本文整理汇总了Java中org.apache.wss4j.common.crypto.Merlin类的典型用法代码示例。如果您正苦于以下问题:Java Merlin类的具体用法?Java Merlin怎么用?Java Merlin使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
Merlin类属于org.apache.wss4j.common.crypto包,在下文中一共展示了Merlin类的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: sign
点赞 3
import org.apache.wss4j.common.crypto.Merlin; //导入依赖的package包/类
public String sign(final String request, final String relayState)
throws NoSuchAlgorithmException, WSSecurityException, InvalidKeyException, UnsupportedEncodingException,
SignatureException {
Merlin crypto = new Merlin();
crypto.setKeyStore(loader.getKeyStore());
PrivateKey privateKey = crypto.getPrivateKey(loader.getCredential().getPublicKey(), callbackHandler);
java.security.Signature signature = java.security.Signature.getInstance(jceSigAlgo);
signature.initSign(privateKey);
String requestToSign =
SSOConstants.SAML_REQUEST + "=" + request + "&"
+ SSOConstants.RELAY_STATE + "=" + relayState + "&"
+ SSOConstants.SIG_ALG + "=" + URLEncoder.encode(sigAlgo, StandardCharsets.UTF_8.name());
signature.update(requestToSign.getBytes(StandardCharsets.UTF_8));
return Base64.getEncoder().encodeToString(signature.sign());
}
开发者ID:apache,
项目名称:syncope,
代码行数:19,
代码来源:SAML2ReaderWriter.java
示例2: afterPropertiesSet
点赞 3
import org.apache.wss4j.common.crypto.Merlin; //导入依赖的package包/类
@Override
public void afterPropertiesSet() {
Merlin crypto = new Merlin();
crypto.setCryptoProvider(BouncyCastleProvider.PROVIDER_NAME);
crypto.setKeyStore(keystoreInfo.keystore);
crypto.setTrustStore(keystoreInfo.trustStore);
interceptor.setSecurementSignatureParts(getSignParts());
interceptor.setSecurementSignatureIfPresentParts("{}cid:Attachments");
interceptor.setSecurementSignatureCrypto(crypto);
interceptor.setSecurementSignatureUser(keystoreInfo.alias);
interceptor.setSecurementPassword(keystoreInfo.password);
interceptor.setValidationSignatureCrypto(crypto);
}
开发者ID:digipost,
项目名称:sdp-shared,
代码行数:17,
代码来源:WsSecurityInterceptor.java
示例3: verifyTrustPlayground
点赞 2
import org.apache.wss4j.common.crypto.Merlin; //导入依赖的package包/类
@Test
public void verifyTrustPlayground() throws Exception {
final Merlin crypto = new MerlinWithCRLDistributionPointsExtension();
final boolean enableRevocation = true;
final Collection<Pattern> subjectCertConstraints = new ArrayList<Pattern>();
subjectCertConstraints.add(Pattern.compile(SecureEETCommunication.SUBJECT_CERT_CONSTRAINTS));
final X509Certificate[] certsPlayground = {playgroundCertificate};
crypto.setTrustStore(keystore);
crypto.verifyTrust(certsPlayground, enableRevocation, subjectCertConstraints);
}
开发者ID:todvora,
项目名称:eet-client,
代码行数:11,
代码来源:MerlinWithCRLDistributionPointsExtensionTest.java
示例4: verifyTrustProduction
点赞 2
import org.apache.wss4j.common.crypto.Merlin; //导入依赖的package包/类
@Ignore("Disabled due to expired production certificate. Help needed, please see https://github.com/todvora/eet-client/issues/35#issuecomment-340262163")
@Test
public void verifyTrustProduction() throws WSSecurityException {
final Merlin crypto = new MerlinWithCRLDistributionPointsExtension();
final boolean enableRevocation = true;
final Collection<Pattern> subjectCertConstraints = new ArrayList<Pattern>();
subjectCertConstraints.add(Pattern.compile(SecureEETCommunication.SUBJECT_CERT_CONSTRAINTS));
final X509Certificate[] certsProduction = {productionCertificate};
crypto.setTrustStore(keystore);
crypto.verifyTrust(certsProduction, enableRevocation, subjectCertConstraints);
}
开发者ID:todvora,
项目名称:eet-client,
代码行数:12,
代码来源:MerlinWithCRLDistributionPointsExtensionTest.java
示例5: validate
点赞 2
import org.apache.wss4j.common.crypto.Merlin; //导入依赖的package包/类
public SSOValidatorResponse validate(
final Response samlResponse,
final SAML2IdPEntity idp,
final String assertionConsumerURL,
final String requestId,
final String spEntityID)
throws WSSecurityException {
// validate the SAML response and, if needed, decrypt the provided assertion(s)
Merlin crypto = new Merlin();
crypto.setKeyStore(loader.getKeyStore());
crypto.setTrustStore(idp.getTrustStore());
SAMLProtocolResponseValidator protocolValidator = new SAMLProtocolResponseValidator();
protocolValidator.setKeyInfoMustBeAvailable(true);
protocolValidator.validateSamlResponse(samlResponse, crypto, callbackHandler);
SAMLSSOResponseValidator ssoResponseValidator = new SAMLSSOResponseValidator();
ssoResponseValidator.setAssertionConsumerURL(assertionConsumerURL);
ssoResponseValidator.setIssuerIDP(idp.getId());
ssoResponseValidator.setRequestId(requestId);
ssoResponseValidator.setSpIdentifier(spEntityID);
SSOValidatorResponse validatorResponse =
ssoResponseValidator.validateSamlResponse(samlResponse, idp.getBindingType() == SAML2BindingType.POST);
if (LOG.isDebugEnabled()) {
try {
StringWriter writer = new StringWriter();
write(writer, samlResponse, false);
writer.close();
LOG.debug("SAML response with decrypted assertions: {}", writer.toString());
} catch (Exception e) {
LOG.error("Could not log the SAML response with decrypted assertions", e);
}
}
return validatorResponse;
}
开发者ID:apache,
项目名称:syncope,
代码行数:40,
代码来源:SAML2ReaderWriter.java
示例6: loadSignatureCrypto
点赞 2
import org.apache.wss4j.common.crypto.Merlin; //导入依赖的package包/类
@Override
public Crypto loadSignatureCrypto(RequestData reqData) throws WSSecurityException {
try {
PasswordEncryptor passwordEncryptor = new PlainTextPasswordEcryptor();
return new Merlin(getMerlinProperties(), ClassLoaderUtils.getDefaultClassLoader(), passwordEncryptor);
} catch (Exception e) {
throw new RiceRuntimeException(e);
}
}
开发者ID:kuali,
项目名称:rice,
代码行数:10,
代码来源:CXFWSS4JInInterceptor.java
示例7: loadSignatureCrypto
点赞 2
import org.apache.wss4j.common.crypto.Merlin; //导入依赖的package包/类
@Override
public Crypto loadSignatureCrypto(RequestData reqData) throws WSSecurityException {
try {
PasswordEncryptor passwordEncryptor = new PlainTextPasswordEcryptor();
return new Merlin(getMerlinProperties(), ClassLoaderUtils.getDefaultClassLoader(), passwordEncryptor);
} catch (Exception e) {
throw new RiceRuntimeException(e);
}
}
开发者ID:kuali,
项目名称:rice,
代码行数:10,
代码来源:CXFWSS4JOutInterceptor.java
示例8: getCrypto
点赞 2
import org.apache.wss4j.common.crypto.Merlin; //导入依赖的package包/类
public Crypto getCrypto() {
final Merlin merlin = new MerlinWithCRLDistributionPointsExtension();
merlin.setTrustStore(this.trustStore);
return merlin;
}
开发者ID:todvora,
项目名称:eet-client,
代码行数:6,
代码来源:ServerKey.java
示例9: getCrypto
点赞 2
import org.apache.wss4j.common.crypto.Merlin; //导入依赖的package包/类
/**
* Crypto implementation used to sign WS requests
*/
public Crypto getCrypto() {
final Merlin merlin = new Merlin();
merlin.setKeyStore(this.keyStore);
return merlin;
}
开发者ID:todvora,
项目名称:eet-client,
代码行数:9,
代码来源:ClientKey.java
示例10: createResponse
点赞 2
import org.apache.wss4j.common.crypto.Merlin; //导入依赖的package包/类
private org.opensaml.saml.saml2.core.Response createResponse(
final String inResponseTo, final boolean signAssertion, final String subjectConfMethod,
final String issuer) throws Exception {
Status status = SAML2PResponseComponentBuilder.createStatus(
SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null);
org.opensaml.saml.saml2.core.Response response = SAML2PResponseComponentBuilder.createSAMLResponse(
inResponseTo, issuer, status);
response.setDestination("http://recipient.apache.org");
// Create an AuthenticationAssertion
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setIssuer(issuer);
callbackHandler.setSubjectName("puccini");
callbackHandler.setSubjectConfirmationMethod(subjectConfMethod);
SubjectConfirmationDataBean subjectConfirmationData = new SubjectConfirmationDataBean();
subjectConfirmationData.setAddress("http://apache.org");
subjectConfirmationData.setInResponseTo(inResponseTo);
subjectConfirmationData.setNotAfter(new DateTime().plusMinutes(5));
subjectConfirmationData.setRecipient("http://recipient.apache.org/saml2sp/assertion-consumer");
callbackHandler.setSubjectConfirmationData(subjectConfirmationData);
ConditionsBean conditions = new ConditionsBean();
conditions.setNotBefore(new DateTime());
conditions.setNotAfter(new DateTime().plusMinutes(5));
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
audienceRestriction.setAudienceURIs(Collections.singletonList("http://recipient.apache.org/"));
conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
callbackHandler.setConditions(conditions);
SAMLCallback samlCallback = new SAMLCallback();
SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
if (signAssertion) {
Crypto issuerCrypto = new Merlin();
KeyStore keyStore = KeyStore.getInstance("JKS");
InputStream input = Files.newInputStream(keystorePath);
keyStore.load(input, "security".toCharArray());
((Merlin) issuerCrypto).setKeyStore(keyStore);
assertion.signAssertion("subject", "security", issuerCrypto, false);
}
response.getAssertions().add(assertion.getSaml2());
return response;
}
开发者ID:apache,
项目名称:syncope,
代码行数:51,
代码来源:SAML2ITCase.java
版权声明:本文转自网络文章,转载此文章仅为分享知识,如有侵权,请联系管理员进行删除。
