You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/12/01 17:10:17 UTC
[3/6] cxf git commit: Added a new "kerberos" system module for
integration testing using the Apache DS KDC
http://git-wip-us.apache.org/repos/asf/cxf/blob/0d19ce6a/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/kerberos/stax-server.xml
----------------------------------------------------------------------
diff --git a/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/kerberos/stax-server.xml b/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/kerberos/stax-server.xml
new file mode 100644
index 0000000..80a5498
--- /dev/null
+++ b/systests/kerberos/src/test/resources/org/apache/cxf/systest/kerberos/wssec/kerberos/stax-server.xml
@@ -0,0 +1,166 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:interop="http://WSSec/wssec10" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration
/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <cxf:bus>
+ <cxf:features>
+ <p:policies/>
+ <cxf:logging/>
+ </cxf:features>
+ </cxf:bus>
+ <!-- -->
+ <!-- Any services listening on port 9009 must use the following -->
+ <!-- Transport Layer Security (TLS) settings -->
+ <!-- -->
+ <httpj:engine-factory id="tls-settings">
+ <httpj:engine port="${testutil.ports.StaxServer.2}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="jks" password="password" resource="Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="jks" password="password" resource="Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:cipherSuitesFilter>
+ <sec:include>.*_EXPORT_.*</sec:include>
+ <sec:include>.*_EXPORT1024_.*</sec:include>
+ <sec:include>.*_WITH_DES_.*</sec:include>
+ <sec:include>.*_WITH_AES_.*</sec:include>
+ </sec:cipherSuitesFilter>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverTransport" address="https://localhost:${testutil.ports.StaxServer.2}/DoubleItKerberosTransport" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosTransportPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl" depends-on="tls-settings">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverTransport2" address="https://localhost:${testutil.ports.StaxServer.2}/DoubleItKerberosTransport2" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosTransportPort2" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl" depends-on="tls-settings">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverSymmetric" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosSymmetric" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosSymmetricPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverSymmetricSupporting" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosSymmetricSupporting" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosSymmetricSupportingPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosSupporting" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosSupporting" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosSupportingPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KeystorePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverAsymmetric" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosAsymmetric" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosAsymmetricPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="bob"/>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.encryption.properties" value="alice.properties"/>
+ <entry key="ws-security.encryption.username" value="alice"/>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverTransportEndorsing" address="https://localhost:${testutil.ports.StaxServer.2}/DoubleItKerberosTransportEndorsing" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosTransportEndorsingPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl" depends-on="tls-settings">
+ <jaxws:properties>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverAsymmetricEndorsing" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosAsymmetricEndorsing" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosAsymmetricEndorsingPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="bob"/>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.encryption.properties" value="alice.properties"/>
+ <entry key="ws-security.encryption.username" value="alice"/>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverSymmetricProtection" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosSymmetricProtection" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosSymmetricProtectionPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverSymmetricDerivedProtection" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosSymmetricDerivedProtection" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosSymmetricDerivedProtectionPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverAsymmetricSignedEndorsing" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosAsymmetricSignedEndorsing" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosAsymmetricSignedEndorsingPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="bob"/>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.encryption.properties" value="alice.properties"/>
+ <entry key="ws-security.encryption.username" value="alice"/>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverAsymmetricSignedEncrypted" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosAsymmetricSignedEncrypted" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosAsymmetricSignedEncryptedPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="bob"/>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.encryption.properties" value="alice.properties"/>
+ <entry key="ws-security.encryption.username" value="alice"/>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverSymmetricEndorsingEncrypted" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosSymmetricEndorsingEncrypted" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosSymmetricEndorsingEncryptedPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="KerberosOverSymmetricSignedEndorsingEncrypted" address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosSymmetricSignedEndorsingEncrypted" serviceName="s:DoubleItService" endpointName="s:DoubleItKerberosSymmetricSignedEndorsingEncryptedPort" implementor="org.apache.cxf.systest.kerberos.common.DoubleItPortTypeImpl" wsdlLocation="org/apache/cxf/systest/kerberos/wssec/kerberos/DoubleItKerberos.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.kerberos.common.KerberosServicePasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/0d19ce6a/systests/pom.xml
----------------------------------------------------------------------
diff --git a/systests/pom.xml b/systests/pom.xml
index 47e8e07..3f4726e 100644
--- a/systests/pom.xml
+++ b/systests/pom.xml
@@ -42,6 +42,7 @@
<module>ws-rm</module>
<module>ws-security</module>
<module>ws-security-examples</module>
+ <module>kerberos</module>
<module>rs-security</module>
<module>wsdl_maven</module>
<module>cdi</module>
http://git-wip-us.apache.org/repos/asf/cxf/blob/0d19ce6a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosPasswordCallback.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosPasswordCallback.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosPasswordCallback.java
deleted file mode 100644
index 1d221c6..0000000
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosPasswordCallback.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.ws.kerberos;
-
-import java.io.IOException;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-import org.apache.wss4j.common.ext.WSPasswordCallback;
-import org.apache.wss4j.common.kerberos.KerberosContextAndServiceNameCallback;
-
-/**
- */
-
-public class KerberosPasswordCallback implements CallbackHandler {
-
- public KerberosPasswordCallback() {
- }
-
- /**
- * It attempts to get the password from the private
- * alias/passwords map.
- */
- public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
- for (int i = 0; i < callbacks.length; i++) {
- if (callbacks[i] instanceof WSPasswordCallback) {
- WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
- if ("alice".equals(pc.getIdentifier())) {
- pc.setPassword("password");
- } else if ("bob".equals(pc.getIdentifier())) {
- pc.setPassword("password");
- } else {
- pc.setPassword("abcd!1234");
- }
- } else if (callbacks[i] instanceof KerberosContextAndServiceNameCallback) {
- KerberosContextAndServiceNameCallback pc =
- (KerberosContextAndServiceNameCallback)callbacks[i];
- pc.setContextName("bob");
- pc.setServiceName("bob@service.ws.apache.org");
- }
- }
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0d19ce6a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosTokenTest.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosTokenTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosTokenTest.java
deleted file mode 100644
index 1d4c89e..0000000
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosTokenTest.java
+++ /dev/null
@@ -1,590 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.ws.kerberos;
-
-import java.net.URL;
-import java.util.Arrays;
-import java.util.Collection;
-
-import javax.xml.namespace.QName;
-import javax.xml.ws.Service;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.systest.ws.common.SecurityTestUtil;
-import org.apache.cxf.systest.ws.common.TestParam;
-import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-import org.example.contract.doubleit.DoubleItPortType;
-import org.junit.BeforeClass;
-import org.junit.runner.RunWith;
-import org.junit.runners.Parameterized.Parameters;
-
-/**
- * A set of tests for Kerberos Tokens. The tests are @Ignore'd, as they require a running KDC. To run the
- * tests, set up a KDC of realm "WS.APACHE.ORG", with principal "alice" and service principal
- * "bob/service.ws.apache.org". Create keytabs for both principals in "/etc/alice.keytab" and
- * "/etc/bob.keytab" (this can all be edited in src/test/resource/kerberos.jaas". Then disable the
- * @Ignore annotations and run the tests with:
- *
- * mvn test -Pnochecks -Dtest=KerberosTokenTest
- * -Djava.security.auth.login.config=src/test/resources/kerberos.jaas
- *
- * See here for more information:
- * http://coheigea.blogspot.com/2011/10/using-kerberos-with-web-services-part.html
- */
-@org.junit.Ignore
-@RunWith(value = org.junit.runners.Parameterized.class)
-public class KerberosTokenTest extends AbstractBusClientServerTestBase {
- static final String PORT = allocatePort(Server.class);
- static final String STAX_PORT = allocatePort(StaxServer.class);
- static final String PORT2 = allocatePort(Server.class, 2);
- static final String STAX_PORT2 = allocatePort(StaxServer.class, 2);
-
- private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
- private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
-
- private static boolean unrestrictedPoliciesInstalled =
- SecurityTestUtil.checkUnrestrictedPoliciesInstalled();
-
- final TestParam test;
-
- public KerberosTokenTest(TestParam type) {
- this.test = type;
- }
-
- @BeforeClass
- public static void startServers() throws Exception {
- assertTrue(
- "Server failed to launch",
- // run the server in the same process
- // set this to false to fork
- launchServer(Server.class, true)
- );
- assertTrue(
- "Server failed to launch",
- // run the server in the same process
- // set this to false to fork
- launchServer(StaxServer.class, true)
- );
- }
-
- @Parameters(name = "{0}")
- public static Collection<TestParam[]> data() {
-
- return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
- {new TestParam(PORT, true)},
- {new TestParam(STAX_PORT, false)},
- {new TestParam(STAX_PORT, true)},
- });
- }
-
- @org.junit.AfterClass
- public static void cleanup() throws Exception {
- SecurityTestUtil.cleanup();
- stopAllServers();
- }
-
- @org.junit.Test
- public void testKerberosOverTransport() throws Exception {
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosTransportPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
- String portNumber = PORT2;
- if (STAX_PORT.equals(test.getPort())) {
- portNumber = STAX_PORT2;
- }
- updateAddressPort(kerberosPort, portNumber);
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- kerberosPort.doubleIt(25);
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverTransportDifferentConfiguration() throws Exception {
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosTransportPort2");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
- String portNumber = PORT2;
- if (STAX_PORT.equals(test.getPort())) {
- portNumber = STAX_PORT2;
- }
- updateAddressPort(kerberosPort, portNumber);
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- kerberosPort.doubleIt(25);
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverSymmetric() throws Exception {
-
- if (!unrestrictedPoliciesInstalled) {
- return;
- }
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosSymmetricPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- kerberosPort.doubleIt(25);
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverSymmetricSupporting() throws Exception {
-
- if (!unrestrictedPoliciesInstalled) {
- return;
- }
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosSymmetricSupportingPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- kerberosPort.doubleIt(25);
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosSupporting() throws Exception {
-
- if (!unrestrictedPoliciesInstalled) {
- return;
- }
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosSupportingPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- kerberosPort.doubleIt(25);
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverAsymmetric() throws Exception {
-
- if (!unrestrictedPoliciesInstalled) {
- return;
- }
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosAsymmetricPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- kerberosPort.doubleIt(25);
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverTransportEndorsing() throws Exception {
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosTransportEndorsingPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
- String portNumber = PORT2;
- if (STAX_PORT.equals(test.getPort())) {
- portNumber = STAX_PORT2;
- }
- updateAddressPort(kerberosPort, portNumber);
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- kerberosPort.doubleIt(25);
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverAsymmetricEndorsing() throws Exception {
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosAsymmetricEndorsingPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- // TODO Streaming support
- if (!test.isStreaming()) {
- int result = kerberosPort.doubleIt(25);
- assertTrue(result == 50);
- }
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverSymmetricProtection() throws Exception {
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosSymmetricProtectionPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- kerberosPort.doubleIt(25);
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverSymmetricDerivedProtection() throws Exception {
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosSymmetricDerivedProtectionPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- // TODO Streaming support
- // TODO Kerberos derived regression on streaming inbound
- if (!STAX_PORT.equals(test.getPort()) && !test.isStreaming()) {
- kerberosPort.doubleIt(25);
- }
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverAsymmetricSignedEndorsing() throws Exception {
-
- if (!unrestrictedPoliciesInstalled) {
- return;
- }
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosAsymmetricSignedEndorsingPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- // TODO Streaming support
- if (!test.isStreaming()) {
- int result = kerberosPort.doubleIt(25);
- assertTrue(result == 50);
- }
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverAsymmetricSignedEncrypted() throws Exception {
-
- if (!unrestrictedPoliciesInstalled) {
- return;
- }
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosAsymmetricSignedEncryptedPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- kerberosPort.doubleIt(25);
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverSymmetricEndorsingEncrypted() throws Exception {
-
- if (!unrestrictedPoliciesInstalled) {
- return;
- }
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosSymmetricEndorsingEncryptedPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- // TODO Streaming
- if (!test.isStreaming()) {
- kerberosPort.doubleIt(25);
- }
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
- @org.junit.Test
- public void testKerberosOverSymmetricSignedEndorsingEncrypted() throws Exception {
-
- if (!unrestrictedPoliciesInstalled) {
- return;
- }
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosSymmetricSignedEndorsingEncryptedPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- // TODO Streaming
- if (!test.isStreaming()) {
- kerberosPort.doubleIt(25);
- }
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-
-
- @org.junit.Test
- public void testKerberosOverSymmetricSecureConversation() throws Exception {
-
- if (!unrestrictedPoliciesInstalled) {
- return;
- }
-
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = KerberosTokenTest.class.getResource("client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItKerberosSymmetricSecureConversationPort");
- DoubleItPortType kerberosPort =
- service.getPort(portQName, DoubleItPortType.class);
-
- updateAddressPort(kerberosPort, test.getPort());
-
- if (test.isStreaming()) {
- SecurityTestUtil.enableStreaming(kerberosPort);
- }
-
- // TODO Streaming
- if (!test.isStreaming() && !STAX_PORT.equals(test.getPort())) {
- kerberosPort.doubleIt(25);
- }
-
- ((java.io.Closeable)kerberosPort).close();
- bus.shutdown(true);
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0d19ce6a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/Server.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/Server.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/Server.java
deleted file mode 100644
index 8fe9762..0000000
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/Server.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.ws.kerberos;
-
-import java.net.URL;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-
-public class Server extends AbstractBusTestServerBase {
-
- public Server() {
-
- }
-
- protected void run() {
- URL busFile = Server.class.getResource("server.xml");
- Bus busLocal = new SpringBusFactory().createBus(busFile);
- BusFactory.setDefaultBus(busLocal);
- setBus(busLocal);
-
- try {
- new Server();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0d19ce6a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/StaxServer.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/StaxServer.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/StaxServer.java
deleted file mode 100644
index 12ef18b..0000000
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/StaxServer.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.ws.kerberos;
-
-import java.net.URL;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-
-public class StaxServer extends AbstractBusTestServerBase {
-
- public StaxServer() {
-
- }
-
- protected void run() {
- URL busFile = StaxServer.class.getResource("stax-server.xml");
- Bus busLocal = new SpringBusFactory().createBus(busFile);
- BusFactory.setDefaultBus(busLocal);
- setBus(busLocal);
-
- try {
- new StaxServer();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-}