Examples with WSS4JStaxInInterceptor org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor used on opensource projects

Search in sources :

Example 1 with WSS4JStaxInInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor in project cxf by apache.

the class DOMToStaxSamlTest method testSaml2SignedSenderVouches.

@Test
public void testSaml2SignedSenderVouches() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_SIGNED);
    properties.put(ConfigurationConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
    properties.put(ConfigurationConstants.SIG_KEY_ID, "DirectReference");
    properties.put(ConfigurationConstants.USER, "alice");
    properties.put(ConfigurationConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
    properties.put(ConfigurationConstants.SIG_PROP_FILE, "alice.properties");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor) Echo(org.apache.cxf.ws.security.wss4j.Echo) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)

Example 2 with WSS4JStaxInInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor in project cxf by apache.

the class DOMToStaxSamlTest method testSaml1SignedSenderVouches.

@Test
public void testSaml1SignedSenderVouches() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_SIGNED);
    properties.put(ConfigurationConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
    properties.put(ConfigurationConstants.SIG_KEY_ID, "DirectReference");
    properties.put(ConfigurationConstants.USER, "alice");
    properties.put(ConfigurationConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
    properties.put(ConfigurationConstants.SIG_PROP_FILE, "alice.properties");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor) Echo(org.apache.cxf.ws.security.wss4j.Echo) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)

Example 3 with WSS4JStaxInInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor in project cxf by apache.

the class StaxClient method main.

public static void main(String[] args) throws Exception {
    try {
        SpringBusFactory bf = new SpringBusFactory();
        URL busFile = StaxClient.class.getResource("/wssec.xml");
        Bus bus = bf.createBus(busFile.toString());
        BusFactory.setDefaultBus(bus);
        WSSSecurityProperties properties = new WSSSecurityProperties();
        properties.addAction(WSSConstants.USERNAMETOKEN);
        properties.addAction(WSSConstants.TIMESTAMP);
        properties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
        properties.setTokenUser("abcd");
        properties.setCallbackHandler(new UTPasswordCallback());
        WSSSecurityProperties inProperties = new WSSSecurityProperties();
        inProperties.addAction(WSSConstants.USERNAMETOKEN);
        inProperties.addAction(WSSConstants.TIMESTAMP);
        inProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT);
        inProperties.setCallbackHandler(new UTPasswordCallback());
        GreeterService service = new GreeterService();
        Greeter port = service.getGreeterPort();
        org.apache.cxf.endpoint.Client client = ClientProxy.getClient(port);
        client.getInInterceptors().add(new WSS4JStaxInInterceptor(inProperties));
        client.getOutInterceptors().add(new WSS4JStaxOutInterceptor(properties));
        String[] names = new String[] { "Anne", "Bill", "Chris", "Scott" };
        // make a sequence of 4 invocations
        for (int i = 0; i < 4; i++) {
            System.out.println("Invoking greetMe...");
            String response = port.greetMe(names[i]);
            System.out.println("response: " + response + "\n");
        }
        if (port instanceof Closeable) {
            ((Closeable) port).close();
        }
        bus.shutdown(true);
    } catch (UndeclaredThrowableException ex) {
        ex.getUndeclaredThrowable().printStackTrace();
    } catch (Exception ex) {
        ex.printStackTrace();
    } finally {
        System.exit(0);
    }
}
Also used : WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor) Bus(org.apache.cxf.Bus) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor) Closeable(java.io.Closeable) GreeterService(org.apache.cxf.hello_world_soap_http.GreeterService) URL(java.net.URL) UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) Greeter(org.apache.cxf.hello_world_soap_http.Greeter) UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException) UTPasswordCallback(demo.wssec.server.UTPasswordCallback)

Example 4 with WSS4JStaxInInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor in project cxf by apache.

the class DOMToStaxSamlTest method testSaml1.

@Test
public void testSaml1() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setValidateSamlSubjectConfirmation(false);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED);
    properties.put(ConfigurationConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor) Echo(org.apache.cxf.ws.security.wss4j.Echo) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)

Example 5 with WSS4JStaxInInterceptor

use of org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor in project cxf by apache.

the class DOMToStaxSamlTest method testSaml2TokenHOK.

@Test
public void testSaml2TokenHOK() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
    CustomStaxSamlValidator validator = new CustomStaxSamlValidator();
    inProperties.addValidator(WSConstants.SAML_TOKEN, validator);
    inProperties.addValidator(WSConstants.SAML2_TOKEN, validator);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_SIGNED);
    SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
    callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
    callbackHandler.setSignAssertion(true);
    properties.put(ConfigurationConstants.SAML_CALLBACK_REF, callbackHandler);
    properties.put(ConfigurationConstants.SIG_KEY_ID, "DirectReference");
    properties.put(ConfigurationConstants.USER, "alice");
    properties.put(ConfigurationConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
    properties.put(ConfigurationConstants.SIG_PROP_FILE, "alice.properties");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    try {
        echo.echo("test");
        fail("Failure expected on receiving sender vouches instead of HOK");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
    // expected
    }
    validator.setRequireSenderVouches(false);
    try {
        echo.echo("test");
        fail("Failure expected on receiving a SAML 1.1 Token instead of SAML 2.0");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
    // expected
    }
    validator.setRequireSAML1Assertion(false);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor) Echo(org.apache.cxf.ws.security.wss4j.Echo) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)

Aggregations

WSS4JStaxInInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor)7 WSSSecurityProperties (org.apache.wss4j.stax.ext.WSSSecurityProperties)7 HashMap (java.util.HashMap)6 Client (org.apache.cxf.endpoint.Client)6 LoggingInInterceptor (org.apache.cxf.ext.logging.LoggingInInterceptor)6 LoggingOutInterceptor (org.apache.cxf.ext.logging.LoggingOutInterceptor)6 Service (org.apache.cxf.service.Service)6 AbstractSecurityTest (org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)6 Echo (org.apache.cxf.ws.security.wss4j.Echo)6 WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)6 Test (org.junit.Test)6 Properties (java.util.Properties)4 UTPasswordCallback (demo.wssec.server.UTPasswordCallback)1 Closeable (java.io.Closeable)1 UndeclaredThrowableException (java.lang.reflect.UndeclaredThrowableException)1 URL (java.net.URL)1 Bus (org.apache.cxf.Bus)1 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)1 Greeter (org.apache.cxf.hello_world_soap_http.Greeter)1 GreeterService (org.apache.cxf.hello_world_soap_http.GreeterService)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial