Package org.apache.ws.security.message.token

Examples of org.apache.ws.security.message.token.Timestamp

56
57
58
59
60
61
62
63
64
65
66
        }
        wssConfig = wsc;
        //
        // Decode Timestamp, add the found time (created/expiry) to result
        //
        Timestamp timestamp = new Timestamp(elem);
        handleTimestamp(timestamp);
        returnResults.add(
            0,
            new WSSecurityEngineResult(WSConstants.TS, timestamp)
        );
View Full Code Here
506
507
508
509
510
511
512
513
514
515
516
        // Extract the timestamp action result from the action vector
        actionResult = WSSecurityUtil.fetchActionResult(wsResult, WSConstants.TS);

        if (actionResult != null) {
            Timestamp timestamp =
                (Timestamp)actionResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);

            if (timestamp != null && reqData.getWssConfig().isTimeStampStrict()
                && !verifyTimestamp(timestamp, decodeTimeToLive(reqData))) {
                throw new JAXRPCException("WSS4JHandler: The timestamp could not be validated");
View Full Code Here
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
            return;
        }
       
        // Find the Timestamp
        List<WSSecurityEngineResult> foundResults = wsDocInfo.getResultsByTag(WSConstants.TS);
        Timestamp timeStamp = null;
        if (foundResults.isEmpty()) {
            // Search for a Timestamp below the Signature
            Node sibling = signatureElement.getNextSibling();
            while (sibling != null) {
                if (sibling instanceof Element
                    && WSConstants.TIMESTAMP_TOKEN_LN.equals(((Element)sibling).getLocalName())
                    && WSConstants.WSU_NS.equals(((Element)sibling).getNamespaceURI())) {
                    timeStamp = new Timestamp((Element)sibling, requestData.getWssConfig().isWsiBSPCompliant());
                    break;
                }
                sibling = sibling.getNextSibling();
            }
        } else {
            timeStamp = (Timestamp)foundResults.get(0).get(WSSecurityEngineResult.TAG_TIMESTAMP);
        }
        if (timeStamp == null) {
            return;
        }
       
        // Test for replay attacks
        Date created = timeStamp.getCreated();
        DateFormat zulu = new XmlSchemaDateFormat();
        String identifier = zulu.format(created) + "" + Arrays.hashCode(signatureValue);

        if (replayCache.contains(identifier)) {
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY,
                "invalidTimestamp",
                new Object[] {"A replay attack has been detected"}
            );
        }

        // Store the Timestamp/SignatureValue combination in the cache
        Date expires = timeStamp.getExpires();
        if (expires != null) {
            Date rightNow = new Date();
            long currentTime = rightNow.getTime();
            long expiresTime = expires.getTime();
            replayCache.add(identifier, 1L + (expiresTime - currentTime) / 1000L);
View Full Code Here
308
309
310
311
312
313
314
315
316
317
318
            // Extract the timestamp action result from the action vector
            actionResult = WSSecurityUtil.fetchActionResult(wsResult,
                    WSConstants.TS);

            if (actionResult != null) {
                Timestamp timestamp = actionResult.getTimestamp();

                if (timestamp != null
                    && !verifyTimestamp(timestamp, decodeTimeToLive(reqData))) {
                    throw new AxisFault("WSDoAllReceiver: The timestamp could not be validated");
                }
View Full Code Here
67
68
69
70
71
72
73
74
75
     * value is not suitable.
     *
     * @param doc The SOAP envelope as W3C document
     */
    public void prepare(Document doc) {
        ts = new Timestamp(wssConfig.isPrecisionInMilliSeconds(), doc, timeToLive);
        String tsId = wssConfig.getIdAllocator().createId("Timestamp-", ts);
        ts.setID(tsId);
    }
View Full Code Here
98
99
100
101
102
103
104
105
106
107
108
     *             {@link WSSecTimestamp#setTimeToLive(int)}
     */
    public Document build(Document doc, int ttl) {
        log.debug("Begin add timestamp...");
        Element securityHeader = insertSecurityHeader(doc);
        ts = new Timestamp(wssConfig.isPrecisionInMilliSeconds(), doc, ttl);
        if (id != null) {
            ts.setID(id);
        }
        WSSecurityUtil.prependChildElement(securityHeader, ts.getElement());
        return doc;
View Full Code Here
270
271
272
273
274
275
276
277
278
279
280
            if (!timestampResults.isEmpty()) {
                for (int i = 0; i < timestampResults.size(); i++) {
                    WSSecurityEngineResult result =
                        (WSSecurityEngineResult) timestampResults.get(i);
                    Timestamp timestamp = (Timestamp)result.get(WSSecurityEngineResult.TAG_TIMESTAMP);
   
                    if (timestamp != null && !verifyTimestamp(timestamp, decodeTimeToLive(reqData))) {
                        LOG.warning("The timestamp could not be validated");
                        throw new WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
                    }
View Full Code Here
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
       
        // At this point we received a (required) Timestamp. Now check that it is integrity protected.
        if (transportBinding) {
            return true;
        } else if (!signedResults.isEmpty()) {
            Timestamp timestamp =
                (Timestamp)timestampResults.get(0).get(WSSecurityEngineResult.TAG_TIMESTAMP);
            for (WSSecurityEngineResult signedResult : signedResults) {
                List<WSDataRef> dataRefs =
                    CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
                for (WSDataRef dataRef : dataRefs) {
                    if (timestamp.getElement() == dataRef.getProtectedElement()) {
                        return true;
                    }
                }
            }
        }
View Full Code Here
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
            return;
        }
       
        // Find the Timestamp
        List<WSSecurityEngineResult> foundResults = wsDocInfo.getResultsByTag(WSConstants.TS);
        Timestamp timeStamp = null;
        if (foundResults.isEmpty()) {
            // Search for a Timestamp below the Signature
            Node sibling = signatureElement.getNextSibling();
            while (sibling != null) {
                if (sibling instanceof Element
                    && WSConstants.TIMESTAMP_TOKEN_LN.equals(((Element)sibling).getLocalName())
                    && WSConstants.WSU_NS.equals(((Element)sibling).getNamespaceURI())) {
                    timeStamp = new Timestamp((Element)sibling, requestData.getWssConfig().isWsiBSPCompliant());
                    break;
                }
                sibling = sibling.getNextSibling();
            }
        } else {
            timeStamp = (Timestamp)foundResults.get(0).get(WSSecurityEngineResult.TAG_TIMESTAMP);
        }
        if (timeStamp == null) {
            return;
        }
       
        // Test for replay attacks
        Date created = timeStamp.getCreated();
        DateFormat zulu = new XmlSchemaDateFormat();
        String identifier = zulu.format(created) + "" + Arrays.hashCode(signatureValue);

        if (replayCache.contains(identifier)) {
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY,
                "invalidTimestamp",
                new Object[] {"A replay attack has been detected"}
            );
        }

        // Store the Timestamp/SignatureValue combination in the cache
        Date expires = timeStamp.getExpires();
        if (expires != null) {
            Date rightNow = new Date();
            long currentTime = rightNow.getTime();
            long expiresTime = expires.getTime();
            replayCache.add(identifier, ((expiresTime - currentTime) / 1000L));
View Full Code Here
695
696
697
698
699
700
701
702
703
704
705
706
       
        // Store the timestamp element
        WSSecurityEngineResult tsResult = WSSecurityUtil.fetchActionResult(results, WSConstants.TS);
        Element timestamp = null;
        if (tsResult != null) {
            Timestamp ts = (Timestamp)tsResult.get(WSSecurityEngineResult.TAG_TIMESTAMP);
            timestamp = ts.getElement();
        }
       
        boolean check = true;
       
        SupportingTokenPolicyValidator validator = new SignedTokenPolicyValidator();
View Full Code Here
TOP

Related Classes of org.apache.ws.security.message.token.Timestamp

  • org.apache.axis2.security.WSDoAllReceiver
  • org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor
  • org.apache.cxf.ws.security.wss4j.policyvalidators.AbstractBindingPolicyValidator
  • org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
  • org.apache.rampart.handler.WSDoAllReceiver
  • org.apache.rampart.PolicyBasedResultsValidator
  • org.apache.servicemix.soap.handlers.security.WSSecurityHandler
  • org.apache.ws.axis.security.WSDoAllReceiver
  • org.apache.ws.security.handler.WSS4JHandler
  • org.apache.ws.security.message.TimestampTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.