You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by co...@apache.org on 2016/04/13 17:39:38 UTC

[1/2] cxf-fediz git commit: Added SSO test for IdP

Repository: cxf-fediz
Updated Branches:
  refs/heads/1.2.x-fixes 0821461a0 -> 7fb519c25


Added SSO test for IdP


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/9779277b
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/9779277b
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/9779277b

Branch: refs/heads/1.2.x-fixes
Commit: 9779277b57ee3469edbcc4b89f922cc43df69e1f
Parents: 0821461
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Wed Apr 13 15:09:33 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Wed Apr 13 16:39:12 2016 +0100

----------------------------------------------------------------------
 .../apache/cxf/fediz/systests/idp/IdpTest.java  | 67 ++++++++++++++++++++
 1 file changed, 67 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9779277b/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java
----------------------------------------------------------------------
diff --git a/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java b/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java
index ca69583..a6b1e4e 100644
--- a/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java
+++ b/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java
@@ -47,6 +47,7 @@ import org.apache.http.auth.UsernamePasswordCredentials;
 import org.apache.wss4j.dom.WSSConfig;
 import org.apache.xml.security.keys.KeyInfo;
 import org.apache.xml.security.signature.XMLSignature;
+import org.apache.xml.security.utils.Base64;
 import org.junit.AfterClass;
 import org.junit.Assert;
 import org.junit.BeforeClass;
@@ -189,6 +190,72 @@ public class IdpTest {
 
         Assert.assertNotNull(wresult);
     }
+    
+    @org.junit.Test
+    public void testSuccessfulSSOInvokeOnIdP() throws Exception {
+        String url = "https://localhost:" + getIdpHttpsPort() + "/fediz-idp/federation?";
+        url += "wa=wsignin1.0";
+        url += "&whr=urn:org:apache:cxf:fediz:idp:realm-A";
+        url += "&wtrealm=urn:org:apache:cxf:fediz:fedizhelloworld";
+        String wreply = "https://localhost:" + getRpHttpsPort() + "/" + getServletContextName() + "/secure/fedservlet";
+        url += "&wreply=" + wreply;
+
+        String user = "alice";
+        String password = "ecila";
+
+        final WebClient webClient = new WebClient();
+        webClient.getOptions().setUseInsecureSSL(true);
+        webClient.addRequestHeader("Authorization", "Basic " + Base64.encode((user + ":" + password).getBytes()));
+        
+        //
+        // First invocation
+        //
+
+        webClient.getOptions().setJavaScriptEnabled(false);
+        HtmlPage idpPage = webClient.getPage(url);
+        webClient.getOptions().setJavaScriptEnabled(true);
+        Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText());
+
+        // Parse the form to get the token (wresult)
+        DomNodeList<DomElement> results = idpPage.getElementsByTagName("input");
+
+        String wresult = null;
+        for (DomElement result : results) {
+            if ("wresult".equals(result.getAttributeNS(null, "name"))) {
+                wresult = result.getAttributeNS(null, "value");
+                break;
+            }
+        }
+
+        Assert.assertNotNull(wresult);
+        
+        //
+        // Second invocation - change the credentials to make sure the session is set up correctly
+        // 
+
+        webClient.removeRequestHeader("Authorization");
+        webClient.addRequestHeader("Authorization", "Basic " + Base64.encode(("mallory" + ":" + password).getBytes()));
+        
+        webClient.getOptions().setJavaScriptEnabled(false);
+        idpPage = webClient.getPage(url);
+        webClient.getOptions().setJavaScriptEnabled(true);
+        Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText());
+
+        // Parse the form to get the token (wresult)
+        results = idpPage.getElementsByTagName("input");
+
+        wresult = null;
+        for (DomElement result : results) {
+            if ("wresult".equals(result.getAttributeNS(null, "name"))) {
+                wresult = result.getAttributeNS(null, "value");
+                break;
+            }
+        }
+
+        Assert.assertNotNull(wresult);
+        
+        webClient.close();
+    }
 
     @Test
     public void testIdPMetadata() throws Exception {

[2/2] cxf-fediz git commit: [FEDIZ-164] - IdP default flow doesn't support multiple realms

Posted by co...@apache.org.

[FEDIZ-164] - IdP default flow doesn't support multiple realms


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/7fb519c2
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/7fb519c2
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/7fb519c2

Branch: refs/heads/1.2.x-fixes
Commit: 7fb519c251b47dbeb573952e2b687b19aa4efba6
Parents: 9779277
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Wed Apr 13 15:32:54 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Wed Apr 13 16:39:30 2016 +0100

----------------------------------------------------------------------
 .../idp/src/main/webapp/WEB-INF/federation-validate-request.xml    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/7fb519c2/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml b/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml
index ffded3a..62dd5b9 100644
--- a/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml
+++ b/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml
@@ -36,7 +36,7 @@
             <set name="flowScope.SAMLResponse" value="requestParameters.SAMLResponse" />
             <evaluate expression="requestScope.getString('wauth','default')"
                 result="flowScope.wauth" />
-            <set name="flowScope.idpConfig" value="config.getIDP(null)" />
+            <set name="flowScope.idpConfig" value="config.getIDP(fedizEntryPoint.getRealm())" />
         </on-entry>
         <if
             test="requestParameters.wa == 'wsignout1.0' or requestParameters.wa == 'wsignoutcleanup1.0'"