public WSS4JInInterceptor create() { return new WSS4JInInterceptor(getAndDestroyMap()); } }
@Override public void handleMessage(SoapMessage msg) throws Fault { super.handleMessage(msg); }
@Override protected void computeAction(SoapMessage msg, RequestData reqData) throws WSSecurityException { super.computeAction(msg, reqData); }
boolean utWithCallbacks = MessageUtils.getContextualBoolean(msg, SecurityConstants.VALIDATE_TOKEN, true); translateProperties(msg); engine.setWssConfig(config); } else { engine = getSecurityEngine(utWithCallbacks); if (engine == null) { engine = new WSSecurityEngine(); SOAPMessage doc = getSOAPMessage(msg); setAlgorithmSuites(msg, reqData); reqData.setCallbackHandler(getCallback(reqData, utWithCallbacks)); computeAction(msg, reqData); String action = getAction(msg, version); List<Integer> actions = WSSecurityUtil.decodeAction(action); String actor = (String)getOption(ConfigurationConstants.ACTOR); if (actor == null) { actor = (String)msg.getContextualProperty(SecurityConstants.ACTOR); configureReplayCaches(reqData, actions, msg); doReceiverAction(actions, reqData); if (getString(ConfigurationConstants.EXPAND_XOP_INCLUDE_FOR_SIGNATURE, msg) == null
@Override protected void doResults(SoapMessage msg, String actor, Element soapHeader, Element soapBody, List<WSSecurityEngineResult> wsResult) throws javax.xml.soap.SOAPException, javax.xml.stream.XMLStreamException, org.apache.ws.security.WSSecurityException { super.doResults(msg, actor, soapHeader, soapBody, wsResult);
@Override public void setIgnoreActions(boolean i) { super.setIgnoreActions(i); }
boolean utWithCallbacks = MessageUtils.getContextualBoolean(msg, SecurityConstants.VALIDATE_TOKEN, true); translateProperties(msg); engine.setWssConfig(config); } else { engine = getSecurityEngine(utWithCallbacks); if (engine == null) { engine = new WSSecurityEngine(); SOAPMessage doc = getSOAPMessage(msg); setAlgorithmSuites(msg, reqData); reqData.setCallbackHandler(getCallback(reqData, utWithCallbacks)); computeAction(msg, reqData); String action = getAction(msg, version); List<Integer> actions = WSSecurityUtil.decodeAction(action); String actor = (String)getOption(ConfigurationConstants.ACTOR); if (actor == null) { actor = (String)msg.getContextualProperty(SecurityConstants.ACTOR); configureReplayCaches(reqData, actions, msg); doReceiverAction(actions, reqData); if (getString(ConfigurationConstants.EXPAND_XOP_INCLUDE_FOR_SIGNATURE, msg) == null
@Override protected void doResults(SoapMessage msg, String actor, SOAPMessage doc, Vector wsResult) throws SOAPException, XMLStreamException, WSSecurityException { super.doResults(msg, actor, doc, wsResult);
@Override public void setIgnoreActions(boolean i) { super.setIgnoreActions(i); }
public WSS4JInInterceptor create() { return new WSS4JInInterceptor(getAndDestroyMap()); } }
/** * This overridden method will not apply security headers if bus security is disabled. * * @see org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor#handleMessage(org.apache.cxf.binding.soap.SoapMessage) */ @Override public void handleMessage(SoapMessage mc) { if (busSecurity) { super.handleMessage(mc); } }
super.doResults(msg, actor, soapHeader, soapBody, results, utWithCallbacks);
@Override protected void computeAction(SoapMessage msg, RequestData reqData) { super.computeAction(msg, reqData); }
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor; import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor; ... Map<String,Object> inProps = new HashMap<String,Object>(); ... // how to configure the properties is outlined below; WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps); cxfEndpoint.getInInterceptors().add(wssIn); Map<String,Object> outProps = new HashMap<String,Object>(); outProps.put("action", "UsernameToken Timestamp"); outProps.put("passwordType", "PasswordDigest"); //remove this line if want to use plain text password outProps.put("user", "abcd"); outProps.put("passwordCallbackClass", "demo.wssec.client.UTPasswordCallback"); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); cxfEndpoint.getOutInterceptors().add(wssOut);
@Override public void handleMessage(SoapMessage msg) throws Fault { super.handleMessage(msg); }
super.doResults(msg, actor, soapHeader, soapBody, results, utWithCallbacks);
@Bean(name = "wssforjInInterceptor") public WSS4JInInterceptor wssforjInInterceptor() { // Configure how we ask for username and password Map<String, Object> props = new HashMap<>(); props.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); props.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT); // Password callback props.put(WSHandlerConstants.PW_CALLBACK_REF, passwordCallbackHandler()); // Validator registration Map<QName, Object> validators = new HashMap<>(); String WSS_WSSECURITY_SECEXT_1_0_XSD = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; QName qName = new QName(WSS_WSSECURITY_SECEXT_1_0_XSD, WSHandlerConstants.USERNAME_TOKEN, ""); validators.put(qName, usernameTokenValidator()); props.put(WSS4JInInterceptor.VALIDATOR_MAP, validators); WSS4JInInterceptor wss4jInInterceptor = new WSS4JInInterceptor(props); return wss4jInInterceptor; }
public void handleMessage(SoapMessage msg) throws Fault { AssertionInfoMap aim = msg.get(AssertionInfoMap.class); boolean enableStax = MessageUtils.getContextualBoolean(msg, SecurityConstants.ENABLE_STREAMING_SECURITY); if (aim != null && !enableStax) { super.handleMessage(msg); } }
outProps.put(WSHandlerConstants.SIG_PROP_FILE, "dummy_value"); // Only necessary to avoid NPE WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps) { @Override protected Crypto loadCryptoFromPropertiesFile(String propFilename, RequestData reqData)
public void handleMessage(SoapMessage msg) throws Fault { AssertionInfoMap aim = msg.get(AssertionInfoMap.class); boolean enableStax = MessageUtils.getContextualBoolean(msg, SecurityConstants.ENABLE_STREAMING_SECURITY); if (aim != null && !enableStax) { super.handleMessage(msg); } }