private String getUTDerivedKey() throws WSSecurityException { List<WSHandlerResult> results = CastUtils.cast( (List<?>) message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS)); for (WSHandlerResult rResult : results) { List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults(); for (WSSecurityEngineResult wser : wsSecEngineResults) { Integer actInt = (Integer) wser.get(WSSecurityEngineResult.TAG_ACTION); String utID = (String) wser.get(WSSecurityEngineResult.TAG_ID); if (actInt.intValue() == WSConstants.UT_NOPASSWORD) { if (utID == null || utID.length() == 0) { utID = wssConfig.getIdAllocator().createId("UsernameToken-", null); } Date created = new Date(); Date expires = new Date(); expires.setTime(created.getTime() + 300000); SecurityToken tempTok = new SecurityToken(utID, created, expires); byte[] secret = (byte[]) wser.get(WSSecurityEngineResult.TAG_SECRET); tempTok.setSecret(secret); tokenStore.add(tempTok); return utID; } } } return null; }
private String getEncryptedKey() { List<WSHandlerResult> results = CastUtils.cast( (List<?>) message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS)); for (WSHandlerResult rResult : results) { List<WSSecurityEngineResult> wsSecEngineResults = rResult.getResults(); for (WSSecurityEngineResult wser : wsSecEngineResults) { Integer actInt = (Integer) wser.get(WSSecurityEngineResult.TAG_ACTION); String encryptedKeyID = (String) wser.get(WSSecurityEngineResult.TAG_ID); if (actInt.intValue() == WSConstants.ENCR && encryptedKeyID != null && encryptedKeyID.length() != 0) { Date created = new Date(); Date expires = new Date(); expires.setTime(created.getTime() + 300000); SecurityToken tempTok = new SecurityToken(encryptedKeyID, created, expires); tempTok.setSecret((byte[]) wser.get(WSSecurityEngineResult.TAG_SECRET)); tempTok.setSHA1( getSHA1((byte[]) wser.get(WSSecurityEngineResult.TAG_ENCRYPTED_EPHEMERAL_KEY))); tokenStore.add(tempTok); return encryptedKeyID; } } } return null; }
@Test public void shouldThrowIfHeadersDoNotContainAPrincipal() throws Exception { when(signatureSecurityResult.get(WSSecurityEngineResult.TAG_PRINCIPAL)).thenReturn(null); try { wsSecurityHandler.processEnvelope(envelope); fail("Should have thrown WSSecurityHandlerException"); } catch (WSSecurityHandlerException e) { assertThat(e.getMessage(), containsString("unable to find principal in WS-Security headers")); } }
@Before public void before() throws Exception { wsSecurityEngineResults = new Vector<WSSecurityEngineResult>(); wsSecurityEngineResults.add(new WSSecurityEngineResult(WSConstants.TS, new Object())); wsSecurityEngineResults.add(new WSSecurityEngineResult(WSConstants.BST, new Object())); wsSecurityEngineResults.add(signatureSecurityResult); when(signatureSecurityResult.get(WSSecurityEngineResult.TAG_ACTION)) .thenReturn(WSConstants.SIGN); when(signatureSecurityResult.get(WSSecurityEngineResult.TAG_PRINCIPAL)).thenReturn(principal); when(signatureSecurityResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE)) .thenReturn(requestCertificate); when(principal.getName()).thenReturn("a=b,c=d,O=" + USER_ID + ",e=f"); when(cryptoWrapper.processSecurityHeader(envelope)).thenReturn(wsSecurityEngineResults); when(cryptoWrapper.getUserCertificate(USER_ID, requestCertificate)).thenReturn(userCertificate); when(userCertificate.getPublicKey()).thenReturn(publicKey); when(userManagementService.getUser(USER_ID)).thenReturn(user); when(user.isEnabled()).thenReturn(true); }