use of org.apache.ws.security.WSSConfig in project OpenAM by OpenRock.
the class OpenAMWSSUsernameTokenValidator method printConfig.
protected void printConfig(RequestData data) {
WSSConfig config = data.getWssConfig();
if (config != null) {
logger.debug("Passwords are encoded: {}", config.getPasswordsAreEncoded());
logger.debug("Handle custom password types: {}", config.getHandleCustomPasswordTypes());
logger.debug("Required Password Type: {}", config.getRequiredPasswordType());
}
}
use of org.apache.ws.security.WSSConfig in project iaf by ibissource.
the class SoapWrapper method signMessage.
public String signMessage(String soapMessage, String user, String password) throws SenderException {
try {
WSSecurityEngine secEngine = WSSecurityEngine.getInstance();
WSSConfig config = secEngine.getWssConfig();
config.setPrecisionInMilliSeconds(false);
// create context
AxisClient tmpEngine = new AxisClient(new NullProvider());
MessageContext msgContext = new MessageContext(tmpEngine);
InputStream in = new ByteArrayInputStream(soapMessage.getBytes());
Message msg = new Message(in);
msg.setMessageContext(msgContext);
// create unsigned envelope
SOAPEnvelope unsignedEnvelope = msg.getSOAPEnvelope();
Document doc = unsignedEnvelope.getAsDocument();
// create security header and insert it into unsigned envelope
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
// add a UsernameToken
WSSecUsernameToken tokenBuilder = new WSSecUsernameToken();
tokenBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
tokenBuilder.setUserInfo(user, password);
tokenBuilder.addNonce();
tokenBuilder.addCreated();
tokenBuilder.prepare(doc);
WSSecSignature sign = new WSSecSignature();
sign.setUsernameToken(tokenBuilder);
sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
sign.build(doc, null, secHeader);
tokenBuilder.prependToHeader(secHeader);
// add a Timestamp
WSSecTimestamp timestampBuilder = new WSSecTimestamp();
timestampBuilder.setTimeToLive(300);
timestampBuilder.prepare(doc);
timestampBuilder.prependToHeader(secHeader);
Document signedDoc = doc;
return DOM2Writer.nodeToString(signedDoc);
} catch (Exception e) {
throw new SenderException(e);
}
}
Aggregations