Example 46 with SecurityContext
use of org.apache.cxf.security.SecurityContext in project cxf by apache.
the class JMSDestinationTest method testSecurityContext.
private SecurityContext testSecurityContext(boolean createSecurityContext) throws Exception {
EndpointInfo ei = setupServiceInfo("HelloWorldService", "HelloWorldPort");
final JMSDestination destination = setupJMSDestination(ei);
destination.getJmsConfig().setCreateSecurityContext(createSecurityContext);
destination.setMessageObserver(createMessageObserver());
// set up the conduit send to be true
JMSConduit conduit = setupJMSConduitWithObserver(ei);
final Message outMessage = createMessage();
sendOneWayMessage(conduit, outMessage);
Message destMessage = waitForReceiveDestMessage();
SecurityContext securityContext = destMessage.get(SecurityContext.class);
conduit.close();
destination.shutdown();
return securityContext;
}
Also used :
EndpointInfo(org.apache.cxf.service.model.EndpointInfo)
Message(org.apache.cxf.message.Message)
SecurityContext(org.apache.cxf.security.SecurityContext)
Example 47 with SecurityContext
use of org.apache.cxf.security.SecurityContext in project cxf by apache.
the class JMSDestinationTest method testDoNotCreateSecurityContext.
@Test
public void testDoNotCreateSecurityContext() throws Exception {
SecurityContext ctx = testSecurityContext(false);
assertNull("SecurityContext should not be set in message received by JMSDestination", ctx);
}
Also used :
SecurityContext(org.apache.cxf.security.SecurityContext)
Test(org.junit.Test)
Example 48 with SecurityContext
use of org.apache.cxf.security.SecurityContext in project cxf by apache.
the class JMSDestinationTest method testRoundTripDestination.
@Test
public void testRoundTripDestination() throws Exception {
Message msg = testRoundTripDestination(true);
SecurityContext securityContext = msg.get(SecurityContext.class);
assertNotNull("SecurityContext should be set in message received by JMSDestination", securityContext);
assertEquals("Principal in SecurityContext should be", "testUser", securityContext.getUserPrincipal().getName());
}
Also used :
Message(org.apache.cxf.message.Message)
SecurityContext(org.apache.cxf.security.SecurityContext)
Test(org.junit.Test)
Example 49 with SecurityContext
use of org.apache.cxf.security.SecurityContext in project cxf by apache.
the class UsernameTokenInterceptor method processToken.
protected void processToken(SoapMessage message) {
Header h = findSecurityHeader(message, false);
if (h == null) {
return;
}
boolean utWithCallbacks = MessageUtils.getContextualBoolean(message, SecurityConstants.VALIDATE_TOKEN, true);
Element el = (Element) h.getObject();
Element child = DOMUtils.getFirstElement(el);
while (child != null) {
if (SPConstants.USERNAME_TOKEN.equals(child.getLocalName()) && WSS4JConstants.WSSE_NS.equals(child.getNamespaceURI())) {
try {
boolean bspCompliant = isWsiBSPCompliant(message);
boolean allowNSPasswdTypes = allowNamespaceQualifiedPWDTypes(message);
Principal principal;
Subject subject = null;
Object transformedToken = null;
if (utWithCallbacks) {
final WSSecurityEngineResult result = validateToken(child, message);
subject = (Subject) result.get(WSSecurityEngineResult.TAG_SUBJECT);
transformedToken = result.get(WSSecurityEngineResult.TAG_TRANSFORMED_TOKEN);
principal = (Principal) result.get(WSSecurityEngineResult.TAG_PRINCIPAL);
if (principal == null) {
principal = parseTokenAndCreatePrincipal(child, bspCompliant, allowNSPasswdTypes);
}
} else {
principal = parseTokenAndCreatePrincipal(child, bspCompliant, allowNSPasswdTypes);
WSS4JTokenConverter.convertToken(message, principal);
}
SecurityContext sc = message.get(SecurityContext.class);
if (sc == null || sc.getUserPrincipal() == null) {
if (transformedToken instanceof SamlAssertionWrapper) {
message.put(SecurityContext.class, createSecurityContext(message, (SamlAssertionWrapper) transformedToken));
} else if (subject != null && principal != null) {
message.put(SecurityContext.class, createSecurityContext(principal, subject));
} else {
UsernameTokenPrincipal utPrincipal = (UsernameTokenPrincipal) principal;
String nonce = null;
if (utPrincipal.getNonce() != null) {
nonce = XMLUtils.encodeToString(utPrincipal.getNonce());
}
subject = createSubject(utPrincipal.getName(), utPrincipal.getPassword(), utPrincipal.isPasswordDigest(), nonce, utPrincipal.getCreatedTime());
message.put(SecurityContext.class, createSecurityContext(utPrincipal, subject));
}
}
if (principal instanceof UsernameTokenPrincipal) {
storeResults((UsernameTokenPrincipal) principal, subject, message);
}
} catch (WSSecurityException | Base64DecodingException ex) {
throw new Fault(ex);
}
}
child = DOMUtils.getNextElement(child);
}
}
Also used :
Element(org.w3c.dom.Element)
SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
Fault(org.apache.cxf.interceptor.Fault)
WSSecurityEngineResult(org.apache.wss4j.dom.engine.WSSecurityEngineResult)
Subject(javax.security.auth.Subject)
Base64DecodingException(org.apache.xml.security.exceptions.Base64DecodingException)
Header(org.apache.cxf.headers.Header)
UsernameTokenPrincipal(org.apache.wss4j.common.principal.UsernameTokenPrincipal)
SAMLSecurityContext(org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext)
DefaultSecurityContext(org.apache.cxf.interceptor.security.DefaultSecurityContext)
SecurityContext(org.apache.cxf.security.SecurityContext)
Principal(java.security.Principal)
UsernameTokenPrincipal(org.apache.wss4j.common.principal.UsernameTokenPrincipal)
Example 50 with SecurityContext
use of org.apache.cxf.security.SecurityContext in project cxf by apache.
the class Saml2BearerGrantHandler method setSecurityContext.
protected void setSecurityContext(Message message, SamlAssertionWrapper wrapper) {
if (scProvider != null) {
SecurityContext sc = scProvider.getSecurityContext(message, wrapper);
message.put(SecurityContext.class, sc);
}
}
Also used :
SAMLSecurityContext(org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext)
SecurityContext(org.apache.cxf.security.SecurityContext)
Aggregations
SecurityContext (org.apache.cxf.security.SecurityContext)76
Principal (java.security.Principal)26
Message (org.apache.cxf.message.Message)16
Subject (javax.security.auth.Subject)13
WSSecurityEngineResult (org.apache.wss4j.dom.engine.WSSecurityEngineResult)12
DefaultSecurityContext (org.apache.cxf.interceptor.security.DefaultSecurityContext)11
SimplePrincipal (org.apache.cxf.common.security.SimplePrincipal)10
Test (org.junit.Test)10
SAMLSecurityContext (org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext)9
WSHandlerResult (org.apache.wss4j.dom.handler.WSHandlerResult)9
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)8
LoginSecurityContext (org.apache.cxf.security.LoginSecurityContext)7
ArrayList (java.util.ArrayList)6
QName (javax.xml.namespace.QName)6
SecurityToken (org.apache.cxf.common.security.SecurityToken)6
HashMap (java.util.HashMap)5
MessageImpl (org.apache.cxf.message.MessageImpl)5
UserSubject (org.apache.cxf.rs.security.oauth2.common.UserSubject)5
Element (org.w3c.dom.Element)5
Method (java.lang.reflect.Method)4
