use of org.apache.neethi.All in project cxf by apache.
the class MinimalMaximalAlternativeSelectorTest method testChooseMaxAlternative.
@Test
public void testChooseMaxAlternative() {
Message m = new MessageImpl();
AlternativeSelector selector = new MaximalAlternativeSelector();
PolicyEngine engine = control.createMock(PolicyEngine.class);
Assertor assertor = control.createMock(Assertor.class);
Policy policy = new Policy();
ExactlyOne ea = new ExactlyOne();
All all = new All();
PolicyAssertion a1 = new TestAssertion();
all.addAssertion(a1);
ea.addPolicyComponent(all);
Collection<PolicyAssertion> maxAlternative = CastUtils.cast(all.getPolicyComponents(), PolicyAssertion.class);
all = new All();
ea.addPolicyComponent(all);
Collection<PolicyAssertion> minAlternative = CastUtils.cast(all.getPolicyComponents(), PolicyAssertion.class);
policy.addPolicyComponent(ea);
EasyMock.expect(engine.supportsAlternative(maxAlternative, assertor, m)).andReturn(true);
EasyMock.expect(engine.supportsAlternative(minAlternative, assertor, m)).andReturn(true);
control.replay();
Collection<Assertion> choice = selector.selectAlternative(policy, engine, assertor, null, m);
assertEquals(1, choice.size());
assertSame(a1, choice.iterator().next());
control.verify();
}
use of org.apache.neethi.All in project cxf by apache.
the class AssertionInfoMapTest method testCheckEffectivePolicy.
@Test
public void testCheckEffectivePolicy() {
Policy p = new Policy();
QName aqn = new QName("http://x.y.z", "a");
Assertion a = new PrimitiveAssertion(aqn);
QName bqn = new QName("http://x.y.z", "b");
Assertion b = new PrimitiveAssertion(bqn);
QName cqn = new QName("http://x.y.z", "c");
Assertion c = new PrimitiveAssertion(cqn);
All alt1 = new All();
alt1.addAssertion(a);
alt1.addAssertion(b);
All alt2 = new All();
alt2.addAssertion(c);
ExactlyOne ea = new ExactlyOne();
ea.addPolicyComponent(alt1);
ea.addPolicyComponent(alt2);
p.addPolicyComponent(ea);
AssertionInfoMap aim = new AssertionInfoMap(CastUtils.cast(Collections.EMPTY_LIST, PolicyAssertion.class));
AssertionInfo ai = new AssertionInfo(a);
AssertionInfo bi = new AssertionInfo(b);
AssertionInfo ci = new AssertionInfo(c);
aim.put(aqn, Collections.singleton(ai));
aim.put(bqn, Collections.singleton(bi));
aim.put(cqn, Collections.singleton(ci));
try {
aim.checkEffectivePolicy(p);
fail("Expected PolicyException not thrown.");
} catch (PolicyException ex) {
// expected
}
ai.setAsserted(true);
ci.setAsserted(true);
aim.checkEffectivePolicy(p);
}
use of org.apache.neethi.All in project cxf by apache.
the class AssertionInfoMapTest method testAllAssertionsIn.
@Test
public void testAllAssertionsIn() {
Policy nested = new Policy();
Assertion nb = new PrimitiveAssertion(new QName("http://x.y.z", "b"));
nested.addAssertion(nb);
Policy p = new Policy();
Assertion a1 = new PrimitiveAssertion(new QName("http://x.y.z", "a"));
Assertion a2 = new PrimitiveAssertion(new QName("http://x.y.z", "a"));
Assertion b = new PrimitiveAssertion(new QName("http://x.y.z", "b"));
Assertion c = new PolicyContainingPrimitiveAssertion(new QName("http://x.y.z", "c"), false, false, nested);
All alt1 = new All();
alt1.addAssertion(a1);
alt1.addAssertion(b);
All alt2 = new All();
alt1.addAssertion(a2);
alt2.addAssertion(c);
ExactlyOne ea = new ExactlyOne();
ea.addPolicyComponent(alt1);
ea.addPolicyComponent(alt2);
p.addPolicyComponent(ea);
AssertionInfoMap aim = new AssertionInfoMap(p);
Collection<AssertionInfo> listA = aim.getAssertionInfo(new QName("http://x.y.z", "a"));
assertEquals("2 A assertions should've been added", 2, listA.size());
AssertionInfo[] ais = listA.toArray(new AssertionInfo[] {});
assertTrue("Two different A instances should be added", ais[0].getAssertion() == a1 && ais[1].getAssertion() == a2 || ais[0].getAssertion() == a2 && ais[1].getAssertion() == a1);
Collection<AssertionInfo> listB = aim.getAssertionInfo(new QName("http://x.y.z", "b"));
assertEquals("2 B assertions should've been added", 2, listB.size());
ais = listB.toArray(new AssertionInfo[] {});
assertTrue("Two different B instances should be added", ais[0].getAssertion() == nb && ais[1].getAssertion() == b || ais[0].getAssertion() == b && ais[1].getAssertion() == nb);
Collection<AssertionInfo> listC = aim.getAssertionInfo(new QName("http://x.y.z", "c"));
assertEquals("1 C assertion should've been added", 1, listC.size());
ais = listC.toArray(new AssertionInfo[] {});
assertSame("One C instances should be added", ais[0].getAssertion(), c);
}
use of org.apache.neethi.All in project cxf by apache.
the class SpnegoContextTokenInInterceptor method handleMessage.
public void handleMessage(SoapMessage message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = PolicyUtils.getAllAssertionsByLocalname(aim, SPConstants.SPNEGO_CONTEXT_TOKEN);
if (ais.isEmpty()) {
return;
}
if (isRequestor(message)) {
// client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
return;
}
String s = (String) message.get(SoapBindingConstants.SOAP_ACTION);
if (s == null) {
s = SoapActionInInterceptor.getSoapAction(message);
}
AddressingProperties inProps = (AddressingProperties) message.getContextualProperty(JAXWSAConstants.ADDRESSING_PROPERTIES_INBOUND);
if (inProps != null && s == null) {
// MS/WCF doesn't put a soap action out for this, must check the headers
s = inProps.getAction().getValue();
}
if (s != null && s.contains("/RST/Issue") && (s.startsWith(STSUtils.WST_NS_05_02) || s.startsWith(STSUtils.WST_NS_05_12))) {
Policy p = new Policy();
ExactlyOne ea = new ExactlyOne();
p.addPolicyComponent(ea);
All all = new All();
Assertion ass = NegotiationUtils.getAddressingPolicy(aim, false);
all.addPolicyComponent(ass);
ea.addPolicyComponent(all);
// setup endpoint and forward to it.
unmapSecurityProps(message);
String ns = STSUtils.WST_NS_05_12;
if (s.startsWith(STSUtils.WST_NS_05_02)) {
ns = STSUtils.WST_NS_05_02;
}
NegotiationUtils.recalcEffectivePolicy(message, ns, p, new SpnegoSTSInvoker(), false);
} else {
message.getInterceptorChain().add(SpnegoContextTokenFinderInterceptor.INSTANCE);
}
}
}
use of org.apache.neethi.All in project cxf by apache.
the class SpnegoTokenInterceptorProvider method setupClient.
static String setupClient(STSClient client, SoapMessage message, AssertionInfoMap aim) {
client.setTrust(NegotiationUtils.getTrust10(aim));
client.setTrust(NegotiationUtils.getTrust13(aim));
Policy p = new Policy();
ExactlyOne ea = new ExactlyOne();
p.addPolicyComponent(ea);
All all = new All();
all.addPolicyComponent(NegotiationUtils.getAddressingPolicy(aim, false));
ea.addPolicyComponent(all);
client.setPolicy(p);
client.setSoap11(message.getVersion() == Soap11.getInstance());
client.setSpnego(true);
WSSConfig config = WSSConfig.getNewInstance();
String context = config.getIdAllocator().createSecureId("_", null);
client.setContext(context);
String s = message.getContextualProperty(Message.ENDPOINT_ADDRESS).toString();
client.setLocation(s);
AlgorithmSuite suite = NegotiationUtils.getAlgorithmSuite(aim);
if (suite != null) {
client.setAlgorithmSuite(suite);
int x = suite.getAlgorithmSuiteType().getMaximumSymmetricKeyLength();
if (x < 256) {
client.setKeySize(x);
}
}
Map<String, Object> ctx = client.getRequestContext();
mapSecurityProps(message, ctx);
return s;
}
Aggregations