You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2012/03/02 17:33:11 UTC
svn commit: r1296293 [1/2] - in /webservices/wss4j/branches/swssf:
streaming-ws-policy/src/main/java/org/swssf/policy/
streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/
streaming-ws-policy/src/test/java/org/swssf/policy/test/ streamin...
Author: giger
Date: Fri Mar 2 16:33:09 2012
New Revision: 1296293
URL: http://svn.apache.org/viewvc?rev=1296293&view=rev
Log:
ProtectionOrder assertion implemented
Added:
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ProtectionOrderTest.java (with props)
Modified:
webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyEnforcer.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyInputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/ProtectionOrderAssertionState.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AsymmetricBindingTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ContentEncryptedElementsTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/EncryptedElementsTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/EncryptedPartsTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/KerberosTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/KeyValueTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/LayoutTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RelTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SamlTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SecureConversationTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SecurityContextTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedElementsTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedPartsTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SpnegoContextTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SymmetricBindingTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/TransportBindingTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/UsernameTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/X509TokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/WSSDocumentContextImpl.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/DecryptInputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/input/SignatureReferenceVerifyInputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/ContentEncryptedElementSecurityEvent.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedElementSecurityEvent.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/EncryptedPartSecurityEvent.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SignedElementSecurityEvent.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/securityEvent/SignedPartSecurityEvent.java
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/ext/DocumentContext.java
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/DocumentContextImpl.java
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractDecryptInputProcessor.java
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/impl/processor/input/AbstractSignatureReferenceVerifyInputProcessor.java
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyEnforcer.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyEnforcer.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyEnforcer.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyEnforcer.java Fri Mar 2 16:33:09 2012
@@ -52,7 +52,6 @@ public class PolicyEnforcer implements S
// Token Protection
// finishing Layout
// HttpsToken Algorithms
- //ProtectionOrder
//unused tokens must be checked (algorithms etc)
protected static final transient Log log = LogFactory.getLog(PolicyEnforcer.class);
@@ -224,10 +223,9 @@ public class PolicyEnforcer implements S
AbstractBinding abstractBinding = (AbstractBinding) abstractSecurityAssertion;
if (abstractBinding instanceof AbstractSymmetricAsymmetricBinding) {
AbstractSymmetricAsymmetricBinding abstractSymmetricAsymmetricBinding = (AbstractSymmetricAsymmetricBinding) abstractSecurityAssertion;
- //todo:
- //assertableList.add(new ProtectionOrderAssertionState(abstractSymmetricAsymmetricBinding, false));
+ assertableList.add(new ProtectionOrderAssertionState(abstractSymmetricAsymmetricBinding, true));
assertableList.add(new SignatureProtectionAssertionState(abstractSymmetricAsymmetricBinding, true));
- assertableList.add(new OnlySignEntireHeadersAndBodyAssertionState(abstractSecurityAssertion, false));
+ assertableList.add(new OnlySignEntireHeadersAndBodyAssertionState(abstractSecurityAssertion, true));
//todo token protection
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyInputProcessor.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyInputProcessor.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/PolicyInputProcessor.java Fri Mar 2 16:33:09 2012
@@ -119,16 +119,16 @@ public class PolicyInputProcessor extend
if (inputProcessorChain.getDocumentContext().getDocumentLevel() == 3
&& ((WSSDocumentContext) inputProcessorChain.getDocumentContext()).isInSOAPHeader()) {
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false, null);
signedPartSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
} else if (inputProcessorChain.getDocumentContext().getDocumentLevel() == 2
&& ((WSSDocumentContext) inputProcessorChain.getDocumentContext()).isInSOAPBody()) {
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false, null);
signedPartSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
} else if (inputProcessorChain.getDocumentContext().getDocumentLevel() > 3) {
- SignedElementSecurityEvent signedElementSecurityEvent = new SignedElementSecurityEvent(null, false);
+ SignedElementSecurityEvent signedElementSecurityEvent = new SignedElementSecurityEvent(null, false, null);
signedElementSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
policyEnforcer.registerSecurityEvent(signedElementSecurityEvent);
}
@@ -142,24 +142,24 @@ public class PolicyInputProcessor extend
if (inputProcessorChain.getDocumentContext().getDocumentLevel() == 3
&& ((WSSDocumentContext) inputProcessorChain.getDocumentContext()).isInSOAPHeader()) {
EncryptedPartSecurityEvent encryptedPartSecurityEvent
- = new EncryptedPartSecurityEvent(null, false, inputProcessorChain.getDocumentContext().isInSignedContent());
+ = new EncryptedPartSecurityEvent(null, false, null);
encryptedPartSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
} else if (inputProcessorChain.getDocumentContext().getDocumentLevel() == 3
&& ((WSSDocumentContext) inputProcessorChain.getDocumentContext()).isInSOAPBody()) {
EncryptedPartSecurityEvent encryptedPartSecurityEvent
- = new EncryptedPartSecurityEvent(null, false, inputProcessorChain.getDocumentContext().isInSignedContent());
+ = new EncryptedPartSecurityEvent(null, false, null);
encryptedPartSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
} else if (inputProcessorChain.getDocumentContext().getDocumentLevel() > 3) {
EncryptedElementSecurityEvent encryptedElementSecurityEvent
- = new EncryptedElementSecurityEvent(null, false, inputProcessorChain.getDocumentContext().isInSignedContent());
+ = new EncryptedElementSecurityEvent(null, false, null);
encryptedElementSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getPath());
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
//... or it could be a contentEncryption too...
ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent
- = new ContentEncryptedElementSecurityEvent(null, false, inputProcessorChain.getDocumentContext().isInSignedContent());
+ = new ContentEncryptedElementSecurityEvent(null, false, null);
contentEncryptedElementSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getParentElementPath(xmlEvent.getEventType()));
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
}
@@ -167,7 +167,7 @@ public class PolicyInputProcessor extend
} else if (xmlEvent.isCharacters() || xmlEvent.isEntityReference() || xmlEvent.isProcessingInstruction()) {
//can only be a content encryption
ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent
- = new ContentEncryptedElementSecurityEvent(null, false, inputProcessorChain.getDocumentContext().isInSignedContent());
+ = new ContentEncryptedElementSecurityEvent(null, false, null);
contentEncryptedElementSecurityEvent.setElementPath(inputProcessorChain.getDocumentContext().getParentElementPath(xmlEvent.getEventType()));
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/ProtectionOrderAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/ProtectionOrderAssertionState.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/ProtectionOrderAssertionState.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/ProtectionOrderAssertionState.java Fri Mar 2 16:33:09 2012
@@ -21,11 +21,13 @@ package org.swssf.policy.assertionStates
import org.apache.ws.secpolicy.AssertionState;
import org.apache.ws.secpolicy.WSSPolicyException;
import org.apache.ws.secpolicy.model.AbstractSecurityAssertion;
+import org.apache.ws.secpolicy.model.AbstractSymmetricAsymmetricBinding;
import org.swssf.policy.Assertable;
+import org.swssf.wss.ext.WSSUtils;
import org.swssf.wss.securityEvent.*;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import javax.xml.namespace.QName;
-import java.util.ArrayList;
import java.util.List;
/**
@@ -35,9 +37,6 @@ import java.util.List;
public class ProtectionOrderAssertionState extends AssertionState implements Assertable {
- private List<List<QName>> signedElements = new ArrayList<List<QName>>();
- private List<List<QName>> encryptedElements = new ArrayList<List<QName>>();
-
public ProtectionOrderAssertionState(AbstractSecurityAssertion assertion, boolean asserted) {
super(assertion, asserted);
}
@@ -55,65 +54,77 @@ public class ProtectionOrderAssertionSta
@Override
public boolean assertEvent(SecurityEvent securityEvent) throws WSSPolicyException {
- // AbstractSymmetricAsymmetricBinding.ProtectionOrder protectionOrder = ((AbstractSymmetricAsymmetricBinding) getAssertion()).getProtectionOrder();
- setAsserted(true);
+ AbstractSymmetricAsymmetricBinding.ProtectionOrder protectionOrder = ((AbstractSymmetricAsymmetricBinding) getAssertion()).getProtectionOrder();
switch (securityEvent.getSecurityEventType()) {
- case SignedElement:
+ case SignedElement: {
SignedElementSecurityEvent signedElementSecurityEvent = (SignedElementSecurityEvent) securityEvent;
if (!signedElementSecurityEvent.isSigned()) {
return true;
}
- if (!encryptedElements.contains(signedElementSecurityEvent.getElementPath())) {
- signedElements.add(signedElementSecurityEvent.getElementPath());
- } else {
-
- }
+ List<XMLSecurityConstants.ContentType> contentTypes = signedElementSecurityEvent.getProtectionOrder();
+ testProtectionOrder(protectionOrder, contentTypes, signedElementSecurityEvent.getElementPath());
break;
- case SignedPart:
+ }
+ case SignedPart: {
SignedPartSecurityEvent signedPartSecurityEvent = (SignedPartSecurityEvent) securityEvent;
if (!signedPartSecurityEvent.isSigned()) {
return true;
}
+ List<XMLSecurityConstants.ContentType> contentTypes = signedPartSecurityEvent.getProtectionOrder();
+ testProtectionOrder(protectionOrder, contentTypes, signedPartSecurityEvent.getElementPath());
break;
- case EncryptedElement:
+ }
+ case EncryptedElement: {
EncryptedElementSecurityEvent encryptedElementSecurityEvent = (EncryptedElementSecurityEvent) securityEvent;
if (!encryptedElementSecurityEvent.isEncrypted()) {
return true;
}
+ List<XMLSecurityConstants.ContentType> contentTypes = encryptedElementSecurityEvent.getProtectionOrder();
+ testProtectionOrder(protectionOrder, contentTypes, encryptedElementSecurityEvent.getElementPath());
break;
- case EncryptedPart:
+ }
+ case EncryptedPart: {
EncryptedPartSecurityEvent encryptedPartSecurityEvent = (EncryptedPartSecurityEvent) securityEvent;
if (!encryptedPartSecurityEvent.isEncrypted()) {
return true;
}
+ List<XMLSecurityConstants.ContentType> contentTypes = encryptedPartSecurityEvent.getProtectionOrder();
+ testProtectionOrder(protectionOrder, contentTypes, encryptedPartSecurityEvent.getElementPath());
break;
- case ContentEncrypted:
+ }
+ case ContentEncrypted: {
ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = (ContentEncryptedElementSecurityEvent) securityEvent;
if (!contentEncryptedElementSecurityEvent.isEncrypted()) {
return true;
}
+ List<XMLSecurityConstants.ContentType> contentTypes = contentEncryptedElementSecurityEvent.getProtectionOrder();
+ testProtectionOrder(protectionOrder, contentTypes, contentEncryptedElementSecurityEvent.getElementPath());
break;
+ }
}
+ return isAsserted();
+ }
-
-/*
- if (firstEvent) {
- firstEvent = false;
- //we have to invert the logic. When SignBeforeEncrypt is set then the Encryption token appears as first
- //in contrary if EncryptBeforeSign is set then the SignatureToken appears as first. So...:
- if (protectionOrder.equals(AbstractSymmetricAsymmetricBinding.ProtectionOrder.SignBeforeEncrypting)
- && (tokenSecurityEvent.getTokenUsage() == TokenSecurityEvent.TokenUsage.Signature ||
- tokenSecurityEvent.getTokenUsage() == TokenSecurityEvent.TokenUsage.MainSignature)) {
- //setAsserted(false);
- setErrorMessage("ProtectionOrder is " + AbstractSymmetricAsymmetricBinding.ProtectionOrder.SignBeforeEncrypting + " but we got " + tokenSecurityEvent.getTokenUsage() + " first");
- } else if (protectionOrder.equals(AbstractSymmetricAsymmetricBinding.ProtectionOrder.EncryptBeforeSigning)
- && (tokenSecurityEvent.getTokenUsage() == TokenSecurityEvent.TokenUsage.Encryption ||
- tokenSecurityEvent.getTokenUsage() == TokenSecurityEvent.TokenUsage.MainEncryption)) {
- //setAsserted(false);
- setErrorMessage("ProtectionOrder is " + AbstractSymmetricAsymmetricBinding.ProtectionOrder.EncryptBeforeSigning + " but we got " + tokenSecurityEvent.getTokenUsage() + " first");
+ private void testProtectionOrder(AbstractSymmetricAsymmetricBinding.ProtectionOrder protectionOrder, List<XMLSecurityConstants.ContentType> contentTypes, List<QName> elementPath) {
+ switch (protectionOrder) {
+ case SignBeforeEncrypting: {
+ int lastSignature = contentTypes.lastIndexOf(XMLSecurityConstants.ContentType.SIGNATURE);
+ int firstEncryption = contentTypes.indexOf(XMLSecurityConstants.ContentType.ENCRYPTION);
+ if (firstEncryption >= 0 && firstEncryption < lastSignature) {
+ setAsserted(false);
+ setErrorMessage("Policy enforces " + protectionOrder + " but the " + WSSUtils.pathAsString(elementPath) + " was encrypted and then signed");
+ }
+ break;
+ }
+ case EncryptBeforeSigning: {
+ int lastEncytpion = contentTypes.lastIndexOf(XMLSecurityConstants.ContentType.ENCRYPTION);
+ int firstSignature = contentTypes.indexOf(XMLSecurityConstants.ContentType.SIGNATURE);
+ if (firstSignature >= 0 && firstSignature < lastEncytpion) {
+ setAsserted(false);
+ setErrorMessage("Policy enforces " + protectionOrder + " but the " + WSSUtils.pathAsString(elementPath) + " was encrypted and then signed");
+ }
+ break;
}
}
-*/
- return isAsserted();
}
}
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AsymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AsymmetricBindingTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AsymmetricBindingTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/AsymmetricBindingTest.java Fri Mar 2 16:33:09 2012
@@ -24,11 +24,13 @@ import org.swssf.wss.ext.WSSConstants;
import org.swssf.wss.ext.WSSecurityException;
import org.swssf.wss.securityEvent.*;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
import java.util.ArrayList;
+import java.util.LinkedList;
import java.util.List;
/**
@@ -43,7 +45,6 @@ public class AsymmetricBindingTest exten
"<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
"<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
"<sp:IncludeTimestamp/>\n" +
- "<sp:EncryptBeforeSigning/>\n" +
"<sp:EncryptSignature/>\n" +
"<sp:ProtectTokens/>\n" +
"<sp:OnlySignEntireHeadersAndBody/>\n" +
@@ -71,13 +72,16 @@ public class AsymmetricBindingTest exten
securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_dsig_Signature);
encryptedElementSecurityEvent.setElementPath(headerPath);
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
- encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_wsse11_SignatureConfirmation);
@@ -88,7 +92,7 @@ public class AsymmetricBindingTest exten
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
policyEnforcer.doFinal();
@@ -99,7 +103,6 @@ public class AsymmetricBindingTest exten
String policyString =
"<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
"<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
- "<sp:EncryptBeforeSigning/>\n" +
"<sp:EncryptSignature/>\n" +
"<sp:ProtectTokens/>\n" +
"<sp:OnlySignEntireHeadersAndBody/>\n" +
@@ -132,7 +135,6 @@ public class AsymmetricBindingTest exten
}
}
- /* todo:
@Test
public void testPolicyWrongProtectionOrder() throws Exception {
String policyString =
@@ -147,15 +149,18 @@ public class AsymmetricBindingTest exten
"</sp:AsymmetricBinding>";
PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent();
- x509TokenSecurityEvent.setSecurityToken(new X509SecurityToken(WSSConstants.X509V3Token, null, null, null, "1", null) {
- @Override
- protected String getAlias() throws XMLSecurityException {
- return null;
- }
- });
- x509TokenSecurityEvent.setTokenUsage(TokenSecurityEvent.TokenUsage.Encryption);
+ SecurityToken securityToken = getX509Token(WSSConstants.X509V3Token);
+ securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
+ x509TokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
+ signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
+
OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
operationSecurityEvent.setOperation(new QName("definitions"));
try {
@@ -165,7 +170,6 @@ public class AsymmetricBindingTest exten
Assert.assertTrue(e.getCause() instanceof PolicyViolationException);
}
}
- */
@Test
public void testPolicySignatureNotEncrypted() throws Exception {
@@ -173,7 +177,6 @@ public class AsymmetricBindingTest exten
"<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
"<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
"<sp:IncludeTimestamp/>\n" +
- "<sp:EncryptBeforeSigning/>\n" +
"<sp:EncryptSignature/>\n" +
"<sp:ProtectTokens/>\n" +
"<sp:OnlySignEntireHeadersAndBody/>\n" +
@@ -195,7 +198,10 @@ public class AsymmetricBindingTest exten
x509TokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, false, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, false, protectionOrder);
List<QName> headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_dsig_Signature);
@@ -218,7 +224,6 @@ public class AsymmetricBindingTest exten
"<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
"<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
"<sp:IncludeTimestamp/>\n" +
- "<sp:EncryptBeforeSigning/>\n" +
"<sp:EncryptSignature/>\n" +
"<sp:ProtectTokens/>\n" +
"<sp:OnlySignEntireHeadersAndBody/>\n" +
@@ -240,20 +245,24 @@ public class AsymmetricBindingTest exten
x509TokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
List<QName> headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_dsig_Signature);
encryptedElementSecurityEvent.setElementPath(headerPath);
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
- encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
headerPath.add(WSSConstants.TAG_wsse11_SignatureConfirmation);
encryptedElementSecurityEvent.setElementPath(headerPath);
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, false, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ContentEncryptedElementsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ContentEncryptedElementsTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ContentEncryptedElementsTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ContentEncryptedElementsTest.java Fri Mar 2 16:33:09 2012
@@ -24,11 +24,13 @@ import org.swssf.wss.ext.WSSConstants;
import org.swssf.wss.ext.WSSecurityException;
import org.swssf.wss.securityEvent.ContentEncryptedElementSecurityEvent;
import org.swssf.wss.securityEvent.OperationSecurityEvent;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
import java.util.ArrayList;
+import java.util.LinkedList;
import java.util.List;
/**
@@ -49,7 +51,10 @@ public class ContentEncryptedElementsTes
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(null, true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
@@ -76,10 +81,13 @@ public class ContentEncryptedElementsTes
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(null, true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
- contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(null, false, false);
+ contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(null, false, null);
List<QName> headerPath = new ArrayList<QName>();
headerPath.add(new QName("http://example.org", "a"));
contentEncryptedElementSecurityEvent.setElementPath(headerPath);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/EncryptedElementsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/EncryptedElementsTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/EncryptedElementsTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/EncryptedElementsTest.java Fri Mar 2 16:33:09 2012
@@ -24,11 +24,13 @@ import org.swssf.wss.ext.WSSConstants;
import org.swssf.wss.ext.WSSecurityException;
import org.swssf.wss.securityEvent.EncryptedElementSecurityEvent;
import org.swssf.wss.securityEvent.OperationSecurityEvent;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
import java.util.ArrayList;
+import java.util.LinkedList;
import java.util.List;
/**
@@ -49,7 +51,10 @@ public class EncryptedElementsTest exten
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
encryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
@@ -76,10 +81,13 @@ public class EncryptedElementsTest exten
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
encryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
- encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, false, false);
+ encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, false, null);
List<QName> headerPath = new ArrayList<QName>();
headerPath.add(new QName("http://example.org", "a"));
encryptedElementSecurityEvent.setElementPath(headerPath);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/EncryptedPartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/EncryptedPartsTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/EncryptedPartsTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/EncryptedPartsTest.java Fri Mar 2 16:33:09 2012
@@ -24,11 +24,13 @@ import org.swssf.wss.ext.WSSConstants;
import org.swssf.wss.ext.WSSecurityException;
import org.swssf.wss.securityEvent.EncryptedPartSecurityEvent;
import org.swssf.wss.securityEvent.OperationSecurityEvent;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
import java.util.ArrayList;
+import java.util.LinkedList;
import java.util.List;
/**
@@ -51,7 +53,10 @@ public class EncryptedPartsTest extends
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, protectionOrder);
encryptedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
@@ -82,10 +87,13 @@ public class EncryptedPartsTest extends
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, protectionOrder);
encryptedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
- encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, false, false);
+ encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, false, null);
List<QName> headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
headerPath.add(new QName("http://example.org", "a"));
@@ -109,7 +117,10 @@ public class EncryptedPartsTest extends
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, protectionOrder);
encryptedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
@@ -136,7 +147,7 @@ public class EncryptedPartsTest extends
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, false, false);
+ EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, false, null);
encryptedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
try {
policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
@@ -159,7 +170,10 @@ public class EncryptedPartsTest extends
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, protectionOrder);
encryptedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
@@ -190,10 +204,13 @@ public class EncryptedPartsTest extends
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, false);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, protectionOrder);
encryptedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
- encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, false, false);
+ encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, false, null);
List<QName> headerPath = new ArrayList<QName>();
headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
headerPath.add(new QName("http://example.org", "a"));
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/IssuedTokenTest.java Fri Mar 2 16:33:09 2012
@@ -26,9 +26,12 @@ import org.swssf.wss.securityEvent.Issue
import org.swssf.wss.securityEvent.OperationSecurityEvent;
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
/**
* @author $Author$
@@ -78,11 +81,14 @@ public class IssuedTokenTest extends Abs
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/KerberosTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/KerberosTokenTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/KerberosTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/KerberosTokenTest.java Fri Mar 2 16:33:09 2012
@@ -25,9 +25,12 @@ import org.swssf.wss.securityEvent.Kerbe
import org.swssf.wss.securityEvent.OperationSecurityEvent;
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
/**
* @author $Author$
@@ -77,11 +80,14 @@ public class KerberosTokenTest extends A
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/KeyValueTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/KeyValueTokenTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/KeyValueTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/KeyValueTokenTest.java Fri Mar 2 16:33:09 2012
@@ -25,9 +25,12 @@ import org.swssf.wss.securityEvent.KeyVa
import org.swssf.wss.securityEvent.OperationSecurityEvent;
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
/**
* @author $Author$
@@ -75,11 +78,14 @@ public class KeyValueTokenTest extends A
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/LayoutTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/LayoutTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/LayoutTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/LayoutTest.java Fri Mar 2 16:33:09 2012
@@ -24,11 +24,13 @@ import org.swssf.wss.ext.WSSConstants;
import org.swssf.wss.ext.WSSecurityException;
import org.swssf.wss.securityEvent.*;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
import java.util.ArrayList;
+import java.util.LinkedList;
import java.util.List;
/**
@@ -67,7 +69,10 @@ public class LayoutTest extends Abstract
x509TokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(x509TokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(x509TokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ProtectionOrderTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ProtectionOrderTest.java?rev=1296293&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ProtectionOrderTest.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ProtectionOrderTest.java Fri Mar 2 16:33:09 2012
@@ -0,0 +1,216 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.policy.test;
+
+import org.swssf.policy.PolicyEnforcer;
+import org.swssf.policy.PolicyViolationException;
+import org.swssf.wss.ext.WSSConstants;
+import org.swssf.wss.ext.WSSecurityException;
+import org.swssf.wss.securityEvent.*;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
+import org.testng.Assert;
+import org.testng.annotations.Test;
+
+import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class ProtectionOrderTest extends AbstractPolicyTestBase {
+
+ @Test
+ public void testPolicySignBeforeEncrypt() throws Exception {
+ String policyString =
+ "<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" +
+ " <wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
+ " </wsp:Policy>\n" +
+ "</sp:AsymmetricBinding>\n";
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+ OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
+ operationSecurityEvent.setOperation(new QName("definitions"));
+ policyEnforcer.registerSecurityEvent(operationSecurityEvent);
+
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
+ signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
+
+ SignedElementSecurityEvent signedElementSecurityEvent = new SignedElementSecurityEvent(null, true, protectionOrder);
+ signedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(signedElementSecurityEvent);
+
+ EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, protectionOrder);
+ encryptedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
+
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
+ encryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
+
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(null, true, protectionOrder);
+ contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
+
+ policyEnforcer.doFinal();
+ }
+
+ @Test
+ public void testPolicySignBeforeEncryptWithoutEncryption() throws Exception {
+ String policyString =
+ "<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" +
+ " <wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
+ " </wsp:Policy>\n" +
+ "</sp:AsymmetricBinding>\n";
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+ OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
+ operationSecurityEvent.setOperation(new QName("definitions"));
+ policyEnforcer.registerSecurityEvent(operationSecurityEvent);
+
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
+ signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
+ policyEnforcer.doFinal();
+ }
+
+ @Test
+ public void testPolicySignBeforeEncryptNegative() throws Exception {
+ String policyString =
+ "<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" +
+ " <wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
+ " </wsp:Policy>\n" +
+ "</sp:AsymmetricBinding>\n";
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+ OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
+ operationSecurityEvent.setOperation(new QName("definitions"));
+ policyEnforcer.registerSecurityEvent(operationSecurityEvent);
+
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
+ signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ try {
+ policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
+ Assert.fail("Exception expected");
+ } catch (WSSecurityException e) {
+ Assert.assertTrue(e.getCause() instanceof PolicyViolationException);
+ }
+ }
+
+ @Test
+ public void testPolicyEncryptBeforeSign() throws Exception {
+ String policyString =
+ "<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" +
+ " <wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
+ " <sp:EncryptBeforeSigning/>\n" +
+ " </wsp:Policy>\n" +
+ "</sp:AsymmetricBinding>\n";
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+ OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
+ operationSecurityEvent.setOperation(new QName("definitions"));
+ policyEnforcer.registerSecurityEvent(operationSecurityEvent);
+
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(null, true, protectionOrder);
+ signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
+
+ SignedElementSecurityEvent signedElementSecurityEvent = new SignedElementSecurityEvent(null, true, protectionOrder);
+ signedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(signedElementSecurityEvent);
+
+ EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, protectionOrder);
+ encryptedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
+
+ EncryptedElementSecurityEvent encryptedElementSecurityEvent = new EncryptedElementSecurityEvent(null, true, protectionOrder);
+ encryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(encryptedElementSecurityEvent);
+
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(null, true, protectionOrder);
+ contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
+
+ policyEnforcer.doFinal();
+ }
+
+ @Test
+ public void testPolicyEncryptBeforeSignWithoutSignature() throws Exception {
+ String policyString =
+ "<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" +
+ " <wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
+ " <sp:EncryptBeforeSigning/>\n" +
+ " </wsp:Policy>\n" +
+ "</sp:AsymmetricBinding>\n";
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+ OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
+ operationSecurityEvent.setOperation(new QName("definitions"));
+ policyEnforcer.registerSecurityEvent(operationSecurityEvent);
+
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, protectionOrder);
+ encryptedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
+ policyEnforcer.doFinal();
+ }
+
+ @Test
+ public void testPolicyEncryptBeforeSignNegative() throws Exception {
+ String policyString =
+ "<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" +
+ " <wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
+ " <sp:EncryptBeforeSigning/>\n" +
+ " </wsp:Policy>\n" +
+ "</sp:AsymmetricBinding>\n";
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+
+ OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
+ operationSecurityEvent.setOperation(new QName("definitions"));
+ policyEnforcer.registerSecurityEvent(operationSecurityEvent);
+
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ EncryptedPartSecurityEvent encryptedPartSecurityEvent = new EncryptedPartSecurityEvent(null, true, protectionOrder);
+ encryptedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
+ try {
+ policyEnforcer.registerSecurityEvent(encryptedPartSecurityEvent);
+ Assert.fail("Exception expected");
+ } catch (WSSecurityException e) {
+ Assert.assertTrue(e.getCause() instanceof PolicyViolationException);
+ }
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/ProtectionOrderTest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RelTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RelTokenTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RelTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/RelTokenTest.java Fri Mar 2 16:33:09 2012
@@ -25,9 +25,12 @@ import org.swssf.wss.securityEvent.Opera
import org.swssf.wss.securityEvent.RelTokenSecurityEvent;
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
/**
* @author $Author$
@@ -76,11 +79,14 @@ public class RelTokenTest extends Abstra
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SamlTokenTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SamlTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SamlTokenTest.java Fri Mar 2 16:33:09 2012
@@ -29,10 +29,13 @@ import org.swssf.wss.securityEvent.Opera
import org.swssf.wss.securityEvent.SamlTokenSecurityEvent;
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
/**
* @author $Author$
@@ -81,11 +84,14 @@ public class SamlTokenTest extends Abstr
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
@@ -137,11 +143,14 @@ public class SamlTokenTest extends Abstr
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SecureConversationTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SecureConversationTokenTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SecureConversationTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SecureConversationTokenTest.java Fri Mar 2 16:33:09 2012
@@ -27,10 +27,13 @@ import org.swssf.wss.securityEvent.Opera
import org.swssf.wss.securityEvent.SecureConversationTokenSecurityEvent;
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
/**
* @author $Author$
@@ -83,11 +86,14 @@ public class SecureConversationTokenTest
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
@@ -142,11 +148,14 @@ public class SecureConversationTokenTest
initiatorTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SecurityContextTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SecurityContextTokenTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SecurityContextTokenTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SecurityContextTokenTest.java Fri Mar 2 16:33:09 2012
@@ -28,10 +28,13 @@ import org.swssf.wss.securityEvent.Opera
import org.swssf.wss.securityEvent.SecurityContextTokenSecurityEvent;
import org.swssf.wss.securityEvent.SignedPartSecurityEvent;
import org.swssf.xmlsec.ext.SecurityToken;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
+import java.util.LinkedList;
+import java.util.List;
/**
* @author $Author$
@@ -85,11 +88,14 @@ public class SecurityContextTokenTest ex
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
@@ -145,11 +151,14 @@ public class SecurityContextTokenTest ex
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
- SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
- ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, true);
+ ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(recipientTokenSecurityEvent.getSecurityToken(), true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
Modified: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedElementsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedElementsTest.java?rev=1296293&r1=1296292&r2=1296293&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedElementsTest.java (original)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/policy/test/SignedElementsTest.java Fri Mar 2 16:33:09 2012
@@ -24,11 +24,13 @@ import org.swssf.wss.ext.WSSConstants;
import org.swssf.wss.ext.WSSecurityException;
import org.swssf.wss.securityEvent.OperationSecurityEvent;
import org.swssf.wss.securityEvent.SignedElementSecurityEvent;
+import org.swssf.xmlsec.ext.XMLSecurityConstants;
import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
import java.util.ArrayList;
+import java.util.LinkedList;
import java.util.List;
/**
@@ -49,7 +51,10 @@ public class SignedElementsTest extends
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedElementSecurityEvent signedElementSecurityEvent = new SignedElementSecurityEvent(null, true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedElementSecurityEvent signedElementSecurityEvent = new SignedElementSecurityEvent(null, true, protectionOrder);
signedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedElementSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
@@ -78,10 +83,13 @@ public class SignedElementsTest extends
operationSecurityEvent.setOperation(new QName("definitions"));
policyEnforcer.registerSecurityEvent(operationSecurityEvent);
- SignedElementSecurityEvent signedElementSecurityEvent = new SignedElementSecurityEvent(null, true);
+ List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
+ protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
+ protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
+ SignedElementSecurityEvent signedElementSecurityEvent = new SignedElementSecurityEvent(null, true, protectionOrder);
signedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(signedElementSecurityEvent);
- signedElementSecurityEvent = new SignedElementSecurityEvent(null, false);
+ signedElementSecurityEvent = new SignedElementSecurityEvent(null, false, null);
List<QName> headerPath = new ArrayList<QName>();
headerPath.add(new QName("http://example.org", "a"));
signedElementSecurityEvent.setElementPath(headerPath);