Example 1 with KerberosClientSecurityToken
use of org.apache.wss4j.stax.impl.securityToken.KerberosClientSecurityToken in project cxf by apache.
the class AbstractStaxBindingHandler method addKerberosToken.
protected SecurePart addKerberosToken(KerberosToken token, boolean signed, boolean endorsing, boolean encrypting) throws WSSecurityException {
assertToken(token);
IncludeTokenType includeToken = token.getIncludeTokenType();
if (!isTokenRequired(includeToken)) {
return null;
}
final SecurityToken secToken = getSecurityToken();
if (secToken == null) {
unassertPolicy(token, "Could not find KerberosToken");
}
// Convert to WSS4J token
final KerberosClientSecurityToken wss4jToken = new KerberosClientSecurityToken(secToken.getData(), secToken.getKey(), secToken.getId()) {
@Override
public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
if (secToken.getSecret() != null && algorithmURI != null && !"".equals(algorithmURI)) {
return KeyUtils.prepareSecretKey(algorithmURI, secToken.getSecret());
}
return secToken.getKey();
}
};
wss4jToken.setSha1Identifier(secToken.getSHA1());
final SecurityTokenProvider<OutboundSecurityToken> kerberosSecurityTokenProvider = new SecurityTokenProvider<OutboundSecurityToken>() {
@Override
public OutboundSecurityToken getSecurityToken() throws WSSecurityException {
return wss4jToken;
}
@Override
public String getId() {
return wss4jToken.getId();
}
};
outboundSecurityContext.registerSecurityTokenProvider(kerberosSecurityTokenProvider.getId(), kerberosSecurityTokenProvider);
outboundSecurityContext.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_KERBEROS, kerberosSecurityTokenProvider.getId());
if (encrypting) {
outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION, kerberosSecurityTokenProvider.getId());
}
if (endorsing) {
outboundSecurityContext.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, kerberosSecurityTokenProvider.getId());
}
// Action
properties.addAction(WSSConstants.KERBEROS_TOKEN);
/*
if (endorsing) {
String action = (String)config.get(ConfigurationConstants.ACTION);
config.put(ConfigurationConstants.ACTION,
ConfigurationConstants.SIGNATURE_WITH_KERBEROS_TOKEN + " " + action);
// config.put(ConfigurationConstants.SIG_KEY_ID, "DirectReference");
}
*/
SecurePart securePart = new SecurePart(WSSConstants.TAG_WSSE_BINARY_SECURITY_TOKEN, Modifier.Element);
securePart.setIdToSign(wss4jToken.getId());
return securePart;
}
Also used :
GenericOutboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
KerberosClientSecurityToken(org.apache.wss4j.stax.impl.securityToken.KerberosClientSecurityToken)
OutboundSecurityToken(org.apache.xml.security.stax.securityToken.OutboundSecurityToken)
SecurePart(org.apache.xml.security.stax.ext.SecurePart)
GenericOutboundSecurityToken(org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)
OutboundSecurityToken(org.apache.xml.security.stax.securityToken.OutboundSecurityToken)
IncludeTokenType(org.apache.wss4j.policy.SPConstants.IncludeTokenType)
KerberosClientSecurityToken(org.apache.wss4j.stax.impl.securityToken.KerberosClientSecurityToken)
SecurityTokenProvider(org.apache.xml.security.stax.securityToken.SecurityTokenProvider)
Aggregations
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)1
IncludeTokenType (org.apache.wss4j.policy.SPConstants.IncludeTokenType)1
KerberosClientSecurityToken (org.apache.wss4j.stax.impl.securityToken.KerberosClientSecurityToken)1
SecurePart (org.apache.xml.security.stax.ext.SecurePart)1
GenericOutboundSecurityToken (org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken)1
OutboundSecurityToken (org.apache.xml.security.stax.securityToken.OutboundSecurityToken)1
SecurityTokenProvider (org.apache.xml.security.stax.securityToken.SecurityTokenProvider)1
