Example 16 with WSS4JOutInterceptor
use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project tomee by apache.
the class CalculatorTest method call.
@Test
public void call() throws MalformedURLException {
final EJBContainer container = EJBContainer.createEJBContainer(new Properties() {
{
setProperty(OpenEjbContainer.OPENEJB_EMBEDDED_REMOTABLE, "true");
// random port to avoid issue on CI, default is 4204
setProperty("httpejbd.port", "0");
}
});
// get back the random port
final int port = Integer.parseInt(SystemInstance.get().getProperty("httpejbd.port"));
// normal call
final Service service = Service.create(new URL("http://127.0.0.1:" + port + "/webservice-ws-with-resources-config/CalculatorBean?wsdl"), new QName("http://security.ws.superbiz.org/", "CalculatorBeanService"));
final Calculator calculator = service.getPort(Calculator.class);
ClientProxy.getClient(calculator).getOutInterceptors().add(new WSS4JOutInterceptor(new HashMap<String, Object>() {
{
put("action", "UsernameToken");
put("user", "openejb");
put("passwordType", "PasswordText");
put("passwordCallbackRef", new CallbackHandler() {
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
final WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
pc.setPassword("tomee");
}
});
}
}));
assertEquals(5, calculator.add(2, 3));
// bad auth
final Calculator calculator2 = service.getPort(Calculator.class);
ClientProxy.getClient(calculator2).getOutInterceptors().add(new WSS4JOutInterceptor(new HashMap<String, Object>() {
{
put("action", "UsernameToken");
put("user", "openejb");
put("passwordType", "PasswordText");
put("passwordCallbackRef", new CallbackHandler() {
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
final WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
pc.setPassword("wrong");
}
});
}
}));
try {
assertEquals(5, calculator2.add(2, 3));
} catch (SOAPFaultException sfe) {
assertThat(sfe.getMessage(), CoreMatchers.containsString("A security error was encountered when verifying the message"));
}
container.close();
// valid it passed because all was fine and not because the server config was not here
assertTrue(PasswordCallbackHandler.wasCalled());
}
Also used :
CallbackHandler(javax.security.auth.callback.CallbackHandler)
HashMap(java.util.HashMap)
QName(javax.xml.namespace.QName)
Service(javax.xml.ws.Service)
SOAPFaultException(javax.xml.ws.soap.SOAPFaultException)
IOException(java.io.IOException)
Properties(java.util.Properties)
URL(java.net.URL)
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Callback(javax.security.auth.callback.Callback)
EJBContainer(javax.ejb.embeddable.EJBContainer)
WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Test(org.junit.Test)
Example 17 with WSS4JOutInterceptor
use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project tomee by apache.
the class CalculatorTest method testCalculatorViaWsInterfaceWithUsernameTokenPlainPasswordEncrypt.
public void testCalculatorViaWsInterfaceWithUsernameTokenPlainPasswordEncrypt() throws Exception {
final Service calcService = Service.create(new URL("http://localhost:" + port + "/webservice-ws-security/CalculatorImplUsernameTokenPlainPasswordEncrypt?wsdl"), new QName("http://superbiz.org/wsdl", "CalculatorWsService"));
assertNotNull(calcService);
// for debugging (ie. TCPMon)
calcService.addPort(new QName("http://superbiz.org/wsdl", "CalculatorWsService2"), SOAPBinding.SOAP12HTTP_BINDING, "http://127.0.0.1:8204/CalculatorImplUsernameTokenPlainPasswordEncrypt");
// CalculatorWs calc = calcService.getPort(
// new QName("http://superbiz.org/wsdl", "CalculatorWsService2"),
// CalculatorWs.class);
final CalculatorWs calc = calcService.getPort(CalculatorWs.class);
final Client client = ClientProxy.getClient(calc);
final Endpoint endpoint = client.getEndpoint();
endpoint.getOutInterceptors().add(new SAAJOutInterceptor());
final Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.ENCRYPT);
outProps.put(WSHandlerConstants.USER, "jane");
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.PW_CALLBACK_REF, new CallbackHandler() {
@Override
public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException {
final WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
pc.setPassword("waterfall");
}
});
outProps.put(WSHandlerConstants.ENC_PROP_FILE, "META-INF/CalculatorImplUsernameTokenPlainPasswordEncrypt-client.properties");
outProps.put(WSHandlerConstants.ENCRYPTION_USER, "serveralias");
final WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
endpoint.getOutInterceptors().add(wssOut);
assertEquals(10, calc.sum(4, 6));
}
Also used :
SAAJOutInterceptor(org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor)
CallbackHandler(javax.security.auth.callback.CallbackHandler)
HashMap(java.util.HashMap)
QName(javax.xml.namespace.QName)
Service(javax.xml.ws.Service)
IOException(java.io.IOException)
URL(java.net.URL)
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Callback(javax.security.auth.callback.Callback)
Endpoint(org.apache.cxf.endpoint.Endpoint)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)
Client(org.apache.cxf.endpoint.Client)
WSPasswordCallback(org.apache.wss4j.common.ext.WSPasswordCallback)
Aggregations
WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)17
HashMap (java.util.HashMap)14
Client (org.apache.cxf.endpoint.Client)9
URL (java.net.URL)8
QName (javax.xml.namespace.QName)8
Service (javax.xml.ws.Service)8
SAAJOutInterceptor (org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor)8
Endpoint (org.apache.cxf.endpoint.Endpoint)8
BindingProvider (javax.xml.ws.BindingProvider)7
ModelPortType (com.evolveum.midpoint.xml.ns._public.model.model_3.ModelPortType)6
ModelService (com.evolveum.midpoint.xml.ns._public.model.model_3.ModelService)6
IOException (java.io.IOException)6
Callback (javax.security.auth.callback.Callback)6
CallbackHandler (javax.security.auth.callback.CallbackHandler)6
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)6
WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)6
LoggingInInterceptor (org.apache.cxf.interceptor.LoggingInInterceptor)4
LoggingOutInterceptor (org.apache.cxf.interceptor.LoggingOutInterceptor)4
SAAJInInterceptor (org.apache.cxf.binding.soap.saaj.SAAJInInterceptor)2
HTTPConduit (org.apache.cxf.transport.http.HTTPConduit)2
