cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1501772 - in /cxf/trunk: rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/ systests/ws-security/src/test/java/org/apache/cxf/systest/ws/bindings/
Date Wed, 10 Jul 2013 14:00:23 GMT
Author: coheigea
Date: Wed Jul 10 14:00:22 2013
New Revision: 1501772

URL: http://svn.apache.org/r1501772
Log:
Adding support for Timestamp last Layout creation in the streaming code + more tests

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/bindings/BindingPropertiesTest.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java?rev=1501772&r1=1501771&r2=1501772&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
Wed Jul 10 14:00:22 2013
@@ -38,7 +38,6 @@ import javax.xml.namespace.QName;
 import javax.xml.soap.SOAPException;
 
 import org.w3c.dom.Element;
-
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.common.classloader.ClassLoaderUtils;
 import org.apache.cxf.common.i18n.Message;
@@ -371,14 +370,32 @@ public abstract class AbstractStaxBindin
     
     protected void configureLayout(AssertionInfoMap aim) {
         Collection<AssertionInfo> ais = getAllAssertionsByLocalname(aim, SPConstants.LAYOUT);
+        Layout layout = null;
         for (AssertionInfo ai : ais) {
-            Layout layout = (Layout)ai.getAssertion();
+            layout = (Layout)ai.getAssertion();
             ai.setAsserted(true);
-            if (layout.getLayoutType() == LayoutType.LaxTsLast) {
-                // TODO re-order action list
-            } else if (layout.getLayoutType() == LayoutType.LaxTsFirst) {
-                // TODO re-order action list
+        }
+        
+        if (!timestampAdded) {
+            return;
+        }
+        
+        Map<String, Object> config = getProperties();
+        boolean timestampLast = 
+            layout != null && layout.getLayoutType() == LayoutType.LaxTsLast;
+        
+        if (config.containsKey(ConfigurationConstants.ACTION)) {
+            String action = (String)config.get(ConfigurationConstants.ACTION);
+            if (timestampLast) {
+                config.put(ConfigurationConstants.ACTION, 
+                       ConfigurationConstants.TIMESTAMP + " " + action);
+            } else {
+                config.put(ConfigurationConstants.ACTION, 
+                       action + " " + ConfigurationConstants.TIMESTAMP);
             }
+        } else {
+            config.put(ConfigurationConstants.ACTION, 
+                       ConfigurationConstants.TIMESTAMP);
         }
     }
 

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java?rev=1501772&r1=1501771&r2=1501772&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
Wed Jul 10 14:00:22 2013
@@ -71,7 +71,6 @@ public class StaxAsymmetricBindingHandle
     public void handleBinding() {
         AssertionInfoMap aim = getMessage().get(AssertionInfoMap.class);
         configureTimestamp(aim);
-        configureLayout(aim);
         abinding = (AsymmetricBinding)getBinding(aim);
         
         if (abinding.getProtectionOrder() 
@@ -81,18 +80,7 @@ public class StaxAsymmetricBindingHandle
             doSignBeforeEncrypt();
         }
         
-        if (timestampAdded) {
-            Map<String, Object> config = getProperties();
-            // Action
-            if (config.containsKey(ConfigurationConstants.ACTION)) {
-                String action = (String)config.get(ConfigurationConstants.ACTION);
-                config.put(ConfigurationConstants.ACTION, 
-                           action + " " + ConfigurationConstants.TIMESTAMP);
-            } else {
-                config.put(ConfigurationConstants.ACTION, 
-                           ConfigurationConstants.TIMESTAMP);
-            }
-        }
+        configureLayout(aim);
     }
 
     private void doSignBeforeEncrypt() {

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java?rev=1501772&r1=1501771&r2=1501772&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
Wed Jul 10 14:00:22 2013
@@ -110,7 +110,6 @@ public class StaxSymmetricBindingHandler
     public void handleBinding() {
         AssertionInfoMap aim = getMessage().get(AssertionInfoMap.class);
         configureTimestamp(aim);
-        configureLayout(aim);
         sbinding = (SymmetricBinding)getBinding(aim);
         
         // Set up CallbackHandler which wraps the configured Handler
@@ -132,17 +131,7 @@ public class StaxSymmetricBindingHandler
             config.put(ConfigurationConstants.ENC_SYM_ENC_KEY, "false");
         }
         
-        if (timestampAdded) {
-            // Action
-            if (config.containsKey(ConfigurationConstants.ACTION)) {
-                String action = (String)config.get(ConfigurationConstants.ACTION);
-                config.put(ConfigurationConstants.ACTION, 
-                           action + " " + ConfigurationConstants.TIMESTAMP);
-            } else {
-                config.put(ConfigurationConstants.ACTION, 
-                           ConfigurationConstants.TIMESTAMP);
-            }
-        }
+        configureLayout(aim);
     }
     
     private void doEncryptBeforeSign() {

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java?rev=1501772&r1=1501771&r2=1501772&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java
Wed Jul 10 14:00:22 2013
@@ -72,7 +72,6 @@ public class StaxTransportBindingHandler
     public void handleBinding() {
         AssertionInfoMap aim = getMessage().get(AssertionInfoMap.class);
         configureTimestamp(aim);
-        configureLayout(aim);
         
         if (this.isRequestor()) {
             tbinding = (TransportBinding)getBinding(aim);
@@ -99,18 +98,7 @@ public class StaxTransportBindingHandler
             addSignatureConfirmation(null);
         }
         
-        if (timestampAdded) {
-            Map<String, Object> config = getProperties();
-            // Action
-            if (config.containsKey(ConfigurationConstants.ACTION)) {
-                String action = (String)config.get(ConfigurationConstants.ACTION);
-                config.put(ConfigurationConstants.ACTION, 
-                           action + " " + ConfigurationConstants.TIMESTAMP);
-            } else {
-                config.put(ConfigurationConstants.ACTION, 
-                           ConfigurationConstants.TIMESTAMP);
-            }
-        }
+        configureLayout(aim);
     }
     
     /**

Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/bindings/BindingPropertiesTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/bindings/BindingPropertiesTest.java?rev=1501772&r1=1501771&r2=1501772&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/bindings/BindingPropertiesTest.java
(original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/bindings/BindingPropertiesTest.java
Wed Jul 10 14:00:22 2013
@@ -34,7 +34,8 @@ import org.example.contract.doubleit.Dou
 import org.junit.BeforeClass;
 
 /**
- * This is a test for various properties associated with a security binding
+ * This is a test for various properties associated with a security binding. It tests both
DOM + 
+ * StAX clients against the DOM server
  */
 public class BindingPropertiesTest extends AbstractBusClientServerTestBase {
     static final String PORT = allocatePort(Server.class);
@@ -76,13 +77,20 @@ public class BindingPropertiesTest exten
         QName portQName = new QName(NAMESPACE, "DoubleItNotOnlySignPort");
         DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
+        
+        // DOM
         port.doubleIt(25);
         
+        // TODO - XPath support Streaming
+        // SecurityTestUtil.enableStreaming(port);
+        // port.doubleIt(25);
+        
         // This should fail, as OnlySignEntireHeadersAndBody is specified
         portQName = new QName(NAMESPACE, "DoubleItOnlySignPort");
         port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
         
+        // DOM
         try {
             port.doubleIt(25);
             fail("Failure expected on OnlySignEntireHeadersAndBody property");
@@ -91,6 +99,16 @@ public class BindingPropertiesTest exten
             assertTrue(ex.getMessage().contains(error));
         }
         
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(port);
+            port.doubleIt(25);
+            fail("Failure expected on OnlySignEntireHeadersAndBody property");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // String error = "OnlySignEntireHeadersAndBody does not match the requirements";
+            // assertTrue(ex.getMessage().contains(error));
+        }
+        
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }
@@ -112,6 +130,12 @@ public class BindingPropertiesTest exten
         QName portQName = new QName(NAMESPACE, "DoubleItEncryptSignaturePort");
         DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
+        
+        // DOM
+        port.doubleIt(25);
+        
+        // Streaming
+        SecurityTestUtil.enableStreaming(port);
         port.doubleIt(25);
         
         // This should fail, as the client is not encrypting the signature is specified
@@ -119,6 +143,7 @@ public class BindingPropertiesTest exten
         port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
         
+        // DOM
         try {
             port.doubleIt(25);
             fail("Failure expected on not encrypting the signature property");
@@ -127,6 +152,16 @@ public class BindingPropertiesTest exten
             assertTrue(ex.getMessage().contains(error));
         }
         
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(port);
+            port.doubleIt(25);
+            fail("Failure expected on not encrypting the signature property");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // String error = "The signature is not protected";
+            // assertTrue(ex.getMessage().contains(error));
+        }
+        
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }
@@ -148,6 +183,12 @@ public class BindingPropertiesTest exten
         QName portQName = new QName(NAMESPACE, "DoubleItIncludeTimestampPort");
         DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
+        
+        // DOM
+        port.doubleIt(25);
+        
+        // Streaming
+        SecurityTestUtil.enableStreaming(port);
         port.doubleIt(25);
         
         // This should fail, as the client is not sending a Timestamp
@@ -155,6 +196,7 @@ public class BindingPropertiesTest exten
         port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
         
+        // DOM
         try {
             port.doubleIt(25);
             fail("Failure expected on not sending a Timestamp");
@@ -163,6 +205,16 @@ public class BindingPropertiesTest exten
             assertTrue(ex.getMessage().contains(error));
         }
         
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(port);
+            port.doubleIt(25);
+            fail("Failure expected on not sending a Timestamp");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // String error = "Received Timestamp does not match the requirements";
+            // assertTrue(ex.getMessage().contains(error));
+        }
+        
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }
@@ -184,6 +236,12 @@ public class BindingPropertiesTest exten
         QName portQName = new QName(NAMESPACE, "DoubleItEncryptBeforeSigningPort");
         DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
+        
+        // DOM
+        port.doubleIt(25);
+        
+        // Streaming
+        SecurityTestUtil.enableStreaming(port);
         port.doubleIt(25);
         
         // This should fail, as the client is not following the correct steps for this property
@@ -191,6 +249,7 @@ public class BindingPropertiesTest exten
         port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
         
+        // DOM
         try {
             port.doubleIt(25);
             fail("Failure expected on not encrypting before signing");
@@ -199,6 +258,16 @@ public class BindingPropertiesTest exten
             assertTrue(ex.getMessage().contains(error));
         }
         
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(port);
+            port.doubleIt(25);
+            fail("Failure expected on not encrypting before signing");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // String error = "Not encrypted before signed";
+            // assertTrue(ex.getMessage().contains(error));
+        }
+        
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }
@@ -220,6 +289,12 @@ public class BindingPropertiesTest exten
         QName portQName = new QName(NAMESPACE, "DoubleItSignBeforeEncryptingPort");
         DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
+        
+        // DOM
+        port.doubleIt(25);
+        
+        // Streaming
+        SecurityTestUtil.enableStreaming(port);
         port.doubleIt(25);
         
         // This should fail, as the client is not following the correct steps for this property
@@ -227,6 +302,7 @@ public class BindingPropertiesTest exten
         port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
         
+        // DOM
         try {
             port.doubleIt(25);
             fail("Failure expected on not signing before encrypting");
@@ -235,13 +311,21 @@ public class BindingPropertiesTest exten
             assertTrue(ex.getMessage().contains(error));
         }
         
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(port);
+            port.doubleIt(25);
+            fail("Failure expected on not signing before encrypting");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // String error = "Not signed before encrypted";
+            // assertTrue(ex.getMessage().contains(error));
+        }
+        
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }
     
-    // TODO It's not sending the Timestamp "first" correctly
     @org.junit.Test
-    @org.junit.Ignore
     public void testTimestampFirst() throws Exception {
 
         SpringBusFactory bf = new SpringBusFactory();
@@ -258,6 +342,12 @@ public class BindingPropertiesTest exten
         QName portQName = new QName(NAMESPACE, "DoubleItTimestampFirstPort");
         DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
+        
+        // TODO It's not sending the Timestamp "first" correctly - DOM
+        // port.doubleIt(25);
+        
+        // Streaming
+        SecurityTestUtil.enableStreaming(port);
         port.doubleIt(25);
         
         // This should fail, as the client is sending the timestamp last
@@ -265,6 +355,8 @@ public class BindingPropertiesTest exten
         port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
         
+        /*
+        // DOM
         try {
             port.doubleIt(25);
             fail("Failure expected on on sending the timestamp last");
@@ -272,6 +364,16 @@ public class BindingPropertiesTest exten
             String error = "Layout does not match the requirements";
             assertTrue(ex.getMessage().contains(error));
         }
+        */
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(port);
+            port.doubleIt(25);
+            fail("Failure expected on on sending the timestamp last");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // String error = "Layout does not match the requirements";
+            // assertTrue(ex.getMessage().contains(error));
+        }
         
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
@@ -294,6 +396,12 @@ public class BindingPropertiesTest exten
         QName portQName = new QName(NAMESPACE, "DoubleItTimestampLastPort");
         DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
+        
+        // DOM
+        port.doubleIt(25);
+        
+        // Streaming
+        SecurityTestUtil.enableStreaming(port);
         port.doubleIt(25);
         
         // This should fail, as the client is sending the timestamp first
@@ -301,6 +409,7 @@ public class BindingPropertiesTest exten
         port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
         
+        // DOM
         try {
             port.doubleIt(25);
             fail("Failure expected on sending the timestamp first");
@@ -309,6 +418,16 @@ public class BindingPropertiesTest exten
             assertTrue(ex.getMessage().contains(error));
         }
         
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(port);
+            port.doubleIt(25);
+            fail("Failure expected on sending the timestamp first");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // String error = "Layout does not match the requirements";
+            // assertTrue(ex.getMessage().contains(error));
+        }
+        
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }
@@ -330,6 +449,12 @@ public class BindingPropertiesTest exten
         QName portQName = new QName(NAMESPACE, "DoubleItStrictPort");
         DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
+
+        // DOM
+        port.doubleIt(25);
+        
+        // Streaming
+        SecurityTestUtil.enableStreaming(port);
         port.doubleIt(25);
         
         // This should fail, as the client is sending the timestamp last
@@ -337,6 +462,7 @@ public class BindingPropertiesTest exten
         port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
         
+        // DOM
         try {
             port.doubleIt(25);
             fail("Failure expected on sending the timestamp last");
@@ -345,6 +471,16 @@ public class BindingPropertiesTest exten
             assertTrue(ex.getMessage().contains(error));
         }
         
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(port);
+            port.doubleIt(25);
+            fail("Failure expected on sending the timestamp last");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // String error = "Layout does not match the requirements";
+            // assertTrue(ex.getMessage().contains(error));
+        }
+        
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }
@@ -406,6 +542,12 @@ public class BindingPropertiesTest exten
         QName portQName = new QName(NAMESPACE, "DoubleItSignatureConfirmationPort");
         DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
+        
+        // DOM
+        port.doubleIt(25);
+        
+        // Streaming
+        SecurityTestUtil.enableStreaming(port);
         port.doubleIt(25);
         
         // This should fail, as SignatureConfirmation is not enabled
@@ -413,6 +555,7 @@ public class BindingPropertiesTest exten
         port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
         
+        // DOM
         try {
             port.doubleIt(25);
             fail("Failure expected on not enabling SignatureConfirmation");
@@ -421,6 +564,19 @@ public class BindingPropertiesTest exten
             assertTrue(ex.getMessage().contains(error));
         }
         
+        // Streaming
+        /*
+         * TODO - See WSS-460
+        try {
+            SecurityTestUtil.enableStreaming(port);
+            port.doubleIt(25);
+            fail("Failure expected on not enabling SignatureConfirmation");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // String error = "Check Signature confirmation";
+            // assertTrue(ex.getMessage().contains(error));
+        }
+        */
+        
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }



Mime
View raw message