1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.wss4j.dom.common;
21
22 import org.apache.wss4j.common.crypto.Crypto;
23 import org.apache.wss4j.common.crypto.CryptoFactory;
24 import org.apache.wss4j.common.crypto.CryptoType;
25 import org.apache.wss4j.common.ext.WSSecurityException;
26 import org.apache.wss4j.common.saml.SAMLCallback;
27 import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean;
28 import org.apache.wss4j.common.saml.bean.KeyInfoBean;
29 import org.apache.wss4j.common.saml.bean.SubjectBean;
30 import org.apache.wss4j.common.saml.bean.Version;
31 import org.apache.wss4j.common.saml.builder.SAML1Constants;
32
33 import javax.security.auth.callback.Callback;
34 import javax.security.auth.callback.CallbackHandler;
35 import javax.security.auth.callback.UnsupportedCallbackException;
36
37 import java.io.IOException;
38 import java.security.cert.X509Certificate;
39 import java.util.Collections;
40
41
42
43
44
45 public class SAML1AuthnHOKHandler implements CallbackHandler {
46
47 private String subjectName = "uid=joe,ou=people,ou=saml-demo,o=example.com";
48 private String subjectQualifier = "www.example.com";
49 private X509Certificate[] certs;
50
51 public SAML1AuthnHOKHandler() throws WSSecurityException {
52 Crypto crypto = CryptoFactory.getInstance("wss40.properties");
53 CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
54 cryptoType.setAlias("wss40");
55 certs = crypto.getX509Certificates(cryptoType);
56 }
57
58 public void handle(Callback[] callbacks)
59 throws IOException, UnsupportedCallbackException {
60 for (Callback callback : callbacks) {
61 if (callback instanceof SAMLCallback) {
62 SAMLCallback samlCallback = (SAMLCallback) callback;
63 samlCallback.setSamlVersion(Version.SAML_11);
64 SubjectBean subjectBean =
65 new SubjectBean(
66 subjectName, subjectQualifier, SAML1Constants.CONF_HOLDER_KEY
67 );
68 KeyInfoBean keyInfo = new KeyInfoBean();
69 keyInfo.setCertificate(certs[0]);
70 subjectBean.setKeyInfo(keyInfo);
71 AuthenticationStatementBean authBean = new AuthenticationStatementBean();
72 authBean.setSubject(subjectBean);
73 authBean.setAuthenticationMethod("Password");
74 samlCallback.setAuthenticationStatementData(Collections.singletonList(authBean));
75 } else {
76 throw new UnsupportedCallbackException(callback, "Unrecognized Callback");
77 }
78 }
79 }
80 }