Package org.apache.ws.security.message.token

Class UsernameToken

  • public class UsernameToken
extends java.lang.Object
    UsernameToken according to WS Security specifications, UsernameToken profile.
    Author:
    Davanum Srinivas (dims@yahoo.com), Werner Dittmann (Werner.Dittmann@siemens.com)

    • Constructor Summary

      Constructors 
      Constructor Description
      UsernameToken​(boolean milliseconds, org.w3c.dom.Document doc)
      Constructs a UsernameToken object according to the defined parameters.
      UsernameToken​(boolean milliseconds, org.w3c.dom.Document doc, java.lang.String pwType)
      Constructs a UsernameToken object according to the defined parameters.
      UsernameToken​(org.w3c.dom.Element elem)
      Constructs a UsernameToken object and parses the wsse:UsernameToken element to initialize it.

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addCreated​(boolean milliseconds, org.w3c.dom.Document doc)
      Creates and adds a Created element to this UsernameToken
      void addIteration​(org.w3c.dom.Document doc, int iteration)
      Creates and adds a Iteration element to this UsernameToken
      void addNonce​(org.w3c.dom.Document doc)
      Creates and adds a Nonce element to this UsernameToken
      byte[] addSalt​(org.w3c.dom.Document doc, byte[] saltValue, boolean mac)
      Adds and otionally creates a Salt element to this UsernameToken.
      static java.lang.String doPasswordDigest​(java.lang.String nonce, java.lang.String created, java.lang.String password)  
      static byte[] generateDerivedKey​(java.lang.String password, byte[] salt, int iteration)
      This static method generates a derived key as defined in WSS Username Token Profile.
      static byte[] generateSalt​(boolean useForMac)
      This static method generates a 128 bit salt value as defined in WSS Username Token Profile.
      java.lang.String getCreated()
      Get the created timestamp.
      org.w3c.dom.Element getElement()
      Returns the dom element of this UsernameToken object.
      java.lang.String getID()
      Gets the id.
      int getIteration()
      Get the Iteration value of this UsernameToken.
      java.lang.String getName()
      Get the user name.
      java.lang.String getNonce()
      Get the nonce.
      java.lang.String getPassword()
      Gets the password string.
      java.lang.String getPasswordType()  
      byte[] getSalt()
      Get the Salt value of this UsernameToken.
      byte[] getSecretKey()
      Gets the secret key as per WS-Trust spec.
      byte[] getSecretKey​(int keylen, java.lang.String labelString)
      Gets the secret key as per WS-Trust spec.
      boolean isHashed()
      Get the hashed inidicator.
      void setID​(java.lang.String id)
      Set the id of this username token.
      void setName​(java.lang.String name)
      Set the user name.
      void setPassword​(java.lang.String pwd)
      Sets the password string.
      java.lang.String toString()
      Returns the string representation of the token.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    • Field Detail

      • element

        protected org.w3c.dom.Element element

      • elementUsername

        protected org.w3c.dom.Element elementUsername

      • elementPassword

        protected org.w3c.dom.Element elementPassword

      • elementNonce

        protected org.w3c.dom.Element elementNonce

      • elementCreated

        protected org.w3c.dom.Element elementCreated

      • elementSalt

        protected org.w3c.dom.Element elementSalt

      • elementIteration

        protected org.w3c.dom.Element elementIteration

      • passwordType

        protected java.lang.String passwordType

      • hashed

        protected boolean hashed

      • TOKEN

        public static final javax.xml.namespace.QName TOKEN

    • Constructor Detail

      • UsernameToken

        public UsernameToken​(org.w3c.dom.Element elem)
              throws WSSecurityException
        Constructs a UsernameToken object and parses the wsse:UsernameToken element to initialize it.
        Parameters:
        elem - the wsse:UsernameToken element that contains the UsernameToken data
        Throws:
        WSSecurityException

      • UsernameToken

        public UsernameToken​(boolean milliseconds,
                     org.w3c.dom.Document doc)
        Constructs a UsernameToken object according to the defined parameters.

        This constructes set the password encoding to WSConstants.PASSWORD_DIGEST

        Parameters:
        doc - the SOAP envelope as Document

      • UsernameToken

        public UsernameToken​(boolean milliseconds,
                     org.w3c.dom.Document doc,
                     java.lang.String pwType)
        Constructs a UsernameToken object according to the defined parameters.

        Parameters:
        doc - the SOAP envelope as Document
        pwType - the required password encoding, either WSConstants.PASSWORD_DIGEST or WSConstants.PASSWORD_TEXT or null if no password required

    • Method Detail

      • addNonce

        public void addNonce​(org.w3c.dom.Document doc)
        Creates and adds a Nonce element to this UsernameToken

      • addCreated

        public void addCreated​(boolean milliseconds,
                       org.w3c.dom.Document doc)
        Creates and adds a Created element to this UsernameToken

      • addSalt

        public byte[] addSalt​(org.w3c.dom.Document doc,
                      byte[] saltValue,
                      boolean mac)
        Adds and otionally creates a Salt element to this UsernameToken. If the saltCalue is null the the method generates a new salt. Otherwise it uses the the given value.
        Parameters:
        doc - The Document for the UsernameToken
        saltValue - The salt to add, if null generate a new salt value
        mac - If true then an optionally generated value is usable for a MAC
        Returns:
        Returns the added salt

      • addIteration

        public void addIteration​(org.w3c.dom.Document doc,
                         int iteration)
        Creates and adds a Iteration element to this UsernameToken

      • getName

        public java.lang.String getName()
        Get the user name.
        Returns:
        the data from the user name element.

      • setName

        public void setName​(java.lang.String name)
        Set the user name.
        Parameters:
        name - sets a text node containing the use name into the user name element.

      • getNonce

        public java.lang.String getNonce()
        Get the nonce.
        Returns:
        the data from the nonce element.

      • getCreated

        public java.lang.String getCreated()
        Get the created timestamp.
        Returns:
        the data from the created time element.

      • getPassword

        public java.lang.String getPassword()
        Gets the password string. This is the password as it is in the password element of a username, token. Thus it can be either plain text or the password digest value.
        Returns:
        the password string or null if no such node exists.

      • getSalt

        public byte[] getSalt()
               throws WSSecurityException
        Get the Salt value of this UsernameToken.
        Returns:
        Returns the binary Salt value or null if no Salt value is available in the username token.
        Throws:
        WSSecurityException

      • getIteration

        public int getIteration()
        Get the Iteration value of this UsernameToken.
        Returns:
        Returns the Iteration value. If no Iteration was specified in the username token the default value according to the specification is returned.

      • isHashed

        public boolean isHashed()
        Get the hashed inidicator. If the indicator is true> the password of the UsernameToken was encoded using WSConstants.PASSWORD_DIGEST
        Returns:
        the hashed indicator.

      • getPasswordType

        public java.lang.String getPasswordType()
        Returns:
        Returns the passwordType.

      • setPassword

        public void setPassword​(java.lang.String pwd)
        Sets the password string. This function sets the password in the UsernameToken either as plain text or encodes the password according to the WS Security specifications, UsernameToken profile, into a password digest.
        Parameters:
        pwd - the password to use

      • doPasswordDigest

        public static java.lang.String doPasswordDigest​(java.lang.String nonce,
                                                java.lang.String created,
                                                java.lang.String password)

      • getElement

        public org.w3c.dom.Element getElement()
        Returns the dom element of this UsernameToken object.
        Returns:
        the wsse:UsernameToken element

      • toString

        public java.lang.String toString()
        Returns the string representation of the token.
        Overrides:
        toString in class java.lang.Object
        Returns:
        a XML string representation

      • getID

        public java.lang.String getID()
        Gets the id.
        Returns:
        the value of the wsu:Id attribute of this username token

      • setID

        public void setID​(java.lang.String id)
        Set the id of this username token.
        Parameters:
        id - the value for the wsu:Id attribute of this username token

      • getSecretKey

        public byte[] getSecretKey()
        Gets the secret key as per WS-Trust spec. This method uses default setting to generate the secret key. These default values are suitable for .NET WSE.
        Returns:
        a secret key constructed from information conatined in this username token

      • getSecretKey

        public byte[] getSecretKey​(int keylen,
                           java.lang.String labelString)
        Gets the secret key as per WS-Trust spec.
        Parameters:
        keylen - How many bytes to generate for the key
        labelString - the label used to generate the seed
        Returns:
        a secret key constructed from information conatined in this username token

      • generateDerivedKey

        public static byte[] generateDerivedKey​(java.lang.String password,
                                        byte[] salt,
                                        int iteration)
                                 throws WSSecurityException
        This static method generates a derived key as defined in WSS Username Token Profile.
        Parameters:
        password - The password to include in the key generation
        salt - The Salt value
        iteration - The Iteration value. If zero (0) is given the mehtod uses the default value
        Returns:
        Returns the derived key a byte array
        Throws:
        WSSecurityException

      • generateSalt

        public static byte[] generateSalt​(boolean useForMac)
        This static method generates a 128 bit salt value as defined in WSS Username Token Profile.
        Parameters:
        useForMac - If true define the Salt for use in a MAC
        Returns:
        Returns the 128 bit salt value as byte array