNotNull(user, "Property 'binaryClaimUser' not configured");
    ClaimCollection requestedClaims = createRequestClaimCollection();
    // Ask for the (binary) cert as well
    Claim claim = new Claim();
    claim.setClaimType("http://custom/x509");
    claim.setOptional(true);
    requestedClaims.add(claim);
    List<String> expectedClaims = new ArrayList<>();
    expectedClaims.add(ClaimTypes.FIRSTNAME.toString());
    expectedClaims.add(ClaimTypes.LASTNAME.toString());
    expectedClaims.add(ClaimTypes.EMAILADDRESS.toString());
    expectedClaims.add("http://custom/x509");
    ClaimsParameters params = new ClaimsParameters();
    params.setPrincipal(new CustomTokenPrincipal(user));
    ProcessedClaimCollection retrievedClaims = claimsManager.retrieveClaimValues(requestedClaims, params);
    Assert.assertTrue("Retrieved number of claims [" + retrievedClaims.size() + "] doesn't match with expected [" + expectedClaims.size() + "]", retrievedClaims.size() == expectedClaims.size());
    boolean foundCert = false;
    for (ProcessedClaim c : retrievedClaims) {
        if ("http://custom/x509".equals(c.getClaimType())) {
            foundCert = true;
            Assert.assertTrue(c.getValues().get(0) instanceof byte[]);
            CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
            InputStream in = new ByteArrayInputStream((byte[]) c.getValues().get(0));
            X509Certificate cert = (X509Certificate) certFactory.generateCertificate(in);
            Assert.assertNotNull(cert);
        }
    }
    Assert.assertTrue(foundCert);
}
Also used : ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ArrayList(java.util.ArrayList) LdapClaimsHandler(org.apache.cxf.sts.claims.LdapClaimsHandler) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) ClaimsParameters(org.apache.cxf.sts.claims.ClaimsParameters) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) ByteArrayInputStream(java.io.ByteArrayInputStream) ClaimsManager(org.apache.cxf.sts.claims.ClaimsManager) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) ProcessedClaim(org.apache.cxf.sts.claims.ProcessedClaim) Claim(org.apache.cxf.rt.security.claims.Claim)

Example 38 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class SecurityContextProviderImpl method getSecurityContext.

public SecurityContext getSecurityContext(Message message, SamlAssertionWrapper wrapper) {
    // First check to see if we are allowed to set up a security context
    // The SAML Assertion must be signed, or we must explicitly allow unsigned
    String allowUnsigned = (String) SecurityUtils.getSecurityPropertyValue(SecurityConstants.ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL, message);
    boolean allowUnsignedSamlPrincipals = Boolean.parseBoolean(allowUnsigned);
    if (!(wrapper.isSigned() || allowUnsignedSamlPrincipals)) {
        return null;
    }
    ClaimCollection claims = getClaims(wrapper);
    Subject subject = getSubject(message, wrapper, claims);
    SecurityContext securityContext = doGetSecurityContext(message, subject, claims);
    if (securityContext instanceof SAMLSecurityContext) {
        Element assertionElement = wrapper.getElement();
        ((SAMLSecurityContext) securityContext).setAssertionElement(assertionElement);
    }
    return securityContext;
}
Also used : SAMLSecurityContext(org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext) Element(org.w3c.dom.Element) SAMLSecurityContext(org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext) SecurityContext(org.apache.cxf.security.SecurityContext) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) Subject(org.apache.cxf.rs.security.saml.assertion.Subject)

Example 39 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class AbstractServiceProviderFilter method setSecurityContext.

protected void setSecurityContext(Message m, SamlAssertionWrapper assertionWrapper) {
    Subject subject = SAMLUtils.getSubject(m, assertionWrapper);
    final String name = subject.getName();
    if (name != null) {
        String roleAttributeName = (String) SecurityUtils.getSecurityPropertyValue(SecurityConstants.SAML_ROLE_ATTRIBUTENAME, m);
        if (roleAttributeName == null || roleAttributeName.length() == 0) {
            roleAttributeName = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
        }
        ClaimCollection claims = org.apache.cxf.rt.security.saml.utils.SAMLUtils.getClaims(assertionWrapper);
        Set<Principal> roles = org.apache.cxf.rt.security.saml.utils.SAMLUtils.parseRolesFromClaims(claims, roleAttributeName, null);
        SAMLSecurityContext context = new SAMLSecurityContext(new SimplePrincipal(name), roles, claims);
        context.setIssuer(org.apache.cxf.rt.security.saml.utils.SAMLUtils.getIssuer(assertionWrapper));
        context.setAssertionElement(org.apache.cxf.rt.security.saml.utils.SAMLUtils.getAssertionElement(assertionWrapper));
        m.put(SecurityContext.class, context);
    }
}
Also used : SAMLSecurityContext(org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) Subject(org.apache.cxf.rs.security.saml.assertion.Subject) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal) Principal(java.security.Principal) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal)

Example 40 with ClaimCollection

use of org.apache.cxf.rt.security.claims.ClaimCollection in project cxf by apache.

the class RealmSupportTest method createClaimCollection.

private ClaimCollection createClaimCollection() {
    ClaimCollection requestedClaims = new ClaimCollection();
    Claim requestClaimA = new Claim();
    requestClaimA.setClaimType(URI.create("Claim-A"));
    requestClaimA.setOptional(false);
    requestedClaims.add(requestClaimA);
    Claim requestClaimB = new Claim();
    requestClaimB.setClaimType(URI.create("Claim-B"));
    requestClaimB.setOptional(false);
    requestedClaims.add(requestClaimB);
    Claim requestClaimC = new Claim();
    requestClaimC.setClaimType(URI.create("Claim-C"));
    requestClaimC.setOptional(true);
    requestedClaims.add(requestClaimC);
    return requestedClaims;
}
Also used : ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) ProcessedClaimCollection(org.apache.cxf.sts.claims.ProcessedClaimCollection) Claim(org.apache.cxf.rt.security.claims.Claim)

Aggregations

ClaimCollection (org.apache.cxf.rt.security.claims.ClaimCollection)100 Claim (org.apache.cxf.rt.security.claims.Claim)63 ClaimsManager (org.apache.cxf.sts.claims.ClaimsManager)46 ClaimsParameters (org.apache.cxf.sts.claims.ClaimsParameters)43 ProcessedClaimCollection (org.apache.cxf.sts.claims.ProcessedClaimCollection)42 ProcessedClaim (org.apache.cxf.sts.claims.ProcessedClaim)31 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)26 ClaimsHandler (org.apache.cxf.sts.claims.ClaimsHandler)23 Principal (java.security.Principal)22 CustomClaimsHandler (org.apache.cxf.sts.common.CustomClaimsHandler)22 URI (java.net.URI)21 Element (org.w3c.dom.Element)21 StaticClaimsHandler (org.apache.cxf.sts.claims.StaticClaimsHandler)15 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)13 ArrayList (java.util.ArrayList)12 LdapClaimsHandler (org.apache.cxf.sts.claims.LdapClaimsHandler)12 JAXBElement (javax.xml.bind.JAXBElement)10 Test (org.junit.Test)10 SAMLSecurityContext (org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext)9 StaticEndpointClaimsHandler (org.apache.cxf.sts.claims.StaticEndpointClaimsHandler)9
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial