Example 66 with STSClient
use of org.apache.cxf.ws.security.trust.STSClient in project cxf by apache.
the class JWTUnitTest method validateSecurityToken.
private SecurityToken validateSecurityToken(SecurityToken token, Bus bus, Map<String, Object> msgProperties, String wsdlPort) throws Exception {
STSClient stsClient = new STSClient(bus);
String port = STSPORT;
stsClient.setWsdlLocation("https://localhost:" + port + "/SecurityTokenService/Transport?wsdl");
stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService");
if (wsdlPort != null) {
stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}" + wsdlPort);
} else {
stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Transport_Port");
}
Map<String, Object> properties = msgProperties;
if (properties == null) {
properties = new HashMap<>();
properties.put(SecurityConstants.USERNAME, "alice");
properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.sts.common.CommonCallbackHandler");
}
stsClient.setProperties(properties);
stsClient.setSendKeyType(false);
return stsClient.validateSecurityToken(token).get(0);
}
Also used :
STSClient(org.apache.cxf.ws.security.trust.STSClient)
Example 67 with STSClient
use of org.apache.cxf.ws.security.trust.STSClient in project cxf by apache.
the class JaxrsJWTTest method testSuccessfulInvocation.
@org.junit.Test
public void testSuccessfulInvocation() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = JaxrsJWTTest.class.getResource("cxf-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
final String address = "https://localhost:" + PORT + "/doubleit/services/doubleit-rs";
final int numToDouble = 25;
List<Object> providers = Collections.singletonList(new JwtOutFilter());
WebClient client = WebClient.create(address, providers);
client.type("text/plain").accept("text/plain");
STSClient stsClient = getSTSClient(JWT_TOKEN_TYPE, bus);
STSTokenOutInterceptor stsInterceptor = new STSTokenOutInterceptor(Phase.PRE_LOGICAL, stsClient, new TokenRequestParams());
stsInterceptor.getBefore().add(JwtOutFilter.class.getName());
WebClient.getConfig(client).getOutInterceptors().add(stsInterceptor);
int resp = client.post(numToDouble, Integer.class);
org.junit.Assert.assertEquals(2 * numToDouble, resp);
bus.shutdown(true);
}
Also used :
Bus(org.apache.cxf.Bus)
STSClient(org.apache.cxf.ws.security.trust.STSClient)
STSTokenOutInterceptor(org.apache.cxf.ws.security.policy.interceptors.STSTokenOutInterceptor)
SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory)
TokenRequestParams(org.apache.cxf.ws.security.trust.STSTokenRetriever.TokenRequestParams)
WebClient(org.apache.cxf.jaxrs.client.WebClient)
URL(java.net.URL)
Example 68 with STSClient
use of org.apache.cxf.ws.security.trust.STSClient in project cxf by apache.
the class JaxrsJWTTest method getSTSClient.
private STSClient getSTSClient(String tokenType, Bus bus) throws Exception {
STSClient stsClient = new STSClient(bus);
String port = STSPORT;
stsClient.setWsdlLocation("https://localhost:" + port + "/SecurityTokenService/Transport?wsdl");
stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService");
stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Transport_Port");
Map<String, Object> properties = new HashMap<>();
properties.put(SecurityConstants.USERNAME, "alice");
properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.sts.common.CommonCallbackHandler");
stsClient.setProperties(properties);
stsClient.setTokenType(tokenType);
stsClient.setSendKeyType(false);
return stsClient;
}Example 69 with STSClient
use of org.apache.cxf.ws.security.trust.STSClient in project cxf by apache.
the class IntermediaryPortTypeImpl method doubleIt.
public int doubleIt(int numberToDouble) {
Principal pr = wsc.getUserPrincipal();
Assert.assertNotNull("Principal must not be null", pr);
Assert.assertNotNull("Principal.getName() must not return null", pr.getName());
URL wsdl = IntermediaryPortTypeImpl.class.getResource("DoubleIt.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItTransportSAML2Port");
DoubleItPortType transportPort = service.getPort(portQName, DoubleItPortType.class);
try {
updateAddressPort(transportPort, KerberosDelegationTokenTest.PORT);
} catch (Exception ex) {
ex.printStackTrace();
}
// Retrieve delegated credential + set it on the outbound message
MessageContext messageContext = wsc.getMessageContext();
GSSCredential delegatedCredential = (GSSCredential) messageContext.get(SecurityConstants.DELEGATED_CREDENTIAL);
Map<String, Object> context = ((BindingProvider) transportPort).getRequestContext();
context.put(SecurityConstants.DELEGATED_CREDENTIAL, delegatedCredential);
STSClient stsClient = (STSClient) context.get(SecurityConstants.STS_CLIENT);
if (stsClient != null) {
String location = stsClient.getWsdlLocation();
if (location.contains("8443")) {
stsClient.setWsdlLocation(location.replace("8443", KerberosDelegationTokenTest.STSPORT));
}
}
return transportPort.doubleIt(numberToDouble);
}
Also used :
QName(javax.xml.namespace.QName)
WebService(javax.jws.WebService)
Service(javax.xml.ws.Service)
BindingProvider(javax.xml.ws.BindingProvider)
URL(java.net.URL)
STSClient(org.apache.cxf.ws.security.trust.STSClient)
GSSCredential(org.ietf.jgss.GSSCredential)
DoubleItPortType(org.example.contract.doubleit.DoubleItPortType)
MessageContext(javax.xml.ws.handler.MessageContext)
Principal(java.security.Principal)
Example 70 with STSClient
use of org.apache.cxf.ws.security.trust.STSClient in project cxf by apache.
the class SAMLRenewUnitTest method renewSecurityToken.
private SecurityToken renewSecurityToken(Bus bus, String wsdlLocation, SecurityToken securityToken, boolean enableAppliesTo) throws Exception {
STSClient stsClient = new STSClient(bus);
stsClient.setWsdlLocation(wsdlLocation);
stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService");
stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Transport_Port");
Map<String, Object> properties = new HashMap<>();
properties.put(SecurityConstants.USERNAME, "alice");
properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.sts.common.CommonCallbackHandler");
properties.put(SecurityConstants.STS_TOKEN_PROPERTIES, "serviceKeystore.properties");
stsClient.setEnableAppliesTo(enableAppliesTo);
// Request a token with a TTL of 60 minutes
stsClient.setTtl(60 * 60);
stsClient.setEnableLifetime(true);
stsClient.setProperties(properties);
stsClient.setAddressingNamespace("http://www.w3.org/2005/08/addressing");
return stsClient.renewSecurityToken(securityToken);
}Aggregations
STSClient (org.apache.cxf.ws.security.trust.STSClient)89
Bus (org.apache.cxf.Bus)35
HashMap (java.util.HashMap)33
URL (java.net.URL)31
QName (javax.xml.namespace.QName)29
Service (javax.xml.ws.Service)27
SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)24
DoubleItPortType (org.example.contract.doubleit.DoubleItPortType)21
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)14
BindingProvider (javax.xml.ws.BindingProvider)11
Test (org.junit.Test)11
Client (org.apache.cxf.endpoint.Client)9
WebService (javax.jws.WebService)5
BusException (org.apache.cxf.BusException)5
TLSClientParameters (org.apache.cxf.configuration.jsse.TLSClientParameters)5
EndpointException (org.apache.cxf.endpoint.EndpointException)5
MessageImpl (org.apache.cxf.message.MessageImpl)5
HTTPConduit (org.apache.cxf.transport.http.HTTPConduit)5
ClientCallbackHandler (org.jboss.as.test.integration.ws.wsse.trust.shared.ClientCallbackHandler)5
DOMSource (javax.xml.transform.dom.DOMSource)4
