Example 26 with WSS4JStaxOutInterceptor
use of org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor in project cxf by apache.
the class StaxToDOMSamlTest method testSaml1SignedSenderVouches.
@Test
public void testSaml1SignedSenderVouches() throws Exception {
// Create + configure service
Service service = createService();
Map<String, Object> inProperties = new HashMap<>();
inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED + " " + ConfigurationConstants.SIGNATURE);
inProperties.put(ConfigurationConstants.SIG_VER_PROP_FILE, "insecurity.properties");
final Map<QName, Object> customMap = new HashMap<>();
CustomSamlValidator validator = new CustomSamlValidator();
customMap.put(WSConstants.SAML_TOKEN, validator);
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
WSS4JInInterceptor inInterceptor = new WSS4JInInterceptor(inProperties);
service.getInInterceptors().add(inInterceptor);
// Create + configure client
Echo echo = createClientProxy();
Client client = ClientProxy.getClient(echo);
client.getInInterceptors().add(new LoggingInInterceptor());
client.getOutInterceptors().add(new LoggingOutInterceptor());
WSSSecurityProperties properties = new WSSSecurityProperties();
List<WSSConstants.Action> actions = new ArrayList<WSSConstants.Action>();
actions.add(WSSConstants.SAML_TOKEN_SIGNED);
properties.setActions(actions);
properties.setSamlCallbackHandler(new SAML1CallbackHandler());
properties.setCallbackHandler(new PasswordCallbackHandler());
properties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
client.getOutInterceptors().add(ohandler);
assertEquals("test", echo.echo("test"));
}
Also used :
WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor)
WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties)
WSSConstants(org.apache.wss4j.stax.ext.WSSConstants)
HashMap(java.util.HashMap)
Echo(org.apache.cxf.ws.security.wss4j.Echo)
QName(javax.xml.namespace.QName)
ArrayList(java.util.ArrayList)
Service(org.apache.cxf.service.Service)
LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor)
WSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor)
LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor)
Client(org.apache.cxf.endpoint.Client)
AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)
Test(org.junit.Test)
Example 27 with WSS4JStaxOutInterceptor
use of org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor in project cxf by apache.
the class StaxToDOMSamlTest method testSaml1Config.
@Test
public void testSaml1Config() throws Exception {
// Create + configure service
Service service = createService();
Map<String, Object> inProperties = new HashMap<>();
inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED);
final Map<QName, Object> customMap = new HashMap<>();
CustomSamlValidator validator = new CustomSamlValidator();
customMap.put(WSConstants.SAML_TOKEN, validator);
customMap.put(WSConstants.SAML2_TOKEN, validator);
inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
inProperties.put(SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION, "false");
WSS4JInInterceptor inInterceptor = new WSS4JInInterceptor(inProperties);
service.getInInterceptors().add(inInterceptor);
service.put(SecurityConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION, "false");
// Create + configure client
Echo echo = createClientProxy();
Client client = ClientProxy.getClient(echo);
client.getInInterceptors().add(new LoggingInInterceptor());
client.getOutInterceptors().add(new LoggingOutInterceptor());
Map<String, Object> outConfig = new HashMap<>();
outConfig.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED);
outConfig.put(ConfigurationConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(outConfig);
client.getOutInterceptors().add(ohandler);
assertEquals("test", echo.echo("test"));
}
Also used :
WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor)
HashMap(java.util.HashMap)
Echo(org.apache.cxf.ws.security.wss4j.Echo)
QName(javax.xml.namespace.QName)
Service(org.apache.cxf.service.Service)
LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor)
WSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor)
LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor)
Client(org.apache.cxf.endpoint.Client)
AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)
Test(org.junit.Test)
Aggregations
WSS4JStaxOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor)27
HashMap (java.util.HashMap)25
QName (javax.xml.namespace.QName)25
URL (java.net.URL)14
Service (javax.xml.ws.Service)14
Bus (org.apache.cxf.Bus)14
SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)14
Client (org.apache.cxf.endpoint.Client)14
DoubleItPortType (org.example.contract.doubleit.DoubleItPortType)13
Test (org.junit.Test)13
LoggingInInterceptor (org.apache.cxf.ext.logging.LoggingInInterceptor)12
LoggingOutInterceptor (org.apache.cxf.ext.logging.LoggingOutInterceptor)12
Service (org.apache.cxf.service.Service)12
AbstractSecurityTest (org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)12
Echo (org.apache.cxf.ws.security.wss4j.Echo)12
WSS4JInInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor)12
WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)12
WSSSecurityProperties (org.apache.wss4j.stax.ext.WSSSecurityProperties)8
ArrayList (java.util.ArrayList)6
WSSConstants (org.apache.wss4j.stax.ext.WSSConstants)6
