Example 1 with WSSecUsernameToken
use of org.apache.ws.security.message.WSSecUsernameToken in project iaf by ibissource.
the class SoapWrapper method signMessage.
public String signMessage(String soapMessage, String user, String password) throws SenderException {
try {
WSSecurityEngine secEngine = WSSecurityEngine.getInstance();
WSSConfig config = secEngine.getWssConfig();
config.setPrecisionInMilliSeconds(false);
// create context
AxisClient tmpEngine = new AxisClient(new NullProvider());
MessageContext msgContext = new MessageContext(tmpEngine);
InputStream in = new ByteArrayInputStream(soapMessage.getBytes());
Message msg = new Message(in);
msg.setMessageContext(msgContext);
// create unsigned envelope
SOAPEnvelope unsignedEnvelope = msg.getSOAPEnvelope();
Document doc = unsignedEnvelope.getAsDocument();
// create security header and insert it into unsigned envelope
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
// add a UsernameToken
WSSecUsernameToken tokenBuilder = new WSSecUsernameToken();
tokenBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
tokenBuilder.setUserInfo(user, password);
tokenBuilder.addNonce();
tokenBuilder.addCreated();
tokenBuilder.prepare(doc);
WSSecSignature sign = new WSSecSignature();
sign.setUsernameToken(tokenBuilder);
sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
sign.build(doc, null, secHeader);
tokenBuilder.prependToHeader(secHeader);
// add a Timestamp
WSSecTimestamp timestampBuilder = new WSSecTimestamp();
timestampBuilder.setTimeToLive(300);
timestampBuilder.prepare(doc);
timestampBuilder.prependToHeader(secHeader);
Document signedDoc = doc;
return DOM2Writer.nodeToString(signedDoc);
} catch (Exception e) {
throw new SenderException(e);
}
}
Also used :
Message(org.apache.axis.Message)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
NullProvider(org.apache.axis.configuration.NullProvider)
WSSecSignature(org.apache.ws.security.message.WSSecSignature)
SOAPEnvelope(org.apache.axis.message.SOAPEnvelope)
Document(org.w3c.dom.Document)
WSSecTimestamp(org.apache.ws.security.message.WSSecTimestamp)
TransformerException(javax.xml.transform.TransformerException)
TransformerConfigurationException(javax.xml.transform.TransformerConfigurationException)
DomBuilderException(nl.nn.adapterframework.util.DomBuilderException)
IOException(java.io.IOException)
ConfigurationException(nl.nn.adapterframework.configuration.ConfigurationException)
SenderException(nl.nn.adapterframework.core.SenderException)
WSSecHeader(org.apache.ws.security.message.WSSecHeader)
WSSConfig(org.apache.ws.security.WSSConfig)
AxisClient(org.apache.axis.client.AxisClient)
ByteArrayInputStream(java.io.ByteArrayInputStream)
WSSecurityEngine(org.apache.ws.security.WSSecurityEngine)
MessageContext(org.apache.axis.MessageContext)
SenderException(nl.nn.adapterframework.core.SenderException)
WSSecUsernameToken(org.apache.ws.security.message.WSSecUsernameToken)
Example 2 with WSSecUsernameToken
use of org.apache.ws.security.message.WSSecUsernameToken in project OpenAM by OpenRock.
the class TokenSpecification method usernameTokenOnBehalfOfElement.
/**
* @param username the UsernameToken username
* @param password the UsernameToken password
* @return A UsernameToken element to be used as the OnBehalfOf Element in a RequestSecurityToken defining the ISSUE
* operation invocation.
*/
public static Element usernameTokenOnBehalfOfElement(String username, String password) {
WSSecUsernameToken unt = new WSSecUsernameToken();
unt.setUserInfo(username, password);
unt.setPasswordType(WSConstants.PASSWORD_TEXT);
unt.addCreated();
Date expirationDate = new Date();
expirationDate.setTime(System.currentTimeMillis() + (1000 * 60));
try {
Document document = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
unt.prepare(document);
} catch (ParserConfigurationException e) {
throw new RuntimeException(e);
}
return unt.getUsernameTokenElement();
}
Also used :
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
Document(org.w3c.dom.Document)
WSSecUsernameToken(org.apache.ws.security.message.WSSecUsernameToken)
Date(java.util.Date)
Aggregations
WSSecUsernameToken (org.apache.ws.security.message.WSSecUsernameToken)2
Document (org.w3c.dom.Document)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
Date (java.util.Date)1
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)1
TransformerConfigurationException (javax.xml.transform.TransformerConfigurationException)1
TransformerException (javax.xml.transform.TransformerException)1
ConfigurationException (nl.nn.adapterframework.configuration.ConfigurationException)1
SenderException (nl.nn.adapterframework.core.SenderException)1
DomBuilderException (nl.nn.adapterframework.util.DomBuilderException)1
Message (org.apache.axis.Message)1
MessageContext (org.apache.axis.MessageContext)1
AxisClient (org.apache.axis.client.AxisClient)1
NullProvider (org.apache.axis.configuration.NullProvider)1
SOAPEnvelope (org.apache.axis.message.SOAPEnvelope)1
WSSConfig (org.apache.ws.security.WSSConfig)1
WSSecurityEngine (org.apache.ws.security.WSSecurityEngine)1
WSSecHeader (org.apache.ws.security.message.WSSecHeader)1
