Example #1
0
  private List<WSSecurityEngineResult> processToken(SecurityToken token) throws Exception {
    RequestData requestData = new RequestData();
    requestData.setDisableBSPEnforcement(true);
    CallbackHandler callbackHandler = new org.apache.cxf.systest.sts.common.CommonCallbackHandler();
    requestData.setCallbackHandler(callbackHandler);
    Crypto crypto = CryptoFactory.getInstance("serviceKeystore.properties");
    requestData.setDecCrypto(crypto);
    requestData.setSigVerCrypto(crypto);

    Processor processor = new SAMLTokenProcessor();
    return processor.handleToken(
        token.getToken(), requestData, new WSDocInfo(token.getToken().getOwnerDocument()));
  }
Example #2
0
  public Credential validate(Credential credential, RequestData data) throws WSSecurityException {

    if (isValidatedLocally(credential, data)) {
      return credential;
    }

    return validateWithSTS(credential, (Message) data.getMsgContext());
  }
Example #3
0
  protected WSSecurityEngineResult validateToken(Element tokenElement, final SoapMessage message)
      throws WSSecurityException, Base64DecodingException {

    boolean bspCompliant = isWsiBSPCompliant(message);
    boolean allowNoPassword = isAllowNoPassword(message.get(AssertionInfoMap.class));
    UsernameTokenProcessor p = new UsernameTokenProcessor();
    WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument());
    RequestData data =
        new RequestData() {
          public CallbackHandler getCallbackHandler() {
            return getCallback(message);
          }

          public Validator getValidator(QName qName) throws WSSecurityException {
            Object validator =
                message.getContextualProperty(SecurityConstants.USERNAME_TOKEN_VALIDATOR);
            if (validator == null) {
              return super.getValidator(qName);
            }
            return (Validator) validator;
          }
        };

    // Configure replay caching
    ReplayCache nonceCache =
        WSS4JUtils.getReplayCache(
            message, SecurityConstants.ENABLE_NONCE_CACHE, SecurityConstants.NONCE_CACHE_INSTANCE);
    data.setNonceReplayCache(nonceCache);

    WSSConfig config = WSSConfig.getNewInstance();
    config.setAllowUsernameTokenNoPassword(allowNoPassword);
    data.setWssConfig(config);
    if (!bspCompliant) {
      data.setDisableBSPEnforcement(true);
    }
    List<WSSecurityEngineResult> results = p.handleToken(tokenElement, data, wsDocInfo);
    return results.get(0);
  }