Created
June 5, 2019 19:52
-
-
Save luiswolff/64d15a99fbb5ec4b4e90eec04b09e053 to your computer and use it in GitHub Desktop.
This gist shows how to sign a Soap-Message using Apache WSS4J.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package de.wolff.wsst; | |
import java.io.File; | |
import java.util.Properties; | |
import javax.xml.parsers.DocumentBuilderFactory; | |
import javax.xml.soap.MessageFactory; | |
import javax.xml.soap.SOAPMessage; | |
import org.apache.wss4j.common.crypto.Crypto; | |
import org.apache.wss4j.common.crypto.CryptoFactory; | |
import org.apache.wss4j.common.ext.WSSecurityException; | |
import org.apache.wss4j.dom.WSConstants; | |
import org.apache.wss4j.dom.message.WSSecHeader; | |
import org.apache.wss4j.dom.message.WSSecSignature; | |
import org.w3c.dom.Document; | |
/** | |
* Uses Apache WSS4J 2.2.2 to sign a soap message | |
* | |
* @author luis wolff | |
* | |
*/ | |
public class WSSecuritySigner { | |
private static final String KEY_STORE_FILE = System.getProperty("keystore.file"); | |
private static final String KEY_STORE_PASSWD = System.getProperty("keystore.password"); | |
private static final String KEY_STORE_ALIAS = System.getProperty("keystore.alias"); | |
private static final String KEY_STORE_PRIVAT_PASSWD = System.getProperty("keystore.private.password", KEY_STORE_PASSWD); | |
public static void main(String[] args) throws Throwable { | |
SOAPMessage message = createMessage(new File(args[0])); | |
signMessage(message.getSOAPPart()); | |
message.writeTo(System.out); | |
} | |
private static SOAPMessage createMessage(File file) throws Exception { | |
Document document = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(file); | |
SOAPMessage message = MessageFactory.newInstance().createMessage(); | |
message.getSOAPBody().addDocument(document); | |
return message; | |
} | |
private static void signMessage(Document message) throws WSSecurityException { | |
WSSecHeader secHeader = new WSSecHeader(message); | |
secHeader.setMustUnderstand(false); | |
secHeader.insertSecurityHeader(); | |
generateSignature(secHeader); | |
} | |
private static void generateSignature(WSSecHeader secHeader) throws WSSecurityException { | |
WSSecSignature builder = new WSSecSignature(secHeader); | |
builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); | |
builder.setUserInfo(KEY_STORE_ALIAS, KEY_STORE_PRIVAT_PASSWD); | |
builder.build(createCrypto()); | |
} | |
private static Crypto createCrypto() throws WSSecurityException { | |
Properties properties = new Properties(); | |
properties.setProperty("org.apache.wss4j.crypto.merlin.keystore.file", KEY_STORE_FILE); | |
properties.setProperty("org.apache.wss4j.crypto.merlin.keystore.password", KEY_STORE_PASSWD); | |
return CryptoFactory.getInstance(properties); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment