Examples with SecurityHeaderCacheInterceptor org.apache.cxf.systest.ws.ut.SecurityHeaderCacheInterceptor used on opensource projects

Search in sources :

Example 1 with SecurityHeaderCacheInterceptor

use of org.apache.cxf.systest.ws.ut.SecurityHeaderCacheInterceptor in project cxf by apache.

the class X509TokenTest method testAsymmetricSignatureReplay.

@org.junit.Test
public void testAsymmetricSignatureReplay() throws Exception {
    if (test.isStreaming()) {
        return;
    }
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = X509TokenTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = X509TokenTest.class.getResource("DoubleItX509Signature.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSignaturePort");
    DoubleItPortType x509Port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(x509Port, test.getPort());
    Client cxfClient = ClientProxy.getClient(x509Port);
    SecurityHeaderCacheInterceptor cacheInterceptor = new SecurityHeaderCacheInterceptor();
    cxfClient.getOutInterceptors().add(cacheInterceptor);
    // Make two invocations with the same security header
    assertEquals(50, x509Port.doubleIt(25));
    try {
        x509Port.doubleIt(25);
        fail("Failure expected on a replayed Timestamp");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
        assertTrue(ex.getMessage().contains(WSSecurityException.UNIFIED_SECURITY_ERR));
    }
    ((java.io.Closeable) x509Port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) URL(java.net.URL) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) SecurityHeaderCacheInterceptor(org.apache.cxf.systest.ws.ut.SecurityHeaderCacheInterceptor) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) Client(org.apache.cxf.endpoint.Client)

Example 2 with SecurityHeaderCacheInterceptor

use of org.apache.cxf.systest.ws.ut.SecurityHeaderCacheInterceptor in project cxf by apache.

the class SamlTokenTest method testSaml2Replay.

@org.junit.Test
public void testSaml2Replay() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = SamlTokenTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItSaml2TransportPort");
    DoubleItPortType saml2Port = service.getPort(portQName, DoubleItPortType.class);
    String portNumber = PORT2;
    if (STAX_PORT.equals(test.getPort())) {
        portNumber = STAX_PORT2;
    }
    updateAddressPort(saml2Port, portNumber);
    // Create a SAML Token with no "OneTimeUse" Condition
    ((BindingProvider) saml2Port).getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler());
    Client cxfClient = ClientProxy.getClient(saml2Port);
    SecurityHeaderCacheInterceptor cacheInterceptor = new SecurityHeaderCacheInterceptor();
    cxfClient.getOutInterceptors().add(cacheInterceptor);
    // Make two invocations...should succeed
    saml2Port.doubleIt(25);
    saml2Port.doubleIt(25);
    // Now create a SAML Token with a "OneTimeUse" Condition
    ConditionsBean conditions = new ConditionsBean();
    conditions.setTokenPeriodMinutes(5);
    conditions.setOneTimeUse(true);
    SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
    callbackHandler.setConditions(conditions);
    ((BindingProvider) saml2Port).getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER, callbackHandler);
    cxfClient.getOutInterceptors().remove(cacheInterceptor);
    cacheInterceptor = new SecurityHeaderCacheInterceptor();
    cxfClient.getOutInterceptors().add(cacheInterceptor);
    // Make two invocations...should fail on the second one
    saml2Port.doubleIt(25);
    try {
        saml2Port.doubleIt(25);
        fail("Failure expected on a replayed SAML Assertion");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
        assertTrue(ex.getMessage().contains(WSSecurityException.UNIFIED_SECURITY_ERR));
    }
    ((java.io.Closeable) saml2Port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) QName(javax.xml.namespace.QName) ConditionsBean(org.apache.wss4j.common.saml.bean.ConditionsBean) Service(javax.xml.ws.Service) URL(java.net.URL) SamlCallbackHandler(org.apache.cxf.systest.ws.saml.client.SamlCallbackHandler) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) SecurityHeaderCacheInterceptor(org.apache.cxf.systest.ws.ut.SecurityHeaderCacheInterceptor) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) Client(org.apache.cxf.endpoint.Client)

Example 3 with SecurityHeaderCacheInterceptor

use of org.apache.cxf.systest.ws.ut.SecurityHeaderCacheInterceptor in project cxf by apache.

the class ActionTest method testUsernameTokenReplay.

@org.junit.Test
public void testUsernameTokenReplay() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = ActionTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItUsernameTokenPort");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);
    Client cxfClient = ClientProxy.getClient(port);
    SecurityHeaderCacheInterceptor cacheInterceptor = new SecurityHeaderCacheInterceptor();
    cxfClient.getOutInterceptors().add(cacheInterceptor);
    // Make two invocations with the same UsernameToken
    assertEquals(50, port.doubleIt(25));
    try {
        port.doubleIt(25);
        fail("Failure expected on a replayed UsernameToken");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
        assertTrue(ex.getMessage().equals(WSSecurityException.UNIFIED_SECURITY_ERR));
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) URL(java.net.URL) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) SecurityHeaderCacheInterceptor(org.apache.cxf.systest.ws.ut.SecurityHeaderCacheInterceptor) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) Client(org.apache.cxf.endpoint.Client)

Example 4 with SecurityHeaderCacheInterceptor

use of org.apache.cxf.systest.ws.ut.SecurityHeaderCacheInterceptor in project cxf by apache.

the class ActionTest method testSignedTimestampReplay.

@org.junit.Test
public void testSignedTimestampReplay() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = ActionTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItSignedTimestampPort");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);
    Client cxfClient = ClientProxy.getClient(port);
    SecurityHeaderCacheInterceptor cacheInterceptor = new SecurityHeaderCacheInterceptor();
    cxfClient.getOutInterceptors().add(cacheInterceptor);
    // Make two invocations with the same SecurityHeader
    assertEquals(50, port.doubleIt(25));
    try {
        port.doubleIt(25);
        fail("Failure expected on a replayed Timestamp");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
        assertTrue(ex.getMessage().equals(WSSecurityException.UNIFIED_SECURITY_ERR));
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) URL(java.net.URL) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) SecurityHeaderCacheInterceptor(org.apache.cxf.systest.ws.ut.SecurityHeaderCacheInterceptor) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) Client(org.apache.cxf.endpoint.Client)

Aggregations

URL (java.net.URL)4 QName (javax.xml.namespace.QName)4 Service (javax.xml.ws.Service)4 Bus (org.apache.cxf.Bus)4 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)4 Client (org.apache.cxf.endpoint.Client)4 SecurityHeaderCacheInterceptor (org.apache.cxf.systest.ws.ut.SecurityHeaderCacheInterceptor)4 DoubleItPortType (org.example.contract.doubleit.DoubleItPortType)4 SamlCallbackHandler (org.apache.cxf.systest.ws.saml.client.SamlCallbackHandler)1 ConditionsBean (org.apache.wss4j.common.saml.bean.ConditionsBean)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial