Examples with STSClient org.apache.cxf.ws.security.trust.STSClient used on opensource projects

Search in sources :

Example 51 with STSClient

use of org.apache.cxf.ws.security.trust.STSClient in project ddf by codice.

the class StsIssueTest method requestSecurityToken.

private SecurityToken requestSecurityToken(String tokenType, String keyType, Element supportingToken, Bus bus, String endpointAddress, String wsdlLocation, String endpointName, Element claims) {
    STSClient stsClient = new STSClient(bus);
    stsClient.setWsdlLocation(wsdlLocation);
    stsClient.setEndpointName(endpointName);
    stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService");
    Map<String, Object> properties = new HashMap<String, Object>();
    // XXX - Not sure how this is used - doesn't show up in the payload. -
    // Should this be "client"?
    // properties.put(SecurityConstants.USERNAME, "kcwire");
    // properties
    // .put(SecurityConstants.CALLBACK_HANDLER,
    // "org.apache.cxf.ws.security.trust.delegation.WSSUsernameCallbackHandler");
    properties.put(SecurityConstants.IS_BSP_COMPLIANT, "false");
    // }
    if (supportingToken != null) {
        stsClient.setOnBehalfOf(supportingToken);
    }
    stsClient.setClaims(claims);
    stsClient.setProperties(properties);
    stsClient.setTokenType(tokenType);
    stsClient.setKeyType(keyType);
    SecurityToken token = null;
    try {
        token = stsClient.requestSecurityToken(endpointAddress);
    } catch (Exception e) {
        LOGGER.info("Error requesting the SecurityToken.", e);
    }
    return token;
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) STSClient(org.apache.cxf.ws.security.trust.STSClient) HashMap(java.util.HashMap) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Example 52 with STSClient

use of org.apache.cxf.ws.security.trust.STSClient in project cxf by apache.

the class WSSCUnitTest method testIssueAndRenewUnitTest.

@Test
public void testIssueAndRenewUnitTest() throws Exception {
    if (test.isStreaming()) {
        return;
    }
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = WSSCUnitTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    STSClient stsClient = new STSClient(bus);
    stsClient.setSecureConv(true);
    stsClient.setLocation("http://localhost:" + PORT2 + "/" + "DoubleItSymmetric");
    stsClient.setPolicy(createSymmetricBindingPolicy());
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.ENCRYPT_USERNAME, "bob");
    TokenCallbackHandler callbackHandler = new TokenCallbackHandler();
    properties.put(SecurityConstants.CALLBACK_HANDLER, callbackHandler);
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "alice.properties");
    properties.put(SecurityConstants.ENCRYPT_PROPERTIES, "bob.properties");
    stsClient.setProperties(properties);
    SecurityToken securityToken = stsClient.requestSecurityToken("http://localhost:" + PORT2 + "/" + "DoubleItSymmetric");
    assertNotNull(securityToken);
    callbackHandler.setSecurityToken(securityToken);
    assertNotNull(stsClient.renewSecurityToken(securityToken));
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Bus(org.apache.cxf.Bus) STSClient(org.apache.cxf.ws.security.trust.STSClient) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) HashMap(java.util.HashMap) URL(java.net.URL) Test(org.junit.Test)

Example 53 with STSClient

use of org.apache.cxf.ws.security.trust.STSClient in project cxf by apache.

the class WSSCUnitTest method testIssueAndCancelUnitTest.

@Test
public void testIssueAndCancelUnitTest() throws Exception {
    if (test.isStreaming()) {
        return;
    }
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = WSSCUnitTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    STSClient stsClient = new STSClient(bus);
    stsClient.setSecureConv(true);
    stsClient.setLocation("http://localhost:" + PORT2 + "/" + "DoubleItSymmetric");
    stsClient.setPolicy(createSymmetricBindingPolicy());
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.ENCRYPT_USERNAME, "bob");
    TokenCallbackHandler callbackHandler = new TokenCallbackHandler();
    properties.put(SecurityConstants.CALLBACK_HANDLER, callbackHandler);
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "alice.properties");
    properties.put(SecurityConstants.ENCRYPT_PROPERTIES, "bob.properties");
    stsClient.setProperties(properties);
    SecurityToken securityToken = stsClient.requestSecurityToken("http://localhost:" + PORT2 + "/" + "DoubleItSymmetric");
    assertNotNull(securityToken);
    callbackHandler.setSecurityToken(securityToken);
    assertTrue(stsClient.cancelSecurityToken(securityToken));
}
Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Bus(org.apache.cxf.Bus) STSClient(org.apache.cxf.ws.security.trust.STSClient) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) HashMap(java.util.HashMap) URL(java.net.URL) Test(org.junit.Test)

Example 54 with STSClient

use of org.apache.cxf.ws.security.trust.STSClient in project cxf by apache.

the class WSSCUnitTest method testEndorsingSecureConverationViaCode.

@Test
public void testEndorsingSecureConverationViaCode() throws Exception {
    URL wsdl = WSSCUnitTest.class.getResource("DoubleItWSSC.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItTransportPort");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, test.getPort());
    if (test.isStreaming()) {
        SecurityTestUtil.enableStreaming(port);
    }
    // TLS configuration
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    final KeyStore ts = KeyStore.getInstance("JKS");
    try (InputStream trustStore = ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", WSSCUnitTest.class)) {
        ts.load(trustStore, "password".toCharArray());
    }
    tmf.init(ts);
    TLSClientParameters tlsParams = new TLSClientParameters();
    tlsParams.setTrustManagers(tmf.getTrustManagers());
    tlsParams.setDisableCNCheck(true);
    Client client = ClientProxy.getClient(port);
    HTTPConduit http = (HTTPConduit) client.getConduit();
    http.setTlsClientParameters(tlsParams);
    // STSClient configuration
    Bus clientBus = BusFactory.newInstance().createBus();
    STSClient stsClient = new STSClient(clientBus);
    stsClient.setTlsClientParameters(tlsParams);
    ((BindingProvider) port).getRequestContext().put("security.sts.client", stsClient);
    assertEquals(50, port.doubleIt(25));
    ((java.io.Closeable) port).close();
}
Also used : TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters) Bus(org.apache.cxf.Bus) QName(javax.xml.namespace.QName) InputStream(java.io.InputStream) Service(javax.xml.ws.Service) KeyStore(java.security.KeyStore) URL(java.net.URL) HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) STSClient(org.apache.cxf.ws.security.trust.STSClient) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) STSClient(org.apache.cxf.ws.security.trust.STSClient) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test)

Example 55 with STSClient

use of org.apache.cxf.ws.security.trust.STSClient in project cxf by apache.

the class SecureConversationOutInterceptor method renewToken.

private SecurityToken renewToken(SoapMessage message, AssertionInfoMap aim, SecurityToken tok, SecureConversationToken itok) {
    if (!tok.isExpired()) {
        return tok;
    }
    // Remove the old token
    message.getExchange().getEndpoint().remove(SecurityConstants.TOKEN);
    message.getExchange().getEndpoint().remove(SecurityConstants.TOKEN_ID);
    message.getExchange().remove(SecurityConstants.TOKEN_ID);
    message.getExchange().remove(SecurityConstants.TOKEN);
    TokenStoreUtils.getTokenStore(message).remove(tok.getId());
    STSClient client = STSUtils.getClient(message, "sct");
    AddressingProperties maps = (AddressingProperties) message.get("javax.xml.ws.addressing.context.outbound");
    if (maps == null) {
        maps = (AddressingProperties) message.get("javax.xml.ws.addressing.context");
    } else if (maps.getAction().getValue().endsWith("Renew")) {
        return tok;
    }
    synchronized (client) {
        try {
            SecureConversationTokenInterceptorProvider.setupClient(client, message, aim, itok, true);
            String s = message.getContextualProperty(Message.ENDPOINT_ADDRESS).toString();
            client.setLocation(s);
            Map<String, Object> ctx = client.getRequestContext();
            ctx.put(SecurityConstants.TOKEN_ID, tok.getId());
            if (maps != null) {
                client.setAddressingNamespace(maps.getNamespaceURI());
            }
            return client.renewSecurityToken(tok);
        } catch (RuntimeException ex) {
            LOG.log(Level.WARNING, "Error renewing a token", ex);
            boolean issueAfterFailedRenew = MessageUtils.getContextualBoolean(message, SecurityConstants.STS_ISSUE_AFTER_FAILED_RENEW, true);
            if (issueAfterFailedRenew) {
                // Perhaps the STS does not support renewing, so try to issue a new token
                return issueToken(message, aim, itok);
            }
            throw ex;
        } catch (Exception ex) {
            LOG.log(Level.WARNING, "Error renewing a token", ex);
            boolean issueAfterFailedRenew = MessageUtils.getContextualBoolean(message, SecurityConstants.STS_ISSUE_AFTER_FAILED_RENEW, true);
            if (issueAfterFailedRenew) {
                // Perhaps the STS does not support renewing, so try to issue a new token
                return issueToken(message, aim, itok);
            }
            throw new Fault(ex);
        } finally {
            client.setTrust((Trust10) null);
            client.setTrust((Trust13) null);
            client.setTemplate(null);
            client.setLocation(null);
            client.setAddressingNamespace(null);
        }
    }
}
Also used : STSClient(org.apache.cxf.ws.security.trust.STSClient) AddressingProperties(org.apache.cxf.ws.addressing.AddressingProperties) Fault(org.apache.cxf.interceptor.Fault)

Aggregations

STSClient (org.apache.cxf.ws.security.trust.STSClient)89 Bus (org.apache.cxf.Bus)35 HashMap (java.util.HashMap)33 URL (java.net.URL)31 QName (javax.xml.namespace.QName)29 Service (javax.xml.ws.Service)27 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)24 DoubleItPortType (org.example.contract.doubleit.DoubleItPortType)21 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)14 BindingProvider (javax.xml.ws.BindingProvider)11 Test (org.junit.Test)11 Client (org.apache.cxf.endpoint.Client)9 WebService (javax.jws.WebService)5 BusException (org.apache.cxf.BusException)5 TLSClientParameters (org.apache.cxf.configuration.jsse.TLSClientParameters)5 EndpointException (org.apache.cxf.endpoint.EndpointException)5 MessageImpl (org.apache.cxf.message.MessageImpl)5 HTTPConduit (org.apache.cxf.transport.http.HTTPConduit)5 ClientCallbackHandler (org.jboss.as.test.integration.ws.wsse.trust.shared.ClientCallbackHandler)5 DOMSource (javax.xml.transform.dom.DOMSource)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial