Search in sources :

Example 11 with AlgorithmSuiteType

use of org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType in project cxf by apache.

the class TransportBindingHandler method doSignature.

private byte[] doSignature(boolean tokenIncluded, SecurityToken secTok, AbstractToken token, SupportingTokens wrapper, List<WSEncryptionPart> sigParts) throws Exception {
    WSSecSignature sig = new WSSecSignature(secHeader);
    sig.setIdAllocator(wssConfig.getIdAllocator());
    sig.setCallbackLookup(callbackLookup);
    sig.setAttachmentCallbackHandler(new AttachmentCallbackHandler(message));
    sig.setStoreBytesInAttachment(storeBytesInAttachment);
    sig.setExpandXopInclude(isExpandXopInclude());
    sig.setWsDocInfo(wsDocInfo);
    // Setting the AttachedReference or the UnattachedReference according to the flag
    Element ref;
    if (tokenIncluded) {
        ref = secTok.getAttachedReference();
    } else {
        ref = secTok.getUnattachedReference();
    }
    if (ref != null) {
        SecurityTokenReference secRef = new SecurityTokenReference(cloneElement(ref), new BSPEnforcer());
        sig.setSecurityTokenReference(secRef);
        sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
    } else if (token instanceof UsernameToken) {
        sig.setCustomTokenId(secTok.getId());
        sig.setCustomTokenValueType(WSS4JConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
        int type = tokenIncluded ? WSConstants.CUSTOM_SYMM_SIGNING : WSConstants.CUSTOM_SYMM_SIGNING_DIRECT;
        sig.setKeyIdentifierType(type);
    } else if (secTok.getTokenType() == null) {
        sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
        sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
    } else {
        String id = secTok.getWsuId();
        if (id == null) {
            sig.setCustomTokenId(secTok.getId());
            sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING_DIRECT);
        } else {
            sig.setCustomTokenId(secTok.getWsuId());
            sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
        }
        String tokenType = secTok.getTokenType();
        if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML_NS.equals(tokenType)) {
            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
            sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
        } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML2_NS.equals(tokenType)) {
            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
            sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
        } else {
            sig.setCustomTokenValueType(tokenType);
        }
    }
    Crypto crypto = null;
    if (secTok.getSecret() == null) {
        sig.setX509Certificate(secTok.getX509Certificate());
        crypto = secTok.getCrypto();
        if (crypto == null) {
            crypto = getSignatureCrypto();
        }
        if (crypto == null) {
            LOG.fine("No signature Crypto properties are available");
            Exception ex = new Exception("No signature Crypto properties are available");
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
        }
        String uname = crypto.getX509Identifier(secTok.getX509Certificate());
        if (uname == null) {
            String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
            uname = (String) SecurityUtils.getSecurityPropertyValue(userNameKey, message);
        }
        String password = getPassword(uname, token, WSPasswordCallback.SIGNATURE);
        sig.setUserInfo(uname, password);
        sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getAsymmetricSignature());
    } else {
        crypto = getSignatureCrypto();
        sig.setSecretKey(secTok.getSecret());
        sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getSymmetricSignature());
    }
    sig.setSigCanonicalization(binding.getAlgorithmSuite().getC14n().getValue());
    AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType();
    sig.setDigestAlgo(algType.getDigest());
    sig.prepare(crypto);
    sig.getParts().addAll(sigParts);
    List<Reference> referenceList = sig.addReferencesToSign(sigParts);
    // Do signature
    if (bottomUpElement == null) {
        sig.computeSignature(referenceList, false, null);
    } else {
        sig.computeSignature(referenceList, true, bottomUpElement);
    }
    bottomUpElement = sig.getSignatureElement();
    mainSigId = sig.getId();
    return sig.getSignatureValue();
}
Also used : AlgorithmSuiteType(org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType) SecurityTokenReference(org.apache.wss4j.common.token.SecurityTokenReference) Reference(javax.xml.crypto.dsig.Reference) WSSecSignature(org.apache.wss4j.dom.message.WSSecSignature) Element(org.w3c.dom.Element) UsernameToken(org.apache.wss4j.policy.model.UsernameToken) WSSecUsernameToken(org.apache.wss4j.dom.message.WSSecUsernameToken) BSPEnforcer(org.apache.wss4j.common.bsp.BSPEnforcer) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) SOAPException(javax.xml.soap.SOAPException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) Crypto(org.apache.wss4j.common.crypto.Crypto) SecurityTokenReference(org.apache.wss4j.common.token.SecurityTokenReference) AttachmentCallbackHandler(org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler)

Example 12 with AlgorithmSuiteType

use of org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType in project cxf by apache.

the class TransportBindingHandler method doX509TokenSignature.

private byte[] doX509TokenSignature(AbstractToken token, SupportingTokens wrapper) throws Exception {
    List<WSEncryptionPart> sigParts = signPartsAndElements(wrapper.getSignedParts(), wrapper.getSignedElements());
    if (token.getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
        WSSecEncryptedKey encrKey = getEncryptedKeyBuilder(token);
        assertPolicy(wrapper);
        Element bstElem = encrKey.getBinarySecurityTokenElement();
        if (bstElem != null) {
            addTopDownElement(bstElem);
        }
        encrKey.appendToHeader();
        WSSecDKSign dkSig = new WSSecDKSign(secHeader);
        dkSig.setIdAllocator(wssConfig.getIdAllocator());
        dkSig.setCallbackLookup(callbackLookup);
        if (token.getVersion() == SPConstants.SPVersion.SP11) {
            dkSig.setWscVersion(ConversationConstants.VERSION_05_02);
        }
        dkSig.setSigCanonicalization(binding.getAlgorithmSuite().getC14n().getValue());
        dkSig.setSignatureAlgorithm(binding.getAlgorithmSuite().getSymmetricSignature());
        dkSig.setAttachmentCallbackHandler(new AttachmentCallbackHandler(message));
        dkSig.setStoreBytesInAttachment(storeBytesInAttachment);
        dkSig.setExpandXopInclude(isExpandXopInclude());
        dkSig.setWsDocInfo(wsDocInfo);
        AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType();
        dkSig.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8);
        dkSig.setExternalKey(encrKey.getEphemeralKey(), encrKey.getId());
        dkSig.prepare();
        dkSig.getParts().addAll(sigParts);
        List<Reference> referenceList = dkSig.addReferencesToSign(sigParts);
        // Do signature
        dkSig.appendDKElementToHeader();
        dkSig.computeSignature(referenceList, false, null);
        return dkSig.getSignatureValue();
    }
    WSSecSignature sig = getSignatureBuilder(token, false, false);
    assertPolicy(wrapper);
    if (sig != null) {
        sig.prependBSTElementToHeader();
        List<Reference> referenceList = sig.addReferencesToSign(sigParts);
        if (bottomUpElement == null) {
            sig.computeSignature(referenceList, false, null);
        } else {
            sig.computeSignature(referenceList, true, bottomUpElement);
        }
        bottomUpElement = sig.getSignatureElement();
        mainSigId = sig.getId();
        return sig.getSignatureValue();
    }
    return new byte[0];
}
Also used : WSSecDKSign(org.apache.wss4j.dom.message.WSSecDKSign) WSEncryptionPart(org.apache.wss4j.common.WSEncryptionPart) WSSecEncryptedKey(org.apache.wss4j.dom.message.WSSecEncryptedKey) AlgorithmSuiteType(org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType) SecurityTokenReference(org.apache.wss4j.common.token.SecurityTokenReference) Reference(javax.xml.crypto.dsig.Reference) Element(org.w3c.dom.Element) WSSecSignature(org.apache.wss4j.dom.message.WSSecSignature) AttachmentCallbackHandler(org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler)

Example 13 with AlgorithmSuiteType

use of org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType in project cxf by apache.

the class AbstractBindingBuilder method doSymmSignatureDerived.

private void doSymmSignatureDerived(AbstractToken policyToken, SecurityToken tok, List<WSEncryptionPart> sigParts, boolean isTokenProtection, boolean isSigProtect) throws WSSecurityException {
    Document doc = saaj.getSOAPPart();
    WSSecDKSign dkSign = new WSSecDKSign(secHeader);
    dkSign.setIdAllocator(wssConfig.getIdAllocator());
    dkSign.setCallbackLookup(callbackLookup);
    dkSign.setStoreBytesInAttachment(storeBytesInAttachment);
    dkSign.setExpandXopInclude(isExpandXopInclude());
    // Check whether it is security policy 1.2 and use the secure conversation accordingly
    if (policyToken.getVersion() == SPConstants.SPVersion.SP11) {
        dkSign.setWscVersion(ConversationConstants.VERSION_05_02);
    }
    // Check for whether the token is attached in the message or not
    boolean attached = false;
    if (isTokenRequired(policyToken.getIncludeTokenType())) {
        attached = true;
    }
    // Setting the AttachedReference or the UnattachedReference according to the flag
    Element ref;
    if (attached) {
        ref = tok.getAttachedReference();
    } else {
        ref = tok.getUnattachedReference();
    }
    if (ref != null) {
        ref = cloneElement(ref);
        dkSign.setExternalKey(tok.getSecret(), ref);
    } else if (!isRequestor() && policyToken.getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
        // If the Encrypted key used to create the derived key is not
        // attached use key identifier as defined in WSS1.1 section
        // 7.7 Encrypted Key reference
        SecurityTokenReference tokenRef = new SecurityTokenReference(doc);
        if (tok.getSHA1() != null) {
            tokenRef.setKeyIdentifierEncKeySHA1(tok.getSHA1());
            tokenRef.addTokenType(WSS4JConstants.WSS_ENC_KEY_VALUE_TYPE);
        }
        dkSign.setExternalKey(tok.getSecret(), tokenRef.getElement());
    } else {
        dkSign.setExternalKey(tok.getSecret(), tok.getId());
    }
    // Set the algo info
    dkSign.setSignatureAlgorithm(binding.getAlgorithmSuite().getSymmetricSignature());
    dkSign.setSigCanonicalization(binding.getAlgorithmSuite().getC14n().getValue());
    AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType();
    dkSign.setDerivedKeyLength(algType.getSignatureDerivedKeyLength() / 8);
    if (tok.getSHA1() != null) {
        // Set the value type of the reference
        dkSign.setCustomValueType(WSS4JConstants.SOAPMESSAGE_NS11 + "#" + WSS4JConstants.ENC_KEY_VALUE_TYPE);
    } else if (policyToken instanceof UsernameToken) {
        dkSign.setCustomValueType(WSS4JConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
    }
    dkSign.prepare();
    if (isTokenProtection) {
        String sigTokId = XMLUtils.getIDFromReference(tok.getId());
        sigParts.add(new WSEncryptionPart(sigTokId));
    }
    dkSign.getParts().addAll(sigParts);
    List<Reference> referenceList = dkSign.addReferencesToSign(sigParts);
    // Add elements to header
    addSupportingElement(dkSign.getdktElement());
    // Do signature
    dkSign.computeSignature(referenceList, false, null);
    if (isSigProtect) {
        WSEncryptionPart part = new WSEncryptionPart(dkSign.getSignatureId(), "Element");
        encryptedTokensList.add(part);
    }
    addSig(dkSign.getSignatureValue());
}
Also used : WSSecDKSign(org.apache.wss4j.dom.message.WSSecDKSign) WSEncryptionPart(org.apache.wss4j.common.WSEncryptionPart) SecurityTokenReference(org.apache.wss4j.common.token.SecurityTokenReference) AlgorithmSuiteType(org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType) Reference(javax.xml.crypto.dsig.Reference) SecurityTokenReference(org.apache.wss4j.common.token.SecurityTokenReference) Element(org.w3c.dom.Element) WSSecUsernameToken(org.apache.wss4j.dom.message.WSSecUsernameToken) UsernameToken(org.apache.wss4j.policy.model.UsernameToken) Document(org.w3c.dom.Document)

Example 14 with AlgorithmSuiteType

use of org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType in project cxf by apache.

the class AbstractBindingBuilder method doSymmSignature.

private void doSymmSignature(AbstractToken policyToken, SecurityToken tok, List<WSEncryptionPart> sigParts, boolean isTokenProtection, boolean isSigProtect) throws WSSecurityException {
    WSSecSignature sig = new WSSecSignature(secHeader);
    sig.setIdAllocator(wssConfig.getIdAllocator());
    sig.setCallbackLookup(callbackLookup);
    sig.setAttachmentCallbackHandler(new AttachmentCallbackHandler(message));
    sig.setStoreBytesInAttachment(storeBytesInAttachment);
    sig.setExpandXopInclude(isExpandXopInclude());
    sig.setWsDocInfo(wsDocInfo);
    // be used in the wsse:Reference in ds:KeyInfo
    if (policyToken instanceof X509Token) {
        if (isRequestor()) {
            // TODO Add support for SAML2 here
            sig.setCustomTokenValueType(WSS4JConstants.SOAPMESSAGE_NS11 + "#" + WSS4JConstants.ENC_KEY_VALUE_TYPE);
            sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
        } else {
            // the tok has to be an EncryptedKey token
            sig.setEncrKeySha1value(tok.getSHA1());
            sig.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
        }
    } else {
        String tokenType = tok.getTokenType();
        if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML_NS.equals(tokenType)) {
            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
        } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML2_NS.equals(tokenType)) {
            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
        } else if (tokenType != null) {
            sig.setCustomTokenValueType(tokenType);
        } else if (policyToken instanceof UsernameToken) {
            sig.setCustomTokenValueType(WSS4JConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
        } else {
            sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
        }
        sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
    }
    String sigTokId = tok.getWsuId();
    if (sigTokId == null) {
        sigTokId = tok.getId();
    }
    sigTokId = XMLUtils.getIDFromReference(sigTokId);
    sig.setCustomTokenId(sigTokId);
    sig.setSecretKey(tok.getSecret());
    sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getSymmetricSignature());
    AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType();
    sig.setDigestAlgo(algType.getDigest());
    sig.setSigCanonicalization(binding.getAlgorithmSuite().getC14n().getValue());
    sig.prepare(getSignatureCrypto());
    sig.getParts().addAll(sigParts);
    List<Reference> referenceList = sig.addReferencesToSign(sigParts);
    // Do signature
    sig.computeSignature(referenceList, false, null);
    if (isSigProtect) {
        WSEncryptionPart part = new WSEncryptionPart(sig.getId(), "Element");
        encryptedTokensList.add(part);
    }
    addSig(sig.getSignatureValue());
}
Also used : WSEncryptionPart(org.apache.wss4j.common.WSEncryptionPart) X509Token(org.apache.wss4j.policy.model.X509Token) AlgorithmSuiteType(org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType) Reference(javax.xml.crypto.dsig.Reference) SecurityTokenReference(org.apache.wss4j.common.token.SecurityTokenReference) WSSecSignature(org.apache.wss4j.dom.message.WSSecSignature) AttachmentCallbackHandler(org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler) WSSecUsernameToken(org.apache.wss4j.dom.message.WSSecUsernameToken) UsernameToken(org.apache.wss4j.policy.model.UsernameToken)

Example 15 with AlgorithmSuiteType

use of org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType in project cxf by apache.

the class AbstractBindingBuilder method getSignatureBuilder.

protected WSSecSignature getSignatureBuilder(AbstractToken token, boolean attached, boolean endorse) throws WSSecurityException {
    WSSecSignature sig = new WSSecSignature(secHeader);
    sig.setIdAllocator(wssConfig.getIdAllocator());
    sig.setCallbackLookup(callbackLookup);
    sig.setAttachmentCallbackHandler(new AttachmentCallbackHandler(message));
    sig.setStoreBytesInAttachment(storeBytesInAttachment);
    sig.setExpandXopInclude(isExpandXopInclude());
    sig.setWsDocInfo(wsDocInfo);
    checkForX509PkiPath(sig, token);
    if (token instanceof IssuedToken || token instanceof SamlToken) {
        assertToken(token);
        SecurityToken securityToken = getSecurityToken();
        String tokenType = securityToken.getTokenType();
        Element ref;
        if (attached) {
            ref = securityToken.getAttachedReference();
        } else {
            ref = securityToken.getUnattachedReference();
        }
        if (ref != null) {
            SecurityTokenReference secRef = new SecurityTokenReference(cloneElement(ref), new BSPEnforcer());
            sig.setSecurityTokenReference(secRef);
            sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
        } else {
            int type = attached ? WSConstants.CUSTOM_SYMM_SIGNING : WSConstants.CUSTOM_SYMM_SIGNING_DIRECT;
            if (WSS4JConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML_NS.equals(tokenType)) {
                sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML_KI_VALUE_TYPE);
                sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
            } else if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSS4JConstants.SAML2_NS.equals(tokenType)) {
                sig.setCustomTokenValueType(WSS4JConstants.WSS_SAML2_KI_VALUE_TYPE);
                sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
            } else {
                sig.setCustomTokenValueType(tokenType);
                sig.setKeyIdentifierType(type);
            }
        }
        String sigTokId;
        if (attached) {
            sigTokId = securityToken.getWsuId();
            if (sigTokId == null) {
                sigTokId = securityToken.getId();
            }
            if (sigTokId.startsWith("#")) {
                sigTokId = sigTokId.substring(1);
            }
        } else {
            sigTokId = securityToken.getId();
        }
        sig.setCustomTokenId(sigTokId);
    } else {
        setKeyIdentifierType(sig, token);
        // Find out do we also need to include the token as per the Inclusion requirement
        if (token instanceof X509Token && token.getIncludeTokenType() != IncludeTokenType.INCLUDE_TOKEN_NEVER && (sig.getKeyIdentifierType() != WSConstants.BST_DIRECT_REFERENCE && sig.getKeyIdentifierType() != WSConstants.KEY_VALUE)) {
            sig.setIncludeSignatureToken(true);
        }
    }
    boolean encryptCrypto = false;
    String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
    String type = "signature";
    if (binding instanceof SymmetricBinding && !endorse) {
        encryptCrypto = ((SymmetricBinding) binding).getProtectionToken() != null;
        userNameKey = SecurityConstants.ENCRYPT_USERNAME;
    }
    Crypto crypto = encryptCrypto ? getEncryptionCrypto() : getSignatureCrypto();
    if (endorse && crypto == null && binding instanceof SymmetricBinding) {
        type = "encryption";
        userNameKey = SecurityConstants.ENCRYPT_USERNAME;
        crypto = getEncryptionCrypto();
    }
    if (!encryptCrypto) {
        message.getExchange().put(SecurityConstants.SIGNATURE_CRYPTO, crypto);
    }
    String user = (String) SecurityUtils.getSecurityPropertyValue(userNameKey, message);
    if (StringUtils.isEmpty(user)) {
        if (crypto != null) {
            try {
                user = crypto.getDefaultX509Identifier();
                if (StringUtils.isEmpty(user)) {
                    unassertPolicy(token, "No configured " + type + " username detected");
                    return null;
                }
            } catch (WSSecurityException e1) {
                LOG.log(Level.FINE, e1.getMessage(), e1);
                throw new Fault(e1);
            }
        } else {
            unassertPolicy(token, "Security configuration could not be detected. " + "Potential cause: Make sure jaxws:client element with name " + "attribute value matching endpoint port is defined as well as a " + SecurityConstants.SIGNATURE_PROPERTIES + " element within it.");
            return null;
        }
    }
    String password = getPassword(user, token, WSPasswordCallback.SIGNATURE);
    sig.setUserInfo(user, password);
    sig.setSignatureAlgorithm(binding.getAlgorithmSuite().getAsymmetricSignature());
    AlgorithmSuiteType algType = binding.getAlgorithmSuite().getAlgorithmSuiteType();
    sig.setDigestAlgo(algType.getDigest());
    sig.setSigCanonicalization(binding.getAlgorithmSuite().getC14n().getValue());
    boolean includePrefixes = MessageUtils.getContextualBoolean(message, SecurityConstants.ADD_INCLUSIVE_PREFIXES, true);
    sig.setAddInclusivePrefixes(includePrefixes);
    try {
        sig.prepare(crypto);
    } catch (WSSecurityException e) {
        LOG.log(Level.FINE, e.getMessage(), e);
        unassertPolicy(token, e);
    }
    return sig;
}
Also used : SymmetricBinding(org.apache.wss4j.policy.model.SymmetricBinding) SamlToken(org.apache.wss4j.policy.model.SamlToken) AlgorithmSuiteType(org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType) WSSecSignature(org.apache.wss4j.dom.message.WSSecSignature) IssuedToken(org.apache.wss4j.policy.model.IssuedToken) Element(org.w3c.dom.Element) BSPEnforcer(org.apache.wss4j.common.bsp.BSPEnforcer) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) Fault(org.apache.cxf.interceptor.Fault) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Crypto(org.apache.wss4j.common.crypto.Crypto) SecurityTokenReference(org.apache.wss4j.common.token.SecurityTokenReference) X509Token(org.apache.wss4j.policy.model.X509Token) AttachmentCallbackHandler(org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler)

Aggregations

AlgorithmSuiteType (org.apache.wss4j.policy.model.AlgorithmSuite.AlgorithmSuiteType)25 AttachmentCallbackHandler (org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler)12 Element (org.w3c.dom.Element)12 SecurityTokenReference (org.apache.wss4j.common.token.SecurityTokenReference)9 Reference (javax.xml.crypto.dsig.Reference)8 UsernameToken (org.apache.wss4j.policy.model.UsernameToken)8 X509Token (org.apache.wss4j.policy.model.X509Token)8 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)7 WSSecUsernameToken (org.apache.wss4j.dom.message.WSSecUsernameToken)7 QName (javax.xml.namespace.QName)6 WSEncryptionPart (org.apache.wss4j.common.WSEncryptionPart)6 WSSecSignature (org.apache.wss4j.dom.message.WSSecSignature)6 KerberosToken (org.apache.wss4j.policy.model.KerberosToken)6 SecureConversationToken (org.apache.wss4j.policy.model.SecureConversationToken)6 SecurityContextToken (org.apache.wss4j.policy.model.SecurityContextToken)6 SOAPException (javax.xml.soap.SOAPException)5 Crypto (org.apache.wss4j.common.crypto.Crypto)5 WSSecDKSign (org.apache.wss4j.dom.message.WSSecDKSign)5 IssuedToken (org.apache.wss4j.policy.model.IssuedToken)5 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)4