Package org.apache.cxf.ws.security.tokenstore

Examples of org.apache.cxf.ws.security.tokenstore.SecurityToken

1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
        checkForX509PkiPath(sig, token);
        boolean alsoIncludeToken = false;
        if (token instanceof IssuedToken || token instanceof SamlToken) {
            policyAsserted(token);
            policyAsserted(wrapper);
            SecurityToken securityToken = getSecurityToken();
            String tokenType = securityToken.getTokenType();
           
            Element ref;
            if (attached) {
                ref = securityToken.getAttachedReference();
            } else {
                ref = securityToken.getUnattachedReference();
            }
           
            if (ref != null) {
                SecurityTokenReference secRef =
                    new SecurityTokenReference(cloneElement(ref), false);
                sig.setSecurityTokenReference(secRef);
                sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
            } else {
                int type = attached ? WSConstants.CUSTOM_SYMM_SIGNING
                    : WSConstants.CUSTOM_SYMM_SIGNING_DIRECT;
                if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
                    || WSConstants.SAML_NS.equals(tokenType)) {
                    sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
                    sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
                } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
                    || WSConstants.SAML2_NS.equals(tokenType)) {
                    sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
                    sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
                } else {
                    sig.setCustomTokenValueType(tokenType);
                    sig.setKeyIdentifierType(type);
                }
            }
           
            String sigTokId;
            if (attached) {
                sigTokId = securityToken.getWsuId();
                if (sigTokId == null) {
                    sigTokId = securityToken.getId();                   
                }
                if (sigTokId.startsWith("#")) {
                    sigTokId = sigTokId.substring(1);
                }
            } else {
                sigTokId = securityToken.getId();
            }
           
            sig.setCustomTokenId(sigTokId);
        } else {
            setKeyIdentifierType(sig, wrapper, token);
View Full Code Here
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
                } catch (WSSecurityException e) {
                    policyNotAsserted(ent.getKey(), e);
                }
               
            } else if (tempTok instanceof WSSecurityTokenHolder) {
                SecurityToken token = ((WSSecurityTokenHolder)tempTok).getToken();
                if (isTokenProtection) {
                    sigParts.add(new WSEncryptionPart(token.getId()));
                }
               
                try {
                    if (ent.getKey().isDerivedKeys()) {
                        doSymmSignatureDerived(ent.getKey(), token, sigParts, isTokenProtection);
                    } else {
                        doSymmSignature(ent.getKey(), token, sigParts, isTokenProtection);
                    }
                } catch (Exception e) {
                    LOG.log(Level.FINE, e.getMessage(), e);
                }
            } else if (tempTok instanceof WSSecUsernameToken) {
                WSSecUsernameToken utBuilder = (WSSecUsernameToken)tempTok;
                String id = utBuilder.getId();

                Date created = new Date();
                Date expires = new Date();
                expires.setTime(created.getTime() + 300000);
                SecurityToken secToken =
                    new SecurityToken(id, utBuilder.getUsernameTokenElement(), created, expires);
               
                if (isTokenProtection) {
                    sigParts.add(new WSEncryptionPart(secToken.getId()));
                }
               
                try {
                    byte[] secret = utBuilder.getDerivedKey();
                    secToken.setSecret(secret);
                   
                    if (ent.getKey().isDerivedKeys()) {
                        doSymmSignatureDerived(ent.getKey(), secToken, sigParts, isTokenProtection);
                    } else {
                        doSymmSignature(ent.getKey(), secToken, sigParts, isTokenProtection);
View Full Code Here
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
            if (tokenParameters.getTokenStore() != null) {
                Date expires = new Date();
                long currentTime = expires.getTime();
                expires.setTime(currentTime + (conditionsProvider.getLifetime() * 1000L));
               
                SecurityToken securityToken = new SecurityToken(assertion.getId(), null, expires);
                securityToken.setToken(token);
                securityToken.setPrincipal(tokenParameters.getPrincipal());
                int hash = 0;
                byte[] signatureValue = assertion.getSignatureValue();
                if (signatureValue != null && signatureValue.length > 0) {
                    hash = Arrays.hashCode(signatureValue);
                    securityToken.setAssociatedHash(hash);
                }
                if (tokenParameters.getRealm() != null) {
                    Properties props = securityToken.getProperties();
                    if (props == null) {
                        props = new Properties();
                    }
                    props.setProperty(STSConstants.TOKEN_REALM, tokenParameters.getRealm());
                    securityToken.setProperties(props);
                }
                int ttl = (int)conditionsProvider.getLifetime();
                tokenParameters.getTokenStore().add(securityToken, ttl);
            }
           
View Full Code Here
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
                if (utBuilder != null) {
                    utBuilder.prepare(saaj.getSOAPPart());
                    utBuilder.appendToHeader(secHeader);
                }
            } else if (token instanceof IssuedToken || token instanceof KerberosToken) {
                SecurityToken secTok = getSecurityToken();
               
                if (includeToken(token.getInclusion())) {
                    //Add the token
                    addEncryptedKeyElement(cloneElement(secTok.getToken()));
                }
            } else if (token instanceof SamlToken) {
                AssertionWrapper assertionWrapper = addSamlToken((SamlToken)token);
                if (assertionWrapper != null) {
                    addSupportingElement(assertionWrapper.toDOM(saaj.getSOAPPart()));
View Full Code Here
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
            if (this.isRequestor()) {
                TransportToken transportTokenWrapper = tbinding.getTransportToken();
                if (transportTokenWrapper != null) {
                    Token transportToken = transportTokenWrapper.getToken();
                    if (transportToken instanceof IssuedToken) {
                        SecurityToken secToken = getSecurityToken();
                        if (secToken == null) {
                            policyNotAsserted(transportToken, "No transport token id");
                            return;
                        } else {
                            policyAsserted(transportToken);
                        }
                        if (includeToken(transportToken.getInclusion())) {
                            Element el = secToken.getToken();
                            addEncryptedKeyElement(cloneElement(el));
                        }
                    }
                }
                handleNonEndorsingSupportingTokens();
View Full Code Here
299
300
301
302
303
304
305
306
307
308
309
310
311
            byte[] secret = usernameToken.getDerivedKey();

            Date created = new Date();
            Date expires = new Date();
            expires.setTime(created.getTime() + 300000);
            SecurityToken tempTok =
                new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
            tempTok.setSecret(secret);
            getTokenStore().add(tempTok);
            message.setContextualProperty(SecurityConstants.TOKEN, tempTok);
           
            addSig(doIssuedTokenSignature(token, wrapper));
        }
View Full Code Here
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
    private byte[] doIssuedTokenSignature(
        Token token, SupportingToken wrapper
    ) throws Exception {
        boolean tokenIncluded = false;
        // Get the issued token
        SecurityToken secTok = getSecurityToken();
        if (secTok == null) {
            LOG.fine("The retrieved SecurityToken was null");
            throw new WSSecurityException("The retrieved SecurityToken was null");
        }
       
        if (includeToken(token.getInclusion())) {
            //Add the token
            Element el = cloneElement(secTok.getToken());
            //if (securityTok != null) {
                //do we need to sign this as well?
                //String id = addWsuIdToElement(el);
                //sigParts.add(new WSEncryptionPart(id));                         
            //}
View Full Code Here
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
                    return;
                }
                if (isRequestor(message)) {
                    IssuedToken itok = (IssuedToken)ais.iterator().next().getAssertion();
                   
                    SecurityToken tok = retrieveCachedToken(message);
                    if (tok == null) {
                        STSClient client = STSUtils.getClient(message, "sts", itok);
                        AddressingProperties maps =
                            (AddressingProperties)message
                                .get("javax.xml.ws.addressing.context.outbound");
                        if (maps == null) {
                            maps = (AddressingProperties)message
                                .get("javax.xml.ws.addressing.context");
                        }
                        synchronized (client) {
                            try {
                                // Transpose ActAs/OnBehalfOf info from original request to the STS client.
                                Object token =
                                    message.getContextualProperty(SecurityConstants.STS_TOKEN_ACT_AS);
                                if (token != null) {
                                    client.setActAs(token);
                                }
                                token =
                                    message.getContextualProperty(SecurityConstants.STS_TOKEN_ON_BEHALF_OF);
                                if (token != null) {
                                    client.setOnBehalfOf(token);
                                }
                                Map<String, Object> ctx = client.getRequestContext();
                                mapSecurityProps(message, ctx);
                           
                                Object o = message.getContextualProperty(SecurityConstants.STS_APPLIES_TO);
                                String appliesTo = o == null ? null : o.toString();
                                appliesTo = appliesTo == null
                                    ? message.getContextualProperty(Message.ENDPOINT_ADDRESS).toString()
                                        : appliesTo;
                                boolean enableAppliesTo = client.isEnableAppliesTo();
                               
                                client.setMessage(message);
                                Element onBehalfOfToken = client.getOnBehalfOfToken();
                                Element actAsToken = client.getActAsToken();
                               
                                SecurityToken secToken =
                                    handleDelegation(
                                        message, onBehalfOfToken, actAsToken, appliesTo, enableAppliesTo
                                    );
                                if (secToken == null) {
                                    secToken = getTokenFromSTS(message, client, aim, maps, itok, appliesTo);
View Full Code Here
242
243
244
245
246
247
248
249
250
251
252
        private SecurityToken retrieveCachedToken(Message message) {
            boolean cacheIssuedToken =
                MessageUtils.getContextualBoolean(
                    message, SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, true
                );
            SecurityToken tok = null;
            if (cacheIssuedToken) {
                tok = (SecurityToken)message.getContextualProperty(SecurityConstants.TOKEN);
                if (tok == null) {
                    String tokId = (String)message.getContextualProperty(SecurityConstants.TOKEN_ID);
                    if (tokId != null) {
View Full Code Here
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
            }
            // See if the token corresponding to the OnBehalfOf Token is stored in the cache
            // and if it points to an issued token
            if (onBehalfOfToken != null) {
                String id = getIdFromToken(onBehalfOfToken);
                SecurityToken cachedToken = tokenStore.getToken(id);
                if (cachedToken != null) {
                    Properties properties = cachedToken.getProperties();
                    if (properties != null && properties.containsKey(key)) {
                        String associatedToken = properties.getProperty(key);
                        SecurityToken issuedToken = tokenStore.getToken(associatedToken);
                        if (issuedToken != null) {
                            return issuedToken;
                        }
                    }
                }
            }
           
            // See if the token corresponding to the ActAs Token is stored in the cache
            // and if it points to an issued token
            if (actAsToken != null) {
                String id = getIdFromToken(actAsToken);
                SecurityToken cachedToken = tokenStore.getToken(id);
                if (cachedToken != null) {
                    Properties properties = cachedToken.getProperties();
                    if (properties != null && properties.containsKey(key)) {
                        String associatedToken = properties.getProperty(key);
                        SecurityToken issuedToken = tokenStore.getToken(associatedToken);
                        if (issuedToken != null) {
                            return issuedToken;
                        }
                    }
                }
View Full Code Here
TOP

Related Classes of org.apache.cxf.ws.security.tokenstore.SecurityToken

  • org.apache.cxf.fediz.service.idp.beans.CacheTokenForWauthAction
  • org.apache.cxf.fediz.service.idp.beans.STSClientAction
  • org.apache.cxf.fediz.service.idp.beans.ValidateTokenAction
  • org.apache.cxf.fediz.service.idp.beans.WfreshParser
  • org.apache.cxf.fediz.service.idp.IdpServlet
  • org.apache.cxf.fediz.service.idp.STSAuthenticationProvider
  • org.apache.cxf.fediz.sts.realms.ITCrossRealmTest
  • org.apache.cxf.staxutils.W3CDOMStreamWriter
  • org.apache.cxf.sts.cache.CacheUtils
  • org.apache.cxf.sts.cache.DefaultInMemoryTokenStore
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.