cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1531958 - in /cxf/trunk: rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/ services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/ services/sts/systests/basic/src/test/java/org/apache/cx...
Date Mon, 14 Oct 2013 16:06:13 GMT
Author: coheigea
Date: Mon Oct 14 16:06:12 2013
New Revision: 1531958

URL: http://svn.apache.org/r1531958
Log:
More work on streaming STS test-cases

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
    cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
    cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/StaxAsymmetricBindingTest.java
    cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
Mon Oct 14 16:06:12 2013
@@ -21,6 +21,7 @@ package org.apache.cxf.ws.security.wss4j
 
 import java.io.IOException;
 import java.security.Key;
+import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
@@ -32,6 +33,7 @@ import java.util.Set;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+import javax.crypto.spec.SecretKeySpec;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
@@ -62,6 +64,7 @@ import org.apache.wss4j.common.saml.bean
 import org.apache.wss4j.common.saml.bean.SubjectBean;
 import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.wss4j.policy.SP11Constants;
 import org.apache.wss4j.policy.SP12Constants;
 import org.apache.wss4j.policy.SPConstants;
@@ -95,11 +98,16 @@ import org.apache.wss4j.policy.model.XPa
 import org.apache.wss4j.policy.stax.PolicyUtils;
 import org.apache.wss4j.stax.ext.WSSConstants;
 import org.apache.wss4j.stax.impl.securityToken.KerberosClientSecurityToken;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
+import org.apache.xml.security.algorithms.JCEMapper;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.ext.SecurePart;
 import org.apache.xml.security.stax.ext.SecurePart.Modifier;
+import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
 import org.apache.xml.security.stax.securityToken.OutboundSecurityToken;
+import org.apache.xml.security.stax.securityToken.SecurityTokenConstants;
 import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;
+import org.apache.xml.security.utils.Base64;
 import org.opensaml.common.SAMLVersion;
 
 /**
@@ -413,6 +421,73 @@ public abstract class AbstractStaxBindin
         return null;
     }
     
+    protected void storeSecurityToken(SecurityToken tok) {
+        SecurityTokenConstants.TokenType tokenType = WSSecurityTokenConstants.EncryptedKeyToken;
+        if (tok.getTokenType() != null) {
+            if (tok.getTokenType().startsWith(WSSConstants.NS_KERBEROS11_TOKEN_PROFILE))
{
+                tokenType = WSSecurityTokenConstants.KerberosToken;
+            } else if (tok.getTokenType().startsWith(WSSConstants.NS_SAML10_TOKEN_PROFILE)
+                || tok.getTokenType().startsWith(WSSConstants.NS_SAML11_TOKEN_PROFILE)) {
+                tokenType = WSSecurityTokenConstants.Saml11Token;
+            } else if (tok.getTokenType().startsWith(WSSConstants.NS_WSC_05_02)
+                || tok.getTokenType().startsWith(WSSConstants.NS_WSC_05_12)) {
+                tokenType = WSSecurityTokenConstants.SecureConversationToken;
+            }
+        }
+        
+        final Key key = tok.getKey();
+        final byte[] secret = tok.getSecret();
+        final X509Certificate[] certs = new X509Certificate[1];
+        if (tok.getX509Certificate() != null) {
+            certs[0] = tok.getX509Certificate();
+        }
+        
+        final GenericOutboundSecurityToken encryptedKeySecurityToken = 
+            new GenericOutboundSecurityToken(tok.getId(), tokenType, key, certs) {
+          
+                @Override
+                public Key getSecretKey(String algorithmURI) throws XMLSecurityException
{
+                    if (secret != null && algorithmURI != null && !"".equals(algorithmURI))
{
+                        return KeyUtils.prepareSecretKey(algorithmURI, secret);
+                    }
+                    if (key != null) {
+                        return key;
+                    }
+                    if (secret != null) {
+                        String jceAlg = JCEMapper.getJCEKeyAlgorithmFromURI(algorithmURI);
+                        if (jceAlg == null || "".equals(jceAlg)) {
+                            jceAlg = "HmacSHA1";
+                        }
+                        return new SecretKeySpec(secret, jceAlg);
+                    }
+                
+                    return super.getSecretKey(algorithmURI);
+                }
+            };
+        
+        final SecurityTokenProvider<OutboundSecurityToken> encryptedKeySecurityTokenProvider
=
+            new SecurityTokenProvider<OutboundSecurityToken>() {
+
+                @Override
+                public OutboundSecurityToken getSecurityToken() throws XMLSecurityException
{
+                    return encryptedKeySecurityToken;
+                }
+
+                @Override
+                public String getId() {
+                    return encryptedKeySecurityToken.getId();
+                }
+                
+            };
+        encryptedKeySecurityToken.setSha1Identifier(tok.getSHA1());
+        outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION, 
+                           encryptedKeySecurityTokenProvider);
+        outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, 
+                           encryptedKeySecurityTokenProvider);
+        outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN, 
+                           encryptedKeySecurityTokenProvider);
+    }
+    
     protected void policyNotAsserted(Assertion assertion, String reason) {
         if (assertion == null) {
             return;
@@ -1097,4 +1172,45 @@ public abstract class AbstractStaxBindin
         return encryptedParts;
     }
     
+    protected static class TokenStoreCallbackHandler implements CallbackHandler {
+        private CallbackHandler internal;
+        private TokenStore store;
+        public TokenStoreCallbackHandler(CallbackHandler in, TokenStore st) {
+            internal = in;
+            store = st;
+        }
+        
+        public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
+            for (int i = 0; i < callbacks.length; i++) {
+                WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
+                
+                String id = pc.getIdentifier();
+                SecurityToken token = store.getToken(id);
+                if (token != null) {
+                    if (token.getSHA1() == null && pc.getKey() != null) {
+                        token.setSHA1(getSHA1(pc.getKey()));
+                        // Create another cache entry with the SHA1 Identifier as the key

+                        // for easy retrieval
+                        store.add(token.getSHA1(), token);
+                    }
+                    pc.setKey(token.getSecret());
+                    pc.setCustomToken(token.getToken());
+                    return;
+                }
+            }
+            if (internal != null) {
+                internal.handle(callbacks);
+            }
+        }
+    }
+    
+    private static String getSHA1(byte[] input) {
+        try {
+            byte[] digestBytes = WSSecurityUtil.generateDigest(input);
+            return Base64.encode(digestBytes);
+        } catch (WSSecurityException e) {
+            //REVISIT
+        }
+        return null;
+    }
 }

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
Mon Oct 14 16:06:12 2013
@@ -25,6 +25,7 @@ import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+import javax.security.auth.callback.CallbackHandler;
 import javax.xml.namespace.QName;
 import javax.xml.soap.SOAPException;
 
@@ -44,6 +45,9 @@ import org.apache.wss4j.policy.model.Abs
 import org.apache.wss4j.policy.model.AlgorithmSuite;
 import org.apache.wss4j.policy.model.AsymmetricBinding;
 import org.apache.wss4j.policy.model.IssuedToken;
+import org.apache.wss4j.policy.model.SecureConversationToken;
+import org.apache.wss4j.policy.model.SecurityContextToken;
+import org.apache.wss4j.policy.model.SpnegoContextToken;
 import org.apache.wss4j.policy.model.X509Token;
 import org.apache.wss4j.stax.ext.WSSConstants;
 import org.apache.xml.security.stax.ext.SecurePart;
@@ -102,6 +106,18 @@ public class StaxAsymmetricBindingHandle
                 if (initiatorToken instanceof IssuedToken) {
                     SecurityToken sigTok = getSecurityToken();
                     addIssuedToken((IssuedToken)initiatorToken, sigTok, false, true);
+                    if (sigTok != null) {
+                        storeSecurityToken(sigTok);
+                        outboundTokens.remove(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);

+                    }
+                    
+                    // Set up CallbackHandler which wraps the configured Handler
+                    Map<String, Object> config = getProperties();
+                    TokenStoreCallbackHandler callbackHandler = 
+                        new TokenStoreCallbackHandler(
+                            (CallbackHandler)config.get(ConfigurationConstants.PW_CALLBACK_REF),
getTokenStore()
+                        );
+                    config.put(ConfigurationConstants.PW_CALLBACK_REF, callbackHandler);
                 }
             }
             
@@ -206,6 +222,18 @@ public class StaxAsymmetricBindingHandle
                 if (initiatorToken instanceof IssuedToken) {
                     SecurityToken sigTok = getSecurityToken();
                     addIssuedToken((IssuedToken)initiatorToken, sigTok, false, true);
+                    if (sigTok != null) {
+                        storeSecurityToken(sigTok);
+                        outboundTokens.remove(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);

+                    }
+                    
+                    // Set up CallbackHandler which wraps the configured Handler
+                    Map<String, Object> config = getProperties();
+                    TokenStoreCallbackHandler callbackHandler = 
+                        new TokenStoreCallbackHandler(
+                            (CallbackHandler)config.get(ConfigurationConstants.PW_CALLBACK_REF),
getTokenStore()
+                        );
+                    config.put(ConfigurationConstants.PW_CALLBACK_REF, callbackHandler);
                 }
             }
             
@@ -377,16 +405,19 @@ public class StaxAsymmetricBindingHandle
         }
         
         AbstractToken sigToken = wrapper.getToken();
+        configureSignature(wrapper, sigToken, false);
+        
         if (abinding.isProtectTokens() && (sigToken instanceof X509Token)
             && sigToken.getIncludeTokenType() != IncludeTokenType.INCLUDE_TOKEN_NEVER)
{
             parts += "{Element}{" + WSSConstants.NS_WSSE10 + "}BinarySecurityToken;";
+        } else if (sigToken instanceof IssuedToken || sigToken instanceof SecurityContextToken
+            || sigToken instanceof SecureConversationToken || sigToken instanceof SpnegoContextToken)
{
+            config.put(ConfigurationConstants.INCLUDE_SIGNATURE_TOKEN, "false");
         }
         
         config.put(ConfigurationConstants.SIGNATURE_PARTS, parts);
         config.put(ConfigurationConstants.OPTIONAL_SIGNATURE_PARTS, optionalParts);
         
-        configureSignature(wrapper, sigToken, false);
-        
         if (sigToken.getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
             config.put(ConfigurationConstants.SIG_ALGO, 
                    abinding.getAlgorithmSuite().getSymmetricSignature());

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
Mon Oct 14 16:06:12 2013
@@ -19,8 +19,6 @@
 
 package org.apache.cxf.ws.security.wss4j.policyhandlers;
 
-import java.io.IOException;
-import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
 import java.util.Date;
@@ -29,10 +27,7 @@ import java.util.Map;
 
 import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.xml.namespace.QName;
 import javax.xml.soap.SOAPException;
 
@@ -43,14 +38,10 @@ import org.apache.cxf.message.MessageUti
 import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
-import org.apache.cxf.ws.security.tokenstore.TokenStore;
 import org.apache.wss4j.common.ConfigurationConstants;
-import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.WSSConfig;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
 import org.apache.wss4j.policy.SPConstants;
 import org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding;
 import org.apache.wss4j.policy.model.AbstractToken;
@@ -68,19 +59,15 @@ import org.apache.wss4j.policy.model.Use
 import org.apache.wss4j.policy.model.X509Token;
 import org.apache.wss4j.stax.ext.WSSConstants;
 import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
-import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
 import org.apache.xml.security.algorithms.JCEMapper;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.ext.SecurePart;
 import org.apache.xml.security.stax.ext.SecurePart.Modifier;
-import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
 import org.apache.xml.security.stax.impl.util.IDGenerator;
 import org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent;
 import org.apache.xml.security.stax.securityEvent.SecurityEvent;
 import org.apache.xml.security.stax.securityToken.OutboundSecurityToken;
-import org.apache.xml.security.stax.securityToken.SecurityTokenConstants.TokenType;
 import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;
-import org.apache.xml.security.utils.Base64;
 
 /**
  * 
@@ -623,16 +610,6 @@ public class StaxSymmetricBindingHandler
         return null;
     }
     
-    private String getSHA1(byte[] input) {
-        try {
-            byte[] digestBytes = WSSecurityUtil.generateDigest(input);
-            return Base64.encode(digestBytes);
-        } catch (WSSecurityException e) {
-            //REVISIT
-        }
-        return null;
-    }
-    
     private KeyGenerator getKeyGenerator(String symEncAlgo) throws WSSecurityException {
         try {
             //
@@ -662,98 +639,4 @@ public class StaxSymmetricBindingHandler
         }
     }
     
-    private void storeSecurityToken(SecurityToken tok) {
-        TokenType tokenType = WSSecurityTokenConstants.EncryptedKeyToken;
-        if (tok.getTokenType() != null) {
-            if (tok.getTokenType().startsWith(WSSConstants.NS_KERBEROS11_TOKEN_PROFILE))
{
-                tokenType = WSSecurityTokenConstants.KerberosToken;
-            } else if (tok.getTokenType().startsWith(WSSConstants.NS_SAML10_TOKEN_PROFILE)
-                || tok.getTokenType().startsWith(WSSConstants.NS_SAML11_TOKEN_PROFILE)) {
-                tokenType = WSSecurityTokenConstants.Saml11Token;
-            } else if (tok.getTokenType().startsWith(WSSConstants.NS_WSC_05_02)
-                || tok.getTokenType().startsWith(WSSConstants.NS_WSC_05_12)) {
-                tokenType = WSSecurityTokenConstants.SecureConversationToken;
-            }
-        }
-        
-        final Key key = tok.getKey();
-        final byte[] secret = tok.getSecret();
-        final GenericOutboundSecurityToken encryptedKeySecurityToken = 
-            new GenericOutboundSecurityToken(tok.getId(), tokenType, key) {
-          
-                @Override
-                public Key getSecretKey(String algorithmURI) throws XMLSecurityException
{
-                    if (secret != null && algorithmURI != null && !"".equals(algorithmURI))
{
-                        return KeyUtils.prepareSecretKey(algorithmURI, secret);
-                    }
-                    if (key != null) {
-                        return key;
-                    }
-                    if (secret != null) {
-                        String jceAlg = JCEMapper.getJCEKeyAlgorithmFromURI(algorithmURI);
-                        if (jceAlg == null || "".equals(jceAlg)) {
-                            jceAlg = "HmacSHA1";
-                        }
-                        return new SecretKeySpec(secret, jceAlg);
-                    }
-                
-                    return super.getSecretKey(algorithmURI);
-                }
-            };
-        
-        final SecurityTokenProvider<OutboundSecurityToken> encryptedKeySecurityTokenProvider
=
-            new SecurityTokenProvider<OutboundSecurityToken>() {
-
-                @Override
-                public OutboundSecurityToken getSecurityToken() throws XMLSecurityException
{
-                    return encryptedKeySecurityToken;
-                }
-
-                @Override
-                public String getId() {
-                    return encryptedKeySecurityToken.getId();
-                }
-                
-            };
-        encryptedKeySecurityToken.setSha1Identifier(tok.getSHA1());
-        outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION, 
-                           encryptedKeySecurityTokenProvider);
-        outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, 
-                           encryptedKeySecurityTokenProvider);
-        outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN, 
-                           encryptedKeySecurityTokenProvider);
-    }
-    
-    private class TokenStoreCallbackHandler implements CallbackHandler {
-        private CallbackHandler internal;
-        private TokenStore store;
-        public TokenStoreCallbackHandler(CallbackHandler in, TokenStore st) {
-            internal = in;
-            store = st;
-        }
-        
-        public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
-            for (int i = 0; i < callbacks.length; i++) {
-                WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
-                
-                String id = pc.getIdentifier();
-                SecurityToken token = store.getToken(id);
-                if (token != null) {
-                    if (token.getSHA1() == null && pc.getKey() != null) {
-                        token.setSHA1(getSHA1(pc.getKey()));
-                        // Create another cache entry with the SHA1 Identifier as the key

-                        // for easy retrieval
-                        store.add(token.getSHA1(), token);
-                    }
-                    pc.setKey(token.getSecret());
-                    pc.setCustomToken(token.getToken());
-                    return;
-                }
-            }
-            if (internal != null) {
-                internal.handle(callbacks);
-            }
-        }
-        
-    }
 }

Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
(original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
Mon Oct 14 16:06:12 2013
@@ -191,10 +191,25 @@ public class AsymmetricBindingTest exten
         
         doubleIt(asymmetricSaml1EncryptedPort, 40);
         
+        // TODO Streaming - The encrypted issued token is placed under the Signature
+        // and hence an error is thrown on the receiving side
+        asymmetricSaml1EncryptedPort = service.getPort(portQName, DoubleItPortType.class);
+        updateAddressPort(asymmetricSaml1EncryptedPort, PORT);
+        if (standalone) {
+            TokenTestUtils.updateSTSPort((BindingProvider)asymmetricSaml1EncryptedPort, STSPORT2);
+        }
+        bindingProvider = (BindingProvider)asymmetricSaml1EncryptedPort;
+        stsClient = 
+            (STSClient)bindingProvider.getRequestContext().get(SecurityConstants.STS_CLIENT);
+        stsClient.setUseKeyCertificate(certs[0]);
+        
+        SecurityTestUtil.enableStreaming(asymmetricSaml1EncryptedPort);
+        // doubleIt(asymmetricSaml1EncryptedPort, 25);
+        
         ((java.io.Closeable)asymmetricSaml1EncryptedPort).close();
         bus.shutdown(true);
     }
-
+  
     private static void doubleIt(DoubleItPortType port, int numToDouble) {
         int resp = port.doubleIt(numToDouble);
         assertEquals(numToDouble * 2 , resp);

Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/StaxAsymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/StaxAsymmetricBindingTest.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/StaxAsymmetricBindingTest.java
(original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/StaxAsymmetricBindingTest.java
Mon Oct 14 16:06:12 2013
@@ -193,6 +193,21 @@ public class StaxAsymmetricBindingTest e
         
         doubleIt(asymmetricSaml1EncryptedPort, 40);
         
+        // TODO Streaming - The encrypted issued token is placed under the Signature
+        // and hence an error is thrown on the receiving side
+        asymmetricSaml1EncryptedPort = service.getPort(portQName, DoubleItPortType.class);
+        updateAddressPort(asymmetricSaml1EncryptedPort, PORT);
+        if (standalone) {
+            TokenTestUtils.updateSTSPort((BindingProvider)asymmetricSaml1EncryptedPort, STSPORT2);
+        }
+        bindingProvider = (BindingProvider)asymmetricSaml1EncryptedPort;
+        stsClient = 
+            (STSClient)bindingProvider.getRequestContext().get(SecurityConstants.STS_CLIENT);
+        stsClient.setUseKeyCertificate(certs[0]);
+        
+        SecurityTestUtil.enableStreaming(asymmetricSaml1EncryptedPort);
+        // doubleIt(asymmetricSaml1EncryptedPort, 25);
+        
         ((java.io.Closeable)asymmetricSaml1EncryptedPort).close();
         bus.shutdown(true);
     }

Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
(original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
Mon Oct 14 16:06:12 2013
@@ -175,11 +175,12 @@ public class SymmetricBindingTest extend
         // DOM
         doubleIt(symmetricSaml1Port, 25);
         
-        // TODO Streaming - Problem with including encrypted SAML Token in header
+        // TODO Streaming - The encrypted issued token is placed under the ReferenceList
+        // and hence an error is thrown on the receiving side
         symmetricSaml1Port = service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(symmetricSaml1Port, PORT);
         if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT);
+            TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT2);
         }
         SecurityTestUtil.enableStreaming(symmetricSaml1Port);
         // doubleIt(symmetricSaml1Port, 25);
@@ -208,8 +209,18 @@ public class SymmetricBindingTest extend
             TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT2);
         }
         
+        // DOM
         doubleIt(symmetricSaml2Port, 30);
         
+        // Streaming
+        symmetricSaml2Port = service.getPort(portQName, DoubleItPortType.class);
+        updateAddressPort(symmetricSaml2Port, PORT);
+        if (standalone) {
+            TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT2);
+        }
+        SecurityTestUtil.enableStreaming(symmetricSaml2Port);
+        doubleIt(symmetricSaml2Port, 25);
+        
         ((java.io.Closeable)symmetricSaml2Port).close();
         bus.shutdown(true);
     }



Mime
View raw message