use of org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString in project cxf by apache.
the class IssueOnbehalfofUnitTest method createUsernameToken.
private JAXBElement<UsernameTokenType> createUsernameToken(String name, String password) {
UsernameTokenType usernameToken = new UsernameTokenType();
AttributedString username = new AttributedString();
username.setValue(name);
usernameToken.setUsername(username);
// Add a password
if (password != null) {
PasswordString passwordString = new PasswordString();
passwordString.setValue(password);
passwordString.setType(WSS4JConstants.PASSWORD_TEXT);
JAXBElement<PasswordString> passwordType = new JAXBElement<PasswordString>(QNameConstants.PASSWORD, PasswordString.class, passwordString);
usernameToken.getAny().add(passwordType);
}
return new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);
}
use of org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString in project cxf by apache.
the class ValidateTokenTransformationUnitTest method createUsernameToken.
private JAXBElement<UsernameTokenType> createUsernameToken(String name, String password) {
UsernameTokenType usernameToken = new UsernameTokenType();
AttributedString username = new AttributedString();
username.setValue(name);
usernameToken.setUsername(username);
// Add a password
PasswordString passwordString = new PasswordString();
passwordString.setValue(password);
passwordString.setType(WSS4JConstants.PASSWORD_TEXT);
JAXBElement<PasswordString> passwordType = new JAXBElement<PasswordString>(QNameConstants.PASSWORD, PasswordString.class, passwordString);
usernameToken.getAny().add(passwordType);
return new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);
}
use of org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString in project cxf by apache.
the class UsernameTokenValidatorTest method testValidUsernameTokenText.
/**
* Test a valid UsernameToken with password text
*/
@org.junit.Test
public void testValidUsernameTokenText() throws Exception {
TokenValidator usernameTokenValidator = new UsernameTokenValidator();
TokenValidatorParameters validatorParameters = createValidatorParameters();
TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
// Create a ValidateTarget consisting of a UsernameToken
UsernameTokenType usernameToken = new UsernameTokenType();
AttributedString username = new AttributedString();
username.setValue("alice");
usernameToken.setUsername(username);
JAXBElement<UsernameTokenType> tokenType = new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);
ReceivedToken validateTarget = new ReceivedToken(tokenType);
tokenRequirements.setValidateTarget(validateTarget);
validatorParameters.setToken(validateTarget);
assertTrue(usernameTokenValidator.canHandleToken(validateTarget));
// This will fail as there is no password
TokenValidatorResponse validatorResponse = usernameTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
// Add a password
PasswordString password = new PasswordString();
password.setValue("clarinet");
password.setType(WSS4JConstants.PASSWORD_TEXT);
JAXBElement<PasswordString> passwordType = new JAXBElement<PasswordString>(QNameConstants.PASSWORD, PasswordString.class, password);
usernameToken.getAny().add(passwordType);
validatorResponse = usernameTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
Principal principal = validatorResponse.getPrincipal();
assertTrue(principal != null && principal.getName() != null);
}
use of org.apache.cxf.ws.security.sts.provider.model.secext.PasswordString in project cxf by apache.
the class UsernameTokenValidatorTest method testValidUsernameTokenDigest.
/**
* Test a valid UsernameToken with password digest
*/
@org.junit.Test
public void testValidUsernameTokenDigest() throws Exception {
TokenValidator usernameTokenValidator = new UsernameTokenValidator();
TokenValidatorParameters validatorParameters = createValidatorParameters();
TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
// Create a ValidateTarget consisting of a UsernameToken
UsernameTokenType usernameToken = new UsernameTokenType();
AttributedString username = new AttributedString();
username.setValue("alice");
usernameToken.setUsername(username);
JAXBElement<UsernameTokenType> tokenType = new JAXBElement<UsernameTokenType>(QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);
// Create a WSS4J UsernameToken
Document doc = DOMUtils.createDocument();
UsernameToken ut = new UsernameToken(true, doc, WSS4JConstants.PASSWORD_DIGEST);
ut.setName("alice");
ut.setPassword("clarinet");
ut.addNonce(doc);
ut.addCreated(true, doc);
// Add a password
PasswordString password = new PasswordString();
password.setValue(ut.getPassword());
password.setType(WSS4JConstants.PASSWORD_DIGEST);
JAXBElement<PasswordString> passwordType = new JAXBElement<PasswordString>(QNameConstants.PASSWORD, PasswordString.class, password);
usernameToken.getAny().add(passwordType);
// Add a nonce
EncodedString nonce = new EncodedString();
nonce.setValue(ut.getNonce());
nonce.setEncodingType(WSS4JConstants.SOAPMESSAGE_NS + "#Base64Binary");
JAXBElement<EncodedString> nonceType = new JAXBElement<EncodedString>(QNameConstants.NONCE, EncodedString.class, nonce);
usernameToken.getAny().add(nonceType);
// Add Created value
String created = ut.getCreated();
Element createdElement = doc.createElementNS(WSS4JConstants.WSU_NS, "Created");
createdElement.setAttributeNS(WSS4JConstants.XMLNS_NS, "xmlns", WSS4JConstants.WSU_NS);
createdElement.setTextContent(created);
usernameToken.getAny().add(createdElement);
ReceivedToken validateTarget = new ReceivedToken(tokenType);
tokenRequirements.setValidateTarget(validateTarget);
validatorParameters.setToken(validateTarget);
assertTrue(usernameTokenValidator.canHandleToken(validateTarget));
TokenValidatorResponse validatorResponse = usernameTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
Principal principal = validatorResponse.getPrincipal();
assertTrue(principal != null && principal.getName() != null);
// Expected failure on a bad password
password.setValue("badpassword");
validatorResponse = usernameTokenValidator.validateToken(validatorParameters);
assertTrue(validatorResponse != null);
assertTrue(validatorResponse.getToken() != null);
assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
}
Aggregations