Examples with NullResolver org.apache.cxf.helpers.DOMUtils.NullResolver used on opensource projects

Search in sources :

Example 1 with NullResolver

use of org.apache.cxf.helpers.DOMUtils.NullResolver in project cxf by apache.

the class WSS4JFaultCodeTest method testNoSecurity.

/**
 * Test for WSS4JInInterceptor when it receives a message with no security header.
 */
@Test
public void testNoSecurity() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");
    SoapMessage msg = getSoapMessageForDom(doc);
    SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
    doc = saajMsg.getSOAPPart();
    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);
    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);
    inHandler.setProperty(ConfigurationConstants.ACTION, ConfigurationConstants.ENCRYPT);
    inHandler.setProperty(ConfigurationConstants.DEC_PROP_FILE, "insecurity.properties");
    inHandler.setProperty(ConfigurationConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());
    inmsg.put(SecurityConstants.RETURN_SECURITY_ERROR, Boolean.TRUE);
    try {
        inHandler.handleMessage(inmsg);
        fail("Expected failure on an message with no security header");
    } catch (SoapFault fault) {
        assertTrue(fault.getReason().startsWith("An error was discovered processing the <wsse:Security> header"));
        QName faultCode = new QName(WSS4JConstants.WSSE_NS, "InvalidSecurity");
        assertTrue(fault.getFaultCode().equals(faultCode));
    }
}
Also used : SoapFault(org.apache.cxf.binding.soap.SoapFault) XMLStreamReader(javax.xml.stream.XMLStreamReader) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) QName(javax.xml.namespace.QName) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) NullResolver(org.apache.cxf.helpers.DOMUtils.NullResolver) Exchange(org.apache.cxf.message.Exchange) ByteArrayInputStream(java.io.ByteArrayInputStream) DocumentBuilder(javax.xml.parsers.DocumentBuilder) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl) Test(org.junit.Test)

Example 2 with NullResolver

use of org.apache.cxf.helpers.DOMUtils.NullResolver in project cxf by apache.

the class WSS4JInOutTest method testCustomProcessor.

@Test
public void testCustomProcessor() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
    SoapMessage msg = getSoapMessageForDom(doc);
    msg.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
    msg.put(ConfigurationConstants.SIG_PROP_FILE, "outsecurity.properties");
    msg.put(ConfigurationConstants.USER, "myalias");
    msg.put("password", "myAliasPassword");
    handler.handleMessage(msg);
    SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
    doc = saajMsg.getSOAPPart();
    assertValid("//wsse:Security", doc);
    assertValid("//wsse:Security/ds:Signature", doc);
    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);
    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);
    final Map<String, Object> properties = new HashMap<>();
    properties.put(WSS4JInInterceptor.PROCESSOR_MAP, createCustomProcessorMap());
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);
    inHandler.setProperty(ConfigurationConstants.ACTION, WSHandlerConstants.NO_SECURITY);
    inHandler.handleMessage(inmsg);
    List<WSHandlerResult> results = getResults(inmsg);
    assertTrue(results != null && results.size() == 1);
    List<WSSecurityEngineResult> signatureResults = results.get(0).getActionResults().get(WSConstants.SIGN);
    assertTrue(signatureResults == null || signatureResults.isEmpty());
}
Also used : XMLStreamReader(javax.xml.stream.XMLStreamReader) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) HashMap(java.util.HashMap) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) WSHandlerResult(org.apache.wss4j.dom.handler.WSHandlerResult) WSSecurityEngineResult(org.apache.wss4j.dom.engine.WSSecurityEngineResult) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) NullResolver(org.apache.cxf.helpers.DOMUtils.NullResolver) Exchange(org.apache.cxf.message.Exchange) ByteArrayInputStream(java.io.ByteArrayInputStream) DocumentBuilder(javax.xml.parsers.DocumentBuilder) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl) Test(org.junit.Test)

Example 3 with NullResolver

use of org.apache.cxf.helpers.DOMUtils.NullResolver in project cxf by apache.

the class SamlTokenTest method makeInvocation.

private SoapMessage makeInvocation(Map<String, Object> outProperties, List<String> xpaths, Map<String, Object> inProperties, Map<String, String> inMessageProperties) throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
    SoapMessage msg = getSoapMessageForDom(doc);
    for (String key : outProperties.keySet()) {
        msg.put(key, outProperties.get(key));
    }
    handler.handleMessage(msg);
    SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
    doc = saajMsg.getSOAPPart();
    for (String xpath : xpaths) {
        assertValid(xpath, doc);
    }
    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);
    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor(inProperties);
    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    inmsg.put(SecurityConstants.SAML_ROLE_ATTRIBUTENAME, "role");
    for (String inMessageProperty : inMessageProperties.keySet()) {
        inmsg.put(inMessageProperty, inMessageProperties.get(inMessageProperty));
    }
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);
    inHandler.handleMessage(inmsg);
    return inmsg;
}
Also used : XMLStreamReader(javax.xml.stream.XMLStreamReader) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) NullResolver(org.apache.cxf.helpers.DOMUtils.NullResolver) Exchange(org.apache.cxf.message.Exchange) ByteArrayInputStream(java.io.ByteArrayInputStream) DocumentBuilder(javax.xml.parsers.DocumentBuilder) WSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl)

Example 4 with NullResolver

use of org.apache.cxf.helpers.DOMUtils.NullResolver in project cxf by apache.

the class SignatureConfirmationTest method testSignatureConfirmationResponse.

private void testSignatureConfirmationResponse(Set<Integer> sigSaved, List<WSHandlerResult> sigReceived) throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
    SoapMessage msg = getSoapMessageForDom(doc);
    msg.put(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP);
    msg.put(WSHandlerConstants.RECV_RESULTS, sigReceived);
    handler.handleMessage(msg);
    SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
    doc = saajMsg.getSOAPPart();
    assertValid("//wsse:Security", doc);
    // assertValid("//wsse:Security/wsse11:SignatureConfirmation", doc);
    byte[] docbytes = getMessageBytes(doc);
    // System.out.println(new String(docbytes));
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);
    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);
    inHandler.setProperty(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP);
    inmsg.put(WSHandlerConstants.SEND_SIGV, sigSaved);
    inHandler.handleMessage(inmsg);
}
Also used : XMLStreamReader(javax.xml.stream.XMLStreamReader) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) NullResolver(org.apache.cxf.helpers.DOMUtils.NullResolver) Exchange(org.apache.cxf.message.Exchange) ByteArrayInputStream(java.io.ByteArrayInputStream) DocumentBuilder(javax.xml.parsers.DocumentBuilder) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl)

Example 5 with NullResolver

use of org.apache.cxf.helpers.DOMUtils.NullResolver in project cxf by apache.

the class SignatureConfirmationTest method testSignatureConfirmationRequest.

@org.junit.Test
public void testSignatureConfirmationRequest() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
    SoapMessage msg = getSoapMessageForDom(doc);
    msg.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
    msg.put(ConfigurationConstants.ENABLE_SIGNATURE_CONFIRMATION, "true");
    msg.put(ConfigurationConstants.SIG_PROP_FILE, "outsecurity.properties");
    msg.put(ConfigurationConstants.USER, "myalias");
    msg.put("password", "myAliasPassword");
    // 
    // This is necessary to convince the WSS4JOutInterceptor that we're
    // functioning as a requestor
    // 
    msg.put(org.apache.cxf.message.Message.REQUESTOR_ROLE, true);
    handler.handleMessage(msg);
    SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
    doc = saajMsg.getSOAPPart();
    assertValid("//wsse:Security", doc);
    assertValid("//wsse:Security/ds:Signature", doc);
    byte[] docbytes = getMessageBytes(doc);
    // 
    // Save the signature for future confirmation
    // 
    Set<Integer> sigv = CastUtils.cast((Set<?>) msg.get(WSHandlerConstants.SEND_SIGV));
    assertNotNull(sigv);
    assertTrue(sigv.size() != 0);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);
    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);
    inHandler.setProperty(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
    inHandler.setProperty(ConfigurationConstants.SIG_VER_PROP_FILE, "insecurity.properties");
    inHandler.setProperty(ConfigurationConstants.ENABLE_SIGNATURE_CONFIRMATION, "true");
    inHandler.handleMessage(inmsg);
    // 
    // Check that the inbound signature result was saved
    // 
    List<WSHandlerResult> sigReceived = CastUtils.cast((List<?>) inmsg.get(WSHandlerConstants.RECV_RESULTS));
    assertNotNull(sigReceived);
    assertTrue(sigReceived.size() != 0);
    testSignatureConfirmationResponse(sigv, sigReceived);
}
Also used : XMLStreamReader(javax.xml.stream.XMLStreamReader) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) WSHandlerResult(org.apache.wss4j.dom.handler.WSHandlerResult) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) NullResolver(org.apache.cxf.helpers.DOMUtils.NullResolver) Exchange(org.apache.cxf.message.Exchange) ByteArrayInputStream(java.io.ByteArrayInputStream) DocumentBuilder(javax.xml.parsers.DocumentBuilder) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl)

Aggregations

ByteArrayInputStream (java.io.ByteArrayInputStream)11 DocumentBuilder (javax.xml.parsers.DocumentBuilder)11 DocumentBuilderFactory (javax.xml.parsers.DocumentBuilderFactory)11 SOAPMessage (javax.xml.soap.SOAPMessage)11 XMLStreamReader (javax.xml.stream.XMLStreamReader)11 SoapMessage (org.apache.cxf.binding.soap.SoapMessage)11 NullResolver (org.apache.cxf.helpers.DOMUtils.NullResolver)11 Exchange (org.apache.cxf.message.Exchange)11 ExchangeImpl (org.apache.cxf.message.ExchangeImpl)11 MessageImpl (org.apache.cxf.message.MessageImpl)11 Document (org.w3c.dom.Document)11 Test (org.junit.Test)7 QName (javax.xml.namespace.QName)4 SoapFault (org.apache.cxf.binding.soap.SoapFault)3 WSHandlerResult (org.apache.wss4j.dom.handler.WSHandlerResult)3 HashMap (java.util.HashMap)2 WSSecurityEngineResult (org.apache.wss4j.dom.engine.WSSecurityEngineResult)2 InputStream (java.io.InputStream)1 SOAPPart (javax.xml.soap.SOAPPart)1 WSS4JInInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial