Example 6 with WSS4JStaxInInterceptor
use of org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor in project cxf by apache.
the class DOMToStaxSamlTest method testSaml2.
@Test
public void testSaml2() throws Exception {
// Create + configure service
Service service = createService();
WSSSecurityProperties inProperties = new WSSSecurityProperties();
inProperties.setValidateSamlSubjectConfirmation(false);
WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
service.getInInterceptors().add(inhandler);
// Create + configure client
Echo echo = createClientProxy();
Client client = ClientProxy.getClient(echo);
client.getInInterceptors().add(new LoggingInInterceptor());
client.getOutInterceptors().add(new LoggingOutInterceptor());
Map<String, Object> properties = new HashMap<>();
properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED);
properties.put(ConfigurationConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
client.getOutInterceptors().add(ohandler);
assertEquals("test", echo.echo("test"));
}
Also used :
WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties)
WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor)
Echo(org.apache.cxf.ws.security.wss4j.Echo)
HashMap(java.util.HashMap)
Service(org.apache.cxf.service.Service)
LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor)
LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor)
WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)
Client(org.apache.cxf.endpoint.Client)
Test(org.junit.Test)
AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)
Example 7 with WSS4JStaxInInterceptor
use of org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor in project cxf by apache.
the class DOMToStaxSamlTest method testSaml1TokenHOK.
@Test
public void testSaml1TokenHOK() throws Exception {
// Create + configure service
Service service = createService();
WSSSecurityProperties inProperties = new WSSSecurityProperties();
Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
CustomStaxSamlValidator validator = new CustomStaxSamlValidator();
inProperties.addValidator(WSConstants.SAML_TOKEN, validator);
inProperties.addValidator(WSConstants.SAML2_TOKEN, validator);
WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
service.getInInterceptors().add(inhandler);
// Create + configure client
Echo echo = createClientProxy();
Client client = ClientProxy.getClient(echo);
client.getInInterceptors().add(new LoggingInInterceptor());
client.getOutInterceptors().add(new LoggingOutInterceptor());
Map<String, Object> properties = new HashMap<>();
properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_SIGNED);
SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY);
callbackHandler.setSignAssertion(true);
properties.put(ConfigurationConstants.SAML_CALLBACK_REF, callbackHandler);
properties.put(ConfigurationConstants.SIG_KEY_ID, "DirectReference");
properties.put(ConfigurationConstants.USER, "alice");
properties.put(ConfigurationConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
properties.put(ConfigurationConstants.SIG_PROP_FILE, "alice.properties");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
client.getOutInterceptors().add(ohandler);
try {
echo.echo("test");
fail("Failure expected on receiving sender vouches instead of HOK");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
// expected
}
validator.setRequireSenderVouches(false);
assertEquals("test", echo.echo("test"));
}
Also used :
WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties)
WSS4JStaxInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor)
Echo(org.apache.cxf.ws.security.wss4j.Echo)
HashMap(java.util.HashMap)
Service(org.apache.cxf.service.Service)
Properties(java.util.Properties)
WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties)
LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor)
LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor)
WSS4JOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)
Client(org.apache.cxf.endpoint.Client)
Test(org.junit.Test)
AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)
Aggregations
WSS4JStaxInInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor)7
WSSSecurityProperties (org.apache.wss4j.stax.ext.WSSSecurityProperties)7
HashMap (java.util.HashMap)6
Client (org.apache.cxf.endpoint.Client)6
LoggingInInterceptor (org.apache.cxf.ext.logging.LoggingInInterceptor)6
LoggingOutInterceptor (org.apache.cxf.ext.logging.LoggingOutInterceptor)6
Service (org.apache.cxf.service.Service)6
AbstractSecurityTest (org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)6
Echo (org.apache.cxf.ws.security.wss4j.Echo)6
WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)6
Test (org.junit.Test)6
Properties (java.util.Properties)4
UTPasswordCallback (demo.wssec.server.UTPasswordCallback)1
Closeable (java.io.Closeable)1
UndeclaredThrowableException (java.lang.reflect.UndeclaredThrowableException)1
URL (java.net.URL)1
Bus (org.apache.cxf.Bus)1
SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)1
Greeter (org.apache.cxf.hello_world_soap_http.Greeter)1
GreeterService (org.apache.cxf.hello_world_soap_http.GreeterService)1
