Examples with WSPolicyFeature org.apache.cxf.ws.policy.WSPolicyFeature used on opensource projects

Search in sources :

Example 1 with WSPolicyFeature

use of org.apache.cxf.ws.policy.WSPolicyFeature in project cxf by apache.

the class MtomPolicyTest method setupServer.

public void setupServer(boolean mtomRequired, String address) throws Exception {
    getStaticBus().getExtension(PolicyEngine.class).setAlternativeSelector(new FirstAlternativeSelector());
    JaxWsServerFactoryBean sf = new JaxWsServerFactoryBean();
    sf.setServiceBean(new EchoService());
    sf.setBus(getStaticBus());
    sf.setAddress(address);
    WSPolicyFeature policyFeature = new WSPolicyFeature();
    List<Element> policyElements = new ArrayList<>();
    if (mtomRequired) {
        policyElements.add(StaxUtils.read(getClass().getResourceAsStream("mtom-policy.xml")).getDocumentElement());
    } else {
        policyElements.add(StaxUtils.read(getClass().getResourceAsStream("mtom-policy-optional.xml")).getDocumentElement());
    }
    policyFeature.setPolicyElements(policyElements);
    sf.getFeatures().add(policyFeature);
    sf.create();
}
Also used : FirstAlternativeSelector(org.apache.cxf.ws.policy.selector.FirstAlternativeSelector) WSPolicyFeature(org.apache.cxf.ws.policy.WSPolicyFeature) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) PolicyEngine(org.apache.cxf.ws.policy.PolicyEngine) JaxWsServerFactoryBean(org.apache.cxf.jaxws.JaxWsServerFactoryBean)

Example 2 with WSPolicyFeature

use of org.apache.cxf.ws.policy.WSPolicyFeature in project cxf by apache.

the class UsernameTokenTest method testPlaintextCodeFirst.

// Here we are not using the WSDL and so need to add the policy manually on the client side
@org.junit.Test
public void testPlaintextCodeFirst() throws Exception {
    String address = "https://localhost:" + PORT + "/DoubleItUTPlaintext";
    QName portQName = new QName(NAMESPACE, "DoubleItPlaintextPort");
    WSPolicyFeature policyFeature = new WSPolicyFeature();
    Element policyElement = StaxUtils.read(getClass().getResourceAsStream("plaintext-pass-timestamp-policy.xml")).getDocumentElement();
    policyFeature.setPolicyElements(Collections.singletonList(policyElement));
    JaxWsProxyFactoryBean clientFactoryBean = new JaxWsProxyFactoryBean();
    clientFactoryBean.setFeatures(Collections.singletonList(policyFeature));
    clientFactoryBean.setAddress(address);
    clientFactoryBean.setServiceName(SERVICE_QNAME);
    clientFactoryBean.setEndpointName(portQName);
    clientFactoryBean.setServiceClass(DoubleItPortType.class);
    DoubleItPortType port = (DoubleItPortType) clientFactoryBean.create();
    if (test.isStreaming()) {
        SecurityTestUtil.enableStreaming(port);
    }
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "Alice");
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.ws.common.UTPasswordCallback");
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    final KeyStore ts = KeyStore.getInstance("JKS");
    try (InputStream trustStore = ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", UsernameTokenTest.class)) {
        ts.load(trustStore, "password".toCharArray());
    }
    tmf.init(ts);
    TLSClientParameters tlsParams = new TLSClientParameters();
    tlsParams.setTrustManagers(tmf.getTrustManagers());
    tlsParams.setDisableCNCheck(true);
    Client client = ClientProxy.getClient(port);
    HTTPConduit http = (HTTPConduit) client.getConduit();
    http.setTlsClientParameters(tlsParams);
    assertEquals(50, port.doubleIt(25));
    ((java.io.Closeable) port).close();
}
Also used : TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters) WSPolicyFeature(org.apache.cxf.ws.policy.WSPolicyFeature) QName(javax.xml.namespace.QName) InputStream(java.io.InputStream) Element(org.w3c.dom.Element) JaxWsProxyFactoryBean(org.apache.cxf.jaxws.JaxWsProxyFactoryBean) KeyStore(java.security.KeyStore) HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) Client(org.apache.cxf.endpoint.Client)

Example 3 with WSPolicyFeature

use of org.apache.cxf.ws.policy.WSPolicyFeature in project tesb-rt-se by Talend.

the class PolicyProviderImpl method init.

@PostConstruct
public void init() {
    final EsbSecurity esbSecurity = EsbSecurity.fromString((String) serviceAutentication);
    if (EsbSecurity.NO == esbSecurity)
        return;
    Bus currentBus = BusFactory.getThreadDefaultBus();
    policyBuilder = currentBus.getExtension(PolicyBuilder.class);
    List<Policy> policies = new ArrayList<Policy>();
    if (EsbSecurity.TOKEN == esbSecurity) {
        policies.add(getTokenPolicy());
    } else if (EsbSecurity.SAML == esbSecurity) {
        policies.add(getSamlPolicy());
    }
    Map<String, Object> endpointProps = new HashMap<String, Object>();
    if (EsbSecurity.TOKEN == esbSecurity) {
        JAASUsernameTokenValidator jaasUTValidator = new JAASUsernameTokenValidator();
        jaasUTValidator.setContextName("karaf");
        endpointProps.put(SecurityConstants.USERNAME_TOKEN_VALIDATOR, jaasUTValidator);
    }
    if (EsbSecurity.SAML == esbSecurity) {
        endpointProps.put(SecurityConstants.SIGNATURE_PROPERTIES, getSignatureProperties());
        endpointProps.put(SecurityConstants.SIGNATURE_USERNAME, getSignatureUsername());
        endpointProps.put(ENDPOINT_SIGNATURE_PASSWORD, getSignaturePassword());
        endpointProps.put(SecurityConstants.CALLBACK_HANDLER, new WSPasswordCallbackHandler(getSignatureUsername(), getSignaturePassword()));
    }
    locatorEndpoint.setProperties(endpointProps);
    WSPolicyFeature policyFeature = new WSPolicyFeature();
    policyFeature.setPolicies(policies);
    locatorEndpoint.getFeatures().add(policyFeature);
    ServerRegistry registry = currentBus.getExtension(ServerRegistry.class);
    List<Server> servers = registry.getServers();
    for (Server sr : servers) {
        if (sr.getEndpoint().getService() == locatorEndpoint.getService())
            policyFeature.initialize(sr, currentBus);
    }
}
Also used : Policy(org.apache.neethi.Policy) Bus(org.apache.cxf.Bus) Server(org.apache.cxf.endpoint.Server) HashMap(java.util.HashMap) WSPolicyFeature(org.apache.cxf.ws.policy.WSPolicyFeature) ArrayList(java.util.ArrayList) ServerRegistry(org.apache.cxf.endpoint.ServerRegistry) JAASUsernameTokenValidator(org.apache.wss4j.dom.validate.JAASUsernameTokenValidator) EsbSecurity(org.talend.esb.locator.service.LocatorServiceConstants.EsbSecurity) PolicyBuilder(org.apache.cxf.ws.policy.PolicyBuilder) PostConstruct(javax.annotation.PostConstruct)

Example 4 with WSPolicyFeature

use of org.apache.cxf.ws.policy.WSPolicyFeature in project tesb-rt-se by Talend.

the class SAMClientSecurityProvider method init.

@PostConstruct
public void init() {
    final EsbSecurityConstants esbSecurity = EsbSecurityConstants.fromString(authenticationType);
    if (EsbSecurityConstants.NO == esbSecurity) {
        return;
    }
    Bus bus = client.getBus();
    List<Policy> policies = new ArrayList<Policy>();
    WSPolicyFeature policyFeature = new WSPolicyFeature();
    policyFeature.setPolicies(policies);
    Map<String, Object> properties = client.getRequestContext();
    if (null == properties) {
        properties = new HashMap<String, Object>();
    }
    if (EsbSecurityConstants.BASIC == esbSecurity) {
        AuthorizationPolicy authzPolicy = new AuthorizationPolicy();
        authzPolicy.setUserName(username);
        authzPolicy.setPassword(password);
        authzPolicy.setAuthorizationType(HttpAuthHeader.AUTH_TYPE_BASIC);
        HTTPConduit conduit = (HTTPConduit) client.getConduit();
        conduit.setAuthorization(authzPolicy);
    } else if (EsbSecurityConstants.USERNAMETOKEN == esbSecurity) {
        policies.add(loadPolicy(policyUsernameToken, bus));
        java.util.Map<String, Object> wssProps = new java.util.HashMap<String, Object>();
        wssProps.put(ConfigurationConstants.ACTION, ConfigurationConstants.USERNAME_TOKEN);
        wssProps.put(ConfigurationConstants.USER, username);
        wssProps.put(ConfigurationConstants.PASSWORD_TYPE, WSS4JConstants.PW_TEXT);
        wssProps.put(ConfigurationConstants.PW_CALLBACK_REF, new CallbackHandler() {

            public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
                ((WSPasswordCallback) callbacks[0]).setPassword(password);
            }
        });
        client.getEndpoint().getOutInterceptors().add(new WSS4JOutInterceptor(wssProps));
        client.getRequestContext().put("security.username", username);
        client.getRequestContext().put("security.password", password);
    } else if (EsbSecurityConstants.SAML == esbSecurity) {
        policies.add(loadPolicy(policySaml, bus));
        properties.put(SecurityConstants.SIGNATURE_PROPERTIES, processFileURI(getSignatureProperties()));
        properties.put(SecurityConstants.SIGNATURE_USERNAME, getSignatureUsername());
        properties.put(ENDPOINT_SIGNATURE_PASSWORD, getSignaturePassword());
        properties.put(SecurityConstants.CALLBACK_HANDLER, new WSPasswordCallbackHandler(getSignatureUsername(), getSignaturePassword()));
        // STS client
        STSClient stsClient = new STSClient(bus);
        stsClient.setWsdlLocation(stsWsdlLocation);
        stsClient.setServiceQName(new QName(stsNamespace, stsServiceName));
        stsClient.setEndpointQName(new QName(stsNamespace, stsEndpointName));
        Map<String, Object> stsProperties = new HashMap<String, Object>();
        stsProperties.put(SecurityConstants.USERNAME, username);
        stsProperties.put(SecurityConstants.PASSWORD, password);
        stsProperties.put(SecurityConstants.CALLBACK_HANDLER, new WSPasswordCallbackHandler(username, password));
        stsProperties.put(SecurityConstants.STS_TOKEN_PROPERTIES, processFileURI(getSignatureProperties()));
        stsProperties.put(SecurityConstants.STS_TOKEN_USERNAME, signatureUsername);
        stsProperties.put(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO, stsTokenUsecert);
        stsProperties.put(SecurityConstants.ENCRYPT_PROPERTIES, processFileURI(getSignatureProperties()));
        stsProperties.put(SecurityConstants.ENCRYPT_USERNAME, encryptionUsername);
        stsProperties.put(SecurityConstants.IS_BSP_COMPLIANT, isBspCompliant);
        stsClient.setProperties(stsProperties);
        properties.put(SecurityConstants.STS_CLIENT, stsClient);
    }
    client.getEndpoint().getActiveFeatures().add(policyFeature);
    policyFeature.initialize(client, bus);
}
Also used : Policy(org.apache.neethi.Policy) AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) Bus(org.apache.cxf.Bus) CallbackHandler(javax.security.auth.callback.CallbackHandler) WSPolicyFeature(org.apache.cxf.ws.policy.WSPolicyFeature) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) STSClient(org.apache.cxf.ws.security.trust.STSClient) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) HashMap(java.util.HashMap) Map(java.util.Map) PostConstruct(javax.annotation.PostConstruct)

Example 5 with WSPolicyFeature

use of org.apache.cxf.ws.policy.WSPolicyFeature in project tesb-rt-se by Talend.

the class SAMServiceSecurityProvider method init.

@PostConstruct
public void init() {
    final EsbSecurityConstants esbSecurity = EsbSecurityConstants.fromString(authenticationType);
    if (EsbSecurityConstants.NO == esbSecurity) {
        return;
    }
    Bus bus = serviceEndpoint.getBus();
    List<Policy> policies = new ArrayList<Policy>();
    WSPolicyFeature policyFeature = new WSPolicyFeature();
    policyFeature.setPolicies(policies);
    Map<String, Object> properties = serviceEndpoint.getProperties();
    if (null == properties) {
        properties = new HashMap<String, Object>();
    }
    if (EsbSecurityConstants.BASIC == esbSecurity) {
        JAASLoginInterceptor interceptor = new JAASLoginInterceptor();
        interceptor.setContextName("karaf");
        serviceEndpoint.getInInterceptors().add(interceptor);
    } else if (EsbSecurityConstants.USERNAMETOKEN == esbSecurity) {
        policies.add(loadPolicy(policyUsernameToken, bus));
        JAASUsernameTokenValidator jaasUTValidator = new JAASUsernameTokenValidator();
        jaasUTValidator.setContextName("karaf");
        properties.put(SecurityConstants.USERNAME_TOKEN_VALIDATOR, jaasUTValidator);
        serviceEndpoint.setProperties(properties);
    } else if (EsbSecurityConstants.SAML == esbSecurity) {
        policies.add(loadPolicy(policySaml, bus));
        properties.put(SecurityConstants.SIGNATURE_PROPERTIES, getSignatureProperties());
        properties.put(SecurityConstants.SIGNATURE_USERNAME, getSignatureUsername());
        properties.put(ENDPOINT_SIGNATURE_PASSWORD, getSignaturePassword());
        properties.put(SecurityConstants.CALLBACK_HANDLER, new WSPasswordCallbackHandler(getSignatureUsername(), getSignaturePassword()));
        serviceEndpoint.setProperties(properties);
    }
    serviceEndpoint.getFeatures().add(policyFeature);
    ServerRegistry registry = bus.getExtension(ServerRegistry.class);
    List<Server> servers = registry.getServers();
    for (Server server : servers) {
        if (server.getEndpoint().getService() == serviceEndpoint.getService()) {
            policyFeature.initialize(server, bus);
        }
    }
}
Also used : Policy(org.apache.neethi.Policy) Bus(org.apache.cxf.Bus) Server(org.apache.cxf.endpoint.Server) WSPolicyFeature(org.apache.cxf.ws.policy.WSPolicyFeature) JAASLoginInterceptor(org.apache.cxf.interceptor.security.JAASLoginInterceptor) ArrayList(java.util.ArrayList) ServerRegistry(org.apache.cxf.endpoint.ServerRegistry) JAASUsernameTokenValidator(org.apache.wss4j.dom.validate.JAASUsernameTokenValidator) PostConstruct(javax.annotation.PostConstruct)

Aggregations

WSPolicyFeature (org.apache.cxf.ws.policy.WSPolicyFeature)5 ArrayList (java.util.ArrayList)4 PostConstruct (javax.annotation.PostConstruct)3 Bus (org.apache.cxf.Bus)3 Policy (org.apache.neethi.Policy)3 HashMap (java.util.HashMap)2 QName (javax.xml.namespace.QName)2 Server (org.apache.cxf.endpoint.Server)2 ServerRegistry (org.apache.cxf.endpoint.ServerRegistry)2 HTTPConduit (org.apache.cxf.transport.http.HTTPConduit)2 JAASUsernameTokenValidator (org.apache.wss4j.dom.validate.JAASUsernameTokenValidator)2 Element (org.w3c.dom.Element)2 InputStream (java.io.InputStream)1 KeyStore (java.security.KeyStore)1 Map (java.util.Map)1 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)1 CallbackHandler (javax.security.auth.callback.CallbackHandler)1 TLSClientParameters (org.apache.cxf.configuration.jsse.TLSClientParameters)1 AuthorizationPolicy (org.apache.cxf.configuration.security.AuthorizationPolicy)1 Client (org.apache.cxf.endpoint.Client)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial