cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/2] cxf-fediz git commit: Fixing merge
Date Fri, 10 Jun 2016 12:54:20 GMT
Fixing merge


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/d71f3286
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/d71f3286
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/d71f3286

Branch: refs/heads/1.2.x-fixes
Commit: d71f3286cd12e2540ee520a4d3f0611e74a4bfaa
Parents: 219cb39
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Jun 10 13:54:11 2016 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Jun 10 13:54:11 2016 +0100

----------------------------------------------------------------------
 .../AudienceRestrictionTest.java                |  10 +-
 .../AudienceRestrictionTest.java                | 210 -------------------
 .../test/resources/fediz_config_aud_restr.xml   |  61 ------
 3 files changed, 4 insertions(+), 277 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d71f3286/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java
----------------------------------------------------------------------
diff --git a/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java
b/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java
index d9822cb..654a4f6 100644
--- a/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java
+++ b/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java
@@ -39,7 +39,7 @@ import org.apache.catalina.LifecycleState;
 import org.apache.catalina.connector.Connector;
 import org.apache.catalina.startup.Tomcat;
 import org.apache.commons.io.IOUtils;
-import org.apache.cxf.fediz.tomcat7.FederationAuthenticator;
+import org.apache.cxf.fediz.tomcat.FederationAuthenticator;
 import org.apache.http.auth.AuthScope;
 import org.apache.http.auth.UsernamePasswordCredentials;
 import org.junit.AfterClass;
@@ -129,9 +129,9 @@ public class AudienceRestrictionTest {
                 content = content.replaceAll("\\$\\{idp.https.port\\}", "" + idpHttpsPort);
             
                 File f2 = new File(baseDir + "/test-classes/fediz_config_aud_restr.xml");
-                try (FileOutputStream outputStream = new FileOutputStream(f2)) {
-                    IOUtils.write(content, outputStream, "UTF-8");
-                }
+                FileOutputStream outputStream = new FileOutputStream(f2);
+                IOUtils.write(content, outputStream, "UTF-8");
+                outputStream.close();
             }
             
             FederationAuthenticator fa = new FederationAuthenticator();
@@ -203,8 +203,6 @@ public class AudienceRestrictionTest {
         } catch (FailingHttpStatusCodeException ex) {
             Assert.assertEquals(ex.getStatusCode(), 401);
         }
-
-        webClient.close();
     }
     
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d71f3286/systests/tomcat8/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java
----------------------------------------------------------------------
diff --git a/systests/tomcat8/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java
b/systests/tomcat8/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java
deleted file mode 100644
index 673b868..0000000
--- a/systests/tomcat8/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java
+++ /dev/null
@@ -1,210 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.fediz.integrationtests;
-
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-
-import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
-import com.gargoylesoftware.htmlunit.WebClient;
-import com.gargoylesoftware.htmlunit.html.HtmlForm;
-import com.gargoylesoftware.htmlunit.html.HtmlPage;
-import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput;
-
-import org.apache.catalina.Context;
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.LifecycleState;
-import org.apache.catalina.connector.Connector;
-import org.apache.catalina.startup.Tomcat;
-import org.apache.commons.io.IOUtils;
-import org.apache.cxf.fediz.tomcat8.FederationAuthenticator;
-import org.apache.http.auth.AuthScope;
-import org.apache.http.auth.UsernamePasswordCredentials;
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-
-/**
- * A test to make sure that audience restriction validation is working correctly in the plugin.
- */
-public class AudienceRestrictionTest {
-
-    static String idpHttpsPort;
-    static String rpHttpsPort;
-    
-    private static Tomcat idpServer;
-    private static Tomcat rpServer;
-    
-    @BeforeClass
-    public static void init() throws Exception {
-        System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.SimpleLog");
-        System.setProperty("org.apache.commons.logging.simplelog.showdatetime", "true");
-        System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire", "info");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient",
"info");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.webflow",
"info");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.security.web",
"info");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf.fediz",
"info");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf", "info");
 
-        
-        idpHttpsPort = System.getProperty("idp.https.port");
-        Assert.assertNotNull("Property 'idp.https.port' null", idpHttpsPort);
-        rpHttpsPort = System.getProperty("rp.https.port");
-        Assert.assertNotNull("Property 'rp.https.port' null", rpHttpsPort);
-
-        idpServer = startServer(true, idpHttpsPort);
-        rpServer = startServer(false, rpHttpsPort);
-    }
-    
-    private static Tomcat startServer(boolean idp, String port) 
-        throws ServletException, LifecycleException, IOException {
-        Tomcat server = new Tomcat();
-        server.setPort(0);
-        String currentDir = new File(".").getCanonicalPath();
-        String baseDir = currentDir + File.separator + "target";
-        server.setBaseDir(baseDir);
-
-        if (idp) {
-            server.getHost().setAppBase("tomcat/idp/webapps");
-        } else {
-            server.getHost().setAppBase("tomcat/rp/webapps");
-        }
-        server.getHost().setAutoDeploy(true);
-        server.getHost().setDeployOnStartup(true);
-
-        Connector httpsConnector = new Connector();
-        httpsConnector.setPort(Integer.parseInt(port));
-        httpsConnector.setSecure(true);
-        httpsConnector.setScheme("https");
-        //httpsConnector.setAttribute("keyAlias", keyAlias);
-        httpsConnector.setAttribute("keystorePass", "tompass");
-        httpsConnector.setAttribute("keystoreFile", "test-classes/server.jks");
-        httpsConnector.setAttribute("truststorePass", "tompass");
-        httpsConnector.setAttribute("truststoreFile", "test-classes/server.jks");
-        httpsConnector.setAttribute("clientAuth", "want");
-        // httpsConnector.setAttribute("clientAuth", "false");
-        httpsConnector.setAttribute("sslProtocol", "TLS");
-        httpsConnector.setAttribute("SSLEnabled", true);
-
-        server.getService().addConnector(httpsConnector);
-
-        if (idp) {
-            File stsWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(),
"fediz-idp-sts");
-            server.addWebapp("/fediz-idp-sts", stsWebapp.getAbsolutePath());
-    
-            File idpWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(),
"fediz-idp");
-            server.addWebapp("/fediz-idp", idpWebapp.getAbsolutePath());
-        } else {
-            File rpWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(),
"simpleWebapp");
-            Context cxt = server.addWebapp("/fedizhelloworld", rpWebapp.getAbsolutePath());
-            
-            // Substitute the IDP port. Necessary if running the test in eclipse where port
filtering doesn't seem
-            // to work
-            File f = new File(currentDir + "/src/test/resources/fediz_config_aud_restr.xml");
-            FileInputStream inputStream = new FileInputStream(f);
-            String content = IOUtils.toString(inputStream, "UTF-8");
-            inputStream.close();
-            if (content.contains("idp.https.port")) {
-                content = content.replaceAll("\\$\\{idp.https.port\\}", "" + idpHttpsPort);
-            
-                File f2 = new File(baseDir + "/test-classes/fediz_config_aud_restr.xml");
-                try (FileOutputStream outputStream = new FileOutputStream(f2)) {
-                    IOUtils.write(content, outputStream, "UTF-8");
-                }
-            }
-            
-            FederationAuthenticator fa = new FederationAuthenticator();
-            fa.setConfigFile(currentDir + File.separator + "target" + File.separator
-                             + "test-classes" + File.separator + "fediz_config_aud_restr.xml");
-            cxt.getPipeline().addValve(fa);
-        }
-
-        server.start();
-
-        return server;
-    }
-    
-    @AfterClass
-    public static void cleanup() {
-        shutdownServer(idpServer);
-        shutdownServer(rpServer);
-    }
-    
-    private static void shutdownServer(Tomcat server) {
-        try {
-            if (server != null && server.getServer() != null
-                && server.getServer().getState() != LifecycleState.DESTROYED) {
-                if (server.getServer().getState() != LifecycleState.STOPPED) {
-                    server.stop();
-                }
-                server.destroy();
-            }
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-    }
-
-    public String getIdpHttpsPort() {
-        return idpHttpsPort;
-    }
-
-    public String getRpHttpsPort() {
-        return rpHttpsPort;
-    }
-    
-    public String getServletContextName() {
-        return "fedizhelloworld";
-    }
-    
-    @org.junit.Test
-    public void testSAMLTokenWithNonMatchingAudienceRestriction() throws Exception {
-        String url = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet";
-        String user = "alice";
-        String password = "ecila";
-        
-        final WebClient webClient = new WebClient();
-        webClient.getOptions().setUseInsecureSSL(true);
-        webClient.getCredentialsProvider().setCredentials(
-            new AuthScope("localhost", Integer.parseInt(getIdpHttpsPort())),
-            new UsernamePasswordCredentials(user, password));
-
-        webClient.getOptions().setJavaScriptEnabled(false);
-        final HtmlPage idpPage = webClient.getPage(url);
-        webClient.getOptions().setJavaScriptEnabled(true);
-        Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText());
-        
-        final HtmlForm form = idpPage.getFormByName("signinresponseform");
-        final HtmlSubmitInput button = form.getInputByName("_eventId_submit");
-
-        try {
-            button.click();
-            Assert.fail("Failure expected on a bad audience restriction value");
-        } catch (FailingHttpStatusCodeException ex) {
-            Assert.assertEquals(ex.getStatusCode(), 401);
-        }
-
-        webClient.close();
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d71f3286/systests/tomcat8/src/test/resources/fediz_config_aud_restr.xml
----------------------------------------------------------------------
diff --git a/systests/tomcat8/src/test/resources/fediz_config_aud_restr.xml b/systests/tomcat8/src/test/resources/fediz_config_aud_restr.xml
deleted file mode 100644
index 8a663bf..0000000
--- a/systests/tomcat8/src/test/resources/fediz_config_aud_restr.xml
+++ /dev/null
@@ -1,61 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements. See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership. The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License. You may obtain a copy of the License at
- 
-  http://www.apache.org/licenses/LICENSE-2.0
- 
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied. See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml
file. 
-     Keystore referenced below must have IDP STS' public cert included in it.  This example
re-uses the Tomcat SSL 
-     keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific
keystore instead. 
--->
-<FedizConfig>
-    <contextConfig name="/fedizhelloworld">
-        <audienceUris>
-            <audienceItem>urn:org:apache:cxf:fediz:fedizhelloworld2</audienceItem>
-        </audienceUris>
-        <certificateStores>
-            <trustManager>
-                <keyStore file="test-classes/clienttrust.jks"
-                          password="storepass" type="JKS" />
-            </trustManager>
-        </certificateStores>
-        <trustedIssuers>
-            <issuer certificateValidation="PeerTrust" />
-        </trustedIssuers>
-        <maximumClockSkew>1000</maximumClockSkew>
-        <signingKey keyAlias="mytomidpkey" keyPassword="tompass">
-            <keyStore file="test-classes/server.jks" password="tompass" type="JKS" />
-        </signingKey>
-        <protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-            xsi:type="federationProtocolType" version="1.0.0">
-            <realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
-            <issuer>https://localhost:${idp.https.port}/fediz-idp/federation</issuer>
-            <roleDelimiter>,</roleDelimiter>
-            <roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
-            <freshness>10</freshness>
-            <homeRealm type="String">urn:org:apache:cxf:fediz:idp:realm-A</homeRealm>
-            <claimTypesRequested>
-                <claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"
optional="false" />
-				<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"
optional="true" />
-				<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" optional="true"
/>
-				<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
optional="true" />
-            </claimTypesRequested>
-        </protocol>
-        <logoutURL>/secure/logout</logoutURL>
-        <logoutRedirectTo>/index.html</logoutRedirectTo>
-    </contextConfig>
-</FedizConfig>
-


Mime
View raw message