You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/01/13 16:11:30 UTC
svn commit: r1651371 -
/webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlConditionsTest.java
Author: coheigea
Date: Tue Jan 13 15:11:30 2015
New Revision: 1651371
URL: http://svn.apache.org/r1651371
Log:
Adding some SAML Tests
Modified:
webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlConditionsTest.java
Modified: webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlConditionsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlConditionsTest.java?rev=1651371&r1=1651370&r2=1651371&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlConditionsTest.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/saml/SamlConditionsTest.java Tue Jan 13 15:11:30 2015
@@ -146,6 +146,84 @@ public class SamlConditionsTest extends
}
}
+ @org.junit.Test
+ public void testSAML2StaleNotOnOrAfter() throws Exception {
+ SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
+ callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
+ callbackHandler.setIssuer("www.example.com");
+
+ ConditionsBean conditions = new ConditionsBean();
+ DateTime notBefore = new DateTime();
+ conditions.setNotAfter(notBefore.minusMinutes(60));
+ conditions.setNotBefore(notBefore.minusMinutes(70));
+ callbackHandler.setConditions(conditions);
+
+ SAMLCallback samlCallback = new SAMLCallback();
+ SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
+ SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
+
+ WSSecSAMLToken wsSign = new WSSecSAMLToken();
+
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+
+ Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("SAML 2 Authn Assertion (sender vouches):");
+ String outputString =
+ XMLUtils.PrettyDocumentToString(unsignedDoc);
+ LOG.debug(outputString);
+ }
+
+ try {
+ verify(unsignedDoc);
+ fail("Failure expected in processing the SAML Conditions element");
+ } catch (WSSecurityException ex) {
+ assertTrue(ex.getMessage().contains("SAML token security failure"));
+ }
+ }
+
+ @org.junit.Test
+ public void testSAML2FutureNotBefore() throws Exception {
+ SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
+ callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
+ callbackHandler.setIssuer("www.example.com");
+
+ ConditionsBean conditions = new ConditionsBean();
+ DateTime notBefore = new DateTime();
+ conditions.setNotAfter(new DateTime().plusMinutes(70));
+ conditions.setNotBefore(notBefore.plusMinutes(60));
+ callbackHandler.setConditions(conditions);
+
+ SAMLCallback samlCallback = new SAMLCallback();
+ SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
+ SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
+
+ WSSecSAMLToken wsSign = new WSSecSAMLToken();
+
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+
+ Document unsignedDoc = wsSign.build(doc, samlAssertion, secHeader);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("SAML 2 Authn Assertion (sender vouches):");
+ String outputString =
+ XMLUtils.PrettyDocumentToString(unsignedDoc);
+ LOG.debug(outputString);
+ }
+
+ try {
+ verify(unsignedDoc);
+ fail("Failure expected in processing the SAML Conditions element");
+ } catch (WSSecurityException ex) {
+ assertTrue(ex.getMessage().contains("SAML token security failure"));
+ }
+ }
+
/**
* Test that creates, sends and processes an unsigned SAML 2 authentication assertion
* with an (invalid) custom Conditions statement.