You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/07/10 16:00:14 UTC
svn commit: r1501771 - in /cxf/trunk/systests/ws-security/src/test:
java/org/apache/cxf/systest/ws/ut/ resources/org/apache/cxf/systest/ws/ut/
Author: coheigea
Date: Wed Jul 10 14:00:13 2013
New Revision: 1501771
URL: http://svn.apache.org/r1501771
Log:
Added + reenabled some streaming UsernameToken tests
Added:
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxPolicyServer.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenPolicyTest.java
- copied, changed from r1501756, cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/stax-policy-server.xml
Modified:
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
Added: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxPolicyServer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxPolicyServer.java?rev=1501771&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxPolicyServer.java (added)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxPolicyServer.java Wed Jul 10 14:00:13 2013
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.ws.ut;
+
+import java.net.URL;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+public class StaxPolicyServer extends AbstractBusTestServerBase {
+
+ public StaxPolicyServer() {
+
+ }
+
+ protected void run() {
+ URL busFile = StaxPolicyServer.class.getResource("stax-policy-server.xml");
+ Bus busLocal = new SpringBusFactory().createBus(busFile);
+ BusFactory.setDefaultBus(busLocal);
+ setBus(busLocal);
+
+ try {
+ new StaxPolicyServer();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+}
Copied: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenPolicyTest.java (from r1501756, cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenPolicyTest.java?p2=cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenPolicyTest.java&p1=cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java&r1=1501756&r2=1501771&rev=1501771&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenPolicyTest.java Wed Jul 10 14:00:13 2013
@@ -33,9 +33,10 @@ import org.junit.BeforeClass;
/**
* A set of (negative) tests for Username Tokens policies over the Transport Binding.
+ * It tests both DOM + StAX clients against the StAX server
*/
-public class UsernameTokenPolicyTest extends AbstractBusClientServerTestBase {
- static final String PORT = allocatePort(PolicyServer.class);
+public class StaxUsernameTokenPolicyTest extends AbstractBusClientServerTestBase {
+ static final String PORT = allocatePort(StaxPolicyServer.class);
private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
@@ -46,7 +47,7 @@ public class UsernameTokenPolicyTest ext
"Server failed to launch",
// run the server in the same process
// set this to false to fork
- launchServer(PolicyServer.class, true)
+ launchServer(StaxPolicyServer.class, true)
);
}
@@ -60,19 +61,24 @@ public class UsernameTokenPolicyTest ext
public void testSupportingToken() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenPolicyTest.class.getResource("policy-client.xml");
+ URL busFile = StaxUsernameTokenPolicyTest.class.getResource("policy-client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenPolicyTest.class.getResource("DoubleItUtPolicy.wsdl");
+ URL wsdl = StaxUsernameTokenPolicyTest.class.getResource("DoubleItUtPolicy.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSupportingTokenPort");
DoubleItPortType port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
// This should fail, as the client is not sending a UsernameToken Supporting Token
@@ -80,14 +86,25 @@ public class UsernameTokenPolicyTest ext
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on not sending a UsernameToken Supporting Token");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
- String error = "These policy alternatives can not be satisfied";
+ String error = "UsernameToken not satisfied";
assertTrue(ex.getMessage().contains(error));
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(port);
+ port.doubleIt(25);
+ fail("Failure expected on not sending a UsernameToken Supporting Token");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // String error = "UsernameToken not satisfied";
+ // assertTrue(ex.getMessage().contains(error));
+ }
+
((java.io.Closeable)port).close();
bus.shutdown(true);
}
@@ -96,19 +113,24 @@ public class UsernameTokenPolicyTest ext
public void testPlaintextPassword() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenPolicyTest.class.getResource("policy-client.xml");
+ URL busFile = StaxUsernameTokenPolicyTest.class.getResource("policy-client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenPolicyTest.class.getResource("DoubleItUtPolicy.wsdl");
+ URL wsdl = StaxUsernameTokenPolicyTest.class.getResource("DoubleItUtPolicy.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItPlaintextPort");
DoubleItPortType port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
// This should fail, as the client is sending a hashed password
@@ -116,19 +138,31 @@ public class UsernameTokenPolicyTest ext
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on a hashed password");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
- String error = "These policy alternatives can not be satisfied";
+ String error = "UsernameToken password must not be hashed";
assertTrue(ex.getMessage().contains(error));
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(port);
+ port.doubleIt(25);
+ fail("Failure expected on a hashed password");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // String error = "UsernameToken not satisfied";
+ // assertTrue(ex.getMessage().contains(error));
+ }
+
// This should fail, as the client is not sending any password
portQName = new QName(NAMESPACE, "DoubleItPlaintextPort3");
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on not sending a password");
@@ -136,6 +170,15 @@ public class UsernameTokenPolicyTest ext
// expected
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(port);
+ port.doubleIt(25);
+ fail("Failure expected on not sending a password");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ }
+
((java.io.Closeable)port).close();
bus.shutdown(true);
}
@@ -144,19 +187,24 @@ public class UsernameTokenPolicyTest ext
public void testHashPassword() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenPolicyTest.class.getResource("policy-client.xml");
+ URL busFile = StaxUsernameTokenPolicyTest.class.getResource("policy-client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenPolicyTest.class.getResource("DoubleItUtPolicy.wsdl");
+ URL wsdl = StaxUsernameTokenPolicyTest.class.getResource("DoubleItUtPolicy.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItHashPort");
DoubleItPortType port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
// This should fail, as the client is sending a plaintext password
@@ -164,20 +212,41 @@ public class UsernameTokenPolicyTest ext
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on a plaintext password");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
- String error = "These policy alternatives can not be satisfied";
+ String error = "UsernameToken does not contain a hashed password";
assertTrue(ex.getMessage().contains(error));
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(port);
+ port.doubleIt(25);
+ fail("Failure expected on a plaintext password");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // String error = "UsernameToken not satisfied";
+ // assertTrue(ex.getMessage().contains(error));
+ }
+
// This should fail, as the client is not sending any password
portQName = new QName(NAMESPACE, "DoubleItHashPort3");
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not sending a password");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ }
+
+ // Streaming
try {
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
fail("Failure expected on not sending a password");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
@@ -192,19 +261,24 @@ public class UsernameTokenPolicyTest ext
public void testCreated() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenPolicyTest.class.getResource("policy-client.xml");
+ URL busFile = StaxUsernameTokenPolicyTest.class.getResource("policy-client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenPolicyTest.class.getResource("DoubleItUtPolicy.wsdl");
+ URL wsdl = StaxUsernameTokenPolicyTest.class.getResource("DoubleItUtPolicy.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItCreatedPort");
DoubleItPortType port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
// This should fail, as the client is not sending a Created element
@@ -212,14 +286,25 @@ public class UsernameTokenPolicyTest ext
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on not sending a Created element");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
- String error = "These policy alternatives can not be satisfied";
+ String error = "UsernameToken does not contain a created timestamp";
assertTrue(ex.getMessage().contains(error));
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(port);
+ port.doubleIt(25);
+ fail("Failure expected on not sending a Created element");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // String error = "UsernameToken not satisfied";
+ // assertTrue(ex.getMessage().contains(error));
+ }
+
((java.io.Closeable)port).close();
bus.shutdown(true);
}
@@ -228,19 +313,24 @@ public class UsernameTokenPolicyTest ext
public void testNonce() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenPolicyTest.class.getResource("policy-client.xml");
+ URL busFile = StaxUsernameTokenPolicyTest.class.getResource("policy-client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenPolicyTest.class.getResource("DoubleItUtPolicy.wsdl");
+ URL wsdl = StaxUsernameTokenPolicyTest.class.getResource("DoubleItUtPolicy.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItNoncePort");
DoubleItPortType port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
// This should fail, as the client is not sending a Nonce element
@@ -248,14 +338,24 @@ public class UsernameTokenPolicyTest ext
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on not sending a Nonce element");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
- String error = "These policy alternatives can not be satisfied";
+ String error = "UsernameToken does not contain a nonce";
assertTrue(ex.getMessage().contains(error));
}
+ // Streaming
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not sending a Nonce element");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // String error = "UsernameToken not satisfied";
+ // assertTrue(ex.getMessage().contains(error));
+ }
+
((java.io.Closeable)port).close();
bus.shutdown(true);
}
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenTest.java?rev=1501771&r1=1501770&r2=1501771&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenTest.java Wed Jul 10 14:00:13 2013
@@ -310,18 +310,16 @@ public class StaxUsernameTokenTest exten
String error = "UsernameToken not satisfied";
assertTrue(ex.getMessage().contains(error));
}
- /*
- // TODO
+
// Streaming
SecurityTestUtil.enableStreaming(utPort);
try {
utPort.doubleIt(25);
fail("Failure expected on no UsernameToken");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
- String error = "UsernameToken not satisfied";
- assertTrue(ex.getMessage().contains(error));
+ // String error = "UsernameToken not satisfied";
+ // assertTrue(ex.getMessage().contains(error));
}
- */
((java.io.Closeable)utPort).close();
bus.shutdown(true);
@@ -393,8 +391,7 @@ public class StaxUsernameTokenTest exten
String error = "Unauthorized";
assertTrue(ex.getMessage().contains(error));
}
- /*
- // TODO
+
// Streaming
SecurityTestUtil.enableStreaming(utPort);
@@ -406,10 +403,9 @@ public class StaxUsernameTokenTest exten
utPort.doubleIt(30);
fail("Failure expected on a user with the wrong role");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
- String error = "Unauthorized";
- assertTrue(ex.getMessage().contains(error));
+ // String error = "Unauthorized";
+ // assertTrue(ex.getMessage().contains(error));
}
- */
((java.io.Closeable)utPort).close();
bus.shutdown(true);
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java?rev=1501771&r1=1501770&r2=1501771&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenPolicyTest.java Wed Jul 10 14:00:13 2013
@@ -33,6 +33,7 @@ import org.junit.BeforeClass;
/**
* A set of (negative) tests for Username Tokens policies over the Transport Binding.
+ * It tests both DOM + StAX clients against the DOM server
*/
public class UsernameTokenPolicyTest extends AbstractBusClientServerTestBase {
static final String PORT = allocatePort(PolicyServer.class);
@@ -73,6 +74,11 @@ public class UsernameTokenPolicyTest ext
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
// This should fail, as the client is not sending a UsernameToken Supporting Token
@@ -80,6 +86,7 @@ public class UsernameTokenPolicyTest ext
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on not sending a UsernameToken Supporting Token");
@@ -88,6 +95,16 @@ public class UsernameTokenPolicyTest ext
assertTrue(ex.getMessage().contains(error));
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(port);
+ port.doubleIt(25);
+ fail("Failure expected on not sending a UsernameToken Supporting Token");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // String error = "These policy alternatives can not be satisfied";
+ // assertTrue(ex.getMessage().contains(error));
+ }
+
((java.io.Closeable)port).close();
bus.shutdown(true);
}
@@ -109,6 +126,11 @@ public class UsernameTokenPolicyTest ext
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
// This should fail, as the client is sending a hashed password
@@ -116,6 +138,7 @@ public class UsernameTokenPolicyTest ext
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on a hashed password");
@@ -124,11 +147,22 @@ public class UsernameTokenPolicyTest ext
assertTrue(ex.getMessage().contains(error));
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(port);
+ port.doubleIt(25);
+ fail("Failure expected on a hashed password");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // String error = "These policy alternatives can not be satisfied";
+ // assertTrue(ex.getMessage().contains(error));
+ }
+
// This should fail, as the client is not sending any password
portQName = new QName(NAMESPACE, "DoubleItPlaintextPort3");
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on not sending a password");
@@ -136,6 +170,15 @@ public class UsernameTokenPolicyTest ext
// expected
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(port);
+ port.doubleIt(25);
+ fail("Failure expected on not sending a password");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ }
+
((java.io.Closeable)port).close();
bus.shutdown(true);
}
@@ -157,6 +200,11 @@ public class UsernameTokenPolicyTest ext
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
// This should fail, as the client is sending a plaintext password
@@ -164,6 +212,7 @@ public class UsernameTokenPolicyTest ext
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on a plaintext password");
@@ -172,12 +221,32 @@ public class UsernameTokenPolicyTest ext
assertTrue(ex.getMessage().contains(error));
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(port);
+ port.doubleIt(25);
+ fail("Failure expected on a plaintext password");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // String error = "These policy alternatives can not be satisfied";
+ // assertTrue(ex.getMessage().contains(error));
+ }
+
// This should fail, as the client is not sending any password
portQName = new QName(NAMESPACE, "DoubleItHashPort3");
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not sending a password");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ }
+
+ // Streaming
try {
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
fail("Failure expected on not sending a password");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
@@ -205,6 +274,11 @@ public class UsernameTokenPolicyTest ext
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
// This should fail, as the client is not sending a Created element
@@ -212,6 +286,7 @@ public class UsernameTokenPolicyTest ext
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on not sending a Created element");
@@ -220,6 +295,16 @@ public class UsernameTokenPolicyTest ext
assertTrue(ex.getMessage().contains(error));
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(port);
+ port.doubleIt(25);
+ fail("Failure expected on not sending a Created element");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // String error = "These policy alternatives can not be satisfied";
+ // assertTrue(ex.getMessage().contains(error));
+ }
+
((java.io.Closeable)port).close();
bus.shutdown(true);
}
@@ -241,6 +326,11 @@ public class UsernameTokenPolicyTest ext
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
+ port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(port);
port.doubleIt(25);
// This should fail, as the client is not sending a Nonce element
@@ -248,6 +338,7 @@ public class UsernameTokenPolicyTest ext
port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(port, PORT);
+ // DOM
try {
port.doubleIt(25);
fail("Failure expected on not sending a Nonce element");
@@ -256,6 +347,15 @@ public class UsernameTokenPolicyTest ext
assertTrue(ex.getMessage().contains(error));
}
+ // Streaming
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not sending a Nonce element");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // String error = "These policy alternatives can not be satisfied";
+ // assertTrue(ex.getMessage().contains(error));
+ }
+
((java.io.Closeable)port).close();
bus.shutdown(true);
}
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java?rev=1501771&r1=1501770&r2=1501771&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java Wed Jul 10 14:00:13 2013
@@ -311,18 +311,14 @@ public class UsernameTokenTest extends A
assertTrue(ex.getMessage().contains(error));
}
- /*
- // TODO
// Streaming
SecurityTestUtil.enableStreaming(utPort);
try {
utPort.doubleIt(25);
fail("Failure expected on no UsernameToken");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
- String error = "The received token does not match the token inclusion requirement";
- assertTrue(ex.getMessage().contains(error));
+ assertTrue(ex.getMessage().contains("PolicyViolationException"));
}
- */
((java.io.Closeable)utPort).close();
bus.shutdown(true);
@@ -435,8 +431,6 @@ public class UsernameTokenTest extends A
}
// Streaming
- /*
- // TODO
SecurityTestUtil.enableStreaming(utPort);
((BindingProvider)utPort).getRequestContext().put(SecurityConstants.USERNAME, "Alice");
utPort.doubleIt(25);
@@ -446,10 +440,9 @@ public class UsernameTokenTest extends A
utPort.doubleIt(30);
fail("Failure expected on a user with the wrong role");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
- String error = "Unauthorized";
- assertTrue(ex.getMessage().contains(error));
+ // String error = "Unauthorized";
+ // assertTrue(ex.getMessage().contains(error));
}
- */
((java.io.Closeable)utPort).close();
bus.shutdown(true);
Added: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/stax-policy-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/stax-policy-server.xml?rev=1501771&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/stax-policy-server.xml (added)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/stax-policy-server.xml Wed Jul 10 14:00:13 2013
@@ -0,0 +1,348 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:jaxws="http://cxf.apache.org/jaxws"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:p="http://cxf.apache.org/policy"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
+ ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <cxf:bus>
+ <cxf:features>
+ <p:policies/>
+ <cxf:logging/>
+ </cxf:features>
+ </cxf:bus>
+
+ <!-- -->
+ <!-- Any services listening on port 9009 must use the following -->
+ <!-- Transport Layer Security (TLS) settings -->
+ <!-- -->
+ <httpj:engine-factory id="tls-settings">
+ <httpj:engine port="${testutil.ports.StaxPolicyServer}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="jks" password="password" resource="org/apache/cxf/systest/ws/security/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="jks" password="password" resource="org/apache/cxf/systest/ws/security/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:cipherSuitesFilter>
+ <sec:include>.*_EXPORT_.*</sec:include>
+ <sec:include>.*_EXPORT1024_.*</sec:include>
+ <sec:include>.*_WITH_DES_.*</sec:include>
+ <sec:include>.*_WITH_AES_.*</sec:include>
+ <sec:include>.*_WITH_NULL_.*</sec:include>
+ <sec:exclude>.*_DH_anon_.*</sec:exclude>
+ </sec:cipherSuitesFilter>
+ <sec:clientAuthentication want="true" required="false"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <jaxws:endpoint
+ id="SupportingToken"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItSupportingToken"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItSupportingTokenPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/supp-token-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="SupportingToken2"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItSupportingToken2"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItSupportingTokenPort2"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/supp-token-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="PlainText"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItPlaintext"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItPlaintextPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/plaintext-pass-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="PlainText2"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItPlaintext2"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItPlaintextPort2"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/plaintext-pass-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="PlainText3"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItPlaintext3"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItPlaintextPort3"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/plaintext-pass-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="Hash"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItHash"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItHashPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/hash-pass-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="Hash2"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItHash2"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItHashPort2"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/hash-pass-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="Hash3"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItHash3"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItHashPort3"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/hash-pass-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="Created"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItCreated"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItCreatedPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/created-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="Created2"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItCreated2"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItCreatedPort2"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/created-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="Nonce"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItNonce"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItNoncePort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/nonce-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="Nonce2"
+ address="https://localhost:${testutil.ports.StaxPolicyServer}/DoubleItNonce2"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItNoncePort2"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUtPolicy.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ URI="classpath:/org/apache/cxf/systest/ws/ut/nonce-policy.xml" />
+ </p:policies>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+</beans>