Examples with AttachmentCallbackHandler org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler used on opensource projects

Search in sources :

Example 21 with AttachmentCallbackHandler

use of org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler in project cxf by apache.

the class AbstractBindingBuilder method doSymmSignature.

private void doSymmSignature(AbstractToken policyToken, SecurityToken tok, List<WSEncryptionPart> sigParts, boolean isSigProtect) throws WSSecurityException {
    WSSecSignature sig = new WSSecSignature(secHeader);
    sig.setIdAllocator(wssConfig.getIdAllocator());
    sig.setCallbackLookup(callbackLookup);
    sig.setAttachmentCallbackHandler(new AttachmentCallbackHandler(message));
    sig.setStoreBytesInAttachment(storeBytesInAttachment);
    sig.setExpandXopInclude(isExpandXopInclude());
    sig.setWsDocInfo(wsDocInfo);
    // be used in the wsse:Reference in ds:KeyInfo
    if (policyToken instanceof X509Token) {
        if (isRequestor()) {
            // TODO Add support for SAML2 here
            sig.setCustomTokenValueType(WSS4JConstants.SOAPMESSAGE_NS11 + "#" + WSS4JConstants.ENC_KEY_VALUE_TYPE);
            sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
        } else {
            // the tok has to be an EncryptedKey token
            sig.setEncrKeySha1value(tok.getSHA1());
            sig.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
        }
    } else {
        String tokenType = tok.getTokenType();
        if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML_NS.equals(tokenType)) {
            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
        } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML2_NS.equals(tokenType)) {
            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
        } else if (tokenType != null) {
            sig.setCustomTokenValueType(tokenType);
        } else if (policyToken instanceof UsernameToken) {
            sig.setCustomTokenValueType(WSS4JConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
        } else {
            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
        }
        sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
    }
    String sigTokId = tok.getWsuId();
    if (sigTokId == null) {
        sigTokId = tok.getId();
    }
    sigTokId = XMLUtils.getIDFromReference(sigTokId);
    sig.setCustomTokenId(sigTokId);
    sig.setSecretKey(tok.getSecret());
    sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getAlgorithmSuiteType().getSymmetricSignature());
    AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType();
    sig.setDigestAlgo(algType.getDigest());
    sig.setSigCanonicalization(binding.getAlgorithmSuite().getC14n().getValue());
    sig.prepare(getSignatureCrypto());
    sig.getParts().addAll(sigParts);
    List<Reference> referenceList = sig.addReferencesToSign(sigParts);
    // Do signature
    sig.computeSignature(referenceList, false, null);
    if (isSigProtect) {
        WSEncryptionPart part = new WSEncryptionPart(sig.getId(), "Element");
        encryptedTokensList.add(part);
    }
    addSig(sig.getSignatureValue());
}
Also used : WSEncryptionPart(org.apache.wss4j.common.WSEncryptionPart) X509Token(org.apache.wss4j.policy.model.X509Token) AlgorithmSuiteType(org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType) Reference(javax.xml.crypto.dsig.Reference) SecurityTokenReference(org.apache.wss4j.common.token.SecurityTokenReference) WSSecSignature(org.apache.wss4j.dom.message.WSSecSignature) AttachmentCallbackHandler(org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler) WSSecUsernameToken(org.apache.wss4j.dom.message.WSSecUsernameToken) UsernameToken(org.apache.wss4j.policy.model.UsernameToken)

Aggregations

AttachmentCallbackHandler (org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler)21 AlgorithmSuiteType (org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType)17 Element (org.w3c.dom.Element)17 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)13 SecurityTokenReference (org.apache.wss4j.common.token.SecurityTokenReference)12 Crypto (org.apache.wss4j.common.crypto.Crypto)11 WSSecUsernameToken (org.apache.wss4j.dom.message.WSSecUsernameToken)10 UsernameToken (org.apache.wss4j.policy.model.UsernameToken)10 Reference (javax.xml.crypto.dsig.Reference)8 StaxSerializer (org.apache.cxf.ws.security.wss4j.StaxSerializer)8 WSSecSignature (org.apache.wss4j.dom.message.WSSecSignature)8 SOAPException (javax.xml.soap.SOAPException)7 AbstractToken (org.apache.wss4j.policy.model.AbstractToken)7 BSPEnforcer (org.apache.wss4j.common.bsp.BSPEnforcer)6 AlgorithmSuite (org.apache.wss4j.policy.model.AlgorithmSuite)6 KerberosToken (org.apache.wss4j.policy.model.KerberosToken)6 SecureConversationToken (org.apache.wss4j.policy.model.SecureConversationToken)6 SecurityContextToken (org.apache.wss4j.policy.model.SecurityContextToken)6 WSEncryptionPart (org.apache.wss4j.common.WSEncryptionPart)5 X509Token (org.apache.wss4j.policy.model.X509Token)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial