Search in sources :

Example 56 with DoubleItPortType

use of org.example.contract.doubleit.DoubleItPortType in project cxf by apache.

the class UsernameActAsCachingTest method testDifferentUsersCaching.

/**
 * Test caching the issued token when the STSClient is deployed in an intermediary
 */
@org.junit.Test
public void testDifferentUsersCaching() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = UsernameActAsCachingTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = UsernameActAsCachingTest.class.getResource("DoubleIt.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSAML2BearerPort3");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);
    TokenTestUtils.updateSTSPort((BindingProvider) port, STSPORT2);
    // Disable storing tokens per-proxy
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, "false");
    // Make a successful invocation
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port, 25);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "bob");
    doubleIt(port, 30);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "eve");
    try {
        doubleIt(port, 30);
        fail("Failure expected on a bad user");
    } catch (Exception ex) {
    // 
    }
    // Change the STSClient so that it can no longer find the STS
    BindingProvider p = (BindingProvider) port;
    clearSTSClient(p);
    // Make a successful invocation
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port, 25);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "bob");
    doubleIt(port, 30);
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "eve2");
    try {
        doubleIt(port, 30);
        fail("Failure expected on a bad user");
    } catch (Exception ex) {
    // 
    }
    // Reset the cache - this invocation should fail
    p.getRequestContext().put(TokenStore.class.getName(), new MemoryTokenStore());
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    try {
        doubleIt(port, 30);
        fail("Failure expected");
    } catch (Exception ex) {
    // 
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) BindingProvider(javax.xml.ws.BindingProvider) TokenStore(org.apache.cxf.ws.security.tokenstore.TokenStore) MemoryTokenStore(org.apache.cxf.ws.security.tokenstore.MemoryTokenStore) URL(java.net.URL) BusException(org.apache.cxf.BusException) EndpointException(org.apache.cxf.endpoint.EndpointException)

Example 57 with DoubleItPortType

use of org.example.contract.doubleit.DoubleItPortType in project cxf by apache.

the class UsernameActAsTest method testUsernameActAs.

@org.junit.Test
public void testUsernameActAs() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = UsernameActAsTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = UsernameActAsTest.class.getResource("DoubleIt.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSAML2BearerPort");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    ((BindingProvider) port).getRequestContext().put("thread.local.request.context", "true");
    updateAddressPort(port, test.getPort());
    TokenTestUtils.updateSTSPort((BindingProvider) port, test.getStsPort());
    if (test.isStreaming()) {
        SecurityTestUtil.enableStreaming(port);
    }
    // Transport port
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    doubleIt(port, 25);
    ((java.io.Closeable) port).close();
    DoubleItPortType port2 = service.getPort(portQName, DoubleItPortType.class);
    ((BindingProvider) port2).getRequestContext().put("thread.local.request.context", "true");
    updateAddressPort(port2, test.getPort());
    TokenTestUtils.updateSTSPort((BindingProvider) port2, test.getStsPort());
    if (test.isStreaming()) {
        SecurityTestUtil.enableStreaming(port2);
    }
    ((BindingProvider) port2).getRequestContext().put(SecurityConstants.USERNAME, "eve");
    // This time we expect a failure as the server validator doesn't accept "eve".
    try {
        doubleIt(port2, 30);
        fail("Failure expected on an unknown user");
    } catch (Exception ex) {
    // expected
    }
    ((java.io.Closeable) port2).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) URL(java.net.URL)

Example 58 with DoubleItPortType

use of org.example.contract.doubleit.DoubleItPortType in project cxf by apache.

the class UsernameOnBehalfOfCachingTest method testAppliesToCaching.

/**
 * Test caching the issued token when the STSClient is deployed in an intermediary
 */
@org.junit.Test
public void testAppliesToCaching() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = UsernameOnBehalfOfCachingTest.class.getResource("cxf-client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = UsernameOnBehalfOfCachingTest.class.getResource("DoubleIt.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort4");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);
    TokenTestUtils.updateSTSPort((BindingProvider) port, STSPORT2);
    // Disable storing tokens per-proxy
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, "false");
    // Make a successful invocation
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    BindingProvider p = (BindingProvider) port;
    p.getRequestContext().put(SecurityConstants.STS_APPLIES_TO, "http://localhost:" + PORT + "/doubleit/services/doubleitasymmetricnew");
    doubleIt(port, 25);
    // Make a successful invocation
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "bob");
    p.getRequestContext().put(SecurityConstants.STS_APPLIES_TO, "http://localhost:" + PORT + "/doubleit/services/doubleitasymmetricnew2");
    doubleIt(port, 25);
    // Change the STSClient so that it can no longer find the STS
    clearSTSClient(p);
    // Make a successful invocation - should work as token is cached
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    p.getRequestContext().put(SecurityConstants.STS_APPLIES_TO, "http://localhost:" + PORT + "/doubleit/services/doubleitasymmetricnew");
    doubleIt(port, 25);
    // Make a successful invocation - should work as token is cached
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "bob");
    p.getRequestContext().put(SecurityConstants.STS_APPLIES_TO, "http://localhost:" + PORT + "/doubleit/services/doubleitasymmetricnew2");
    doubleIt(port, 25);
    // Change appliesTo - should fail
    ((BindingProvider) port).getRequestContext().put(SecurityConstants.USERNAME, "alice");
    p.getRequestContext().put(SecurityConstants.STS_APPLIES_TO, "http://localhost:" + PORT + "/doubleit/services/doubleitasymmetricnew2");
    try {
        doubleIt(port, 30);
        fail("Failure expected");
    } catch (Exception ex) {
    // 
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) BindingProvider(javax.xml.ws.BindingProvider) URL(java.net.URL) BusException(org.apache.cxf.BusException) EndpointException(org.apache.cxf.endpoint.EndpointException)

Example 59 with DoubleItPortType

use of org.example.contract.doubleit.DoubleItPortType in project cxf by apache.

the class SpnegoTokenTest method runKerberosTest.

private void runKerberosTest(String portName, boolean streaming, String portNumber) throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = SpnegoTokenTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = SpnegoTokenTest.class.getResource("DoubleItSpnego.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, portName);
    DoubleItPortType kerberosPort = service.getPort(portQName, DoubleItPortType.class);
    TestUtil.updateAddressPort(kerberosPort, portNumber);
    if (streaming) {
        SecurityTestUtil.enableStreaming(kerberosPort);
    }
    Assert.assertEquals(50, kerberosPort.doubleIt(25));
    ((java.io.Closeable) kerberosPort).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) URL(java.net.URL)

Example 60 with DoubleItPortType

use of org.example.contract.doubleit.DoubleItPortType in project cxf by apache.

the class CryptoCoverageCheckerTest method testClientChecker2.

// Here the service is sending an secured message back to the client. For a server Fault
// message it should return a secured Fault message as well
@org.junit.Test
public void testClientChecker2() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = CryptoCoverageCheckerTest.class.getResource("client.xml");
    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);
    URL wsdl = CryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItClientCheckerPort2");
    DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, test.getPort());
    // This test only applies to the DOM implementation
    if (PORT.equals(test.getPort()) && !test.isStreaming()) {
        assertEquals(50, port.doubleIt(25));
        // Now try with a message that will create a Fault in the SEI
        try {
            port.doubleIt(0);
            fail("Failure expected on trying to double 0");
        } catch (Exception ex) {
            assertTrue(ex.getMessage().contains("0 can't be doubled"));
        }
    }
    ((java.io.Closeable) port).close();
    bus.shutdown(true);
}
Also used : Bus(org.apache.cxf.Bus) SpringBusFactory(org.apache.cxf.bus.spring.SpringBusFactory) QName(javax.xml.namespace.QName) Service(javax.xml.ws.Service) DoubleItPortType(org.example.contract.doubleit.DoubleItPortType) URL(java.net.URL)

Aggregations

URL (java.net.URL)360 QName (javax.xml.namespace.QName)360 Service (javax.xml.ws.Service)360 DoubleItPortType (org.example.contract.doubleit.DoubleItPortType)360 Bus (org.apache.cxf.Bus)354 SpringBusFactory (org.apache.cxf.bus.spring.SpringBusFactory)352 SamlCallbackHandler (org.apache.cxf.systest.ws.saml.client.SamlCallbackHandler)31 Client (org.apache.cxf.endpoint.Client)22 STSClient (org.apache.cxf.ws.security.trust.STSClient)21 HashMap (java.util.HashMap)20 BindingProvider (javax.xml.ws.BindingProvider)17 WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)15 WSS4JStaxOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor)13 KeystorePasswordCallback (org.apache.cxf.systest.ws.common.KeystorePasswordCallback)9 Test (org.junit.Test)9 SOAPFaultException (javax.xml.ws.soap.SOAPFaultException)8 BusException (org.apache.cxf.BusException)8 EndpointException (org.apache.cxf.endpoint.EndpointException)8 TokenStore (org.apache.cxf.ws.security.tokenstore.TokenStore)8 WebService (javax.jws.WebService)5