public static void main(String[] args) throws Exception {
if (args.length != 3) {
System.out.println("Usage: $java Client endpoint_address client_repo_path policy_xml_path");
}
ConfigurationContext ctx =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(args[1], null);
STSClient stsClient = new STSClient(ctx);
stsClient.setRstTemplate(getRSTTemplate());
String action =
TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTION_ISSUE);
stsClient.setAction(action);
Token responseToken =
stsClient.requestSecurityToken(
loadPolicy("sample05/policy.xml"),
"http://localhost:8080/axis2/services/STS",
loadPolicy("sample05/sts_policy.xml"),
null);
System.out.println(
"\n############################# Requested Token ###################################\n");
System.out.println(responseToken.getToken().toString());
TokenStorage store = TrustUtil.getTokenStore(ctx);
store.add(responseToken);
ServiceClient client = new ServiceClient(ctx, null);
Options options = new Options();
options.setAction("urn:echo");
options.setTo(new EndpointReference(args[0]));
options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy("sample05/policy.xml"));
options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, responseToken.getId());
client.setOptions(options);
client.engageModule("addressing");
client.engageModule("rampart");
OMElement response = client.sendReceive(getPayload("Hello world1"));
System.out.println("Response : " + response);
}
private void run() {
try {
loadConfigurations();
// set the trust store as a system property for communication over
// TLS.
System.setProperty("javax.net.ssl.trustStore", keystorePath);
System.setProperty("javax.net.ssl.trustStorePassword", keystorePwd);
// create configuration context
ConfigurationContext configCtx =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(repoPath);
// create STS client
STSClient stsClient = new STSClient(configCtx);
stsClient.setRstTemplate(getRSTTemplate());
String action = null;
String responseTokenID = null;
action =
TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTION_ISSUE);
stsClient.setAction(action);
// request the security token from STS.
Token responseToken;
Policy stsPolicy = loadPolicy(stsPolicyPath);
// add rampart config assertion to the ws-sec policies
RampartConfig rampartConfig = buildRampartConfig();
stsPolicy.addAssertion(rampartConfig);
responseToken = stsClient.requestSecurityToken(null, stsEPR, stsPolicy, relyingPartyEPR);
// store the obtained token in token store to be used in future
// communication.
TokenStorage store = TrustUtil.getTokenStore(configCtx);
responseTokenID = responseToken.getId();
store.add(responseToken);
// print token
System.out.println(responseToken.getToken().toString());
// sending token renew request
String renewedTokenID = null;
if (enableRenewing) {
System.out.println("Renewing " + tokenType);
String TokenProfile = null;
if (tokenType.equals(ClientConstants.SAML_TOKEN_TYPE_11)) {
TokenProfile = RahasConstants.TOK_TYPE_SAML_10;
} else if (tokenType.equals(ClientConstants.SAML_TOKEN_TYPE_20)) {
TokenProfile = RahasConstants.TOK_TYPE_SAML_20;
}
stsClient.setRstTemplate(getRSTTemplate());
boolean tokenRenewed =
stsClient.renewToken(responseTokenID, TokenProfile, stsEPR, stsPolicy, store);
System.out.println("tokenRenewed : " + tokenRenewed);
Token renewedToken = store.getRenewedTokens()[0];
renewedTokenID = renewedToken.getId();
System.out.println("Renewed Token : \n" + renewedToken.getToken().toString());
}
// Validate the token
if (enableValidateBinding) {
// validating the token.
stsClient = new STSClient(configCtx);
action =
TrustUtil.getActionValue(
RahasConstants.VERSION_05_02, RahasConstants.RST_ACTION_VALIDATE);
stsClient.setAction(action);
String tokenID = null;
if (renewedTokenID != null) {
tokenID = renewedTokenID;
} else {
tokenID = responseTokenID;
}
boolean isValid = stsClient.validateToken(tokenID, stsEPR, stsPolicy);
if (isValid) {
if (enableRenewing) {
System.out.println("Renewed SAML " + tokenType + " Token is valid");
} else {
System.out.println("Response SAML " + tokenType + " Token is valid");
}
} else {
if (enableRenewing) {
System.out.println("Renewed SAML " + tokenType + " Token is invalid");
} else {
System.out.println("Response SAML " + tokenType + " Token is invalid");
}
}
}
// Send the token to relying party
if (enableRelyingParty) {
/* Invoke secured service using the obtained token */
OMElement responseElem = null;
// create service client
ServiceClient serClient = new ServiceClient(configCtx, null);
// engage modules
serClient.engageModule("addressing");
serClient.engageModule("rampart");
// load policy of secured service
Policy sec_policy = loadPolicy(relyingPartyPolicyPath);
// add rampart config to the ws-sec policies
sec_policy.addAssertion(rampartConfig);
// set in/out security policies in client opts
serClient.getOptions().setProperty(RampartMessageData.KEY_RAMPART_POLICY, sec_policy);
// Set the token id as a property in the Axis2 client scope, so
// that this will be picked up when creating the secure message to
// invoke
// the endpoint.
serClient
.getOptions()
.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, renewedTokenID);
// set action of the Hello Service to be invoked.
serClient.getOptions().setAction("urn:echoString");
serClient.getOptions().setTo(new EndpointReference(relyingPartyEPR));
// invoke the service
// System.out.println(serClient.sendReceive(getPayload(echoRequestMsg)).toString());
responseElem = serClient.sendReceive(getPayload(echoRequestMsg));
// cleanup transports
serClient.getOptions().setCallTransportCleanup(true);
System.out.println(responseElem.toString());
System.exit(0);
}
} catch (Exception e) {
e.printStackTrace();
} finally {
System.exit(0);
}
}