use of org.example.contract.doubleit.DoubleItPortType in project cxf by apache.
the class SamlTokenTest method testSaml2Replay.
@org.junit.Test
public void testSaml2Replay() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = SamlTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2TransportPort");
DoubleItPortType saml2Port = service.getPort(portQName, DoubleItPortType.class);
String portNumber = PORT2;
if (STAX_PORT.equals(test.getPort())) {
portNumber = STAX_PORT2;
}
updateAddressPort(saml2Port, portNumber);
// Create a SAML Token with no "OneTimeUse" Condition
((BindingProvider) saml2Port).getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler());
Client cxfClient = ClientProxy.getClient(saml2Port);
SecurityHeaderCacheInterceptor cacheInterceptor = new SecurityHeaderCacheInterceptor();
cxfClient.getOutInterceptors().add(cacheInterceptor);
// Make two invocations...should succeed
saml2Port.doubleIt(25);
saml2Port.doubleIt(25);
// Now create a SAML Token with a "OneTimeUse" Condition
ConditionsBean conditions = new ConditionsBean();
conditions.setTokenPeriodMinutes(5);
conditions.setOneTimeUse(true);
SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
callbackHandler.setConditions(conditions);
((BindingProvider) saml2Port).getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER, callbackHandler);
cxfClient.getOutInterceptors().remove(cacheInterceptor);
cacheInterceptor = new SecurityHeaderCacheInterceptor();
cxfClient.getOutInterceptors().add(cacheInterceptor);
// Make two invocations...should fail on the second one
saml2Port.doubleIt(25);
try {
saml2Port.doubleIt(25);
fail("Failure expected on a replayed SAML Assertion");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
assertTrue(ex.getMessage().contains(WSSecurityException.UNIFIED_SECURITY_ERR));
}
((java.io.Closeable) saml2Port).close();
bus.shutdown(true);
}
use of org.example.contract.doubleit.DoubleItPortType in project cxf by apache.
the class SamlTokenTest method testAudienceRestriction.
@org.junit.Test
public void testAudienceRestriction() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = SamlTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2TransportPort2");
DoubleItPortType saml2Port = service.getPort(portQName, DoubleItPortType.class);
String portNumber = PORT2;
if (STAX_PORT.equals(test.getPort())) {
portNumber = STAX_PORT2;
}
updateAddressPort(saml2Port, portNumber);
// Create a SAML Token with an AudienceRestrictionCondition
ConditionsBean conditions = new ConditionsBean();
List<AudienceRestrictionBean> audienceRestrictions = new ArrayList<>();
AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
audienceRestriction.setAudienceURIs(Collections.singletonList("https://localhost:" + portNumber + "/DoubleItSaml2Transport2"));
audienceRestrictions.add(audienceRestriction);
conditions.setAudienceRestrictions(audienceRestrictions);
SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
callbackHandler.setConditions(conditions);
((BindingProvider) saml2Port).getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER, callbackHandler);
saml2Port.doubleIt(25);
try {
// Now use an "unknown" audience restriction
audienceRestriction = new AudienceRestrictionBean();
audienceRestriction.setAudienceURIs(Collections.singletonList("https://localhost:" + portNumber + "/DoubleItSaml2Transport2unknown"));
audienceRestrictions.clear();
audienceRestrictions.add(audienceRestriction);
conditions.setAudienceRestrictions(audienceRestrictions);
callbackHandler.setConditions(conditions);
saml2Port.doubleIt(25);
fail("Failure expected on unknown AudienceRestriction");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
// expected
}
}
use of org.example.contract.doubleit.DoubleItPortType in project cxf by apache.
the class SamlTokenTest method testSaml2OverSymmetricSignedElements.
@org.junit.Test
public void testSaml2OverSymmetricSignedElements() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = SamlTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2SymmetricSignedElementsPort");
DoubleItPortType saml2Port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, test.getPort());
if (test.isStreaming()) {
SecurityTestUtil.enableStreaming(saml2Port);
}
// This test only works for DOM
if (!test.isStreaming() && PORT.equals(test.getPort())) {
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler();
((BindingProvider) saml2Port).getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER, samlCallbackHandler);
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
}
((java.io.Closeable) saml2Port).close();
bus.shutdown(true);
}
use of org.example.contract.doubleit.DoubleItPortType in project cxf by apache.
the class SamlTokenTest method testSaml2OverSymmetric.
@org.junit.Test
public void testSaml2OverSymmetric() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = SamlTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2SymmetricPort");
DoubleItPortType saml2Port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, test.getPort());
if (test.isStreaming()) {
SecurityTestUtil.enableStreaming(saml2Port);
}
try {
saml2Port.doubleIt(25);
fail("Expected failure on an invocation with no SAML Assertion");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
assertTrue(ex.getMessage().contains("No SAML CallbackHandler available"));
}
((BindingProvider) saml2Port).getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler(false));
try {
saml2Port.doubleIt(25);
fail("Expected failure on an invocation with a SAML1 Assertion");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
assertTrue(ex.getMessage().contains("Wrong SAML Version") || ex.getMessage().contains("enforces SamlVersion20Profile11 but we got 1.1"));
}
SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler();
samlCallbackHandler.setSignAssertion(true);
((BindingProvider) saml2Port).getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER, samlCallbackHandler);
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
((java.io.Closeable) saml2Port).close();
bus.shutdown(true);
}
use of org.example.contract.doubleit.DoubleItPortType in project cxf by apache.
the class SamlTokenTest method testSaml2OverAsymmetricSignedEncrypted.
@org.junit.Test
public void testSaml2OverAsymmetricSignedEncrypted() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = SamlTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
BusFactory.setThreadDefaultBus(bus);
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2AsymmetricSignedEncryptedPort");
DoubleItPortType saml2Port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, test.getPort());
if (test.isStreaming()) {
SecurityTestUtil.enableStreaming(saml2Port);
}
((BindingProvider) saml2Port).getRequestContext().put(SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler());
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
((java.io.Closeable) saml2Port).close();
bus.shutdown(true);
}
Aggregations