wssaddusernametokenid.java

oasis发布的web services security规范中的ws-trust规范的java实现

package edu.virginia.cs.wss.util;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.message.WSBaseMessage;
import org.apache.ws.security.message.token.UsernameToken;
import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/**
 * @author ddelvecc
 *
 * A class much like WSSAddUsernameToken with support for adding a wsu:id to the UsernameToken element
 * so that SecurityTokenReferences can be used elsewhere in the message
 */
public class WSSAddUsernameTokenId extends WSBaseMessage {
	
	private String id = null;
	private static Log log = LogFactory.getLog(WSSAddUsernameTokenId.class.getName());
	private String passwordType = WSConstants.PASSWORD_DIGEST;
    
	private UsernameToken ut = null;

	/**
	 * Constructor.
	 */
	public WSSAddUsernameTokenId() {
	}

	/**
	 * Constructor.
	 * <p/>
	 * 
	 * @param actor the name of the actor of the <code>wsse:Security</code> header
	 */
	public WSSAddUsernameTokenId(String actor) {
		super(actor);
	}

	/**
	 * Constructor.
	 * <p/>
	 * 
	 * @param actor The name of the actor of the <code>wsse:Security</code> header
	 * @param mu    Set <code>mustUnderstand</code> to true or false
	 */
	public WSSAddUsernameTokenId(String actor, boolean mu) {
		super(actor, mu);
	}

	/**
	 * Defines how to construct the password element of the 
	 * <code>UsernameToken</code>. 
	 * 
	 * @param pwType 	contains the password type. Only allowed values are 
	 * 					{@link WSConstants#PASSWORD_DIGEST} and 
	 * 					{@link WSConstants#PASSWORD_TEXT}.
	 */
	public void setPasswordType(String pwType) {
		if (pwType == null) {
			passwordType = WSConstants.PASSWORD_DIGEST;
		} else if (pwType.equals(WSConstants.PASSWORD_DIGEST) || pwType.equals(WSConstants.PASSWORD_TEXT)) {
			passwordType = pwType;
		}
	}

	/**
	 * Creates and adds a Nonce element to the UsernameToken
	 */
	public void addNonce(Document doc) {
		ut.addNonce(doc);
	}

	/**
	 * Creates and adds a Created element to the UsernameToken
	 */
	public void addCreated(Document doc) {
		ut.addCreated(doc);
	}
	
	public void setId(String id) {
		this.id = id;
		if(ut != null)
			ut.setID(id);
	}
	
	public String getId() {
		return id;
	}
	
	/**
	 * Adds a new <code>UsernameToken</code> to a soap envelope.
	 * <p/>
	 * A complete <code>UsernameToken</code> is constructed and added to
	 * the <code>wsse:Security</code> header. 
	 * 
	 * @param doc      The SOAP enevlope as W3C document
	 * @param username The username to set in the UsernameToken
	 * @param password The password of the user
	 * @return Document with UsernameToken added
	 */
	public Document build(Document doc, String username, String password) { // throws Exception {
		log.debug("Begin add username token...");
		Element securityHeader = insertSecurityHeader(doc);
		ut = new UsernameToken(doc, passwordType);
		ut.setName(username);
		ut.setPassword(password);
		if(id != null)
			ut.setID(id);
		WSSecurityUtil.prependChildElement(doc, securityHeader, ut.getElement(), true);
		return doc;
	}
}