cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1558090 - in /cxf/trunk/systests/ws-security/src/test: java/org/apache/cxf/systest/ws/saml/ resources/org/apache/cxf/systest/ws/saml/
Date Tue, 14 Jan 2014 16:12:22 GMT
Author: coheigea
Date: Tue Jan 14 16:12:22 2014
New Revision: 1558090

URL: http://svn.apache.org/r1558090
Log:
Replacing deprecated API

Added:
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/PolicyDecisionPointMockImpl.java
      - copied, changed from r1558030, cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/XACMLAuthorizingInterceptor.java
Removed:
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/XACMLAuthorizingInterceptor.java
Modified:
    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server.xml
    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/stax-server.xml

Copied: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/PolicyDecisionPointMockImpl.java
(from r1558030, cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/XACMLAuthorizingInterceptor.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/PolicyDecisionPointMockImpl.java?p2=cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/PolicyDecisionPointMockImpl.java&p1=cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/XACMLAuthorizingInterceptor.java&r1=1558030&r2=1558090&rev=1558090&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/XACMLAuthorizingInterceptor.java
(original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/PolicyDecisionPointMockImpl.java
Tue Jan 14 16:12:22 2014
@@ -21,9 +21,17 @@ package org.apache.cxf.systest.ws.saml;
 
 import java.util.List;
 
-import org.apache.cxf.message.Message;
-import org.apache.cxf.rt.security.xacml.AbstractXACMLAuthorizingInterceptor;
+import javax.xml.transform.Source;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.dom.DOMSource;
+
+import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.rt.security.xacml.XACMLConstants;
+import org.apache.cxf.rt.security.xacml.pdp.api.PolicyDecisionPoint;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.saml.OpenSAMLUtil;
 import org.opensaml.Configuration;
 import org.opensaml.xacml.XACMLObjectBuilder;
 import org.opensaml.xacml.ctx.AttributeType;
@@ -35,16 +43,24 @@ import org.opensaml.xacml.ctx.StatusCode
 import org.opensaml.xacml.ctx.StatusType;
 import org.opensaml.xacml.ctx.SubjectType;
 import org.opensaml.xml.XMLObjectBuilderFactory;
-
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
 
 /**
- * A test implementation of AbstractXACMLAuthorizingInterceptor. It just mocks up a Response
+ * A test implementation of PolicyDecisionPoint. It just mocks up a Response
  * object based on the role of the Subject. If the role is "manager" then it permits the
  * request, otherwise it denies it.
  */
-public class XACMLAuthorizingInterceptor extends AbstractXACMLAuthorizingInterceptor {
+public class PolicyDecisionPointMockImpl implements PolicyDecisionPoint {
+    
+    public PolicyDecisionPointMockImpl() {
+        org.apache.wss4j.common.saml.OpenSAMLUtil.initSamlEngine();
+    }
     
-    public ResponseType performRequest(RequestType request, Message message) throws Exception
{
+    @Override
+    public Source evaluate(Source request) {
+        RequestType requestType = requestSourceToRequestType(request);
         
         XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
         
@@ -75,7 +91,7 @@ public class XACMLAuthorizingInterceptor
             
         DecisionType decisionType = decisionTypeBuilder.buildObject();
         
-        String role = getSubjectRole(request);
+        String role = getSubjectRole(requestType);
         if ("manager".equals(role)) {
             decisionType.setDecision(DecisionType.DECISION.Permit); 
         } else {
@@ -94,9 +110,35 @@ public class XACMLAuthorizingInterceptor
         ResponseType response = responseTypeBuilder.buildObject();
         response.setResult(result);
         
-        return response;
+        return responseType2Source(response);
     }
-
+    
+    private RequestType requestSourceToRequestType(Source requestSource) {
+        try {
+            Transformer trans = TransformerFactory.newInstance().newTransformer();
+            DOMResult res = new DOMResult();
+            trans.transform(requestSource, res);
+            Node nd = res.getNode();
+            if (nd instanceof Document) {
+                nd = ((Document)nd).getDocumentElement();
+            }
+            return (RequestType)OpenSAMLUtil.fromDom((Element)nd);
+        } catch (Exception e) {
+            throw new RuntimeException("Error converting pdp response to ResponseType", e);
+        }
+    }
+    
+    private Source responseType2Source(ResponseType response) {
+        Document doc = DOMUtils.createDocument();
+        Element responseElement;
+        try {
+            responseElement = OpenSAMLUtil.toDom(response, doc);
+        } catch (WSSecurityException e) {
+            throw new RuntimeException("Error converting PDP RequestType to Dom", e);
+        }
+        return new DOMSource(responseElement);
+    }
+    
     private String getSubjectRole(RequestType request) {
         List<SubjectType> subjects = request.getSubjects();
         if (subjects != null) {

Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server.xml?rev=1558090&r1=1558089&r2=1558090&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server.xml
(original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server.xml
Tue Jan 14 16:12:22 2014
@@ -227,7 +227,9 @@
             </p:policies>
         </jaxws:features>
     </jaxws:endpoint>
-    <bean class="org.apache.cxf.systest.ws.saml.XACMLAuthorizingInterceptor" id="XACMLInterceptor">
+    <bean class="org.apache.cxf.systest.ws.saml.PolicyDecisionPointMockImpl" id="MockPDP"
/>
+    <bean class="org.apache.cxf.rt.security.xacml.XACMLAuthorizingInterceptor" id="XACMLInterceptor">
+        <constructor-arg ref="MockPDP"/>
     </bean>
     <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="Saml2TokenOverSymmetricPEP"
address="http://localhost:${testutil.ports.Server}/DoubleItSaml2PEP" serviceName="s:DoubleItService"
endpointName="s:DoubleItSaml2PEPPort" implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
wsdlLocation="org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl">
         <jaxws:properties>

Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/stax-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/stax-server.xml?rev=1558090&r1=1558089&r2=1558090&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/stax-server.xml
(original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/stax-server.xml
Tue Jan 14 16:12:22 2014
@@ -248,7 +248,9 @@
             </p:policies>
         </jaxws:features>
     </jaxws:endpoint>
-    <bean class="org.apache.cxf.systest.ws.saml.XACMLAuthorizingInterceptor" id="XACMLInterceptor">
+    <bean class="org.apache.cxf.systest.ws.saml.PolicyDecisionPointMockImpl" id="MockPDP"
/>
+    <bean class="org.apache.cxf.rt.security.xacml.XACMLAuthorizingInterceptor" id="XACMLInterceptor">
+        <constructor-arg ref="MockPDP"/>
     </bean>
     <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="Saml2TokenOverSymmetricPEP"
address="http://localhost:${testutil.ports.StaxServer}/DoubleItSaml2PEP" serviceName="s:DoubleItService"
endpointName="s:DoubleItSaml2PEPPort" implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
wsdlLocation="org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl">
         <jaxws:properties>



Mime
View raw message