Example 1 with XmlSecOutInterceptor
use of org.apache.cxf.rs.security.xml.XmlSecOutInterceptor in project testcases by coheigea.
the class XMLEncryptionInteropTest method testXMLEncryption.
@org.junit.Test
public void testXMLEncryption() throws Exception {
URL busFile = XMLEncryptionInteropTest.class.getResource("cxf-client.xml");
String address = "http://localhost:" + test.port + "/doubleit/services";
WebClient client = WebClient.create(address, busFile.toString());
client = client.type("application/xml");
Map<String, Object> properties = new HashMap<String, Object>();
properties.put("ws-security.callback-handler", "org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.CommonCallbackHandler");
properties.put("ws-security.encryption.username", "myservicekey");
properties.put("ws-security.encryption.properties", "serviceKeystore.properties");
WebClient.getConfig(client).getRequestContext().putAll(properties);
if (test.streaming) {
XmlSecOutInterceptor encInterceptor = new XmlSecOutInterceptor();
encInterceptor.setEncryptRequest(true);
WebClient.getConfig(client).getOutInterceptors().add(encInterceptor);
XmlSecInInterceptor encInInterceptor = new XmlSecInInterceptor();
// encInInterceptor.setRequireEncryption(true);
WebClient.getConfig(client).getInInterceptors().add(encInInterceptor);
} else {
XmlEncOutInterceptor encInterceptor = new XmlEncOutInterceptor();
WebClient.getConfig(client).getOutInterceptors().add(encInterceptor);
XmlEncInInterceptor encInInterceptor = new XmlEncInInterceptor();
WebClient.getConfig(client).getInInterceptors().add(encInInterceptor);
}
Number numberToDouble = new Number();
numberToDouble.setDescription("This is the number to double");
numberToDouble.setNumber(25);
Response response = client.post(numberToDouble);
assertEquals(response.getStatus(), 200);
assertEquals(response.readEntity(Number.class).getNumber(), 50);
}
Also used :
Response(javax.ws.rs.core.Response)
Number(org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.Number)
HashMap(java.util.HashMap)
XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor)
XmlEncOutInterceptor(org.apache.cxf.rs.security.xml.XmlEncOutInterceptor)
XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
XmlEncInInterceptor(org.apache.cxf.rs.security.xml.XmlEncInInterceptor)
URL(java.net.URL)
Example 2 with XmlSecOutInterceptor
use of org.apache.cxf.rs.security.xml.XmlSecOutInterceptor in project testcases by coheigea.
the class XMLEncryptionStaxTest method testXMLEncryption.
@org.junit.Test
public void testXMLEncryption() throws Exception {
URL busFile = XMLEncryptionStaxTest.class.getResource("cxf-client.xml");
String address = "http://localhost:" + STAX_PORT + "/doubleit/services";
WebClient client = WebClient.create(address, busFile.toString());
client = client.type("application/xml");
Map<String, Object> properties = new HashMap<String, Object>();
properties.put("ws-security.callback-handler", "org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.CommonCallbackHandler");
properties.put("ws-security.encryption.username", "myservicekey");
properties.put("ws-security.encryption.properties", "serviceKeystore.properties");
WebClient.getConfig(client).getRequestContext().putAll(properties);
XmlSecOutInterceptor encInterceptor = new XmlSecOutInterceptor();
encInterceptor.setEncryptRequest(true);
WebClient.getConfig(client).getOutInterceptors().add(encInterceptor);
XmlSecInInterceptor encInInterceptor = new XmlSecInInterceptor();
// encInInterceptor.setRequireEncryption(true);
WebClient.getConfig(client).getInInterceptors().add(encInInterceptor);
Number numberToDouble = new Number();
numberToDouble.setDescription("This is the number to double");
numberToDouble.setNumber(25);
Response response = client.post(numberToDouble);
assertEquals(response.getStatus(), 200);
assertEquals(response.readEntity(Number.class).getNumber(), 50);
}
Also used :
Response(javax.ws.rs.core.Response)
Number(org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.Number)
HashMap(java.util.HashMap)
XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor)
XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
Example 3 with XmlSecOutInterceptor
use of org.apache.cxf.rs.security.xml.XmlSecOutInterceptor in project testcases by coheigea.
the class XMLSignatureInteropTest method testXMLSignature.
@org.junit.Test
public void testXMLSignature() throws Exception {
URL busFile = XMLSignatureInteropTest.class.getResource("cxf-client.xml");
String address = "http://localhost:" + test.port + "/doubleit/services";
WebClient client = WebClient.create(address, busFile.toString());
client = client.type("application/xml");
Map<String, Object> properties = new HashMap<String, Object>();
properties.put("ws-security.callback-handler", "org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.CommonCallbackHandler");
properties.put("ws-security.signature.username", "myclientkey");
properties.put("ws-security.signature.properties", "clientKeystore.properties");
WebClient.getConfig(client).getRequestContext().putAll(properties);
if (test.streaming) {
XmlSecOutInterceptor sigInterceptor = new XmlSecOutInterceptor();
sigInterceptor.setSignRequest(true);
WebClient.getConfig(client).getOutInterceptors().add(sigInterceptor);
} else {
XmlSigOutInterceptor sigInterceptor = new XmlSigOutInterceptor();
WebClient.getConfig(client).getOutInterceptors().add(sigInterceptor);
}
Number numberToDouble = new Number();
numberToDouble.setDescription("This is the number to double");
numberToDouble.setNumber(25);
Response response = client.post(numberToDouble);
assertEquals(response.getStatus(), 200);
assertEquals(response.readEntity(Number.class).getNumber(), 50);
}
Also used :
Response(javax.ws.rs.core.Response)
XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor)
Number(org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.Number)
HashMap(java.util.HashMap)
XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
Example 4 with XmlSecOutInterceptor
use of org.apache.cxf.rs.security.xml.XmlSecOutInterceptor in project cxf by apache.
the class JAXRSXmlSecTest method testUnsignedServerResponse.
@Test
public void testUnsignedServerResponse() throws Exception {
if (STAX_PORT.equals(test.port)) {
// We are only testing the client here
return;
}
String address = "https://localhost:" + test.port + "/xmlnosigresponse/bookstore/books";
JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
bean.setAddress(address);
SpringBusFactory bf = new SpringBusFactory();
URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
Bus springBus = bf.createBus(busFile.toString());
bean.setBus(springBus);
Map<String, Object> properties = new HashMap<>();
properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
properties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/alice.properties");
bean.setProperties(properties);
if (test.streaming) {
XmlSecOutInterceptor sigOutInterceptor = new XmlSecOutInterceptor();
sigOutInterceptor.setSignRequest(true);
bean.getOutInterceptors().add(sigOutInterceptor);
XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
sigInInterceptor.setRequireSignature(true);
bean.setProvider(sigInInterceptor);
} else {
XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor();
bean.getOutInterceptors().add(sigOutInterceptor);
XmlSigInInterceptor sigInInterceptor = new XmlSigInInterceptor();
bean.getInInterceptors().add(sigInInterceptor);
}
WebClient wc = bean.createWebClient();
WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
try {
wc.type("application/xml").post(new Book("CXF", 126L), Book.class);
fail("Failure expected on an unsigned response message");
} catch (ProcessingException ex) {
assertTrue(ex.getCause() instanceof BadRequestException);
}
}
Also used :
Bus(org.apache.cxf.Bus)
XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor)
JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean)
HashMap(java.util.HashMap)
XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor)
XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
Book(org.apache.cxf.systest.jaxrs.security.Book)
BadRequestException(javax.ws.rs.BadRequestException)
ProcessingException(javax.ws.rs.ProcessingException)
Test(org.junit.Test)
Example 5 with XmlSecOutInterceptor
use of org.apache.cxf.rs.security.xml.XmlSecOutInterceptor in project cxf by apache.
the class JAXRSXmlSecTest method testPostBookWithEnvelopedSigKeyName.
@Test
public void testPostBookWithEnvelopedSigKeyName() throws Exception {
// This test only applies to StAX - see CXF-7084
if (!test.streaming || !STAX_PORT.equals(test.port)) {
return;
}
String address = "https://localhost:" + test.port + "/xmlsigkeyname/bookstore/books";
JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
bean.setAddress(address);
SpringBusFactory bf = new SpringBusFactory();
URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
Bus springBus = bf.createBus(busFile.toString());
bean.setBus(springBus);
Map<String, Object> properties = new HashMap<>();
properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
properties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/alice.properties");
bean.setProperties(properties);
XmlSecOutInterceptor sigOutInterceptor = new XmlSecOutInterceptor();
sigOutInterceptor.setSignRequest(true);
sigOutInterceptor.setKeyInfoMustBeAvailable(true);
SignatureProperties sigProps = new SignatureProperties();
sigProps.setSignatureKeyName("alice-kn");
sigProps.setSignatureKeyIdType("KeyName");
sigOutInterceptor.setSignatureProperties(sigProps);
bean.getOutInterceptors().add(sigOutInterceptor);
XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
sigInInterceptor.setRequireSignature(true);
bean.setProvider(sigInInterceptor);
WebClient wc = bean.createWebClient();
WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
Book book = wc.type("application/xml").post(new Book("CXF", 126L), Book.class);
assertEquals(126L, book.getId());
}
Also used :
Bus(org.apache.cxf.Bus)
JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean)
HashMap(java.util.HashMap)
XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor)
XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
Book(org.apache.cxf.systest.jaxrs.security.Book)
SignatureProperties(org.apache.cxf.rs.security.xml.SignatureProperties)
Test(org.junit.Test)
Aggregations
URL (java.net.URL)13
XmlSecOutInterceptor (org.apache.cxf.rs.security.xml.XmlSecOutInterceptor)13
HashMap (java.util.HashMap)12
WebClient (org.apache.cxf.jaxrs.client.WebClient)11
Bus (org.apache.cxf.Bus)9
SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)9
JAXRSClientFactoryBean (org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean)9
XmlSecInInterceptor (org.apache.cxf.rs.security.xml.XmlSecInInterceptor)9
XmlSigOutInterceptor (org.apache.cxf.rs.security.xml.XmlSigOutInterceptor)9
Book (org.apache.cxf.systest.jaxrs.security.Book)9
XmlSigInInterceptor (org.apache.cxf.rs.security.xml.XmlSigInInterceptor)6
Test (org.junit.Test)6
Response (javax.ws.rs.core.Response)4
Number (org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.Number)4
BadRequestException (javax.ws.rs.BadRequestException)3
ProcessingException (javax.ws.rs.ProcessingException)3
WebApplicationException (javax.ws.rs.WebApplicationException)2
XmlEncInInterceptor (org.apache.cxf.rs.security.xml.XmlEncInInterceptor)2
XmlEncOutInterceptor (org.apache.cxf.rs.security.xml.XmlEncOutInterceptor)2
BookStore (org.apache.cxf.systest.jaxrs.security.BookStore)2
