Search in sources :

Example 11 with ValidateTargetType

use of org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType in project cxf by apache.

the class RequestParser method parseTokenRequirements.

/**
 * Parse the Token requirements into the TokenRequirements argument.
 */
private static boolean parseTokenRequirements(JAXBElement<?> jaxbElement, TokenRequirements tokenRequirements, Map<String, Object> messageContext, List<ClaimsParser> claimsParsers) {
    if (QNameConstants.TOKEN_TYPE.equals(jaxbElement.getName())) {
        String tokenType = (String) jaxbElement.getValue();
        tokenRequirements.setTokenType(tokenType);
    } else if (QNameConstants.ON_BEHALF_OF.equals(jaxbElement.getName())) {
        OnBehalfOfType onBehalfOfType = (OnBehalfOfType) jaxbElement.getValue();
        ReceivedToken onBehalfOf = new ReceivedToken(onBehalfOfType.getAny());
        tokenRequirements.setOnBehalfOf(onBehalfOf);
    } else if (QNameConstants.ACT_AS.equals(jaxbElement.getName())) {
        ActAsType actAsType = (ActAsType) jaxbElement.getValue();
        ReceivedToken actAs = new ReceivedToken(actAsType.getAny());
        tokenRequirements.setActAs(actAs);
    } else if (QNameConstants.LIFETIME.equals(jaxbElement.getName())) {
        LifetimeType lifetimeType = (LifetimeType) jaxbElement.getValue();
        Lifetime lifetime = new Lifetime();
        if (lifetimeType.getCreated() != null) {
            lifetime.setCreated(lifetimeType.getCreated().getValue());
        }
        if (lifetimeType.getExpires() != null) {
            lifetime.setExpires(lifetimeType.getExpires().getValue());
        }
        tokenRequirements.setLifetime(lifetime);
    } else if (QNameConstants.VALIDATE_TARGET.equals(jaxbElement.getName())) {
        ValidateTargetType validateTargetType = (ValidateTargetType) jaxbElement.getValue();
        ReceivedToken validateTarget = new ReceivedToken(validateTargetType.getAny());
        if (isTokenReferenced(validateTarget.getToken())) {
            Element target = fetchTokenElementFromReference(validateTarget.getToken(), messageContext);
            validateTarget = new ReceivedToken(target);
        }
        tokenRequirements.setValidateTarget(validateTarget);
    } else if (QNameConstants.CANCEL_TARGET.equals(jaxbElement.getName())) {
        CancelTargetType cancelTargetType = (CancelTargetType) jaxbElement.getValue();
        ReceivedToken cancelTarget = new ReceivedToken(cancelTargetType.getAny());
        if (isTokenReferenced(cancelTarget.getToken())) {
            Element target = fetchTokenElementFromReference(cancelTarget.getToken(), messageContext);
            cancelTarget = new ReceivedToken(target);
        }
        tokenRequirements.setCancelTarget(cancelTarget);
    } else if (QNameConstants.RENEW_TARGET.equals(jaxbElement.getName())) {
        RenewTargetType renewTargetType = (RenewTargetType) jaxbElement.getValue();
        ReceivedToken renewTarget = new ReceivedToken(renewTargetType.getAny());
        if (isTokenReferenced(renewTarget.getToken())) {
            Element target = fetchTokenElementFromReference(renewTarget.getToken(), messageContext);
            renewTarget = new ReceivedToken(target);
        }
        tokenRequirements.setRenewTarget(renewTarget);
    } else if (QNameConstants.CLAIMS.equals(jaxbElement.getName())) {
        ClaimsType claimsType = (ClaimsType) jaxbElement.getValue();
        ClaimCollection requestedClaims = parseClaims(claimsType, claimsParsers);
        tokenRequirements.setPrimaryClaims(requestedClaims);
    } else if (QNameConstants.RENEWING.equals(jaxbElement.getName())) {
        RenewingType renewingType = (RenewingType) jaxbElement.getValue();
        Renewing renewing = new Renewing();
        if (renewingType.isAllow() != null) {
            renewing.setAllowRenewing(renewingType.isAllow());
        }
        if (renewingType.isOK() != null) {
            renewing.setAllowRenewingAfterExpiry(renewingType.isOK());
        }
        tokenRequirements.setRenewing(renewing);
    } else if (QNameConstants.PARTICIPANTS.equals(jaxbElement.getName())) {
        ParticipantsType participantsType = (ParticipantsType) jaxbElement.getValue();
        Participants participants = parseParticipants(participantsType);
        tokenRequirements.setParticipants(participants);
    } else {
        return false;
    }
    return true;
}
Also used : ClaimsType(org.apache.cxf.ws.security.sts.provider.model.ClaimsType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) CancelTargetType(org.apache.cxf.ws.security.sts.provider.model.CancelTargetType) ActAsType(org.apache.cxf.ws.security.sts.provider.model.wstrust14.ActAsType) OnBehalfOfType(org.apache.cxf.ws.security.sts.provider.model.OnBehalfOfType) RenewTargetType(org.apache.cxf.ws.security.sts.provider.model.RenewTargetType) LifetimeType(org.apache.cxf.ws.security.sts.provider.model.LifetimeType) ValidateTargetType(org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType) ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection) RenewingType(org.apache.cxf.ws.security.sts.provider.model.RenewingType) ParticipantsType(org.apache.cxf.ws.security.sts.provider.model.ParticipantsType)

Example 12 with ValidateTargetType

use of org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType in project cxf by apache.

the class ValidateJWTTransformationTest method testJWTToSAMLTransformation.

@org.junit.Test
public void testJWTToSAMLTransformation() throws Exception {
    TokenValidateOperation validateOperation = new TokenValidateOperation();
    // Add Token Validator
    List<TokenValidator> validatorList = new ArrayList<>();
    validatorList.add(new JWTTokenValidator());
    validateOperation.setTokenValidators(validatorList);
    // Add Token Provider
    List<TokenProvider> providerList = new ArrayList<>();
    providerList.add(new SAMLTokenProvider());
    validateOperation.setTokenProviders(providerList);
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    validateOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
    request.getAny().add(tokenType);
    // Create a JWTToken
    TokenProviderResponse providerResponse = createJWT();
    Element wrapper = createTokenWrapper((String) providerResponse.getToken());
    ValidateTargetType validateTarget = new ValidateTargetType();
    validateTarget.setAny(wrapper);
    JAXBElement<ValidateTargetType> validateTargetType = new JAXBElement<ValidateTargetType>(QNameConstants.VALIDATE_TARGET, ValidateTargetType.class, validateTarget);
    request.getAny().add(validateTargetType);
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("alice");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    // Validate a token
    RequestSecurityTokenResponseType response = validateOperation.validate(request, principal, msgCtx);
    assertTrue(validateResponse(response));
    // Test the generated token.
    Element assertion = null;
    for (Object tokenObject : response.getAny()) {
        if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
            RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
            assertion = (Element) rstType.getAny();
            break;
        }
    }
    assertNotNull(assertion);
    String tokenString = DOM2Writer.nodeToString(assertion);
    assertTrue(tokenString.contains("AttributeStatement"));
    assertTrue(tokenString.contains("alice"));
    assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
}
Also used : RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) TokenProvider(org.apache.cxf.sts.token.provider.TokenProvider) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) TokenValidator(org.apache.cxf.sts.token.validator.TokenValidator) SAMLTokenValidator(org.apache.cxf.sts.token.validator.SAMLTokenValidator) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) JAXBElement(javax.xml.bind.JAXBElement) Crypto(org.apache.wss4j.common.crypto.Crypto) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) SecurityContext(org.apache.cxf.security.SecurityContext) TokenProviderResponse(org.apache.cxf.sts.token.provider.TokenProviderResponse) ValidateTargetType(org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType) MessageImpl(org.apache.cxf.message.MessageImpl) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Example 13 with ValidateTargetType

use of org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType in project cxf by apache.

the class ValidateJWTTransformationTest method testJWTToSAMLTransformationRealm.

@org.junit.Test
public void testJWTToSAMLTransformationRealm() throws Exception {
    TokenValidateOperation validateOperation = new TokenValidateOperation();
    // Add Token Validator
    List<TokenValidator> validatorList = new ArrayList<>();
    JWTTokenValidator validator = new JWTTokenValidator();
    validator.setRealmCodec(new CustomJWTRealmCodec());
    validatorList.add(validator);
    validateOperation.setTokenValidators(validatorList);
    // Add Token Provider
    List<TokenProvider> providerList = new ArrayList<>();
    SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
    providerList.add(samlTokenProvider);
    validateOperation.setTokenProviders(providerList);
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    stsProperties.setRealmParser(new CustomRealmParser());
    stsProperties.setIdentityMapper(new CustomIdentityMapper());
    validateOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, WSS4JConstants.WSS_SAML2_TOKEN_TYPE);
    request.getAny().add(tokenType);
    // Create a JWTToken
    TokenProviderResponse providerResponse = createJWT();
    Element wrapper = createTokenWrapper((String) providerResponse.getToken());
    Document doc = wrapper.getOwnerDocument();
    wrapper = (Element) doc.appendChild(wrapper);
    ValidateTargetType validateTarget = new ValidateTargetType();
    validateTarget.setAny(wrapper);
    JAXBElement<ValidateTargetType> validateTargetType = new JAXBElement<ValidateTargetType>(QNameConstants.VALIDATE_TARGET, ValidateTargetType.class, validateTarget);
    request.getAny().add(validateTargetType);
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("alice");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    msgCtx.put("url", "https");
    // realm "B"
    try {
        validateOperation.validate(request, principal, msgCtx);
    } catch (STSException ex) {
    // expected
    }
    samlTokenProvider.setRealmMap(createSamlRealms());
    RequestSecurityTokenResponseType response = validateOperation.validate(request, principal, msgCtx);
    assertTrue(validateResponse(response));
    // Test the generated token.
    Element assertion = null;
    for (Object tokenObject : response.getAny()) {
        if (tokenObject instanceof JAXBElement<?> && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>) tokenObject).getName())) {
            RequestedSecurityTokenType rstType = (RequestedSecurityTokenType) ((JAXBElement<?>) tokenObject).getValue();
            assertion = (Element) rstType.getAny();
            break;
        }
    }
    assertNotNull(assertion);
    String tokenString = DOM2Writer.nodeToString(assertion);
    assertTrue(tokenString.contains("AttributeStatement"));
    assertTrue(tokenString.contains("ALICE"));
    assertTrue(tokenString.contains(SAML2Constants.CONF_BEARER));
}
Also used : RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) RequestedSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType) Document(org.w3c.dom.Document) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) TokenProvider(org.apache.cxf.sts.token.provider.TokenProvider) JWTTokenProvider(org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) TokenValidator(org.apache.cxf.sts.token.validator.TokenValidator) SAMLTokenValidator(org.apache.cxf.sts.token.validator.SAMLTokenValidator) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) STSException(org.apache.cxf.ws.security.sts.provider.STSException) JAXBElement(javax.xml.bind.JAXBElement) Crypto(org.apache.wss4j.common.crypto.Crypto) SAMLTokenProvider(org.apache.cxf.sts.token.provider.SAMLTokenProvider) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) SecurityContext(org.apache.cxf.security.SecurityContext) TokenProviderResponse(org.apache.cxf.sts.token.provider.TokenProviderResponse) ValidateTargetType(org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType) MessageImpl(org.apache.cxf.message.MessageImpl) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Example 14 with ValidateTargetType

use of org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType in project cxf by apache.

the class ValidateJWTUnitTest method testValidateJWT.

@org.junit.Test
public void testValidateJWT() throws Exception {
    TokenValidateOperation validateOperation = new TokenValidateOperation();
    // Add Token Validator
    List<TokenValidator> validatorList = new ArrayList<>();
    validatorList.add(new JWTTokenValidator());
    validateOperation.setTokenValidators(validatorList);
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    validateOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, STSConstants.STATUS);
    request.getAny().add(tokenType);
    // Get a JWTToken via the JWTTokenProvider
    TokenProviderResponse providerResponse = createJWT();
    Element wrapper = createTokenWrapper((String) providerResponse.getToken());
    ValidateTargetType validateTarget = new ValidateTargetType();
    validateTarget.setAny(wrapper);
    JAXBElement<ValidateTargetType> validateTargetType = new JAXBElement<ValidateTargetType>(QNameConstants.VALIDATE_TARGET, ValidateTargetType.class, validateTarget);
    request.getAny().add(validateTargetType);
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("alice");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    // Validate a token
    RequestSecurityTokenResponseType response = validateOperation.validate(request, principal, msgCtx);
    assertTrue(validateResponse(response));
}
Also used : RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) JAXBElement(javax.xml.bind.JAXBElement) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) TokenValidator(org.apache.cxf.sts.token.validator.TokenValidator) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) Crypto(org.apache.wss4j.common.crypto.Crypto) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) JWTTokenValidator(org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) SecurityContext(org.apache.cxf.security.SecurityContext) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) TokenProviderResponse(org.apache.cxf.sts.token.provider.TokenProviderResponse) ValidateTargetType(org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType) MessageImpl(org.apache.cxf.message.MessageImpl) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Example 15 with ValidateTargetType

use of org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType in project cxf by apache.

the class ValidateSCTUnitTest method testValidateSCT.

/**
 * Test to successfully validate a SecurityContextToken
 */
@org.junit.Test
public void testValidateSCT() throws Exception {
    TokenValidateOperation validateOperation = new TokenValidateOperation();
    validateOperation.setTokenStore(tokenStore);
    // Add Token Validator
    List<TokenValidator> validatorList = new ArrayList<>();
    validatorList.add(new SCTValidator());
    validateOperation.setTokenValidators(validatorList);
    // Add STSProperties object
    STSPropertiesMBean stsProperties = new StaticSTSProperties();
    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    stsProperties.setEncryptionCrypto(crypto);
    stsProperties.setSignatureCrypto(crypto);
    stsProperties.setEncryptionUsername("myservicekey");
    stsProperties.setSignatureUsername("mystskey");
    stsProperties.setCallbackHandler(new PasswordCallbackHandler());
    stsProperties.setIssuer("STS");
    validateOperation.setStsProperties(stsProperties);
    // Mock up a request
    RequestSecurityTokenType request = new RequestSecurityTokenType();
    JAXBElement<String> tokenType = new JAXBElement<String>(QNameConstants.TOKEN_TYPE, String.class, STSConstants.STATUS);
    request.getAny().add(tokenType);
    // Get a SecurityContextToken via the SCTProvider
    TokenProviderResponse providerResponse = createSCT();
    Element sct = (Element) providerResponse.getToken();
    ValidateTargetType validateTarget = new ValidateTargetType();
    validateTarget.setAny(sct);
    JAXBElement<ValidateTargetType> validateTargetType = new JAXBElement<ValidateTargetType>(QNameConstants.VALIDATE_TARGET, ValidateTargetType.class, validateTarget);
    request.getAny().add(validateTargetType);
    // Mock up message context
    MessageImpl msg = new MessageImpl();
    WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
    Principal principal = new CustomTokenPrincipal("alice");
    msgCtx.put(SecurityContext.class.getName(), createSecurityContext(principal));
    // Validate a token
    RequestSecurityTokenResponseType response = validateOperation.validate(request, principal, msgCtx);
    assertTrue(validateResponse(response));
    // Now remove the token from the cache before validating again
    tokenStore.remove(tokenStore.getToken(providerResponse.getTokenId()).getId());
    assertNull(tokenStore.getToken(providerResponse.getTokenId()));
    response = validateOperation.validate(request, principal, msgCtx);
    assertFalse(validateResponse(response));
}
Also used : RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) RequestSecurityTokenResponseType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType) StaticSTSProperties(org.apache.cxf.sts.StaticSTSProperties) JAXBElement(javax.xml.bind.JAXBElement) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) TokenValidator(org.apache.cxf.sts.token.validator.TokenValidator) Crypto(org.apache.wss4j.common.crypto.Crypto) STSPropertiesMBean(org.apache.cxf.sts.STSPropertiesMBean) SCTValidator(org.apache.cxf.sts.token.validator.SCTValidator) WrappedMessageContext(org.apache.cxf.jaxws.context.WrappedMessageContext) SecurityContext(org.apache.cxf.security.SecurityContext) PasswordCallbackHandler(org.apache.cxf.sts.common.PasswordCallbackHandler) TokenProviderResponse(org.apache.cxf.sts.token.provider.TokenProviderResponse) ValidateTargetType(org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType) MessageImpl(org.apache.cxf.message.MessageImpl) CustomTokenPrincipal(org.apache.wss4j.common.principal.CustomTokenPrincipal) Principal(java.security.Principal)

Aggregations

JAXBElement (javax.xml.bind.JAXBElement)21 ValidateTargetType (org.apache.cxf.ws.security.sts.provider.model.ValidateTargetType)21 ArrayList (java.util.ArrayList)20 WrappedMessageContext (org.apache.cxf.jaxws.context.WrappedMessageContext)20 MessageImpl (org.apache.cxf.message.MessageImpl)20 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)20 TokenValidator (org.apache.cxf.sts.token.validator.TokenValidator)20 RequestSecurityTokenResponseType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType)20 RequestSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)20 StaticSTSProperties (org.apache.cxf.sts.StaticSTSProperties)18 PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)16 Crypto (org.apache.wss4j.common.crypto.Crypto)16 Principal (java.security.Principal)14 SecurityContext (org.apache.cxf.security.SecurityContext)14 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)14 Element (org.w3c.dom.Element)13 SAMLTokenValidator (org.apache.cxf.sts.token.validator.SAMLTokenValidator)10 SAMLTokenProvider (org.apache.cxf.sts.token.provider.SAMLTokenProvider)8 TokenProvider (org.apache.cxf.sts.token.provider.TokenProvider)8 RequestedSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType)8