@@ -25,85 +25,85 @@
import sun .misc .BASE64Encoder ;
public class SimpleWsAuthHandler implements SOAPHandler & lt ; SOAPMessageContext & gt ; {
public boolean handleMessage (SOAPMessageContext smc ) {
Boolean outboundProperty = (Boolean ) smc .get (MessageContext .MESSAGE_OUTBOUND_PROPERTY );
if (outboundProperty .booleanValue ()) {
try {
String usernameStr = "myusername" ;
String passwordStr = "myPassword" ;
//From the spec: Password_Digest = Base64 ( SHA-1 ( nonce + created + password ) )
//Make the nonce
SecureRandom rand = SecureRandom .getInstance ("SHA1PRNG" );
rand .setSeed (System .currentTimeMillis ());
byte [] nonceBytes = new byte [16 ];
rand .nextBytes (nonceBytes );
//Make the created date
DateFormat df = new SimpleDateFormat ("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'" );
df .setTimeZone (TimeZone .getTimeZone ("UTC" ));
String createdDate = df .format (Calendar .getInstance ().getTime ());
byte [] createdDateBytes = createdDate .getBytes ("UTF-8" );
//Make the password
byte [] passwordBytes = passwordStr .getBytes ("UTF-8" );
//SHA-1 hash the bunch of it.
ByteArrayOutputStream baos = new ByteArrayOutputStream ();
baos .write (nonceBytes );
baos .write (createdDateBytes );
baos .write (passwordBytes );
MessageDigest md = MessageDigest .getInstance ("SHA-1" );
byte [] digestedPassword = md .digest (baos .toByteArray ());
//Encode the password and nonce for sending
String passwordB64 = (new BASE64Encoder ()).encode (digestedPassword );
String nonceB64 = (new BASE64Encoder ()).encode (nonceBytes );
//Now create the header with all the appropriate elements
SOAPEnvelope envelope = smc .getMessage ().getSOAPPart ().getEnvelope ();
SOAPHeader header = envelope .addHeader ();
SOAPElement security = header .addChildElement ("Security" , "wsse" , "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" );
SOAPElement usernameToken = security .addChildElement ("UsernameToken" , "wsse" );
SOAPElement username = usernameToken .addChildElement ("Username" , "wsse" );
username .addTextNode (usernameStr );
SOAPElement password = usernameToken .addChildElement ("Password" , "wsse" );
password .setAttribute ("Type" , "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest" );
password .addTextNode (passwordB64 );
SOAPElement nonce = usernameToken .addChildElement ("Nonce" , "wsse" );
nonce .addTextNode (nonceB64 );
SOAPElement created = usernameToken .addChildElement ("Created" , "wsu" , "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" );
created .addTextNode (createdDate );
smc .getMessage ().writeTo (System .out );
} catch (Exception e ) {
throw new RuntimeException (e );
}
}
return outboundProperty ;
}
public Set getHeaders () {
return Collections .emptySet ();
}
public void close (MessageContext context ) {
}
public boolean handleFault (SOAPMessageContext context ) {
return false ;
}
public class SimpleWsAuthHandler implements SOAPHandler < SOAPMessageContext > {
public boolean handleMessage (SOAPMessageContext smc ) {
Boolean outboundProperty = (Boolean ) smc .get (MessageContext .MESSAGE_OUTBOUND_PROPERTY );
if (outboundProperty .booleanValue ()) {
try {
String usernameStr = "myusername" ;
String passwordStr = "myPassword" ;
//From the spec: Password_Digest = Base64 ( SHA-1 ( nonce + created + password ) )
//Make the nonce
SecureRandom rand = SecureRandom .getInstance ("SHA1PRNG" );
rand .setSeed (System .currentTimeMillis ());
byte [] nonceBytes = new byte [16 ];
rand .nextBytes (nonceBytes );
//Make the created date
DateFormat df = new SimpleDateFormat ("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'" );
df .setTimeZone (TimeZone .getTimeZone ("UTC" ));
String createdDate = df .format (Calendar .getInstance ().getTime ());
byte [] createdDateBytes = createdDate .getBytes ("UTF-8" );
//Make the password
byte [] passwordBytes = passwordStr .getBytes ("UTF-8" );
//SHA-1 hash the bunch of it.
ByteArrayOutputStream baos = new ByteArrayOutputStream ();
baos .write (nonceBytes );
baos .write (createdDateBytes );
baos .write (passwordBytes );
MessageDigest md = MessageDigest .getInstance ("SHA-1" );
byte [] digestedPassword = md .digest (baos .toByteArray ());
//Encode the password and nonce for sending
String passwordB64 = (new BASE64Encoder ()).encode (digestedPassword );
String nonceB64 = (new BASE64Encoder ()).encode (nonceBytes );
//Now create the header with all the appropriate elements
SOAPEnvelope envelope = smc .getMessage ().getSOAPPart ().getEnvelope ();
SOAPHeader header = envelope .addHeader ();
SOAPElement security = header .addChildElement ("Security" , "wsse" , "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" );
SOAPElement usernameToken = security .addChildElement ("UsernameToken" , "wsse" );
SOAPElement username = usernameToken .addChildElement ("Username" , "wsse" );
username .addTextNode (usernameStr );
SOAPElement password = usernameToken .addChildElement ("Password" , "wsse" );
password .setAttribute ("Type" , "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest" );
password .addTextNode (passwordB64 );
SOAPElement nonce = usernameToken .addChildElement ("Nonce" , "wsse" );
nonce .addTextNode (nonceB64 );
SOAPElement created = usernameToken .addChildElement ("Created" , "wsu" , "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" );
created .addTextNode (createdDate );
smc .getMessage ().writeTo (System .out );
} catch (Exception e ) {
throw new RuntimeException (e );
}
}
return outboundProperty ;
}
public Set getHeaders () {
return Collections .emptySet ();
}
public void close (MessageContext context ) {
}
public boolean handleFault (SOAPMessageContext context ) {
return false ;
}
}
javajack revised this gist
eogiles revised this gist