Examples with XmlSigOutInterceptor org.apache.cxf.rs.security.xml.XmlSigOutInterceptor used on opensource projects

Search in sources :

Example 1 with XmlSigOutInterceptor

use of org.apache.cxf.rs.security.xml.XmlSigOutInterceptor in project testcases by coheigea.

the class XMLSignatureDOMTest method testXMLSignatureDOM.

@org.junit.Test
public void testXMLSignatureDOM() throws Exception {
    URL busFile = XMLSignatureDOMTest.class.getResource("cxf-client.xml");
    String address = "http://localhost:" + PORT + "/doubleit/services";
    WebClient client = WebClient.create(address, busFile.toString());
    client = client.type("application/xml");
    Map<String, Object> properties = new HashMap<String, Object>();
    properties.put("ws-security.callback-handler", "org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.CommonCallbackHandler");
    properties.put("ws-security.signature.username", "myclientkey");
    properties.put("ws-security.signature.properties", "clientKeystore.properties");
    WebClient.getConfig(client).getRequestContext().putAll(properties);
    XmlSigOutInterceptor sigInterceptor = new XmlSigOutInterceptor();
    WebClient.getConfig(client).getOutInterceptors().add(sigInterceptor);
    Number numberToDouble = new Number();
    numberToDouble.setDescription("This is the number to double");
    numberToDouble.setNumber(25);
    Response response = client.post(numberToDouble);
    assertEquals(response.getStatus(), 200);
    assertEquals(response.readEntity(Number.class).getNumber(), 50);
}
Also used : Response(javax.ws.rs.core.Response) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) Number(org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.Number) HashMap(java.util.HashMap) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Example 2 with XmlSigOutInterceptor

use of org.apache.cxf.rs.security.xml.XmlSigOutInterceptor in project testcases by coheigea.

the class XMLSignatureInteropTest method testXMLSignature.

@org.junit.Test
public void testXMLSignature() throws Exception {
    URL busFile = XMLSignatureInteropTest.class.getResource("cxf-client.xml");
    String address = "http://localhost:" + test.port + "/doubleit/services";
    WebClient client = WebClient.create(address, busFile.toString());
    client = client.type("application/xml");
    Map<String, Object> properties = new HashMap<String, Object>();
    properties.put("ws-security.callback-handler", "org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.CommonCallbackHandler");
    properties.put("ws-security.signature.username", "myclientkey");
    properties.put("ws-security.signature.properties", "clientKeystore.properties");
    WebClient.getConfig(client).getRequestContext().putAll(properties);
    if (test.streaming) {
        XmlSecOutInterceptor sigInterceptor = new XmlSecOutInterceptor();
        sigInterceptor.setSignRequest(true);
        WebClient.getConfig(client).getOutInterceptors().add(sigInterceptor);
    } else {
        XmlSigOutInterceptor sigInterceptor = new XmlSigOutInterceptor();
        WebClient.getConfig(client).getOutInterceptors().add(sigInterceptor);
    }
    Number numberToDouble = new Number();
    numberToDouble.setDescription("This is the number to double");
    numberToDouble.setNumber(25);
    Response response = client.post(numberToDouble);
    assertEquals(response.getStatus(), 200);
    assertEquals(response.readEntity(Number.class).getNumber(), 50);
}
Also used : Response(javax.ws.rs.core.Response) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) Number(org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.Number) HashMap(java.util.HashMap) XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL)

Example 3 with XmlSigOutInterceptor

use of org.apache.cxf.rs.security.xml.XmlSigOutInterceptor in project cxf by apache.

the class JAXRSXmlSecTest method testUnsignedServerResponse.

@Test
public void testUnsignedServerResponse() throws Exception {
    if (STAX_PORT.equals(test.port)) {
        // We are only testing the client here
        return;
    }
    String address = "https://localhost:" + test.port + "/xmlnosigresponse/bookstore/books";
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
    properties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/alice.properties");
    bean.setProperties(properties);
    if (test.streaming) {
        XmlSecOutInterceptor sigOutInterceptor = new XmlSecOutInterceptor();
        sigOutInterceptor.setSignRequest(true);
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
        sigInInterceptor.setRequireSignature(true);
        bean.setProvider(sigInInterceptor);
    } else {
        XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor();
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSigInInterceptor sigInInterceptor = new XmlSigInInterceptor();
        bean.getInInterceptors().add(sigInInterceptor);
    }
    WebClient wc = bean.createWebClient();
    WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
    try {
        wc.type("application/xml").post(new Book("CXF", 126L), Book.class);
        fail("Failure expected on an unsigned response message");
    } catch (ProcessingException ex) {
        assertTrue(ex.getCause() instanceof BadRequestException);
    }
}
Also used : Bus(org.apache.cxf.Bus) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) HashMap(java.util.HashMap) XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor) XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book) BadRequestException(javax.ws.rs.BadRequestException) ProcessingException(javax.ws.rs.ProcessingException) Test(org.junit.Test)

Example 4 with XmlSigOutInterceptor

use of org.apache.cxf.rs.security.xml.XmlSigOutInterceptor in project cxf by apache.

the class JAXRSXmlSecTest method testSignatureNoEncryption.

@Test
public void testSignatureNoEncryption() throws Exception {
    if (test.streaming) {
        // Only testing the endpoints, not the clients here
        return;
    }
    String address = "https://localhost:" + test.port + "/xmlsec-validate";
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
    properties.put(SecurityConstants.ENCRYPT_USERNAME, "bob");
    properties.put(SecurityConstants.ENCRYPT_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/bob.properties");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/alice.properties");
    bean.setProperties(properties);
    XmlSigOutInterceptor sigInterceptor = new XmlSigOutInterceptor();
    bean.getOutInterceptors().add(sigInterceptor);
    bean.getInInterceptors().add(new XmlEncInInterceptor());
    bean.getInInterceptors().add(new XmlSigInInterceptor());
    bean.setServiceClass(BookStore.class);
    BookStore store = bean.create(BookStore.class);
    try {
        store.addBook(new Book("CXF", 126L));
        fail("Failure expected on no Encryption");
    } catch (WebApplicationException ex) {
    // expected
    }
}
Also used : Bus(org.apache.cxf.Bus) BookStore(org.apache.cxf.systest.jaxrs.security.BookStore) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) WebApplicationException(javax.ws.rs.WebApplicationException) HashMap(java.util.HashMap) URL(java.net.URL) XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book) XmlEncInInterceptor(org.apache.cxf.rs.security.xml.XmlEncInInterceptor) Test(org.junit.Test)

Example 5 with XmlSigOutInterceptor

use of org.apache.cxf.rs.security.xml.XmlSigOutInterceptor in project cxf by apache.

the class JAXRSXmlSecTest method testSignatureNegativeServer.

@Test
public void testSignatureNegativeServer() throws Exception {
    String address = "https://localhost:" + test.port + "/xmlsignegativeserver/bookstore/books";
    JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
    bean.setAddress(address);
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = JAXRSXmlSecTest.class.getResource("client.xml");
    Bus springBus = bf.createBus(busFile.toString());
    bean.setBus(springBus);
    Map<String, Object> properties = new HashMap<>();
    properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
    properties.put(SecurityConstants.SIGNATURE_USERNAME, "bethal");
    properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "org/apache/cxf/systest/jaxrs/security/bethal.properties");
    bean.setProperties(properties);
    if (test.streaming) {
        XmlSecOutInterceptor sigOutInterceptor = new XmlSecOutInterceptor();
        sigOutInterceptor.setSignRequest(true);
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
        sigInInterceptor.setRequireSignature(true);
        bean.setProvider(sigInInterceptor);
    } else {
        XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor();
        bean.getOutInterceptors().add(sigOutInterceptor);
        XmlSigInInterceptor sigInInterceptor = new XmlSigInInterceptor();
        bean.getInInterceptors().add(sigInInterceptor);
    }
    WebClient wc = bean.createWebClient();
    WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
    try {
        wc.type("application/xml").post(new Book("CXF", 126L), Book.class);
        fail("Failure expected on signature trust failure");
    } catch (WebApplicationException ex) {
        assertTrue(ex.getMessage().contains("400 Bad Request"));
    }
}
Also used : Bus(org.apache.cxf.Bus) XmlSigOutInterceptor(org.apache.cxf.rs.security.xml.XmlSigOutInterceptor) JAXRSClientFactoryBean(org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean) WebApplicationException(javax.ws.rs.WebApplicationException) HashMap(java.util.HashMap) XmlSecInInterceptor(org.apache.cxf.rs.security.xml.XmlSecInInterceptor) XmlSecOutInterceptor(org.apache.cxf.rs.security.xml.XmlSecOutInterceptor) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) XmlSigInInterceptor(org.apache.cxf.rs.security.xml.XmlSigInInterceptor) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Book(org.apache.cxf.systest.jaxrs.security.Book) Test(org.junit.Test)

Aggregations

XmlSigOutInterceptor (org.apache.cxf.rs.security.xml.XmlSigOutInterceptor)14 URL (java.net.URL)13 HashMap (java.util.HashMap)12 WebClient (org.apache.cxf.jaxrs.client.WebClient)11 Book (org.apache.cxf.systest.jaxrs.security.Book)10 Bus (org.apache.cxf.Bus)9 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)9 JAXRSClientFactoryBean (org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean)9 XmlSecOutInterceptor (org.apache.cxf.rs.security.xml.XmlSecOutInterceptor)9 XmlSigInInterceptor (org.apache.cxf.rs.security.xml.XmlSigInInterceptor)7 XmlSecInInterceptor (org.apache.cxf.rs.security.xml.XmlSecInInterceptor)6 Test (org.junit.Test)6 ProcessingException (javax.ws.rs.ProcessingException)4 WebApplicationException (javax.ws.rs.WebApplicationException)4 Response (javax.ws.rs.core.Response)4 Number (org.apache.coheigea.cxf.jaxrs.xmlsecurity.common.Number)4 BadRequestException (javax.ws.rs.BadRequestException)3 BookStore (org.apache.cxf.systest.jaxrs.security.BookStore)3 XmlEncInInterceptor (org.apache.cxf.rs.security.xml.XmlEncInInterceptor)2 SamlEnvelopedOutInterceptor (org.apache.cxf.rs.security.saml.SamlEnvelopedOutInterceptor)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial