Example 1 with PasswordString
use of org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString in project ddf by codice.
the class WssBasicAuthenticationHandler method getBaseAuthenticationToken.
protected BaseAuthenticationToken getBaseAuthenticationToken(String realm, String username, String password) {
if (null == parser) {
throw new IllegalStateException("XMLParser must be configured.");
}
UsernameTokenType usernameTokenType = new UsernameTokenType();
AttributedString user = new AttributedString();
user.setValue(username);
usernameTokenType.setUsername(user);
String usernameToken = null;
// Add a password
PasswordString pass = new PasswordString();
pass.setValue(password);
pass.setType(WSConstants.PASSWORD_TEXT);
JAXBElement<PasswordString> passwordType = new JAXBElement<>(QNameConstants.PASSWORD, PasswordString.class, pass);
usernameTokenType.getAny().add(passwordType);
// Marshall the received JAXB object into a DOM Element
List<String> ctxPath = new ArrayList<>(2);
ctxPath.add(ObjectFactory.class.getPackage().getName());
ctxPath.add(org.apache.cxf.ws.security.sts.provider.model.wstrust14.ObjectFactory.class.getPackage().getName());
ParserConfigurator configurator = parser.configureParser(ctxPath, WssBasicAuthenticationHandler.class.getClassLoader());
ByteArrayOutputStream os = new ByteArrayOutputStream();
JAXBElement<UsernameTokenType> tokenType = new JAXBElement<>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameTokenType);
try {
parser.marshal(configurator, tokenType, os);
usernameToken = os.toString("UTF-8");
} catch (ParserException | UnsupportedEncodingException ex) {
LOGGER.info("Unable to parse username token.", ex);
}
BaseAuthenticationToken baseAuthenticationToken = new BaseAuthenticationToken(null, "", usernameToken);
baseAuthenticationToken.setUseWssSts(true);
return baseAuthenticationToken;
}
Also used :
ParserException(org.codice.ddf.parser.ParserException)
UsernameTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)
ArrayList(java.util.ArrayList)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
AttributedString(org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString)
PasswordString(org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString)
JAXBElement(javax.xml.bind.JAXBElement)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
PasswordString(org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString)
ParserConfigurator(org.codice.ddf.parser.ParserConfigurator)
AttributedString(org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString)
BaseAuthenticationToken(org.codice.ddf.security.handler.api.BaseAuthenticationToken)
Example 2 with PasswordString
use of org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString in project cxf by apache.
the class ValidateUsernameTokenUnitTest method createUsernameToken.
private JAXBElement<UsernameTokenType> createUsernameToken(String name, String password) {
UsernameTokenType usernameToken = new UsernameTokenType();
AttributedString username = new AttributedString();
username.setValue(name);
usernameToken.setUsername(username);
// Add a password
PasswordString passwordString = new PasswordString();
passwordString.setValue(password);
passwordString.setType(WSS4JConstants.PASSWORD_TEXT);
JAXBElement<PasswordString> passwordType = new JAXBElement<PasswordString>(QNameConstants.PASSWORD, PasswordString.class, passwordString);
usernameToken.getAny().add(passwordType);
return new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);
}
Also used :
PasswordString(org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString)
AttributedString(org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString)
UsernameTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)
JAXBElement(javax.xml.bind.JAXBElement)
Example 3 with PasswordString
use of org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString in project cxf by apache.
the class UsernameTokenValidatorTest method testInvalidUsernameTokenText.
/**
* Test an invalid UsernameToken with password text
*/
@org.junit.Test
public void testInvalidUsernameTokenText() throws Exception {
TokenValidator usernameTokenValidator = new UsernameTokenValidator();
TokenValidatorParameters validatorParameters = createValidatorParameters();
TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
// Create a ValidateTarget consisting of a UsernameToken
UsernameTokenType usernameToken = new UsernameTokenType();
AttributedString username = new AttributedString();
username.setValue("eve");
usernameToken.setUsername(username);
JAXBElement<UsernameTokenType> tokenType = new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);
// Add a password
PasswordString password = new PasswordString();
password.setValue("clarinet");
password.setType(WSS4JConstants.PASSWORD_TEXT);
JAXBElement<PasswordString> passwordType = new JAXBElement<PasswordString>(QNameConstants.PASSWORD, PasswordString.class, password);
usernameToken.getAny().add(passwordType);
ReceivedToken validateTarget = new ReceivedToken(tokenType);
tokenRequirements.setValidateTarget(validateTarget);
validatorParameters.setToken(validateTarget);
assertTrue(usernameTokenValidator.canHandleToken(validateTarget));
// This will fail as the username is bad
TokenValidatorResponse validatorResponse = usernameTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
// This will fail as the password is bad
username.setValue("alice");
password.setValue("badpassword");
validatorResponse = usernameTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
}
Also used :
PasswordString(org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString)
AttributedString(org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString)
UsernameTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)
TokenRequirements(org.apache.cxf.sts.request.TokenRequirements)
JAXBElement(javax.xml.bind.JAXBElement)
ReceivedToken(org.apache.cxf.sts.request.ReceivedToken)
Example 4 with PasswordString
use of org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString in project ddf by codice.
the class UPBSTValidator method getUsernameTokenType.
public UsernameTokenType getUsernameTokenType(UPAuthenticationToken token) {
UsernameTokenType usernameTokenType = new UsernameTokenType();
AttributedString user = new AttributedString();
user.setValue(token.getUsername());
usernameTokenType.setUsername(user);
// Add a password
PasswordString password = new PasswordString();
password.setValue(token.getPassword());
password.setType(WSConstants.PASSWORD_TEXT);
JAXBElement<PasswordString> passwordType = new JAXBElement<PasswordString>(QNameConstants.PASSWORD, PasswordString.class, password);
usernameTokenType.getAny().add(passwordType);
return usernameTokenType;
}
Also used :
PasswordString(org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString)
AttributedString(org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString)
UsernameTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)
JAXBElement(javax.xml.bind.JAXBElement)
Example 5 with PasswordString
use of org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString in project cxf by apache.
the class IssueJWTOnbehalfofUnitTest method createUsernameToken.
private JAXBElement<UsernameTokenType> createUsernameToken(String name, String password) {
UsernameTokenType usernameToken = new UsernameTokenType();
AttributedString username = new AttributedString();
username.setValue(name);
usernameToken.setUsername(username);
// Add a password
if (password != null) {
PasswordString passwordString = new PasswordString();
passwordString.setValue(password);
passwordString.setType(WSS4JConstants.PASSWORD_TEXT);
JAXBElement<PasswordString> passwordType = new JAXBElement<PasswordString>(QNameConstants.PASSWORD, PasswordString.class, passwordString);
usernameToken.getAny().add(passwordType);
}
return new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);
}
Also used :
PasswordString(org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString)
AttributedString(org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString)
UsernameTokenType(org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)
JAXBElement(javax.xml.bind.JAXBElement)
Aggregations
JAXBElement (javax.xml.bind.JAXBElement)9
AttributedString (org.apache.cxf.ws.security.sts.provider.model.secext.AttributedString)9
PasswordString (org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString)9
UsernameTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)9
ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)3
TokenRequirements (org.apache.cxf.sts.request.TokenRequirements)3
Principal (java.security.Principal)2
CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)2
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
UnsupportedEncodingException (java.io.UnsupportedEncodingException)1
ArrayList (java.util.ArrayList)1
EncodedString (org.apache.cxf.ws.security.sts.provider.model.secext.EncodedString)1
UsernameToken (org.apache.wss4j.dom.message.token.UsernameToken)1
ParserConfigurator (org.codice.ddf.parser.ParserConfigurator)1
ParserException (org.codice.ddf.parser.ParserException)1
BaseAuthenticationToken (org.codice.ddf.security.handler.api.BaseAuthenticationToken)1
Document (org.w3c.dom.Document)1
Element (org.w3c.dom.Element)1
