use of org.apache.wss4j.dom.processor.UsernameTokenProcessor in project cxf by apache.
the class UsernameTokenInterceptor method validateToken.
protected WSSecurityEngineResult validateToken(Element tokenElement, final SoapMessage message) throws WSSecurityException, Base64DecodingException {
boolean bspCompliant = isWsiBSPCompliant(message);
boolean allowNoPassword = isAllowNoPassword(message.get(AssertionInfoMap.class));
UsernameTokenProcessor p = new UsernameTokenProcessor();
RequestData data = new CXFRequestData();
Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message);
try {
data.setCallbackHandler(SecurityUtils.getCallbackHandler(o));
} catch (Exception ex) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
}
data.setMsgContext(message);
// Configure replay caching
ReplayCache nonceCache = WSS4JUtils.getReplayCache(message, SecurityConstants.ENABLE_NONCE_CACHE, SecurityConstants.NONCE_CACHE_INSTANCE);
data.setNonceReplayCache(nonceCache);
data.setAllowUsernameTokenNoPassword(allowNoPassword);
data.setWssConfig(WSSConfig.getNewInstance());
if (!bspCompliant) {
data.setDisableBSPEnforcement(true);
}
data.setMsgContext(message);
WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument());
data.setWsDocInfo(wsDocInfo);
try {
List<WSSecurityEngineResult> results = p.handleToken(tokenElement, data);
return results.get(0);
} catch (WSSecurityException ex) {
throw WSS4JUtils.createSoapFault(message, message.getVersion(), ex);
}
}
Aggregations