Class UsernameToken

java.lang.Object
org.apache.ws.security.message.token.UsernameToken

public class UsernameToken extends Object
UsernameToken according to WS Security specifications, UsernameToken profile.
Author:
Davanum Srinivas (dims@yahoo.com), Werner Dittmann (Werner.Dittmann@siemens.com)
  • Field Details

    • PASSWORD_TYPE

      public static final String PASSWORD_TYPE
      See Also:
    • element

      protected Element element
    • elementUsername

      protected Element elementUsername
    • elementPassword

      protected Element elementPassword
    • elementNonce

      protected Element elementNonce
    • elementCreated

      protected Element elementCreated
    • elementSalt

      protected Element elementSalt
    • elementIteration

      protected Element elementIteration
    • passwordType

      protected String passwordType
    • hashed

      protected boolean hashed
    • TOKEN

      public static final QName TOKEN
  • Constructor Details

    • UsernameToken

      public UsernameToken(Element elem) throws WSSecurityException
      Constructs a UsernameToken object and parses the wsse:UsernameToken element to initialize it.
      Parameters:
      elem - the wsse:UsernameToken element that contains the UsernameToken data
      Throws:
      WSSecurityException
    • UsernameToken

      public UsernameToken(boolean milliseconds, Document doc)
      Constructs a UsernameToken object according to the defined parameters.

      This constructes set the password encoding to WSConstants.PASSWORD_DIGEST

      Parameters:
      doc - the SOAP envelope as Document
    • UsernameToken

      public UsernameToken(boolean milliseconds, Document doc, String pwType)
      Constructs a UsernameToken object according to the defined parameters.

      Parameters:
      doc - the SOAP envelope as Document
      pwType - the required password encoding, either WSConstants.PASSWORD_DIGEST or WSConstants.PASSWORD_TEXT or null if no password required
  • Method Details

    • addNonce

      public void addNonce(Document doc)
      Creates and adds a Nonce element to this UsernameToken
    • addCreated

      public void addCreated(boolean milliseconds, Document doc)
      Creates and adds a Created element to this UsernameToken
    • addSalt

      public byte[] addSalt(Document doc, byte[] saltValue, boolean mac)
      Adds and otionally creates a Salt element to this UsernameToken. If the saltCalue is null the the method generates a new salt. Otherwise it uses the the given value.
      Parameters:
      doc - The Document for the UsernameToken
      saltValue - The salt to add, if null generate a new salt value
      mac - If true then an optionally generated value is usable for a MAC
      Returns:
      Returns the added salt
    • addIteration

      public void addIteration(Document doc, int iteration)
      Creates and adds a Iteration element to this UsernameToken
    • getName

      public String getName()
      Get the user name.
      Returns:
      the data from the user name element.
    • setName

      public void setName(String name)
      Set the user name.
      Parameters:
      name - sets a text node containing the use name into the user name element.
    • getNonce

      public String getNonce()
      Get the nonce.
      Returns:
      the data from the nonce element.
    • getCreated

      public String getCreated()
      Get the created timestamp.
      Returns:
      the data from the created time element.
    • getPassword

      public String getPassword()
      Gets the password string. This is the password as it is in the password element of a username, token. Thus it can be either plain text or the password digest value.
      Returns:
      the password string or null if no such node exists.
    • getSalt

      public byte[] getSalt() throws WSSecurityException
      Get the Salt value of this UsernameToken.
      Returns:
      Returns the binary Salt value or null if no Salt value is available in the username token.
      Throws:
      WSSecurityException
    • getIteration

      public int getIteration()
      Get the Iteration value of this UsernameToken.
      Returns:
      Returns the Iteration value. If no Iteration was specified in the username token the default value according to the specification is returned.
    • isHashed

      public boolean isHashed()
      Get the hashed inidicator. If the indicator is true> the password of the UsernameToken was encoded using WSConstants.PASSWORD_DIGEST
      Returns:
      the hashed indicator.
    • getPasswordType

      public String getPasswordType()
      Returns:
      Returns the passwordType.
    • setPassword

      public void setPassword(String pwd)
      Sets the password string. This function sets the password in the UsernameToken either as plain text or encodes the password according to the WS Security specifications, UsernameToken profile, into a password digest.
      Parameters:
      pwd - the password to use
    • doPasswordDigest

      public static String doPasswordDigest(String nonce, String created, String password)
    • getElement

      public Element getElement()
      Returns the dom element of this UsernameToken object.
      Returns:
      the wsse:UsernameToken element
    • toString

      public String toString()
      Returns the string representation of the token.
      Overrides:
      toString in class Object
      Returns:
      a XML string representation
    • getID

      public String getID()
      Gets the id.
      Returns:
      the value of the wsu:Id attribute of this username token
    • setID

      public void setID(String id)
      Set the id of this username token.
      Parameters:
      id - the value for the wsu:Id attribute of this username token
    • getSecretKey

      public byte[] getSecretKey()
      Gets the secret key as per WS-Trust spec. This method uses default setting to generate the secret key. These default values are suitable for .NET WSE.
      Returns:
      a secret key constructed from information conatined in this username token
    • getSecretKey

      public byte[] getSecretKey(int keylen, String labelString)
      Gets the secret key as per WS-Trust spec.
      Parameters:
      keylen - How many bytes to generate for the key
      labelString - the label used to generate the seed
      Returns:
      a secret key constructed from information conatined in this username token
    • generateDerivedKey

      public static byte[] generateDerivedKey(String password, byte[] salt, int iteration) throws WSSecurityException
      This static method generates a derived key as defined in WSS Username Token Profile.
      Parameters:
      password - The password to include in the key generation
      salt - The Salt value
      iteration - The Iteration value. If zero (0) is given the mehtod uses the default value
      Returns:
      Returns the derived key a byte array
      Throws:
      WSSecurityException
    • generateSalt

      public static byte[] generateSalt(boolean useForMac)
      This static method generates a 128 bit salt value as defined in WSS Username Token Profile.
      Parameters:
      useForMac - If true define the Salt for use in a MAC
      Returns:
      Returns the 128 bit salt value as byte array