Examples with PolicyBasedWSS4JInInterceptor org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor used on opensource projects

Example 1 with PolicyBasedWSS4JInInterceptor

use of org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor in project cxf by apache.

the class PolicyBasedSamlTest method runInInterceptorAndValidateWss.

@Override
protected void runInInterceptorAndValidateWss(Document document, AssertionInfoMap aim, List<CoverageType> types) throws Exception {
    PolicyBasedWSS4JInInterceptor inHandler = this.getInInterceptor(types);
    SoapMessage inmsg = this.getSoapMessageForDom(document, aim);
    Element securityHeaderElem = WSSecurityUtil.getSecurityHeader(document, "");
    if (securityHeaderElem != null) {
        SoapHeader securityHeader = new SoapHeader(new QName(securityHeaderElem.getNamespaceURI(), securityHeaderElem.getLocalName()), securityHeaderElem);
        inmsg.getHeaders().add(securityHeader);
    }
    // Necessary because the Bearer Assertion does not have an internal signature
    SamlAssertionValidator assertionValidator = new SamlAssertionValidator();
    assertionValidator.setRequireBearerSignature(false);
    inmsg.put(SecurityConstants.SAML2_TOKEN_VALIDATOR, assertionValidator);
    inmsg.put(SecurityConstants.SAML1_TOKEN_VALIDATOR, assertionValidator);
    inHandler.handleMessage(inmsg);
    for (CoverageType type : types) {
        switch(type) {
            case SIGNED:
                this.verifyWss4jSigResults(inmsg);
                break;
            case ENCRYPTED:
                this.verifyWss4jEncResults(inmsg);
                break;
            default:
                fail("Unsupported coverage type.");
        }
    }
}