From: <mca...@us...> - 2012-12-14 15:49:51
|
Revision: 15334 http://unicore.svn.sourceforge.net/unicore/?rev=15334&view=rev Author: mcarpene Date: 2012-12-14 15:49:43 +0000 (Fri, 14 Dec 2012) Log Message: ----------- fixed basic authentication with digest Modified Paths: -------------- emi/emi-stslib/trunk/src/main/java/eu/unicore/sts/clients/SAMLAuthenticatorClientSOAP.java emi/emi-stslib/trunk/src/main/java/eu/unicore/sts/clients/UTRequestProcessor.java emi/emi-stslib/trunk/src/test/java/eu/unicore/sts/testsuite/DirectAuthnTest.java Modified: emi/emi-stslib/trunk/src/main/java/eu/unicore/sts/clients/SAMLAuthenticatorClientSOAP.java =================================================================== --- emi/emi-stslib/trunk/src/main/java/eu/unicore/sts/clients/SAMLAuthenticatorClientSOAP.java 2012-12-14 14:01:42 UTC (rev 15333) +++ emi/emi-stslib/trunk/src/main/java/eu/unicore/sts/clients/SAMLAuthenticatorClientSOAP.java 2012-12-14 15:49:43 UTC (rev 15334) @@ -11,7 +11,6 @@ import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import java.security.spec.InvalidKeySpecException; - import javax.crypto.BadPaddingException; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; Modified: emi/emi-stslib/trunk/src/main/java/eu/unicore/sts/clients/UTRequestProcessor.java =================================================================== --- emi/emi-stslib/trunk/src/main/java/eu/unicore/sts/clients/UTRequestProcessor.java 2012-12-14 14:01:42 UTC (rev 15333) +++ emi/emi-stslib/trunk/src/main/java/eu/unicore/sts/clients/UTRequestProcessor.java 2012-12-14 15:49:43 UTC (rev 15334) @@ -52,15 +52,14 @@ String password; if (digestAuth){ // creating password digest - MessageDigest md = MessageDigest.getInstance("SHA1"); + MessageDigest sha1 = MessageDigest.getInstance("SHA1"); + sha1.reset(); String passwordString = new String(plainPassword); - passwordString = userName+":"+passwordString; //concatenate username+password - byte[] passwordb = md.digest(passwordString.getBytes()); - StringBuffer sb = new StringBuffer(); - for (int i = 0; i < passwordb.length; i++) { - sb.append(Integer.toHexString((passwordb[i] & 0xFF) | 0x100).toUpperCase().substring(1,3)); - } - password = sb.toString(); //password digest, in this case the digest tag element should be managed at SOAP message level + byte[] toEncrypt = passwordString.getBytes("UTF-8"); + sha1.update(passwordString.getBytes()); + byte[] encryptedRaw = sha1.digest(); + byte[] encoded = Base64.encodeBase64(encryptedRaw); + password = new String(Base64.encodeBase64(encoded)); } else {password = new String(plainPassword);} @@ -110,8 +109,8 @@ SOAPElement securityel = header.addHeaderElement(env.createName("Security", "wsse", wssens)); securityel.addChildElement(env.createName("Timestamp", "wsu", wsuns)).addChildElement("Created", "wsu", wsuns).addTextNode(datenow); + SOAPElement headerut = securityel.addChildElement(env.createName("UsernameToken", "wsse", wssens)); if (!digestAuth){ - SOAPElement headerut = securityel.addChildElement(env.createName("UsernameToken", "wsse", wssens)); Name typeutid = env.createName("Id", "wsu", wsuns); //headerut.addChildElement("Username", "wsse", wssens).addTextNode(userName).addAttribute(typeutid, "#Username"); headerut.addAttribute(typeutid, "Username"); @@ -119,13 +118,13 @@ Name typeatt = env.createName("Type"); headerut.addChildElement("Password", "wsse", wssens).addTextNode(password).addAttribute(typeatt, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"); } - else {//actually this use case is not supported server side, added here just for completeness - SOAPElement headerut = securityel.addChildElement(env.createName("UsernameToken", "wsse", wssens)); - SOAPElement digestM = headerut.addChildElement(env.createName("DigestMethod", "wsse", wssens)); - Name algAtt = env.createName("Algorithm", "wsu", wsuns); - digestM.addAttribute(algAtt, "http://www.w3.org/2000/09/xmldsig#sha1"); - SOAPElement digestV = headerut.addChildElement(env.createName("DigestValue", "wsse", wssens)); - digestV.addTextNode(password); + else {//digest authentication + Name typeutid = env.createName("Id", "wsu", wsuns); + //headerut.addChildElement("Username", "wsse", wssens).addTextNode(userName).addAttribute(typeutid, "#Username"); + headerut.addAttribute(typeutid, "Username"); + headerut.addChildElement("Username", "wsse", wssens).addTextNode(userName); + Name typeatt = env.createName("Type"); + headerut.addChildElement("Password", "wsse", wssens).addTextNode(password).addAttribute(typeatt, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"); } Name bodyName = env.createName("RequestSecurityToken", "wst", wstns); Modified: emi/emi-stslib/trunk/src/test/java/eu/unicore/sts/testsuite/DirectAuthnTest.java =================================================================== --- emi/emi-stslib/trunk/src/test/java/eu/unicore/sts/testsuite/DirectAuthnTest.java 2012-12-14 14:01:42 UTC (rev 15333) +++ emi/emi-stslib/trunk/src/test/java/eu/unicore/sts/testsuite/DirectAuthnTest.java 2012-12-14 15:49:43 UTC (rev 15334) @@ -25,14 +25,19 @@ String idpaddress = ""; DirectSTSAuthnParams stsobj = new DirectSTSAuthnParams(username,password.toCharArray(),stsendpointUrl,"basic",false,"X509"); + //DirectSTSAuthnParams stsobjD = new DirectSTSAuthnParams(username,password.toCharArray(),stsendpointUrl,"basic",true,"X509"); STSSupportImpl stssupport = new STSSupportImpl(); try{ String result = stssupport.requestX509Token(stsobj); - System.out.println("Response received..."); + System.out.println("(Plain Authentication) Response received..."); System.out.println(result); + +// String resultD = stssupport.requestX509Token(stsobjD); +// System.out.println("(Digest Authentication) Response received..."); +// System.out.println(resultD); } catch(Exception e) This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |