Example 31 with WSPasswordCallback
use of org.apache.wss4j.common.ext.WSPasswordCallback in project cxf by apache.
the class KeystorePasswordCallback method handle.
/**
* It attempts to get the password from the private
* alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
}
Also used :
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Example 32 with WSPasswordCallback
use of org.apache.wss4j.common.ext.WSPasswordCallback in project cxf by apache.
the class AbstractSAMLTokenProvider method signToken.
protected void signToken(SamlAssertionWrapper assertion, RealmProperties samlRealm, STSPropertiesMBean stsProperties, KeyRequirements keyRequirements) throws Exception {
// Initialise signature objects with defaults of STSPropertiesMBean
Crypto signatureCrypto = stsProperties.getSignatureCrypto();
CallbackHandler callbackHandler = stsProperties.getCallbackHandler();
SignatureProperties signatureProperties = stsProperties.getSignatureProperties();
String alias = stsProperties.getSignatureUsername();
if (samlRealm != null) {
// callbackhandler and alias of STSPropertiesMBean is ignored
if (samlRealm.getSignatureCrypto() != null) {
LOG.fine("SAMLRealm signature keystore used");
signatureCrypto = samlRealm.getSignatureCrypto();
callbackHandler = samlRealm.getCallbackHandler();
alias = samlRealm.getSignatureAlias();
}
// SignatureProperties can be defined independently of SignatureCrypto
if (samlRealm.getSignatureProperties() != null) {
signatureProperties = samlRealm.getSignatureProperties();
}
}
// Get the signature algorithm to use
String signatureAlgorithm = keyRequirements.getSignatureAlgorithm();
if (signatureAlgorithm == null) {
// If none then default to what is configured
signatureAlgorithm = signatureProperties.getSignatureAlgorithm();
} else {
List<String> supportedAlgorithms = signatureProperties.getAcceptedSignatureAlgorithms();
if (!supportedAlgorithms.contains(signatureAlgorithm)) {
signatureAlgorithm = signatureProperties.getSignatureAlgorithm();
if (LOG.isLoggable(Level.FINE)) {
LOG.fine("SignatureAlgorithm not supported, defaulting to: " + signatureAlgorithm);
}
}
}
// Get the c14n algorithm to use
String c14nAlgorithm = keyRequirements.getC14nAlgorithm();
if (c14nAlgorithm == null) {
// If none then default to what is configured
c14nAlgorithm = signatureProperties.getC14nAlgorithm();
} else {
List<String> supportedAlgorithms = signatureProperties.getAcceptedC14nAlgorithms();
if (!supportedAlgorithms.contains(c14nAlgorithm)) {
c14nAlgorithm = signatureProperties.getC14nAlgorithm();
if (LOG.isLoggable(Level.FINE)) {
LOG.fine("C14nAlgorithm not supported, defaulting to: " + c14nAlgorithm);
}
}
}
// If alias not defined, get the default of the SignatureCrypto
if ((alias == null || "".equals(alias)) && (signatureCrypto != null)) {
alias = signatureCrypto.getDefaultX509Identifier();
if (LOG.isLoggable(Level.FINE)) {
LOG.fine("Signature alias is null so using default alias: " + alias);
}
}
// Get the password
String password = null;
if (callbackHandler != null) {
WSPasswordCallback[] cb = { new WSPasswordCallback(alias, WSPasswordCallback.SIGNATURE) };
LOG.fine("Creating SAML Token");
callbackHandler.handle(cb);
password = cb[0].getPassword();
}
LOG.fine("Signing SAML Token");
boolean useKeyValue = signatureProperties.isUseKeyValue();
assertion.signAssertion(alias, password, signatureCrypto, useKeyValue, c14nAlgorithm, signatureAlgorithm, signatureProperties.getDigestAlgorithm());
}
Also used :
Crypto(org.apache.wss4j.common.crypto.Crypto)
CallbackHandler(javax.security.auth.callback.CallbackHandler)
SignatureProperties(org.apache.cxf.sts.SignatureProperties)
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Example 33 with WSPasswordCallback
use of org.apache.wss4j.common.ext.WSPasswordCallback in project cxf by apache.
the class CallbackHandlerImpl method handle.
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
// CXF
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
if ("alice".equals(pc.getIdentifier())) {
pc.setPassword("security");
break;
} else if ("bob".equals(pc.getIdentifier())) {
pc.setPassword("security");
break;
} else if (pc.getIdentifier() != null && pc.getIdentifier().startsWith("consumer-id")) {
pc.setPassword("this-is-a-secret");
break;
} else if ("service".equals(pc.getIdentifier())) {
pc.setPassword("service-pass");
break;
} else if (dataProvider != null) {
Client client = dataProvider.getClient(pc.getIdentifier());
pc.setPassword(client.getClientSecret());
break;
}
}
}
}
Also used :
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Client(org.apache.cxf.rs.security.oauth2.common.Client)
Example 34 with WSPasswordCallback
use of org.apache.wss4j.common.ext.WSPasswordCallback in project midpoint by Evolveum.
the class ClientPasswordHandler method handle.
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
pc.setPassword(password);
}
Also used :
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Example 35 with WSPasswordCallback
use of org.apache.wss4j.common.ext.WSPasswordCallback in project midpoint by Evolveum.
the class ClientPasswordHandler method handle.
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
pc.setPassword(password);
}
Also used :
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Aggregations
WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)69
Callback (javax.security.auth.callback.Callback)22
CallbackHandler (javax.security.auth.callback.CallbackHandler)20
IOException (java.io.IOException)17
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)14
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)11
ArrayList (java.util.ArrayList)8
HashMap (java.util.HashMap)8
WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)8
QName (javax.xml.namespace.QName)7
Endpoint (org.apache.cxf.endpoint.Endpoint)7
Test (org.junit.Test)7
URL (java.net.URL)6
Service (javax.xml.ws.Service)6
SAAJOutInterceptor (org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor)6
Client (org.apache.cxf.endpoint.Client)6
Crypto (org.apache.wss4j.common.crypto.Crypto)6
PrivateKey (java.security.PrivateKey)3
X509Certificate (java.security.cert.X509Certificate)3
DestroyFailedException (javax.security.auth.DestroyFailedException)3
