本文整理汇总了Java中org.apache.ws.security.message.token.UsernameToken类的典型用法代码示例。如果您正苦于以下问题:Java UsernameToken类的具体用法?Java UsernameToken怎么用?Java UsernameToken使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
UsernameToken类属于org.apache.ws.security.message.token包,在下文中一共展示了UsernameToken类的17个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: verifyPlaintextPassword
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
@Override
protected void verifyPlaintextPassword(UsernameToken usernameToken, RequestData data) throws WSSecurityException {
logger.debug("userIdString=" + usernameToken.getName());
logger.debug("password=" + usernameToken.getPassword());
try {
Integer securityUserId = Integer.parseInt(usernameToken.getName());
Security security = securityDao.find(securityUserId);
// if it's all good just return
SoapMessage soapMessage = (SoapMessage) data.getMsgContext();
HttpServletRequest request = (HttpServletRequest) soapMessage.get(AbstractHTTPDestination.HTTP_REQUEST);
if (WsUtils.checkAuthenticationAndSetLoggedInInfo(request, security, usernameToken.getPassword())) return;
} catch (NumberFormatException e) {
logger.error("userIdString is not a number? usernameToken.getName()='" + usernameToken.getName() + '\'');
}
throw new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION);
}
开发者ID:williamgrosset,项目名称:OSCAR-ConCert,代码行数:20,代码来源:OscarUsernameTokenValidator.java
示例2: prepare
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
/**
* Creates a Username token.
*
* The method prepares and initializes a WSSec UsernameToken structure after
* the relevant information was set. A Before calling
* <code>prepare()</code> all parameters such as user, password,
* passwordType etc. must be set. A complete <code>UsernameToken</code> is
* constructed.
*
* @param doc The SOAP envelope as W3C document
*/
public void prepare(Document doc) {
ut = new UsernameToken(wssConfig.isPrecisionInMilliSeconds(), doc, passwordType);
ut.setPasswordsAreEncoded(passwordsAreEncoded);
ut.setName(user);
if (useDerivedKey) {
saltValue = ut.addSalt(doc, saltValue, useMac);
ut.addIteration(doc, iteration);
} else {
ut.setPassword(password);
}
if (nonce) {
ut.addNonce(doc);
}
if (created) {
ut.addCreated(wssConfig.isPrecisionInMilliSeconds(), doc);
}
ut.setID(wssConfig.getIdAllocator().createId("UsernameToken-", ut));
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:30,代码来源:WSSecUsernameToken.java
示例3: clear
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
public void clear() {
soapConstants = null;
actor = username = pwType = sigAlgorithm = encSymmAlgo = encKeyTransport = encUser = null;
sigCrypto = decCrypto = encCrypto = null;
signatureParts.clear();
encryptParts.clear();
encCert = null;
utElements = null;
wssConfig = null;
signatureValues.clear();
signatureDigestAlgorithm = null;
encSymmetricEncryptionKey = true;
secretKeyLength = WSConstants.WSE_DERIVED_KEY_LEN;
signatureUser = null;
useDerivedKey = false;
derivedKeyIterations = UsernameToken.DEFAULT_ITERATION;
useDerivedKeyForMAC = true;
useSingleCert = true;
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:20,代码来源:RequestData.java
示例4: testInvalidSecurityToken
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
/**
* Test for the wsse:InvalidSecurityToken faultcode. This will fail due to the fact
* that a null username is used.
*/
public void testInvalidSecurityToken() throws Exception {
WSSecUsernameToken builder = new WSSecUsernameToken();
builder.addCreated();
builder.addNonce();
builder.setUserInfo(null, "security");
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
builder.build(doc, secHeader);
try {
new UsernameToken(doc.getDocumentElement());
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == 4);
assertTrue(ex.getMessage().startsWith(
"An invalid security token was provided"));
QName faultCode = new QName(WSConstants.WSSE_NS, "InvalidSecurityToken");
assertTrue(ex.getFaultCode().equals(faultCode));
}
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:26,代码来源:TestWSSecurityFaultCodes.java
示例5: verifyPlaintextPassword
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
@Override
protected void verifyPlaintextPassword(UsernameToken usernameToken, RequestData data) throws WSSecurityException {
logger.debug("userIdString=" + usernameToken.getName());
logger.debug("password=" + usernameToken.getPassword());
try {
Integer securityUserId = Integer.parseInt(usernameToken.getName());
Security security = securityDao.findById(securityUserId);
// if it's all good just return
if (WsUtils.checkAuthenticationAndSetLoggedInInfo(security, usernameToken.getPassword())) return;
} catch (NumberFormatException e) {
logger.error("userIdString is not a number? usernameToken.getName()='" + usernameToken.getName() + '\'');
}
throw new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION);
}
开发者ID:oscarservice,项目名称:oscar-old,代码行数:18,代码来源:OscarUsernameTokenValidator.java
示例6: addSecurity
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
@Override
public void addSecurity(WSSecurityCredential credential) {
setAction(credential, WSHandlerConstants.USERNAME_TOKEN);
credential.getRequestPropterties().put(WSHandlerConstants.USER, this.user);
if (this.encryptedPassword) {
credential.getRequestPropterties().put(UsernameToken.PASSWORD_TYPE, WSConstants.PW_DIGEST);
}
else {
credential.getRequestPropterties().put(UsernameToken.PASSWORD_TYPE, WSConstants.PW_TEXT);
}
credential.getRequestPropterties().put(WSHandlerConstants.PW_CALLBACK_REF, this);
}
开发者ID:kenweezy,项目名称:teiid,代码行数:14,代码来源:UsernameTokenProfile.java
示例7: verifyPlaintextPassword
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
@Override
protected void verifyPlaintextPassword(UsernameToken usernameToken,
RequestData data) throws WSSecurityException {
String username = String.valueOf(usernameToken.getName());
String password = String.valueOf(usernameToken.getPassword());
Authentication authentication = new UsernamePasswordAuthenticationToken(
username, password);
authentication = authenticationManager.authenticate(authentication);
if (!authentication.isAuthenticated()) {
throw new WSSecurityException(
WSSecurityException.FAILED_AUTHENTICATION);
}
SecurityContextHolder.getContext().setAuthentication(authentication);
}
开发者ID:cmis4j,项目名称:cmis4j-ws,代码行数:16,代码来源:CmisUsernameTokenValidator.java
示例8: getSecretKey
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
/**
* Get the derived secret key.
*
* After the <code>prepare()</code> method was called use this method
* to compute a derived secret key. If "useDerivedKey" is set, then the returned secret
* key is derived as per the UsernameToken 1.1 specification. Otherwise, the generation
* of this secret key is according to the WS-Trust specifications.
*
* @return Return the derived secret key of this token or null if <code>prepare()</code>
* was not called before.
*/
public byte[] getSecretKey() throws WSSecurityException {
if (ut == null) {
return null;
}
if (useDerivedKey) {
if (passwordsAreEncoded) {
return UsernameToken.generateDerivedKey(Base64.decode(password), saltValue, iteration);
} else {
return UsernameToken.generateDerivedKey(password, saltValue, iteration);
}
}
return ut.getSecretKey(secretKeyLength);
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:25,代码来源:WSSecUsernameToken.java
示例9: getDerivedKey
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
/**
* Get the derived key.
*
* After the <code>prepare()</code> method was called use this method
* to compute a derived key. The generation of this secret key is according
* to the UsernameTokenProfile 1.1 specification (section 4 - Key Derivation).
*
* @return Return the derived key of this token or null if <code>prepare()</code>
* was not called before.
*/
public byte[] getDerivedKey() throws WSSecurityException {
if (ut == null || !useDerivedKey) {
return null;
}
if (passwordsAreEncoded) {
return UsernameToken.generateDerivedKey(Base64.decode(password), saltValue, iteration);
} else {
return UsernameToken.generateDerivedKey(password, saltValue, iteration);
}
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:21,代码来源:WSSecUsernameToken.java
示例10: getDerivedKey
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
public byte[] getDerivedKey(CallbackHandler cb) throws WSSecurityException {
String password = ut.getRawPassword();
if (password == null) {
password = "";
}
byte[] saltValue = ut.getSalt();
int iteration = ut.getIteration();
if (passwordsAreEncoded) {
return UsernameToken.generateDerivedKey(Base64.decode(password), saltValue, iteration);
} else {
return UsernameToken.generateDerivedKey(password, saltValue, iteration);
}
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:14,代码来源:UsernameTokenProcessor.java
示例11: testUsernameTokenUnit
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
/**
* Unit test for the UsernameToken derived key functionality
*/
public void testUsernameTokenUnit() throws Exception {
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
UsernameToken usernameToken = new UsernameToken(true, doc, null);
usernameToken.setName("bob");
byte[] salt = usernameToken.addSalt(doc, null, false);
assertTrue(salt.length == 16);
assertTrue(salt[15] == 0x02);
byte[] utSalt = usernameToken.getSalt();
assertTrue(salt.length == utSalt.length);
for (int i = 0; i < salt.length; i++) {
assertTrue(salt[i] == utSalt[i]);
}
usernameToken.addIteration(doc, 500);
assertTrue(usernameToken.getIteration() == 500);
WSSecurityUtil.prependChildElement(
secHeader.getSecurityHeader(), usernameToken.getElement()
);
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
assertTrue(outputString.indexOf("wsse:Username") != -1);
assertTrue(outputString.indexOf("wsse:Password") == -1);
assertTrue(outputString.indexOf("wsse11:Salt") != -1);
assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
byte[] derivedKey = UsernameToken.generateDerivedKey("security", salt, 500);
assertTrue(derivedKey.length == 20);
// "c2VjdXJpdHk=" is the Base64 encoding of "security"
derivedKey = UsernameToken.generateDerivedKey(Base64.decode("c2VjdXJpdHk="), salt, 500);
assertTrue(derivedKey.length == 20);
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:42,代码来源:TestWSSecurityUTDK.java
示例12: testDerivedKeyWithEncodedPasswordBaseline
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
/**
* Test for encoded passwords.
*/
public void testDerivedKeyWithEncodedPasswordBaseline() throws Exception {
String password = "password";
// The SHA-1 of the password is known as a password equivalent in the UsernameToken specification.
byte[] passwordHash = MessageDigest.getInstance("SHA-1").digest(password.getBytes("UTF-8"));
byte[] salt = Base64.decode("LKpycbfgRzwDnBz6kkhAAQ==");
int iteration = 1049;
byte[] expectedDerivedKey = Base64.decode("C7Ll/OY4TECb6hZuMMiX/5hzszo=");
byte[] derivedKey = UsernameToken.generateDerivedKey(passwordHash, salt, iteration);
assertTrue("the derived key is not as expected", Arrays.equals(expectedDerivedKey, derivedKey));
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:15,代码来源:TestWSSecurityUTDK.java
示例13: testUsernameTokenWithEncodedPasswordBaseline
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
/**
* Test for encoded passwords.
*/
public void testUsernameTokenWithEncodedPasswordBaseline() throws Exception {
String password = "password";
// The SHA-1 of the password is known as a password equivalent in the UsernameToken specification.
byte[] passwordHash = MessageDigest.getInstance("SHA-1").digest(password.getBytes("UTF-8"));
String nonce = "0x7bXAPZVn40AdCD0Xbt0g==";
String created = "2010-06-28T15:16:37Z";
String expectedPasswordDigest = "C0rena/6gKpRZ9ATj+e6ss5sAbQ=";
String actualPasswordDigest = UsernameToken.doPasswordDigest(nonce, created, passwordHash);
assertEquals("the password digest is not as expected", expectedPasswordDigest, actualPasswordDigest);
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:15,代码来源:TestWSSecurityNew5.java
示例14: preSetUsernameToken
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
public Document preSetUsernameToken(Document doc, String username, String password) {
ut = new UsernameToken(wssConfig.isPrecisionInMilliSeconds(), doc, passwordType);
ut.setName(username);
ut.setPassword(password);
return doc;
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:7,代码来源:WSSAddUsernameToken.java
示例15: verifyPlaintextPassword
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
@Override
protected void verifyPlaintextPassword(UsernameToken usernameToken,
RequestData data) throws WSSecurityException {
final String username = String.valueOf(usernameToken.getName());
final String password = String.valueOf(usernameToken.getPassword());
final List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
try {
SecurityContextHolder.getContext().setAuthentication(
new UsernamePasswordAuthenticationToken(new UserDetails() {
private static final long serialVersionUID = -6884000787746976920L;
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return authorities;
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}, password, authorities));
} catch (Throwable t) {
throw new WSSecurityException(t.getMessage(), t);
}
}
开发者ID:btc4j,项目名称:btc4j-ws,代码行数:45,代码来源:BtcUsernameTokenValidator.java
示例16: getUt
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
/**
* Get the processed UsernameToken.
*
* @return the ut
*/
public UsernameToken getUt() {
return ut;
}
开发者ID:wso2,项目名称:wso2-wss4j,代码行数:9,代码来源:UsernameTokenProcessor.java
示例17: verifyPlaintextPassword
import org.apache.ws.security.message.token.UsernameToken; //导入依赖的package包/类
protected void verifyPlaintextPassword(UsernameToken usernameToken,
RequestData data) throws WSSecurityException {
}
开发者ID:gs1oliot,项目名称:oliot-fc,代码行数:5,代码来源:CustomUTValidator.java
注:本文中的org.apache.ws.security.message.token.UsernameToken类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论