cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1471016 - in /cxf/branches/wss4j2.0-port/rt/ws/security/src: main/java/org/apache/cxf/ws/security/wss4j/ test/java/org/apache/cxf/ws/security/wss4j/
Date Tue, 23 Apr 2013 15:35:25 GMT
Author: coheigea
Date: Tue Apr 23 15:35:25 2013
New Revision: 1471016

URL: http://svn.apache.org/r1471016
Log:
Added a way to check required Actions against inbound security events

Added:
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
    cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/StaxRoundTripActionTest.java
Modified:
    cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java

Added: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java?rev=1471016&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
(added)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxActionInInterceptor.java
Tue Apr 23 15:35:25 2013
@@ -0,0 +1,145 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.ws.security.wss4j;
+
+import java.util.List;
+import java.util.logging.Logger;
+
+import org.apache.cxf.binding.soap.SoapFault;
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.SoapVersion;
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.apache.xml.security.stax.securityEvent.SecurityEvent;
+import org.apache.xml.security.stax.securityEvent.SecurityEventConstants.Event;
+
+/**
+ * This interceptor handles parsing the StaX WS-Security results (events) + checks to see
+ * whether the required Actions were fulfilled. If no Actions were defined in the configuration,
+ * then no checking is done on the received security events.
+ */
+public class StaxActionInInterceptor extends AbstractPhaseInterceptor<SoapMessage>
{
+    
+    private static final Logger LOG = 
+        LogUtils.getL7dLogger(StaxActionInInterceptor.class);
+                                                            
+    private final List<XMLSecurityConstants.Action> inActions;
+    
+    public StaxActionInInterceptor(List<XMLSecurityConstants.Action> inActions) {
+        super(Phase.PRE_PROTOCOL);
+        this.inActions = inActions;
+        this.getBefore().add(StaxSecurityContextInInterceptor.class.getName());
+    }
+
+    @Override
+    public void handleMessage(SoapMessage soapMessage) throws Fault {
+        
+        if (inActions == null || inActions.isEmpty()) {
+            return;
+        }
+        
+        @SuppressWarnings("unchecked")
+        final List<SecurityEvent> incomingSecurityEventList = 
+            (List<SecurityEvent>)soapMessage.get(SecurityEvent.class.getName() + ".in");
+
+        if (incomingSecurityEventList == null) {
+            LOG.warning("Security processing failed (actions mismatch)");
+            WSSecurityException ex = 
+                new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
+            throw createSoapFault(soapMessage.getVersion(), ex);
+        }
+        
+        for (XMLSecurityConstants.Action action : inActions) {
+            Event requiredEvent = null;
+            if (WSSConstants.TIMESTAMP.equals(action)) {
+                requiredEvent = WSSecurityEventConstants.Timestamp;
+            } else if (WSSConstants.USERNAMETOKEN.equals(action)) {
+                requiredEvent = WSSecurityEventConstants.UsernameToken;
+            } else if (WSSConstants.SIGNATURE.equals(action)) {
+                requiredEvent = WSSecurityEventConstants.SignatureValue;
+            } else if (WSSConstants.SAML_TOKEN_SIGNED.equals(action)
+                || WSSConstants.SAML_TOKEN_UNSIGNED.equals(action)) {
+                requiredEvent = WSSecurityEventConstants.SamlToken;
+            }
+            
+            if (requiredEvent != null 
+                && !isEventInResults(requiredEvent, incomingSecurityEventList)) {
+                LOG.warning("Security processing failed (actions mismatch)");
+                WSSecurityException ex = 
+                    new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
+                throw createSoapFault(soapMessage.getVersion(), ex);
+            }
+            
+            if (WSSConstants.ENCRYPT.equals(action)) {
+                boolean foundEncryptionPart = 
+                    isEventInResults(WSSecurityEventConstants.EncryptedPart, incomingSecurityEventList);
+                if (!foundEncryptionPart) {
+                    foundEncryptionPart =
+                        isEventInResults(WSSecurityEventConstants.EncryptedElement, incomingSecurityEventList);
+                }
+                if (!foundEncryptionPart) {
+                    LOG.warning("Security processing failed (actions mismatch)");
+                    WSSecurityException ex = 
+                        new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
+                    throw createSoapFault(soapMessage.getVersion(), ex);
+                }
+            } 
+        }
+    }
+    
+    private boolean isEventInResults(Event event, List<SecurityEvent> incomingSecurityEventList)
{
+        for (SecurityEvent incomingEvent : incomingSecurityEventList) {
+            if (event == incomingEvent.getSecurityEventType()) {
+                return true;
+            }
+        }
+        return false;
+    }
+    
+    /**
+     * Create a SoapFault from a WSSecurityException, following the SOAP Message Security
+     * 1.1 specification, chapter 12 "Error Handling".
+     * 
+     * When the Soap version is 1.1 then set the Fault/Code/Value from the fault code
+     * specified in the WSSecurityException (if it exists).
+     * 
+     * Otherwise set the Fault/Code/Value to env:Sender and the Fault/Code/Subcode/Value
+     * as the fault code from the WSSecurityException.
+     */
+    private SoapFault 
+    createSoapFault(SoapVersion version, WSSecurityException e) {
+        SoapFault fault;
+        javax.xml.namespace.QName faultCode = e.getFaultCode();
+        if (version.getVersion() == 1.1 && faultCode != null) {
+            fault = new SoapFault(e.getMessage(), e, faultCode);
+        } else {
+            fault = new SoapFault(e.getMessage(), e, version.getSender());
+            if (version.getVersion() != 1.1 && faultCode != null) {
+                fault.setSubCode(faultCode);
+            }
+        }
+        return fault;
+    }
+}

Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java?rev=1471016&r1=1471015&r2=1471016&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
(original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
Tue Apr 23 15:35:25 2013
@@ -38,6 +38,7 @@ import org.apache.wss4j.common.ext.WSSec
 import org.apache.wss4j.stax.WSSec;
 import org.apache.wss4j.stax.ext.InboundWSSec;
 import org.apache.wss4j.stax.ext.WSSSecurityProperties;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
 import org.apache.xml.security.stax.securityEvent.SecurityEvent;
 import org.apache.xml.security.stax.securityEvent.SecurityEventListener;
 
@@ -46,6 +47,7 @@ public class WSS4JStaxInInterceptor exte
     private static final Logger LOG = LogUtils.getL7dLogger(WSS4JStaxInInterceptor.class);
     
     private final InboundWSSec inboundWSSec;
+    private List<XMLSecurityConstants.Action> inActions;
     
     public WSS4JStaxInInterceptor(WSSSecurityProperties securityProperties) throws WSSecurityException
{
         super();
@@ -87,6 +89,10 @@ public class WSS4JStaxInInterceptor exte
         soapMessage.put(SecurityEvent.class.getName() + ".in", incomingSecurityEventList);
         soapMessage.getInterceptorChain().add(new StaxSecurityContextInInterceptor());
         
+        if (inActions != null && !inActions.isEmpty()) {
+            soapMessage.getInterceptorChain().add(new StaxActionInInterceptor(inActions));
+        }
+        
         try {
             @SuppressWarnings("unchecked")
             final List<SecurityEvent> requestSecurityEvents = 
@@ -132,4 +138,12 @@ public class WSS4JStaxInInterceptor exte
         }
         return fault;
     }
+
+    public List<XMLSecurityConstants.Action> getInActions() {
+        return inActions;
+    }
+
+    public void setInActions(List<XMLSecurityConstants.Action> inActions) {
+        this.inActions = inActions;
+    }
 }

Added: cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/StaxRoundTripActionTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/StaxRoundTripActionTest.java?rev=1471016&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/StaxRoundTripActionTest.java
(added)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/StaxRoundTripActionTest.java
Tue Apr 23 15:35:25 2013
@@ -0,0 +1,389 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.ws.security.wss4j;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+import javax.xml.namespace.QName;
+
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.endpoint.Server;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.interceptor.LoggingInInterceptor;
+import org.apache.cxf.interceptor.LoggingOutInterceptor;
+import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
+import org.apache.cxf.jaxws.JaxWsServerFactoryBean;
+import org.apache.cxf.service.Service;
+import org.apache.cxf.transport.local.LocalTransportFactory;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.stax.ext.WSSConstants;
+import org.apache.wss4j.stax.ext.WSSSecurityProperties;
+import org.apache.xml.security.stax.ext.SecurePart;
+import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.junit.Test;
+
+/**
+ * Test StaX Security actions on the inbound side
+ */
+public class StaxRoundTripActionTest extends AbstractSecurityTest {
+    
+    @Test
+    public void testUsernameToken() throws Exception {
+        // Create + configure service
+        Service service = createService();
+        
+        WSSSecurityProperties inProperties = new WSSSecurityProperties();
+        inProperties.setCallbackHandler(new TestPwdCallback());
+        WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
+        WSS4JPrincipalInterceptor principalInterceptor = new WSS4JPrincipalInterceptor();
+        principalInterceptor.setPrincipalName("username");
+        
+        List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
+        actions.add(WSSConstants.USERNAMETOKEN);
+        inhandler.setInActions(actions);
+        
+        service.getInInterceptors().add(inhandler);
+        service.getInInterceptors().add(principalInterceptor);
+
+        // Create + configure client
+        Echo echo = createClientProxy();
+        
+        Client client = ClientProxy.getClient(echo);
+        client.getInInterceptors().add(new LoggingInInterceptor());
+        client.getOutInterceptors().add(new LoggingOutInterceptor());
+        
+        WSSSecurityProperties properties = new WSSSecurityProperties();
+        properties.setOutAction(new XMLSecurityConstants.Action[]{WSSConstants.USERNAMETOKEN});
+        properties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT);
+        properties.setTokenUser("username");
+        properties.setCallbackHandler(new TestPwdCallback());
+        WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
+        client.getOutInterceptors().add(ohandler);
+
+        assertEquals("test", echo.echo("test"));
+        
+        actions.add(WSSConstants.ENCRYPT);
+        
+        try {
+            echo.echo("test");
+            fail("Failure expected on the wrong action");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // expected
+            String error = "An error was discovered processing";
+            assertTrue(ex.getMessage().contains(error));
+        }
+    }
+  
+    @Test
+    public void testEncrypt() throws Exception {
+        // Create + configure service
+        Service service = createService();
+        
+        WSSSecurityProperties inProperties = new WSSSecurityProperties();
+        inProperties.setCallbackHandler(new TestPwdCallback());
+        Properties cryptoProperties = 
+            CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
+        inProperties.setDecryptionCryptoProperties(cryptoProperties);
+        WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
+        
+        List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
+        actions.add(WSSConstants.ENCRYPT);
+        inhandler.setInActions(actions);
+        
+        service.getInInterceptors().add(inhandler);
+        
+        // Create + configure client
+        Echo echo = createClientProxy();
+        
+        Client client = ClientProxy.getClient(echo);
+        client.getInInterceptors().add(new LoggingInInterceptor());
+        client.getOutInterceptors().add(new LoggingOutInterceptor());
+        
+        WSSSecurityProperties properties = new WSSSecurityProperties();
+        properties.setOutAction(new XMLSecurityConstants.Action[]{WSSConstants.ENCRYPT});
+        properties.setEncryptionUser("myalias");
+        
+        Properties outCryptoProperties = 
+            CryptoFactory.getProperties("outsecurity.properties", this.getClass().getClassLoader());
+        properties.setEncryptionCryptoProperties(outCryptoProperties);
+        properties.setCallbackHandler(new TestPwdCallback());
+        WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
+        client.getOutInterceptors().add(ohandler);
+
+        assertEquals("test", echo.echo("test"));
+        
+        actions.add(WSSConstants.SIGNATURE);
+        
+        try {
+            echo.echo("test");
+            fail("Failure expected on the wrong action");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // expected
+            String error = "An error was discovered processing";
+            assertTrue(ex.getMessage().contains(error));
+        }
+    }
+    
+    @Test
+    public void testEncryptUsernameToken() throws Exception {
+        // Create + configure service
+        Service service = createService();
+        
+        WSSSecurityProperties inProperties = new WSSSecurityProperties();
+        inProperties.setCallbackHandler(new TestPwdCallback());
+        Properties cryptoProperties = 
+            CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
+        inProperties.setDecryptionCryptoProperties(cryptoProperties);
+        WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
+        
+        List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
+        actions.add(WSSConstants.ENCRYPT);
+        actions.add(WSSConstants.USERNAMETOKEN);
+        inhandler.setInActions(actions);
+        
+        service.getInInterceptors().add(inhandler);
+        
+        // Create + configure client
+        Echo echo = createClientProxy();
+        
+        Client client = ClientProxy.getClient(echo);
+        client.getInInterceptors().add(new LoggingInInterceptor());
+        client.getOutInterceptors().add(new LoggingOutInterceptor());
+        
+        WSSSecurityProperties properties = new WSSSecurityProperties();
+        properties.setOutAction(
+            new XMLSecurityConstants.Action[]{WSSConstants.USERNAMETOKEN, WSSConstants.ENCRYPT}
+        );
+        properties.addEncryptionPart(
+            new SecurePart(new QName(WSSConstants.NS_WSSE10, "UsernameToken"), SecurePart.Modifier.Element)
+        );
+        properties.setEncryptionUser("myalias");
+        properties.setTokenUser("username");
+        
+        Properties outCryptoProperties = 
+            CryptoFactory.getProperties("outsecurity.properties", this.getClass().getClassLoader());
+        properties.setEncryptionCryptoProperties(outCryptoProperties);
+        properties.setCallbackHandler(new TestPwdCallback());
+        WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
+        client.getOutInterceptors().add(ohandler);
+
+        assertEquals("test", echo.echo("test"));
+    }
+    
+    @Test
+    public void testSignature() throws Exception {
+        // Create + configure service
+        Service service = createService();
+        
+        WSSSecurityProperties inProperties = new WSSSecurityProperties();
+        inProperties.setCallbackHandler(new TestPwdCallback());
+        Properties cryptoProperties = 
+            CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
+        inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
+        WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
+        WSS4JPrincipalInterceptor principalInterceptor = new WSS4JPrincipalInterceptor();
+        principalInterceptor.setPrincipalName("CN=myAlias");
+        
+        List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
+        actions.add(WSSConstants.SIGNATURE);
+        inhandler.setInActions(actions);
+        
+        service.getInInterceptors().add(inhandler);
+        service.getInInterceptors().add(principalInterceptor);
+        
+        // Create + configure client
+        Echo echo = createClientProxy();
+        
+        Client client = ClientProxy.getClient(echo);
+        client.getInInterceptors().add(new LoggingInInterceptor());
+        client.getOutInterceptors().add(new LoggingOutInterceptor());
+        
+        WSSSecurityProperties properties = new WSSSecurityProperties();
+        properties.setOutAction(new XMLSecurityConstants.Action[]{WSSConstants.SIGNATURE});
+        properties.setSignatureUser("myalias");
+        
+        Properties outCryptoProperties = 
+            CryptoFactory.getProperties("outsecurity.properties", this.getClass().getClassLoader());
+        properties.setSignatureCryptoProperties(outCryptoProperties);
+        properties.setCallbackHandler(new TestPwdCallback());
+        WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
+        client.getOutInterceptors().add(ohandler);
+
+        assertEquals("test", echo.echo("test"));
+        
+        actions.add(WSSConstants.ENCRYPT);
+        
+        try {
+            echo.echo("test");
+            fail("Failure expected on the wrong action");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // expected
+            String error = "An error was discovered processing";
+            assertTrue(ex.getMessage().contains(error));
+        }
+    }
+    
+    @Test
+    public void testTimestamp() throws Exception {
+        // Create + configure service
+        Service service = createService();
+        
+        WSSSecurityProperties inProperties = new WSSSecurityProperties();
+        WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
+        
+        List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
+        actions.add(WSSConstants.TIMESTAMP);
+        inhandler.setInActions(actions);
+        
+        service.getInInterceptors().add(inhandler);
+        
+        // Create + configure client
+        Echo echo = createClientProxy();
+        
+        Client client = ClientProxy.getClient(echo);
+        client.getInInterceptors().add(new LoggingInInterceptor());
+        client.getOutInterceptors().add(new LoggingOutInterceptor());
+        
+        WSSSecurityProperties properties = new WSSSecurityProperties();
+        properties.setOutAction(new XMLSecurityConstants.Action[]{WSSConstants.TIMESTAMP});
+        
+        WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
+        client.getOutInterceptors().add(ohandler);
+
+        assertEquals("test", echo.echo("test"));
+    }
+    
+    @Test
+    public void testSignatureTimestamp() throws Exception {
+        // Create + configure service
+        Service service = createService();
+        
+        WSSSecurityProperties inProperties = new WSSSecurityProperties();
+        inProperties.setCallbackHandler(new TestPwdCallback());
+        Properties cryptoProperties = 
+            CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
+        inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
+        WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
+        
+        List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
+        actions.add(WSSConstants.TIMESTAMP);
+        actions.add(WSSConstants.SIGNATURE);
+        inhandler.setInActions(actions);
+        
+        service.getInInterceptors().add(inhandler);
+        
+        // Create + configure client
+        Echo echo = createClientProxy();
+        
+        Client client = ClientProxy.getClient(echo);
+        client.getInInterceptors().add(new LoggingInInterceptor());
+        client.getOutInterceptors().add(new LoggingOutInterceptor());
+        
+        WSSSecurityProperties properties = new WSSSecurityProperties();
+        properties.setOutAction(
+            new XMLSecurityConstants.Action[]{WSSConstants.SIGNATURE, WSSConstants.TIMESTAMP}
+        );
+        properties.addSignaturePart(
+            new SecurePart(new QName(WSSConstants.NS_WSU10, "Timestamp"), SecurePart.Modifier.Element)
+        );
+        properties.addSignaturePart(
+            new SecurePart(new QName(WSSConstants.NS_SOAP11, "Body"), SecurePart.Modifier.Element)
+        );
+        properties.setSignatureUser("myalias");
+        
+        Properties outCryptoProperties = 
+            CryptoFactory.getProperties("outsecurity.properties", this.getClass().getClassLoader());
+        properties.setSignatureCryptoProperties(outCryptoProperties);
+        properties.setCallbackHandler(new TestPwdCallback());
+        WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
+        client.getOutInterceptors().add(ohandler);
+
+        assertEquals("test", echo.echo("test"));
+    }
+    @Test
+    public void testEncryptSignature() throws Exception {
+        // Create + configure service
+        Service service = createService();
+        
+        WSSSecurityProperties inProperties = new WSSSecurityProperties();
+        inProperties.setCallbackHandler(new TestPwdCallback());
+        Properties cryptoProperties = 
+            CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
+        inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
+        inProperties.setDecryptionCryptoProperties(cryptoProperties);
+        WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
+        
+        List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
+        actions.add(WSSConstants.ENCRYPT);
+        actions.add(WSSConstants.SIGNATURE);
+        inhandler.setInActions(actions);
+        
+        service.getInInterceptors().add(inhandler);
+        
+        // Create + configure client
+        Echo echo = createClientProxy();
+        
+        Client client = ClientProxy.getClient(echo);
+        client.getInInterceptors().add(new LoggingInInterceptor());
+        client.getOutInterceptors().add(new LoggingOutInterceptor());
+        
+        WSSSecurityProperties properties = new WSSSecurityProperties();
+        properties.setOutAction(
+            new XMLSecurityConstants.Action[]{WSSConstants.ENCRYPT, WSSConstants.SIGNATURE}
+        );
+        properties.setEncryptionUser("myalias");
+        properties.setSignatureUser("myalias");
+        
+        Properties outCryptoProperties = 
+            CryptoFactory.getProperties("outsecurity.properties", this.getClass().getClassLoader());
+        properties.setSignatureCryptoProperties(outCryptoProperties);
+        properties.setEncryptionCryptoProperties(outCryptoProperties);
+        properties.setCallbackHandler(new TestPwdCallback());
+        WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
+        client.getOutInterceptors().add(ohandler);
+
+        assertEquals("test", echo.echo("test"));
+    }
+    
+    private Service createService() {
+        // Create the Service
+        JaxWsServerFactoryBean factory = new JaxWsServerFactoryBean();
+        factory.setServiceBean(new EchoImpl());
+        factory.setAddress("local://Echo");
+        factory.setTransportId(LocalTransportFactory.TRANSPORT_ID);
+        Server server = factory.create();
+        
+        Service service = server.getEndpoint().getService();
+        service.getInInterceptors().add(new LoggingInInterceptor());
+        service.getOutInterceptors().add(new LoggingOutInterceptor());
+        
+        return service;
+    }
+    
+    private Echo createClientProxy() {
+        JaxWsProxyFactoryBean proxyFac = new JaxWsProxyFactoryBean();
+        proxyFac.setServiceClass(Echo.class);
+        proxyFac.setAddress("local://Echo");
+        proxyFac.getClientFactoryBean().setTransportId(LocalTransportFactory.TRANSPORT_ID);
+        
+        return (Echo)proxyFac.create();
+    }
+}



Mime
View raw message