cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Adding @Ignore'd SecureConversation test with Spnego
Date Mon, 02 Feb 2015 11:43:19 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 5a9a2a098 -> 53d151b65


Adding @Ignore'd SecureConversation test with Spnego


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/53d151b6
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/53d151b6
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/53d151b6

Branch: refs/heads/master
Commit: 53d151b659e5f41e914416370b838bc4388353f5
Parents: 5a9a2a0
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Feb 2 11:42:50 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Feb 2 11:43:11 2015 +0000

----------------------------------------------------------------------
 .../kerberos/wssec/spnego/SpnegoTokenTest.java  |  14 +++
 .../kerberos/wssec/spnego/DoubleItSpnego.wsdl   | 111 +++++++++++++++++++
 .../systest/kerberos/wssec/spnego/client.xml    |   7 ++
 .../systest/kerberos/wssec/spnego/server.xml    |   6 +
 4 files changed, 138 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/53d151b6/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java
----------------------------------------------------------------------
diff --git a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java
b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java
index 684006e..ff4e120 100644
--- a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java
+++ b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java
@@ -247,6 +247,20 @@ public class SpnegoTokenTest extends AbstractLdapTestUnit {
         // runKerberosTest(portName, true, STAX_PORT2);
     }
     
+    @org.junit.Test
+    @org.junit.Ignore
+    public void testSpnegoOverSymmetricSecureConversation() throws Exception {
+        if (!runTests || !unrestrictedPoliciesInstalled) {
+            return;
+        }
+        
+        String portName = "DoubleItSpnegoSymmetricSecureConversationPort";
+        runKerberosTest(portName, false, PORT);
+        //runKerberosTest(portName, false, STAX_PORT);
+        //runKerberosTest(portName, true, PORT);
+        //runKerberosTest(portName, true, STAX_PORT);
+    }
+    
     private void runKerberosTest(String portName, boolean streaming, String portNumber) throws
Exception {
 
         SpringBusFactory bf = new SpringBusFactory();

http://git-wip-us.apache.org/repos/asf/cxf/blob/53d151b6/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/DoubleItSpnego.wsdl
----------------------------------------------------------------------
diff --git a/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/DoubleItSpnego.wsdl
b/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/DoubleItSpnego.wsdl
index c744437..a318642 100644
--- a/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/DoubleItSpnego.wsdl
+++ b/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/DoubleItSpnego.wsdl
@@ -109,6 +109,24 @@
             </wsdl:fault>
         </wsdl:operation>
     </wsdl:binding>
+    <wsdl:binding name="DoubleItSpnegoSymmetricSecureConversationBinding" type="tns:DoubleItPortType">
+        <wsp:PolicyReference URI="#DoubleItSpnegoSymmetricSecureConversationPolicy"/>
+        <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
+        <wsdl:operation name="DoubleIt">
+            <soap:operation soapAction=""/>
+            <wsdl:input>
+                <soap:body use="literal"/>
+                <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+            </wsdl:input>
+            <wsdl:output>
+                <soap:body use="literal"/>
+                <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+            </wsdl:output>
+            <wsdl:fault name="DoubleItFault">
+                <soap:body use="literal" name="DoubleItFault"/>
+            </wsdl:fault>
+        </wsdl:operation>
+    </wsdl:binding>
     <wsdl:service name="DoubleItService">
         <wsdl:port name="DoubleItSpnegoSymmetricPort" binding="tns:DoubleItSpnegoSymmetricProtectionBinding">
             <soap:address location="http://localhost:9001/DoubleItSpnegoSymmetric"/>
@@ -125,6 +143,9 @@
         <wsdl:port name="DoubleItSpnegoTransportEndorsingPort" binding="tns:DoubleItSpnegoTransportEndorsingBinding">
             <soap:address location="https://localhost:9001/DoubleItSpnegoTransportEndorsing"/>
         </wsdl:port>
+        <wsdl:port name="DoubleItSpnegoSymmetricSecureConversationPort" binding="tns:DoubleItSpnegoSymmetricSecureConversationBinding">
+            <soap:address location="http://localhost:9001/DoubleItSpnegoSymmetricSecureConversation"/>
+        </wsdl:port>
     </wsdl:service>
     <wsp:Policy wsu:Id="DoubleItSpnegoSymmetricProtectionPolicy">
         <wsp:ExactlyOne>
@@ -365,6 +386,96 @@
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
+    <wsp:Policy wsu:Id="DoubleItSpnegoSymmetricSecureConversationPolicy">
+        <wsp:ExactlyOne>
+            <wsp:All>
+                <sp:SymmetricBinding>
+                    <wsp:Policy>
+                        <sp:ProtectionToken>
+                            <wsp:Policy>
+                               <sp:SecureConversationToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+                                   <wsp:Policy>
+                                       <sp:RequireDerivedKeys />
+                                       <sp:BootstrapPolicy>
+                                           <wsp:Policy> 
+                                              <sp:SymmetricBinding>
+                                                 <wsp:Policy>
+                                                    <sp:ProtectionToken>
+                                                       <wsp:Policy>
+                                                          <sp:SpnegoContextToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+                                                             <wsp:Policy>
+                                                                <sp:RequireDerivedKeys/>
+                                                             </wsp:Policy>
+                                                          </sp:SpnegoContextToken>
+                                                       </wsp:Policy>
+                                                    </sp:ProtectionToken>
+                                                    <sp:Layout>
+                                                       <wsp:Policy>
+                                                           <sp:Lax/>
+                                                       </wsp:Policy>
+                                                    </sp:Layout>
+                                                    <sp:IncludeTimestamp/>
+                                                    <sp:EncryptSignature/>
+                                                    <sp:OnlySignEntireHeadersAndBody/>
+                                                    <sp:AlgorithmSuite>
+                                                       <wsp:Policy>
+                                                          <sp:Basic128/>
+                                                       </wsp:Policy>
+                                                    </sp:AlgorithmSuite>
+                                                 </wsp:Policy>
+                                              </sp:SymmetricBinding> 
+                                              <sp:Wss11>
+                                                 <wsp:Policy>
+                                                     <sp:MustSupportRefIssuerSerial/>
+                                                     <sp:MustSupportRefThumbprint/>
+                                                     <sp:MustSupportRefEncryptedKey/>
+                                                 </wsp:Policy>
+                                              </sp:Wss11>
+                                              <sp:Trust13>
+                                                 <wsp:Policy>
+                                                    <sp:MustSupportIssuedTokens />
+                                                    <sp:RequireClientEntropy />
+                                                    <sp:RequireServerEntropy />
+                                                 </wsp:Policy>
+                                              </sp:Trust13> 
+                                          </wsp:Policy>
+                                      </sp:BootstrapPolicy>
+                                   </wsp:Policy>
+                               </sp:SecureConversationToken>
+                            </wsp:Policy>
+                        </sp:ProtectionToken>
+                        <sp:AlgorithmSuite>
+                           <wsp:Policy>
+                              <sp:Basic128 />
+                           </wsp:Policy>
+                        </sp:AlgorithmSuite>
+                        <sp:Layout>
+                           <wsp:Policy>
+                              <sp:Lax />
+                           </wsp:Policy>
+                        </sp:Layout>
+                        <sp:IncludeTimestamp />
+                        <sp:EncryptSignature />
+                        <sp:OnlySignEntireHeadersAndBody />
+                    </wsp:Policy>
+                </sp:SymmetricBinding>
+                <sp:Wss11>
+                    <wsp:Policy>
+                        <sp:MustSupportRefIssuerSerial/>
+                        <sp:MustSupportRefThumbprint/>
+                        <sp:MustSupportRefEncryptedKey/>
+                    </wsp:Policy>
+                </sp:Wss11>
+                <sp:Trust13>
+                    <wsp:Policy>
+                       <sp:MustSupportIssuedTokens />
+                       <sp:RequireClientEntropy />
+                       <sp:RequireServerEntropy />
+                    </wsp:Policy>
+                </sp:Trust13> 
+            </wsp:All>
+        </wsp:ExactlyOne>
+    </wsp:Policy>
     <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Input_Policy">
         <wsp:ExactlyOne>
             <wsp:All>

http://git-wip-us.apache.org/repos/asf/cxf/blob/53d151b6/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/client.xml
----------------------------------------------------------------------
diff --git a/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/client.xml
b/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/client.xml
index 613b06a..136bd0a 100644
--- a/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/client.xml
+++ b/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/client.xml
@@ -64,6 +64,13 @@
             <entry key="ws-security.callback-handler" value-ref="kerberosCallbackHandler"/>
         </jaxws:properties>
     </jaxws:client>
+    <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSpnegoSymmetricSecureConversationPort"
createdFromAPI="true">
+        <jaxws:properties>
+            <entry key="ws-security.kerberos.jaas.context" value="alice"/>
+            <entry key="ws-security.kerberos.spn" value="bob@service.ws.apache.org"/>
+            <entry key="ws-security.callback-handler" value-ref="kerberosCallbackHandler"/>
+        </jaxws:properties>
+    </jaxws:client>
     
     <http:conduit name="https://localhost.*">
         <http:tlsClientParameters disableCNCheck="true">

http://git-wip-us.apache.org/repos/asf/cxf/blob/53d151b6/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/server.xml
----------------------------------------------------------------------
diff --git a/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/server.xml
b/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/server.xml
index 911635c..8b575d8 100644
--- a/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/server.xml
+++ b/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/spnego/server.xml
@@ -77,4 +77,10 @@
             <entry key="ws-security.callback-handler" value-ref="kerberosCallbackHandler"/>
         </jaxws:properties>
     </jaxws:endpoint>
+    <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SpnegoOverSymmetricSecureConversation"
address="http://localhost:${testutil.ports.Server}/DoubleItSpnegoSymmetricSecureConversation"
serviceName="s:DoubleItService" endpointName="s:DoubleItSpnegoSymmetricSecureConversationPort"
implementor="org.apache.cxf.systest.kerberos.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/spnego/DoubleItSpnego.wsdl">
+        <jaxws:properties>
+            <entry key="ws-security.kerberos.jaas.context" value="bob"/>
+            <entry key="ws-security.callback-handler" value-ref="kerberosCallbackHandler"/>
+        </jaxws:properties>
+    </jaxws:endpoint>
 </beans>


Mime
View raw message