Return-Path: 
 <commits-return-39305-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 2B94418671
	for <apmail-cxf-commits-archive@www.apache.org>;
 Thu, 26 Nov 2015 14:54:24 +0000 (UTC)
Received: (qmail 27314 invoked by uid 500); 26 Nov 2015 14:54:24 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 27254 invoked by uid 500); 26 Nov 2015 14:54:24 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 27242 invoked by uid 99); 26 Nov 2015 14:54:24 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 26 Nov 2015 14:54:24 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id D7AB3E2C33; Thu, 26 Nov 2015 14:54:23 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: coheigea@apache.org
To: commits@cxf.apache.org
Message-Id: <f4109dc715da4e73b5152c7bc2b5eefa@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: cxf git commit: Adding more SAML/JMS tests
Date: Thu, 26 Nov 2015 14:54:23 +0000 (UTC)

Repository: cxf
Updated Branches:
  refs/heads/master a5d7bcab3 -> 59973442d


Adding more SAML/JMS tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/59973442
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/59973442
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/59973442

Branch: refs/heads/master
Commit: 59973442dc3c06938ac3b39980ae281bfdbe0f43
Parents: a5d7bca
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Nov 26 14:53:53 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Nov 26 14:54:10 2015 +0000

----------------------------------------------------------------------
 .../systest/jms/security/JMSWSSecurityTest.java | 122 ++++++++++++++++++-
 1 file changed, 121 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/59973442/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
index fc8ffb2..cfaf711 100644
--- a/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
+++ b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
@@ -26,6 +26,7 @@ import java.util.List;
 import java.util.Map;
 
 import javax.xml.namespace.QName;
+import javax.xml.ws.soap.SOAPFaultException;
 
 import org.apache.cxf.BusFactory;
 import org.apache.cxf.endpoint.Client;
@@ -112,7 +113,7 @@ public class JMSWSSecurityTest extends AbstractBusClientServerTestBase {
     }
     
     @Test
-    public void testUnsignedSAML2AudienceRestrictionToken() throws Exception {
+    public void testUnsignedSAML2AudienceRestrictionTokenURI() throws Exception {
         QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
         QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
         URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
@@ -150,5 +151,124 @@ public class JMSWSSecurityTest extends AbstractBusClientServerTestBase {
         ((java.io.Closeable)greeter).close();
     }
     
+    @Test
+    public void testUnsignedSAML2AudienceRestrictionTokenBadURI() throws Exception {
+        QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
+        QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
+        URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
+        HelloWorldService service = new HelloWorldService(wsdl, serviceName);
+
+        HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class);
+        
+        SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+        callbackHandler.setSignAssertion(true);
+        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
+        
+        ConditionsBean conditions = new ConditionsBean();
+        conditions.setTokenPeriodMinutes(5);
+        List<String> audiences = new ArrayList<>();
+        audiences.add("jms:jndi:dynamicQueues/test.jmstransport.text.bad");
+        AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean();
+        audienceRestrictionBean.setAudienceURIs(audiences);
+        conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
+        
+        callbackHandler.setConditions(conditions);
+        
+        Map<String, Object> outProperties = new HashMap<String, Object>();
+        outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
+        
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties);
+        Client client = ClientProxy.getClient(greeter);
+        client.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            greeter.sayHi();
+            fail("Failure expected on a bad audience restriction");
+        } catch (SOAPFaultException ex) {
+            // expected
+        }
+
+        ((java.io.Closeable)greeter).close();
+    }
+    
+    @Test
+    public void testUnsignedSAML2AudienceRestrictionTokenServiceName() throws Exception {
+        QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
+        QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
+        URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
+        HelloWorldService service = new HelloWorldService(wsdl, serviceName);
 
+        String response = new String("Bonjour");
+        HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class);
+        
+        SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+        callbackHandler.setSignAssertion(true);
+        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
+        
+        ConditionsBean conditions = new ConditionsBean();
+        conditions.setTokenPeriodMinutes(5);
+        List<String> audiences = new ArrayList<>();
+        audiences.add("{http://cxf.apache.org/hello_world_jms}HelloWorldService");
+        AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean();
+        audienceRestrictionBean.setAudienceURIs(audiences);
+        conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
+        
+        callbackHandler.setConditions(conditions);
+        
+        Map<String, Object> outProperties = new HashMap<String, Object>();
+        outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
+        
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties);
+        Client client = ClientProxy.getClient(greeter);
+        client.getOutInterceptors().add(outInterceptor);
+        
+        String reply = greeter.sayHi();
+        assertNotNull("no response received from service", reply);
+        assertEquals(response, reply);
+
+        ((java.io.Closeable)greeter).close();
+    }
+    
+    @Test
+    public void testUnsignedSAML2AudienceRestrictionTokenBadServiceName() throws Exception {
+        QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
+        QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
+        URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
+        HelloWorldService service = new HelloWorldService(wsdl, serviceName);
+
+        HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class);
+        
+        SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+        callbackHandler.setSignAssertion(true);
+        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
+        
+        ConditionsBean conditions = new ConditionsBean();
+        conditions.setTokenPeriodMinutes(5);
+        List<String> audiences = new ArrayList<>();
+        audiences.add("{http://cxf.apache.org/hello_world_jms}BadHelloWorldService");
+        AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean();
+        audienceRestrictionBean.setAudienceURIs(audiences);
+        conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
+        
+        callbackHandler.setConditions(conditions);
+        
+        Map<String, Object> outProperties = new HashMap<String, Object>();
+        outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
+        
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties);
+        Client client = ClientProxy.getClient(greeter);
+        client.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            greeter.sayHi();
+            fail("Failure expected on a bad audience restriction");
+        } catch (SOAPFaultException ex) {
+            // expected
+        }
+
+        ((java.io.Closeable)greeter).close();
+    }
 }