Examples with SecurePart org.apache.xml.security.stax.ext.SecurePart used on opensource projects

Search in sources :

Example 26 with SecurePart

use of org.apache.xml.security.stax.ext.SecurePart in project cxf by apache.

the class StaxCryptoCoverageCheckerTest method testSignatureTimestamp.

@Test
public void testSignatureTimestamp() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setCallbackHandler(new TestPwdCallback());
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    StaxCryptoCoverageChecker checker = new StaxCryptoCoverageChecker();
    service.getInInterceptors().add(checker);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    WSSSecurityProperties properties = new WSSSecurityProperties();
    List<WSSConstants.Action> actions = new ArrayList<WSSConstants.Action>();
    actions.add(WSSConstants.TIMESTAMP);
    actions.add(XMLSecurityConstants.SIGNATURE);
    properties.setActions(actions);
    properties.addSignaturePart(new SecurePart(new QName(WSSConstants.NS_WSU10, "Timestamp"), SecurePart.Modifier.Element));
    properties.addSignaturePart(new SecurePart(new QName(WSSConstants.NS_SOAP11, "Body"), SecurePart.Modifier.Element));
    properties.setSignatureUser("myalias");
    Properties outCryptoProperties = CryptoFactory.getProperties("outsecurity.properties", this.getClass().getClassLoader());
    properties.setSignatureCryptoProperties(outCryptoProperties);
    properties.setCallbackHandler(new TestPwdCallback());
    WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSSConstants(org.apache.wss4j.stax.ext.WSSConstants) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) SecurePart(org.apache.xml.security.stax.ext.SecurePart) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test)

Example 27 with SecurePart

use of org.apache.xml.security.stax.ext.SecurePart in project cxf by apache.

the class StaxCryptoCoverageCheckerTest method testEncryptUsernameToken.

@Test
public void testEncryptUsernameToken() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setCallbackHandler(new TestPwdCallback());
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setDecryptionCryptoProperties(cryptoProperties);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    StaxCryptoCoverageChecker checker = new StaxCryptoCoverageChecker();
    checker.setSignBody(false);
    checker.setEncryptUsernameToken(true);
    service.getInInterceptors().add(checker);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    WSSSecurityProperties properties = new WSSSecurityProperties();
    List<WSSConstants.Action> actions = new ArrayList<WSSConstants.Action>();
    actions.add(WSSConstants.USERNAMETOKEN);
    actions.add(XMLSecurityConstants.ENCRYPT);
    properties.setActions(actions);
    properties.addEncryptionPart(new SecurePart(new QName(WSSConstants.NS_WSSE10, "UsernameToken"), SecurePart.Modifier.Element));
    properties.setEncryptionUser("myalias");
    properties.setTokenUser("username");
    properties.setEncryptionSymAlgorithm(XMLSecurityConstants.NS_XENC_AES128);
    Properties outCryptoProperties = CryptoFactory.getProperties("outsecurity.properties", this.getClass().getClassLoader());
    properties.setEncryptionCryptoProperties(outCryptoProperties);
    properties.setCallbackHandler(new TestPwdCallback());
    WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
    checker.setSignUsernameToken(true);
    try {
        echo.echo("test");
        fail("Failure expected as UsernameToken isn't signed");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
    // expected
    }
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSSConstants(org.apache.wss4j.stax.ext.WSSConstants) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) SecurePart(org.apache.xml.security.stax.ext.SecurePart) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test)

Example 28 with SecurePart

use of org.apache.xml.security.stax.ext.SecurePart in project cxf by apache.

the class StaxRoundTripTest method testSignatureTimestamp.

@Test
public void testSignatureTimestamp() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setCallbackHandler(new TestPwdCallback());
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    WSSSecurityProperties properties = new WSSSecurityProperties();
    List<WSSConstants.Action> actions = new ArrayList<WSSConstants.Action>();
    actions.add(WSSConstants.TIMESTAMP);
    actions.add(XMLSecurityConstants.SIGNATURE);
    properties.setActions(actions);
    properties.addSignaturePart(new SecurePart(new QName(WSSConstants.NS_WSU10, "Timestamp"), SecurePart.Modifier.Element));
    properties.addSignaturePart(new SecurePart(new QName(WSSConstants.NS_SOAP11, "Body"), SecurePart.Modifier.Element));
    properties.setSignatureUser("myalias");
    Properties outCryptoProperties = CryptoFactory.getProperties("outsecurity.properties", this.getClass().getClassLoader());
    properties.setSignatureCryptoProperties(outCryptoProperties);
    properties.setCallbackHandler(new TestPwdCallback());
    WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSSConstants(org.apache.wss4j.stax.ext.WSSConstants) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) SecurePart(org.apache.xml.security.stax.ext.SecurePart) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test)

Example 29 with SecurePart

use of org.apache.xml.security.stax.ext.SecurePart in project cxf by apache.

the class StaxToDOMRoundTripTest method testSignatureTimestamp.

@Test
public void testSignatureTimestamp() throws Exception {
    // Create + configure service
    Service service = createService();
    Map<String, Object> inProperties = new HashMap<>();
    inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE + " " + ConfigurationConstants.TIMESTAMP);
    inProperties.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
    inProperties.put(ConfigurationConstants.SIG_VER_PROP_FILE, "insecurity.properties");
    WSS4JInInterceptor inInterceptor = new WSS4JInInterceptor(inProperties);
    service.getInInterceptors().add(inInterceptor);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    WSSSecurityProperties properties = new WSSSecurityProperties();
    List<WSSConstants.Action> actions = new ArrayList<WSSConstants.Action>();
    actions.add(WSSConstants.TIMESTAMP);
    actions.add(XMLSecurityConstants.SIGNATURE);
    properties.setActions(actions);
    properties.addSignaturePart(new SecurePart(new QName(WSSConstants.NS_WSU10, "Timestamp"), SecurePart.Modifier.Element));
    properties.addSignaturePart(new SecurePart(new QName(WSSConstants.NS_SOAP11, "Body"), SecurePart.Modifier.Element));
    properties.setSignatureUser("myalias");
    Properties cryptoProperties = CryptoFactory.getProperties("outsecurity.properties", this.getClass().getClassLoader());
    properties.setSignatureCryptoProperties(cryptoProperties);
    properties.setCallbackHandler(new TestPwdCallback());
    WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSSConstants(org.apache.wss4j.stax.ext.WSSConstants) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) SecurePart(org.apache.xml.security.stax.ext.SecurePart) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test)

Example 30 with SecurePart

use of org.apache.xml.security.stax.ext.SecurePart in project cxf by apache.

the class XmlSecOutInterceptor method configureSignature.

private void configureSignature(Message message, XMLSecurityProperties properties) throws Exception {
    String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
    CryptoLoader loader = new CryptoLoader();
    Crypto crypto = loader.getCrypto(message, SecurityConstants.SIGNATURE_CRYPTO, SecurityConstants.SIGNATURE_PROPERTIES);
    String user = RSSecurityUtils.getUserName(message, crypto, userNameKey);
    if (StringUtils.isEmpty(user) || RSSecurityUtils.USE_REQUEST_SIGNATURE_CERT.equals(user)) {
        throw new Exception("User name is not available");
    }
    String password = RSSecurityUtils.getPassword(message, user, WSPasswordCallback.SIGNATURE, this.getClass());
    X509Certificate[] issuerCerts = RSSecurityUtils.getCertificates(crypto, user);
    properties.setSignatureCerts(issuerCerts);
    String sigAlgo = sigProps.getSignatureAlgo() == null ? SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1 : sigProps.getSignatureAlgo();
    String pubKeyAlgo = issuerCerts[0].getPublicKey().getAlgorithm();
    if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
        sigAlgo = SignatureConstants.ALGO_ID_SIGNATURE_DSA_SHA1;
    }
    properties.setSignatureAlgorithm(sigAlgo);
    PrivateKey privateKey = null;
    try {
        privateKey = crypto.getPrivateKey(user, password);
    } catch (Exception ex) {
        String errorMessage = "Private key can not be loaded, user:" + user;
        LOG.severe(errorMessage);
        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
    }
    properties.setSignatureKey(privateKey);
    String digestAlgo = sigProps.getSignatureDigestAlgo() == null ? Constants.ALGO_ID_DIGEST_SHA1 : sigProps.getSignatureDigestAlgo();
    properties.setSignatureDigestAlgorithm(digestAlgo);
    if (this.keyInfoMustBeAvailable) {
        properties.setSignatureKeyIdentifier(convertKeyIdentifier(sigProps.getSignatureKeyIdType()));
        properties.setSignatureKeyName(sigProps.getSignatureKeyName());
    } else {
        properties.setSignatureKeyIdentifier(SecurityTokenConstants.KeyIdentifier_NoKeyInfo);
    }
    String c14nMethod = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
    if (sigProps.getSignatureC14nMethod() != null) {
        c14nMethod = sigProps.getSignatureC14nMethod();
    }
    properties.setSignatureCanonicalizationAlgorithm(c14nMethod);
    properties.addAction(XMLSecurityConstants.SIGNATURE);
    // Only enveloped supported for the moment.
    String transform = "http://www.w3.org/2001/10/xml-exc-c14n#";
    if (sigProps.getSignatureC14nTransform() != null) {
        transform = sigProps.getSignatureC14nTransform();
    }
    if (sigProps.getSignatureLocation() != null) {
        properties.setSignaturePosition(sigProps.getSignatureLocation());
    }
    if (sigProps.getSignatureGenerateIdAttributes() != null) {
        properties.setSignatureGenerateIds(sigProps.getSignatureGenerateIdAttributes());
    }
    if (Boolean.TRUE.equals(sigProps.getSignatureOmitC14nTransform())) {
        properties.setSignatureIncludeDigestTransform(false);
    }
    if (elementsToSign == null || elementsToSign.isEmpty()) {
        LOG.fine("No Elements to sign are specified, so the entire request is signed");
        SecurePart securePart = new SecurePart(null, SecurePart.Modifier.Element, new String[] { "http://www.w3.org/2000/09/xmldsig#enveloped-signature", transform }, digestAlgo);
        securePart.setSecureEntireRequest(true);
        properties.addSignaturePart(securePart);
    } else {
        for (QName element : elementsToSign) {
            SecurePart securePart = new SecurePart(element, SecurePart.Modifier.Element, new String[] { "http://www.w3.org/2000/09/xmldsig#enveloped-signature", transform }, digestAlgo);
            properties.addSignaturePart(securePart);
        }
    }
}
Also used : SecurePart(org.apache.xml.security.stax.ext.SecurePart) Crypto(org.apache.wss4j.common.crypto.Crypto) PrivateKey(java.security.PrivateKey) QName(javax.xml.namespace.QName) CryptoLoader(org.apache.cxf.rs.security.common.CryptoLoader) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) XMLStreamException(javax.xml.stream.XMLStreamException) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException) X509Certificate(java.security.cert.X509Certificate)

Aggregations

SecurePart (org.apache.xml.security.stax.ext.SecurePart)30 QName (javax.xml.namespace.QName)26 WSSSecurityProperties (org.apache.wss4j.stax.ext.WSSSecurityProperties)19 WSSConstants (org.apache.wss4j.stax.ext.WSSConstants)18 ArrayList (java.util.ArrayList)17 Properties (java.util.Properties)12 Client (org.apache.cxf.endpoint.Client)12 LoggingInInterceptor (org.apache.cxf.ext.logging.LoggingInInterceptor)12 LoggingOutInterceptor (org.apache.cxf.ext.logging.LoggingOutInterceptor)12 Service (org.apache.cxf.service.Service)12 Test (org.junit.Test)12 AbstractToken (org.apache.wss4j.policy.model.AbstractToken)8 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)7 HashMap (java.util.HashMap)6 IssuedToken (org.apache.wss4j.policy.model.IssuedToken)6 SOAPException (javax.xml.soap.SOAPException)5 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)5 Fault (org.apache.cxf.interceptor.Fault)4 AbstractTokenWrapper (org.apache.wss4j.policy.model.AbstractTokenWrapper)4 SecureConversationToken (org.apache.wss4j.policy.model.SecureConversationToken)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial