cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1502521 - in /cxf/trunk: rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/ systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/ systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/
Date Fri, 12 Jul 2013 11:53:24 GMT
Author: coheigea
Date: Fri Jul 12 11:53:24 2013
New Revision: 1502521

URL: http://svn.apache.org/r1502521
Log:
More tests

Added:
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/StaxServer.java
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/StaxWSSecurityClientTest.java
      - copied, changed from r1502505, cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java
    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/stax-server.xml
      - copied, changed from r1502505, cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/server.xml
Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java
    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/client.xml
    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/server.xml

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java?rev=1502521&r1=1502520&r2=1502521&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JStaxInterceptor.java
Fri Jul 12 11:53:24 2013
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.ws.security.wss4j;
 
+import java.io.IOException;
 import java.io.InputStream;
 import java.net.URI;
 import java.net.URL;
@@ -29,7 +30,9 @@ import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.logging.Logger;
 
+import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.xml.namespace.QName;
 
 import org.apache.cxf.binding.soap.SoapMessage;
@@ -50,6 +53,7 @@ import org.apache.cxf.ws.security.tokens
 import org.apache.wss4j.common.ConfigurationConstants;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.util.Loader;
 import org.apache.wss4j.stax.ext.WSSConstants;
@@ -179,6 +183,24 @@ public abstract class AbstractWSS4JStaxI
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, e);
             }
         }            
+        
+        // If we have a "password" but no CallbackHandler then construct one
+        if (o == null && getPassword(soapMessage) != null) {
+            final String password = getPassword(soapMessage);
+            o = new CallbackHandler() {
+
+                @Override
+                public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
+                    for (Callback callback : callbacks) {
+                        if (callback instanceof WSPasswordCallback) {
+                            WSPasswordCallback wsPasswordCallback = (WSPasswordCallback)callback;
+                            wsPasswordCallback.setPassword(password);
+                        }
+                    }
+                }
+            };
+        }
+        
         if (o instanceof CallbackHandler) {
             Map<String, Object> config = getProperties();
             

Added: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/StaxServer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/StaxServer.java?rev=1502521&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/StaxServer.java
(added)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/StaxServer.java
Fri Jul 12 11:53:24 2013
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.ws.security;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+public class StaxServer extends AbstractBusTestServerBase {
+    public static final String PORT = allocatePort(StaxServer.class);
+
+    protected void run()  {
+        SpringBusFactory factory = new SpringBusFactory();
+        Bus bus = factory.createBus(
+            "org/apache/cxf/systest/ws/security/stax-server.xml"
+        );
+        BusFactory.setDefaultBus(bus);
+        setBus(bus);
+    }
+        
+    public static void main(String[] args) {
+        try { 
+            StaxServer s = new StaxServer(); 
+            s.start();
+        } catch (Exception ex) {
+            ex.printStackTrace();
+            System.exit(-1);
+        } finally { 
+            System.out.println("done!");
+        }
+    }
+}

Copied: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/StaxWSSecurityClientTest.java
(from r1502505, cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/StaxWSSecurityClientTest.java?p2=cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/StaxWSSecurityClientTest.java&p1=cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java&r1=1502505&r2=1502521&rev=1502521&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java
(original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/StaxWSSecurityClientTest.java
Fri Jul 12 11:53:24 2013
@@ -52,23 +52,23 @@ import org.apache.cxf.systest.ws.common.
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 import org.apache.cxf.transport.http.HTTPConduit;
 import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
+import org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor;
 import org.apache.hello_world_soap_http.Greeter;
-
 import org.junit.BeforeClass;
 import org.junit.Test;
 
 /**
  *
  */
-public class WSSecurityClientTest extends AbstractBusClientServerTestBase {
-    public static final String PORT = allocatePort(Server.class);
-    public static final String DEC_PORT = allocatePort(WSSecurityClientTest.class);
+public class StaxWSSecurityClientTest extends AbstractBusClientServerTestBase {
+    public static final String PORT = allocatePort(StaxServer.class);
+    public static final String DEC_PORT = allocatePort(StaxWSSecurityClientTest.class);
 
     private static final java.net.URL WSDL_LOC;
     static {
         java.net.URL tmp = null;
         try {
-            tmp = WSSecurityClientTest.class.getClassLoader().getResource(
+            tmp = StaxWSSecurityClientTest.class.getClassLoader().getResource(
                 "org/apache/cxf/systest/ws/security/hello_world.wsdl"
             );
         } catch (final Exception e) {
@@ -101,7 +101,7 @@ public class WSSecurityClientTest extend
             "Server failed to launch",
             // run the server in the same process
             // set this to false to fork
-            launchServer(Server.class, true)
+            launchServer(StaxServer.class, true)
         );
         createStaticBus();
     }
@@ -159,6 +159,64 @@ public class WSSecurityClientTest extend
         
         ((java.io.Closeable)greeter).close();
     }
+    
+    @Test
+    public void testUsernameTokenStreaming() throws Exception {
+        final javax.xml.ws.Service svc 
+            = javax.xml.ws.Service.create(WSDL_LOC, GREETER_SERVICE_QNAME);
+        final Greeter greeter = svc.getPort(USERNAME_TOKEN_PORT_QNAME, Greeter.class);
+        updateAddressPort(greeter, PORT);
+        
+        Client client = ClientProxy.getClient(greeter);
+        Map<String, Object> props = new HashMap<String, Object>();
+        props.put("action", "UsernameToken");
+        props.put("user", "alice");
+        props.put("passwordType", "PasswordText");
+        WSS4JStaxOutInterceptor wss4jOut = new WSS4JStaxOutInterceptor(props);
+        
+        client.getOutInterceptors().add(wss4jOut);
+
+        ((BindingProvider)greeter).getRequestContext().put("password", "password");
+        
+        try {
+            greeter.greetMe("CXF");
+            fail("should fail because of password text instead of digest");
+        } catch (Exception ex) {
+            //expected
+        }
+        client.getOutInterceptors().remove(wss4jOut);
+        
+        props.put("passwordType", "PasswordDigest");
+        wss4jOut = new WSS4JStaxOutInterceptor(props);
+        client.getOutInterceptors().add(wss4jOut);
+        String s = greeter.greetMe("CXF");
+        assertEquals("Hello CXF", s);
+        client.getOutInterceptors().remove(wss4jOut);
+        
+        try {
+            ((BindingProvider)greeter).getRequestContext().put("password", "foo");
+            wss4jOut = new WSS4JStaxOutInterceptor(props);
+            client.getOutInterceptors().add(wss4jOut);
+            greeter.greetMe("CXF");
+            fail("should fail");
+        } catch (Exception ex) {
+            //expected
+        }
+        client.getOutInterceptors().remove(wss4jOut);
+        try {
+            props.put("passwordType", "PasswordText");
+            wss4jOut = new WSS4JStaxOutInterceptor(props);
+            client.getOutInterceptors().add(wss4jOut);
+            ((BindingProvider)greeter).getRequestContext().put("password", "password");
+            greeter.greetMe("CXF");
+            fail("should fail");
+        } catch (Exception ex) {
+            //expected
+        }
+        client.getOutInterceptors().remove(wss4jOut);
+        
+        ((java.io.Closeable)greeter).close();
+    }
 
     @Test
     public void testTimestampSignEncrypt() throws Exception {

Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java?rev=1502521&r1=1502520&r2=1502521&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java
(original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/WSSecurityClientTest.java
Fri Jul 12 11:53:24 2013
@@ -52,8 +52,8 @@ import org.apache.cxf.systest.ws.common.
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 import org.apache.cxf.transport.http.HTTPConduit;
 import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
+import org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor;
 import org.apache.hello_world_soap_http.Greeter;
-
 import org.junit.BeforeClass;
 import org.junit.Test;
 
@@ -159,6 +159,64 @@ public class WSSecurityClientTest extend
         
         ((java.io.Closeable)greeter).close();
     }
+    
+    @Test
+    public void testUsernameTokenStreaming() throws Exception {
+        final javax.xml.ws.Service svc 
+            = javax.xml.ws.Service.create(WSDL_LOC, GREETER_SERVICE_QNAME);
+        final Greeter greeter = svc.getPort(USERNAME_TOKEN_PORT_QNAME, Greeter.class);
+        updateAddressPort(greeter, PORT);
+        
+        Client client = ClientProxy.getClient(greeter);
+        Map<String, Object> props = new HashMap<String, Object>();
+        props.put("action", "UsernameToken");
+        props.put("user", "alice");
+        props.put("passwordType", "PasswordText");
+        WSS4JStaxOutInterceptor wss4jOut = new WSS4JStaxOutInterceptor(props);
+        
+        client.getOutInterceptors().add(wss4jOut);
+
+        ((BindingProvider)greeter).getRequestContext().put("password", "password");
+        
+        try {
+            greeter.greetMe("CXF");
+            fail("should fail because of password text instead of digest");
+        } catch (Exception ex) {
+            //expected
+        }
+        client.getOutInterceptors().remove(wss4jOut);
+        
+        props.put("passwordType", "PasswordDigest");
+        wss4jOut = new WSS4JStaxOutInterceptor(props);
+        client.getOutInterceptors().add(wss4jOut);
+        String s = greeter.greetMe("CXF");
+        assertEquals("Hello CXF", s);
+        client.getOutInterceptors().remove(wss4jOut);
+        
+        try {
+            ((BindingProvider)greeter).getRequestContext().put("password", "foo");
+            wss4jOut = new WSS4JStaxOutInterceptor(props);
+            client.getOutInterceptors().add(wss4jOut);
+            greeter.greetMe("CXF");
+            fail("should fail");
+        } catch (Exception ex) {
+            //expected
+        }
+        client.getOutInterceptors().remove(wss4jOut);
+        try {
+            props.put("passwordType", "PasswordText");
+            wss4jOut = new WSS4JStaxOutInterceptor(props);
+            client.getOutInterceptors().add(wss4jOut);
+            ((BindingProvider)greeter).getRequestContext().put("password", "password");
+            greeter.greetMe("CXF");
+            fail("should fail");
+        } catch (Exception ex) {
+            //expected
+        }
+        client.getOutInterceptors().remove(wss4jOut);
+        
+        ((java.io.Closeable)greeter).close();
+    }
 
     @Test
     public void testTimestampSignEncrypt() throws Exception {

Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/client.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/client.xml?rev=1502521&r1=1502520&r2=1502521&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/client.xml
(original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/client.xml
Fri Jul 12 11:53:24 2013
@@ -35,12 +35,10 @@
             <bean class="org.apache.cxf.feature.LoggingFeature"/>
         </jaxws:features>
         <jaxws:outInterceptors>
-            <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
             <ref bean="TimestampSignEncrypt_Request"/>
         </jaxws:outInterceptors>
         <jaxws:inInterceptors>
             <ref bean="TimestampSignEncrypt_Response"/>
-            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
         </jaxws:inInterceptors>
     </jaxws:client>
 

Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/server.xml?rev=1502521&r1=1502520&r2=1502521&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/server.xml
(original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/server.xml
Fri Jul 12 11:53:24 2013
@@ -60,7 +60,6 @@
         </jaxws:features>
         <jaxws:inInterceptors>
             <ref bean="UsernameToken_Request"/>
-            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
         </jaxws:inInterceptors>
     </jaxws:endpoint>
 
@@ -93,12 +92,10 @@
         endpointName="test:TimestampSignEncryptPort"
         >
         <jaxws:outInterceptors>
-            <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
             <ref bean="TimestampSignEncrypt_Response"/>
         </jaxws:outInterceptors>
         <jaxws:inInterceptors>
             <ref bean="TimestampSignEncrypt_Request"/>
-            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
         </jaxws:inInterceptors>
     </jaxws:endpoint>
 

Copied: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/stax-server.xml
(from r1502505, cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/server.xml)
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/stax-server.xml?p2=cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/stax-server.xml&p1=cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/server.xml&r1=1502505&r2=1502521&rev=1502521&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/server.xml
(original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/stax-server.xml
Fri Jul 12 11:53:24 2013
@@ -51,7 +51,7 @@
     <jaxws:endpoint
         id="UsernameTokenEndpoint"
         implementor="org.apache.cxf.systest.ws.security.GreeterImpl"
-        address="http://localhost:${testutil.ports.Server}/GreeterService/UsernameTokenPort"
+        address="http://localhost:${testutil.ports.StaxServer}/GreeterService/UsernameTokenPort"
         serviceName="test:GreeterService"
         endpointName="test:UsernameTokenPort"
         >
@@ -60,16 +60,15 @@
         </jaxws:features>
         <jaxws:inInterceptors>
             <ref bean="UsernameToken_Request"/>
-            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
         </jaxws:inInterceptors>
     </jaxws:endpoint>
 
     <!--    
-         WSS4JInInterceptor for UsernameTokenEndpoint above    
+         WSS4JStaxInInterceptor for UsernameTokenEndpoint above    
     -->
     <bean 
         id="UsernameToken_Request"
-        class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"
+        class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor"
         >
         <constructor-arg>
             <map>
@@ -88,27 +87,25 @@
     <jaxws:endpoint 
         id="TimestampSignEncryptEndpoint"
         implementor="org.apache.cxf.systest.ws.security.GreeterImpl"
-        address="http://localhost:${testutil.ports.Server}/GreeterService/TimestampSignEncryptPort"
+        address="http://localhost:${testutil.ports.StaxServer}/GreeterService/TimestampSignEncryptPort"
         serviceName="test:GreeterService"
         endpointName="test:TimestampSignEncryptPort"
         >
         <jaxws:outInterceptors>
-            <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
             <ref bean="TimestampSignEncrypt_Response"/>
         </jaxws:outInterceptors>
         <jaxws:inInterceptors>
             <ref bean="TimestampSignEncrypt_Request"/>
-            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
         </jaxws:inInterceptors>
     </jaxws:endpoint>
 
     <!--    
-         WSS4JInInterceptor for decrypting and validating the signature of the
+         WSS4JStaxInInterceptor for decrypting and validating the signature of the
          SOAP request.
     -->
     <bean 
         id="TimestampSignEncrypt_Request"
-        class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"
+        class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor"
         >
         <constructor-arg>
             <map>
@@ -125,11 +122,11 @@
     </bean>
     
     <!--    
-         WSS4JOutInterceptor for encoding and signing the SOAP response.    
+         WSS4JStaxOutInterceptor for encoding and signing the SOAP response.    
     -->
     <bean 
         id="TimestampSignEncrypt_Response"
-        class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"
+        class="org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor"
         >
         <constructor-arg>
             <map>



Mime
View raw message