Example 11 with WSUsernameTokenPrincipalImpl
use of org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl in project testcases by coheigea.
the class ShiroBasicAuthInterceptor method handleMessage.
public void handleMessage(Message message) throws Fault {
AuthorizationPolicy policy = message.get(AuthorizationPolicy.class);
if (policy == null || policy.getUserName() == null || policy.getPassword() == null) {
String name = null;
if (policy != null) {
name = policy.getUserName();
}
String error = "No user credentials are available";
LOG.warning(error + " " + "for name: " + name);
throw new SecurityException(error);
}
try {
UsernameToken token = convertPolicyToToken(policy);
Credential credential = new Credential();
credential.setUsernametoken(token);
RequestData data = new RequestData();
data.setMsgContext(message);
credential = validator.validate(credential, data);
// Create a Principal/SecurityContext
Principal p = null;
if (credential != null && credential.getPrincipal() != null) {
p = credential.getPrincipal();
} else {
p = new WSUsernameTokenPrincipalImpl(policy.getUserName(), false);
((WSUsernameTokenPrincipalImpl) p).setPassword(policy.getPassword());
}
message.put(SecurityContext.class, createSecurityContext(p));
} catch (Exception ex) {
throw new Fault(ex);
}
}
Also used :
AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy)
Credential(org.apache.wss4j.dom.validate.Credential)
RequestData(org.apache.wss4j.dom.handler.RequestData)
UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken)
Fault(org.apache.cxf.interceptor.Fault)
Principal(java.security.Principal)
WSUsernameTokenPrincipalImpl(org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl)
Example 12 with WSUsernameTokenPrincipalImpl
use of org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl in project ddf by codice.
the class AttributeMapLoader method getCredentials.
public String getCredentials(Principal principal) {
String credential = null;
if (principal instanceof X500Principal) {
X500Principal x500p = (X500Principal) principal;
credential = new String(x500p.getEncoded(), StandardCharsets.UTF_8);
} else if (principal instanceof WSUsernameTokenPrincipalImpl) {
credential = ((WSUsernameTokenPrincipalImpl) principal).getPassword();
}
return credential;
}
Also used :
X500Principal(javax.security.auth.x500.X500Principal)
WSUsernameTokenPrincipalImpl(org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl)
Aggregations
WSUsernameTokenPrincipalImpl (org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl)12
Principal (java.security.Principal)6
UsernameToken (org.apache.wss4j.dom.message.token.UsernameToken)5
Credential (org.apache.wss4j.dom.validate.Credential)5
AuthorizationPolicy (org.apache.cxf.configuration.security.AuthorizationPolicy)4
RequestData (org.apache.wss4j.dom.handler.RequestData)4
Subject (javax.security.auth.Subject)3
Fault (org.apache.cxf.interceptor.Fault)3
X500Principal (javax.security.auth.x500.X500Principal)1
SimpleGroup (org.apache.cxf.common.security.SimpleGroup)1
SAMLSecurityContext (org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext)1
SecurityContext (org.apache.cxf.security.SecurityContext)1
BSPEnforcer (org.apache.wss4j.common.bsp.BSPEnforcer)1
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)1
WSSecUsernameToken (org.apache.wss4j.dom.message.WSSecUsernameToken)1
UsernameToken (org.apache.wss4j.policy.model.UsernameToken)1
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1
