Examples with MemoryTokenStore org.apache.cxf.ws.security.tokenstore.MemoryTokenStore used on opensource projects

Search in sources :

Example 1 with MemoryTokenStore

use of org.apache.cxf.ws.security.tokenstore.MemoryTokenStore in project cxf by apache.

the class UsernameActAsCachingTest method testDifferentUsersCaching.

/**
 * Test caching the issued token when the STSClient is deployed in an intermediary
 */
@org.junit.Test
public void testDifferentUsersCaching() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = UsernameActAsCachingTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = UsernameActAsCachingTest.class.getResource("DoubleIt.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSAML2BearerPort3");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);
    TokenTestUtils.updateSTSPort((BindingProvider) port, STSPORT2);
    // Disable storing tokens per-proxy
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, "false");
    // Make a successful invocation
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port, 25);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "bob");
    doubleIt(port, 30);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "eve");
    try {
        doubleIt(port, 30);
        fail("Failure expected on a bad user");
    } catch (Exception ex) {
    // 
    }
    // Change the STSClient so that it can no longer find the STS
    BindingProvider p = (BindingProvider) port;
    clearSTSClient(p);
    // Make a successful invocation
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port, 25);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "bob");
    doubleIt(port, 30);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "eve2");
    try {
        doubleIt(port, 30);
        fail("Failure expected on a bad user");
    } catch (Exception ex) {
    // 
    }
    // Reset the cache - this invocation should fail
    p.getRequestContext().put(TokenStore.class.getName(), new MemoryTokenStore());
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    try {
        doubleIt(port, 30);
        fail("Failure expected");
    } catch (Exception ex) {
    // 
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) BindingProvider(javax.xml.ws.BindingProvider) TokenStore(org.apache.cxf.ws.security.tokenstore.TokenStore) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore) URL(java.net.URL) BusException(org.apache.cxf.BusException) EndpointException(org.apache.cxf.endpoint.EndpointException)

Example 2 with MemoryTokenStore

use of org.apache.cxf.ws.security.tokenstore.MemoryTokenStore in project cxf by apache.

the class AbstractPolicySecurityTest method runOutInterceptorAndValidateSamlTokenAttached.

protected void runOutInterceptorAndValidateSamlTokenAttached(String policyDoc) throws Exception {
    // create the request message
    final Document document = this.readDocument("wsse-request-clean.xml");
    final Element outPolicyElement = this.readDocument(policyDoc).getDocumentElement();
    final Policy policy = this.policyBuilder.getPolicy(outPolicyElement);
    AssertionInfoMap aim = new AssertionInfoMap(policy);
    SoapMessage msg = this.getOutSoapMessageForDom(document, aim);
    // add an "issued" assertion into the message exchange
    Element issuedAssertion = this.readDocument("example-sts-issued-saml-assertion.xml").getDocumentElement();
    Properties cryptoProps = new Properties();
    URL url = ClassLoader.getSystemResource("outsecurity.properties");
    cryptoProps.load(url.openStream());
    Crypto crypto = CryptoFactory.getInstance(cryptoProps);
    // Sign the "issued" assertion
    SamlAssertionWrapper assertionWrapper = new SamlAssertionWrapper(issuedAssertion);
    assertionWrapper.signAssertion("myalias", "myAliasPassword", crypto, false);
    Document doc = DOMUtils.newDocument();
    issuedAssertion = OpenSAMLUtil.toDom(assertionWrapper.getSaml1(), doc);
    String assertionId = issuedAssertion.getAttributeNodeNS(null, "AssertionID").getNodeValue();
    SecurityToken issuedToken = new SecurityToken(assertionId, issuedAssertion, null);
    String alias = cryptoProps.getProperty("org.apache.ws.security.crypto.merlin.keystore.alias");
    CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
    cryptoType.setAlias(alias);
    issuedToken.setX509Certificate(crypto.getX509Certificates(cryptoType)[0], crypto);
    msg.getExchange().getEndpoint().put(SecurityConstants.TOKEN_ID, issuedToken.getId());
    msg.getExchange().put(SecurityConstants.TOKEN_ID, issuedToken.getId());
    TokenStore tokenStore = new MemoryTokenStore();
    msg.getExchange().getEndpoint().getEndpointInfo().setProperty(TokenStore.class.getName(), tokenStore);
    tokenStore.add(issuedToken);
    // fire the interceptor and verify results
    final Document signedDoc = this.runOutInterceptorAndValidate(msg, policy, aim, null, null);
    this.runInInterceptorAndValidate(signedDoc, policy, Collections.singletonList(SP12Constants.ISSUED_TOKEN), null, Collections.singletonList(CoverageType.SIGNED));
}
Also used : Policy(org.apache.neethi.Policy) Element(org.w3c.dom.Element) SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper) CryptoType(org.apache.wss4j.common.crypto.CryptoType) Document(org.w3c.dom.Document) Properties(java.util.Properties) URL(java.net.URL) AssertionInfoMap(org.apache.cxf.ws.policy.AssertionInfoMap) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore) Crypto(org.apache.wss4j.common.crypto.Crypto) TokenStore(org.apache.cxf.ws.security.tokenstore.TokenStore) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore)

Example 3 with MemoryTokenStore

use of org.apache.cxf.ws.security.tokenstore.MemoryTokenStore in project cxf by apache.

the class UsernameActAsCachingTest method testUsernameActAsCaching.

/**
 * Test caching the issued token
 */
@org.junit.Test
public void testUsernameActAsCaching() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = UsernameActAsCachingTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = UsernameActAsCachingTest.class.getResource("DoubleIt.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSAML2BearerPort2");
    // 
    // Proxy no. 1
    // 
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);
    TokenTestUtils.updateSTSPort((BindingProvider) port, STSPORT2);
    TokenStore tokenStore = new MemoryTokenStore();
    ((BindingProvider) port).getRequestContext().put(TokenStore.class.getName(), tokenStore);
    // Make a successful invocation
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port, 25);
    // Change the STSClient so that it can no longer find the STS
    BindingProvider p = (BindingProvider) port;
    clearSTSClient(p);
    // This invocation should be successful as the token is cached
    doubleIt(port, 25);
    // 
    // Proxy no. 2
    // 
    DoubleItPortType port2 = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port2, PORT);
    TokenTestUtils.updateSTSPort((BindingProvider) port2, STSPORT2);
    // Change the STSClient so that it can no longer find the STS
    p = (BindingProvider) port2;
    clearSTSClient(p);
    // This should fail as the cache is not being used
    try {
        doubleIt(port2, 40);
        fail("Failure expected as the token is not stored in the cache");
    } catch (Exception ex) {
    // expected
    }
    // Set the cache correctly
    p.getRequestContext().put(TokenStore.class.getName(), tokenStore);
    // Make another invocation - this should succeed as the token is cached
    p.getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port2, 40);
    // Reset the cache - this invocation should fail
    p.getRequestContext().put(TokenStore.class.getName(), new MemoryTokenStore());
    p.getRequestContext().put(SecurityConstants.TOKEN, new SecurityToken());
    try {
        doubleIt(port2, 40);
        fail("Failure expected as the cache is reset");
    } catch (Exception ex) {
    // expected
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) BindingProvider(javax.xml.ws.BindingProvider) URL(java.net.URL) BusException(org.apache.cxf.BusException) EndpointException(org.apache.cxf.endpoint.EndpointException) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) TokenStore(org.apache.cxf.ws.security.tokenstore.TokenStore) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore)

Example 4 with MemoryTokenStore

use of org.apache.cxf.ws.security.tokenstore.MemoryTokenStore in project cxf by apache.

the class UsernameOnBehalfOfCachingTest method testUsernameOnBehalfOfCaching.

/**
 * Test caching the issued token
 */
@org.junit.Test
public void testUsernameOnBehalfOfCaching() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = UsernameOnBehalfOfCachingTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = UsernameOnBehalfOfCachingTest.class.getResource("DoubleIt.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort2");
    // 
    // Proxy no. 1
    // 
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);
    TokenTestUtils.updateSTSPort((BindingProvider) port, STSPORT2);
    TokenStore tokenStore = new MemoryTokenStore();
    ((BindingProvider) port).getRequestContext().put(TokenStore.class.getName(), tokenStore);
    // Make a successful invocation
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port, 25);
    // Change the STSClient so that it can no longer find the STS
    BindingProvider p = (BindingProvider) port;
    clearSTSClient(p);
    // This invocation should be successful as the token is cached
    doubleIt(port, 25);
    ((java.io.Closeable) port).close();
    // 
    // Proxy no. 2
    // 
    DoubleItPortType port2 = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port2, PORT);
    TokenTestUtils.updateSTSPort((BindingProvider) port2, STSPORT2);
    // Change the STSClient so that it can no longer find the STS
    p = (BindingProvider) port2;
    clearSTSClient(p);
    // This should fail as the cache is not being used
    try {
        doubleIt(port2, 40);
        fail("Failure expected as the token is not stored in the cache");
    } catch (Exception ex) {
    // expected
    }
    // Set the cache correctly
    p.getRequestContext().put(TokenStore.class.getName(), tokenStore);
    // Make another invocation - this should succeed as the token is cached
    p.getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port2, 40);
    // Reset the cache - this invocation should fail
    p.getRequestContext().put(TokenStore.class.getName(), new MemoryTokenStore());
    p.getRequestContext().put(SecurityConstants.TOKEN, new SecurityToken());
    try {
        doubleIt(port2, 40);
        fail("Failure expected as the cache is reset");
    } catch (Exception ex) {
    // expected
    }
    ((java.io.Closeable) port2).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) BindingProvider(javax.xml.ws.BindingProvider) URL(java.net.URL) BusException(org.apache.cxf.BusException) EndpointException(org.apache.cxf.endpoint.EndpointException) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) TokenStore(org.apache.cxf.ws.security.tokenstore.TokenStore) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore)

Example 5 with MemoryTokenStore

use of org.apache.cxf.ws.security.tokenstore.MemoryTokenStore in project cxf by apache.

the class UsernameOnBehalfOfCachingTest method testDifferentUsersCaching.

/**
 * Test caching the issued token when the STSClient is deployed in an intermediary
 */
@org.junit.Test
public void testDifferentUsersCaching() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = UsernameOnBehalfOfCachingTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = UsernameOnBehalfOfCachingTest.class.getResource("DoubleIt.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort3");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);
    TokenTestUtils.updateSTSPort((BindingProvider) port, STSPORT2);
    // Disable storing tokens per-proxy
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, "false");
    // Make a successful invocation
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port, 25);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "bob");
    doubleIt(port, 30);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "eve");
    try {
        doubleIt(port, 30);
        fail("Failure expected on a bad user");
    } catch (Exception ex) {
    // 
    }
    // Change the STSClient so that it can no longer find the STS
    BindingProvider p = (BindingProvider) port;
    clearSTSClient(p);
    // Make a successful invocation
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port, 25);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "bob");
    doubleIt(port, 30);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "eve2");
    try {
        doubleIt(port, 30);
        fail("Failure expected on a bad user");
    } catch (Exception ex) {
    // 
    }
    // Reset the cache - this invocation should fail
    p.getRequestContext().put(TokenStore.class.getName(), new MemoryTokenStore());
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    try {
        doubleIt(port, 30);
        fail("Failure expected");
    } catch (Exception ex) {
    // 
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) BindingProvider(javax.xml.ws.BindingProvider) TokenStore(org.apache.cxf.ws.security.tokenstore.TokenStore) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore) URL(java.net.URL) BusException(org.apache.cxf.BusException) EndpointException(org.apache.cxf.endpoint.EndpointException)

Aggregations

URL (java.net.URL)5 MemoryTokenStore (org.apache.cxf.ws.security.tokenstore.MemoryTokenStore)5 TokenStore (org.apache.cxf.ws.security.tokenstore.TokenStore)5 QName (javax.xml.namespace.QName)4 BindingProvider (javax.xml.ws.BindingProvider)4 Service (javax.xml.ws.Service)4 Bus (org.apache.cxf.Bus)4 BusException (org.apache.cxf.BusException)4 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)4 EndpointException (org.apache.cxf.endpoint.EndpointException)4 DoubleItPortType (org.example.contract.doubleit.DoubleItPortType)4 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)3 Properties (java.util.Properties)1 SoapMessage (org.apache.cxf.binding.soap.SoapMessage)1 AssertionInfoMap (org.apache.cxf.ws.policy.AssertionInfoMap)1 Policy (org.apache.neethi.Policy)1 Crypto (org.apache.wss4j.common.crypto.Crypto)1 CryptoType (org.apache.wss4j.common.crypto.CryptoType)1 SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)1 Document (org.w3c.dom.Document)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial