Examples with WSPasswordCallback org.apache.wss4j.common.ext.WSPasswordCallback used on opensource projects

Search in sources :

Example 36 with WSPasswordCallback

use of org.apache.wss4j.common.ext.WSPasswordCallback in project midpoint by Evolveum.

the class ClientPasswordHandler method handle.

@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (!(callback instanceof WSPasswordCallback)) {
            continue;
        }
        WSPasswordCallback pc = (WSPasswordCallback) callback;
        pc.setPassword(password);
    }
}
Also used : WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) Callback(javax.security.auth.callback.Callback) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)

Example 37 with WSPasswordCallback

use of org.apache.wss4j.common.ext.WSPasswordCallback in project cxf by apache.

the class RSSecurityUtils method getPassword.

public static String getPassword(Message message, String userName, int type, Class<?> callingClass) throws WSSecurityException {
    CallbackHandler handler = getCallbackHandler(message, callingClass);
    if (handler == null) {
        return null;
    }
    WSPasswordCallback[] cb = { new WSPasswordCallback(userName, type) };
    try {
        handler.handle(cb);
    } catch (Exception e) {
        return null;
    }
    // get the password
    String password = cb[0].getPassword();
    return password == null ? "" : password;
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) IOException(java.io.IOException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Example 38 with WSPasswordCallback

use of org.apache.wss4j.common.ext.WSPasswordCallback in project testcases by coheigea.

the class CommonCallbackHandler method handle.

public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (int i = 0; i < callbacks.length; i++) {
        if (callbacks[i] instanceof WSPasswordCallback) {
            WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
            if (pc.getUsage() == WSPasswordCallback.SECRET_KEY) {
                final AWSCredentials creds = new BasicAWSCredentials(accessKey, secretKey);
                AWSKMSClient kms = new AWSKMSClient(creds);
                kms.setEndpoint(endpoint);
                if (pc.getEncryptedSecret() != null) {
                    ByteBuffer encryptedKey = ByteBuffer.wrap(pc.getEncryptedSecret());
                    DecryptRequest req = new DecryptRequest().withCiphertextBlob(encryptedKey);
                    ByteBuffer plaintextKey = kms.decrypt(req).getPlaintext();
                    byte[] key = new byte[plaintextKey.remaining()];
                    plaintextKey.get(key);
                    pc.setKey(key);
                } else {
                    GenerateDataKeyRequest dataKeyRequest = new GenerateDataKeyRequest();
                    dataKeyRequest.setKeyId(masterKeyId);
                    String algorithm = "AES_128";
                    if (pc.getAlgorithm() != null && pc.getAlgorithm().contains("aes256")) {
                        algorithm = "AES_256";
                    }
                    dataKeyRequest.setKeySpec(algorithm);
                    GenerateDataKeyResult dataKeyResult = kms.generateDataKey(dataKeyRequest);
                    ByteBuffer plaintextKey = dataKeyResult.getPlaintext();
                    byte[] key = new byte[plaintextKey.remaining()];
                    plaintextKey.get(key);
                    pc.setKey(key);
                    ByteBuffer encryptedKey = dataKeyResult.getCiphertextBlob();
                    byte[] encKey = new byte[encryptedKey.remaining()];
                    encryptedKey.get(encKey);
                    pc.setEncryptedSecret(encKey);
                    // Create a KeyName pointing to the encryption key
                    Document doc = DOMUtils.newDocument();
                    Element keyInfoElement = doc.createElementNS(WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":" + WSConstants.KEYINFO_LN);
                    keyInfoElement.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:" + WSConstants.SIG_PREFIX, WSConstants.SIG_NS);
                    Element keyNameElement = doc.createElementNS(WSConstants.SIG_NS, WSConstants.SIG_PREFIX + ":KeyName");
                    keyNameElement.setTextContent("1c84a3f2-51cc-4c66-9045-68f51ef8b1eb");
                    keyInfoElement.appendChild(keyNameElement);
                    pc.setKeyInfoReference(keyInfoElement);
                }
            }
        }
    }
}
Also used : GenerateDataKeyResult(com.amazonaws.services.kms.model.GenerateDataKeyResult) Element(org.w3c.dom.Element) Document(org.w3c.dom.Document) BasicAWSCredentials(com.amazonaws.auth.BasicAWSCredentials) AWSCredentials(com.amazonaws.auth.AWSCredentials) ByteBuffer(java.nio.ByteBuffer) BasicAWSCredentials(com.amazonaws.auth.BasicAWSCredentials) GenerateDataKeyRequest(com.amazonaws.services.kms.model.GenerateDataKeyRequest) AWSKMSClient(com.amazonaws.services.kms.AWSKMSClient) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) DecryptRequest(com.amazonaws.services.kms.model.DecryptRequest)

Example 39 with WSPasswordCallback

use of org.apache.wss4j.common.ext.WSPasswordCallback in project tesb-rt-se by Talend.

the class WSPasswordCallbackHandlerTest method handleEncryptedPasswordTest.

@Ignore
public void handleEncryptedPasswordTest() throws Exception {
    String username = "username";
    String password = PropertyValueEncryptionUtils.encrypt("password", getEncryptor());
    WSPasswordCallbackHandler h = new WSPasswordCallbackHandler(username, password);
    Callback c = new WSPasswordCallback(username, 0);
    List<Callback> cs = new ArrayList<Callback>();
    cs.add(c);
    h.handle(cs.toArray(new Callback[0]));
}
Also used : WSPasswordCallbackHandler(org.talend.esb.security.saml.WSPasswordCallbackHandler) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) Callback(javax.security.auth.callback.Callback) ArrayList(java.util.ArrayList) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) Ignore(org.junit.Ignore)

Example 40 with WSPasswordCallback

use of org.apache.wss4j.common.ext.WSPasswordCallback in project tesb-rt-se by Talend.

the class WSPasswordCallbackHandlerTest method handleNoUserTest.

@Test
public void handleNoUserTest() throws Exception {
    String username = null;
    String password = "password";
    WSPasswordCallbackHandler h = new WSPasswordCallbackHandler(username, password);
    Callback c = new WSPasswordCallback(username, 0);
    List<Callback> cs = new ArrayList<Callback>();
    cs.add(c);
    h.handle(cs.toArray(new Callback[0]));
}
Also used : WSPasswordCallbackHandler(org.talend.esb.security.saml.WSPasswordCallbackHandler) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) Callback(javax.security.auth.callback.Callback) ArrayList(java.util.ArrayList) WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback) Test(org.junit.Test)

Aggregations

WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)69 Callback (javax.security.auth.callback.Callback)22 CallbackHandler (javax.security.auth.callback.CallbackHandler)20 IOException (java.io.IOException)17 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)14 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)11 ArrayList (java.util.ArrayList)8 HashMap (java.util.HashMap)8 WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)8 QName (javax.xml.namespace.QName)7 Endpoint (org.apache.cxf.endpoint.Endpoint)7 Test (org.junit.Test)7 URL (java.net.URL)6 Service (javax.xml.ws.Service)6 SAAJOutInterceptor (org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor)6 Client (org.apache.cxf.endpoint.Client)6 Crypto (org.apache.wss4j.common.crypto.Crypto)6 PrivateKey (java.security.PrivateKey)3 X509Certificate (java.security.cert.X509Certificate)3 DestroyFailedException (javax.security.auth.DestroyFailedException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial