You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/03/10 19:03:27 UTC
svn commit: r1080300 - in /webservices/wss4j/trunk/src:
main/java/org/apache/ws/security/action/
main/java/org/apache/ws/security/components/crypto/
main/java/org/apache/ws/security/handler/
main/java/org/apache/ws/security/saml/ main/resources/org/apa...
Author: coheigea
Date: Thu Mar 10 18:03:24 2011
New Revision: 1080300
URL: http://svn.apache.org/viewvc?rev=1080300&view=rev
Log:
Changes to the way Crypto instances are loaded and exception propagation.
Added:
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/CustomSamlAssertionValidator.java
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/action/SAMLTokenSignedAction.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/components/crypto/CryptoFactory.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/handler/WSHandler.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerFactory.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerImpl.java
webservices/wss4j/trunk/src/main/resources/org/apache/ws/security/components/crypto/errors.properties
webservices/wss4j/trunk/src/main/resources/org/apache/ws/security/errors.properties
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/components/crypto/CryptoProviderTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/components/crypto/CryptoTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/CustomActionProcessorTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/SignatureConfirmationTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/DerivedKeyTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/ModifiedRequestTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/NoSoapPrefixSignatureTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SKISignatureTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/STRSignatureTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SecurityContextTokenTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureCertTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureEncryptionTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureKeyValueTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignaturePartsTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SymmetricSignatureTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTDerivedKeyTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTSignatureTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BSTKerberosTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BinarySecurityTokenTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/misc/FaultCodeTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/EncryptedKeyDataRefTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/ReferenceListDataRefTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenHOKTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenSVTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/action/SAMLTokenSignedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/action/SAMLTokenSignedAction.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/action/SAMLTokenSignedAction.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/action/SAMLTokenSignedAction.java Thu Mar 10 18:03:24 2011
@@ -107,8 +107,10 @@ public class SAMLTokenSignedAction imple
}
}
- protected SAMLIssuer loadSamlIssuer(WSHandler handler,
- RequestData reqData) {
+ protected SAMLIssuer loadSamlIssuer(
+ WSHandler handler,
+ RequestData reqData
+ ) throws WSSecurityException {
String samlPropFile =
handler.getString(WSHandlerConstants.SAML_PROP_FILE,
reqData.getMsgContext());
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/components/crypto/CryptoFactory.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/components/crypto/CryptoFactory.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/components/crypto/CryptoFactory.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/components/crypto/CryptoFactory.java Thu Mar 10 18:03:24 2011
@@ -21,8 +21,10 @@ package org.apache.ws.security.component
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.util.Loader;
+import java.io.IOException;
import java.lang.reflect.Constructor;
import java.net.URL;
import java.util.Map;
@@ -36,7 +38,8 @@ import java.util.Properties;
*/
public abstract class CryptoFactory {
private static final Log log = LogFactory.getLog(CryptoFactory.class);
- private static final String defaultCryptoClassName = "org.apache.ws.security.components.crypto.Merlin";
+ private static final Class<?> defaultCryptoClass =
+ org.apache.ws.security.components.crypto.Merlin.class;
/**
* getInstance
@@ -52,8 +55,9 @@ public abstract class CryptoFactory {
* <p/>
*
* @return The crypto implementation was defined
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- public static Crypto getInstance() {
+ public static Crypto getInstance() throws WSSecurityException {
return getInstance("crypto.properties");
}
@@ -69,10 +73,10 @@ public abstract class CryptoFactory {
* and the Crypto impl class name.
* These properties are dependent on the crypto implementation
* @return The cyrpto implementation or null if no cryptoClassName was defined
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- public static Crypto getInstance(Properties properties) {
- String cryptoClassName = properties.getProperty("org.apache.ws.security.crypto.provider");
- return loadClass(cryptoClassName, properties);
+ public static Crypto getInstance(Properties properties) throws WSSecurityException {
+ return getInstance(properties, Loader.getClassLoader(CryptoFactory.class));
}
/**
@@ -89,10 +93,29 @@ public abstract class CryptoFactory {
* These properties are dependent on the crypto implementation
* @param classLoader The class loader to use
* @return The crypto implementation or null if no cryptoClassName was defined
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- public static Crypto getInstance(Properties properties, ClassLoader classLoader) {
+ public static Crypto getInstance(
+ Properties properties,
+ ClassLoader classLoader
+ ) throws WSSecurityException {
String cryptoClassName = properties.getProperty("org.apache.ws.security.crypto.provider");
- return loadClass(cryptoClassName, properties, classLoader);
+ Class<?> cryptoClass = null;
+ if (cryptoClassName == null
+ || cryptoClassName.equals("org.apache.ws.security.components.crypto.Merlin")) {
+ cryptoClass = defaultCryptoClass;
+ } else {
+ try {
+ // instruct the class loader to load the crypto implementation
+ cryptoClass = Loader.loadClass(cryptoClassName);
+ } catch (ClassNotFoundException ex) {
+ if (log.isDebugEnabled()) {
+ log.debug(ex.getMessage(), ex);
+ }
+ throw new WSSecurityException(cryptoClassName + " Not Found", ex);
+ }
+ }
+ return loadClass(cryptoClass, properties, classLoader);
}
/**
@@ -103,16 +126,20 @@ public abstract class CryptoFactory {
* Crypto implementation how the initialization is done in this case.
* <p/>
*
- * @param cryptoClassName This is the crypto implementation class. No default is
+ * @param cryptoClass This is the crypto implementation class. No default is
* provided here.
* @param map The Maps that is forwarded to the crypto implementation.
* These contents of the map are dependent on the
* underlying crypto implementation specified in the
* cryptoClassName parameter.
* @return The crypto implementation or null if no cryptoClassName was defined
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- public static Crypto getInstance(String cryptoClassName, Map map) {
- return loadClass(cryptoClassName, map);
+ public static Crypto getInstance(
+ Class<?> cryptoClass,
+ Map<Object, Object> map
+ ) throws WSSecurityException {
+ return loadClass(cryptoClass, map, Loader.getClassLoader(CryptoFactory.class));
}
/**
@@ -129,121 +156,106 @@ public abstract class CryptoFactory {
*
* @param propFilename The name of the property file to load
* @return The crypto implementation that was defined
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- public static Crypto getInstance(String propFilename) {
- Properties properties = null;
- String cryptoClassName = null;
-
- // cryptoClassName = System.getProperty("org.apache.ws.security.crypto.provider");
- if ((cryptoClassName == null) || (cryptoClassName.length() == 0)) {
- properties = getProperties(propFilename);
- // use the default Crypto implementation
- cryptoClassName = properties.getProperty("org.apache.ws.security.crypto.provider",
- defaultCryptoClassName);
- }
- return loadClass(cryptoClassName, properties);
+ public static Crypto getInstance(String propFilename) throws WSSecurityException {
+ return getInstance(propFilename, Loader.getClassLoader(CryptoFactory.class));
}
- public static Crypto getInstance(String propFilename, ClassLoader customClassLoader) {
- Properties properties = null;
- String cryptoClassName = null;
-
- // cryptoClassName = System.getProperty("org.apache.ws.security.crypto.provider");
- if ((cryptoClassName == null) || (cryptoClassName.length() == 0)) {
- properties = getProperties(propFilename,customClassLoader);
- // use the default Crypto implementation
- cryptoClassName = properties.getProperty("org.apache.ws.security.crypto.provider",
- defaultCryptoClassName);
- }
- return loadClass(cryptoClassName, properties, customClassLoader);
- }
-
- private static Crypto loadClass(String cryptoClassName, Map map) {
- return loadClass(cryptoClassName, map, Loader.getClassLoader(CryptoFactory.class));
+ public static Crypto getInstance(
+ String propFilename,
+ ClassLoader customClassLoader
+ ) throws WSSecurityException {
+ Properties properties = getProperties(propFilename, customClassLoader);
+ return getInstance(properties, customClassLoader);
}
/**
* This allows loading the classes with a custom class loader
- * @param cryptoClassName
+ * @param cryptoClass
* @param properties
* @param loader
* @return
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- private static Crypto loadClass(String cryptoClassName, Map map, ClassLoader loader) {
- Class<?> cryptogenClass = null;
- Crypto crypto = null;
-
- if (cryptoClassName != null) {
- cryptoClassName = cryptoClassName.trim();
- }
- try {
- // instruct the class loader to load the crypto implementation
- cryptogenClass = Loader.loadClass(loader, cryptoClassName);
- } catch (ClassNotFoundException e) {
- throw new RuntimeException(cryptoClassName + " Not Found");
+ private static Crypto loadClass(
+ Class<?> cryptoClass,
+ Map<Object, Object> map,
+ ClassLoader loader
+ ) throws WSSecurityException {
+ if (log.isDebugEnabled()) {
+ log.debug("Using Crypto Engine [" + cryptoClass + "]");
}
- log.debug("Using Crypto Engine [" + cryptoClassName + "]");
try {
- Class<?>[] classes = null;
- //
- // for backwards compat
- //
- if (map instanceof Properties) {
- classes = new Class[]{Properties.class, ClassLoader.class};
- } else {
- classes = new Class[]{Map.class, ClassLoader.class};
- }
- Constructor<?> c = cryptogenClass.getConstructor(classes);
- crypto = (Crypto) c.newInstance(new Object[] {map, loader});
- return crypto;
+ Class<?>[] classes = new Class[]{Map.class, ClassLoader.class};
+ Constructor<?> c = cryptoClass.getConstructor(classes);
+ return (Crypto) c.newInstance(new Object[] {map, loader});
} catch (java.lang.Exception e) {
if (log.isDebugEnabled()) {
- log.debug("Unable to instantiate (1): " + cryptoClassName, e);
- }
- try {
- // try to instantiate the Crypto subclass
- crypto = (Crypto) cryptogenClass.newInstance();
- return crypto;
- } catch (java.lang.Exception e2) {
- if (log.isDebugEnabled()) {
- log.debug("Unable to instantiate (2): " + cryptoClassName, e2);
- }
- throw new RuntimeException(cryptoClassName + " cannot create instance", e);
+ log.debug("Unable to instantiate: " + cryptoClass.getName(), e);
}
+ throw new WSSecurityException(cryptoClass + " cannot create instance", e);
}
}
/**
- * Gets the properties for crypto.
- * The functions loads the property file via
- * {@link Loader.getResource(String)}, thus the property file
- * should be accessible via the classpath
- *
- * @param propFilename the properties file to load
- * @return a <code>Properties</code> object loaded from the filename
+ * This allows loading the classes with a custom class loader
+ * @param cryptoClass
+ * @param properties
+ * @param loader
+ * @return
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- private static Properties getProperties(String propFilename) {
- return getProperties(propFilename, Loader.getClassLoader(CryptoFactory.class));
+ private static Crypto loadClass(
+ Class<?> cryptoClass,
+ Properties map,
+ ClassLoader loader
+ ) throws WSSecurityException {
+ if (log.isDebugEnabled()) {
+ log.debug("Using Crypto Engine [" + cryptoClass + "]");
+ }
+ try {
+ Class<?>[] classes = new Class[]{Properties.class, ClassLoader.class};
+ Constructor<?> c = cryptoClass.getConstructor(classes);
+ return (Crypto) c.newInstance(new Object[] {map, loader});
+ } catch (java.lang.Exception e) {
+ if (log.isDebugEnabled()) {
+ log.debug("Unable to instantiate: " + cryptoClass.getName(), e);
+ }
+ throw new WSSecurityException(cryptoClass + " cannot create instance", e);
+ }
}
-
/**
* This allows loading the resources with a custom class loader
* @param propFilename
* @param loader
* @return
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- private static Properties getProperties(String propFilename, ClassLoader loader) {
+ private static Properties getProperties(
+ String propFilename,
+ ClassLoader loader
+ ) throws WSSecurityException {
Properties properties = new Properties();
try {
URL url = Loader.getResource(loader, propFilename);
+ if (url == null) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "resourceNotFound",
+ new Object[]{propFilename}
+ );
+ }
properties.load(url.openStream());
- } catch (Exception e) {
+ } catch (IOException e) {
if (log.isDebugEnabled()) {
- log.debug("Cannot find crypto property file: " + propFilename, e);
+ log.debug("Cannot find resource: " + propFilename, e);
}
- throw new RuntimeException(
- "CryptoFactory: Cannot load properties: " + propFilename, e
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "resourceNotFound",
+ new Object[]{propFilename}
);
}
return properties;
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/handler/WSHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/handler/WSHandler.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/handler/WSHandler.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/handler/WSHandler.java Thu Mar 10 18:03:24 2011
@@ -466,7 +466,10 @@ public abstract class WSHandler {
* @param reqData The RequestData object
* @return A Crypto instance that has been loaded
*/
- protected Crypto loadCryptoFromPropertiesFile(String propFilename, RequestData reqData) {
+ protected Crypto loadCryptoFromPropertiesFile(
+ String propFilename,
+ RequestData reqData
+ ) throws WSSecurityException {
return
CryptoFactory.getInstance(
propFilename, this.getClassLoader(reqData.getMsgContext())
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerFactory.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerFactory.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerFactory.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerFactory.java Thu Mar 10 18:03:24 2011
@@ -21,8 +21,10 @@ package org.apache.ws.security.saml;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.util.Loader;
+import java.io.IOException;
import java.lang.reflect.Constructor;
import java.net.URL;
import java.util.Properties;
@@ -35,9 +37,7 @@ import java.util.Properties;
*/
public abstract class SAMLIssuerFactory {
private static final Log log = LogFactory.getLog(SAMLIssuerFactory.class);
- private static final boolean doDebug = log.isDebugEnabled();
- private static final String defaultSAMLClassName =
- "org.apache.ws.security.saml.SAMLIssuerImpl";
+ private static final Class<?> defaultSAMLClass = org.apache.ws.security.saml.SAMLIssuerImpl.class;
/**
* getInstance
@@ -53,8 +53,9 @@ public abstract class SAMLIssuerFactory
* <p/>
*
* @return The SAMLIssuer implementation was defined
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- public static SAMLIssuer getInstance() {
+ public static SAMLIssuer getInstance() throws WSSecurityException {
return getInstance("saml.properties");
}
@@ -62,24 +63,28 @@ public abstract class SAMLIssuerFactory
* getInstance
* <p/>
* Returns an instance of SAMLIssuer. The properties are handed over the the SAMLIssuer
- * implementation. The porperties can be <code>null</code>. It is depenend on the
+ * implementation. The properties can be <code>null</code>. It is dependent on the
* SAMLIssuer implementation how the initialization is done in this case.
* <p/>
*
- * @param samlClassName This is the SAMLIssuer implementation class. No default is
+ * @param samlClass This is the SAMLIssuer implementation class. No default is
* provided here.
- * @param properties The Properties that are forwarded to the SAMLIssuer implementaion.
- * These properties are dependend on the SAMLIssuer implementatin
+ * @param properties The Properties that are forwarded to the SAMLIssuer implementation.
+ * These properties are dependent on the SAMLIssuer implementation
* @return The SAMLIssuer implementation or null if no samlClassName was defined
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- public static SAMLIssuer getInstance(String samlClassName, Properties properties) {
- return loadClass(samlClassName, properties);
+ public static SAMLIssuer getInstance(
+ Class<?> samlClass,
+ Properties properties
+ ) throws WSSecurityException {
+ return loadClass(samlClass, properties);
}
/**
* getInstance
* <p/>
- * Returns an instance of SAMLIssuer. This method uses the specifed filename
+ * Returns an instance of SAMLIssuer. This method uses the specified filename
* to load a property file. This file shall use the property
* <code>org.apache.ws.security.saml.issuerClass</code>
* to define the classname of the SAMLIssuer implementation. The file
@@ -90,34 +95,39 @@ public abstract class SAMLIssuerFactory
*
* @param propFilename The name of the property file to load
* @return The SAMLIssuer implementation that was defined
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- public static SAMLIssuer getInstance(String propFilename) {
- Properties properties = null;
- String samlClassName = null;
-
- if ((samlClassName == null) || (samlClassName.length() == 0)) {
- properties = getProperties(propFilename);
- samlClassName =
- properties.getProperty(
- "org.apache.ws.security.saml.issuerClass", defaultSAMLClassName
- );
+ public static SAMLIssuer getInstance(String propFilename) throws WSSecurityException {
+ Properties properties = getProperties(propFilename);
+ String samlClassName =
+ properties.getProperty("org.apache.ws.security.saml.issuerClass");
+ Class<?> samlIssuerClass = null;
+ if (samlClassName == null
+ || samlClassName.equals("org.apache.ws.security.saml.SAMLIssuerImpl")) {
+ samlIssuerClass = defaultSAMLClass;
+ } else {
+ try {
+ // instruct the class loader to load the crypto implementation
+ samlIssuerClass = Loader.loadClass(samlClassName);
+ } catch (ClassNotFoundException ex) {
+ if (log.isDebugEnabled()) {
+ log.debug(ex.getMessage(), ex);
+ }
+ throw new WSSecurityException(samlClassName + " Not Found", ex);
+ }
}
- return loadClass(samlClassName, properties);
+
+ return loadClass(samlIssuerClass, properties);
}
- private static SAMLIssuer loadClass(String samlClassName, Properties properties) {
- Class<?> samlIssuerClass = null;
+ private static SAMLIssuer loadClass(
+ Class<?> samlIssuerClass,
+ Properties properties
+ ) throws WSSecurityException {
SAMLIssuer samlIssuer = null;
- try {
- // instruct the class loader to load the crypto implementation
- samlIssuerClass = Loader.loadClass(samlClassName);
- } catch (ClassNotFoundException ex) {
- if (log.isDebugEnabled()) {
- log.debug(ex.getMessage(), ex);
- }
- throw new RuntimeException(samlClassName + " Not Found", ex);
+ if (log.isDebugEnabled()) {
+ log.debug("Using Crypto Engine [" + samlIssuerClass + "]");
}
- log.info("Using Crypto Engine [" + samlClassName + "]");
try {
Class<?>[] classes = new Class<?>[]{Properties.class};
Constructor<?> c = samlIssuerClass.getConstructor(classes);
@@ -127,16 +137,7 @@ public abstract class SAMLIssuerFactory
if (log.isDebugEnabled()) {
log.debug(ex.getMessage(), ex);
}
- }
- try {
- // try to instantiate the Crypto subclass
- samlIssuer = (SAMLIssuer) samlIssuerClass.newInstance();
- return samlIssuer;
- } catch (java.lang.Exception ex) {
- if (log.isDebugEnabled()) {
- log.debug(ex.getMessage(), ex);
- }
- throw new RuntimeException(samlClassName + " cannot create instance", ex);
+ throw new WSSecurityException(samlIssuerClass.getName() + " cannot create instance", ex);
}
}
@@ -148,18 +149,28 @@ public abstract class SAMLIssuerFactory
*
* @param propFilename the properties file to load
* @return a <code>Properties</code> object loaded from the filename
+ * @throws WSSecurityException if there is an error in loading the crypto properties
*/
- private static Properties getProperties(String propFilename) {
+ private static Properties getProperties(String propFilename) throws WSSecurityException {
Properties properties = new Properties();
try {
URL url = Loader.getResource(propFilename);
+ if (url == null) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "resourceNotFound",
+ new Object[]{propFilename}
+ );
+ }
properties.load(url.openStream());
- } catch (Exception e) {
- if (doDebug) {
- log.debug("Cannot find SAML property file: " + propFilename, e);
+ } catch (IOException e) {
+ if (log.isDebugEnabled()) {
+ log.debug("Cannot find resource: " + propFilename, e);
}
- throw new RuntimeException(
- "SAMLIssuerFactory: Cannot load properties: " + propFilename, e
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "resourceNotFound",
+ new Object[]{propFilename}
);
}
return properties;
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerImpl.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerImpl.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerImpl.java Thu Mar 10 18:03:24 2011
@@ -81,7 +81,7 @@ public class SAMLIssuerImpl implements S
public SAMLIssuerImpl() {
}
- public SAMLIssuerImpl(Properties prop) {
+ public SAMLIssuerImpl(Properties prop) throws WSSecurityException {
/*
* if no properties .. just return an instance, the rest will be done
* later or this instance is just used to handle certificate
Modified: webservices/wss4j/trunk/src/main/resources/org/apache/ws/security/components/crypto/errors.properties
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/resources/org/apache/ws/security/components/crypto/errors.properties?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/resources/org/apache/ws/security/components/crypto/errors.properties (original)
+++ webservices/wss4j/trunk/src/main/resources/org/apache/ws/security/components/crypto/errors.properties Thu Mar 10 18:03:24 2011
@@ -17,4 +17,4 @@ noKey00 = No private key loaded
noSKIHandling = Problem with SKI information: {0}
badBase64Data = Unable to decode Base64 encoded data
badEncoding = Problem with Encoding: {0}
-noSHA1availabe = Crypto provider does not suppor1 SHA-1 digest
+noSHA1availabe = Crypto provider does not support SHA-1 digest
Modified: webservices/wss4j/trunk/src/main/resources/org/apache/ws/security/errors.properties
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/resources/org/apache/ws/security/errors.properties?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/resources/org/apache/ws/security/errors.properties (original)
+++ webservices/wss4j/trunk/src/main/resources/org/apache/ws/security/errors.properties Thu Mar 10 18:03:24 2011
@@ -90,6 +90,7 @@ decoding.general = Error while decoding
unknownAction=Unknown Action {0}
unableToLoadClass=Unable to load class {0}
+resourceNotFound = Cannot load the resource {0}
requiredElementNoID=Element {0} does not have a wsu:Id attribute
noSignResult=No SIGN result in WSS4J result vector
Added: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/CustomSamlAssertionValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/CustomSamlAssertionValidator.java?rev=1080300&view=auto
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/CustomSamlAssertionValidator.java (added)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/CustomSamlAssertionValidator.java Thu Mar 10 18:03:24 2011
@@ -0,0 +1,85 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ws.security.common;
+
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.handler.RequestData;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
+import org.apache.ws.security.validate.Credential;
+import org.apache.ws.security.validate.SamlAssertionValidator;
+
+public class CustomSamlAssertionValidator extends SamlAssertionValidator {
+
+ @Override
+ public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
+ Credential returnedCredential = super.validate(credential, data);
+
+ //
+ // Do some custom validation on the assertion
+ //
+ AssertionWrapper assertion = credential.getAssertion();
+ if (!"www.example.com".equals(assertion.getIssuerString())) {
+ throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
+ }
+ if (assertion.getSaml1() != null) {
+ // Get the SAML subject and validate it
+ org.opensaml.saml1.core.Assertion saml1Assertion = assertion.getSaml1();
+ org.opensaml.saml1.core.Subject samlSubject = null;
+ for (org.opensaml.saml1.core.Statement stmt : saml1Assertion.getStatements()) {
+ if (stmt instanceof org.opensaml.saml1.core.AttributeStatement) {
+ org.opensaml.saml1.core.AttributeStatement attrStmt =
+ (org.opensaml.saml1.core.AttributeStatement) stmt;
+ samlSubject = attrStmt.getSubject();
+ break;
+ } else if (stmt instanceof org.opensaml.saml1.core.AuthenticationStatement) {
+ org.opensaml.saml1.core.AuthenticationStatement authStmt =
+ (org.opensaml.saml1.core.AuthenticationStatement) stmt;
+ samlSubject = authStmt.getSubject();
+ break;
+ } else {
+ org.opensaml.saml1.core.AuthorizationDecisionStatement authzStmt =
+ (org.opensaml.saml1.core.AuthorizationDecisionStatement)stmt;
+ samlSubject = authzStmt.getSubject();
+ }
+ }
+
+ if (samlSubject == null) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE, "invalidSAMLToken",
+ new Object[] {"for Signature (no Subject)"}
+ );
+ }
+ String nameIdentifier = samlSubject.getNameIdentifier().getNameIdentifier();
+ if (nameIdentifier == null || !nameIdentifier.contains("uid=joe")) {
+ throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
+ }
+ } else {
+ org.opensaml.saml2.core.Assertion saml2Assertion = assertion.getSaml2();
+ org.opensaml.saml2.core.Subject subject = saml2Assertion.getSubject();
+ String nameIdentifier = subject.getNameID().getValue();
+ if (nameIdentifier == null || !nameIdentifier.contains("uid=joe")) {
+ throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
+ }
+ }
+
+ return returnedCredential;
+ }
+
+}
\ No newline at end of file
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/components/crypto/CryptoProviderTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/components/crypto/CryptoProviderTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/components/crypto/CryptoProviderTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/components/crypto/CryptoProviderTest.java Thu Mar 10 18:03:24 2011
@@ -53,7 +53,7 @@ public class CryptoProviderTest extends
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
private Crypto crypto;
- public CryptoProviderTest() {
+ public CryptoProviderTest() throws Exception {
secEngine.getWssConfig(); //make sure BC gets registered
crypto = CryptoFactory.getInstance("wss86.properties");
}
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/components/crypto/CryptoTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/components/crypto/CryptoTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/components/crypto/CryptoTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/components/crypto/CryptoTest.java Thu Mar 10 18:03:24 2011
@@ -35,7 +35,7 @@ import org.w3c.dom.Document;
public class CryptoTest extends org.junit.Assert {
@org.junit.Test
- public void testCrypto() {
+ public void testCrypto() throws Exception {
Crypto crypto = CryptoFactory.getInstance();
assertTrue(crypto != null);
}
@@ -51,10 +51,10 @@ public class CryptoTest extends org.juni
* Ensure that we can load a custom crypto implementation using a Map
*/
@org.junit.Test
- public void testCustomCrypto() {
- java.util.Map<String, Object> tmp = new java.util.TreeMap<String, Object>();
+ public void testCustomCrypto() throws Exception {
+ java.util.Map<Object, Object> tmp = new java.util.TreeMap<Object, Object>();
Crypto crypto = CryptoFactory.getInstance(
- "org.apache.ws.security.common.CustomCrypto",
+ org.apache.ws.security.common.CustomCrypto.class,
tmp
);
assertNotNull(crypto);
@@ -68,7 +68,7 @@ public class CryptoTest extends org.juni
* to be set and point to an existing file"
*/
@org.junit.Test
- public void testNoKeyStoreFile() {
+ public void testNoKeyStoreFile() throws Exception {
Crypto crypto = CryptoFactory.getInstance(
"nofile.properties"
);
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/CustomActionProcessorTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/CustomActionProcessorTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/CustomActionProcessorTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/CustomActionProcessorTest.java Thu Mar 10 18:03:24 2011
@@ -46,7 +46,11 @@ import java.util.ArrayList;
*/
public class CustomActionProcessorTest extends org.junit.Assert {
private static final Log LOG = LogFactory.getLog(CustomActionProcessorTest.class);
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public CustomActionProcessorTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Test to see that a custom processor configured through a
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/SignatureConfirmationTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/SignatureConfirmationTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/SignatureConfirmationTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/SignatureConfirmationTest.java Thu Mar 10 18:03:24 2011
@@ -50,7 +50,11 @@ public class SignatureConfirmationTest e
private static final Log LOG = LogFactory.getLog(SignatureConfirmationTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public SignatureConfirmationTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Test to see that a signature is saved correctly on the outbound request.
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/DerivedKeyTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/DerivedKeyTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/DerivedKeyTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/DerivedKeyTest.java Thu Mar 10 18:03:24 2011
@@ -44,7 +44,11 @@ public class DerivedKeyTest extends org.
private static final Log LOG = LogFactory.getLog(DerivedKeyTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance("wss40.properties");
+ private Crypto crypto = null;
+
+ public DerivedKeyTest() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ }
/**
* Test encryption using a DerivedKeyToken using TRIPLEDES
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java Thu Mar 10 18:03:24 2011
@@ -70,7 +70,11 @@ public class EncryptionPartsTest extends
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public EncryptionPartsTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Test encrypting a custom SOAP header
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionTest.java Thu Mar 10 18:03:24 2011
@@ -63,11 +63,15 @@ public class EncryptionTest extends org.
);
private WSSecurityEngine secEngine = new WSSecurityEngine();
- private Crypto crypto = CryptoFactory.getInstance("wss40.properties");
private CallbackHandler keystoreCallbackHandler = new KeystoreCallbackHandler();
private SecretKeyCallbackHandler secretKeyCallbackHandler = new SecretKeyCallbackHandler();
private byte[] keyData;
private SecretKey key;
+ private Crypto crypto = null;
+
+ public EncryptionTest() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ }
/**
* Setup method
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/ModifiedRequestTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/ModifiedRequestTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/ModifiedRequestTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/ModifiedRequestTest.java Thu Mar 10 18:03:24 2011
@@ -57,7 +57,11 @@ public class ModifiedRequestTest extends
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public ModifiedRequestTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Test that signs a SOAP body element "value". The SOAP request is then modified
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/NoSoapPrefixSignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/NoSoapPrefixSignatureTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/NoSoapPrefixSignatureTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/NoSoapPrefixSignatureTest.java Thu Mar 10 18:03:24 2011
@@ -35,7 +35,11 @@ import org.w3c.dom.Document;
public class NoSoapPrefixSignatureTest extends org.junit.Assert {
private static final Log LOG = LogFactory.getLog(NoSoapPrefixSignatureTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public NoSoapPrefixSignatureTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Test signing a SOAP message that has no SOAP namespace prefix
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SKISignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SKISignatureTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SKISignatureTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SKISignatureTest.java Thu Mar 10 18:03:24 2011
@@ -37,7 +37,11 @@ import org.w3c.dom.Document;
public class SKISignatureTest extends org.junit.Assert {
private static final Log LOG = LogFactory.getLog(SKISignatureTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
- private Crypto crypto = CryptoFactory.getInstance("wss40.properties");
+ private Crypto crypto = null;
+
+ public SKISignatureTest() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ }
/**
* Test that signs and verifies a WS-Security envelope using SubjectKeyIdentifier.
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/STRSignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/STRSignatureTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/STRSignatureTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/STRSignatureTest.java Thu Mar 10 18:03:24 2011
@@ -43,7 +43,11 @@ import java.util.ArrayList;
public class STRSignatureTest extends org.junit.Assert {
private static final Log LOG = LogFactory.getLog(STRSignatureTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
- private Crypto crypto = CryptoFactory.getInstance("wss40.properties");
+ private Crypto crypto = null;
+
+ public STRSignatureTest() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ }
/**
* Test that signs and verifies a WS-Security envelope.
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SecurityContextTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SecurityContextTokenTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SecurityContextTokenTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SecurityContextTokenTest.java Thu Mar 10 18:03:24 2011
@@ -42,8 +42,11 @@ public class SecurityContextTokenTest ex
private static final Log LOG = LogFactory.getLog(SecurityContextTokenTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
private SecretKeyCallbackHandler callbackHandler = new SecretKeyCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance("wss40.properties");
-
+ private Crypto crypto = null;
+
+ public SecurityContextTokenTest() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ }
@org.junit.Test
public void testBuild() {
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureCertTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureCertTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureCertTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureCertTest.java Thu Mar 10 18:03:24 2011
@@ -70,8 +70,13 @@ import java.util.List;
public class SignatureCertTest extends org.junit.Assert {
private static final Log LOG = LogFactory.getLog(SignatureCertTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
- private Crypto crypto = CryptoFactory.getInstance("wss40.properties");
- private Crypto cryptoCA = CryptoFactory.getInstance("wss40CA.properties");
+ private Crypto crypto = null;
+ private Crypto cryptoCA = null;
+
+ public SignatureCertTest() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ cryptoCA = CryptoFactory.getInstance("wss40CA.properties");
+ }
/**
* Test signing a SOAP message using a BST.
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureEncryptionTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureEncryptionTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureEncryptionTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureEncryptionTest.java Thu Mar 10 18:03:24 2011
@@ -63,7 +63,6 @@ public class SignatureEncryptionTest ext
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance();
private static final byte[] key = {
(byte)0x31, (byte)0xfd,
@@ -79,6 +78,11 @@ public class SignatureEncryptionTest ext
(byte)0xc8, (byte)0x51,
(byte)0x34, (byte)0x04,
};
+ private Crypto crypto = null;
+
+ public SignatureEncryptionTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Test that encrypts and then signs a WS-Security envelope, then performs
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureKeyValueTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureKeyValueTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureKeyValueTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureKeyValueTest.java Thu Mar 10 18:03:24 2011
@@ -41,7 +41,11 @@ import java.util.List;
*/
public class SignatureKeyValueTest extends org.junit.Assert {
private static final Log LOG = LogFactory.getLog(SignatureKeyValueTest.class);
- private Crypto crypto = CryptoFactory.getInstance("wss40.properties");
+ private Crypto crypto = null;
+
+ public SignatureKeyValueTest() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ }
/**
* Successful RSAKeyValue test.
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignaturePartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignaturePartsTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignaturePartsTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignaturePartsTest.java Thu Mar 10 18:03:24 2011
@@ -77,7 +77,11 @@ public class SignaturePartsTest extends
"</soapenv:Envelope>";
private WSSecurityEngine secEngine = new WSSecurityEngine();
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public SignaturePartsTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Test signing a custom SOAP header
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureTest.java Thu Mar 10 18:03:24 2011
@@ -52,7 +52,11 @@ public class SignatureTest extends org.j
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public SignatureTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* The test uses the Issuer Serial key identifier type.
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SymmetricSignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SymmetricSignatureTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SymmetricSignatureTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SymmetricSignatureTest.java Thu Mar 10 18:03:24 2011
@@ -57,8 +57,12 @@ public class SymmetricSignatureTest exte
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
private SecretKeyCallbackHandler secretKeyCallbackHandler = new SecretKeyCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance();
private byte[] keyData;
+ private Crypto crypto = null;
+
+ public SymmetricSignatureTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Setup method
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTDerivedKeyTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTDerivedKeyTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTDerivedKeyTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTDerivedKeyTest.java Thu Mar 10 18:03:24 2011
@@ -52,7 +52,11 @@ public class UTDerivedKeyTest extends or
private static final Log LOG = LogFactory.getLog(UTDerivedKeyTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public UTDerivedKeyTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Unit test for the UsernameToken derived key functionality
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTSignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTSignatureTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTSignatureTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTSignatureTest.java Thu Mar 10 18:03:24 2011
@@ -52,7 +52,11 @@ public class UTSignatureTest extends org
private static final Log LOG = LogFactory.getLog(UTSignatureTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public UTSignatureTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Test using a UsernameToken derived key for signing a SOAP body
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BSTKerberosTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BSTKerberosTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BSTKerberosTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BSTKerberosTest.java Thu Mar 10 18:03:24 2011
@@ -56,7 +56,11 @@ public class BSTKerberosTest extends org
WSConstants.SOAPMESSAGE_NS + "#Base64Binary";
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public BSTKerberosTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* A unit test for creating BinarySecurityTokens
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BinarySecurityTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BinarySecurityTokenTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BinarySecurityTokenTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BinarySecurityTokenTest.java Thu Mar 10 18:03:24 2011
@@ -42,7 +42,11 @@ import java.util.List;
*/
public class BinarySecurityTokenTest extends org.junit.Assert {
private static final Log LOG = LogFactory.getLog(BinarySecurityTokenTest.class);
- private Crypto crypto = CryptoFactory.getInstance("wss40.properties");
+ private Crypto crypto = null;
+
+ public BinarySecurityTokenTest() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ }
/**
* A unit test for an X.509 BinarySecurityToken
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/misc/FaultCodeTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/misc/FaultCodeTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/misc/FaultCodeTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/misc/FaultCodeTest.java Thu Mar 10 18:03:24 2011
@@ -48,7 +48,11 @@ import java.io.IOException;
*/
public class FaultCodeTest extends org.junit.Assert implements CallbackHandler {
private WSSecurityEngine secEngine = new WSSecurityEngine();
- private Crypto crypto = CryptoFactory.getInstance();
+ private Crypto crypto = null;
+
+ public FaultCodeTest() throws Exception {
+ crypto = CryptoFactory.getInstance();
+ }
/**
* Test for the wsse:FailedCheck faultcode. This will fail due to a bad password in
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/EncryptedKeyDataRefTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/EncryptedKeyDataRefTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/EncryptedKeyDataRefTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/EncryptedKeyDataRefTest.java Thu Mar 10 18:03:24 2011
@@ -57,7 +57,11 @@ public class EncryptedKeyDataRefTest ext
private static final Log LOG = LogFactory.getLog(EncryptedKeyDataRefTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance("wss40.properties");
+ private Crypto crypto = null;
+
+ public EncryptedKeyDataRefTest() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ }
/**
* Test that check for correct WSDataRef object from EncryptedKey Processor
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/ReferenceListDataRefTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/ReferenceListDataRefTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/ReferenceListDataRefTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/ReferenceListDataRefTest.java Thu Mar 10 18:03:24 2011
@@ -57,7 +57,11 @@ public class ReferenceListDataRefTest ex
private static final Log LOG = LogFactory.getLog(ReferenceListDataRefTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance("wss40.properties");
+ private Crypto crypto = null;
+
+ public ReferenceListDataRefTest() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ }
/**
* Test that check for correct WSDataRef object from ReferenceList Processor
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenHOKTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenHOKTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenHOKTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenHOKTest.java Thu Mar 10 18:03:24 2011
@@ -49,7 +49,11 @@ import java.util.List;
public class SamlTokenHOKTest extends org.junit.Assert {
private static final Log LOG = LogFactory.getLog(SamlTokenHOKTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
- private Crypto crypto = CryptoFactory.getInstance("crypto.properties");
+ private Crypto crypto = null;
+
+ public SamlTokenHOKTest() throws Exception {
+ crypto = CryptoFactory.getInstance("crypto.properties");
+ }
/**
* Test that creates, sends and processes a signed SAML 1.1 authentication assertion.
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenSVTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenSVTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenSVTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenSVTest.java Thu Mar 10 18:03:24 2011
@@ -27,6 +27,7 @@ import org.apache.ws.security.WSDataRef;
import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.WSSecurityEngineResult;
+import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.common.CustomHandler;
import org.apache.ws.security.common.KeystoreCallbackHandler;
import org.apache.ws.security.common.SAML1CallbackHandler;
@@ -55,8 +56,12 @@ public class SamlTokenSVTest extends org
private static final Log LOG = LogFactory.getLog(SamlTokenSVTest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
- private Crypto crypto = CryptoFactory.getInstance("crypto.properties");
-
+ private Crypto crypto = null;
+
+ public SamlTokenSVTest() throws Exception {
+ crypto = CryptoFactory.getInstance("crypto.properties");
+ }
+
/**
* Test that creates, sends and processes a signed SAML 1.1 authentication assertion.
*/
@@ -442,7 +447,7 @@ public class SamlTokenSVTest extends org
try {
handler.receive(WSConstants.ST_SIGNED, reqData);
fail("Failure expected on a bad crypto properties file");
- } catch (RuntimeException ex) {
+ } catch (WSSecurityException ex) {
// expected
}
}
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java?rev=1080300&r1=1080299&r2=1080300&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java Thu Mar 10 18:03:24 2011
@@ -28,6 +28,7 @@ import org.apache.ws.security.WSSecurity
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.common.CustomHandler;
+import org.apache.ws.security.common.CustomSamlAssertionValidator;
import org.apache.ws.security.common.SAML1CallbackHandler;
import org.apache.ws.security.common.SAML2CallbackHandler;
import org.apache.ws.security.common.SOAPUtil;
@@ -37,8 +38,6 @@ import org.apache.ws.security.message.WS
import org.apache.ws.security.message.WSSecSAMLToken;
import org.apache.ws.security.saml.ext.AssertionWrapper;
import org.apache.ws.security.util.WSSecurityUtil;
-import org.apache.ws.security.validate.Credential;
-import org.apache.ws.security.validate.SamlAssertionValidator;
import org.w3c.dom.Document;
@@ -445,63 +444,4 @@ public class SamlTokenTest extends org.j
return results;
}
- public static class CustomSamlAssertionValidator extends SamlAssertionValidator {
-
- @Override
- public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
- Credential returnedCredential = super.validate(credential, data);
-
- //
- // Do some custom validation on the assertion
- //
- AssertionWrapper assertion = credential.getAssertion();
- if (!"www.example.com".equals(assertion.getIssuerString())) {
- throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
- }
- if (assertion.getSaml1() != null) {
- // Get the SAML subject and validate it
- org.opensaml.saml1.core.Assertion saml1Assertion = assertion.getSaml1();
- org.opensaml.saml1.core.Subject samlSubject = null;
- for (org.opensaml.saml1.core.Statement stmt : saml1Assertion.getStatements()) {
- if (stmt instanceof org.opensaml.saml1.core.AttributeStatement) {
- org.opensaml.saml1.core.AttributeStatement attrStmt =
- (org.opensaml.saml1.core.AttributeStatement) stmt;
- samlSubject = attrStmt.getSubject();
- break;
- } else if (stmt instanceof org.opensaml.saml1.core.AuthenticationStatement) {
- org.opensaml.saml1.core.AuthenticationStatement authStmt =
- (org.opensaml.saml1.core.AuthenticationStatement) stmt;
- samlSubject = authStmt.getSubject();
- break;
- } else {
- org.opensaml.saml1.core.AuthorizationDecisionStatement authzStmt =
- (org.opensaml.saml1.core.AuthorizationDecisionStatement)stmt;
- samlSubject = authzStmt.getSubject();
- }
- }
-
- if (samlSubject == null) {
- throw new WSSecurityException(
- WSSecurityException.FAILURE, "invalidSAMLToken",
- new Object[] {"for Signature (no Subject)"}
- );
- }
- String nameIdentifier = samlSubject.getNameIdentifier().getNameIdentifier();
- if (nameIdentifier == null || !nameIdentifier.contains("uid=joe")) {
- throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
- }
- } else {
- org.opensaml.saml2.core.Assertion saml2Assertion = assertion.getSaml2();
- org.opensaml.saml2.core.Subject subject = saml2Assertion.getSubject();
- String nameIdentifier = subject.getNameID().getValue();
- if (nameIdentifier == null || !nameIdentifier.contains("uid=joe")) {
- throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
- }
- }
-
- return returnedCredential;
- }
-
- }
-
}