Examples with WSS4JOutInterceptor org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor used on opensource projects

Search in sources :

Example 41 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class DOMToStaxSamlTest method testSaml2.

@Test
public void testSaml2() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setValidateSamlSubjectConfirmation(false);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED);
    properties.put(ConfigurationConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor) Echo(org.apache.cxf.ws.security.wss4j.Echo) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest) Test(org.junit.Test)

Example 42 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class DOMToStaxSamlTest method testSaml2TokenHOK.

@Test
public void testSaml2TokenHOK() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
    CustomStaxSamlValidator validator = new CustomStaxSamlValidator();
    inProperties.addValidator(WSConstants.SAML_TOKEN, validator);
    inProperties.addValidator(WSConstants.SAML2_TOKEN, validator);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_SIGNED);
    SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
    callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
    callbackHandler.setSignAssertion(true);
    properties.put(ConfigurationConstants.SAML_CALLBACK_REF, callbackHandler);
    properties.put(ConfigurationConstants.SIG_KEY_ID, "DirectReference");
    properties.put(ConfigurationConstants.USER, "alice");
    properties.put(ConfigurationConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
    properties.put(ConfigurationConstants.SIG_PROP_FILE, "alice.properties");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    try {
        echo.echo("test");
        fail("Failure expected on receiving sender vouches instead of HOK");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
    // expected
    }
    validator.setRequireSenderVouches(false);
    try {
        echo.echo("test");
        fail("Failure expected on receiving a SAML 1.1 Token instead of SAML 2.0");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
    // expected
    }
    validator.setRequireSAML1Assertion(false);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor) Echo(org.apache.cxf.ws.security.wss4j.Echo) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest) Test(org.junit.Test)

Example 43 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class DOMToStaxSamlTest method testSaml1TokenHOK.

@Test
public void testSaml1TokenHOK() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
    CustomStaxSamlValidator validator = new CustomStaxSamlValidator();
    inProperties.addValidator(WSConstants.SAML_TOKEN, validator);
    inProperties.addValidator(WSConstants.SAML2_TOKEN, validator);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_SIGNED);
    SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
    callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY);
    callbackHandler.setSignAssertion(true);
    properties.put(ConfigurationConstants.SAML_CALLBACK_REF, callbackHandler);
    properties.put(ConfigurationConstants.SIG_KEY_ID, "DirectReference");
    properties.put(ConfigurationConstants.USER, "alice");
    properties.put(ConfigurationConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
    properties.put(ConfigurationConstants.SIG_PROP_FILE, "alice.properties");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    try {
        echo.echo("test");
        fail("Failure expected on receiving sender vouches instead of HOK");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
    // expected
    }
    validator.setRequireSenderVouches(false);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor) Echo(org.apache.cxf.ws.security.wss4j.Echo) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest) Test(org.junit.Test)

Example 44 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class DOMToStaxSamlTest method testSaml1.

@Test
public void testSaml1() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setValidateSamlSubjectConfirmation(false);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED);
    properties.put(ConfigurationConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor) Echo(org.apache.cxf.ws.security.wss4j.Echo) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest) Test(org.junit.Test)

Example 45 with WSS4JOutInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor in project cxf by apache.

the class ActionTest method testSignatureHandlerActions.

@org.junit.Test
public void testSignatureHandlerActions() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = ActionTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItSignatureConfigPort");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);
    // Programmatic interceptor
    Map<String, Object> props = new HashMap<>();
    HandlerAction signatureAction = new HandlerAction();
    signatureAction.setAction(WSConstants.SIGN);
    SignatureActionToken actionToken = new SignatureActionToken();
    actionToken.setUser("alice");
    actionToken.setKeyIdentifierId(WSConstants.BST_DIRECT_REFERENCE);
    Properties cryptoProperties = CryptoFactory.getProperties("alice.properties", this.getClass().getClassLoader());
    Crypto crypto = CryptoFactory.getInstance(cryptoProperties, this.getClass().getClassLoader(), null);
    actionToken.setCrypto(crypto);
    signatureAction.setActionToken(actionToken);
    List<HandlerAction> actions = Collections.singletonList(signatureAction);
    props.put(WSHandlerConstants.HANDLER_ACTIONS, actions);
    props.put(ConfigurationConstants.PW_CALLBACK_REF, new KeystorePasswordCallback());
    WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(props);
    Client client = ClientProxy.getClient(port);
    client.getOutInterceptors().add(outInterceptor);
    assertEquals(50, port.doubleIt(25));
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) URL(java.net.URL) HandlerAction(org.apache.wss4j.dom.handler.HandlerAction) SignatureActionToken(org.apache.wss4j.common.SignatureActionToken) Crypto(org.apache.wss4j.common.crypto.Crypto) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) KeystorePasswordCallback(org.apache.cxf.systest.ws.common.KeystorePasswordCallback)

Aggregations

WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)65 HashMap (java.util.HashMap)50 QName (javax.xml.namespace.QName)32 URL (java.net.URL)31 Client (org.apache.cxf.endpoint.Client)29 Service (javax.xml.ws.Service)27 Test (org.junit.Test)23 Bus (org.apache.cxf.Bus)20 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)18 DoubleItPortType (org.example.contract.doubleit.DoubleItPortType)16 SOAPFaultException (javax.xml.ws.soap.SOAPFaultException)12 WSS4JStaxOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor)12 Endpoint (org.apache.cxf.endpoint.Endpoint)10 SAAJOutInterceptor (org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor)9 CallbackHandler (javax.security.auth.callback.CallbackHandler)8 WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)8 ClassPathXmlApplicationContext (org.springframework.context.support.ClassPathXmlApplicationContext)8 IOException (java.io.IOException)7 Callback (javax.security.auth.callback.Callback)7 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial