Examples with WSPasswordCallback org.apache.wss4j.common.ext.WSPasswordCallback used on opensource projects

Search in sources :

Example 11 with WSPasswordCallback

use of org.apache.wss4j.common.ext.WSPasswordCallback in project wildfly by wildfly.

the class KeystorePasswordCallback method handle.

/**
 * It attempts to get the password from the private alias/passwords map.
 */
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (int i = 0; i < callbacks.length; i++) {
        WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
        String pass = passwords.get(pc.getIdentifier());
        if (pass != null) {
            pc.setPassword(pass);
            return;
        }
    }
}
Also used : WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)

Example 12 with WSPasswordCallback

use of org.apache.wss4j.common.ext.WSPasswordCallback in project tomee by apache.

the class OpenEJBLoginValidator method verifyDigestPassword.

@Override
protected void verifyDigestPassword(final UsernameToken usernameToken, final RequestData data) throws WSSecurityException {
    // check password
    super.verifyDigestPassword(usernameToken, data);
    // get the plain text password
    final WSPasswordCallback pwCb = new WSPasswordCallback(usernameToken.getName(), null, usernameToken.getPasswordType(), WSPasswordCallback.USERNAME_TOKEN);
    try {
        data.getCallbackHandler().handle(new Callback[] { pwCb });
    } catch (Exception e) {
    // no-op: the login will fail
    }
    // log the user
    final String user = usernameToken.getName();
    final String password = pwCb.getPassword();
    final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
    final Object token;
    try {
        securityService.disassociate();
        token = securityService.login(user, password);
        if (AbstractSecurityService.class.isInstance(securityService) && AbstractSecurityService.class.cast(securityService).currentState() == null) {
            securityService.associate(token);
        }
    } catch (final LoginException e) {
        throw new SecurityException("cannot log user " + user, e);
    }
}
Also used : AbstractSecurityService(org.apache.openejb.core.security.AbstractSecurityService) SecurityService(org.apache.openejb.spi.SecurityService) LoginException(javax.security.auth.login.LoginException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) AbstractSecurityService(org.apache.openejb.core.security.AbstractSecurityService) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) LoginException(javax.security.auth.login.LoginException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Example 13 with WSPasswordCallback

use of org.apache.wss4j.common.ext.WSPasswordCallback in project tomee by apache.

the class CalculatorTest method testCalculatorViaWsInterfaceWithUsernameTokenPlainPassword.

public void testCalculatorViaWsInterfaceWithUsernameTokenPlainPassword() throws Exception {
    final Service calcService = Service.create(new URL("http://localhost:" + port + "/webservice-ws-security/CalculatorImplUsernameTokenPlainPassword?wsdl"), new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
    assertNotNull(calcService);
    // for debugging (ie. TCPMon)
    calcService.addPort(new QName("http://superbiz.org/wsdl", "CalculatorWsService2"), SOAPBinding.SOAP12HTTP_BINDING, "http://127.0.0.1:8204/CalculatorImplUsernameTokenPlainPassword");
    // CalculatorWs calc = calcService.getPort(
    // new QName("http://superbiz.org/wsdl", "CalculatorWsService2"),
    // CalculatorWs.class);
    final CalculatorWs calc = calcService.getPort(CalculatorWs.class);
    final Client client = ClientProxy.getClient(calc);
    final Endpoint endpoint = client.getEndpoint();
    endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
    final Map<String, Object> outProps = new HashMap<String, Object>();
    outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
    outProps.put(WSHandlerConstants.USER, "jane");
    outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
    outProps.put(WSHandlerConstants.PW_CALLBACK_REF, new CallbackHandler() {

        @Override
        public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException {
            final WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
            pc.setPassword("waterfall");
        }
    });
    final WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
    endpoint.getOutInterceptors().add(wssOut);
    assertEquals(10, calc.sum(4, 6));
}
Also used : SAAJOutInterceptor(org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor) CallbackHandler(javax.security.auth.callback.CallbackHandler) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) IOException(java.io.IOException) URL(java.net.URL) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) Callback(javax.security.auth.callback.Callback) Endpoint(org.apache.cxf.endpoint.Endpoint) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)

Example 14 with WSPasswordCallback

use of org.apache.wss4j.common.ext.WSPasswordCallback in project tomee by apache.

the class CalculatorTest method testCalculatorViaWsInterfaceWithUsernameTokenHashedPassword.

public void testCalculatorViaWsInterfaceWithUsernameTokenHashedPassword() throws Exception {
    final Service calcService = Service.create(new URL("http://localhost:" + port + "/webservice-ws-security/CalculatorImplUsernameTokenHashedPassword?wsdl"), new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
    assertNotNull(calcService);
    // for debugging (ie. TCPMon)
    calcService.addPort(new QName("http://superbiz.org/wsdl", "CalculatorWsService2"), SOAPBinding.SOAP12HTTP_BINDING, "http://127.0.0.1:8204/CalculatorImplUsernameTokenHashedPassword");
    // CalculatorWs calc = calcService.getPort(
    // new QName("http://superbiz.org/wsdl", "CalculatorWsService2"),
    // CalculatorWs.class);
    final CalculatorWs calc = calcService.getPort(CalculatorWs.class);
    final Client client = ClientProxy.getClient(calc);
    final Endpoint endpoint = client.getEndpoint();
    endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
    final Map<String, Object> outProps = new HashMap<String, Object>();
    outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
    outProps.put(WSHandlerConstants.USER, "jane");
    outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
    outProps.put(WSHandlerConstants.PW_CALLBACK_REF, new CallbackHandler() {

        @Override
        public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException {
            final WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
            pc.setPassword("waterfall");
        }
    });
    final WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
    endpoint.getOutInterceptors().add(wssOut);
    assertEquals(10, calc.sum(4, 6));
}
Also used : SAAJOutInterceptor(org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor) CallbackHandler(javax.security.auth.callback.CallbackHandler) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) IOException(java.io.IOException) URL(java.net.URL) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) Callback(javax.security.auth.callback.Callback) Endpoint(org.apache.cxf.endpoint.Endpoint) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)

Example 15 with WSPasswordCallback

use of org.apache.wss4j.common.ext.WSPasswordCallback in project tomee by apache.

the class CalculatorTest method testCalculatorViaWsInterfaceWithSign.

public void testCalculatorViaWsInterfaceWithSign() throws Exception {
    final Service calcService = Service.create(new URL("http://localhost:" + port + "/webservice-ws-security/CalculatorImplSign?wsdl"), new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
    assertNotNull(calcService);
    // for debugging (ie. TCPMon)
    calcService.addPort(new QName("http://superbiz.org/wsdl", "CalculatorWsService2"), SOAPBinding.SOAP12HTTP_BINDING, "http://127.0.0.1:8204/CalculatorImplSign");
    // CalculatorWs calc = calcService.getPort(
    // new QName("http://superbiz.org/wsdl", "CalculatorWsService2"),
    // CalculatorWs.class);
    final CalculatorWs calc = calcService.getPort(CalculatorWs.class);
    final Client client = ClientProxy.getClient(calc);
    final Endpoint endpoint = client.getEndpoint();
    endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
    final Map<String, Object> outProps = new HashMap<String, Object>();
    outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
    outProps.put(WSHandlerConstants.USER, "clientalias");
    outProps.put(WSHandlerConstants.PW_CALLBACK_REF, new CallbackHandler() {

        @Override
        public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException {
            final WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
            pc.setPassword("clientPassword");
        }
    });
    outProps.put(WSHandlerConstants.SIG_PROP_FILE, "META-INF/CalculatorImplSign-client.properties");
    outProps.put(WSHandlerConstants.SIG_KEY_ID, "IssuerSerial");
    final WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
    endpoint.getOutInterceptors().add(wssOut);
    assertEquals(24, calc.multiply(4, 6));
}
Also used : SAAJOutInterceptor(org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor) CallbackHandler(javax.security.auth.callback.CallbackHandler) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) IOException(java.io.IOException) URL(java.net.URL) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) Callback(javax.security.auth.callback.Callback) Endpoint(org.apache.cxf.endpoint.Endpoint) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)

Aggregations

WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)69 Callback (javax.security.auth.callback.Callback)22 CallbackHandler (javax.security.auth.callback.CallbackHandler)20 IOException (java.io.IOException)17 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)14 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)11 ArrayList (java.util.ArrayList)8 HashMap (java.util.HashMap)8 WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)8 QName (javax.xml.namespace.QName)7 Endpoint (org.apache.cxf.endpoint.Endpoint)7 Test (org.junit.Test)7 URL (java.net.URL)6 Service (javax.xml.ws.Service)6 SAAJOutInterceptor (org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor)6 Client (org.apache.cxf.endpoint.Client)6 Crypto (org.apache.wss4j.common.crypto.Crypto)6 PrivateKey (java.security.PrivateKey)3 X509Certificate (java.security.cert.X509Certificate)3 DestroyFailedException (javax.security.auth.DestroyFailedException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial