Search in sources :

Example 76 with RequestSecurityTokenResponseType

use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType in project cxf by apache.

the class IssueSamlClaimsUnitTest method testIssueJaxbSaml1Token.

/**
 * Test to successfully issue a Saml 1.1 token. The claims information is included as a
 * JAXB Element under RequestSecurityToken, rather than as a child of SecondaryParameters.
 */
@org.junit.Test
public void testIssueJaxbSaml1Token() throws Exception {
    TokenIssueOperation issueOperation = new TokenIssueOperation();
    addTokenProvider(issueOperation);
    addService(issueOperation);
    addSTSProperties(issueOperation);
    // Set the ClaimsManager
    ClaimsManager claimsManager = new ClaimsManager();
    ClaimsHandler claimsHandler = new CustomClaimsHandler();
    claimsManager.setClaimHandlers(Collections.singletonList(claimsHandler));
    issueOperation.setClaimsManager(claimsManager);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, WSS4JConstants.WSS_SAML_TOKEN_TYPE);
    request.getAny().add(tokenType);
    // Add a ClaimsType
    ClaimsType claimsType = new ClaimsType();
    claimsType.setDialect(STSConstants.IDT_NS_05_05);
    Document doc = DOMUtils.createDocument();
    Element claimType = createClaimsType(doc);
    claimsType.getAny().add(claimType);
    JAXBElement<ClaimsType> claimsTypeJaxb = new JAXBElement<ClaimsType>(QNameConstants.CLAIMS, ClaimsType.class, claimsType);
    request.getAny().add(claimsTypeJaxb);
    request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
    Map<String, Object> msgCtx = setupMessageContext();
    List<RequestSecurityTokenResponseType> securityTokenResponse = issueToken(issueOperation, request, new CustomTokenPrincipal("alice"), msgCtx);
    // Test the generated token.
    Element assertion = null;
    for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
        if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
            RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
            assertion = (Element) rstType.getAny();
            break;
        }
    }
    assertNotNull(assertion);
    String tokenString = DOM2Writer.nodeToString(assertion);
    assertTrue(tokenString.contains("AttributeStatement"));
    assertTrue(tokenString.contains("alice"));
    assertTrue(tokenString.contains(SAML1Constants.CONF_BEARER));
    assertTrue(tokenString.contains(ClaimTypes.LASTNAME.toString()));
}
Also used : ClaimsHandler(org.apache.cxf.sts.claims.ClaimsHandler) CustomClaimsHandler(org.apache.cxf.sts.common.CustomClaimsHandler) ClaimsType(org.apache.cxf.ws.security.sts.provider.model.ClaimsType) RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) JAXBElement(javax.xml.bind.JAXBElement) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) Document(org.w3c.dom.Document) CustomClaimsHandler(org.apache.cxf.sts.common.CustomClaimsHandler) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) ClaimsManager(org.apache.cxf.sts.claims.ClaimsManager)

Example 77 with RequestSecurityTokenResponseType

use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType in project cxf by apache.

the class IssueSamlUnitTest method testIssueSaml2SymmetricKeyTokenSecretKey.

/**
 * Test to successfully issue a Saml2 SymmetricKey token. Rather than using a Nonce as the
 * Entropy, a secret key is supplied by the client instead.
 */
@org.junit.Test
public void testIssueSaml2SymmetricKeyTokenSecretKey() throws Exception {
    TokenIssueOperation issueOperation = new TokenIssueOperation();
    // Add Token Provider
    issueOperation.setTokenProviders(Collections.singletonList(new SAMLTokenProvider()));
    // Add Service
    ServiceMBean service = new StaticService();
    service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
    issueOperation.setServices(Collections.singletonList(service));
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    issueOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
    request.getAny().add(tokenType);
    JAXBElement<String> keyType = new JAXBElement<String>(QNameConstants.KEY_TYPE, String.class, STSConstants.SYMMETRIC_KEY_KEYTYPE);
    request.getAny().add(keyType);
    request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("alice");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    // Now add Entropy
    BinarySecretType binarySecretType = new BinarySecretType();
    binarySecretType.setType(STSConstants.SYMMETRIC_KEY_TYPE);
    binarySecretType.setValue(WSSecurityUtil.generateNonce(256 / 8));
    JAXBElement<BinarySecretType> binarySecretTypeJaxb = new JAXBElement<BinarySecretType>(QNameConstants.BINARY_SECRET, BinarySecretType.class, binarySecretType);
    EntropyType entropyType = new EntropyType();
    entropyType.getAny().add(binarySecretTypeJaxb);
    JAXBElement<EntropyType> entropyJaxbType = new JAXBElement<>(QNameConstants.ENTROPY, EntropyType.class, entropyType);
    request.getAny().add(entropyJaxbType);
    RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, principal, msgCtx);
    List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
    assertFalse(securityTokenResponse.isEmpty());
    // Test the generated token.
    Element assertion = null;
    for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
        if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
            RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
            assertion = (Element) rstType.getAny();
        }
    }
    assertNotNull(assertion);
    String tokenString = DOM2Writer.nodeToString(assertion);
    assertTrue(tokenString.contains("AttributeStatement"));
    assertTrue(tokenString.contains("alice"));
    assertFalse(tokenString.contains(SAML2Constants.CONF_BEARER));
    assertTrue(tokenString.contains(SAML2Constants.CONF_HOLDER_KEY));
}
Also used : ServiceMBean(org.apache.cxf.sts.service.ServiceMBean) BinarySecretType(org.apache.cxf.ws.security.sts.provider.model.BinarySecretType) RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) StaticService(org.apache.cxf.sts.service.StaticService) RequestSecurityTokenResponseCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) EntropyType(org.apache.cxf.ws.security.sts.provider.model.EntropyType) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) JAXBElement(javax.xml.bind.JAXBElement) Crypto(org.apache.wss4j.common.crypto.Crypto) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) SecurityContext(org.apache.cxf.security.SecurityContext) MessageImpl(org.apache.cxf.message.MessageImpl) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Example 78 with RequestSecurityTokenResponseType

use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType in project cxf by apache.

the class IssueSamlUnitTest method testIssueSaml2DifferentSignatureToken.

/**
 * Test to successfully issue a Saml 2 token using a specified Signature Algorithm.
 */
@org.junit.Test
public void testIssueSaml2DifferentSignatureToken() throws Exception {
    if (!TestUtilities.checkUnrestrictedPoliciesInstalled()) {
        return;
    }
    TokenIssueOperation issueOperation = new TokenIssueOperation();
    // Add Token Provider
    issueOperation.setTokenProviders(Collections.singletonList(new SAMLTokenProvider()));
    // Add Service
    ServiceMBean service = new StaticService();
    service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
    issueOperation.setServices(Collections.singletonList(service));
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    SignatureProperties sigProperties = new SignatureProperties();
    final String signatureAlgorithm = WSS4JConstants.RSA_SHA256;
    sigProperties.setAcceptedSignatureAlgorithms(Arrays.asList(signatureAlgorithm, WSS4JConstants.RSA_SHA1));
    stsProperties.setSignatureProperties(sigProperties);
    issueOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
    request.getAny().add(tokenType);
    request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
    JAXBElement<String> signatureAlg = new JAXBElement<String>(QNameConstants.SIGNATURE_ALGORITHM, String.class, signatureAlgorithm);
    request.getAny().add(signatureAlg);
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("alice");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    // Issue a token
    RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, principal, msgCtx);
    List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
    assertFalse(securityTokenResponse.isEmpty());
    // Test the generated token.
    Element assertion = null;
    for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
        if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
            RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
            assertion = (Element) rstType.getAny();
            break;
        }
    }
    assertNotNull(assertion);
    String tokenString = DOM2Writer.nodeToString(assertion);
    assertTrue(tokenString.contains("AttributeStatement"));
    assertTrue(tokenString.contains("alice"));
    assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
    assertTrue(tokenString.contains(signatureAlgorithm));
}
Also used : ServiceMBean(org.apache.cxf.sts.service.ServiceMBean) RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) StaticService(org.apache.cxf.sts.service.StaticService) RequestSecurityTokenResponseCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) JAXBElement(javax.xml.bind.JAXBElement) Crypto(org.apache.wss4j.common.crypto.Crypto) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) SignatureProperties(org.apache.cxf.sts.SignatureProperties) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) SecurityContext(org.apache.cxf.security.SecurityContext) MessageImpl(org.apache.cxf.message.MessageImpl) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Example 79 with RequestSecurityTokenResponseType

use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType in project cxf by apache.

the class IssueSamlUnitTest method testIssueSaml2Token.

/**
 * Test to successfully issue a Saml 2 token.
 */
@org.junit.Test
public void testIssueSaml2Token() throws Exception {
    TokenIssueOperation issueOperation = new TokenIssueOperation();
    // Add Token Provider
    issueOperation.setTokenProviders(Collections.singletonList(new SAMLTokenProvider()));
    // Add Service
    ServiceMBean service = new StaticService();
    service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
    issueOperation.setServices(Collections.singletonList(service));
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    issueOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
    request.getAny().add(tokenType);
    request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("alice");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    // Issue a token
    RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, principal, msgCtx);
    List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
    assertFalse(securityTokenResponse.isEmpty());
    // Test the generated token.
    Element assertion = null;
    for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
        if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
            RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
            assertion = (Element) rstType.getAny();
            break;
        }
    }
    assertNotNull(assertion);
    String tokenString = DOM2Writer.nodeToString(assertion);
    assertTrue(tokenString.contains("AttributeStatement"));
    assertTrue(tokenString.contains("alice"));
    assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
}
Also used : ServiceMBean(org.apache.cxf.sts.service.ServiceMBean) RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) JAXBElement(javax.xml.bind.JAXBElement) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) StaticService(org.apache.cxf.sts.service.StaticService) RequestSecurityTokenResponseCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Crypto(org.apache.wss4j.common.crypto.Crypto) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) SecurityContext(org.apache.cxf.security.SecurityContext) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) MessageImpl(org.apache.cxf.message.MessageImpl) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Example 80 with RequestSecurityTokenResponseType

use of org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType in project cxf by apache.

the class IssueSamlUnitTest method testIssueSaml1PublicKeyToken.

/**
 * Test to successfully issue a Saml 1.1 PublicKey token.
 */
@org.junit.Test
public void testIssueSaml1PublicKeyToken() throws Exception {
    TokenIssueOperation issueOperation = new TokenIssueOperation();
    // Add Token Provider
    issueOperation.setTokenProviders(Collections.singletonList(new SAMLTokenProvider()));
    // Add Service
    ServiceMBean service = new StaticService();
    service.setEndpoints(Collections.singletonList("http://dummy-service.com/dummy"));
    issueOperation.setServices(Collections.singletonList(service));
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    issueOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, WSS4JConstants.WSS_SAML_TOKEN_TYPE);
    request.getAny().add(tokenType);
    JAXBElement<String> keyType = new JAXBElement<String>(QNameConstants.KEY_TYPE, String.class, STSConstants.PUBLIC_KEY_KEYTYPE);
    request.getAny().add(keyType);
    request.getAny().add(createAppliesToElement("http://dummy-service.com/dummy"));
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("alice");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    // Issue a token
    try {
        issueOperation.issue(request, principal, msgCtx);
        fail("Failure expected on no certificate");
    } catch (STSException ex) {
    // expected failure on no certificate
    }
    // Now add UseKey
    UseKeyType useKey = createUseKey(crypto, "myclientkey");
    JAXBElement<UseKeyType> useKeyType = new JAXBElement<>(QNameConstants.USE_KEY, UseKeyType.class, useKey);
    request.getAny().add(useKeyType);
    RequestSecurityTokenResponseCollectionType response = issueOperation.issue(request, principal, msgCtx);
    List<RequestSecurityTokenResponseType> securityTokenResponse = response.getRequestSecurityTokenResponse();
    assertFalse(securityTokenResponse.isEmpty());
    // Test the generated token.
    Element assertion = null;
    for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
        if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
            RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
            assertion = (Element) rstType.getAny();
            break;
        }
    }
    assertNotNull(assertion);
    String tokenString = DOM2Writer.nodeToString(assertion);
    assertTrue(tokenString.contains("AttributeStatement"));
    assertTrue(tokenString.contains("alice"));
    assertFalse(tokenString.contains(SAML1Constants.CONF_BEARER));
    assertTrue(tokenString.contains(SAML1Constants.CONF_HOLDER_KEY));
}
Also used : ServiceMBean(org.apache.cxf.sts.service.ServiceMBean) RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) UseKeyType(org.apache.cxf.ws.security.sts.provider.model.UseKeyType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) StaticService(org.apache.cxf.sts.service.StaticService) RequestSecurityTokenResponseCollectionType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) STSException(org.apache.cxf.ws.security.sts.provider.STSException) JAXBElement(javax.xml.bind.JAXBElement) Crypto(org.apache.wss4j.common.crypto.Crypto) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) SecurityContext(org.apache.cxf.security.SecurityContext) MessageImpl(org.apache.cxf.message.MessageImpl) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Aggregations

RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)121 JAXBElement (javax.xml.bind.JAXBElement)101 RequestSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)95 WrappedMessageContext (org.apache.cxf.jaxws.context.WrappedMessageContext)86 MessageImpl (org.apache.cxf.message.MessageImpl)86 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)79 StaticSTSProperties (org.apache.cxf.sts.StaticSTSProperties)79 Crypto (org.apache.wss4j.common.crypto.Crypto)74 PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)73 Element (org.w3c.dom.Element)72 RequestSecurityTokenResponseCollectionType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType)63 RequestedSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType)63 ServiceMBean (org.apache.cxf.sts.service.ServiceMBean)58 StaticService (org.apache.cxf.sts.service.StaticService)58 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)57 Principal (java.security.Principal)49 SecurityContext (org.apache.cxf.security.SecurityContext)49 SAMLTokenProvider (org.apache.cxf.sts.token.provider.SAMLTokenProvider)40 Document (org.w3c.dom.Document)32 STSException (org.apache.cxf.ws.security.sts.provider.STSException)26