Examples with NullResolver org.apache.cxf.helpers.DOMUtils.NullResolver used on opensource projects

Search in sources :

Example 6 with NullResolver

use of org.apache.cxf.helpers.DOMUtils.NullResolver in project cxf by apache.

the class AbstractSecurityTest method makeInvocation.

protected SoapMessage makeInvocation(Map<String, Object> outProperties, List<String> xpaths, Map<String, Object> inProperties) throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
    SoapMessage msg = getSoapMessageForDom(doc);
    for (String key : outProperties.keySet()) {
        msg.put(key, outProperties.get(key));
    }
    handler.handleMessage(msg);
    SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
    doc = saajMsg.getSOAPPart();
    for (String xpath : xpaths) {
        assertValid(xpath, doc);
    }
    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);
    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor(inProperties);
    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);
    inHandler.handleMessage(inmsg);
    return inmsg;
}
Also used : XMLStreamReader(javax.xml.stream.XMLStreamReader) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) NullResolver(org.apache.cxf.helpers.DOMUtils.NullResolver) Exchange(org.apache.cxf.message.Exchange) ByteArrayInputStream(java.io.ByteArrayInputStream) DocumentBuilder(javax.xml.parsers.DocumentBuilder) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl)

Example 7 with NullResolver

use of org.apache.cxf.helpers.DOMUtils.NullResolver in project cxf by apache.

the class WSS4JFaultCodeTest method testInvalidTimestamp.

/**
 * Test that an invalid Timestamp gets mapped to a proper fault code
 */
@Test
public void testInvalidTimestamp() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
    SoapMessage msg = getSoapMessageForDom(doc);
    msg.put(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP);
    msg.put(ConfigurationConstants.TTL_TIMESTAMP, "1");
    handler.handleMessage(msg);
    SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
    doc = saajMsg.getSOAPPart();
    assertValid("//wsse:Security", doc);
    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);
    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);
    inHandler.setProperty(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP);
    inHandler.setProperty(ConfigurationConstants.TTL_TIMESTAMP, "1");
    inmsg.put(SecurityConstants.RETURN_SECURITY_ERROR, Boolean.TRUE);
    try {
        // 
        // Sleep for over a second to make the timestamp invalid
        // 
        Thread.sleep(1250);
        inHandler.handleMessage(inmsg);
        fail("Expected failure on an invalid Timestamp");
    } catch (SoapFault fault) {
        assertTrue(fault.getReason().contains("Invalid timestamp"));
        QName faultCode = new QName(WSS4JConstants.WSSE_NS, "MessageExpired");
        assertTrue(fault.getFaultCode().equals(faultCode));
    }
}
Also used : SoapFault(org.apache.cxf.binding.soap.SoapFault) XMLStreamReader(javax.xml.stream.XMLStreamReader) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) QName(javax.xml.namespace.QName) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) NullResolver(org.apache.cxf.helpers.DOMUtils.NullResolver) Exchange(org.apache.cxf.message.Exchange) ByteArrayInputStream(java.io.ByteArrayInputStream) DocumentBuilder(javax.xml.parsers.DocumentBuilder) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl) Test(org.junit.Test)

Example 8 with NullResolver

use of org.apache.cxf.helpers.DOMUtils.NullResolver in project cxf by apache.

the class WSS4JFaultCodeTest method testSignedEncryptedSOAP12Fault.

// See CXF-6900.
@Test
public void testSignedEncryptedSOAP12Fault() throws Exception {
    Document doc = readDocument("wsse-response-fault.xml");
    SoapMessage msg = getSoapMessageForDom(doc, SOAPConstants.SOAP_1_2_PROTOCOL);
    SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
    doc = saajMsg.getSOAPPart();
    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);
    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);
    inHandler.setProperty(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE + " " + ConfigurationConstants.ENCRYPT);
    inHandler.setProperty(ConfigurationConstants.DEC_PROP_FILE, "insecurity.properties");
    inHandler.setProperty(ConfigurationConstants.SIG_VER_PROP_FILE, "insecurity.properties");
    inHandler.setProperty(ConfigurationConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());
    inHandler.setProperty(ConfigurationConstants.PW_CALLBACK_CLASS, "org.apache.cxf.ws.security.wss4j.TestPwdCallback");
    inHandler.handleMessage(inmsg);
// StaxUtils.print(saajMsg.getSOAPPart());
}
Also used : XMLStreamReader(javax.xml.stream.XMLStreamReader) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) NullResolver(org.apache.cxf.helpers.DOMUtils.NullResolver) Exchange(org.apache.cxf.message.Exchange) ByteArrayInputStream(java.io.ByteArrayInputStream) DocumentBuilder(javax.xml.parsers.DocumentBuilder) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl) Test(org.junit.Test)

Example 9 with NullResolver

use of org.apache.cxf.helpers.DOMUtils.NullResolver in project cxf by apache.

the class WSS4JFaultCodeTest method testActionMismatch.

/**
 * Test that an action mismatch gets mapped to a proper fault code
 */
@Test
public void testActionMismatch() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
    SoapMessage msg = getSoapMessageForDom(doc);
    msg.put(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP);
    handler.handleMessage(msg);
    SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
    doc = saajMsg.getSOAPPart();
    assertValid("//wsse:Security", doc);
    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);
    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);
    inHandler.setProperty(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP + " " + ConfigurationConstants.USERNAME_TOKEN);
    inHandler.setProperty(ConfigurationConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());
    inmsg.put(SecurityConstants.RETURN_SECURITY_ERROR, Boolean.TRUE);
    try {
        inHandler.handleMessage(inmsg);
        fail("Expected failure on an action mismatch");
    } catch (SoapFault fault) {
        assertTrue(fault.getReason().startsWith("An error was discovered processing the <wsse:Security> header"));
        QName faultCode = new QName(WSS4JConstants.WSSE_NS, "InvalidSecurity");
        assertTrue(fault.getFaultCode().equals(faultCode));
    }
}
Also used : SoapFault(org.apache.cxf.binding.soap.SoapFault) XMLStreamReader(javax.xml.stream.XMLStreamReader) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) QName(javax.xml.namespace.QName) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) NullResolver(org.apache.cxf.helpers.DOMUtils.NullResolver) Exchange(org.apache.cxf.message.Exchange) ByteArrayInputStream(java.io.ByteArrayInputStream) DocumentBuilder(javax.xml.parsers.DocumentBuilder) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl) Test(org.junit.Test)

Example 10 with NullResolver

use of org.apache.cxf.helpers.DOMUtils.NullResolver in project cxf by apache.

the class WSS4JInOutTest method testCustomProcessorObject.

@Test
public void testCustomProcessorObject() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
    SoapMessage msg = getSoapMessageForDom(doc);
    msg.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
    msg.put(ConfigurationConstants.SIG_PROP_FILE, "outsecurity.properties");
    msg.put(ConfigurationConstants.USER, "myalias");
    msg.put("password", "myAliasPassword");
    handler.handleMessage(msg);
    SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
    doc = saajMsg.getSOAPPart();
    assertValid("//wsse:Security", doc);
    assertValid("//wsse:Security/ds:Signature", doc);
    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);
    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);
    final Map<String, Object> properties = new HashMap<>();
    final Map<QName, Object> customMap = new HashMap<>();
    customMap.put(new QName(WSS4JConstants.SIG_NS, WSS4JConstants.SIG_LN), CustomProcessor.class);
    properties.put(WSS4JInInterceptor.PROCESSOR_MAP, customMap);
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);
    inHandler.setProperty(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
    inHandler.handleMessage(inmsg);
    List<WSHandlerResult> results = getResults(inmsg);
    assertTrue(results != null && results.size() == 1);
    List<WSSecurityEngineResult> signatureResults = results.get(0).getActionResults().get(WSConstants.SIGN);
    assertTrue(signatureResults.size() == 1);
    Object obj = signatureResults.get(0).get("foo");
    assertNotNull(obj);
    assertEquals(obj.getClass().getName(), CustomProcessor.class.getName());
}
Also used : XMLStreamReader(javax.xml.stream.XMLStreamReader) DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) HashMap(java.util.HashMap) Document(org.w3c.dom.Document) SOAPMessage(javax.xml.soap.SOAPMessage) WSHandlerResult(org.apache.wss4j.dom.handler.WSHandlerResult) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) NullResolver(org.apache.cxf.helpers.DOMUtils.NullResolver) QName(javax.xml.namespace.QName) WSSecurityEngineResult(org.apache.wss4j.dom.engine.WSSecurityEngineResult) Exchange(org.apache.cxf.message.Exchange) ByteArrayInputStream(java.io.ByteArrayInputStream) DocumentBuilder(javax.xml.parsers.DocumentBuilder) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl) Test(org.junit.Test)

Aggregations

ByteArrayInputStream (java.io.ByteArrayInputStream)11 DocumentBuilder (javax.xml.parsers.DocumentBuilder)11 DocumentBuilderFactory (javax.xml.parsers.DocumentBuilderFactory)11 SOAPMessage (javax.xml.soap.SOAPMessage)11 XMLStreamReader (javax.xml.stream.XMLStreamReader)11 SoapMessage (org.apache.cxf.binding.soap.SoapMessage)11 NullResolver (org.apache.cxf.helpers.DOMUtils.NullResolver)11 Exchange (org.apache.cxf.message.Exchange)11 ExchangeImpl (org.apache.cxf.message.ExchangeImpl)11 MessageImpl (org.apache.cxf.message.MessageImpl)11 Document (org.w3c.dom.Document)11 Test (org.junit.Test)7 QName (javax.xml.namespace.QName)4 SoapFault (org.apache.cxf.binding.soap.SoapFault)3 WSHandlerResult (org.apache.wss4j.dom.handler.WSHandlerResult)3 HashMap (java.util.HashMap)2 WSSecurityEngineResult (org.apache.wss4j.dom.engine.WSSecurityEngineResult)2 InputStream (java.io.InputStream)1 SOAPPart (javax.xml.soap.SOAPPart)1 WSS4JInInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial