Search in sources :

Example 21 with AbstractToken

use of org.apache.wss4j.policy.model.AbstractToken in project cxf by apache.

the class AsymmetricBindingHandler method doEncryptBeforeSign.

private void doEncryptBeforeSign() {
    AbstractTokenWrapper wrapper = getEncryptBeforeSignWrapper();
    AbstractToken encryptionToken = null;
    if (wrapper != null) {
        encryptionToken = wrapper.getToken();
        assertToken(encryptionToken);
    }
    AbstractTokenWrapper initiatorWrapper = abinding.getInitiatorSignatureToken();
    if (initiatorWrapper == null) {
        initiatorWrapper = abinding.getInitiatorToken();
    }
    assertTokenWrapper(initiatorWrapper);
    boolean attached = false;
    if (initiatorWrapper != null) {
        AbstractToken initiatorToken = initiatorWrapper.getToken();
        if (initiatorToken instanceof IssuedToken) {
            SecurityToken secToken = getSecurityToken();
            if (secToken == null) {
                unassertPolicy(initiatorToken, "Security token is not found or expired");
                return;
            } else if (isTokenRequired(initiatorToken.getIncludeTokenType())) {
                Element el = secToken.getToken();
                this.addEncryptedKeyElement(cloneElement(el));
                attached = true;
            }
        } else if (initiatorToken instanceof SamlToken && isRequestor()) {
            try {
                SamlAssertionWrapper assertionWrapper = addSamlToken((SamlToken) initiatorToken);
                if (assertionWrapper != null && isTokenRequired(initiatorToken.getIncludeTokenType())) {
                    Element envelope = saaj.getSOAPPart().getEnvelope();
                    envelope = (Element) DOMUtils.getDomElement(envelope);
                    addSupportingElement(assertionWrapper.toDOM(envelope.getOwnerDocument()));
                    storeAssertionAsSecurityToken(assertionWrapper);
                }
            } catch (Exception e) {
                String reason = e.getMessage();
                LOG.log(Level.WARNING, "Encrypt before sign failed due to : " + reason);
                LOG.log(Level.FINE, e.getMessage(), e);
                throw new Fault(e);
            }
        } else if (initiatorToken instanceof SamlToken) {
            String tokenId = getSAMLToken();
            if (tokenId == null) {
                unassertPolicy(initiatorToken, "Security token is not found or expired");
                return;
            }
        }
    }
    List<WSEncryptionPart> sigParts = new ArrayList<>();
    if (timestampEl != null) {
        WSEncryptionPart timestampPart = convertToEncryptionPart(timestampEl.getElement());
        sigParts.add(timestampPart);
    }
    try {
        addSupportingTokens(sigParts);
    } catch (WSSecurityException ex) {
        LOG.log(Level.FINE, ex.getMessage(), ex);
        unassertPolicy(encryptionToken, ex);
    }
    List<WSEncryptionPart> encrParts = null;
    try {
        encrParts = getEncryptedParts();
        // Signed parts are determined before encryption because encrypted signed headers
        // will not be included otherwise
        sigParts.addAll(this.getSignedParts(null));
    } catch (SOAPException ex) {
        LOG.log(Level.FINE, ex.getMessage(), ex);
        throw new Fault(ex);
    }
    WSSecBase encrBase = null;
    if (encryptionToken != null && !encrParts.isEmpty()) {
        encrBase = doEncryption(wrapper, encrParts, true);
        handleEncryptedSignedHeaders(encrParts, sigParts);
    }
    if (!isRequestor()) {
        addSignatureConfirmation(sigParts);
    }
    try {
        if (!sigParts.isEmpty()) {
            if (initiatorWrapper != null && isRequestor()) {
                doSignature(initiatorWrapper, sigParts, attached);
            } else if (!isRequestor()) {
                AbstractTokenWrapper recipientSignatureToken = abinding.getRecipientSignatureToken();
                if (recipientSignatureToken == null) {
                    recipientSignatureToken = abinding.getRecipientToken();
                }
                if (recipientSignatureToken != null) {
                    assertTokenWrapper(recipientSignatureToken);
                    assertToken(recipientSignatureToken.getToken());
                    doSignature(recipientSignatureToken, sigParts, attached);
                }
            }
        }
    } catch (WSSecurityException ex) {
        LOG.log(Level.FINE, ex.getMessage(), ex);
        throw new Fault(ex);
    } catch (SOAPException ex) {
        LOG.log(Level.FINE, ex.getMessage(), ex);
        throw new Fault(ex);
    }
    if (isRequestor()) {
        doEndorse();
    }
    if (encrBase != null) {
        encryptTokensInSecurityHeader(encryptionToken, encrBase);
    }
}
Also used : WSEncryptionPart(org.apache.wss4j.common.WSEncryptionPart) SamlToken(org.apache.wss4j.policy.model.SamlToken) IssuedToken(org.apache.wss4j.policy.model.IssuedToken) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) Fault(org.apache.cxf.interceptor.Fault) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) SOAPException(javax.xml.soap.SOAPException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) WSSecBase(org.apache.wss4j.dom.message.WSSecBase) AbstractToken(org.apache.wss4j.policy.model.AbstractToken) SOAPException(javax.xml.soap.SOAPException) AbstractTokenWrapper(org.apache.wss4j.policy.model.AbstractTokenWrapper)

Example 22 with AbstractToken

use of org.apache.wss4j.policy.model.AbstractToken in project cxf by apache.

the class StaxAsymmetricBindingHandler method doSignBeforeEncrypt.

private void doSignBeforeEncrypt() {
    try {
        AbstractTokenWrapper initiatorWrapper = abinding.getInitiatorSignatureToken();
        if (initiatorWrapper == null) {
            initiatorWrapper = abinding.getInitiatorToken();
        }
        if (initiatorWrapper != null) {
            assertTokenWrapper(initiatorWrapper);
            AbstractToken initiatorToken = initiatorWrapper.getToken();
            if (initiatorToken instanceof IssuedToken) {
                SecurityToken sigTok = getSecurityToken();
                addIssuedToken(initiatorToken, sigTok, false, true);
                if (sigTok != null) {
                    storeSecurityToken(initiatorToken, sigTok);
                    outboundSecurityContext.remove(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
                }
                // Set up CallbackHandler which wraps the configured Handler
                WSSSecurityProperties properties = getProperties();
                TokenStoreCallbackHandler callbackHandler = new TokenStoreCallbackHandler(properties.getCallbackHandler(), TokenStoreUtils.getTokenStore(message));
                properties.setCallbackHandler(callbackHandler);
            } else if (initiatorToken instanceof SamlToken) {
                addSamlToken((SamlToken) initiatorToken, false, true);
            }
            assertToken(initiatorToken);
        }
        // Add timestamp
        List<SecurePart> sigs = new ArrayList<>();
        if (timestampAdded) {
            SecurePart part = new SecurePart(new QName(WSSConstants.NS_WSU10, "Timestamp"), Modifier.Element);
            sigs.add(part);
        }
        sigs.addAll(this.getSignedParts());
        if (isRequestor() && initiatorWrapper != null) {
            doSignature(initiatorWrapper, sigs);
        } else if (!isRequestor()) {
            // confirm sig
            addSignatureConfirmation(sigs);
            AbstractTokenWrapper recipientSignatureToken = abinding.getRecipientSignatureToken();
            if (recipientSignatureToken == null) {
                recipientSignatureToken = abinding.getRecipientToken();
            }
            if (recipientSignatureToken != null) {
                assertTokenWrapper(recipientSignatureToken);
                assertToken(recipientSignatureToken.getToken());
            }
            if (recipientSignatureToken != null && !sigs.isEmpty()) {
                doSignature(recipientSignatureToken, sigs);
            }
        }
        addSupportingTokens();
        removeSignatureIfSignedSAML();
        prependSignatureToSC();
        List<SecurePart> enc = getEncryptedParts();
        // Check for signature protection
        if (abinding.isEncryptSignature()) {
            SecurePart part = new SecurePart(new QName(XMLSecurityConstants.NS_DSIG, "Signature"), Modifier.Element);
            enc.add(part);
            if (signatureConfirmationAdded) {
                SecurePart securePart = new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element);
                enc.add(securePart);
            }
            assertPolicy(new QName(abinding.getName().getNamespaceURI(), SPConstants.ENCRYPT_SIGNATURE));
        }
        // Do encryption
        AbstractTokenWrapper encToken;
        if (isRequestor()) {
            enc.addAll(encryptedTokensList);
            encToken = abinding.getRecipientEncryptionToken();
            if (encToken == null) {
                encToken = abinding.getRecipientToken();
            }
        } else {
            encToken = abinding.getInitiatorEncryptionToken();
            if (encToken == null) {
                encToken = abinding.getInitiatorToken();
            }
        }
        if (encToken != null) {
            assertTokenWrapper(encToken);
            assertToken(encToken.getToken());
        }
        doEncryption(encToken, enc, false);
        putCustomTokenAfterSignature();
    } catch (Exception e) {
        String reason = e.getMessage();
        LOG.log(Level.WARNING, "Sign before encryption failed due to : " + reason);
        throw new Fault(e);
    }
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) SamlToken(org.apache.wss4j.policy.model.SamlToken) QName(javax.xml.namespace.QName) IssuedToken(org.apache.wss4j.policy.model.IssuedToken) ArrayList(java.util.ArrayList) Fault(org.apache.cxf.interceptor.Fault) SOAPException(javax.xml.soap.SOAPException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) SecurePart(org.apache.xml.security.stax.ext.SecurePart) AbstractToken(org.apache.wss4j.policy.model.AbstractToken) TokenStoreCallbackHandler(org.apache.cxf.ws.security.wss4j.TokenStoreCallbackHandler) AbstractTokenWrapper(org.apache.wss4j.policy.model.AbstractTokenWrapper)

Example 23 with AbstractToken

use of org.apache.wss4j.policy.model.AbstractToken in project cxf by apache.

the class StaxAsymmetricBindingHandler method doSignature.

private void doSignature(AbstractTokenWrapper wrapper, List<SecurePart> sigParts) throws WSSecurityException, SOAPException {
    // Action
    WSSSecurityProperties properties = getProperties();
    WSSConstants.Action actionToPerform = XMLSecurityConstants.SIGNATURE;
    if (wrapper.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
        actionToPerform = WSSConstants.SIGNATURE_WITH_DERIVED_KEY;
    }
    List<WSSConstants.Action> actionList = properties.getActions();
    // Add a Signature directly before Kerberos, otherwise just append it
    boolean actionAdded = false;
    for (int i = 0; i < actionList.size(); i++) {
        WSSConstants.Action action = actionList.get(i);
        if (action.equals(WSSConstants.KERBEROS_TOKEN)) {
            actionList.add(i, actionToPerform);
            actionAdded = true;
            break;
        }
    }
    if (!actionAdded) {
        actionList.add(actionToPerform);
    }
    properties.getSignatureSecureParts().addAll(sigParts);
    AbstractToken sigToken = wrapper.getToken();
    configureSignature(sigToken, false);
    if (abinding.isProtectTokens() && (sigToken instanceof X509Token) && sigToken.getIncludeTokenType() != IncludeTokenType.INCLUDE_TOKEN_NEVER) {
        SecurePart securePart = new SecurePart(new QName(WSSConstants.NS_WSSE10, "BinarySecurityToken"), Modifier.Element);
        properties.addSignaturePart(securePart);
    } else if (sigToken instanceof IssuedToken || sigToken instanceof SecurityContextToken || sigToken instanceof SecureConversationToken || sigToken instanceof SpnegoContextToken || sigToken instanceof SamlToken) {
        properties.setIncludeSignatureToken(false);
    }
    if (sigToken.getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
        properties.setSignatureAlgorithm(abinding.getAlgorithmSuite().getSymmetricSignature());
    }
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSSConstants(org.apache.wss4j.stax.ext.WSSConstants) SamlToken(org.apache.wss4j.policy.model.SamlToken) QName(javax.xml.namespace.QName) IssuedToken(org.apache.wss4j.policy.model.IssuedToken) SecureConversationToken(org.apache.wss4j.policy.model.SecureConversationToken) SpnegoContextToken(org.apache.wss4j.policy.model.SpnegoContextToken) SecurePart(org.apache.xml.security.stax.ext.SecurePart) AbstractToken(org.apache.wss4j.policy.model.AbstractToken) X509Token(org.apache.wss4j.policy.model.X509Token) SecurityContextToken(org.apache.wss4j.policy.model.SecurityContextToken)

Example 24 with AbstractToken

use of org.apache.wss4j.policy.model.AbstractToken in project cxf by apache.

the class StaxSymmetricBindingHandler method doSignBeforeEncrypt.

private void doSignBeforeEncrypt() {
    AbstractTokenWrapper sigAbstractTokenWrapper = getSignatureToken();
    assertTokenWrapper(sigAbstractTokenWrapper);
    AbstractToken sigToken = sigAbstractTokenWrapper.getToken();
    String sigTokId = null;
    try {
        SecurityToken sigTok = null;
        if (sigToken != null) {
            if (sigToken instanceof KerberosToken) {
                sigTok = getSecurityToken();
                if (isRequestor()) {
                    addKerberosToken((KerberosToken) sigToken, false, true, true);
                }
            } else if (sigToken instanceof IssuedToken) {
                sigTok = getSecurityToken();
                addIssuedToken(sigToken, sigTok, false, true);
                if (sigTok == null && !isRequestor()) {
                    org.apache.xml.security.stax.securityToken.SecurityToken securityToken = findInboundSecurityToken(WSSecurityEventConstants.SAML_TOKEN);
                    sigTokId = WSS4JUtils.parseAndStoreStreamingSecurityToken(securityToken, message);
                }
            } else if (sigToken instanceof SecureConversationToken || sigToken instanceof SecurityContextToken || sigToken instanceof SpnegoContextToken) {
                sigTok = getSecurityToken();
                if (sigTok != null && isRequestor()) {
                    WSSSecurityProperties properties = getProperties();
                    WSSConstants.Action actionToPerform = WSSConstants.CUSTOM_TOKEN;
                    properties.addAction(actionToPerform);
                } else if (sigTok == null && !isRequestor()) {
                    org.apache.xml.security.stax.securityToken.SecurityToken securityToken = findInboundSecurityToken(WSSecurityEventConstants.SECURITY_CONTEXT_TOKEN);
                    sigTokId = WSS4JUtils.parseAndStoreStreamingSecurityToken(securityToken, message);
                }
            } else if (sigToken instanceof X509Token) {
                if (isRequestor()) {
                    sigTokId = setupEncryptedKey(sigAbstractTokenWrapper, sigToken);
                } else {
                    org.apache.xml.security.stax.securityToken.SecurityToken securityToken = findEncryptedKeyToken();
                    sigTokId = WSS4JUtils.parseAndStoreStreamingSecurityToken(securityToken, message);
                }
            } else if (sigToken instanceof UsernameToken) {
                unassertPolicy(sbinding, "UsernameTokens not supported with Symmetric binding");
                return;
            }
            assertToken(sigToken);
        } else {
            unassertPolicy(sbinding, "No signature token");
            return;
        }
        if (sigTok == null && StringUtils.isEmpty(sigTokId)) {
            unassertPolicy(sigAbstractTokenWrapper, "No signature token id");
            return;
        }
        if (sigTok == null) {
            sigTok = TokenStoreUtils.getTokenStore(message).getToken(sigTokId);
        }
        // Store key
        if (!(MessageUtils.isRequestor(message) && sigToken instanceof KerberosToken)) {
            storeSecurityToken(sigToken, sigTok);
        }
        // Add timestamp
        List<SecurePart> sigs = new ArrayList<>();
        if (timestampAdded) {
            SecurePart part = new SecurePart(new QName(WSSConstants.NS_WSU10, "Timestamp"), Modifier.Element);
            sigs.add(part);
        }
        sigs.addAll(this.getSignedParts());
        if (!isRequestor()) {
            addSignatureConfirmation(sigs);
        }
        if (!sigs.isEmpty()) {
            doSignature(sigAbstractTokenWrapper, sigToken, sigTok, sigs);
        }
        addSupportingTokens();
        removeSignatureIfSignedSAML();
        prependSignatureToSC();
        // Encryption
        List<SecurePart> enc = getEncryptedParts();
        // Check for signature protection
        if (sbinding.isEncryptSignature()) {
            SecurePart part = new SecurePart(new QName(XMLSecurityConstants.NS_DSIG, "Signature"), Modifier.Element);
            enc.add(part);
            if (signatureConfirmationAdded) {
                part = new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element);
                enc.add(part);
            }
            assertPolicy(new QName(sbinding.getName().getNamespaceURI(), SPConstants.ENCRYPT_SIGNATURE));
        }
        // Do encryption
        if (isRequestor()) {
            enc.addAll(encryptedTokensList);
        }
        AbstractTokenWrapper encrAbstractTokenWrapper = getEncryptionToken();
        doEncryption(encrAbstractTokenWrapper, enc, false);
        putCustomTokenAfterSignature();
    } catch (Exception e) {
        throw new Fault(e);
    }
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSSConstants(org.apache.wss4j.stax.ext.WSSConstants) KerberosToken(org.apache.wss4j.policy.model.KerberosToken) QName(javax.xml.namespace.QName) IssuedToken(org.apache.wss4j.policy.model.IssuedToken) UsernameToken(org.apache.wss4j.policy.model.UsernameToken) ArrayList(java.util.ArrayList) Fault(org.apache.cxf.interceptor.Fault) SecureConversationToken(org.apache.wss4j.policy.model.SecureConversationToken) SpnegoContextToken(org.apache.wss4j.policy.model.SpnegoContextToken) SOAPException(javax.xml.soap.SOAPException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) SecurePart(org.apache.xml.security.stax.ext.SecurePart) AbstractToken(org.apache.wss4j.policy.model.AbstractToken) X509Token(org.apache.wss4j.policy.model.X509Token) SecurityContextToken(org.apache.wss4j.policy.model.SecurityContextToken) AbstractTokenWrapper(org.apache.wss4j.policy.model.AbstractTokenWrapper)

Example 25 with AbstractToken

use of org.apache.wss4j.policy.model.AbstractToken in project cxf by apache.

the class StaxSymmetricBindingHandler method doEncryptBeforeSign.

private void doEncryptBeforeSign() {
    try {
        AbstractTokenWrapper encryptionWrapper = getEncryptionToken();
        assertTokenWrapper(encryptionWrapper);
        AbstractToken encryptionToken = encryptionWrapper.getToken();
        String tokenId = null;
        SecurityToken tok = null;
        if (encryptionToken instanceof KerberosToken) {
            tok = getSecurityToken();
            if (MessageUtils.isRequestor(message)) {
                addKerberosToken((KerberosToken) encryptionToken, false, true, true);
            }
        } else if (encryptionToken instanceof IssuedToken) {
            tok = getSecurityToken();
            addIssuedToken(encryptionToken, tok, false, true);
            if (tok == null && !isRequestor()) {
                org.apache.xml.security.stax.securityToken.SecurityToken securityToken = findInboundSecurityToken(WSSecurityEventConstants.SAML_TOKEN);
                tokenId = WSS4JUtils.parseAndStoreStreamingSecurityToken(securityToken, message);
            }
        } else if (encryptionToken instanceof SecureConversationToken || encryptionToken instanceof SecurityContextToken || encryptionToken instanceof SpnegoContextToken) {
            tok = getSecurityToken();
            if (tok != null && isRequestor()) {
                WSSSecurityProperties properties = getProperties();
                WSSConstants.Action actionToPerform = WSSConstants.CUSTOM_TOKEN;
                properties.addAction(actionToPerform);
            } else if (tok == null && !isRequestor()) {
                org.apache.xml.security.stax.securityToken.SecurityToken securityToken = findInboundSecurityToken(WSSecurityEventConstants.SECURITY_CONTEXT_TOKEN);
                tokenId = WSS4JUtils.parseAndStoreStreamingSecurityToken(securityToken, message);
            }
        } else if (encryptionToken instanceof X509Token) {
            if (isRequestor()) {
                tokenId = setupEncryptedKey(encryptionWrapper, encryptionToken);
            } else {
                org.apache.xml.security.stax.securityToken.SecurityToken securityToken = findEncryptedKeyToken();
                tokenId = WSS4JUtils.parseAndStoreStreamingSecurityToken(securityToken, message);
            }
        } else if (encryptionToken instanceof UsernameToken) {
            unassertPolicy(sbinding, "UsernameTokens not supported with Symmetric binding");
            return;
        }
        assertToken(encryptionToken);
        if (tok == null) {
            tokenId = XMLUtils.getIDFromReference(tokenId);
            // Get hold of the token from the token storage
            tok = TokenStoreUtils.getTokenStore(message).getToken(tokenId);
        }
        // Store key
        if (!(MessageUtils.isRequestor(message) && encryptionToken instanceof KerberosToken)) {
            storeSecurityToken(encryptionToken, tok);
        }
        List<SecurePart> encrParts = null;
        List<SecurePart> sigParts = null;
        try {
            encrParts = getEncryptedParts();
            // Signed parts are determined before encryption because encrypted signed headers
            // will not be included otherwise
            sigParts = getSignedParts();
        } catch (SOAPException ex) {
            throw new Fault(ex);
        }
        addSupportingTokens();
        if (encryptionToken != null && !encrParts.isEmpty()) {
            if (isRequestor()) {
                encrParts.addAll(encryptedTokensList);
            }
            // Check for signature protection
            if (sbinding.isEncryptSignature()) {
                SecurePart part = new SecurePart(new QName(XMLSecurityConstants.NS_DSIG, "Signature"), Modifier.Element);
                encrParts.add(part);
                if (signatureConfirmationAdded) {
                    part = new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element);
                    encrParts.add(part);
                }
                assertPolicy(new QName(sbinding.getName().getNamespaceURI(), SPConstants.ENCRYPT_SIGNATURE));
            }
            doEncryption(encryptionWrapper, encrParts, true);
        }
        if (timestampAdded) {
            SecurePart part = new SecurePart(new QName(WSSConstants.NS_WSU10, "Timestamp"), Modifier.Element);
            sigParts.add(part);
        }
        sigParts.addAll(this.getSignedParts());
        if (!sigParts.isEmpty()) {
            AbstractTokenWrapper sigAbstractTokenWrapper = getSignatureToken();
            if (sigAbstractTokenWrapper != null) {
                AbstractToken sigToken = sigAbstractTokenWrapper.getToken();
                if (isRequestor()) {
                    doSignature(sigAbstractTokenWrapper, sigToken, tok, sigParts);
                } else {
                    addSignatureConfirmation(sigParts);
                    doSignature(sigAbstractTokenWrapper, sigToken, tok, sigParts);
                }
            }
        }
        removeSignatureIfSignedSAML();
        enforceEncryptBeforeSigningWithSignedSAML();
        prependSignatureToSC();
        putCustomTokenAfterSignature();
    } catch (RuntimeException ex) {
        throw ex;
    } catch (Exception ex) {
        throw new Fault(ex);
    }
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSSConstants(org.apache.wss4j.stax.ext.WSSConstants) KerberosToken(org.apache.wss4j.policy.model.KerberosToken) QName(javax.xml.namespace.QName) IssuedToken(org.apache.wss4j.policy.model.IssuedToken) UsernameToken(org.apache.wss4j.policy.model.UsernameToken) Fault(org.apache.cxf.interceptor.Fault) SecureConversationToken(org.apache.wss4j.policy.model.SecureConversationToken) SpnegoContextToken(org.apache.wss4j.policy.model.SpnegoContextToken) SOAPException(javax.xml.soap.SOAPException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) SecurePart(org.apache.xml.security.stax.ext.SecurePart) AbstractToken(org.apache.wss4j.policy.model.AbstractToken) X509Token(org.apache.wss4j.policy.model.X509Token) SecurityContextToken(org.apache.wss4j.policy.model.SecurityContextToken) SOAPException(javax.xml.soap.SOAPException) AbstractTokenWrapper(org.apache.wss4j.policy.model.AbstractTokenWrapper)

Aggregations

AbstractToken (org.apache.wss4j.policy.model.AbstractToken)33 IssuedToken (org.apache.wss4j.policy.model.IssuedToken)25 X509Token (org.apache.wss4j.policy.model.X509Token)19 KerberosToken (org.apache.wss4j.policy.model.KerberosToken)17 SamlToken (org.apache.wss4j.policy.model.SamlToken)17 SecurityContextToken (org.apache.wss4j.policy.model.SecurityContextToken)17 SpnegoContextToken (org.apache.wss4j.policy.model.SpnegoContextToken)17 UsernameToken (org.apache.wss4j.policy.model.UsernameToken)15 AssertionInfo (org.apache.cxf.ws.policy.AssertionInfo)12 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)12 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)12 QName (javax.xml.namespace.QName)11 SupportingTokens (org.apache.wss4j.policy.model.SupportingTokens)11 SOAPException (javax.xml.soap.SOAPException)10 Fault (org.apache.cxf.interceptor.Fault)10 Element (org.w3c.dom.Element)10 KeyValueToken (org.apache.wss4j.policy.model.KeyValueToken)9 SecureConversationToken (org.apache.wss4j.policy.model.SecureConversationToken)9 AbstractTokenWrapper (org.apache.wss4j.policy.model.AbstractTokenWrapper)8 WSSSecurityProperties (org.apache.wss4j.stax.ext.WSSSecurityProperties)8