You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/10/14 18:06:13 UTC
svn commit: r1531958 - in /cxf/trunk:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/
services/sts/systests/basic/src/test/java/org/apache/cx...
Author: coheigea
Date: Mon Oct 14 16:06:12 2013
New Revision: 1531958
URL: http://svn.apache.org/r1531958
Log:
More work on streaming STS test-cases
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/StaxAsymmetricBindingTest.java
cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java Mon Oct 14 16:06:12 2013
@@ -21,6 +21,7 @@ package org.apache.cxf.ws.security.wss4j
import java.io.IOException;
import java.security.Key;
+import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
@@ -32,6 +33,7 @@ import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
+import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
@@ -62,6 +64,7 @@ import org.apache.wss4j.common.saml.bean
import org.apache.wss4j.common.saml.bean.SubjectBean;
import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.policy.SP11Constants;
import org.apache.wss4j.policy.SP12Constants;
import org.apache.wss4j.policy.SPConstants;
@@ -95,11 +98,16 @@ import org.apache.wss4j.policy.model.XPa
import org.apache.wss4j.policy.stax.PolicyUtils;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.impl.securityToken.KerberosClientSecurityToken;
+import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
+import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.SecurePart;
import org.apache.xml.security.stax.ext.SecurePart.Modifier;
+import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
import org.apache.xml.security.stax.securityToken.OutboundSecurityToken;
+import org.apache.xml.security.stax.securityToken.SecurityTokenConstants;
import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;
+import org.apache.xml.security.utils.Base64;
import org.opensaml.common.SAMLVersion;
/**
@@ -413,6 +421,73 @@ public abstract class AbstractStaxBindin
return null;
}
+ protected void storeSecurityToken(SecurityToken tok) {
+ SecurityTokenConstants.TokenType tokenType = WSSecurityTokenConstants.EncryptedKeyToken;
+ if (tok.getTokenType() != null) {
+ if (tok.getTokenType().startsWith(WSSConstants.NS_KERBEROS11_TOKEN_PROFILE)) {
+ tokenType = WSSecurityTokenConstants.KerberosToken;
+ } else if (tok.getTokenType().startsWith(WSSConstants.NS_SAML10_TOKEN_PROFILE)
+ || tok.getTokenType().startsWith(WSSConstants.NS_SAML11_TOKEN_PROFILE)) {
+ tokenType = WSSecurityTokenConstants.Saml11Token;
+ } else if (tok.getTokenType().startsWith(WSSConstants.NS_WSC_05_02)
+ || tok.getTokenType().startsWith(WSSConstants.NS_WSC_05_12)) {
+ tokenType = WSSecurityTokenConstants.SecureConversationToken;
+ }
+ }
+
+ final Key key = tok.getKey();
+ final byte[] secret = tok.getSecret();
+ final X509Certificate[] certs = new X509Certificate[1];
+ if (tok.getX509Certificate() != null) {
+ certs[0] = tok.getX509Certificate();
+ }
+
+ final GenericOutboundSecurityToken encryptedKeySecurityToken =
+ new GenericOutboundSecurityToken(tok.getId(), tokenType, key, certs) {
+
+ @Override
+ public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
+ if (secret != null && algorithmURI != null && !"".equals(algorithmURI)) {
+ return KeyUtils.prepareSecretKey(algorithmURI, secret);
+ }
+ if (key != null) {
+ return key;
+ }
+ if (secret != null) {
+ String jceAlg = JCEMapper.getJCEKeyAlgorithmFromURI(algorithmURI);
+ if (jceAlg == null || "".equals(jceAlg)) {
+ jceAlg = "HmacSHA1";
+ }
+ return new SecretKeySpec(secret, jceAlg);
+ }
+
+ return super.getSecretKey(algorithmURI);
+ }
+ };
+
+ final SecurityTokenProvider<OutboundSecurityToken> encryptedKeySecurityTokenProvider =
+ new SecurityTokenProvider<OutboundSecurityToken>() {
+
+ @Override
+ public OutboundSecurityToken getSecurityToken() throws XMLSecurityException {
+ return encryptedKeySecurityToken;
+ }
+
+ @Override
+ public String getId() {
+ return encryptedKeySecurityToken.getId();
+ }
+
+ };
+ encryptedKeySecurityToken.setSha1Identifier(tok.getSHA1());
+ outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION,
+ encryptedKeySecurityTokenProvider);
+ outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
+ encryptedKeySecurityTokenProvider);
+ outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN,
+ encryptedKeySecurityTokenProvider);
+ }
+
protected void policyNotAsserted(Assertion assertion, String reason) {
if (assertion == null) {
return;
@@ -1097,4 +1172,45 @@ public abstract class AbstractStaxBindin
return encryptedParts;
}
+ protected static class TokenStoreCallbackHandler implements CallbackHandler {
+ private CallbackHandler internal;
+ private TokenStore store;
+ public TokenStoreCallbackHandler(CallbackHandler in, TokenStore st) {
+ internal = in;
+ store = st;
+ }
+
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
+
+ String id = pc.getIdentifier();
+ SecurityToken token = store.getToken(id);
+ if (token != null) {
+ if (token.getSHA1() == null && pc.getKey() != null) {
+ token.setSHA1(getSHA1(pc.getKey()));
+ // Create another cache entry with the SHA1 Identifier as the key
+ // for easy retrieval
+ store.add(token.getSHA1(), token);
+ }
+ pc.setKey(token.getSecret());
+ pc.setCustomToken(token.getToken());
+ return;
+ }
+ }
+ if (internal != null) {
+ internal.handle(callbacks);
+ }
+ }
+ }
+
+ private static String getSHA1(byte[] input) {
+ try {
+ byte[] digestBytes = WSSecurityUtil.generateDigest(input);
+ return Base64.encode(digestBytes);
+ } catch (WSSecurityException e) {
+ //REVISIT
+ }
+ return null;
+ }
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java Mon Oct 14 16:06:12 2013
@@ -25,6 +25,7 @@ import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
+import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPException;
@@ -44,6 +45,9 @@ import org.apache.wss4j.policy.model.Abs
import org.apache.wss4j.policy.model.AlgorithmSuite;
import org.apache.wss4j.policy.model.AsymmetricBinding;
import org.apache.wss4j.policy.model.IssuedToken;
+import org.apache.wss4j.policy.model.SecureConversationToken;
+import org.apache.wss4j.policy.model.SecurityContextToken;
+import org.apache.wss4j.policy.model.SpnegoContextToken;
import org.apache.wss4j.policy.model.X509Token;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.xml.security.stax.ext.SecurePart;
@@ -102,6 +106,18 @@ public class StaxAsymmetricBindingHandle
if (initiatorToken instanceof IssuedToken) {
SecurityToken sigTok = getSecurityToken();
addIssuedToken((IssuedToken)initiatorToken, sigTok, false, true);
+ if (sigTok != null) {
+ storeSecurityToken(sigTok);
+ outboundTokens.remove(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
+ }
+
+ // Set up CallbackHandler which wraps the configured Handler
+ Map<String, Object> config = getProperties();
+ TokenStoreCallbackHandler callbackHandler =
+ new TokenStoreCallbackHandler(
+ (CallbackHandler)config.get(ConfigurationConstants.PW_CALLBACK_REF), getTokenStore()
+ );
+ config.put(ConfigurationConstants.PW_CALLBACK_REF, callbackHandler);
}
}
@@ -206,6 +222,18 @@ public class StaxAsymmetricBindingHandle
if (initiatorToken instanceof IssuedToken) {
SecurityToken sigTok = getSecurityToken();
addIssuedToken((IssuedToken)initiatorToken, sigTok, false, true);
+ if (sigTok != null) {
+ storeSecurityToken(sigTok);
+ outboundTokens.remove(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION);
+ }
+
+ // Set up CallbackHandler which wraps the configured Handler
+ Map<String, Object> config = getProperties();
+ TokenStoreCallbackHandler callbackHandler =
+ new TokenStoreCallbackHandler(
+ (CallbackHandler)config.get(ConfigurationConstants.PW_CALLBACK_REF), getTokenStore()
+ );
+ config.put(ConfigurationConstants.PW_CALLBACK_REF, callbackHandler);
}
}
@@ -377,16 +405,19 @@ public class StaxAsymmetricBindingHandle
}
AbstractToken sigToken = wrapper.getToken();
+ configureSignature(wrapper, sigToken, false);
+
if (abinding.isProtectTokens() && (sigToken instanceof X509Token)
&& sigToken.getIncludeTokenType() != IncludeTokenType.INCLUDE_TOKEN_NEVER) {
parts += "{Element}{" + WSSConstants.NS_WSSE10 + "}BinarySecurityToken;";
+ } else if (sigToken instanceof IssuedToken || sigToken instanceof SecurityContextToken
+ || sigToken instanceof SecureConversationToken || sigToken instanceof SpnegoContextToken) {
+ config.put(ConfigurationConstants.INCLUDE_SIGNATURE_TOKEN, "false");
}
config.put(ConfigurationConstants.SIGNATURE_PARTS, parts);
config.put(ConfigurationConstants.OPTIONAL_SIGNATURE_PARTS, optionalParts);
- configureSignature(wrapper, sigToken, false);
-
if (sigToken.getDerivedKeys() == DerivedKeys.RequireDerivedKeys) {
config.put(ConfigurationConstants.SIG_ALGO,
abinding.getAlgorithmSuite().getSymmetricSignature());
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java Mon Oct 14 16:06:12 2013
@@ -19,8 +19,6 @@
package org.apache.cxf.ws.security.wss4j.policyhandlers;
-import java.io.IOException;
-import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Date;
@@ -29,10 +27,7 @@ import java.util.Map;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPException;
@@ -43,14 +38,10 @@ import org.apache.cxf.message.MessageUti
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
-import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.wss4j.common.ConfigurationConstants;
-import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.util.KeyUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSSConfig;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.wss4j.policy.SPConstants;
import org.apache.wss4j.policy.model.AbstractSymmetricAsymmetricBinding;
import org.apache.wss4j.policy.model.AbstractToken;
@@ -68,19 +59,15 @@ import org.apache.wss4j.policy.model.Use
import org.apache.wss4j.policy.model.X509Token;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
-import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.stax.ext.SecurePart;
import org.apache.xml.security.stax.ext.SecurePart.Modifier;
-import org.apache.xml.security.stax.impl.securityToken.GenericOutboundSecurityToken;
import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.apache.xml.security.stax.securityEvent.AbstractSecuredElementSecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityToken.OutboundSecurityToken;
-import org.apache.xml.security.stax.securityToken.SecurityTokenConstants.TokenType;
import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;
-import org.apache.xml.security.utils.Base64;
/**
*
@@ -623,16 +610,6 @@ public class StaxSymmetricBindingHandler
return null;
}
- private String getSHA1(byte[] input) {
- try {
- byte[] digestBytes = WSSecurityUtil.generateDigest(input);
- return Base64.encode(digestBytes);
- } catch (WSSecurityException e) {
- //REVISIT
- }
- return null;
- }
-
private KeyGenerator getKeyGenerator(String symEncAlgo) throws WSSecurityException {
try {
//
@@ -662,98 +639,4 @@ public class StaxSymmetricBindingHandler
}
}
- private void storeSecurityToken(SecurityToken tok) {
- TokenType tokenType = WSSecurityTokenConstants.EncryptedKeyToken;
- if (tok.getTokenType() != null) {
- if (tok.getTokenType().startsWith(WSSConstants.NS_KERBEROS11_TOKEN_PROFILE)) {
- tokenType = WSSecurityTokenConstants.KerberosToken;
- } else if (tok.getTokenType().startsWith(WSSConstants.NS_SAML10_TOKEN_PROFILE)
- || tok.getTokenType().startsWith(WSSConstants.NS_SAML11_TOKEN_PROFILE)) {
- tokenType = WSSecurityTokenConstants.Saml11Token;
- } else if (tok.getTokenType().startsWith(WSSConstants.NS_WSC_05_02)
- || tok.getTokenType().startsWith(WSSConstants.NS_WSC_05_12)) {
- tokenType = WSSecurityTokenConstants.SecureConversationToken;
- }
- }
-
- final Key key = tok.getKey();
- final byte[] secret = tok.getSecret();
- final GenericOutboundSecurityToken encryptedKeySecurityToken =
- new GenericOutboundSecurityToken(tok.getId(), tokenType, key) {
-
- @Override
- public Key getSecretKey(String algorithmURI) throws XMLSecurityException {
- if (secret != null && algorithmURI != null && !"".equals(algorithmURI)) {
- return KeyUtils.prepareSecretKey(algorithmURI, secret);
- }
- if (key != null) {
- return key;
- }
- if (secret != null) {
- String jceAlg = JCEMapper.getJCEKeyAlgorithmFromURI(algorithmURI);
- if (jceAlg == null || "".equals(jceAlg)) {
- jceAlg = "HmacSHA1";
- }
- return new SecretKeySpec(secret, jceAlg);
- }
-
- return super.getSecretKey(algorithmURI);
- }
- };
-
- final SecurityTokenProvider<OutboundSecurityToken> encryptedKeySecurityTokenProvider =
- new SecurityTokenProvider<OutboundSecurityToken>() {
-
- @Override
- public OutboundSecurityToken getSecurityToken() throws XMLSecurityException {
- return encryptedKeySecurityToken;
- }
-
- @Override
- public String getId() {
- return encryptedKeySecurityToken.getId();
- }
-
- };
- encryptedKeySecurityToken.setSha1Identifier(tok.getSHA1());
- outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTION,
- encryptedKeySecurityTokenProvider);
- outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
- encryptedKeySecurityTokenProvider);
- outboundTokens.put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_CUSTOM_TOKEN,
- encryptedKeySecurityTokenProvider);
- }
-
- private class TokenStoreCallbackHandler implements CallbackHandler {
- private CallbackHandler internal;
- private TokenStore store;
- public TokenStoreCallbackHandler(CallbackHandler in, TokenStore st) {
- internal = in;
- store = st;
- }
-
- public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
- for (int i = 0; i < callbacks.length; i++) {
- WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
-
- String id = pc.getIdentifier();
- SecurityToken token = store.getToken(id);
- if (token != null) {
- if (token.getSHA1() == null && pc.getKey() != null) {
- token.setSHA1(getSHA1(pc.getKey()));
- // Create another cache entry with the SHA1 Identifier as the key
- // for easy retrieval
- store.add(token.getSHA1(), token);
- }
- pc.setKey(token.getSecret());
- pc.setCustomToken(token.getToken());
- return;
- }
- }
- if (internal != null) {
- internal.handle(callbacks);
- }
- }
-
- }
}
Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java Mon Oct 14 16:06:12 2013
@@ -191,10 +191,25 @@ public class AsymmetricBindingTest exten
doubleIt(asymmetricSaml1EncryptedPort, 40);
+ // TODO Streaming - The encrypted issued token is placed under the Signature
+ // and hence an error is thrown on the receiving side
+ asymmetricSaml1EncryptedPort = service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(asymmetricSaml1EncryptedPort, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)asymmetricSaml1EncryptedPort, STSPORT2);
+ }
+ bindingProvider = (BindingProvider)asymmetricSaml1EncryptedPort;
+ stsClient =
+ (STSClient)bindingProvider.getRequestContext().get(SecurityConstants.STS_CLIENT);
+ stsClient.setUseKeyCertificate(certs[0]);
+
+ SecurityTestUtil.enableStreaming(asymmetricSaml1EncryptedPort);
+ // doubleIt(asymmetricSaml1EncryptedPort, 25);
+
((java.io.Closeable)asymmetricSaml1EncryptedPort).close();
bus.shutdown(true);
}
-
+
private static void doubleIt(DoubleItPortType port, int numToDouble) {
int resp = port.doubleIt(numToDouble);
assertEquals(numToDouble * 2 , resp);
Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/StaxAsymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/StaxAsymmetricBindingTest.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/StaxAsymmetricBindingTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/StaxAsymmetricBindingTest.java Mon Oct 14 16:06:12 2013
@@ -193,6 +193,21 @@ public class StaxAsymmetricBindingTest e
doubleIt(asymmetricSaml1EncryptedPort, 40);
+ // TODO Streaming - The encrypted issued token is placed under the Signature
+ // and hence an error is thrown on the receiving side
+ asymmetricSaml1EncryptedPort = service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(asymmetricSaml1EncryptedPort, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)asymmetricSaml1EncryptedPort, STSPORT2);
+ }
+ bindingProvider = (BindingProvider)asymmetricSaml1EncryptedPort;
+ stsClient =
+ (STSClient)bindingProvider.getRequestContext().get(SecurityConstants.STS_CLIENT);
+ stsClient.setUseKeyCertificate(certs[0]);
+
+ SecurityTestUtil.enableStreaming(asymmetricSaml1EncryptedPort);
+ // doubleIt(asymmetricSaml1EncryptedPort, 25);
+
((java.io.Closeable)asymmetricSaml1EncryptedPort).close();
bus.shutdown(true);
}
Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java?rev=1531958&r1=1531957&r2=1531958&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java Mon Oct 14 16:06:12 2013
@@ -175,11 +175,12 @@ public class SymmetricBindingTest extend
// DOM
doubleIt(symmetricSaml1Port, 25);
- // TODO Streaming - Problem with including encrypted SAML Token in header
+ // TODO Streaming - The encrypted issued token is placed under the ReferenceList
+ // and hence an error is thrown on the receiving side
symmetricSaml1Port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(symmetricSaml1Port, PORT);
if (standalone) {
- TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT);
+ TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT2);
}
SecurityTestUtil.enableStreaming(symmetricSaml1Port);
// doubleIt(symmetricSaml1Port, 25);
@@ -208,8 +209,18 @@ public class SymmetricBindingTest extend
TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT2);
}
+ // DOM
doubleIt(symmetricSaml2Port, 30);
+ // Streaming
+ symmetricSaml2Port = service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(symmetricSaml2Port, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT2);
+ }
+ SecurityTestUtil.enableStreaming(symmetricSaml2Port);
+ doubleIt(symmetricSaml2Port, 25);
+
((java.io.Closeable)symmetricSaml2Port).close();
bus.shutdown(true);
}