Examples with SoapSTSCallbackHandler org.forgerock.openam.sts.soap.SoapSTSCallbackHandler used on opensource projects

Example 1 with SoapSTSCallbackHandler

use of org.forgerock.openam.sts.soap.SoapSTSCallbackHandler in project OpenAM by OpenRock.

the class SoapSTSInstanceModule method getProperties.

/*
     */
/**
     * These properties configure the web-service deployment, and are primarily referenced by the ws-security interceptors
     * deployed as part of CXF. These interceptors are responsible for enforcing the security-policy bindings protecting
     * the STS. To this end, various crypto objects are required, and the TokenValidators for the configured validated
     * token types are plugged-in.
     * @param wssValidatorFactory the factory class which will produce the wss Validator instances to enforce SecurityPolicy bindings
     * @param logger for error state logging
     * @return the Map that serves to configure the web-service deployment
     * @throws WSSecurityException In case an unexpected TokenType is encountered, or a TokenValidator could not be created.
     */
@Provides
@Named(AMSTSConstants.STS_WEB_SERVICE_PROPERTIES)
@Inject
Map<String, Object> getProperties(WSSValidatorFactory wssValidatorFactory, Logger logger) throws WSSecurityException {
    Map<String, Object> properties = new HashMap<>();
    // KeystoreConfig may be null for a TLS-based SecurityPolicy binding, or for the AM-bare binding.
    if (stsInstanceConfig.getKeystoreConfig() != null) {
        properties.put(SecurityConstants.CALLBACK_HANDLER, new SoapSTSCallbackHandler(stsInstanceConfig.getKeystoreConfig(), logger));
        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
        properties.put(SecurityConstants.ENCRYPT_CRYPTO, crypto);
        properties.put(SecurityConstants.SIGNATURE_CRYPTO, crypto);
        properties.put(SecurityConstants.SIGNATURE_USERNAME, stsInstanceConfig.getKeystoreConfig().getSignatureKeyAlias());
    }
    properties.put("faultStackTraceEnabled", "true");
    properties.put("exceptionMessageCauseEnabled", "true");
    processSecurityPolicyTokenValidatorConfiguration(properties, wssValidatorFactory, logger);
    return properties;
}

Example 2 with SoapSTSCallbackHandler

use of org.forgerock.openam.sts.soap.SoapSTSCallbackHandler in project OpenAM by OpenRock.

the class SoapSTSInstanceModule method getSTSProperties.

/**
     * This method will provide the instance of the STSPropertiesMBean necessary both for the STS proper, and for the
     * CXF interceptor-set which enforces the SecurityPolicy bindings.
     *
     * It should be a singleton because this same instance is shared by all of the token operation instances, as well as
     * by the CXF interceptor-set
     */
@Provides
@Singleton
@Inject
STSPropertiesMBean getSTSProperties(Logger logger) {
    StaticSTSProperties stsProperties = new StaticSTSProperties();
    // KeystoreConfig may be null for a TLS-based SecurityPolicy binding, or for the AM-bare binding.
    if (stsInstanceConfig.getKeystoreConfig() != null) {
        stsProperties.setCallbackHandler(new SoapSTSCallbackHandler(stsInstanceConfig.getKeystoreConfig(), logger));
        Crypto crypto;
        try {
            crypto = CryptoFactory.getInstance(getEncryptionProperties());
        } catch (WSSecurityException e) {
            String message = "Exception caught initializing the CryptoFactory: " + e;
            logger.error(message, e);
            throw new IllegalStateException(message);
        }
        stsProperties.setSignatureCrypto(crypto);
        stsProperties.setEncryptionCrypto(crypto);
        stsProperties.setSignatureUsername(stsInstanceConfig.getKeystoreConfig().getSignatureKeyAlias());
    }
    return stsProperties;
}