You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/01/15 15:59:34 UTC
svn commit: r1652125 - in
/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml:
SamlConditionsTest.java SamlTokenTest.java
Author: coheigea
Date: Thu Jan 15 14:59:34 2015
New Revision: 1652125
URL: http://svn.apache.org/r1652125
Log:
Some SAML test cleanup
Modified:
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlConditionsTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java
Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlConditionsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlConditionsTest.java?rev=1652125&r1=1652124&r2=1652125&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlConditionsTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlConditionsTest.java Thu Jan 15 14:59:34 2015
@@ -23,6 +23,8 @@ import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+import javax.security.auth.callback.CallbackHandler;
+
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
@@ -31,7 +33,6 @@ import org.apache.wss4j.common.saml.bean
import org.apache.wss4j.common.saml.bean.ConditionsBean;
import org.apache.wss4j.common.saml.bean.ProxyRestrictionBean;
import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.WSSecurityEngine;
import org.apache.wss4j.dom.WSSecurityEngineResult;
@@ -42,7 +43,6 @@ import org.apache.wss4j.dom.common.SOAPU
import org.apache.wss4j.dom.common.SecurityTestUtil;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSAMLToken;
-import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.joda.time.DateTime;
import org.w3c.dom.Document;
@@ -83,33 +83,7 @@ public class SamlConditionsTest extends
conditions.setNotAfter(notBefore.plusMinutes(20));
callbackHandler.setConditions(conditions);
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 1.1 Authn Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
-
- List<WSSecurityEngineResult> results = verify(unsignedDoc);
- WSSecurityEngineResult actionResult =
- WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
- SamlAssertionWrapper receivedSamlAssertion =
- (SamlAssertionWrapper) actionResult.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- assertTrue(receivedSamlAssertion != null);
- assertFalse(receivedSamlAssertion.isSigned());
- assertTrue(receivedSamlAssertion.getSignatureValue() == null);
+ createAndVerifyMessage(callbackHandler, true);
}
/**
@@ -128,31 +102,7 @@ public class SamlConditionsTest extends
conditions.setNotAfter(notBefore.minusMinutes(3));
callbackHandler.setConditions(conditions);
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 2 Authn Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
-
- try {
- verify(unsignedDoc);
- fail("Failure expected in processing the SAML Conditions element");
- } catch (WSSecurityException ex) {
- assertTrue(ex.getMessage().contains("SAML token security failure"));
- }
+ createAndVerifyMessage(callbackHandler, false);
}
@org.junit.Test
@@ -167,31 +117,7 @@ public class SamlConditionsTest extends
conditions.setNotBefore(notBefore.minusMinutes(70));
callbackHandler.setConditions(conditions);
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 2 Authn Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
-
- try {
- verify(unsignedDoc);
- fail("Failure expected in processing the SAML Conditions element");
- } catch (WSSecurityException ex) {
- assertTrue(ex.getMessage().contains("SAML token security failure"));
- }
+ createAndVerifyMessage(callbackHandler, false);
}
@org.junit.Test
@@ -206,31 +132,7 @@ public class SamlConditionsTest extends
conditions.setNotBefore(notBefore.plusMinutes(60));
callbackHandler.setConditions(conditions);
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 2 Authn Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
-
- try {
- verify(unsignedDoc);
- fail("Failure expected in processing the SAML Conditions element");
- } catch (WSSecurityException ex) {
- assertTrue(ex.getMessage().contains("SAML token security failure"));
- }
+ createAndVerifyMessage(callbackHandler, false);
}
@org.junit.Test
@@ -286,31 +188,7 @@ public class SamlConditionsTest extends
conditions.setNotAfter(notBefore.plusMinutes(5));
callbackHandler.setConditions(conditions);
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 2 Authn Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
-
- try {
- verify(unsignedDoc);
- fail("Failure expected in processing the SAML Conditions element");
- } catch (WSSecurityException ex) {
- assertTrue(ex.getMessage().contains("SAML token security failure"));
- }
+ createAndVerifyMessage(callbackHandler, false);
}
/**
@@ -329,26 +207,7 @@ public class SamlConditionsTest extends
conditions.setNotAfter(notBefore.plusMinutes(5));
callbackHandler.setConditions(conditions);
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 2 Authn Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
-
- verify(unsignedDoc);
+ createAndVerifyMessage(callbackHandler, true);
}
/**
@@ -525,6 +384,38 @@ public class SamlConditionsTest extends
verify(unsignedDoc);
}
+ private void createAndVerifyMessage(
+ CallbackHandler samlCallbackHandler, boolean success
+ ) throws Exception {
+ SAMLCallback samlCallback = new SAMLCallback();
+ SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
+ SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
+
+ WSSecSAMLToken wsSign = new WSSecSAMLToken();
+
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+
+ Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
+
+ if (LOG.isDebugEnabled()) {
+ String outputString =
+ XMLUtils.PrettyDocumentToString(unsignedDoc);
+ LOG.debug(outputString);
+ }
+
+ try {
+ verify(unsignedDoc);
+ if (!success) {
+ fail("Failure expected in processing the SAML assertion");
+ }
+ } catch (WSSecurityException ex) {
+ assertTrue(!success);
+ assertTrue(ex.getMessage().contains("SAML token security failure"));
+ }
+ }
+
/**
* Verifies the soap envelope
* <p/>
Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java?rev=1652125&r1=1652124&r2=1652125&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java Thu Jan 15 14:59:34 2015
@@ -29,6 +29,7 @@ import java.util.List;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
+import javax.security.auth.callback.CallbackHandler;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.wss4j.common.bsp.BSPRule;
@@ -110,26 +111,8 @@ public class SamlTokenTest extends org.j
callbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("www.example.com");
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 1.1 Authn Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
-
- List<WSSecurityEngineResult> results = verify(unsignedDoc);
+ List<WSSecurityEngineResult> results =
+ createAndVerifyMessage(callbackHandler, true);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
SamlAssertionWrapper receivedSamlAssertion =
@@ -149,26 +132,9 @@ public class SamlTokenTest extends org.j
SAMLElementCallbackHandler callbackHandler = new SAMLElementCallbackHandler();
callbackHandler.setIssuer("www.example.com");
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 1.1 Authn Assertion (sender vouches - from an Element):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
+ List<WSSecurityEngineResult> results =
+ createAndVerifyMessage(callbackHandler, true);
- List<WSSecurityEngineResult> results = verify(unsignedDoc);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
SamlAssertionWrapper receivedSamlAssertion =
@@ -187,26 +153,9 @@ public class SamlTokenTest extends org.j
callbackHandler.setStatement(SAML1CallbackHandler.Statement.ATTR);
callbackHandler.setIssuer("www.example.com");
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 1.1 Attr Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
+ List<WSSecurityEngineResult> results =
+ createAndVerifyMessage(callbackHandler, true);
- List<WSSecurityEngineResult> results = verify(unsignedDoc);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
SamlAssertionWrapper receivedSamlAssertion =
@@ -224,27 +173,10 @@ public class SamlTokenTest extends org.j
callbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHZ);
callbackHandler.setIssuer("www.example.com");
callbackHandler.setResource("http://resource.org");
-
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 1.1 Authz Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
+ List<WSSecurityEngineResult> results =
+ createAndVerifyMessage(callbackHandler, true);
- List<WSSecurityEngineResult> results = verify(unsignedDoc);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
SamlAssertionWrapper receivedSamlAssertion =
@@ -261,27 +193,10 @@ public class SamlTokenTest extends org.j
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("www.example.com");
-
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 2 Authn Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
+ List<WSSecurityEngineResult> results =
+ createAndVerifyMessage(callbackHandler, true);
- List<WSSecurityEngineResult> results = verify(unsignedDoc);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
SamlAssertionWrapper receivedSamlAssertion =
@@ -298,26 +213,10 @@ public class SamlTokenTest extends org.j
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setStatement(SAML2CallbackHandler.Statement.ATTR);
callbackHandler.setIssuer("www.example.com");
-
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 2 Attr Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
+ List<WSSecurityEngineResult> results =
+ createAndVerifyMessage(callbackHandler, true);
- List<WSSecurityEngineResult> results = verify(unsignedDoc);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
SamlAssertionWrapper receivedSamlAssertion =
@@ -336,26 +235,9 @@ public class SamlTokenTest extends org.j
callbackHandler.setIssuer("www.example.com");
callbackHandler.setResource("http://resource.org");
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 2 Authz Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
+ List<WSSecurityEngineResult> results =
+ createAndVerifyMessage(callbackHandler, true);
- List<WSSecurityEngineResult> results = verify(unsignedDoc);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
SamlAssertionWrapper receivedSamlAssertion =
@@ -414,31 +296,7 @@ public class SamlTokenTest extends org.j
callbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("www.example2.com");
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 1.1 Authn Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
-
- try {
- verify(unsignedDoc);
- fail("Failure expected on a bad issuer");
- } catch (WSSecurityException ex) {
- // expected
- }
+ createAndVerifyMessage(callbackHandler, false);
}
/**
@@ -452,31 +310,7 @@ public class SamlTokenTest extends org.j
callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("www.example2.com");
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("SAML 2 Authn Assertion (sender vouches):");
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
-
- try {
- verify(unsignedDoc);
- fail("Failure expected on a bad issuer");
- } catch (WSSecurityException ex) {
- // expected
- }
+ createAndVerifyMessage(callbackHandler, false);
}
/**
@@ -801,25 +635,9 @@ public class SamlTokenTest extends org.j
attributeValues.add(attributeValue);
callbackHandler.setCustomAttributeValues(attributeValues);
- SAMLCallback samlCallback = new SAMLCallback();
- SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
- SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-
- WSSecSAMLToken wsSign = new WSSecSAMLToken();
-
- Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
- WSSecHeader secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(doc);
-
- Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
-
- if (LOG.isDebugEnabled()) {
- String outputString =
- XMLUtils.PrettyDocumentToString(unsignedDoc);
- LOG.debug(outputString);
- }
+ List<WSSecurityEngineResult> results =
+ createAndVerifyMessage(callbackHandler, true);
- List<WSSecurityEngineResult> results = verify(unsignedDoc);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
SamlAssertionWrapper receivedSamlAssertion =
@@ -1267,6 +1085,40 @@ public class SamlTokenTest extends org.j
cipher.doFinal(document, elementToEncrypt, content);
}
+
+ private List<WSSecurityEngineResult> createAndVerifyMessage(
+ CallbackHandler samlCallbackHandler, boolean success
+ ) throws Exception {
+ SAMLCallback samlCallback = new SAMLCallback();
+ SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
+ SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
+
+ WSSecSAMLToken wsSign = new WSSecSAMLToken();
+
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+
+ Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
+
+ if (LOG.isDebugEnabled()) {
+ String outputString =
+ XMLUtils.PrettyDocumentToString(unsignedDoc);
+ LOG.debug(outputString);
+ }
+
+ try {
+ List<WSSecurityEngineResult> results = verify(unsignedDoc);
+ if (!success) {
+ fail("Failure expected in processing the SAML assertion");
+ }
+ return results;
+ } catch (WSSecurityException ex) {
+ assertTrue(!success);
+ assertTrue(ex.getMessage().contains("SAML token security failure"));
+ return null;
+ }
+ }
/**
* Verifies the soap envelope