You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by cs...@apache.org on 2013/08/08 17:11:41 UTC
svn commit: r1511828 - in /cxf/trunk/services/xkms: ./
xkms-itests/src/test/java/org/apache/cxf/xkms/itests/
xkms-itests/src/test/java/org/apache/cxf/xkms/itests/handlers/validator/
xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/ xkms-ite...
Author: cschneider
Date: Thu Aug 8 15:11:41 2013
New Revision: 1511828
URL: http://svn.apache.org/r1511828
Log:
CXF-5173 Add tests to prove XKRSS can be switched off. Add locate itest
Added:
cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKRSSDisableTest.java (with props)
cxf/trunk/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms_noXKRSS.cfg
cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/blueprint.xml
- copied, changed from r1511370, cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/cxf-endpoint.xml
cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/CertificateRepoFactory.java (with props)
Removed:
cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/cxf-endpoint.xml
Modified:
cxf/trunk/services/xkms/pom.xml
cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/BasicIntegrationTest.java
cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/handlers/validator/ValidatorTest.java
cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKMSServiceTest.java
cxf/trunk/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms.cfg
cxf/trunk/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java
cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Locator.java
cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/file/FileCertificateRepo.java
cxf/trunk/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/handlers/X509LocatorTest.java
Modified: cxf/trunk/services/xkms/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/pom.xml?rev=1511828&r1=1511827&r2=1511828&view=diff
==============================================================================
--- cxf/trunk/services/xkms/pom.xml (original)
+++ cxf/trunk/services/xkms/pom.xml Thu Aug 8 15:11:41 2013
@@ -42,15 +42,7 @@
<module>xkms-features</module>
<module>xkms-osgi</module>
<module>xkms-war</module>
+ <module>xkms-itests</module>
</modules>
- <profiles>
- <profile>
- <id>xkms-ldap-test</id>
- <modules>
- <module>xkms-itests</module>
- </modules>
- </profile>
- </profiles>
-
</project>
Modified: cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/BasicIntegrationTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/BasicIntegrationTest.java?rev=1511828&r1=1511827&r2=1511828&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/BasicIntegrationTest.java (original)
+++ cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/BasicIntegrationTest.java Thu Aug 8 15:11:41 2013
@@ -73,19 +73,23 @@ public class BasicIntegrationTest {
keepRuntimeFolder(),
replaceConfigurationFile("data/xkms/certificates/trusted_cas/root.cer",
- new File(
- "src/test/resources/data/xkms/certificates/trusted_cas/root.cer")),
+ new File("src/test/resources/data/xkms/certificates/trusted_cas/root.cer")),
replaceConfigurationFile("data/xkms/certificates/cas/alice.cer",
new File("src/test/resources/data/xkms/certificates/cas/alice.cer")),
- replaceConfigurationFile("etc/org.apache.cxf.xkms.cfg",
- new File("src/test/resources/etc/org.apache.cxf.xkms.cfg")),
-
- features(xkmsFeatures, "cxf-xkms-service", "cxf-xkms-client"),
+ replaceConfigurationFile("data/xkms/certificates/dave.cer",
+ new File("src/test/resources/data/xkms/certificates/dave.cer")),
+ replaceConfigurationFile("etc/org.apache.cxf.xkms.cfg", getConfigFile()),
editConfigurationFilePut("etc/org.ops4j.pax.url.mvn.cfg", "org.ops4j.pax.url.mvn.repositories", REPOS),
editConfigurationFilePut("etc/org.ops4j.pax.web.cfg", "org.osgi.service.http.port", HTTP_PORT),
- editConfigurationFilePut("etc/org.apache.cxf.xkms.client.cfg", "xkms.endpoint", XKMS_ENDPOINT)
+ editConfigurationFilePut("etc/org.apache.cxf.xkms.client.cfg", "xkms.endpoint", XKMS_ENDPOINT),
+ features(xkmsFeatures, "cxf-xkms-service", "cxf-xkms-client"),
+ //CoreOptions.vmOption("-Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=5005")
};
}
+ protected File getConfigFile() {
+ return new File("src/test/resources/etc/org.apache.cxf.xkms.cfg");
+ }
+
}
Modified: cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/handlers/validator/ValidatorTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/handlers/validator/ValidatorTest.java?rev=1511828&r1=1511827&r2=1511828&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/handlers/validator/ValidatorTest.java (original)
+++ cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/handlers/validator/ValidatorTest.java Thu Aug 8 15:11:41 2013
@@ -58,12 +58,6 @@ public class ValidatorTest extends Basic
@Test
public void testRootCertIsValid() throws CertificateException {
- try {
- Thread.sleep(20000);
- } catch (InterruptedException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
X509Certificate rootCertificate = readCertificate("trusted_cas/root.cer");
ValidateRequestType request = prepareValidateXKMSRequest(rootCertificate);
StatusType result = doValidate(request);
Modified: cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKMSServiceTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKMSServiceTest.java?rev=1511828&r1=1511827&r2=1511828&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKMSServiceTest.java (original)
+++ cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKMSServiceTest.java Thu Aug 8 15:11:41 2013
@@ -19,14 +19,24 @@
package org.apache.cxf.xkms.itests.service;
import java.net.URISyntaxException;
+import java.util.List;
import java.util.UUID;
+import org.apache.cxf.xkms.handlers.Applications;
+import org.apache.cxf.xkms.handlers.XKMSConstants;
import org.apache.cxf.xkms.itests.BasicIntegrationTest;
+import org.apache.cxf.xkms.model.extensions.ResultDetails;
+import org.apache.cxf.xkms.model.xkms.LocateRequestType;
+import org.apache.cxf.xkms.model.xkms.LocateResultType;
+import org.apache.cxf.xkms.model.xkms.MessageAbstractType;
import org.apache.cxf.xkms.model.xkms.PrototypeKeyBindingType;
+import org.apache.cxf.xkms.model.xkms.QueryKeyBindingType;
import org.apache.cxf.xkms.model.xkms.RegisterRequestType;
import org.apache.cxf.xkms.model.xkms.RegisterResultType;
import org.apache.cxf.xkms.model.xkms.ResultMajorEnum;
import org.apache.cxf.xkms.model.xkms.ResultMinorEnum;
+import org.apache.cxf.xkms.model.xkms.UnverifiedKeyBindingType;
+import org.apache.cxf.xkms.model.xkms.UseKeyWithType;
import org.apache.cxf.xkms.model.xmldsig.KeyInfoType;
import org.junit.Assert;
import org.junit.Test;
@@ -35,31 +45,64 @@ import org.ops4j.pax.exam.junit.PaxExam;
@RunWith(PaxExam.class)
public class XKMSServiceTest extends BasicIntegrationTest {
+ private static final org.apache.cxf.xkms.model.xkms.ObjectFactory XKMS_OF =
+ new org.apache.cxf.xkms.model.xkms.ObjectFactory();
+
+ @Test
+ public void testLocate() throws URISyntaxException, Exception {
+ LocateRequestType request = XKMS_OF.createLocateRequestType();
+ setGenericRequestParams(request);
+ QueryKeyBindingType queryKeyBindingType = XKMS_OF.createQueryKeyBindingType();
+
+ UseKeyWithType useKeyWithType = XKMS_OF.createUseKeyWithType();
+ useKeyWithType.setIdentifier("CN=Dave, OU=Apache, O=CXF, L=CGN, ST=NRW, C=DE");
+ useKeyWithType.setApplication(Applications.PKIX.getUri());
+
+ queryKeyBindingType.getUseKeyWith().add(useKeyWithType);
+
+ request.setQueryKeyBinding(queryKeyBindingType);
+ LocateResultType result = xkmsService.locate(request);
+ Assert.assertEquals(ResultMajorEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_SUCCESS.value(),
+ result.getResultMajor());
+ List<UnverifiedKeyBindingType> keyBinding = result.getUnverifiedKeyBinding();
+ Assert.assertEquals(1, keyBinding.size());
+ KeyInfoType keyInfo = keyBinding.get(0).getKeyInfo();
+ Assert.assertNotNull(keyInfo);
+ }
+
+ private void setGenericRequestParams(MessageAbstractType request) {
+ request.setService(XKMSConstants.XKMS_ENDPOINT_NAME);
+ request.setId(UUID.randomUUID().toString());
+ }
@Test
public void testEmptyRegister() throws URISyntaxException, Exception {
RegisterRequestType request = new RegisterRequestType();
- request.setId(UUID.randomUUID().toString());
+ setGenericRequestParams(request);
RegisterResultType result = xkmsService.register(request);
Assert.assertEquals(ResultMajorEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_SENDER.value(),
result.getResultMajor());
Assert.assertEquals(ResultMinorEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_FAILURE.value(),
result.getResultMinor());
+ ResultDetails message = (ResultDetails)result.getMessageExtension().get(0);
+ Assert.assertEquals("org.apache.cxf.xkms.model.xkms.PrototypeKeyBindingType must be set", message.getDetails());
}
@Test
public void testRegisterWithoutKey() throws URISyntaxException, Exception {
RegisterRequestType request = new RegisterRequestType();
+ setGenericRequestParams(request);
PrototypeKeyBindingType binding = new PrototypeKeyBindingType();
KeyInfoType keyInfo = new KeyInfoType();
binding.setKeyInfo(keyInfo);
request.setPrototypeKeyBinding(binding);
- request.setId(UUID.randomUUID().toString());
RegisterResultType result = xkmsService.register(request);
Assert.assertEquals(ResultMajorEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_SENDER.value(),
result.getResultMajor());
Assert.assertEquals(ResultMinorEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_FAILURE.value(),
result.getResultMinor());
+ ResultDetails message = (ResultDetails)result.getMessageExtension().get(0);
+ Assert.assertEquals("Exactly one useKeyWith element needed", message.getDetails());
}
}
Added: cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKRSSDisableTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKRSSDisableTest.java?rev=1511828&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKRSSDisableTest.java (added)
+++ cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKRSSDisableTest.java Thu Aug 8 15:11:41 2013
@@ -0,0 +1,59 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.xkms.itests.service;
+
+import java.io.File;
+import java.util.UUID;
+
+import org.apache.cxf.xkms.handlers.XKMSConstants;
+import org.apache.cxf.xkms.itests.BasicIntegrationTest;
+import org.apache.cxf.xkms.model.extensions.ResultDetails;
+import org.apache.cxf.xkms.model.xkms.RegisterRequestType;
+import org.apache.cxf.xkms.model.xkms.RegisterResultType;
+import org.apache.cxf.xkms.model.xkms.ResultMajorEnum;
+import org.apache.cxf.xkms.model.xkms.ResultMinorEnum;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.ops4j.pax.exam.junit.PaxExam;
+
+
+@RunWith(PaxExam.class)
+public class XKRSSDisableTest extends BasicIntegrationTest {
+
+ @Override
+ protected File getConfigFile() {
+ return new File("src/test/resources/etc/org.apache.cxf.xkms_noXKRSS.cfg");
+ }
+
+ @Test
+ public void testRegisterShouldBeDisabled() {
+ RegisterRequestType request = new RegisterRequestType();
+ request.setService(XKMSConstants.XKMS_ENDPOINT_NAME);
+ request.setId(UUID.randomUUID().toString());
+ RegisterResultType result = xkmsService.register(request);
+ Assert.assertEquals(ResultMajorEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_SENDER.value(),
+ result.getResultMajor());
+ Assert.assertEquals(ResultMinorEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_MESSAGE_NOT_SUPPORTED.value(),
+ result.getResultMinor());
+ ResultDetails message = (ResultDetails)result.getMessageExtension().get(0);
+ Assert.assertEquals("XKRSS Operations are disabled", message.getDetails());
+ }
+
+}
Propchange: cxf/trunk/services/xkms/xkms-itests/src/test/java/org/apache/cxf/xkms/itests/service/XKRSSDisableTest.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: cxf/trunk/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms.cfg
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms.cfg?rev=1511828&r1=1511827&r2=1511828&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms.cfg (original)
+++ cxf/trunk/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms.cfg Thu Aug 8 15:11:41 2013
@@ -18,6 +18,7 @@
################################################################################
# XKMS configuration properties
+xkms.enableXKRSS=true
# Certificate repository ldap or file
xkms.certificate.repo=file
Added: cxf/trunk/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms_noXKRSS.cfg
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms_noXKRSS.cfg?rev=1511828&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms_noXKRSS.cfg (added)
+++ cxf/trunk/services/xkms/xkms-itests/src/test/resources/etc/org.apache.cxf.xkms_noXKRSS.cfg Thu Aug 8 15:11:41 2013
@@ -0,0 +1,47 @@
+#################################################################################
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+# XKMS configuration properties
+xkms.enableXKRSS=false
+
+# Certificate repository ldap or file
+xkms.certificate.repo=file
+
+# Filesystem backend
+xkms.file.storageDir=data/xkms/certificates
+
+# LDAP backend
+xkms.ldap.url=ldap://localhost:2389
+xkms.ldap.user=cn=Directory Manager,dc=example,dc=com
+xkms.ldap.pwd=test
+xkms.ldap.retry=2
+xkms.ldap.rootDN=dc=example,dc=com
+
+# LDAP schema
+xkms.ldap.schema.certObjectClass=inetOrgPerson
+xkms.ldap.schema.attrUID=uid
+xkms.ldap.schema.attrIssuerID=manager
+xkms.ldap.schema.attrSerialNumber=employeeNumber
+xkms.ldap.schema.attrCrtBinary=userCertificate;binary
+xkms.ldap.schema.constAttrNamesCSV=sn
+xkms.ldap.schema.constAttrValuesCSV=X509 certificate
+xkms.ldap.schema.serviceCertRDNTemplate=cn=%s,ou=services
+xkms.ldap.schema.serviceCertUIDTemplate=cn=%s
+xkms.ldap.schema.trustedAuthorities=(&(objectClass=inetOrgPerson)(ou:dn:=rootCAs))
+xkms.ldap.schema.intermediates=(&(objectClass=inetOrgPerson)(ou:dn:=intermediateCAs))
Copied: cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/blueprint.xml (from r1511370, cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/cxf-endpoint.xml)
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/blueprint.xml?p2=cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/blueprint.xml&p1=cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/cxf-endpoint.xml&r1=1511370&r2=1511828&rev=1511828&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/cxf-endpoint.xml (original)
+++ cxf/trunk/services/xkms/xkms-osgi/src/main/resources/OSGI-INF/blueprint/blueprint.xml Thu Aug 8 15:11:41 2013
@@ -26,7 +26,7 @@
<cm:property name="xkms.ldap.url" value="tcp:localhost:389"/>
<cm:property name="xkms.ldap.user" value=""/>
<cm:property name="xkms.ldap.pwd" value=""/>
- <cm:property name="xkms.ldap.retry" value=""/>
+ <cm:property name="xkms.ldap.retry" value="2"/>
</cm:default-properties>
</cm:property-placeholder>
@@ -77,8 +77,8 @@
<argument ref="certificateRepo" />
</bean>
- <bean id="xkmsProviderBean" class="org.apache.cxf.xkms.service.XKMSService">
- <!-- <property name="enableXKRSS" value="${xkms.enableXKRSS}" /> -->
+ <bean id="xkmsService" class="org.apache.cxf.xkms.service.XKMSService">
+ <property name="enableXKRSS" value="${xkms.enableXKRSS}" />
<property name="validators">
<list>
<ref component-id="dateValidator" />
@@ -100,10 +100,10 @@
<bean id="additionalClasses"
class="org.apache.cxf.xkms.model.extensions.AdditionalClassesFactory" />
- <jaxws:endpoint id="XKMSService"
+ <jaxws:endpoint id="XKMSServiceEndpoint"
xmlns:serviceNamespace="http://www.w3.org/2002/03/xkms#wsdl"
serviceName="serviceNamespace:XKMSService" endpointName="serviceNamespace:XKMSPort"
- implementor="#xkmsProviderBean" address="/XKMS">
+ implementor="#xkmsService" address="/XKMS">
<jaxws:properties>
<entry key="jaxb.additionalContextClasses">
<bean class="java.lang.Object" factory-ref="additionalClasses"
Modified: cxf/trunk/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java?rev=1511828&r1=1511827&r2=1511828&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java (original)
+++ cxf/trunk/services/xkms/xkms-service/src/main/java/org/apache/cxf/xkms/service/XKMSService.java Thu Aug 8 15:11:41 2013
@@ -319,6 +319,7 @@ public class XKMSService implements XKMS
public void setEnableXKRSS(boolean enableXKRSS) {
this.enableXKRSS = enableXKRSS;
+ LOG.info("enableXKRSS:" + enableXKRSS);
}
private void assertXKRSSAllowed() {
Modified: cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Locator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Locator.java?rev=1511828&r1=1511827&r2=1511828&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Locator.java (original)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/handlers/X509Locator.java Thu Aug 8 15:11:41 2013
@@ -72,6 +72,9 @@ public class X509Locator implements Loca
public X509Certificate findCertificate(List<UseKeyWithType> ids) throws CertificateException {
X509Certificate cert = null;
+ if (ids.size() == 0) {
+ throw new IllegalArgumentException("No UseKeyWithType elements found");
+ }
if (ids.size() == 1) {
Applications application = Applications.fromUri(ids.get(0).getApplication());
String id = ids.get(0).getIdentifier();
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/CertificateRepoFactory.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/CertificateRepoFactory.java?rev=1511828&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/CertificateRepoFactory.java (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/CertificateRepoFactory.java Thu Aug 8 15:11:41 2013
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.xkms.x509.repo;
+
+import org.apache.cxf.xkms.x509.repo.file.FileCertificateRepo;
+import org.apache.cxf.xkms.x509.repo.ldap.LdapCertificateRepo;
+import org.apache.cxf.xkms.x509.repo.ldap.LdapSchemaConfig;
+import org.apache.cxf.xkms.x509.repo.ldap.LdapSearch;
+
+public final class CertificateRepoFactory {
+
+ private CertificateRepoFactory() {
+ }
+
+ public static CertificateRepo createRepository(String type, LdapSearch ldapSearch,
+ LdapSchemaConfig ldapSchemaConfig, String rootDN,
+ String storageDir) {
+ if ("ldap".equals(type)) {
+ return new LdapCertificateRepo(ldapSearch, ldapSchemaConfig, rootDN);
+ } else if ("file".equals(type)) {
+ return new FileCertificateRepo(storageDir);
+ } else {
+ throw new RuntimeException("Invalid repo type " + type + ". Valid types are file, ldap");
+ }
+ }
+
+}
Propchange: cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/CertificateRepoFactory.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/file/FileCertificateRepo.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/file/FileCertificateRepo.java?rev=1511828&r1=1511827&r2=1511828&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/file/FileCertificateRepo.java (original)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/repo/file/FileCertificateRepo.java Thu Aug 8 15:11:41 2013
@@ -49,9 +49,13 @@ public class FileCertificateRepo impleme
private final File storageDir;
private final CertificateFactory certFactory;
- public FileCertificateRepo(String path) throws CertificateException {
+ public FileCertificateRepo(String path) {
storageDir = new File(path);
- this.certFactory = CertificateFactory.getInstance("X.509");
+ try {
+ this.certFactory = CertificateFactory.getInstance("X.509");
+ } catch (Exception e) {
+ throw new RuntimeException(e.getMessage(), e);
+ }
}
public void saveCertificate(X509Certificate cert, UseKeyWithType id) {
@@ -199,6 +203,8 @@ public class FileCertificateRepo impleme
continue;
}
X509Certificate cert = readCertificate(certFile);
+ LOG.debug("Searching for " + subjectDn + ". Checking cert "
+ + cert.getSubjectDN().getName() + ", " + cert.getSubjectX500Principal().getName());
if (subjectDn.equalsIgnoreCase(cert.getSubjectDN().getName())
|| subjectDn.equalsIgnoreCase(cert.getSubjectX500Principal().getName())) {
result.add(cert);
Modified: cxf/trunk/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/handlers/X509LocatorTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/handlers/X509LocatorTest.java?rev=1511828&r1=1511827&r2=1511828&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/handlers/X509LocatorTest.java (original)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/handlers/X509LocatorTest.java Thu Aug 8 15:11:41 2013
@@ -18,7 +18,10 @@
*/
package org.apache.cxf.xkms.x509.handlers;
+import java.io.InputStream;
import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
import java.util.UUID;
import org.apache.cxf.xkms.handlers.Applications;
@@ -29,12 +32,8 @@ import org.apache.cxf.xkms.model.xkms.Qu
import org.apache.cxf.xkms.model.xkms.UnverifiedKeyBindingType;
import org.apache.cxf.xkms.model.xkms.UseKeyWithType;
import org.apache.cxf.xkms.x509.repo.CertificateRepo;
-import org.apache.cxf.xkms.x509.repo.ldap.LdapCertificateRepo;
-import org.apache.cxf.xkms.x509.repo.ldap.LdapSchemaConfig;
-import org.apache.cxf.xkms.x509.repo.ldap.LdapSearch;
+import org.easymock.EasyMock;
import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Ignore;
import org.junit.Test;
/**
@@ -45,38 +44,27 @@ public class X509LocatorTest {
private static final org.apache.cxf.xkms.model.xkms.ObjectFactory XKMS_OF =
new org.apache.cxf.xkms.model.xkms.ObjectFactory();
- CertificateRepo certRepo;
- X509Locator locator;
-
- @Ignore
- @Before
- public void setUpLdapRepo() throws CertificateException {
- LdapSearch ldapSearch = new LdapSearch("ldap://localhost:2389",
- "cn=Directory Manager,dc=example,dc=com", "test", 2);
- LdapSchemaConfig ldapConfig = new LdapSchemaConfig();
- ldapConfig.setAttrCrtBinary("userCertificate;binary");
- ldapConfig.setAttrIssuerID("manager");
- ldapConfig.setAttrSerialNumber("employeeNumber");
- ldapConfig.setAttrUID("uid");
- ldapConfig.setCertObjectClass("inetOrgPerson");
- ldapConfig.setConstAttrNamesCSV("sn");
- ldapConfig.setConstAttrValuesCSV("X509 certificate");
- ldapConfig.setIntermediateFilter("(objectClass=*)");
- ldapConfig.setServiceCertRDNTemplate("cn=%s,ou=services");
- ldapConfig.setServiceCertUIDTemplate("cn=%s");
- ldapConfig.setTrustedAuthorityFilter("(&(objectClass=inetOrgPerson)(ou:dn:=CAs))");
- certRepo = new LdapCertificateRepo(ldapSearch, ldapConfig, "dc=example,dc=com");
- locator = new X509Locator(certRepo);
- }
-
- @Ignore
@Test
- public void locate() {
+ public void locate() throws CertificateException {
+ CertificateRepo certRepo = EasyMock.createMock(CertificateRepo.class);
+ EasyMock.expect(certRepo.findBySubjectDn(EasyMock.eq("alice"))).andReturn(getAliceCert());
+ EasyMock.replay(certRepo);
+ X509Locator locator = new X509Locator(certRepo);
LocateRequestType request = prepareLocateXKMSRequest();
UnverifiedKeyBindingType result = locator.locate(request);
Assert.assertNotNull(result.getKeyInfo());
}
+ private X509Certificate getAliceCert() {
+ try {
+ CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
+ InputStream is = this.getClass().getResourceAsStream("/cert1.cer");
+ return (X509Certificate)certFactory.generateCertificate(is);
+ } catch (CertificateException e) {
+ throw new RuntimeException(e.getMessage(), e);
+ }
+ }
+
private LocateRequestType prepareLocateXKMSRequest() {
QueryKeyBindingType queryKeyBindingType = XKMS_OF.createQueryKeyBindingType();