Search in sources :

Example 16 with WSS4JInInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor in project cxf by apache.

the class StaxToDOMSamlTest method testSaml1SignedSenderVouches.

@Test
public void testSaml1SignedSenderVouches() throws Exception {
    // Create + configure service
    Service service = createService();
    Map<String, Object> inProperties = new HashMap<>();
    inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED + " " + ConfigurationConstants.SIGNATURE);
    inProperties.put(ConfigurationConstants.SIG_VER_PROP_FILE, "insecurity.properties");
    final Map<QName, Object> customMap = new HashMap<>();
    CustomSamlValidator validator = new CustomSamlValidator();
    customMap.put(WSConstants.SAML_TOKEN, validator);
    customMap.put(WSConstants.SAML2_TOKEN, validator);
    inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
    WSS4JInInterceptor inInterceptor = new WSS4JInInterceptor(inProperties);
    service.getInInterceptors().add(inInterceptor);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    WSSSecurityProperties properties = new WSSSecurityProperties();
    List<WSSConstants.Action> actions = new ArrayList<>();
    actions.add(WSSConstants.SAML_TOKEN_SIGNED);
    properties.setActions(actions);
    properties.setSamlCallbackHandler(new SAML1CallbackHandler());
    properties.setCallbackHandler(new PasswordCallbackHandler());
    properties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
    WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) HashMap(java.util.HashMap) Echo(org.apache.cxf.ws.security.wss4j.Echo) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) Service(org.apache.cxf.service.Service) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) WSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest) Test(org.junit.Test)

Example 17 with WSS4JInInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor in project cxf by apache.

the class StaxToDOMSamlTest method testSaml1.

@Test
public void testSaml1() throws Exception {
    // Create + configure service
    Service service = createService();
    Map<String, Object> inProperties = new HashMap<>();
    inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED);
    final Map<QName, Object> customMap = new HashMap<>();
    CustomSamlValidator validator = new CustomSamlValidator();
    customMap.put(WSConstants.SAML_TOKEN, validator);
    customMap.put(WSConstants.SAML2_TOKEN, validator);
    inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
    inProperties.put(SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION, "false");
    WSS4JInInterceptor inInterceptor = new WSS4JInInterceptor(inProperties);
    service.getInInterceptors().add(inInterceptor);
    service.put(SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION, "false");
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    WSSSecurityProperties properties = new WSSSecurityProperties();
    List<WSSConstants.Action> actions = new ArrayList<>();
    actions.add(WSSConstants.SAML_TOKEN_UNSIGNED);
    properties.setActions(actions);
    properties.setSamlCallbackHandler(new SAML1CallbackHandler());
    WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) HashMap(java.util.HashMap) Echo(org.apache.cxf.ws.security.wss4j.Echo) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) Service(org.apache.cxf.service.Service) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) WSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest) Test(org.junit.Test)

Example 18 with WSS4JInInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor in project cxf by apache.

the class UTServer method run.

protected void run() {
    DoubleItPortTypeImpl implementor = new DoubleItPortTypeImpl();
    implementor.setEnforcePrincipal(false);
    String address = "http://localhost:" + PORT + "/DoubleItUsernameToken3";
    EndpointImpl jaxWsEndpoint = (EndpointImpl) Endpoint.publish(address, implementor);
    Map<String, Object> properties = new HashMap<>();
    properties.put("action", "UsernameToken");
    properties.put("passwordCallbackClass", "org.apache.cxf.systest.ws.common.UTPasswordCallback");
    WSS4JInInterceptor wss4jInInterceptor = new WSS4JInInterceptor(properties);
    jaxWsEndpoint.getServer().getEndpoint().getInInterceptors().add(wss4jInInterceptor);
}
Also used : DoubleItPortTypeImpl(org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl) HashMap(java.util.HashMap) EndpointImpl(org.apache.cxf.jaxws.EndpointImpl) WSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor)

Aggregations

WSS4JInInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor)18 HashMap (java.util.HashMap)15 Client (org.apache.cxf.endpoint.Client)14 QName (javax.xml.namespace.QName)13 LoggingInInterceptor (org.apache.cxf.ext.logging.LoggingInInterceptor)12 LoggingOutInterceptor (org.apache.cxf.ext.logging.LoggingOutInterceptor)12 Service (org.apache.cxf.service.Service)12 AbstractSecurityTest (org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)12 Echo (org.apache.cxf.ws.security.wss4j.Echo)12 WSS4JStaxOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor)12 Test (org.junit.Test)12 ArrayList (java.util.ArrayList)6 WSSSecurityProperties (org.apache.wss4j.stax.ext.WSSSecurityProperties)6 WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)4 Properties (java.util.Properties)2 Bus (org.apache.cxf.Bus)2 SAAJInInterceptor (org.apache.cxf.binding.soap.saaj.SAAJInInterceptor)2 SAAJOutInterceptor (org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor)2 Endpoint (org.apache.cxf.endpoint.Endpoint)2 ByteArrayInputStream (java.io.ByteArrayInputStream)1