Examples with UsernameToken - org.apache.wss4j.dom.message.token.UsernameToken

Example 11 with UsernameToken

use of org.apache.wss4j.dom.message.token.UsernameToken in project testcases by coheigea.

the class SpringSecurityBasicAuthInterceptor method convertPolicyToToken.

protected UsernameToken convertPolicyToToken(AuthorizationPolicy policy) throws Exception {
    Document doc = DOMUtils.createDocument();
    UsernameToken token = new UsernameToken(false, doc, WSConstants.PASSWORD_TEXT);
    token.setName(policy.getUserName());
    token.setPassword(policy.getPassword());
    return token;
}

Also used : UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) Document(org.w3c.dom.Document)

Example 12 with UsernameToken

use of org.apache.wss4j.dom.message.token.UsernameToken in project testcases by coheigea.

the class SyncopeBasicAuthInterceptor method handleMessage.

public void handleMessage(Message message) throws Fault {
    AuthorizationPolicy policy = message.get(AuthorizationPolicy.class);
    if (policy == null || policy.getUserName() == null || policy.getPassword() == null) {
        String name = null;
        if (policy != null) {
            name = policy.getUserName();
        }
        String error = "No user credentials are available";
        LOG.warning(error + " " + "for name: " + name);
        throw new SecurityException(error);
    }
    try {
        UsernameToken token = convertPolicyToToken(policy);
        Credential credential = new Credential();
        credential.setUsernametoken(token);
        RequestData data = new RequestData();
        data.setMsgContext(message);
        credential = validator.validate(credential, data);
        // Create a Principal/SecurityContext
        Principal p = null;
        if (credential != null && credential.getPrincipal() != null) {
            p = credential.getPrincipal();
        } else {
            p = new WSUsernameTokenPrincipalImpl(policy.getUserName(), false);
            ((WSUsernameTokenPrincipalImpl) p).setPassword(policy.getPassword());
        }
        message.put(SecurityContext.class, createSecurityContext(p));
    } catch (Exception ex) {
        throw new Fault(ex);
    }
}

Also used : AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) Credential(org.apache.wss4j.dom.validate.Credential) RequestData(org.apache.wss4j.dom.handler.RequestData) UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) Fault(org.apache.cxf.interceptor.Fault) Principal(java.security.Principal) WSUsernameTokenPrincipalImpl(org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl)

Example 13 with UsernameToken

use of org.apache.wss4j.dom.message.token.UsernameToken in project testcases by coheigea.

the class SyncopeUTValidator method validate.

public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
    if (credential == null || credential.getUsernametoken() == null) {
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential");
    }
    // Validate the UsernameToken
    UsernameToken usernameToken = credential.getUsernametoken();
    String pwType = usernameToken.getPasswordType();
    if (log.isDebugEnabled()) {
        log.debug("UsernameToken user " + usernameToken.getName());
        log.debug("UsernameToken password type " + pwType);
    }
    if (!WSConstants.PASSWORD_TEXT.equals(pwType)) {
        if (log.isDebugEnabled()) {
            log.debug("Authentication failed - digest passwords are not accepted");
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
    }
    if (usernameToken.getPassword() == null) {
        if (log.isDebugEnabled()) {
            log.debug("Authentication failed - no password was provided");
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
    }
    // Send it off to Syncope for validation
    WebClient client = WebClient.create(address, Collections.singletonList(new JacksonJsonProvider()));
    String authorizationHeader = "Basic " + Base64Utility.encode((usernameToken.getName() + ":" + usernameToken.getPassword()).getBytes());
    client.header("Authorization", authorizationHeader);
    if (log.isDebugEnabled()) {
        log.debug("Authenticating user " + usernameToken.getName() + " to Syncope server");
    }
    client = client.path("users/self");
    try {
        UserTO user = client.get(UserTO.class);
        if (user == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
        }
    } catch (RuntimeException ex) {
        if (log.isDebugEnabled()) {
            log.debug(ex.getMessage(), ex);
        }
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
    }
    return credential;
}

Also used : UserTO(org.apache.syncope.common.lib.to.UserTO) JacksonJsonProvider(com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider) UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WebClient(org.apache.cxf.jaxrs.client.WebClient)

Example 14 with UsernameToken

use of org.apache.wss4j.dom.message.token.UsernameToken in project wildfly by wildfly.

the class UsernameTokenCallbackHandler method getUsernameTokenElement.

/**
 * @param username
 * @param password
 * @return
 */
public Element getUsernameTokenElement(String username, String password) {
    Document doc = DOMUtils.createDocument();
    Element result = null;
    UsernameToken usernameToken = null;
    if (username != null) {
        usernameToken = createWSSEUsernameToken(username, password, doc);
        result = usernameToken.getElement();
    }
    return result;
}

Also used : Element(org.w3c.dom.Element) UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) Document(org.w3c.dom.Document)

Example 15 with UsernameToken

use of org.apache.wss4j.dom.message.token.UsernameToken in project wildfly by wildfly.

the class UsernameTokenCallbackHandler method getUsernameTokenString.

/**
 * @param username
 * @param password
 * @return
 */
public String getUsernameTokenString(String username, String password) {
    Document doc = DOMUtils.createDocument();
    String result = null;
    if (username != null) {
        UsernameToken usernameToken = createWSSEUsernameToken(username, password, doc);
        result = toString(usernameToken.getElement().getFirstChild().getParentNode());
    }
    return result;
}

Also used : UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken) Document(org.w3c.dom.Document)

Aggregations

UsernameToken (org.apache.wss4j.dom.message.token.UsernameToken)46 Document (org.w3c.dom.Document)32 Credential (org.apache.wss4j.dom.validate.Credential)16 RequestData (org.apache.wss4j.dom.handler.RequestData)15 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)12 Element (org.w3c.dom.Element)10 Principal (java.security.Principal)9 WSUsernameTokenPrincipalImpl (org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl)5 Test (org.junit.Test)5 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)4 JAXBElement (javax.xml.bind.JAXBElement)4 AuthorizationPolicy (org.apache.cxf.configuration.security.AuthorizationPolicy)4 Message (org.apache.cxf.message.Message)4 ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)4 UsernameTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)4 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)4 CustomTokenPrincipal (org.apache.wss4j.common.principal.CustomTokenPrincipal)4 CallbackHandler (javax.security.auth.callback.CallbackHandler)3 Fault (org.apache.cxf.interceptor.Fault)3 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)3