Examples with STSClient org.apache.cxf.ws.security.trust.STSClient used on opensource projects

Example 46 with STSClient

use of org.apache.cxf.ws.security.trust.STSClient in project wildfly by wildfly.

the class WSTrustTestUtils method createSTSClient.

/**
     * Create and configure an STSClient for use by service ServiceImpl.
     * <p/>
     * Whenever an "<sp:IssuedToken>" policy is configured on a WSDL port, as is the
     * case for ServiceImpl, a STSClient must be created and configured in
     * order for the service to connect to the STS-server to obtain a token.
     *
     * @param bus
     * @param stsWsdlLocation
     * @param stsService
     * @param stsPort
     * @return
     */
private static STSClient createSTSClient(Bus bus, String stsWsdlLocation, QName stsService, QName stsPort) {
    STSClient stsClient = new STSClient(bus);
    if (stsWsdlLocation != null) {
        stsClient.setWsdlLocation(stsWsdlLocation);
        stsClient.setServiceQName(stsService);
        stsClient.setEndpointQName(stsPort);
    }
    Map<String, Object> props = stsClient.getProperties();
    props.put(SecurityConstants.USERNAME, "alice");
    props.put(SecurityConstants.CALLBACK_HANDLER, new ClientCallbackHandler());
    props.put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
    props.put(SecurityConstants.ENCRYPT_USERNAME, "mystskey");
    props.put(SecurityConstants.STS_TOKEN_USERNAME, "myclientkey");
    props.put(SecurityConstants.STS_TOKEN_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
    props.put(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO, "true");
    return stsClient;
}

Example 47 with STSClient

use of org.apache.cxf.ws.security.trust.STSClient in project wildfly by wildfly.

the class ActAsServiceImpl method sayHello.

public String sayHello(String host, String port) {
    Bus bus = BusFactory.newInstance().createBus();
    try {
        BusFactory.setThreadDefaultBus(bus);
        final String serviceURL = "http://" + host + ":" + port + "/jaxws-samples-wsse-policy-trust/SecurityService";
        final QName serviceName = new QName("http://www.jboss.org/jbossws/ws-extensions/wssecuritypolicy", "SecurityService");
        final URL wsdlURL = new URL(serviceURL + "?wsdl");
        Service service = Service.create(wsdlURL, serviceName);
        ServiceIface proxy = (ServiceIface) service.getPort(ServiceIface.class);
        Map<String, Object> ctx = ((BindingProvider) proxy).getRequestContext();
        ctx.put(SecurityConstants.CALLBACK_HANDLER, new ActAsCallbackHandler());
        ctx.put(SecurityConstants.SIGNATURE_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("actasKeystore.properties"));
        ctx.put(SecurityConstants.SIGNATURE_USERNAME, "myactaskey");
        ctx.put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("../../META-INF/clientKeystore.properties"));
        ctx.put(SecurityConstants.ENCRYPT_USERNAME, "myservicekey");
        STSClient stsClient = new STSClient(bus);
        Map<String, Object> props = stsClient.getProperties();
        props.put(SecurityConstants.USERNAME, "alice");
        props.put(SecurityConstants.ENCRYPT_USERNAME, "mystskey");
        props.put(SecurityConstants.STS_TOKEN_USERNAME, "myactaskey");
        props.put(SecurityConstants.STS_TOKEN_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("actasKeystore.properties"));
        props.put(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO, "true");
        ctx.put(SecurityConstants.STS_CLIENT, stsClient);
        return "ActAs " + proxy.sayHello();
    } catch (MalformedURLException e) {
        e.printStackTrace();
        return null;
    } finally {
        bus.shutdown(true);
    }
}

Example 48 with STSClient

use of org.apache.cxf.ws.security.trust.STSClient in project ddf by codice.

the class AbstractStsRealm method renewSecurityToken.

/**
     * Renew a security token (SAML assertion) from the STS.
     *
     * @param securityToken The token being renewed.
     * @return security token (SAML assertion)
     */
protected SecurityToken renewSecurityToken(SecurityToken securityToken) {
    SecurityToken token = null;
    String stsAddress = getAddress();
    try {
        LOGGER.debug("Renewing security token from STS at: {}.", stsAddress);
        if (securityToken != null) {
            LOGGER.debug("Telling the STS to renew a security token on behalf of the auth token");
            STSClient stsClient = configureStsClient();
            stsClient.setWsdlLocation(stsAddress);
            stsClient.setTokenType(getAssertionType());
            stsClient.setKeyType(getKeyType());
            stsClient.setKeySize(Integer.parseInt(getKeySize()));
            stsClient.setAllowRenewing(true);
            token = stsClient.renewSecurityToken(securityToken);
            LOGGER.debug("Finished renewing security token.");
        }
    } catch (Exception e) {
        String msg = "Error renewing the security token from STS at: " + stsAddress + ".";
        LOGGER.debug(msg, e);
        throw new AuthenticationException(msg, e);
    }
    return token;
}

Example 49 with STSClient

use of org.apache.cxf.ws.security.trust.STSClient in project ddf by codice.

the class AbstractStsRealm method requestSecurityToken.

/**
     * Request a security token (SAML assertion) from the STS.
     *
     * @param authToken The subject the security token is being request for.
     * @return security token (SAML assertion)
     */
protected SecurityToken requestSecurityToken(Object authToken) {
    SecurityToken token = null;
    String stsAddress = getAddress();
    try {
        LOGGER.debug("Requesting security token from STS at: {}.", stsAddress);
        if (authToken != null) {
            LOGGER.debug("Telling the STS to request a security token on behalf of the auth token");
            STSClient stsClient = configureStsClient();
            stsClient.setWsdlLocation(stsAddress);
            stsClient.setOnBehalfOf(authToken);
            stsClient.setTokenType(getAssertionType());
            stsClient.setKeyType(getKeyType());
            stsClient.setKeySize(Integer.parseInt(getKeySize()));
            token = stsClient.requestSecurityToken(stsAddress);
            LOGGER.debug("Finished requesting security token.");
        }
    } catch (Exception e) {
        String msg = "Error requesting the security token from STS at: " + stsAddress + ".";
        LOGGER.debug(msg, e);
        throw new AuthenticationException(msg, e);
    }
    return token;
}

Example 50 with STSClient

use of org.apache.cxf.ws.security.trust.STSClient in project ddf by codice.

the class AbstractStsRealm method configureBaseStsClient.

/**
     * Helper method to setup STS Client.
     */
private STSClient configureBaseStsClient() {
    STSClient stsClient = new STSClient(bus);
    String stsAddress = getAddress();
    String stsServiceName = getServiceName();
    String stsEndpointName = getEndpointName();
    if (stsAddress != null) {
        LOGGER.debug("Setting WSDL location on STSClient: " + stsAddress);
        stsClient.setWsdlLocation(stsAddress);
    }
    if (stsServiceName != null) {
        LOGGER.debug("Setting service name on STSClient: {}", stsServiceName);
        stsClient.setServiceName(stsServiceName);
    }
    if (stsEndpointName != null) {
        LOGGER.debug("Setting endpoint name on STSClient: {}", stsEndpointName);
        stsClient.setEndpointName(stsEndpointName);
    }
    LOGGER.debug("Setting addressing namespace on STSClient: {}", ADDRESSING_NAMESPACE);
    stsClient.setAddressingNamespace(ADDRESSING_NAMESPACE);
    return stsClient;
}