Examples with WSSSecurityProperties org.apache.wss4j.stax.ext.WSSSecurityProperties used on opensource projects

Search in sources :

Example 66 with WSSSecurityProperties

use of org.apache.wss4j.stax.ext.WSSSecurityProperties in project cxf by apache.

the class StaxToDOMSamlTest method testSaml1SignedSenderVouches.

@Test
public void testSaml1SignedSenderVouches() throws Exception {
    // Create + configure service
    Service service = createService();
    Map<String, Object> inProperties = new HashMap<>();
    inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED + " " + ConfigurationConstants.SIGNATURE);
    inProperties.put(ConfigurationConstants.SIG_VER_PROP_FILE, "insecurity.properties");
    final Map<QName, Object> customMap = new HashMap<>();
    CustomSamlValidator validator = new CustomSamlValidator();
    customMap.put(WSConstants.SAML_TOKEN, validator);
    customMap.put(WSConstants.SAML2_TOKEN, validator);
    inProperties.put(WSS4JInInterceptor.VALIDATOR_MAP, customMap);
    WSS4JInInterceptor inInterceptor = new WSS4JInInterceptor(inProperties);
    service.getInInterceptors().add(inInterceptor);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    WSSSecurityProperties properties = new WSSSecurityProperties();
    List<WSSConstants.Action> actions = new ArrayList<WSSConstants.Action>();
    actions.add(WSSConstants.SAML_TOKEN_SIGNED);
    properties.setActions(actions);
    properties.setSamlCallbackHandler(new SAML1CallbackHandler());
    properties.setCallbackHandler(new PasswordCallbackHandler());
    properties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
    WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSS4JStaxOutInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) WSSConstants(org.apache.wss4j.stax.ext.WSSConstants) HashMap(java.util.HashMap) Echo(org.apache.cxf.ws.security.wss4j.Echo) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) Service(org.apache.cxf.service.Service) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) WSS4JInInterceptor(org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) AbstractSecurityTest(org.apache.cxf.ws.security.wss4j.AbstractSecurityTest) Test(org.junit.Test)

Example 67 with WSSSecurityProperties

use of org.apache.wss4j.stax.ext.WSSSecurityProperties in project cxf by apache.

the class DOMToStaxEncryptionIdentifierTest method testEncryptDirectReference.

@Test
public void testEncryptDirectReference() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setCallbackHandler(new TestPwdCallback());
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setDecryptionCryptoProperties(cryptoProperties);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.ENCRYPT);
    properties.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
    properties.put(ConfigurationConstants.ENC_PROP_FILE, "outsecurity.properties");
    properties.put(ConfigurationConstants.USER, "myalias");
    properties.put(ConfigurationConstants.ENC_KEY_ID, "DirectReference");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test)

Example 68 with WSSSecurityProperties

use of org.apache.wss4j.stax.ext.WSSSecurityProperties in project cxf by apache.

the class DOMToStaxEncryptionIdentifierTest method testEncryptThumbprint.

@Test
public void testEncryptThumbprint() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setCallbackHandler(new TestPwdCallback());
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setDecryptionCryptoProperties(cryptoProperties);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.ENCRYPT);
    properties.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
    properties.put(ConfigurationConstants.ENC_PROP_FILE, "outsecurity.properties");
    properties.put(ConfigurationConstants.USER, "myalias");
    properties.put(ConfigurationConstants.ENC_KEY_ID, "Thumbprint");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test)

Example 69 with WSSSecurityProperties

use of org.apache.wss4j.stax.ext.WSSSecurityProperties in project cxf by apache.

the class DOMToStaxRoundTripTest method testUsernameTokenDigest.

@Test
public void testUsernameTokenDigest() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
    inProperties.setCallbackHandler(new TestPwdCallback());
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.USERNAME_TOKEN);
    properties.put(ConfigurationConstants.PASSWORD_TYPE, WSS4JConstants.PW_DIGEST);
    properties.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
    properties.put(ConfigurationConstants.USER, "username");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
    // Negative test for wrong password type
    service.getInInterceptors().remove(inhandler);
    inProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT);
    inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    service.put(SecurityConstants.RETURN_SECURITY_ERROR, true);
    try {
        echo.echo("test");
        fail("Failure expected on the wrong password type");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
        // expected
        String error = "The security token could not be authenticated or authorized";
        assertTrue(ex.getMessage().contains(error));
    }
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test)

Example 70 with WSSSecurityProperties

use of org.apache.wss4j.stax.ext.WSSSecurityProperties in project cxf by apache.

the class DOMToStaxRoundTripTest method testSignature.

@Test
public void testSignature() throws Exception {
    // Create + configure service
    Service service = createService();
    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setCallbackHandler(new TestPwdCallback());
    Properties cryptoProperties = CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);
    // Create + configure client
    Echo echo = createClientProxy();
    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());
    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
    properties.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
    properties.put(ConfigurationConstants.SIG_PROP_FILE, "outsecurity.properties");
    properties.put(ConfigurationConstants.USER, "myalias");
    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);
    assertEquals("test", echo.echo("test"));
}
Also used : WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) HashMap(java.util.HashMap) Service(org.apache.cxf.service.Service) Properties(java.util.Properties) WSSSecurityProperties(org.apache.wss4j.stax.ext.WSSSecurityProperties) LoggingOutInterceptor(org.apache.cxf.ext.logging.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.ext.logging.LoggingInInterceptor) Client(org.apache.cxf.endpoint.Client) Test(org.junit.Test)

Aggregations

WSSSecurityProperties (org.apache.wss4j.stax.ext.WSSSecurityProperties)107 Client (org.apache.cxf.endpoint.Client)90 LoggingInInterceptor (org.apache.cxf.ext.logging.LoggingInInterceptor)89 LoggingOutInterceptor (org.apache.cxf.ext.logging.LoggingOutInterceptor)89 Service (org.apache.cxf.service.Service)89 Test (org.junit.Test)89 WSSConstants (org.apache.wss4j.stax.ext.WSSConstants)68 Properties (java.util.Properties)67 ArrayList (java.util.ArrayList)63 HashMap (java.util.HashMap)59 QName (javax.xml.namespace.QName)27 SecurePart (org.apache.xml.security.stax.ext.SecurePart)19 AbstractSecurityTest (org.apache.cxf.ws.security.wss4j.AbstractSecurityTest)12 Echo (org.apache.cxf.ws.security.wss4j.Echo)12 IssuedToken (org.apache.wss4j.policy.model.IssuedToken)9 WSS4JStaxOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor)8 AbstractToken (org.apache.wss4j.policy.model.AbstractToken)8 WSS4JStaxInInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor)7 X509Token (org.apache.wss4j.policy.model.X509Token)7 WSS4JInInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial