Examples with XmlSecInInterceptor org.apache.cxf.rs.security.xml.XmlSecInInterceptor used on opensource projects

Search in sources :

Example 6 with XmlSecInInterceptor

use of org.apache.cxf.rs.security.xml.XmlSecInInterceptor in project cxf by apache.

the class JAXRSXmlSecTest method doTestSignature.

private void doTestSignature(String address, boolean enveloping, boolean fromResponse, boolean useKeyInfo, boolean streaming) {
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
    properties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/alice.properties");
    bean.setProperties(properties);
    if (streaming) {
        XmlSecOutInterceptor sigOutInterceptor = new XmlSecOutInterceptor();
        sigOutInterceptor.setSignRequest(true);
        sigOutInterceptor.setKeyInfoMustBeAvailable(useKeyInfo);
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
        sigInInterceptor.setRequireSignature(true);
        if (!useKeyInfo) {
            sigInInterceptor.setSignatureVerificationAlias("alice");
        }
        bean.setProvider(sigInInterceptor);
    } else {
        XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor();
        if (enveloping) {
            sigOutInterceptor.setStyle(XmlSigOutInterceptor.ENVELOPING_SIG);
        }
        sigOutInterceptor.setKeyInfoMustBeAvailable(useKeyInfo);
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSigInInterceptor sigInInterceptor = new XmlSigInInterceptor();
        sigInInterceptor.setKeyInfoMustBeAvailable(useKeyInfo);
        bean.getInInterceptors().add(sigInInterceptor);
    }
    WebClient wc = bean.createWebClient();
    WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
    Book book;
    if (!fromResponse) {
        book = wc.type("application/xml").post(new Book("CXF", 126L), Book.class);
    } else {
        book = wc.type("application/xml").post(new Book("CXF", 126L)).readEntity(Book.class);
    }
    assertEquals(126L, book.getId());
}
Also used : Bus(org.apache.cxf.Bus) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) HashMap(java.util.HashMap) XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor) XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book)

Example 7 with XmlSecInInterceptor

use of org.apache.cxf.rs.security.xml.XmlSecInInterceptor in project cxf by apache.

the class JAXRSXmlSecTest method doTestPostEncryptedBook.

public void doTestPostEncryptedBook(String address, boolean sign, Map<String, Object> properties, EncryptionProperties encryptionProperties, boolean propagateException, boolean streaming) throws Exception {
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    bean.setProperties(properties);
    if (streaming) {
        XmlSecOutInterceptor encInterceptor = new XmlSecOutInterceptor();
        encInterceptor.setEncryptionKeyIdentifierType(encryptionProperties.getEncryptionKeyIdType());
        encInterceptor.setSymmetricEncAlgorithm(encryptionProperties.getEncryptionSymmetricKeyAlgo());
        encInterceptor.setEncryptionDigestAlgorithm(encryptionProperties.getEncryptionDigestAlgo());
        encInterceptor.setEncryptRequest(true);
        if (sign) {
            encInterceptor.setSignRequest(true);
        }
        bean.getOutInterceptors().add(encInterceptor);
        XmlSecInInterceptor encInInterceptor = new XmlSecInInterceptor();
        encInInterceptor.setRequireEncryption(true);
        bean.setProvider(encInInterceptor);
    } else {
        if (sign) {
            bean.getOutInterceptors().add(new XmlSigOutInterceptor());
        }
        XmlEncOutInterceptor encInterceptor = new XmlEncOutInterceptor();
        encInterceptor.setKeyIdentifierType(encryptionProperties.getEncryptionKeyIdType());
        encInterceptor.setSymmetricEncAlgorithm(encryptionProperties.getEncryptionSymmetricKeyAlgo());
        encInterceptor.setDigestAlgorithm(encryptionProperties.getEncryptionDigestAlgo());
        bean.getOutInterceptors().add(encInterceptor);
        bean.getInInterceptors().add(new XmlEncInInterceptor());
        if (sign) {
            bean.getInInterceptors().add(new XmlSigInInterceptor());
        }
    }
    WebClient wc = bean.createWebClient();
    WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
    try {
        Book book = wc.type("application/xml").post(new Book("CXF", 126L), Book.class);
        assertEquals(126L, book.getId());
    } catch (WebApplicationException ex) {
        if (propagateException) {
            throw ex;
        }
        fail(ex.getMessage());
    } catch (ProcessingException ex) {
        assertTrue(ex.getCause() instanceof BadRequestException);
    }
}
Also used : Bus(org.apache.cxf.Bus) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) WebApplicationException(javax.ws.rs.WebApplicationException) XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor) XmlEncOutInterceptor(org.apache.cxf.rs.security.xml.XmlEncOutInterceptor) XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book) BadRequestException(javax.ws.rs.BadRequestException) XmlEncInInterceptor(org.apache.cxf.rs.security.xml.XmlEncInInterceptor) ProcessingException(javax.ws.rs.ProcessingException)

Example 8 with XmlSecInInterceptor

use of org.apache.cxf.rs.security.xml.XmlSecInInterceptor in project cxf by apache.

the class JAXRSXmlSecTest method testSignaturePassword.

@Test
public void testSignaturePassword() throws Exception {
    String address = "https://localhost:" + test.port + "/xmlsig/bookstore/books";
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
    properties.put(SecurityConstants.SIGNATURE_PASSWORD, "password");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/alice.properties");
    bean.setProperties(properties);
    if (test.streaming) {
        XmlSecOutInterceptor sigOutInterceptor = new XmlSecOutInterceptor();
        sigOutInterceptor.setSignRequest(true);
        sigOutInterceptor.setKeyInfoMustBeAvailable(true);
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
        sigInInterceptor.setRequireSignature(true);
        bean.setProvider(sigInInterceptor);
    } else {
        XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor();
        sigOutInterceptor.setKeyInfoMustBeAvailable(true);
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSigInInterceptor sigInInterceptor = new XmlSigInInterceptor();
        sigInInterceptor.setKeyInfoMustBeAvailable(true);
        bean.getInInterceptors().add(sigInInterceptor);
    }
    WebClient wc = bean.createWebClient();
    WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
    Book book = wc.type("application/xml").post(new Book("CXF", 126L), Book.class);
    assertEquals(126L, book.getId());
}
Also used : Bus(org.apache.cxf.Bus) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) HashMap(java.util.HashMap) XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor) XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book) Test(org.junit.Test)

Example 9 with XmlSecInInterceptor

use of org.apache.cxf.rs.security.xml.XmlSecInInterceptor in project cxf by apache.

the class JAXRSXmlSecTest method testSignatureNegativeClient.

@Test
public void testSignatureNegativeClient() throws Exception {
    String address = "https://localhost:" + test.port + "/xmlsignegativeclient/bookstore/books";
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
    properties.put(SecurityConstants.SIGNATURE_USERNAME, "bethal");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/bethal.properties");
    bean.setProperties(properties);
    if (test.streaming) {
        XmlSecOutInterceptor sigOutInterceptor = new XmlSecOutInterceptor();
        sigOutInterceptor.setSignRequest(true);
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
        sigInInterceptor.setRequireSignature(true);
        bean.setProvider(sigInInterceptor);
    } else {
        XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor();
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSigInInterceptor sigInInterceptor = new XmlSigInInterceptor();
        bean.getInInterceptors().add(sigInInterceptor);
    }
    WebClient wc = bean.createWebClient();
    WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
    try {
        wc.type("application/xml").post(new Book("CXF", 126L), Book.class);
        fail("Failure expected on signature trust failure");
    } catch (ProcessingException ex) {
        assertTrue(ex.getCause() instanceof BadRequestException);
    }
}
Also used : Bus(org.apache.cxf.Bus) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) HashMap(java.util.HashMap) XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor) XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book) BadRequestException(javax.ws.rs.BadRequestException) ProcessingException(javax.ws.rs.ProcessingException) Test(org.junit.Test)

Aggregations

URL (java.net.URL)9 WebClient (org.apache.cxf.jaxrs.client.WebClient)9 XmlSecInInterceptor (org.apache.cxf.rs.security.xml.XmlSecInInterceptor)9 XmlSecOutInterceptor (org.apache.cxf.rs.security.xml.XmlSecOutInterceptor)9 HashMap (java.util.HashMap)8 Bus (org.apache.cxf.Bus)7 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)7 JAXRSClientFactoryBean (org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean)7 Book (org.apache.cxf.systest.jaxrs.security.Book)7 XmlSigInInterceptor (org.apache.cxf.rs.security.xml.XmlSigInInterceptor)6 XmlSigOutInterceptor (org.apache.cxf.rs.security.xml.XmlSigOutInterceptor)6 Test (org.junit.Test)5 BadRequestException (javax.ws.rs.BadRequestException)3 ProcessingException (javax.ws.rs.ProcessingException)3 WebApplicationException (javax.ws.rs.WebApplicationException)2 Response (javax.ws.rs.core.Response)2 Number (org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.Number)2 XmlEncInInterceptor (org.apache.cxf.rs.security.xml.XmlEncInInterceptor)2 XmlEncOutInterceptor (org.apache.cxf.rs.security.xml.XmlEncOutInterceptor)2 SignatureProperties (org.apache.cxf.rs.security.xml.SignatureProperties)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial