Example 46 with SecurityToken
use of org.apache.cxf.ws.security.tokenstore.SecurityToken in project cxf by apache.
the class SecurityContextTokenUnitTest method testSecurityContextTokenNoEntropy.
@org.junit.Test
public void testSecurityContextTokenNoEntropy() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = SecurityContextTokenUnitTest.class.getResource("cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
String wsdlLocation = "https://localhost:" + test.getStsPort() + "/SecurityTokenService/TransportSCT?wsdl";
SecurityToken token = requestSecurityToken(bus, wsdlLocation, false);
assertTrue(token.getSecret() != null && token.getSecret().length > 0);
bus.shutdown(true);
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
Bus(org.apache.cxf.Bus)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
URL(java.net.URL)
Example 47 with SecurityToken
use of org.apache.cxf.ws.security.tokenstore.SecurityToken in project cxf by apache.
the class SecurityContextTokenUnitTest method testSecurityContextTokenEncrypted.
@org.junit.Test
public void testSecurityContextTokenEncrypted() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = SecurityContextTokenUnitTest.class.getResource("cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
String wsdlLocation = "https://localhost:" + test.getStsPort() + "/SecurityTokenService/TransportSCTEncrypted?wsdl";
SecurityToken token = requestSecurityToken(bus, wsdlLocation, true);
assertTrue(token.getSecret() != null && token.getSecret().length > 0);
bus.shutdown(true);
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
Bus(org.apache.cxf.Bus)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
URL(java.net.URL)
Example 48 with SecurityToken
use of org.apache.cxf.ws.security.tokenstore.SecurityToken in project cxf by apache.
the class TokenTestUtils method verifyToken.
public static void verifyToken(DoubleItPortType port) throws Exception {
Client client = ClientProxy.getClient(port);
Endpoint ep = client.getEndpoint();
String id = (String) ep.get(SecurityConstants.TOKEN_ID);
TokenStore store = (TokenStore) ep.getEndpointInfo().getProperty(TokenStore.class.getName());
org.apache.cxf.ws.security.tokenstore.SecurityToken tok = store.getToken(id);
assertNotNull(tok);
STSClient sts = (STSClient) ep.get(SecurityConstants.STS_CLIENT);
if (sts == null) {
sts = (STSClient) ep.get("ws-" + SecurityConstants.STS_CLIENT);
}
List<SecurityToken> validTokens = sts.validateSecurityToken(tok);
assertTrue(validTokens != null && !validTokens.isEmpty());
// mess with the token a bit to force it to fail to validate
Element e = tok.getToken();
Element e2 = DOMUtils.getFirstChildWithName(e, e.getNamespaceURI(), "Conditions");
String nb = e2.getAttributeNS(null, "NotBefore");
String noa = e2.getAttributeNS(null, "NotOnOrAfter");
nb = "2010" + nb.substring(4);
noa = "2010" + noa.substring(4);
e2.setAttributeNS(null, "NotBefore", nb);
e2.setAttributeNS(null, "NotOnOrAfter", noa);
try {
sts.validateSecurityToken(tok);
fail("Failure expected on an invalid token");
} catch (org.apache.cxf.ws.security.trust.TrustException ex) {
// expected
}
}
Also used :
Element(org.w3c.dom.Element)
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
STSClient(org.apache.cxf.ws.security.trust.STSClient)
Endpoint(org.apache.cxf.endpoint.Endpoint)
Client(org.apache.cxf.endpoint.Client)
STSClient(org.apache.cxf.ws.security.trust.STSClient)
TokenStore(org.apache.cxf.ws.security.tokenstore.TokenStore)
Example 49 with SecurityToken
use of org.apache.cxf.ws.security.tokenstore.SecurityToken in project cxf by apache.
the class SAMLDelegationTest method testSAMLActAs.
@org.junit.Test
public void testSAMLActAs() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = SAMLDelegationTest.class.getResource("cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
// Get a token from the UT endpoint first
SecurityToken token = requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, bus, DEFAULT_ADDRESS, "Transport_UT_Port");
assertTrue(SAML2_TOKEN_TYPE.equals(token.getTokenType()));
assertTrue(token.getToken() != null);
// First try with the UT endpoint. This should fail as there is no Delegation Handler.
try {
requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, token.getToken(), bus, DEFAULT_ADDRESS, false, "Transport_UT_Port");
fail("Failure expected on no delegation handler");
} catch (Exception ex) {
// expected
}
// Now send to the Transport endpoint.
SecurityToken token2 = requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, token.getToken(), bus, DEFAULT_ADDRESS, false, "Transport_Port");
assertTrue(SAML2_TOKEN_TYPE.equals(token2.getTokenType()));
assertTrue(token2.getToken() != null);
bus.shutdown(true);
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
Bus(org.apache.cxf.Bus)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
URL(java.net.URL)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
Example 50 with SecurityToken
use of org.apache.cxf.ws.security.tokenstore.SecurityToken in project cxf by apache.
the class IssueUnitTest method testBearerSaml1Lifetime.
/**
* Test the Bearer SAML1 case with a Lifetime element
*/
@org.junit.Test
public void testBearerSaml1Lifetime() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = IssueUnitTest.class.getResource("cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
// Get a token
SecurityToken token = requestSecurityTokenTTL(SAML1_TOKEN_TYPE, BEARER_KEYTYPE, bus, DEFAULT_ADDRESS);
assertTrue(SAML1_TOKEN_TYPE.equals(token.getTokenType()));
assertTrue(token.getToken() != null);
// Process the token
List<WSSecurityEngineResult> results = processToken(token);
assertTrue(results != null && results.size() == 1);
SamlAssertionWrapper assertion = (SamlAssertionWrapper) results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
assertTrue(assertion != null);
assertTrue(assertion.getSaml1() != null && assertion.getSaml2() == null);
assertTrue(assertion.isSigned());
List<String> methods = assertion.getConfirmationMethods();
String confirmMethod = null;
if (methods != null && !methods.isEmpty()) {
confirmMethod = methods.get(0);
}
assertTrue(confirmMethod != null && confirmMethod.contains("bearer"));
bus.shutdown(true);
}
Also used :
SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken)
Bus(org.apache.cxf.Bus)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper)
WSSecurityEngineResult(org.apache.wss4j.dom.engine.WSSecurityEngineResult)
URL(java.net.URL)
Aggregations
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)177
Element (org.w3c.dom.Element)56
Bus (org.apache.cxf.Bus)41
Test (org.junit.Test)39
URL (java.net.URL)35
SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)34
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)34
SamlAssertionWrapper (org.apache.wss4j.common.saml.SamlAssertionWrapper)27
Subject (ddf.security.Subject)24
SecurityAssertion (ddf.security.assertion.SecurityAssertion)24
QName (javax.xml.namespace.QName)21
Fault (org.apache.cxf.interceptor.Fault)19
SOAPException (javax.xml.soap.SOAPException)16
TokenStore (org.apache.cxf.ws.security.tokenstore.TokenStore)16
SecurityManager (ddf.security.service.SecurityManager)15
WSSecurityEngineResult (org.apache.wss4j.dom.engine.WSSecurityEngineResult)15
IssuedToken (org.apache.wss4j.policy.model.IssuedToken)15
Document (org.w3c.dom.Document)14
ArrayList (java.util.ArrayList)13
Instant (java.time.Instant)12
