Return-Path: Delivered-To: apmail-ws-wss4j-dev-archive@www.apache.org Received: (qmail 48864 invoked from network); 19 Aug 2007 18:31:40 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 19 Aug 2007 18:31:40 -0000 Received: (qmail 99032 invoked by uid 500); 19 Aug 2007 18:31:36 -0000 Delivered-To: apmail-ws-wss4j-dev-archive@ws.apache.org Received: (qmail 98991 invoked by uid 500); 19 Aug 2007 18:31:36 -0000 Mailing-List: contact wss4j-dev-help@ws.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list wss4j-dev@ws.apache.org Received: (qmail 98979 invoked by uid 500); 19 Aug 2007 18:31:36 -0000 Delivered-To: apmail-ws-wss4j-cvs@ws.apache.org Received: (qmail 98976 invoked by uid 99); 19 Aug 2007 18:31:36 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 19 Aug 2007 11:31:36 -0700 X-ASF-Spam-Status: No, hits=-98.5 required=10.0 tests=ALL_TRUSTED,WEIRD_PORT X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 19 Aug 2007 18:31:27 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id CEA521A981A; Sun, 19 Aug 2007 11:31:06 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r567453 - in /webservices/wss4j/branches/1_5_3: interop/ interop/org/apache/ws/axis/oasis/ interop/org/apache/ws/axis/oasis/ping/ src/org/apache/ws/security/action/ src/org/apache/ws/security/message/ src/org/apache/ws/security/message/toke... Date: Sun, 19 Aug 2007 18:31:06 -0000 To: wss4j-cvs@ws.apache.org From: ruchithf@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20070819183106.CEA521A981A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: ruchithf Date: Sun Aug 19 11:31:04 2007 New Revision: 567453 URL: http://svn.apache.org/viewvc?view=rev&rev=567453 Log: Merged Werner's changes from the trunk to the 1.5.3 branch Added: webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/Scenario2b.java webservices/wss4j/branches/1_5_3/test/interop/TestScenario2b.java Modified: webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd webservices/wss4j/branches/1_5_3/interop/ping.wsdl webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/action/UsernameTokenSignedAction.java webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/message/WSSecSignature.java webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/message/token/UsernameToken.java webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/processor/SignatureProcessor.java webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/processor/UsernameTokenProcessor.java webservices/wss4j/branches/1_5_3/test/wssec/TestWSSecurityNew13.java Modified: webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd?view=diff&rev=567453&r1=567452&r2=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd (original) +++ webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd Sun Aug 19 11:31:04 2007 @@ -68,6 +68,21 @@ + + + + + + + + + + + + + Added: webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/Scenario2b.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/Scenario2b.java?view=auto&rev=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/Scenario2b.java (added) +++ webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/Scenario2b.java Sun Aug 19 11:31:04 2007 @@ -0,0 +1,101 @@ +/* + * Copyright 2003-2004 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.ws.axis.oasis; + +import org.apache.axis.utils.Options; +import org.apache.ws.axis.oasis.ping.PingPort; +import org.apache.ws.axis.oasis.ping.PingServiceLocator; + +import javax.xml.rpc.holders.StringHolder; + +/** + * Class Scenario2b + */ +public class Scenario2b { + + /** Field address */ + private static final java.lang.String address = + "http://localhost:9080/axis/services/Ping2b"; + + /** + * Method main + * + * @param args + * @throws Exception + */ + public static void main(String[] args) throws Exception { + + Options opts = new Options(args); + opts.setDefaultURL(address); + + /* + * Start to prepare service call. Once this is done, several + * calls can be made on the port (see below) + * + * Fist: get the service locator. This implements the functionality + * to get a client stub (aka port). + */ + PingServiceLocator service = new PingServiceLocator(); + + /* + * this is a JAX-RPC compliant call. It uses a preconfigured + * endpoint address (usually contained in the WSDL). Note the + * cast. + * + * SecPort port = (SwaPort)service.getPort(SwaPortType.class); + */ + + /* + * Here we use an Axis specific call that allows to override the + * port address (service endpoint address) with an own URL. Comes + * in handy for testing. + */ + java.net.URL endpoint; + + try { + endpoint = new java.net.URL(opts.getURL()); + } catch (java.net.MalformedURLException e) { + throw new javax.xml.rpc.ServiceException(e); + } + + PingPort port = (PingPort) service.getPing2b(endpoint); + + /* + * At this point all preparations are done. Using the port we can + * now perform as many calls as necessary. + */ + + // perform call + StringHolder text = + new StringHolder("WSS4J - Scenario 2b text"); + port.ping(new org.apache.ws.axis.oasis.ping.TicketType("WSS4J"), text); + System.out.println(text.value); + + if (opts.isFlagSet('t') > 0) { + long startTime = System.currentTimeMillis(); + + for (int i = 0; i < 20; i++) { + port.ping(new org.apache.ws.axis.oasis.ping.TicketType("WSS4J"), text); + } + + long endTime = System.currentTimeMillis(); + + System.out.println("Time used: " + (endTime - startTime) + "ms"); + } + } +} Modified: webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd?view=diff&rev=567453&r1=567452&r2=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd (original) +++ webservices/wss4j/branches/1_5_3/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd Sun Aug 19 11:31:04 2007 @@ -103,6 +103,34 @@ + + + + + + + + + + + + + + + + + + + + + Modified: webservices/wss4j/branches/1_5_3/interop/ping.wsdl URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/interop/ping.wsdl?view=diff&rev=567453&r1=567452&r2=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/interop/ping.wsdl (original) +++ webservices/wss4j/branches/1_5_3/interop/ping.wsdl Sun Aug 19 11:31:04 2007 @@ -70,6 +70,9 @@ + + + Modified: webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/action/UsernameTokenSignedAction.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/action/UsernameTokenSignedAction.java?view=diff&rev=567453&r1=567452&r2=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/action/UsernameTokenSignedAction.java (original) +++ webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/action/UsernameTokenSignedAction.java Sun Aug 19 11:31:04 2007 @@ -1,5 +1,5 @@ /* - * Copyright 2003-2004 The Apache Software Foundation. + * Copyright 2003-2007 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,15 +17,31 @@ package org.apache.ws.security.action; +import java.util.Vector; + +import org.apache.ws.security.SOAPConstants; import org.apache.ws.security.WSConstants; +import org.apache.ws.security.WSEncryptionPart; import org.apache.ws.security.WSSecurityException; import org.apache.ws.security.handler.RequestData; import org.apache.ws.security.handler.WSHandler; import org.apache.ws.security.handler.WSHandlerConstants; import org.apache.ws.security.message.WSSecUsernameToken; import org.apache.ws.security.message.WSSecSignature; +import org.apache.ws.security.message.WSSecHeader; +import org.apache.ws.security.util.WSSecurityUtil; import org.apache.xml.security.signature.XMLSignature; import org.w3c.dom.Document; +import org.w3c.dom.Element; + +/** + * Sign a request using a secret key derived from UsernameToken data. + * + * Enhanced by Alberto Coletti to support digest password type for + * username token signature + * + * @author Werner Dittmann (Werner.Dittmann@t-online.de) + */ public class UsernameTokenSignedAction implements Action { public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData) @@ -37,28 +53,66 @@ WSSecUsernameToken builder = new WSSecUsernameToken(); builder.setWsConfig(reqData.getWssConfig()); - builder.setPasswordType(WSConstants.PASSWORD_TEXT); + builder.setPasswordType(reqData.getPwType()); // enhancement by Alberto Coletti + builder.setUserInfo(reqData.getUsername(), password); builder.addCreated(); builder.addNonce(); builder.prepare(doc); + + // Now prepare to sign. + // First step: Get a WS Signature object and set config parameters + // second step: set user data and algorithm parameters. This + // _must_ be done before we "prepare" + // third step: Call "prepare". This creates the internal WS Signature + // data structures, XML element, fills in the algorithms + // and other data. + // fourth step: Get the references. These references identify the parts + // of the document that will be included into the + // signature. If no references are given sign the message + // body by default. + // fifth step: compute the signature + // + // after "prepare" the Signature XML element is ready and may prepend + // this to the security header. WSSecSignature sign = new WSSecSignature(); sign.setWsConfig(reqData.getWssConfig()); - if (reqData.getSignatureParts().size() > 0) { - sign.setParts(reqData.getSignatureParts()); - } sign.setUsernameToken(builder); sign.setKeyIdentifierType(WSConstants.UT_SIGNING); sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1); + + sign.prepare(doc, null, reqData.getSecHeader()); + + // prepend in this order: first the Signature Element and then the + // UsernameToken Element. This way the server gets the UsernameToken + // first, can check it and are prepared to compute the Signature key. + sign.prependToHeader(reqData.getSecHeader()); + builder.prependToHeader(reqData.getSecHeader()); + + Vector parts = null; + if (reqData.getSignatureParts().size() > 0) { + parts = reqData.getSignatureParts(); + } + else { + SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc + .getDocumentElement()); + + parts = new Vector(); + WSEncryptionPart encP = new WSEncryptionPart(soapConstants + .getBodyQName().getLocalPart(), soapConstants + .getEnvelopeURI(), "Content"); + parts.add(encP); + } + sign.addReferencesToSign(parts, reqData.getSecHeader()); + try { - sign.build(doc, null, reqData.getSecHeader()); + sign.computeSignature(); reqData.getSignatureValues().add(sign.getSignatureValue()); } catch (WSSecurityException e) { throw new WSSecurityException("WSHandler: Error during Signature with UsernameToken secret" + e); } - builder.prependToHeader(reqData.getSecHeader()); } } Modified: webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/message/WSSecSignature.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/message/WSSecSignature.java?view=diff&rev=567453&r1=567452&r2=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/message/WSSecSignature.java (original) +++ webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/message/WSSecSignature.java Sun Aug 19 11:31:04 2007 @@ -710,8 +710,6 @@ log.debug("Beginning signing..."); } - Element securityHeader = secHeader.getSecurityHeader(); - prepare(doc, cr, secHeader); SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc Modified: webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/message/token/UsernameToken.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/message/token/UsernameToken.java?view=diff&rev=567453&r1=567452&r2=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/message/token/UsernameToken.java (original) +++ webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/message/token/UsernameToken.java Sun Aug 19 11:31:04 2007 @@ -1,5 +1,5 @@ /* - * Copyright 2003-2004 The Apache Software Foundation. + * Copyright 2003-2007 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -44,13 +44,17 @@ /** * UsernameToken according to WS Security specifications, UsernameToken profile. * + * Enhanced to support digest password type for username token signature + * * @author Davanum Srinivas (dims@yahoo.com) - * @author Werner Dittmann (Werner.Dittmann@siemens.com) + * @author Werner Dittmann (Werner.Dittmann@t-online.de) */ public class UsernameToken { private static Log log = LogFactory.getLog(UsernameToken.class.getName()); public static final String PASSWORD_TYPE = "passwordType"; + + private String raw_password; // enhancment by Alberto Coletti protected Element element = null; @@ -325,7 +329,7 @@ /** * Gets the password string. This is the password as it is in the password - * element of a username, token. Thus it can be either plain text or the + * element of a username token. Thus it can be either plain text or the * password digest value. * * @return the password string or null if no such node @@ -397,6 +401,7 @@ if (pwd == null) { throw new IllegalArgumentException("pwd == null"); } + raw_password = pwd; // enhancement by Alberto coletti Text node = getFirstNode(this.elementPassword); try { if (!hashed) { @@ -413,6 +418,15 @@ } } + /** + * Set the raw (plain text) password used to compute secret key. + * + * @param raw_password the raw_password to set + */ + public void setRawPassword(String raw_password) { + this.raw_password = raw_password; + } + public static String doPasswordDigest(String nonce, String created, String password) { String passwdDigest = null; @@ -541,7 +555,7 @@ byte[] key = null; try { Mac mac = Mac.getInstance("HMACSHA1"); - byte[] password = getPassword().getBytes("UTF-8"); + byte[] password = raw_password.getBytes("UTF-8"); // enhancement by Alberto Coletti byte[] label = labelString.getBytes("UTF-8"); byte[] nonce = Base64.decode(getNonce()); byte[] created = getCreated().getBytes("UTF-8"); @@ -571,6 +585,8 @@ } return key; } + + /** * This static method generates a derived key as defined in WSS Username Modified: webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/processor/SignatureProcessor.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/processor/SignatureProcessor.java?view=diff&rev=567453&r1=567452&r2=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/processor/SignatureProcessor.java (original) +++ webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/processor/SignatureProcessor.java Sun Aug 19 11:31:04 2007 @@ -203,14 +203,17 @@ QName el = new QName(token.getNamespaceURI(), token .getLocalName()); if (el.equals(WSSecurityEngine.usernameToken)) { - ut = new UsernameToken(token); + String id = token.getAttributeNS(WSConstants.WSU_NS, "Id"); + UsernameTokenProcessor utProcessor = + (UsernameTokenProcessor) wsDocInfo.getProcessor(id); + ut = utProcessor.getUt(); secretKey = ut.getSecretKey(); } else if(el.equals(WSSecurityEngine.DERIVED_KEY_TOKEN_05_02) || el.equals(WSSecurityEngine.DERIVED_KEY_TOKEN_05_12)) { dkt = new DerivedKeyToken(token); String id = dkt.getID(); - DerivedKeyTokenProcessor dktProcessor = (DerivedKeyTokenProcessor) wsDocInfo - .getProcessor(id); + DerivedKeyTokenProcessor dktProcessor = + (DerivedKeyTokenProcessor) wsDocInfo.getProcessor(id); String signatureMethodURI = sig.getSignedInfo().getSignatureMethodURI(); int keyLength = (dkt.getLength() > 0) ? dkt.getLength() : WSSecurityUtil.getKeyLength(signatureMethodURI); Modified: webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/processor/UsernameTokenProcessor.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/processor/UsernameTokenProcessor.java?view=diff&rev=567453&r1=567452&r2=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/processor/UsernameTokenProcessor.java (original) +++ webservices/wss4j/branches/1_5_3/src/org/apache/ws/security/processor/UsernameTokenProcessor.java Sun Aug 19 11:31:04 2007 @@ -41,6 +41,7 @@ private static Log log = LogFactory.getLog(UsernameTokenProcessor.class.getName()); private String utId; + private UsernameToken ut; public void handleToken(Element elem, Crypto crypto, Crypto decCrypto, CallbackHandler cb, WSDocInfo wsDocInfo, Vector returnResults, WSSConfig wsc) throws WSSecurityException { if (log.isDebugEnabled()) { @@ -75,7 +76,7 @@ * @throws WSSecurityException */ public WSUsernameTokenPrincipal handleUsernameToken(Element token, CallbackHandler cb) throws WSSecurityException { - UsernameToken ut = new UsernameToken(token); + ut = new UsernameToken(token); String user = ut.getName(); String password = ut.getPassword(); String nonce = ut.getNonce(); @@ -87,6 +88,8 @@ } Callback[] callbacks = new Callback[1]; + String origPassword = null; + if (ut.isHashed()) { if (cb == null) { throw new WSSecurityException(WSSecurityException.FAILURE, @@ -106,7 +109,7 @@ "noPassword", new Object[]{user}, e); } - String origPassword = pwCb.getPassword(); + origPassword = pwCb.getPassword(); if (log.isDebugEnabled()) { log.debug("UsernameToken callback password " + origPassword); } @@ -120,6 +123,7 @@ throw new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION); } } + ut.setRawPassword(origPassword); } else if (cb != null) { WSPasswordCallback pwCb = new WSPasswordCallback(user, password, pwType, WSPasswordCallback.USERNAME_TOKEN_UNKNOWN); @@ -133,8 +137,8 @@ throw new WSSecurityException(WSSecurityException.FAILURE, "noPassword", new Object[]{user}); } + ut.setRawPassword(password); } - WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(user, ut.isHashed()); principal.setNonce(nonce); principal.setPassword(password); @@ -149,5 +153,14 @@ */ public String getId() { return utId; + } + + /** + * Get the processed USernameToken. + * + * @return the ut + */ + public UsernameToken getUt() { + return ut; } } Added: webservices/wss4j/branches/1_5_3/test/interop/TestScenario2b.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/test/interop/TestScenario2b.java?view=auto&rev=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/test/interop/TestScenario2b.java (added) +++ webservices/wss4j/branches/1_5_3/test/interop/TestScenario2b.java Sun Aug 19 11:31:04 2007 @@ -0,0 +1,65 @@ +/* + * Copyright 2003-2004 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package interop; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; +import org.apache.ws.axis.oasis.Scenario2b; + +/** + * WS-Security Test Case + *

+ * + * @author Davanum Srinivas (dims@yahoo.com) + */ +public class TestScenario2b extends TestCase { + /** + * TestScenario1 constructor + *

+ * + * @param name name of the test + */ + public TestScenario2b(String name) { + super(name); + } + + /** + * JUnit suite + *

+ * + * @return a junit test suite + */ + public static Test suite() { + return new TestSuite(TestScenario2b.class); + } + + /** + * Main method + *

+ * + * @param args command line args + */ + public static void main(String[] args) throws Exception { + Scenario2b.main(args); + } + + public void testScenario2b() throws Exception { + Scenario2b.main(new String[]{"-lhttp://localhost:8080/axis/services/Ping2b"}); + } +} Modified: webservices/wss4j/branches/1_5_3/test/wssec/TestWSSecurityNew13.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_3/test/wssec/TestWSSecurityNew13.java?view=diff&rev=567453&r1=567452&r2=567453 ============================================================================== --- webservices/wss4j/branches/1_5_3/test/wssec/TestWSSecurityNew13.java (original) +++ webservices/wss4j/branches/1_5_3/test/wssec/TestWSSecurityNew13.java Sun Aug 19 11:31:04 2007 @@ -142,7 +142,7 @@ sign.setUsernameToken(builder); sign.setKeyIdentifierType(WSConstants.UT_SIGNING); sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1); - log.info("Before signing...."); + log.info("Before signing with UT text...."); sign.build(doc, null, secHeader); log.info("Before adding UsernameToken PW Text...."); builder.prependToHeader(secHeader); @@ -156,6 +156,45 @@ log.info("After adding UsernameToken PW Text...."); verify(signedDoc); } + + /** + * Test the specific signing mehtod that use UsernameToken values + *

+ * + * @throws java.lang.Exception Thrown when there is any problem in signing or verification + */ + public void testUsernameTokenSigningDigest() throws Exception { + Document doc = unsignedEnvelope.getAsDocument(); + + WSSecHeader secHeader = new WSSecHeader(); + secHeader.insertSecurityHeader(doc); + + WSSecUsernameToken builder = new WSSecUsernameToken(); + builder.setPasswordType(WSConstants.PASSWORD_DIGEST); + builder.setUserInfo("wernerd", "verySecret"); + builder.addCreated(); + builder.addNonce(); + builder.prepare(doc); + + WSSecSignature sign = new WSSecSignature(); + sign.setUsernameToken(builder); + sign.setKeyIdentifierType(WSConstants.UT_SIGNING); + sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1); + log.info("Before signing with UT digest...."); + sign.build(doc, null, secHeader); + log.info("Before adding UsernameToken PW Digest...."); + builder.prependToHeader(secHeader); + Document signedDoc = doc; + Message signedMsg = SOAPUtil.toAxisMessage(signedDoc); + if (log.isDebugEnabled()) { + log.debug("Message with UserNameToken PW Digest:"); + XMLUtils.PrettyElementToWriter(signedMsg.getSOAPEnvelope().getAsDOM(), new PrintWriter(System.out)); + } + signedDoc = signedMsg.getSOAPEnvelope().getAsDocument(); + log.info("After adding UsernameToken PW Digest...."); + verify(signedDoc); + } + /** * Verifies the soap envelope *

--------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For additional commands, e-mail: wss4j-dev-help@ws.apache.org