src/org/apache/ws/security/action/UsernameTokenSignedAction.java - ws-wss4j - Git at Google

 /*
  * Copyright  2003-2007 The Apache Software Foundation.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
  *  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing, software
  *  distributed under the License is distributed on an "AS IS" BASIS,
  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
  */

 package org.apache.ws.security.action;

 import java.util.Vector;

 import org.apache.ws.security.SOAPConstants;
 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSEncryptionPart;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.handler.RequestData;
 import org.apache.ws.security.handler.WSHandler;
 import org.apache.ws.security.handler.WSHandlerConstants;
 import org.apache.ws.security.message.WSSecUsernameToken;
 import org.apache.ws.security.message.WSSecSignature;
 import org.apache.ws.security.message.WSSecHeader;
 import org.apache.ws.security.util.WSSecurityUtil;
 import org.apache.xml.security.signature.XMLSignature;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;

 /**
  * Sign a request using a secret key derived from UsernameToken data.
  *
  * Enhanced by Alberto Coletti to support digest password type for
  * username token signature
  *
  * @author Werner Dittmann (Werner.Dittmann@t-online.de)
  */

 public class UsernameTokenSignedAction implements Action {
     public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
             throws WSSecurityException {
         String password;
         password = handler.getPassword(reqData.getUsername(), actionToDo,
                 WSHandlerConstants.PW_CALLBACK_CLASS,
                 WSHandlerConstants.PW_CALLBACK_REF, reqData).getPassword();

         WSSecUsernameToken builder = new WSSecUsernameToken();
         builder.setWsConfig(reqData.getWssConfig());
         builder.setPasswordType(reqData.getPwType());  // enhancement by Alberto Coletti

         builder.setUserInfo(reqData.getUsername(), password);
         builder.addCreated();
         builder.addNonce();
         builder.prepare(doc);

         // Now prepare to sign.
         // First step:  Get a WS Signature object and set config parameters
         // second step: set user data and algorithm parameters. This
         //              _must_ be done before we "prepare"
         // third step:  Call "prepare". This creates the internal WS Signature
         //              data structures, XML element, fills in the algorithms
         //              and other data.
         // fourth step: Get the references. These references identify the parts
         //              of the document that will be included into the
         //              signature. If no references are given sign the message
         //              body by default.
         // fifth step:  compute the signature
         //
         // after "prepare" the Signature XML element is ready and may prepend
         // this to the security header.

         WSSecSignature sign = new WSSecSignature();
         sign.setWsConfig(reqData.getWssConfig());

         sign.setUsernameToken(builder);
         sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
         sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);

         sign.prepare(doc, null, reqData.getSecHeader());

         // prepend in this order: first the Signature Element and then the
         // UsernameToken Element. This way the server gets the UsernameToken
         // first, can check it and are prepared to compute the Signature key.
         sign.prependToHeader(reqData.getSecHeader());
         builder.prependToHeader(reqData.getSecHeader());

         Vector parts = null;
         if (reqData.getSignatureParts().size() > 0) {
             parts = reqData.getSignatureParts();
         }
         else {
             SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
                     .getDocumentElement());

             parts = new Vector();
             WSEncryptionPart encP = new WSEncryptionPart(soapConstants
                     .getBodyQName().getLocalPart(), soapConstants
                     .getEnvelopeURI(), "Content");
             parts.add(encP);
         }
         sign.addReferencesToSign(parts, reqData.getSecHeader());

         try {
             sign.computeSignature();
             reqData.getSignatureValues().add(sign.getSignatureValue());
         } catch (WSSecurityException e) {
             throw new WSSecurityException("WSHandler: Error during Signature with UsernameToken secret"
                     + e);
         }
     }
 }
	/*
	* Copyright 2003-2007 The Apache Software Foundation.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*
	*/

	package org.apache.ws.security.action;

	import java.util.Vector;

	import org.apache.ws.security.SOAPConstants;
	import org.apache.ws.security.WSConstants;
	import org.apache.ws.security.WSEncryptionPart;
	import org.apache.ws.security.WSSecurityException;
	import org.apache.ws.security.handler.RequestData;
	import org.apache.ws.security.handler.WSHandler;
	import org.apache.ws.security.handler.WSHandlerConstants;
	import org.apache.ws.security.message.WSSecUsernameToken;
	import org.apache.ws.security.message.WSSecSignature;
	import org.apache.ws.security.message.WSSecHeader;
	import org.apache.ws.security.util.WSSecurityUtil;
	import org.apache.xml.security.signature.XMLSignature;
	import org.w3c.dom.Document;
	import org.w3c.dom.Element;

	/**
	* Sign a request using a secret key derived from UsernameToken data.
	*
	* Enhanced by Alberto Coletti to support digest password type for
	* username token signature
	*
	* @author Werner Dittmann (Werner.Dittmann@t-online.de)
	*/

	public class UsernameTokenSignedAction implements Action {
	public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
	throws WSSecurityException {
	String password;
	password = handler.getPassword(reqData.getUsername(), actionToDo,
	WSHandlerConstants.PW_CALLBACK_CLASS,
	WSHandlerConstants.PW_CALLBACK_REF, reqData).getPassword();

	WSSecUsernameToken builder = new WSSecUsernameToken();
	builder.setWsConfig(reqData.getWssConfig());
	builder.setPasswordType(reqData.getPwType()); // enhancement by Alberto Coletti

	builder.setUserInfo(reqData.getUsername(), password);
	builder.addCreated();
	builder.addNonce();
	builder.prepare(doc);

	// Now prepare to sign.
	// First step: Get a WS Signature object and set config parameters
	// second step: set user data and algorithm parameters. This
	// _must_ be done before we "prepare"
	// third step: Call "prepare". This creates the internal WS Signature
	// data structures, XML element, fills in the algorithms
	// and other data.
	// fourth step: Get the references. These references identify the parts
	// of the document that will be included into the
	// signature. If no references are given sign the message
	// body by default.
	// fifth step: compute the signature
	//
	// after "prepare" the Signature XML element is ready and may prepend
	// this to the security header.

	WSSecSignature sign = new WSSecSignature();
	sign.setWsConfig(reqData.getWssConfig());

	sign.setUsernameToken(builder);
	sign.setKeyIdentifierType(WSConstants.UT_SIGNING);
	sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);

	sign.prepare(doc, null, reqData.getSecHeader());

	// prepend in this order: first the Signature Element and then the
	// UsernameToken Element. This way the server gets the UsernameToken
	// first, can check it and are prepared to compute the Signature key.
	sign.prependToHeader(reqData.getSecHeader());
	builder.prependToHeader(reqData.getSecHeader());

	Vector parts = null;
	if (reqData.getSignatureParts().size() > 0) {
	parts = reqData.getSignatureParts();
	}
	else {
	SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc
	.getDocumentElement());

	parts = new Vector();
	WSEncryptionPart encP = new WSEncryptionPart(soapConstants
	.getBodyQName().getLocalPart(), soapConstants
	.getEnvelopeURI(), "Content");
	parts.add(encP);
	}
	sign.addReferencesToSign(parts, reqData.getSecHeader());

	try {
	sign.computeSignature();
	reqData.getSignatureValues().add(sign.getSignatureValue());
	} catch (WSSecurityException e) {
	throw new WSSecurityException("WSHandler: Error during Signature with UsernameToken secret"
	+ e);
	}
	}
	}