Examples with AuthorizationPolicy org.apache.cxf.configuration.security.AuthorizationPolicy used on opensource projects

Search in sources :

Example 16 with AuthorizationPolicy

use of org.apache.cxf.configuration.security.AuthorizationPolicy in project cxf by apache.

the class HttpConduitConfigurationTest method verifyConduit.

private void verifyConduit(HTTPConduit conduit) {
    AuthorizationPolicy authp = conduit.getAuthorization();
    assertNotNull(authp);
    assertEquals("Betty", authp.getUserName());
    assertEquals("password", authp.getPassword());
    TLSClientParameters tlscps = conduit.getTlsClientParameters();
    assertNotNull(tlscps);
    assertTrue(tlscps.isDisableCNCheck());
    assertEquals(3600000, tlscps.getSslCacheTimeout());
    KeyManager[] kms = tlscps.getKeyManagers();
    assertTrue(kms != null && kms.length == 1);
    assertTrue(kms[0] instanceof X509KeyManager);
    TrustManager[] tms = tlscps.getTrustManagers();
    assertTrue(tms != null && tms.length == 1);
    assertTrue(tms[0] instanceof X509TrustManager);
    FiltersType csfs = tlscps.getCipherSuitesFilter();
    assertNotNull(csfs);
    assertEquals(1, csfs.getInclude().size());
    assertEquals(1, csfs.getExclude().size());
    HTTPClientPolicy clientPolicy = conduit.getClient();
    assertEquals(10240, clientPolicy.getChunkLength());
}
Also used : AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters) X509TrustManager(javax.net.ssl.X509TrustManager) X509KeyManager(javax.net.ssl.X509KeyManager) HTTPClientPolicy(org.apache.cxf.transports.http.configuration.HTTPClientPolicy) FiltersType(org.apache.cxf.configuration.security.FiltersType) X509KeyManager(javax.net.ssl.X509KeyManager) KeyManager(javax.net.ssl.KeyManager) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Example 17 with AuthorizationPolicy

use of org.apache.cxf.configuration.security.AuthorizationPolicy in project cxf by apache.

the class HTTPConduitTest method testAuthPolicyPrecedence.

/**
 * This test verifies the precedence of Authorization Information.
 * Setting authorization information on the Message takes precedence
 * over a Basic Auth Supplier with preemptive UserPass, and that
 * followed by setting it directly on the Conduit.
 */
@Test
public void testAuthPolicyPrecedence() throws Exception {
    Bus bus = new ExtensionManagerBus();
    EndpointInfo ei = new EndpointInfo();
    ei.setAddress("http://nowhere.com/bar/foo");
    HTTPConduit conduit = new URLConnectionHTTPConduit(bus, ei, null);
    conduit.finalizeConfig();
    conduit.getAuthorization().setUserName("Satan");
    conduit.getAuthorization().setPassword("hell");
    Message message = getNewMessage();
    // Test call
    conduit.prepare(message);
    Map<String, List<String>> headers = CastUtils.cast((Map<?, ?>) message.get(Message.PROTOCOL_HEADERS));
    assertNotNull("Authorization Header should exist", headers.get("Authorization"));
    assertEquals("Unexpected Authorization Token", DefaultBasicAuthSupplier.getBasicAuthHeader("Satan", "hell"), headers.get("Authorization").get(0));
    // Setting a Basic Auth User Pass should override
    conduit.setAuthSupplier(new TestAuthSupplier());
    message = getNewMessage();
    // Test Call
    conduit.prepare(message);
    headers = CastUtils.cast((Map<?, ?>) message.get(Message.PROTOCOL_HEADERS));
    List<String> authorization = headers.get("Authorization");
    assertNotNull("Authorization Token must be set", authorization);
    assertEquals("Wrong Authorization Token", "myauth", authorization.get(0));
    conduit.setAuthSupplier(null);
    // Setting authorization policy on the message should override
    // conduit setting
    AuthorizationPolicy authPolicy = new AuthorizationPolicy();
    authPolicy.setUserName("Hello");
    authPolicy.setPassword("world");
    authPolicy.setAuthorizationType("Basic");
    message = getNewMessage();
    message.put(AuthorizationPolicy.class, authPolicy);
    conduit.prepare(message);
    headers = CastUtils.cast((Map<?, ?>) message.get(Message.PROTOCOL_HEADERS));
    assertEquals("Unexpected Authorization Token", DefaultBasicAuthSupplier.getBasicAuthHeader("Hello", "world"), headers.get("Authorization").get(0));
}
Also used : Bus(org.apache.cxf.Bus) ExtensionManagerBus(org.apache.cxf.bus.extension.ExtensionManagerBus) Message(org.apache.cxf.message.Message) EndpointInfo(org.apache.cxf.service.model.EndpointInfo) AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) ArrayList(java.util.ArrayList) List(java.util.List) ExtensionManagerBus(org.apache.cxf.bus.extension.ExtensionManagerBus) Map(java.util.Map) TreeMap(java.util.TreeMap) Test(org.junit.Test)

Example 18 with AuthorizationPolicy

use of org.apache.cxf.configuration.security.AuthorizationPolicy in project cxf by apache.

the class HTTPConduitURLEasyMockTest method setUpHeaders.

private void setUpHeaders(Message message) {
    Map<String, List<String>> headers = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
    List<String> contentTypes = new ArrayList<>();
    contentTypes.add("text/xml;charset=utf8");
    headers.put("content-type", contentTypes);
    List<String> acceptTypes = new ArrayList<>();
    acceptTypes.add("text/xml;charset=utf8");
    acceptTypes.add("text/plain");
    headers.put("Accept", acceptTypes);
    message.put(Message.PROTOCOL_HEADERS, headers);
    AuthorizationPolicy authPolicy = new AuthorizationPolicy();
    authPolicy.setUserName("BJ");
    authPolicy.setPassword("value");
    message.put(AuthorizationPolicy.class, authPolicy);
}
Also used : AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) ArrayList(java.util.ArrayList) MessageContentsList(org.apache.cxf.message.MessageContentsList) ArrayList(java.util.ArrayList) List(java.util.List) TreeMap(java.util.TreeMap)

Example 19 with AuthorizationPolicy

use of org.apache.cxf.configuration.security.AuthorizationPolicy in project cxf by apache.

the class HTTPSConduitTest method verifyBethalClient.

// we just verify the configurations are loaded successfully
private void verifyBethalClient(Greeter bethal) {
    Client client = ClientProxy.getClient(bethal);
    HTTPConduit http = (HTTPConduit) client.getConduit();
    HTTPClientPolicy httpClientPolicy = http.getClient();
    assertTrue("the httpClientPolicy's autoRedirect should be true", httpClientPolicy.isAutoRedirect());
    TLSClientParameters tlsParameters = http.getTlsClientParameters();
    assertNotNull("the http conduit's tlsParameters should not be null", tlsParameters);
    // If we set any name, but Edward, Mary, or George,
    // and a password of "password" we will get through
    // Bethal.
    AuthorizationPolicy authPolicy = http.getAuthorization();
    assertEquals("Set the wrong user name from the configuration", "Betty", authPolicy.getUserName());
    assertEquals("Set the wrong pass word form the configuration", "password", authPolicy.getPassword());
    configureProxy(ClientProxy.getClient(bethal));
    String answer = bethal.sayHi();
    answer = bethal.sayHi();
    answer = bethal.sayHi();
    answer = bethal.sayHi();
    answer = bethal.sayHi();
    assertTrue("Unexpected answer: " + answer, "Bonjour from Bethal".equals(answer));
    // With HTTPS, it will just be a CONNECT to the proxy and all the
    // data is encrypted.  Thus, the proxy cannot distinquish the requests
    assertProxyRequestCount(0);
}
Also used : HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters) AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) HTTPClientPolicy(org.apache.cxf.transports.http.configuration.HTTPClientPolicy) Client(org.apache.cxf.endpoint.Client)

Example 20 with AuthorizationPolicy

use of org.apache.cxf.configuration.security.AuthorizationPolicy in project cxf by apache.

the class HTTPSConduitTest method testHttpsTrust.

@Test
public void testHttpsTrust() throws Exception {
    startServer("Bethal");
    URL wsdl = getClass().getResource("greeting.wsdl");
    assertNotNull("WSDL is null", wsdl);
    SOAPService service = new SOAPService(wsdl, serviceName);
    assertNotNull("Service is null", service);
    Greeter bethal = service.getPort(bethalQ, Greeter.class);
    assertNotNull("Port is null", bethal);
    updateAddressPort(bethal, getPort("PORT4"));
    // Okay, I'm sick of configuration files.
    // This also tests dynamic configuration of the conduit.
    Client client = ClientProxy.getClient(bethal);
    HTTPConduit http = (HTTPConduit) client.getConduit();
    HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
    httpClientPolicy.setAutoRedirect(false);
    // If we set any name, but Edward, Mary, or George,
    // and a password of "password" we will get through
    // Bethal.
    AuthorizationPolicy authPolicy = new AuthorizationPolicy();
    authPolicy.setUserName("Betty");
    authPolicy.setPassword("password");
    http.setClient(httpClientPolicy);
    http.setTlsClientParameters(tlsClientParameters);
    http.setAuthorization(authPolicy);
    // Our expected server should be OU=Bethal
    http.setTrustDecider(new MyHttpsTrustDecider("Bethal"));
    configureProxy(client);
    String answer = bethal.sayHi();
    assertTrue("Unexpected answer: " + answer, "Bonjour from Bethal".equals(answer));
    assertProxyRequestCount(0);
    // Nobody will not equal OU=Bethal
    MyHttpsTrustDecider trustDecider = new MyHttpsTrustDecider("Nobody");
    http.setTrustDecider(trustDecider);
    try {
        answer = bethal.sayHi();
        fail("Unexpected answer from Bethal: " + answer);
    } catch (Exception e) {
    // e.printStackTrace();
    // assertTrue("Trust Decider was not called",
    // 0 > trustDecider.wasCalled());
    }
    assertProxyRequestCount(0);
}
Also used : SOAPService(org.apache.hello_world.services.SOAPService) HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy) Greeter(org.apache.hello_world.Greeter) HTTPClientPolicy(org.apache.cxf.transports.http.configuration.HTTPClientPolicy) Client(org.apache.cxf.endpoint.Client) URL(java.net.URL) GeneralSecurityException(java.security.GeneralSecurityException) UntrustedURLConnectionIOException(org.apache.cxf.transport.http.UntrustedURLConnectionIOException) IOException(java.io.IOException) Test(org.junit.Test)

Aggregations

AuthorizationPolicy (org.apache.cxf.configuration.security.AuthorizationPolicy)85 Message (org.apache.cxf.message.Message)25 Test (org.junit.Test)22 HTTPConduit (org.apache.cxf.transport.http.HTTPConduit)16 IOException (java.io.IOException)15 ArrayList (java.util.ArrayList)11 Client (org.apache.cxf.endpoint.Client)11 List (java.util.List)9 HTTPClientPolicy (org.apache.cxf.transports.http.configuration.HTTPClientPolicy)9 URL (java.net.URL)7 HashMap (java.util.HashMap)7 ProxyAuthorizationPolicy (org.apache.cxf.configuration.security.ProxyAuthorizationPolicy)7 Map (java.util.Map)6 SecurityContext (org.apache.cxf.security.SecurityContext)6 Bus (org.apache.cxf.Bus)5 WebClient (org.apache.cxf.jaxrs.client.WebClient)5 MessageImpl (org.apache.cxf.message.MessageImpl)5 EndpointInfo (org.apache.cxf.service.model.EndpointInfo)5 Principal (java.security.Principal)4 TLSClientParameters (org.apache.cxf.configuration.jsse.TLSClientParameters)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial