Search in sources :

Example 51 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class CryptoCoverageCheckerTest method testSignedTimestampOnly.

@org.junit.Test
public void testSignedTimestampOnly() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = CryptoCoverageCheckerTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = CryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampPort");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, test.getPort());
    Map<String, Object> outProps = new HashMap<>();
    outProps.put("action", "Timestamp Signature");
    outProps.put("signaturePropFile", "alice.properties");
    outProps.put("user", "alice");
    outProps.put("passwordCallbackClass", "org.apache.cxf.systest.ws.common.KeystorePasswordCallback");
    outProps.put("signatureParts", "{}{http://docs.oasis-open.org/wss/2004/01/oasis-" + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
    if (test.isStreaming()) {
        SecurityTestUtil.enableStreaming(port);
    }
    if (test.isStreaming()) {
        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
        bus.getOutInterceptors().add(staxOutInterceptor);
    } else {
        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
        bus.getOutInterceptors().add(outInterceptor);
    }
    try {
        port.doubleIt(25);
        fail("Failure expected on not signing the Timestamp");
    } catch (Exception ex) {
    // expected
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor) Bus(org.apache.cxf.Bus) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) URL(java.net.URL) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)

Example 52 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class CryptoCoverageCheckerTest method testNotEncryptedUsernameToken.

@org.junit.Test
public void testNotEncryptedUsernameToken() throws Exception {
    if (!unrestrictedPoliciesInstalled) {
        return;
    }
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = CryptoCoverageCheckerTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = CryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItEncryptedUsernameTokenPort");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, test.getPort());
    Map<String, Object> outProps = new HashMap<>();
    outProps.put("action", "UsernameToken Encrypt");
    outProps.put("encryptionPropFile", "bob.properties");
    outProps.put("user", "alice");
    outProps.put("encryptionUser", "bob");
    outProps.put("passwordCallbackClass", "org.apache.cxf.systest.ws.common.KeystorePasswordCallback");
    outProps.put("encryptionParts", "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
    if (test.isStreaming()) {
        SecurityTestUtil.enableStreaming(port);
    }
    if (test.isStreaming()) {
        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
        bus.getOutInterceptors().add(staxOutInterceptor);
    } else {
        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
        bus.getOutInterceptors().add(outInterceptor);
    }
    try {
        port.doubleIt(25);
        fail("Failure expected on not encrypting the UsernameToken");
    } catch (Exception ex) {
    // expected
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor) Bus(org.apache.cxf.Bus) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) URL(java.net.URL) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)

Example 53 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class CryptoCoverageCheckerTest method testSignedTimestampOnlySoap12.

@org.junit.Test
public void testSignedTimestampOnlySoap12() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = CryptoCoverageCheckerTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = CryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampSoap12Port");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, test.getPort());
    Map<String, Object> outProps = new HashMap<>();
    outProps.put("action", "Timestamp Signature");
    outProps.put("signaturePropFile", "alice.properties");
    outProps.put("user", "alice");
    outProps.put("passwordCallbackClass", "org.apache.cxf.systest.ws.common.KeystorePasswordCallback");
    outProps.put("signatureParts", "{}{http://docs.oasis-open.org/wss/2004/01/oasis-" + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
    if (test.isStreaming()) {
        SecurityTestUtil.enableStreaming(port);
    }
    if (test.isStreaming()) {
        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
        bus.getOutInterceptors().add(staxOutInterceptor);
    } else {
        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
        bus.getOutInterceptors().add(outInterceptor);
    }
    try {
        port.doubleIt(25);
        fail("Failure expected on not signing the Timestamp");
    } catch (Exception ex) {
    // expected
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor) Bus(org.apache.cxf.Bus) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) URL(java.net.URL) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)

Example 54 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class CryptoCoverageCheckerTest method testSignedBodyOnly.

@org.junit.Test
public void testSignedBodyOnly() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = CryptoCoverageCheckerTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = CryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampPort");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, test.getPort());
    Map<String, Object> outProps = new HashMap<>();
    outProps.put("action", "Timestamp Signature");
    outProps.put("signaturePropFile", "alice.properties");
    outProps.put("user", "alice");
    outProps.put("passwordCallbackClass", "org.apache.cxf.systest.ws.common.KeystorePasswordCallback");
    outProps.put("signatureParts", "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
    if (test.isStreaming()) {
        SecurityTestUtil.enableStreaming(port);
    }
    if (test.isStreaming()) {
        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
        bus.getOutInterceptors().add(staxOutInterceptor);
    } else {
        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
        bus.getOutInterceptors().add(outInterceptor);
    }
    try {
        port.doubleIt(25);
        fail("Failure expected on not signing the Timestamp");
    } catch (Exception ex) {
    // expected
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor) Bus(org.apache.cxf.Bus) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) URL(java.net.URL) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)

Example 55 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class CryptoCoverageCheckerTest method testSignedBodyTimestamp.

@org.junit.Test
public void testSignedBodyTimestamp() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = CryptoCoverageCheckerTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = CryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampPort");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, test.getPort());
    Map<String, Object> outProps = new HashMap<>();
    outProps.put("action", "Timestamp Signature");
    outProps.put("signaturePropFile", "alice.properties");
    outProps.put("user", "alice");
    outProps.put("passwordCallbackClass", "org.apache.cxf.systest.ws.common.KeystorePasswordCallback");
    outProps.put("signatureParts", "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;" + "{}{http://docs.oasis-open.org/wss/2004/01/oasis-" + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
    if (test.isStreaming()) {
        SecurityTestUtil.enableStreaming(port);
    }
    if (test.isStreaming()) {
        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
        bus.getOutInterceptors().add(staxOutInterceptor);
    } else {
        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
        bus.getOutInterceptors().add(outInterceptor);
    }
    assertEquals(50, port.doubleIt(25));
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor) Bus(org.apache.cxf.Bus) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) URL(java.net.URL) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)

Aggregations

WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)63 HashMap (java.util.HashMap)48 QName (javax.xml.namespace.QName)31 URL (java.net.URL)30 Client (org.apache.cxf.endpoint.Client)27 Service (javax.xml.ws.Service)26 Test (org.junit.Test)23 Bus (org.apache.cxf.Bus)19 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)17 DoubleItPortType (org.example.contract.doubleit.DoubleItPortType)15 SOAPFaultException (javax.xml.ws.soap.SOAPFaultException)12 WSS4JStaxOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor)12 Endpoint (org.apache.cxf.endpoint.Endpoint)9 SAAJOutInterceptor (org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor)8 ClassPathXmlApplicationContext (org.springframework.context.support.ClassPathXmlApplicationContext)8 CallbackHandler (javax.security.auth.callback.CallbackHandler)7 BindingProvider (javax.xml.ws.BindingProvider)7 WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)7 ModelPortType (com.evolveum.midpoint.xml.ns._public.model.model_3.ModelPortType)6 ModelService (com.evolveum.midpoint.xml.ns._public.model.model_3.ModelService)6