/**
   * @param context JAXBFilterProcessingContext
   * @return errorCode
   * @throws XWSSecurityException
   */
  public static int sign(JAXBFilterProcessingContext context) throws XWSSecurityException {
    try {
      SignaturePolicy signaturePolicy = (SignaturePolicy) context.getSecurityPolicy();
      ((NamespaceContextEx) context.getNamespaceContext()).addSignatureNS();
      WSSPolicy keyBinding = (WSSPolicy) signaturePolicy.getKeyBinding();
      if (logger.isLoggable(Level.FINEST)) {
        logger.log(Level.FINEST, "KeyBinding is " + keyBinding);
      }

      Key signingKey = null;

      SignatureElementFactory signFactory = new SignatureElementFactory();

      KeyInfo keyInfo = null;
      SecurityHeader securityHeader = context.getSecurityHeader();

      // Get the Signing key and KeyInfo from TokenProcessor
      TokenProcessor tokenProcessor = new TokenProcessor(signaturePolicy, context);
      BuilderResult builderResult = tokenProcessor.process();
      signingKey = builderResult.getDataProtectionKey();
      keyInfo = builderResult.getKeyInfo();

      if (keyInfo != null || !keyBinding.isOptional()) {
        SignedInfo signedInfo = signFactory.constructSignedInfo(context);
        JAXBSignContext signContext = new JAXBSignContext(signingKey);
        signContext.setURIDereferencer(DSigResolver.getInstance());
        XMLSignature signature =
            signFactory.constructSignature(signedInfo, keyInfo, signaturePolicy.getUUID());
        signContext.put(MessageConstants.WSS_PROCESSING_CONTEXT, context);
        NamespaceAndPrefixMapper npMapper =
            new NamespaceAndPrefixMapper(
                context.getNamespaceContext(), context.getDisableIncPrefix());
        signContext.put(NamespaceAndPrefixMapper.NS_PREFIX_MAPPER, npMapper);
        signContext.putNamespacePrefix(MessageConstants.DSIG_NS, MessageConstants.DSIG_PREFIX);
        signature.sign(signContext);

        JAXBSignatureHeaderElement jaxBSign =
            new JAXBSignatureHeaderElement(
                (com.sun.xml.ws.security.opt.crypto.dsig.Signature) signature,
                context.getSOAPVersion());
        securityHeader.add(jaxBSign);

        // For SignatureConfirmation
        List scList = (ArrayList) context.getExtraneousProperty("SignatureConfirmation");
        if (scList != null) {
          scList.add(Base64.encode(signature.getSignatureValue().getValue()));
        }
      }
      // End SignatureConfirmation specific code

    } catch (XWSSecurityException xe) {
      logger.log(Level.SEVERE, LogStringsMessages.WSS_1701_SIGN_FAILED(), xe);
      throw xe;
    } catch (Exception ex) {
      logger.log(Level.SEVERE, LogStringsMessages.WSS_1701_SIGN_FAILED(), ex);
      throw new XWSSecurityException(ex);
    }
    return 0;
  }
Example #2
0
  /**
   * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
   *
   * @param request servlet request
   * @param response servlet response
   * @throws ServletException if a servlet-specific error occurs
   * @throws IOException if an I/O error occurs
   */
  protected void processRequest(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    response.setContentType("text/html;charset=UTF-8");
    PrintWriter out = response.getWriter();

    String usuario = null;
    String password = null;
    ResultSet r = null;

    try {

      // checando si me envian variables por url
      if (request.getParameter("u") != null && request.getParameter("p") != null) {
        // las variables son por la url
        // desencripto

        String u = request.getParameter("u");
        String p = request.getParameter("p");
        u = new String(Base64.decode(u), "utf-8");
        p = new String(Base64.decode(p), "utf-8");

        usuario = Encriptador.desencripta(u);
        password = Encriptador.desencripta(p);

      } else {
        // el proceso es normal
        usuario = request.getParameter("usuario");
        password = request.getParameter("password");
      }

      String shortContext = new com.websniffer.Context(request.getContextPath()).getShortContext();
      String sql = null;
      int numFilas = 0;

      sql = "SELECT * FROM users WHERE usr_name = ? AND usr_password = ?;";
      r =
          new com.websniffer.ConnectPool(shortContext)
              .selectLogin(sql, usuario.trim(), password.trim());
      r.next();

      numFilas = new com.websniffer.ConnectPool(shortContext).getNumFilas(r);

      if (numFilas == 0 || numFilas < 1) {

        r.close();
        out.print(
            "<script languaje='javascript' type='text/javascript'>location.href='index.jsp?error=1'</script>");

      } else {

        // registrando la session
        HttpSession ses = request.getSession();
        ses.setAttribute("user", usuario);
        out.print(
            "<script languaje='javascript' type='text/javascript'>location.href='start.jsp'</script>");
      }

      try {
        r.close();
        numFilas = 0;
        sql = null;
      } finally {
        r = null;
      }

    } catch (Exception e) {
      out.print(
          "<script languaje='javascript' type='text/javascript'>location.href='index.jsp?e="
              + e
              + "'</script>");
      response.sendRedirect("error.jsp?error=" + e);
    } finally {
      out.close();
      r = null;
    }
  }
Example #3
0
  public void hash() {
    FacesContext fc = FacesContext.getCurrentInstance();

    try {
      System.out.println("input : " + input);
      System.out.println("input URL : " + inputURL);
      System.out.println("input File : " + inputFile);
      System.out.println("Salt : " + saltValue);
      System.out.println("Algorithm : " + algorithm);
      System.out.println("Time : " + time);

      if (algorithm != null) {
        if (input != null && option.equals("1")) {
          output = MessageDigests.digestMessage(input, algorithm);
          calculateInputLength();
        } else if (input != null && option.equals("2")) {
          output = MessageDigests.digestMessage(input, saltValue, algorithm);
          calculateInputLength();
        } else if (input != null && option.equals("3")) {
          output = MessageDigests.digestMessage(input, saltValue, time, algorithm);
          calculateInputLength();
        } else if (inputURL != null && option.equals("4")) {
          try {
            URL urlAddress = new URL(inputURL);
            output = MessageDigests.digestMessage(urlAddress, algorithm);
            inputLength = urlAddress.getContent().toString().length();
          } catch (MalformedURLException ex) {
            FacesMessage fm = new FacesMessage("Please check url. ");
            fc.addMessage(null, fm);
          } catch (NullPointerException ex) {
            FacesMessage fm = new FacesMessage("URL cannot null. ");
            fc.addMessage(null, fm);
          } catch (IOException ex) {
            FacesMessage fm = new FacesMessage("Not find url. ");
            fc.addMessage(null, fm);
          }
        } else if (inputFile != null && option.equals("5")) {
          InputStream is = null;
          try {
            is = new FileInputStream(inputFile);
            inputLength = is.available();
            output = MessageDigests.digestMessage(is, algorithm);

          } catch (FileNotFoundException ex) {
            FacesMessage fm = new FacesMessage("Cannot find : " + inputFile);
            fc.addMessage(null, fm);
          }
        }

        outputBase64 = Base64.encode(output.getBytes("UTF-8"));
        System.out.println("Base 64 : " + Base64.encode(output.getBytes()));
        System.out.println("Base 64 UTF-8 : " + outputBase64);
        outputBase64Length = outputBase64.length();
        outputLength = output.length();
        System.out.println("Message Digest : " + output);

        if (inputLength == 0) {
          inputBase64 = "";
          output = "";
          outputBase64 = "";
          outputLength = 0;
          outputBase64Length = 0;
        }
      }

    } catch (MalformedURLException ex) {
      Logger.getLogger(HashingForm.class.getName()).log(Level.SEVERE, null, ex);
    } catch (NoSuchAlgorithmException ex) {
      Logger.getLogger(HashingForm.class.getName()).log(Level.SEVERE, null, ex);
    } catch (UnsupportedEncodingException ex) {
      Logger.getLogger(HashingForm.class.getName()).log(Level.SEVERE, null, ex);
    } catch (IOException ex) {
      Logger.getLogger(HashingForm.class.getName()).log(Level.SEVERE, null, ex);
    } catch (NullPointerException ex) {
      FacesMessage fm = new FacesMessage(ex.getMessage());
      fc.addMessage(null, fm);
    }
  }
Example #4
0
 public void calculateInputLength() throws UnsupportedEncodingException {
   inputLength = input.length();
   inputBase64 = Base64.encode(input.getBytes("UTF-8"));
   inputBase64Length = inputBase64.length();
 }