use of org.apache.wss4j.dom.handler.HandlerAction in project cxf by apache.
the class SecurityActionTokenTest method testSignature.
@Test
public void testSignature() throws Exception {
SignatureActionToken actionToken = new SignatureActionToken();
actionToken.setCryptoProperties("outsecurity.properties");
actionToken.setUser("myalias");
List<HandlerAction> actions = Collections.singletonList(new HandlerAction(WSConstants.SIGN, actionToken));
Map<String, Object> outProperties = new HashMap<>();
outProperties.put(WSHandlerConstants.HANDLER_ACTIONS, actions);
outProperties.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
Map<String, Object> inProperties = new HashMap<>();
inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
inProperties.put(ConfigurationConstants.SIG_VER_PROP_FILE, "insecurity.properties");
List<String> xpaths = new ArrayList<>();
xpaths.add("//wsse:Security");
xpaths.add("//wsse:Security/ds:Signature");
List<WSHandlerResult> handlerResults = getResults(makeInvocation(outProperties, xpaths, inProperties));
WSSecurityEngineResult actionResult = handlerResults.get(0).getActionResults().get(WSConstants.SIGN).get(0);
X509Certificate certificate = (X509Certificate) actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
assertNotNull(certificate);
}
use of org.apache.wss4j.dom.handler.HandlerAction in project cxf by apache.
the class SecurityActionTokenTest method testEncryption.
@Test
public void testEncryption() throws Exception {
EncryptionActionToken actionToken = new EncryptionActionToken();
actionToken.setCryptoProperties("outsecurity.properties");
actionToken.setUser("myalias");
List<HandlerAction> actions = Collections.singletonList(new HandlerAction(WSConstants.ENCR, actionToken));
Map<String, Object> outProperties = new HashMap<>();
outProperties.put(WSHandlerConstants.HANDLER_ACTIONS, actions);
Map<String, Object> inProperties = new HashMap<>();
inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.ENCRYPT);
inProperties.put(ConfigurationConstants.DEC_PROP_FILE, "insecurity.properties");
inProperties.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
List<String> xpaths = new ArrayList<>();
xpaths.add("//wsse:Security");
xpaths.add("//s:Body/xenc:EncryptedData");
List<WSHandlerResult> handlerResults = getResults(makeInvocation(outProperties, xpaths, inProperties));
assertNotNull(handlerResults);
assertSame(handlerResults.size(), 1);
//
// This should contain exactly 1 protection result
//
final java.util.List<WSSecurityEngineResult> protectionResults = handlerResults.get(0).getResults();
assertNotNull(protectionResults);
assertSame(protectionResults.size(), 1);
//
// This result should contain a reference to the decrypted element,
// which should contain the soap:Body Qname
//
final java.util.Map<String, Object> result = protectionResults.get(0);
final java.util.List<WSDataRef> protectedElements = CastUtils.cast((List<?>) result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
assertNotNull(protectedElements);
assertSame(protectedElements.size(), 1);
assertEquals(protectedElements.get(0).getName(), new javax.xml.namespace.QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"));
}
Aggregations