Examples with SpnegoTokenContext - org.apache.wss4j.common.spnego.SpnegoTokenContext

Example 1 with SpnegoTokenContext

use of org.apache.wss4j.common.spnego.SpnegoTokenContext in project cxf by apache.

the class SpnegoContextTokenOutInterceptor method issueToken.

private SecurityToken issueToken(SoapMessage message, AssertionInfoMap aim) {
    // 
    // Get a SPNEGO token
    // 
    String jaasContext = (String) message.getContextualProperty(SecurityConstants.KERBEROS_JAAS_CONTEXT_NAME);
    String kerberosSpn = (String) message.getContextualProperty(SecurityConstants.KERBEROS_SPN);
    SpnegoTokenContext spnegoToken = new SpnegoTokenContext();
    Object spnegoClientAction = message.getContextualProperty(SecurityConstants.SPNEGO_CLIENT_ACTION);
    if (spnegoClientAction instanceof SpnegoClientAction) {
        spnegoToken.setSpnegoClientAction((SpnegoClientAction) spnegoClientAction);
    }
    try {
        CallbackHandler callbackHandler = SecurityUtils.getCallbackHandler(SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message));
        spnegoToken.retrieveServiceTicket(jaasContext, callbackHandler, kerberosSpn);
    } catch (Exception e) {
        throw new Fault(e);
    }
    // 
    // Now initiate WS-Trust exchange
    // 
    STSClient client = STSUtils.getClient(message, "spnego");
    AddressingProperties maps = (AddressingProperties) message.get("javax.xml.ws.addressing.context.outbound");
    if (maps == null) {
        maps = (AddressingProperties) message.get("javax.xml.ws.addressing.context");
    }
    synchronized (client) {
        try {
            String s = SpnegoTokenInterceptorProvider.setupClient(client, message, aim);
            if (maps != null) {
                client.setAddressingNamespace(maps.getNamespaceURI());
            }
            SecurityToken tok = client.requestSecurityToken(s, Base64.getMimeEncoder().encodeToString(spnegoToken.getToken()));
            byte[] wrappedTok = spnegoToken.unwrapKey(tok.getSecret());
            tok.setSecret(wrappedTok);
            spnegoToken.clear();
            return tok;
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e) {
            throw new Fault(e);
        } finally {
            client.setTrust((Trust10) null);
            client.setTrust((Trust13) null);
            client.setTemplate(null);
            client.setLocation(null);
            client.setAddressingNamespace(null);
        }
    }
}

Also used : SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) CallbackHandler(javax.security.auth.callback.CallbackHandler) STSClient(org.apache.cxf.ws.security.trust.STSClient) SpnegoClientAction(org.apache.wss4j.common.spnego.SpnegoClientAction) Fault(org.apache.cxf.interceptor.Fault) AddressingProperties(org.apache.cxf.ws.addressing.AddressingProperties) SpnegoTokenContext(org.apache.wss4j.common.spnego.SpnegoTokenContext)

Aggregations

CallbackHandler (javax.security.auth.callback.CallbackHandler)1 Fault (org.apache.cxf.interceptor.Fault)1 AddressingProperties (org.apache.cxf.ws.addressing.AddressingProperties)1 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)1 STSClient (org.apache.cxf.ws.security.trust.STSClient)1 SpnegoClientAction (org.apache.wss4j.common.spnego.SpnegoClientAction)1 SpnegoTokenContext (org.apache.wss4j.common.spnego.SpnegoTokenContext)1