1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.wss4j.dom.action;
21
22 import javax.security.auth.callback.CallbackHandler;
23
24 import org.apache.wss4j.common.SecurityActionToken;
25 import org.apache.wss4j.common.ext.WSPasswordCallback;
26 import org.apache.wss4j.common.ext.WSSecurityException;
27 import org.apache.wss4j.dom.WSConstants;
28 import org.apache.wss4j.dom.handler.RequestData;
29 import org.apache.wss4j.dom.handler.WSHandler;
30 import org.apache.wss4j.dom.message.WSSecUsernameToken;
31
32 public class UsernameTokenAction implements Action {
33
34 public void execute(WSHandler handler, SecurityActionToken actionToken, RequestData reqData)
35 throws WSSecurityException {
36 String username = reqData.getUsername();
37 String password = null;
38 if (reqData.getPwType() != null) {
39 CallbackHandler callbackHandler =
40 handler.getPasswordCallbackHandler(reqData);
41 WSPasswordCallback passwordCallback =
42 handler.getPasswordCB(reqData.getUsername(), WSConstants.UT, callbackHandler, reqData);
43 username = passwordCallback.getIdentifier();
44 password = passwordCallback.getPassword();
45 }
46
47 if (username == null) {
48 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noUser");
49 }
50
51 WSSecUsernameToken builder = new WSSecUsernameToken(reqData.getSecHeader());
52 builder.setIdAllocator(reqData.getWssConfig().getIdAllocator());
53 builder.setPrecisionInMilliSeconds(reqData.isPrecisionInMilliSeconds());
54 builder.setWsTimeSource(reqData.getWssConfig().getCurrentTime());
55 builder.setPasswordType(reqData.getPwType());
56 builder.setPasswordsAreEncoded(reqData.isEncodePasswords());
57 builder.setUserInfo(username, password);
58 builder.setWsDocInfo(reqData.getWsDocInfo());
59 builder.setExpandXopInclude(reqData.isExpandXopInclude());
60
61 if (reqData.isAddUsernameTokenNonce()) {
62 builder.addNonce();
63 }
64
65 if (reqData.isAddUsernameTokenCreated()) {
66 builder.addCreated();
67 }
68
69 builder.build();
70 }
71 }