Examples with WSSecTimestamp org.apache.wss4j.dom.message.WSSecTimestamp used on opensource projects

Search in sources :

Example 1 with WSSecTimestamp

use of org.apache.wss4j.dom.message.WSSecTimestamp in project cxf by apache.

the class SymmetricBindingHandler method handleBinding.

public void handleBinding() {
    WSSecTimestamp timestamp = createTimestamp();
    handleLayout(timestamp);
    assertPolicy(sbinding.getName());
    if (sbinding.getProtectionOrder() == AbstractSymmetricAsymmetricBinding.ProtectionOrder.EncryptBeforeSigning) {
        doEncryptBeforeSign();
        assertPolicy(new QName(sbinding.getName().getNamespaceURI(), SPConstants.ENCRYPT_BEFORE_SIGNING));
    } else {
        doSignBeforeEncrypt();
        assertPolicy(new QName(sbinding.getName().getNamespaceURI(), SPConstants.SIGN_BEFORE_ENCRYPTING));
    }
    reshuffleTimestamp();
    assertAlgorithmSuite(sbinding.getAlgorithmSuite());
    assertWSSProperties(sbinding.getName().getNamespaceURI());
    assertTrustProperties(sbinding.getName().getNamespaceURI());
    assertPolicy(new QName(sbinding.getName().getNamespaceURI(), SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY));
}
Also used : QName(javax.xml.namespace.QName) WSSecTimestamp(org.apache.wss4j.dom.message.WSSecTimestamp)

Example 2 with WSSecTimestamp

use of org.apache.wss4j.dom.message.WSSecTimestamp in project cxf by apache.

the class TransportBindingHandler method handleBinding.

public void handleBinding() {
    WSSecTimestamp timestamp = createTimestamp();
    handleLayout(timestamp);
    try {
        if (this.isRequestor()) {
            TransportToken transportTokenWrapper = tbinding.getTransportToken();
            if (transportTokenWrapper != null) {
                AbstractToken transportToken = transportTokenWrapper.getToken();
                if (transportToken instanceof IssuedToken) {
                    SecurityToken secToken = getSecurityToken();
                    if (secToken == null) {
                        unassertPolicy(transportToken, "No transport token id");
                        return;
                    }
                    assertPolicy(transportToken);
                    if (isTokenRequired(transportToken.getIncludeTokenType())) {
                        Element el = secToken.getToken();
                        addEncryptedKeyElement(cloneElement(el));
                    }
                }
                assertToken(transportToken);
                assertTokenWrapper(transportTokenWrapper);
            }
            handleNonEndorsingSupportingTokens();
            if (transportTokenWrapper != null) {
                handleEndorsingSupportingTokens();
            }
        } else {
            handleNonEndorsingSupportingTokens();
            if (tbinding != null && tbinding.getTransportToken() != null) {
                assertTokenWrapper(tbinding.getTransportToken());
                assertToken(tbinding.getTransportToken().getToken());
                handleEndorsingSupportingTokens();
            }
            addSignatureConfirmation(null);
        }
    } catch (Exception e) {
        LOG.log(Level.FINE, e.getMessage(), e);
        throw new Fault(e);
    }
    if (tbinding != null) {
        assertPolicy(tbinding.getName());
        assertAlgorithmSuite(tbinding.getAlgorithmSuite());
        assertWSSProperties(tbinding.getName().getNamespaceURI());
        assertTrustProperties(tbinding.getName().getNamespaceURI());
    }
    assertPolicy(SP12Constants.SIGNED_PARTS);
    assertPolicy(SP11Constants.SIGNED_PARTS);
    assertPolicy(SP12Constants.ENCRYPTED_PARTS);
    assertPolicy(SP11Constants.ENCRYPTED_PARTS);
}
Also used : TransportToken(org.apache.wss4j.policy.model.TransportToken) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) AbstractToken(org.apache.wss4j.policy.model.AbstractToken) IssuedToken(org.apache.wss4j.policy.model.IssuedToken) Element(org.w3c.dom.Element) Fault(org.apache.cxf.interceptor.Fault) WSSecTimestamp(org.apache.wss4j.dom.message.WSSecTimestamp) SOAPException(javax.xml.soap.SOAPException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)

Example 3 with WSSecTimestamp

use of org.apache.wss4j.dom.message.WSSecTimestamp in project cxf by apache.

the class AsymmetricBindingHandler method handleBinding.

public void handleBinding() {
    WSSecTimestamp timestamp = createTimestamp();
    handleLayout(timestamp);
    assertPolicy(abinding.getName());
    if (abinding.getProtectionOrder() == AbstractSymmetricAsymmetricBinding.ProtectionOrder.EncryptBeforeSigning) {
        try {
            doEncryptBeforeSign();
            assertPolicy(new QName(abinding.getName().getNamespaceURI(), SPConstants.ENCRYPT_BEFORE_SIGNING));
        } catch (TokenStoreException ex) {
            throw new Fault(ex);
        }
    } else {
        doSignBeforeEncrypt();
        assertPolicy(new QName(abinding.getName().getNamespaceURI(), SPConstants.SIGN_BEFORE_ENCRYPTING));
    }
    reshuffleTimestamp();
    assertAlgorithmSuite(abinding.getAlgorithmSuite());
    assertWSSProperties(abinding.getName().getNamespaceURI());
    assertTrustProperties(abinding.getName().getNamespaceURI());
    assertPolicy(new QName(abinding.getName().getNamespaceURI(), SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY));
}
Also used : QName(javax.xml.namespace.QName) TokenStoreException(org.apache.cxf.ws.security.tokenstore.TokenStoreException) Fault(org.apache.cxf.interceptor.Fault) WSSecTimestamp(org.apache.wss4j.dom.message.WSSecTimestamp)

Example 4 with WSSecTimestamp

use of org.apache.wss4j.dom.message.WSSecTimestamp in project cxf by apache.

the class AbstractBindingBuilder method createTimestamp.

protected WSSecTimestamp createTimestamp() {
    if (binding.isIncludeTimestamp()) {
        Object o = message.getContextualProperty(SecurityConstants.TIMESTAMP_TTL);
        // default is 300 seconds
        int ttl = 300;
        if (o instanceof Number) {
            ttl = ((Number) o).intValue();
        } else if (o instanceof String) {
            ttl = Integer.parseInt((String) o);
        }
        if (ttl <= 0) {
            ttl = 300;
        }
        timestampEl = new WSSecTimestamp(secHeader);
        timestampEl.setIdAllocator(wssConfig.getIdAllocator());
        timestampEl.setWsTimeSource(wssConfig.getCurrentTime());
        timestampEl.setTimeToLive(ttl);
        timestampEl.prepare();
        String namespace = binding.getName().getNamespaceURI();
        PolicyUtils.assertPolicy(aim, new QName(namespace, SPConstants.INCLUDE_TIMESTAMP));
    }
    return timestampEl;
}
Also used : QName(javax.xml.namespace.QName) WSSecTimestamp(org.apache.wss4j.dom.message.WSSecTimestamp)

Example 5 with WSSecTimestamp

use of org.apache.wss4j.dom.message.WSSecTimestamp in project iaf by ibissource.

the class SoapWrapper method signMessage.

public Message signMessage(Message soapMessage, String user, String password, boolean passwordDigest) {
    try {
        // We only support signing for soap1_1 ?
        // Create an empty message and populate it later. createMessage(MimeHeaders, InputStream) requires proper headers to be set which we do not have...
        MessageFactory factory = MessageFactory.newInstance(SOAPConstants.SOAP_1_1_PROTOCOL);
        SOAPMessage msg = factory.createMessage();
        SOAPPart part = msg.getSOAPPart();
        part.setContent(new StreamSource(soapMessage.asInputStream()));
        // create unsigned envelope
        SOAPEnvelope unsignedEnvelope = part.getEnvelope();
        Document doc = unsignedEnvelope.getOwnerDocument();
        // create security header and insert it into unsigned envelope
        WSSecHeader secHeader = new WSSecHeader(doc);
        secHeader.insertSecurityHeader();
        // add a UsernameToken
        WSSecUsernameToken tokenBuilder = new WSSecUsernameToken(secHeader);
        tokenBuilder.setIdAllocator(idAllocator);
        if (passwordDigest) {
            tokenBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
        } else {
            tokenBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
        }
        tokenBuilder.setPrecisionInMilliSeconds(false);
        tokenBuilder.setUserInfo(user, password);
        WSTimeSource timesource = tokenBuilder.getWsTimeSource();
        tokenBuilder.addNonce();
        tokenBuilder.addCreated();
        tokenBuilder.prepare(null);
        Element element = tokenBuilder.getUsernameTokenElement();
        String nonce = XmlUtils.getChildTagAsString(element, "wsse:Nonce");
        byte[] decodedNonce = org.apache.xml.security.utils.XMLUtils.decode(nonce);
        String created = XmlUtils.getChildTagAsString(element, "wsu:Created");
        WSSecSignature sign = new WSSecSignature(secHeader);
        sign.setIdAllocator(idAllocator);
        sign.setCustomTokenValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
        sign.setCustomTokenId(tokenBuilder.getId());
        sign.setSigCanonicalization(WSConstants.C14N_EXCL_OMIT_COMMENTS);
        sign.setAddInclusivePrefixes(false);
        // conform WS-Trust spec
        String signatureValue = UsernameTokenUtil.doPasswordDigest(decodedNonce, created, password);
        sign.setSecretKey(signatureValue.getBytes(StreamUtil.DEFAULT_CHARSET));
        // UT_SIGNING no longer exists since v1.5.11
        sign.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
        sign.setSignatureAlgorithm(WSConstants.HMAC_SHA1);
        sign.build(null);
        tokenBuilder.prependToHeader();
        // add a Timestamp
        WSSecTimestamp timestampBuilder = new WSSecTimestamp(secHeader);
        timestampBuilder.setWsTimeSource(timesource);
        timestampBuilder.setTimeToLive(300);
        timestampBuilder.setIdAllocator(idAllocator);
        timestampBuilder.build();
        return new Message(doc);
    } catch (Exception e) {
        throw new RuntimeException("Could not sign message", e);
    }
}
Also used : MessageFactory(javax.xml.soap.MessageFactory) Message(nl.nn.adapterframework.stream.Message) SOAPMessage(javax.xml.soap.SOAPMessage) StreamSource(javax.xml.transform.stream.StreamSource) Element(org.w3c.dom.Element) WSSecSignature(org.apache.wss4j.dom.message.WSSecSignature) SOAPEnvelope(javax.xml.soap.SOAPEnvelope) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) WSSecTimestamp(org.apache.wss4j.dom.message.WSSecTimestamp) TransformerException(javax.xml.transform.TransformerException) TransformerConfigurationException(javax.xml.transform.TransformerConfigurationException) IOException(java.io.IOException) ConfigurationException(nl.nn.adapterframework.configuration.ConfigurationException) SAXException(org.xml.sax.SAXException) SenderException(nl.nn.adapterframework.core.SenderException) WSSecHeader(org.apache.wss4j.dom.message.WSSecHeader) SOAPPart(javax.xml.soap.SOAPPart) WSSecUsernameToken(org.apache.wss4j.dom.message.WSSecUsernameToken) WSTimeSource(org.apache.wss4j.common.util.WSTimeSource)

Aggregations

WSSecTimestamp (org.apache.wss4j.dom.message.WSSecTimestamp)5 QName (javax.xml.namespace.QName)3 Fault (org.apache.cxf.interceptor.Fault)2 Element (org.w3c.dom.Element)2 IOException (java.io.IOException)1 MessageFactory (javax.xml.soap.MessageFactory)1 SOAPEnvelope (javax.xml.soap.SOAPEnvelope)1 SOAPException (javax.xml.soap.SOAPException)1 SOAPMessage (javax.xml.soap.SOAPMessage)1 SOAPPart (javax.xml.soap.SOAPPart)1 TransformerConfigurationException (javax.xml.transform.TransformerConfigurationException)1 TransformerException (javax.xml.transform.TransformerException)1 StreamSource (javax.xml.transform.stream.StreamSource)1 ConfigurationException (nl.nn.adapterframework.configuration.ConfigurationException)1 SenderException (nl.nn.adapterframework.core.SenderException)1 Message (nl.nn.adapterframework.stream.Message)1 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)1 TokenStoreException (org.apache.cxf.ws.security.tokenstore.TokenStoreException)1 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)1 WSTimeSource (org.apache.wss4j.common.util.WSTimeSource)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial