Example 6 with Validator
use of org.apache.wss4j.dom.validate.Validator in project ddf by codice.
the class SimpleSign method validateSignature.
public void validateSignature(Signature signature, Document doc) throws SignatureException {
RequestData requestData = new RequestData();
requestData.setWsDocInfo(new WSDocInfo(doc));
requestData.setSigVerCrypto(crypto.getSignatureCrypto());
WSSConfig wssConfig = WSSConfig.getNewInstance();
requestData.setWssConfig(wssConfig);
SAMLKeyInfo samlKeyInfo = null;
KeyInfo keyInfo = signature.getKeyInfo();
if (keyInfo != null) {
try {
samlKeyInfo = SAMLUtil.getCredentialFromKeyInfo(keyInfo.getDOM(), new WSSSAMLKeyInfoProcessor(requestData), crypto.getSignatureCrypto());
} catch (WSSecurityException e) {
throw new SignatureException("Unable to get KeyInfo.", e);
}
}
if (samlKeyInfo == null) {
throw new SignatureException("No KeyInfo supplied in the signature");
}
validateSignatureAndSamlKey(signature, samlKeyInfo);
Credential trustCredential = new Credential();
trustCredential.setPublicKey(samlKeyInfo.getPublicKey());
trustCredential.setCertificates(samlKeyInfo.getCerts());
Validator signatureValidator = new SignatureTrustValidator();
try {
signatureValidator.validate(trustCredential, requestData);
} catch (WSSecurityException e) {
throw new SignatureException("Error validating signature", e);
}
}
Also used :
WSDocInfo(org.apache.wss4j.dom.WSDocInfo)
BasicX509Credential(org.opensaml.security.x509.BasicX509Credential)
Credential(org.apache.wss4j.dom.validate.Credential)
SAMLKeyInfo(org.apache.wss4j.common.saml.SAMLKeyInfo)
WSSConfig(org.apache.wss4j.dom.engine.WSSConfig)
KeyInfo(org.opensaml.xmlsec.signature.KeyInfo)
SAMLKeyInfo(org.apache.wss4j.common.saml.SAMLKeyInfo)
RequestData(org.apache.wss4j.dom.handler.RequestData)
SignatureTrustValidator(org.apache.wss4j.dom.validate.SignatureTrustValidator)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
SignatureException(ddf.security.samlp.SignatureException)
WSSSAMLKeyInfoProcessor(org.apache.wss4j.dom.saml.WSSSAMLKeyInfoProcessor)
SignatureValidator(org.opensaml.xmlsec.signature.support.SignatureValidator)
SignatureTrustValidator(org.apache.wss4j.dom.validate.SignatureTrustValidator)
Validator(org.apache.wss4j.dom.validate.Validator)
SAMLSignatureProfileValidator(org.opensaml.saml.security.impl.SAMLSignatureProfileValidator)
Example 7 with Validator
use of org.apache.wss4j.dom.validate.Validator in project jbossws-cxf by jbossws.
the class SubjectCreatingInterceptor method getSecurityEngine.
@Override
protected WSSecurityEngine getSecurityEngine(boolean utNoCallbacks) {
Map<QName, Object> profiles = new HashMap<QName, Object>(1);
Validator validator = new CustomValidator();
profiles.put(WSConstants.USERNAME_TOKEN, validator);
return createSecurityEngine(profiles);
}
Also used :
HashMap(java.util.HashMap)
QName(javax.xml.namespace.QName)
Validator(org.apache.wss4j.dom.validate.Validator)
UsernameTokenValidator(org.apache.wss4j.dom.validate.UsernameTokenValidator)
Aggregations
Validator (org.apache.wss4j.dom.validate.Validator)7
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)5
WSSConfig (org.apache.wss4j.dom.engine.WSSConfig)5
RequestData (org.apache.wss4j.dom.handler.RequestData)4
Credential (org.apache.wss4j.dom.validate.Credential)4
Map (java.util.Map)3
Principal (java.security.Principal)2
ArrayList (java.util.ArrayList)2
HashMap (java.util.HashMap)2
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2
CallbackHandler (javax.security.auth.callback.CallbackHandler)2
JAXBElement (javax.xml.bind.JAXBElement)2
QName (javax.xml.namespace.QName)2
STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)2
ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)2
TokenValidator (org.apache.cxf.sts.token.validator.TokenValidator)2
TokenValidatorResponse (org.apache.cxf.sts.token.validator.TokenValidatorResponse)2
UsernameTokenType (org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType)2
BSPEnforcer (org.apache.wss4j.common.bsp.BSPEnforcer)2
Crypto (org.apache.wss4j.common.crypto.Crypto)2
