Package org.apache.wss4j.dom.message.token

Class UsernameToken

java.lang.Object
org.apache.wss4j.dom.message.token.UsernameToken
public class UsernameToken extends Object
UsernameToken according to WS Security specifications, UsernameToken profile. Enhanced to support digest password type for username token signature Enhanced to support passwordless usernametokens as allowed by spec.

  • Field Details

  • Constructor Details

    • UsernameToken

      public UsernameToken(Element elem, boolean allowNamespaceQualifiedPasswordTypes, BSPEnforcer bspEnforcer) throws WSSecurityException
      Constructs a UsernameToken object and parses the wsse:UsernameToken element to initialize it.
      Parameters:
      elem - the wsse:UsernameToken element that contains the UsernameToken data
      allowNamespaceQualifiedPasswordTypes - whether to allow (wsse) namespace qualified password types or not (for interop with WCF)
      bspEnforcer - a BSPEnforcer instance to enforce BSP rules
      Throws:
      WSSecurityException

    • UsernameToken

      public UsernameToken(boolean milliseconds, Document doc)
      Constructs a UsernameToken object according to the defined parameters.

      This constructs set the password encoding to WSS4JConstants.PASSWORD_DIGEST

      Parameters:
      doc - the SOAP envelope as Document

    • UsernameToken

      public UsernameToken(boolean milliseconds, Document doc, String pwType)
      Constructs a UsernameToken object according to the defined parameters.
      Parameters:
      doc - the SOAP envelope as Document
      pwType - the required password encoding, either WSS4JConstants.PASSWORD_DIGEST or WSS4JConstants.PASSWORD_TEXT or WSS4JConstants.PW_NONE null if no password required

    • UsernameToken

      public UsernameToken(boolean milliseconds, Document doc, WSTimeSource timeSource, String pwType)

  • Method Details

    • addWSSENamespace

      public void addWSSENamespace()
      Add the WSSE Namespace to this UT. The namespace is not added by default for efficiency purposes.

    • addWSUNamespace

      public void addWSUNamespace()
      Add the WSU Namespace to this UT. The namespace is not added by default for efficiency purposes.

    • addNonce

      public void addNonce(Document doc)
      Creates and adds a Nonce element to this UsernameToken

    • addCreated

      public void addCreated(boolean milliseconds, Document doc)
      Creates and adds a Created element to this UsernameToken

    • addCreated

      public void addCreated(boolean milliseconds, WSTimeSource timeSource, Document doc)
      Creates and adds a Created element to this UsernameToken

    • addSalt

      public void addSalt(Document doc, byte[] saltValue)
      Adds a Salt element to this UsernameToken.
      Parameters:
      doc - The Document for the UsernameToken
      saltValue - The salt to add.

    • addIteration

      public void addIteration(Document doc, int iteration)
      Creates and adds a Iteration element to this UsernameToken

    • getName

      public String getName()
      Get the user name.
      Returns:
      the data from the user name element.

    • setName

      public void setName(String name)
      Set the user name.
      Parameters:
      name - sets a text node containing the use name into the user name element.

    • getNonce

      public String getNonce()
      Get the nonce.
      Returns:
      the data from the nonce element.

    • getCreated

      public String getCreated()
      Get the created timestamp.
      Returns:
      the data from the created time element.

    • getCreatedDate

      public Instant getCreatedDate()
      Return the Created Element as a Date object
      Returns:
      the Created Date

    • getPassword

      public String getPassword()
      Gets the password string. This is the password as it is in the password element of a username token. Thus it can be either plain text or the password digest value.
      Returns:
      the password string or null if no such node exists.

    • containsPasswordElement

      public boolean containsPasswordElement()
      Return true if this UsernameToken contains a Password element

    • getSalt

      public byte[] getSalt() throws WSSecurityException
      Get the Salt value of this UsernameToken.
      Returns:
      Returns the binary Salt value or null if no Salt value is available in the username token.
      Throws:
      WSSecurityException

    • getIteration

      public int getIteration()
      Get the Iteration value of this UsernameToken.
      Returns:
      Returns the Iteration value. If no Iteration was specified in the username token the default value according to the specification is returned.

    • isHashed

      public boolean isHashed()
      Get the hashed indicator. If the indicator is true> the password of the UsernameToken was encoded using WSS4JConstants.PASSWORD_DIGEST
      Returns:
      the hashed indicator.

    • getPasswordType

      public String getPasswordType()
      Returns:
      Returns the passwordType.

    • setPassword

      public void setPassword(String pwd)
      Sets the password string. This function sets the password in the UsernameToken either as plain text or encodes the password according to the WS Security specifications, UsernameToken profile, into a password digest.
      Parameters:
      pwd - the password to use

    • setPasswordsAreEncoded

      public void setPasswordsAreEncoded(boolean passwordsAreEncoded)
      Parameters:
      passwordsAreEncoded - whether passwords are encoded

    • getPasswordsAreEncoded

      public boolean getPasswordsAreEncoded()
      Returns:
      whether passwords are encoded

    • getElement

      public Element getElement()
      Returns the dom element of this UsernameToken object.
      Returns:
      the wsse:UsernameToken element

    • toString

      public String toString()
      Returns the string representation of the token.
      Overrides:
      toString in class Object
      Returns:
      a XML string representation

    • getID

      public String getID()
      Gets the id.
      Returns:
      the value of the wsu:Id attribute of this username token

    • setID

      public void setID(String id)
      Set the id of this username token.
      Parameters:
      id - the value for the wsu:Id attribute of this username token

    • getDerivedKey

      public byte[] getDerivedKey(BSPEnforcer bspEnforcer, String rawPassword) throws WSSecurityException
      This method gets a derived key as defined in WSS Username Token Profile.
      Parameters:
      rawPassword - The raw password to use to derive the key
      Returns:
      Returns the derived key as a byte array
      Throws:
      WSSecurityException

    • isDerivedKey

      public boolean isDerivedKey() throws WSSecurityException
      Return whether the UsernameToken represented by this class is to be used for key derivation as per the UsernameToken Profile 1.1. It does this by checking that the username token has salt and iteration values.
      Throws:
      WSSecurityException

    • createPrincipal

      public Principal createPrincipal() throws WSSecurityException
      Create a WSUsernameTokenPrincipal from this UsernameToken object
      Throws:
      WSSecurityException

    • verifyCreated

      public boolean verifyCreated(int timeToLive, int futureTimeToLive)
      Return true if the "Created" value is before the current time minus the timeToLive argument, and if the Created value is not "in the future".
      Parameters:
      timeToLive - the value in seconds for the validity of the Created time
      futureTimeToLive - the value in seconds for the future validity of the Created time
      Returns:
      true if the UsernameToken is before (now-timeToLive), false otherwise

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object object)
      Overrides:
      equals in class Object