Examples with BinarySecurity org.apache.ws.security.message.token.BinarySecurity used on opensource projects

Search in sources :

Example 1 with BinarySecurity

use of org.apache.ws.security.message.token.BinarySecurity in project OpenAM by OpenRock.

the class OpenAMSessionTokenServerInterceptor method validateToken.

/**
     * @param tokenElement the BinarySecurityToken representing the OpenAMSessionToken. The OpenAM session id is the text
     *                     content of this Element.
     * @return a List with a single WSSecurityEngineResult with information concerning the successful validation.
     * @throws WSSecurityException if the OpenAM session cannot be validated successfully.
     */
private List<WSSecurityEngineResult> validateToken(Element tokenElement) throws WSSecurityException {
    final boolean bspComliant = true;
    final BinarySecurity bst = new BinarySecurity(tokenElement, bspComliant);
    bst.setValueType(AMSTSConstants.AM_SESSION_TOKEN_ASSERTION_BST_VALUE_TYPE);
    final X509Certificate[] certs = null;
    WSSecurityEngineResult result = new WSSecurityEngineResult(WSConstants.BST, bst, certs);
    try {
        final String sessionId = tokenElement.getTextContent();
        final Principal principal = principalFromSession.getPrincipalFromSession(sessionId);
        //because we are dealing with an OpenAM session which was not created as part of TokenValidation, but
        //rather pre-existed this validation, it should not be invalidated.
        threadLocalAMTokenCache.cacheSessionIdForContext(ValidationInvocationContext.SOAP_SECURITY_POLICY, sessionId, false);
        result.put(WSSecurityEngineResult.TAG_VALIDATED_TOKEN, Boolean.TRUE);
        result.put(WSSecurityEngineResult.TAG_PRINCIPAL, principal);
    } catch (TokenValidationException e) {
        throw new WSSecurityException(e.getMessage(), e);
    }
    return Collections.singletonList(result);
}
Also used : BinarySecurity(org.apache.ws.security.message.token.BinarySecurity) WSSecurityException(org.apache.ws.security.WSSecurityException) WSSecurityEngineResult(org.apache.ws.security.WSSecurityEngineResult) X509Certificate(java.security.cert.X509Certificate) Principal(java.security.Principal) TokenValidationException(org.forgerock.openam.sts.TokenValidationException)

Aggregations

Principal (java.security.Principal)1 X509Certificate (java.security.cert.X509Certificate)1 WSSecurityEngineResult (org.apache.ws.security.WSSecurityEngineResult)1 WSSecurityException (org.apache.ws.security.WSSecurityException)1 BinarySecurity (org.apache.ws.security.message.token.BinarySecurity)1 TokenValidationException (org.forgerock.openam.sts.TokenValidationException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial