Example 46 with WSPasswordCallback
use of org.apache.wss4j.common.ext.WSPasswordCallback in project cxf by apache.
the class UTPasswordCallback method handle.
/**
* Here, we attempt to get the password from the private
* alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
}
Also used :
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Example 47 with WSPasswordCallback
use of org.apache.wss4j.common.ext.WSPasswordCallback in project cxf by apache.
the class CommonPasswordCallback method handle.
/**
* Here, we attempt to get the password from the private
* alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
}
Also used :
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Example 48 with WSPasswordCallback
use of org.apache.wss4j.common.ext.WSPasswordCallback in project cxf by apache.
the class UsernamePasswordCallback method handle.
/**
* Here, we attempt to get the password from the private alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
// System.out.println("**************** Server checking id: "+pc.getIdentifer());
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
//
throw new IOException();
}
Also used :
IOException(java.io.IOException)
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Example 49 with WSPasswordCallback
use of org.apache.wss4j.common.ext.WSPasswordCallback in project cxf by apache.
the class TokenStoreCallbackHandler method handle.
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback) callback;
String id = pc.getIdentifier();
SecurityToken tok = store.getToken(id);
if (tok != null && !tok.isExpired()) {
if (tok.getSHA1() == null && pc.getKey() != null) {
tok.setSHA1(getSHA1(pc.getKey()));
// Create another cache entry with the SHA1 Identifier as the key for easy retrieval
store.add(tok.getSHA1(), tok);
}
pc.setKey(tok.getSecret());
pc.setKey(tok.getKey());
pc.setCustomToken(tok.getToken());
return;
}
}
}
if (internal != null) {
internal.handle(callbacks);
}
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Callback(javax.security.auth.callback.Callback)
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Example 50 with WSPasswordCallback
use of org.apache.wss4j.common.ext.WSPasswordCallback in project cxf by apache.
the class WSS4JInInterceptor method getCallback.
protected CallbackHandler getCallback(RequestData reqData) throws WSSecurityException, TokenStoreException {
Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, (SoapMessage) reqData.getMsgContext());
CallbackHandler cbHandler;
try {
cbHandler = SecurityUtils.getCallbackHandler(o);
} catch (Exception ex) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
}
if (cbHandler == null) {
try {
cbHandler = getPasswordCallbackHandler(reqData);
} catch (WSSecurityException sec) {
Endpoint ep = ((SoapMessage) reqData.getMsgContext()).getExchange().getEndpoint();
if (ep != null && ep.getEndpointInfo() != null) {
TokenStore store = TokenStoreUtils.getTokenStore((SoapMessage) reqData.getMsgContext());
return new TokenStoreCallbackHandler(null, store);
}
throw sec;
}
}
// Defer to SecurityConstants.SIGNATURE_PASSWORD for decryption if no callback handler is defined
if (cbHandler == null) {
String signatureUser = (String) SecurityUtils.getSecurityPropertyValue(SecurityConstants.SIGNATURE_USERNAME, (SoapMessage) reqData.getMsgContext());
String password = (String) SecurityUtils.getSecurityPropertyValue(SecurityConstants.SIGNATURE_PASSWORD, (SoapMessage) reqData.getMsgContext());
if (!(StringUtils.isEmpty(signatureUser) || StringUtils.isEmpty(password))) {
cbHandler = new CallbackHandler() {
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback c : callbacks) {
WSPasswordCallback pwCallback = (WSPasswordCallback) c;
if (WSPasswordCallback.DECRYPT == pwCallback.getUsage() && signatureUser.equals(pwCallback.getIdentifier())) {
pwCallback.setPassword(password);
}
}
}
};
}
}
Endpoint ep = ((SoapMessage) reqData.getMsgContext()).getExchange().getEndpoint();
if (ep != null && ep.getEndpointInfo() != null) {
TokenStore store = TokenStoreUtils.getTokenStore((SoapMessage) reqData.getMsgContext());
return new TokenStoreCallbackHandler(cbHandler, store);
}
return cbHandler;
}
Also used :
CallbackHandler(javax.security.auth.callback.CallbackHandler)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
IOException(java.io.IOException)
SOAPException(javax.xml.soap.SOAPException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
XMLStreamException(javax.xml.stream.XMLStreamException)
InvalidCanonicalizerException(org.apache.xml.security.c14n.InvalidCanonicalizerException)
TokenStoreException(org.apache.cxf.ws.security.tokenstore.TokenStoreException)
IOException(java.io.IOException)
SoapMessage(org.apache.cxf.binding.soap.SoapMessage)
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Callback(javax.security.auth.callback.Callback)
Endpoint(org.apache.cxf.endpoint.Endpoint)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
TokenStore(org.apache.cxf.ws.security.tokenstore.TokenStore)
Aggregations
WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)69
Callback (javax.security.auth.callback.Callback)22
CallbackHandler (javax.security.auth.callback.CallbackHandler)20
IOException (java.io.IOException)17
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)14
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)11
ArrayList (java.util.ArrayList)8
HashMap (java.util.HashMap)8
WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)8
QName (javax.xml.namespace.QName)7
Endpoint (org.apache.cxf.endpoint.Endpoint)7
Test (org.junit.Test)7
URL (java.net.URL)6
Service (javax.xml.ws.Service)6
SAAJOutInterceptor (org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor)6
Client (org.apache.cxf.endpoint.Client)6
Crypto (org.apache.wss4j.common.crypto.Crypto)6
PrivateKey (java.security.PrivateKey)3
X509Certificate (java.security.cert.X509Certificate)3
DestroyFailedException (javax.security.auth.DestroyFailedException)3
