org.apache.cxf.ws.security.wss4j

Class UsernameTokenInterceptor

java.lang.Object

org.apache.cxf.phase.AbstractPhaseInterceptor<org.apache.cxf.binding.soap.SoapMessage>

org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor

org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor

org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor

All Implemented Interfaces:

org.apache.cxf.binding.soap.interceptor.SoapInterceptor, org.apache.cxf.interceptor.Interceptor<org.apache.cxf.binding.soap.SoapMessage>, org.apache.cxf.phase.PhaseInterceptor<org.apache.cxf.binding.soap.SoapMessage>

public class UsernameTokenInterceptor
extends AbstractTokenInterceptor

Constructor Summary

Constructors

Constructor and Description
UsernameTokenInterceptor()

Method Summary

Modifier and Type	Method and Description
protected void	addToken(org.apache.cxf.binding.soap.SoapMessage message)
protected org.apache.wss4j.dom.message.WSSecUsernameToken	addUsernameToken(org.apache.cxf.binding.soap.SoapMessage message, Document doc, org.apache.wss4j.policy.model.UsernameToken token)
protected org.apache.wss4j.policy.model.UsernameToken	assertTokens(org.apache.cxf.binding.soap.SoapMessage message)
protected org.apache.cxf.security.SecurityContext	createSecurityContext(Principal p, Subject subject)
protected Subject	createSubject(String name, String password, boolean isDigest, String nonce, String created) Create a Subject representing a current user and its roles.
protected boolean	isWsiBSPCompliant(org.apache.cxf.binding.soap.SoapMessage message)
protected org.apache.wss4j.common.principal.UsernameTokenPrincipal	parseTokenAndCreatePrincipal(Element tokenElement, boolean bspCompliant)
protected void	processToken(org.apache.cxf.binding.soap.SoapMessage message)
protected org.apache.wss4j.dom.engine.WSSecurityEngineResult	validateToken(Element tokenElement, org.apache.cxf.binding.soap.SoapMessage message)

Methods inherited from class org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor

assertTokens, findSecurityHeader, getPassword, getTokenStore, getUnderstoodHeaders, handleMessage, isTLSInUse, policyNotAsserted, policyNotAsserted

Methods inherited from class org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor

getFaultCodePrefix, getRoles, prepareStackTrace

Methods inherited from class org.apache.cxf.phase.AbstractPhaseInterceptor

addAfter, addAfter, addBefore, addBefore, getAdditionalInterceptors, getAfter, getBefore, getId, getPhase, handleFault, isGET, isRequestor, setAfter, setBefore

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.cxf.interceptor.Interceptor

handleFault

Constructor Detail

UsernameTokenInterceptor

public UsernameTokenInterceptor()

Method Detail

processToken

protected void processToken(org.apache.cxf.binding.soap.SoapMessage message)

Specified by:

processToken in class AbstractTokenInterceptor

validateToken

protected org.apache.wss4j.dom.engine.WSSecurityEngineResult validateToken(Element tokenElement,
                                                                           org.apache.cxf.binding.soap.SoapMessage message)
                                                                    throws org.apache.wss4j.common.ext.WSSecurityException,
                                                                           org.apache.xml.security.exceptions.Base64DecodingException

Throws:

org.apache.wss4j.common.ext.WSSecurityException

org.apache.xml.security.exceptions.Base64DecodingException

parseTokenAndCreatePrincipal

protected org.apache.wss4j.common.principal.UsernameTokenPrincipal parseTokenAndCreatePrincipal(Element tokenElement,
                                                                                                boolean bspCompliant)
                                                                                         throws org.apache.wss4j.common.ext.WSSecurityException,
                                                                                                org.apache.xml.security.exceptions.Base64DecodingException

Throws:

org.apache.wss4j.common.ext.WSSecurityException

org.apache.xml.security.exceptions.Base64DecodingException

isWsiBSPCompliant

protected boolean isWsiBSPCompliant(org.apache.cxf.binding.soap.SoapMessage message)

createSecurityContext

protected org.apache.cxf.security.SecurityContext createSecurityContext(Principal p,
                                                                        Subject subject)

createSubject

protected Subject createSubject(String name,
                                String password,
                                boolean isDigest,
                                String nonce,
                                String created)
                         throws SecurityException

Create a Subject representing a current user and its roles. This Subject is expected to contain at least one Principal representing a user and optionally followed by one or more principal Groups this user is a member of.

Parameters:

name - username

password - password

isDigest - true if a password digest is used

nonce - optional nonce

created - optional timestamp

Returns:

subject

Throws:

SecurityException

assertTokens

protected org.apache.wss4j.policy.model.UsernameToken assertTokens(org.apache.cxf.binding.soap.SoapMessage message)

Specified by:

assertTokens in class AbstractTokenInterceptor

addToken

protected void addToken(org.apache.cxf.binding.soap.SoapMessage message)

Specified by:

addToken in class AbstractTokenInterceptor

addUsernameToken

protected org.apache.wss4j.dom.message.WSSecUsernameToken addUsernameToken(org.apache.cxf.binding.soap.SoapMessage message,
                                                                           Document doc,
                                                                           org.apache.wss4j.policy.model.UsernameToken token)