AbstractUsernameTokenAuthenticatingInterceptor (Apache CXF JavaDoc 3.1.0 API)

java.lang.Object
- org.apache.wss4j.dom.handler.WSHandler
- - org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor
  - - org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
    - - org.apache.cxf.ws.security.wss4j.AbstractUsernameTokenAuthenticatingInterceptor

All Implemented Interfaces:

SoapInterceptor, Interceptor<SoapMessage>, PhaseInterceptor<SoapMessage>
```
public abstract class AbstractUsernameTokenAuthenticatingInterceptor
extends WSS4JInInterceptor
```
Base class providing an extensibility point for populating javax.security.auth.Subject from a current UsernameToken. WSS4J requires a password for validating digests which may not be available when external security systems provide for the authentication. This class implements WSS4J Processor interface so that it can delegate a UsernameToken validation to an external system. In order to handle digests, this class currently creates a new WSS4J Security Engine for every request. If clear text passwords are expected then a supportDigestPasswords boolean property with a false value can be used to disable creating security engines. Note that if a UsernameToken containing a clear text password has been encrypted then an application is expected to provide a password callback handler for decrypting the token only.

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

protected class AbstractUsernameTokenAuthenticatingInterceptor.CustomValidator

Nested Classes
Modifier and Type	Class and Description
`protected class`	`AbstractUsernameTokenAuthenticatingInterceptor.CustomValidator`

Field Summary
- Fields inherited from class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
  PROCESSOR_MAP, SAML_ROLE_ATTRIBUTENAME_DEFAULT, SECURITY_PROCESSED, VALIDATOR_MAP
- Fields inherited from class org.apache.wss4j.dom.handler.WSHandler
  cryptos

Constructor Summary

Constructors
Constructor and Description

AbstractUsernameTokenAuthenticatingInterceptor()

AbstractUsernameTokenAuthenticatingInterceptor(Map<String,Object> properties)

Constructors
Constructor and Description
`AbstractUsernameTokenAuthenticatingInterceptor()`
`AbstractUsernameTokenAuthenticatingInterceptor(Map<String,Object> properties)`

Method Summary

Methods
Modifier and Type	Method and Description
`protected SecurityContext`	`createSecurityContext(Principal p)`
`protected abstract Subject`	`createSubject(String name, String password, boolean isDigest, String nonce, String created)` Create a Subject representing a current user and its roles.
`protected SecurityContext`	`doCreateSecurityContext(Principal p, Subject subject)` Creates default SecurityContext which implements isUserInRole using the following approach : skip the first Subject principal, and then check optional Groups the principal is a member of.
`protected org.apache.wss4j.dom.WSSecurityEngine`	`getSecurityEngine(boolean utNoCallbacks)`
`boolean`	`getSupportDigestPasswords()`
`void`	`handleMessage(SoapMessage msg)` Intercepts a message.
`protected void`	`setSubject(String name, String password, boolean isDigest, String nonce, String created)`
`void`	`setSupportDigestPasswords(boolean support)`

Methods inherited from class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
advanceBody, computeAction, configureReplayCaches, createSecurityContext, createSecurityEngine, doResults, doResults, getCallback, getCallback, getProperty, getReplayCache, isGET, isNonceCacheRequired, isSamlCacheRequired, isTimestampCacheRequired, setAlgorithmSuites, setIgnoreActions

Methods inherited from class org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor
getAdditionalInterceptors, getAfter, getBefore, getId, getOption, getPassword, getPhase, getProperties, getRoles, getUnderstoodHeaders, handleFault, isRequestor, loadCryptoFromPropertiesFile, postHandleMessage, setId, setPassword, setPhase, setProperties, setProperty, setProperty, translateProperties

Methods inherited from class org.apache.wss4j.dom.handler.WSHandler
checkReceiverResults, checkReceiverResultsAnyOrder, checkSignatureConfirmation, decodeAlgorithmSuite, decodeBooleanConfigValue, decodeDecryptionParameter, decodeEncryptionParameter, decodeFutureTimeToLive, decodePasswordType, decodeSignatureParameter, decodeSignatureParameter2, decodeTimeToLive, decodeUTParameter, doReceiverAction, doSenderAction, getCallbackHandler, getClassLoader, getPasswordCallbackHandler, getPasswordCB, getPasswordEncryptor, getString, getStringOption, loadCrypto, loadDecryptionCrypto, loadEncryptionCrypto, loadSignatureCrypto, loadSignatureVerificationCrypto

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - AbstractUsernameTokenAuthenticatingInterceptor
```
public AbstractUsernameTokenAuthenticatingInterceptor()
```
  - AbstractUsernameTokenAuthenticatingInterceptor
```
public AbstractUsernameTokenAuthenticatingInterceptor(Map<String,Object> properties)
```
- Method Detail
  - setSupportDigestPasswords
```
public void setSupportDigestPasswords(boolean support)
```
  - getSupportDigestPasswords
```
public boolean getSupportDigestPasswords()
```
  - handleMessage
```
public void handleMessage(SoapMessage msg)
                   throws Fault
```
    Description copied from interface: Interceptor
    
    Intercepts a message. Interceptors should NOT invoke handleMessage or handleFault on the next interceptor - the interceptor chain will take care of this.
    
    Specified by:
    
    handleMessage in interface Interceptor<SoapMessage>
    
    Overrides:
    
    handleMessage in class WSS4JInInterceptor
    
    Throws:
    
    Fault
  - createSecurityContext
```
protected SecurityContext createSecurityContext(Principal p)
```
    Overrides:
    
    createSecurityContext in class WSS4JInInterceptor
  - doCreateSecurityContext
```
protected SecurityContext doCreateSecurityContext(Principal p,
                                      Subject subject)
```
    Creates default SecurityContext which implements isUserInRole using the following approach : skip the first Subject principal, and then check optional Groups the principal is a member of. Subclasses can override this method and implement a custom strategy instead
    
    Parameters:
    p - principal
    subject - subject
    
    Returns:
    security context
  - setSubject
```
protected void setSubject(String name,
              String password,
              boolean isDigest,
              String nonce,
              String created)
                   throws org.apache.wss4j.common.ext.WSSecurityException
```
    Throws:
    
    org.apache.wss4j.common.ext.WSSecurityException
  - createSubject
```
protected abstract Subject createSubject(String name,
                    String password,
                    boolean isDigest,
                    String nonce,
                    String created)
                                  throws SecurityException
```
    Create a Subject representing a current user and its roles. This Subject is expected to contain at least one Principal representing a user and optionally followed by one or more principal Groups this user is a member of. It will also be available in doCreateSecurityContext.
    
    Parameters:
    name - username
    password - password
    isDigest - true if a password digest is used
    nonce - optional nonce
    created - optional timestamp
    
    Returns:
    subject
    
    Throws:
    
    SecurityException
  - getSecurityEngine
```
protected org.apache.wss4j.dom.WSSecurityEngine getSecurityEngine(boolean utNoCallbacks)
```
    Overrides:
    
    getSecurityEngine in class WSS4JInInterceptor
    
    Returns:
    the WSSecurityEngine in use by this interceptor. This engine is defined to be the secEngineOverride instance, if defined in this class (and supplied through construction); otherwise, it is taken to be the default WSSecEngine instance (currently defined in the WSHandler base class).

Class AbstractUsernameTokenAuthenticatingInterceptor

Nested Class Summary

Field Summary

Fields inherited from class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

Fields inherited from class org.apache.wss4j.dom.handler.WSHandler

Constructor Summary

Method Summary

Methods inherited from class org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor

Methods inherited from class org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor

Methods inherited from class org.apache.wss4j.dom.handler.WSHandler

Methods inherited from class java.lang.Object

Constructor Detail

AbstractUsernameTokenAuthenticatingInterceptor

AbstractUsernameTokenAuthenticatingInterceptor

Method Detail

setSupportDigestPasswords

getSupportDigestPasswords

handleMessage

createSecurityContext

doCreateSecurityContext

setSubject

createSubject

getSecurityEngine