Example 1 with ResolverDirectHTTP
use of org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP in project santuario-java by apache.
the class ResolverDirectHTTPTest method testServerAuth.
@Test
@Ignore
public void testServerAuth() throws Exception {
Document doc = XMLUtils.createDocumentBuilder(false).newDocument();
Attr uri = doc.createAttribute("URI");
uri.setNodeValue(url);
ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
resolverDirectHTTP.engineSetProperty("http.basic.username", serverUsername);
resolverDirectHTTP.engineSetProperty("http.basic.password", serverPassword);
ResourceResolverContext context = new ResourceResolverContext(uri, url, true);
resolverDirectHTTP.engineResolveURI(context);
}
Also used :
ResolverDirectHTTP(org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP)
ResourceResolverContext(org.apache.xml.security.utils.resolver.ResourceResolverContext)
Document(org.w3c.dom.Document)
Attr(org.w3c.dom.Attr)
Ignore(org.junit.Ignore)
Test(org.junit.Test)
Example 2 with ResolverDirectHTTP
use of org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP in project santuario-java by apache.
the class ResolverDirectHTTPTest method testProxyAuth.
@Test
@Ignore
public void testProxyAuth() throws Exception {
Document doc = XMLUtils.createDocumentBuilder(false).newDocument();
Attr uri = doc.createAttribute("URI");
uri.setNodeValue(url);
ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
resolverDirectHTTP.engineSetProperty("http.proxy.host", proxyHost);
resolverDirectHTTP.engineSetProperty("http.proxy.port", proxyPort);
resolverDirectHTTP.engineSetProperty("http.proxy.username", proxyUsername);
resolverDirectHTTP.engineSetProperty("http.proxy.password", proxyPassword);
ResourceResolverContext context = new ResourceResolverContext(uri, url, true);
resolverDirectHTTP.engineResolveURI(context);
}
Also used :
ResolverDirectHTTP(org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP)
ResourceResolverContext(org.apache.xml.security.utils.resolver.ResourceResolverContext)
Document(org.w3c.dom.Document)
Attr(org.w3c.dom.Attr)
Ignore(org.junit.Ignore)
Test(org.junit.Test)
Example 3 with ResolverDirectHTTP
use of org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP in project santuario-java by apache.
the class ResolverDirectHTTPTest method testProxyAndServerAuth.
@Test
@Ignore
public void testProxyAndServerAuth() throws Exception {
Document doc = XMLUtils.createDocumentBuilder(false).newDocument();
Attr uri = doc.createAttribute("URI");
uri.setNodeValue(url);
ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
resolverDirectHTTP.engineSetProperty("http.proxy.host", proxyHost);
resolverDirectHTTP.engineSetProperty("http.proxy.port", proxyPort);
resolverDirectHTTP.engineSetProperty("http.proxy.username", proxyUsername);
resolverDirectHTTP.engineSetProperty("http.proxy.password", proxyPassword);
resolverDirectHTTP.engineSetProperty("http.basic.username", serverUsername);
resolverDirectHTTP.engineSetProperty("http.basic.password", serverPassword);
ResourceResolverContext context = new ResourceResolverContext(uri, url, true);
resolverDirectHTTP.engineResolveURI(context);
}
Also used :
ResolverDirectHTTP(org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP)
ResourceResolverContext(org.apache.xml.security.utils.resolver.ResourceResolverContext)
Document(org.w3c.dom.Document)
Attr(org.w3c.dom.Attr)
Ignore(org.junit.Ignore)
Test(org.junit.Test)
Example 4 with ResolverDirectHTTP
use of org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP in project santuario-java by apache.
the class BaltimoreTest method test_signature_keyname.
// See SANTUARIO-319
@Test
public void test_signature_keyname() throws Exception {
Proxy proxy = HttpRequestRedirectorProxy.startHttpEngine();
try {
ResolverHttp.setProxy(proxy);
ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
resolverDirectHTTP.engineSetProperty("http.proxy.host", ((InetSocketAddress) proxy.address()).getAddress().getHostAddress());
resolverDirectHTTP.engineSetProperty("http.proxy.port", "" + ((InetSocketAddress) proxy.address()).getPort());
TestUtils.switchAllowNotSameDocumentReferences(true);
// Read in plaintext document
InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/signature-keyname.xml");
DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
Document document = builder.parse(sourceDocument);
// Set up the Key
CertificateFactory cf = CertificateFactory.getInstance("X509");
InputStream sourceCert = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/certs/lugh.crt");
Certificate cert = cf.generateCertificate(sourceCert);
// XMLUtils.outputDOM(document, System.out);
// Convert Document to a Stream Reader
javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
transformer.transform(new DOMSource(document), new StreamResult(baos));
XMLStreamReader xmlStreamReader = null;
try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
}
// Verify signature
XMLSecurityProperties properties = new XMLSecurityProperties();
properties.setSignatureVerificationKey(cert.getPublicKey());
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
// Check the SecurityEvents
checkSignatureToken(securityEventListener, cert.getPublicKey(), SecurityTokenConstants.KeyIdentifier_KeyName);
} finally {
TestUtils.switchAllowNotSameDocumentReferences(false);
HttpRequestRedirectorProxy.stopHttpEngine();
}
}
Also used :
DOMSource(javax.xml.transform.dom.DOMSource)
XMLStreamReader(javax.xml.stream.XMLStreamReader)
StreamResult(javax.xml.transform.stream.StreamResult)
InetSocketAddress(java.net.InetSocketAddress)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
ResolverDirectHTTP(org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec)
Document(org.w3c.dom.Document)
CertificateFactory(java.security.cert.CertificateFactory)
Proxy(java.net.Proxy)
HttpRequestRedirectorProxy(org.apache.xml.security.test.stax.utils.HttpRequestRedirectorProxy)
DocumentBuilder(javax.xml.parsers.DocumentBuilder)
ByteArrayInputStream(java.io.ByteArrayInputStream)
XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties)
Certificate(java.security.cert.Certificate)
Test(org.junit.Test)
Example 5 with ResolverDirectHTTP
use of org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP in project santuario-java by apache.
the class BaltimoreTest method test_signature_x509_ski.
// See SANTUARIO-319
@Test
public void test_signature_x509_ski() throws Exception {
Proxy proxy = HttpRequestRedirectorProxy.startHttpEngine();
try {
ResolverHttp.setProxy(proxy);
ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
resolverDirectHTTP.engineSetProperty("http.proxy.host", ((InetSocketAddress) proxy.address()).getAddress().getHostAddress());
resolverDirectHTTP.engineSetProperty("http.proxy.port", "" + ((InetSocketAddress) proxy.address()).getPort());
TestUtils.switchAllowNotSameDocumentReferences(true);
// Read in plaintext document
InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/signature-x509-ski.xml");
DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
Document document = builder.parse(sourceDocument);
// XMLUtils.outputDOM(document, System.out);
// Set up the Key
CertificateFactory cf = CertificateFactory.getInstance("X509");
InputStream sourceCert = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/certs/nemain.crt");
Certificate cert = cf.generateCertificate(sourceCert);
// Convert Document to a Stream Reader
javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
transformer.transform(new DOMSource(document), new StreamResult(baos));
XMLStreamReader xmlStreamReader = null;
try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
}
// Verify signature
XMLSecurityProperties properties = new XMLSecurityProperties();
properties.setSignatureVerificationKey(cert.getPublicKey());
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
} finally {
TestUtils.switchAllowNotSameDocumentReferences(false);
HttpRequestRedirectorProxy.stopHttpEngine();
}
}
Also used :
DOMSource(javax.xml.transform.dom.DOMSource)
XMLStreamReader(javax.xml.stream.XMLStreamReader)
StreamResult(javax.xml.transform.stream.StreamResult)
InetSocketAddress(java.net.InetSocketAddress)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
ResolverDirectHTTP(org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec)
Document(org.w3c.dom.Document)
CertificateFactory(java.security.cert.CertificateFactory)
Proxy(java.net.Proxy)
HttpRequestRedirectorProxy(org.apache.xml.security.test.stax.utils.HttpRequestRedirectorProxy)
DocumentBuilder(javax.xml.parsers.DocumentBuilder)
ByteArrayInputStream(java.io.ByteArrayInputStream)
XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties)
Certificate(java.security.cert.Certificate)
Test(org.junit.Test)
Aggregations
ResolverDirectHTTP (org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP)28
Test (org.junit.Test)28
Document (org.w3c.dom.Document)28
ByteArrayInputStream (java.io.ByteArrayInputStream)23
ByteArrayOutputStream (java.io.ByteArrayOutputStream)23
InputStream (java.io.InputStream)23
InetSocketAddress (java.net.InetSocketAddress)23
Proxy (java.net.Proxy)23
XMLStreamReader (javax.xml.stream.XMLStreamReader)23
XMLSecurityProperties (org.apache.xml.security.stax.ext.XMLSecurityProperties)23
HttpRequestRedirectorProxy (org.apache.xml.security.test.stax.utils.HttpRequestRedirectorProxy)23
DocumentBuilder (javax.xml.parsers.DocumentBuilder)22
DOMSource (javax.xml.transform.dom.DOMSource)22
StreamResult (javax.xml.transform.stream.StreamResult)22
InboundXMLSec (org.apache.xml.security.stax.ext.InboundXMLSec)22
Certificate (java.security.cert.Certificate)10
CertificateFactory (java.security.cert.CertificateFactory)10
Key (java.security.Key)6
SecretKey (javax.crypto.SecretKey)5
ResourceResolverContext (org.apache.xml.security.utils.resolver.ResourceResolverContext)5
