cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Adding more SAML/JMS tests
Date Thu, 26 Nov 2015 15:01:56 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes ac40bcfa8 -> 365cbd07b


Adding more SAML/JMS tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/365cbd07
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/365cbd07
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/365cbd07

Branch: refs/heads/3.1.x-fixes
Commit: 365cbd07b67cdae4dd29089c1d9bd04fe6a76ed8
Parents: ac40bcf
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Nov 26 14:53:53 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Nov 26 14:56:56 2015 +0000

----------------------------------------------------------------------
 .../systest/jms/security/JMSWSSecurityTest.java | 122 ++++++++++++++++++-
 1 file changed, 121 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/365cbd07/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
index fc8ffb2..cfaf711 100644
--- a/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
+++ b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
@@ -26,6 +26,7 @@ import java.util.List;
 import java.util.Map;
 
 import javax.xml.namespace.QName;
+import javax.xml.ws.soap.SOAPFaultException;
 
 import org.apache.cxf.BusFactory;
 import org.apache.cxf.endpoint.Client;
@@ -112,7 +113,7 @@ public class JMSWSSecurityTest extends AbstractBusClientServerTestBase
{
     }
     
     @Test
-    public void testUnsignedSAML2AudienceRestrictionToken() throws Exception {
+    public void testUnsignedSAML2AudienceRestrictionTokenURI() throws Exception {
         QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
         QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
         URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
@@ -150,5 +151,124 @@ public class JMSWSSecurityTest extends AbstractBusClientServerTestBase
{
         ((java.io.Closeable)greeter).close();
     }
     
+    @Test
+    public void testUnsignedSAML2AudienceRestrictionTokenBadURI() throws Exception {
+        QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
+        QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
+        URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
+        HelloWorldService service = new HelloWorldService(wsdl, serviceName);
+
+        HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class);
+        
+        SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+        callbackHandler.setSignAssertion(true);
+        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
+        
+        ConditionsBean conditions = new ConditionsBean();
+        conditions.setTokenPeriodMinutes(5);
+        List<String> audiences = new ArrayList<>();
+        audiences.add("jms:jndi:dynamicQueues/test.jmstransport.text.bad");
+        AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean();
+        audienceRestrictionBean.setAudienceURIs(audiences);
+        conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
+        
+        callbackHandler.setConditions(conditions);
+        
+        Map<String, Object> outProperties = new HashMap<String, Object>();
+        outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
+        
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties);
+        Client client = ClientProxy.getClient(greeter);
+        client.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            greeter.sayHi();
+            fail("Failure expected on a bad audience restriction");
+        } catch (SOAPFaultException ex) {
+            // expected
+        }
+
+        ((java.io.Closeable)greeter).close();
+    }
+    
+    @Test
+    public void testUnsignedSAML2AudienceRestrictionTokenServiceName() throws Exception {
+        QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
+        QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
+        URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
+        HelloWorldService service = new HelloWorldService(wsdl, serviceName);
 
+        String response = new String("Bonjour");
+        HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class);
+        
+        SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+        callbackHandler.setSignAssertion(true);
+        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
+        
+        ConditionsBean conditions = new ConditionsBean();
+        conditions.setTokenPeriodMinutes(5);
+        List<String> audiences = new ArrayList<>();
+        audiences.add("{http://cxf.apache.org/hello_world_jms}HelloWorldService");
+        AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean();
+        audienceRestrictionBean.setAudienceURIs(audiences);
+        conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
+        
+        callbackHandler.setConditions(conditions);
+        
+        Map<String, Object> outProperties = new HashMap<String, Object>();
+        outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
+        
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties);
+        Client client = ClientProxy.getClient(greeter);
+        client.getOutInterceptors().add(outInterceptor);
+        
+        String reply = greeter.sayHi();
+        assertNotNull("no response received from service", reply);
+        assertEquals(response, reply);
+
+        ((java.io.Closeable)greeter).close();
+    }
+    
+    @Test
+    public void testUnsignedSAML2AudienceRestrictionTokenBadServiceName() throws Exception
{
+        QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
+        QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
+        URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
+        HelloWorldService service = new HelloWorldService(wsdl, serviceName);
+
+        HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class);
+        
+        SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+        callbackHandler.setSignAssertion(true);
+        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
+        
+        ConditionsBean conditions = new ConditionsBean();
+        conditions.setTokenPeriodMinutes(5);
+        List<String> audiences = new ArrayList<>();
+        audiences.add("{http://cxf.apache.org/hello_world_jms}BadHelloWorldService");
+        AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean();
+        audienceRestrictionBean.setAudienceURIs(audiences);
+        conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
+        
+        callbackHandler.setConditions(conditions);
+        
+        Map<String, Object> outProperties = new HashMap<String, Object>();
+        outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
+        
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties);
+        Client client = ClientProxy.getClient(greeter);
+        client.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            greeter.sayHi();
+            fail("Failure expected on a bad audience restriction");
+        } catch (SOAPFaultException ex) {
+            // expected
+        }
+
+        ((java.io.Closeable)greeter).close();
+    }
 }


Mime
View raw message