Examples with WSS4JOutInterceptor - org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor

Example 61 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class JavaFirstPolicyServiceTest method addToClient.

private WSS4JOutInterceptor addToClient(Object svc) {
    Client client = ClientProxy.getClient(svc);
    WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor();
    client.getEndpoint().getOutInterceptors().add(wssOut);
    client.getOutInterceptors().add(wssOut);
    return wssOut;
}

Also used : WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client)

Example 62 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project teiid by teiid.

the class WSConnectionImpl method configureWSSecurity.

private <T> void configureWSSecurity(Dispatch<T> dispatch) {
    if (this.mcf.getAsSecurityType() == WSManagedConnectionFactory.SecurityType.WSSecurity) {
        Bus bus = BusFactory.getThreadDefaultBus();
        BusFactory.setThreadDefaultBus(this.mcf.getBus());
        try {
            Client client = ((DispatchImpl) dispatch).getClient();
            Endpoint ep = client.getEndpoint();
            // spring configuration file
            if (this.mcf.getOutInterceptors() != null) {
                for (Interceptor i : this.mcf.getOutInterceptors()) {
                    ep.getOutInterceptors().add(i);
                }
            }
            // ws-security pass-thru from custom jaas domain
            Subject subject = ConnectionContext.getSubject();
            if (subject != null) {
                WSSecurityCredential credential = ConnectionContext.getSecurityCredential(subject, WSSecurityCredential.class);
                if (credential != null) {
                    if (credential.useSts()) {
                        dispatch.getRequestContext().put(SecurityConstants.STS_CLIENT, credential.buildStsClient(bus));
                    }
                    if (credential.getSecurityHandler() == WSSecurityCredential.SecurityHandler.WSS4J) {
                        ep.getOutInterceptors().add(new WSS4JOutInterceptor(credential.getRequestPropterties()));
                        ep.getInInterceptors().add(new WSS4JInInterceptor(credential.getResponsePropterties()));
                    } else if (credential.getSecurityHandler() == WSSecurityCredential.SecurityHandler.WSPOLICY) {
                        dispatch.getRequestContext().putAll(credential.getRequestPropterties());
                        dispatch.getResponseContext().putAll(credential.getResponsePropterties());
                    }
                }
                // When properties are set on subject treat them as they can configure WS-Security
                HashMap<String, String> properties = ConnectionContext.getSecurityCredential(subject, HashMap.class);
                for (String key : properties.keySet()) {
                    if (key.startsWith("ws-security.")) {
                        // $NON-NLS-1$
                        ep.put(key, properties.get(key));
                    }
                }
            }
        } finally {
            BusFactory.setThreadDefaultBus(bus);
        }
    }
}

Also used : Bus(org.apache.cxf.Bus) Endpoint(org.apache.cxf.endpoint.Endpoint) DispatchImpl(org.apache.cxf.jaxws.DispatchImpl) WSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) WebClient(org.apache.cxf.jaxrs.client.WebClient) WSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Interceptor(org.apache.cxf.interceptor.Interceptor) Subject(javax.security.auth.Subject)

Example 63 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project tesb-rt-se by Talend.

the class SAMClientSecurityProvider method init.

@PostConstruct
public void init() {
    final EsbSecurityConstants esbSecurity = EsbSecurityConstants.fromString(authenticationType);
    if (EsbSecurityConstants.NO == esbSecurity) {
        return;
    }
    Bus bus = client.getBus();
    List<Policy> policies = new ArrayList<Policy>();
    WSPolicyFeature policyFeature = new WSPolicyFeature();
    policyFeature.setPolicies(policies);
    Map<String, Object> properties = client.getRequestContext();
    if (null == properties) {
        properties = new HashMap<String, Object>();
    }
    if (EsbSecurityConstants.BASIC == esbSecurity) {
        AuthorizationPolicy authzPolicy = new AuthorizationPolicy();
        authzPolicy.setUserName(username);
        authzPolicy.setPassword(password);
        authzPolicy.setAuthorizationType(HttpAuthHeader.AUTH_TYPE_BASIC);
        HTTPConduit conduit = (HTTPConduit) client.getConduit();
        conduit.setAuthorization(authzPolicy);
    } else if (EsbSecurityConstants.USERNAMETOKEN == esbSecurity) {
        policies.add(loadPolicy(policyUsernameToken, bus));
        java.util.Map<String, Object> wssProps = new java.util.HashMap<String, Object>();
        wssProps.put(ConfigurationConstants.ACTION, ConfigurationConstants.USERNAME_TOKEN);
        wssProps.put(ConfigurationConstants.USER, username);
        wssProps.put(ConfigurationConstants.PASSWORD_TYPE, WSS4JConstants.PW_TEXT);
        wssProps.put(ConfigurationConstants.PW_CALLBACK_REF, new CallbackHandler() {

            public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
                ((WSPasswordCallback) callbacks[0]).setPassword(password);
            }
        });
        client.getEndpoint().getOutInterceptors().add(new WSS4JOutInterceptor(wssProps));
        client.getRequestContext().put("security.username", username);
        client.getRequestContext().put("security.password", password);
    } else if (EsbSecurityConstants.SAML == esbSecurity) {
        policies.add(loadPolicy(policySaml, bus));
        properties.put(SecurityConstants.SIGNATURE_PROPERTIES, processFileURI(getSignatureProperties()));
        properties.put(SecurityConstants.SIGNATURE_USERNAME, getSignatureUsername());
        properties.put(ENDPOINT_SIGNATURE_PASSWORD, getSignaturePassword());
        properties.put(SecurityConstants.CALLBACK_HANDLER, new WSPasswordCallbackHandler(getSignatureUsername(), getSignaturePassword()));
        // STS client
        STSClient stsClient = new STSClient(bus);
        stsClient.setWsdlLocation(stsWsdlLocation);
        stsClient.setServiceQName(new QName(stsNamespace, stsServiceName));
        stsClient.setEndpointQName(new QName(stsNamespace, stsEndpointName));
        Map<String, Object> stsProperties = new HashMap<String, Object>();
        stsProperties.put(SecurityConstants.USERNAME, username);
        stsProperties.put(SecurityConstants.PASSWORD, password);
        stsProperties.put(SecurityConstants.CALLBACK_HANDLER, new WSPasswordCallbackHandler(username, password));
        stsProperties.put(SecurityConstants.STS_TOKEN_PROPERTIES, processFileURI(getSignatureProperties()));
        stsProperties.put(SecurityConstants.STS_TOKEN_USERNAME, signatureUsername);
        stsProperties.put(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO, stsTokenUsecert);
        stsProperties.put(SecurityConstants.ENCRYPT_PROPERTIES, processFileURI(getSignatureProperties()));
        stsProperties.put(SecurityConstants.ENCRYPT_USERNAME, encryptionUsername);
        stsProperties.put(SecurityConstants.IS_BSP_COMPLIANT, isBspCompliant);
        stsClient.setProperties(stsProperties);
        properties.put(SecurityConstants.STS_CLIENT, stsClient);
    }
    client.getEndpoint().getActiveFeatures().add(policyFeature);
    policyFeature.initialize(client, bus);
}

Also used : Policy(org.apache.neethi.Policy) AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) Bus(org.apache.cxf.Bus) CallbackHandler(javax.security.auth.callback.CallbackHandler) WSPolicyFeature(org.apache.cxf.ws.policy.WSPolicyFeature) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) STSClient(org.apache.cxf.ws.security.trust.STSClient) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) HashMap(java.util.HashMap) Map(java.util.Map) PostConstruct(javax.annotation.PostConstruct)

Aggregations

WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)63 HashMap (java.util.HashMap)48 QName (javax.xml.namespace.QName)31 URL (java.net.URL)30 Client (org.apache.cxf.endpoint.Client)27 Service (javax.xml.ws.Service)26 Test (org.junit.Test)23 Bus (org.apache.cxf.Bus)19 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)17 DoubleItPortType (org.example.contract.doubleit.DoubleItPortType)15 SOAPFaultException (javax.xml.ws.soap.SOAPFaultException)12 WSS4JStaxOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor)12 Endpoint (org.apache.cxf.endpoint.Endpoint)9 SAAJOutInterceptor (org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor)8 ClassPathXmlApplicationContext (org.springframework.context.support.ClassPathXmlApplicationContext)8 CallbackHandler (javax.security.auth.callback.CallbackHandler)7 BindingProvider (javax.xml.ws.BindingProvider)7 WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)7 ModelPortType (com.evolveum.midpoint.xml.ns._public.model.model_3.ModelPortType)6 ModelService (com.evolveum.midpoint.xml.ns._public.model.model_3.ModelService)6