You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/04/12 16:31:32 UTC
svn commit: r1467283 -
/cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/DOMToStaxRoundTripTest.java
Author: coheigea
Date: Fri Apr 12 14:31:32 2013
New Revision: 1467283
URL: http://svn.apache.org/r1467283
Log:
Check UsernameToken password type on inbound side
Modified:
cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/DOMToStaxRoundTripTest.java
Modified: cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/DOMToStaxRoundTripTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/DOMToStaxRoundTripTest.java?rev=1467283&r1=1467282&r2=1467283&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/DOMToStaxRoundTripTest.java (original)
+++ cxf/branches/wss4j2.0-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/DOMToStaxRoundTripTest.java Fri Apr 12 14:31:32 2013
@@ -50,6 +50,7 @@ public class DOMToStaxRoundTripTest exte
Service service = createService();
WSSSecurityProperties inProperties = new WSSSecurityProperties();
+ inProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT);
inProperties.setCallbackHandler(new TestPwdCallback());
WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
service.getInInterceptors().add(inhandler);
@@ -71,6 +72,22 @@ public class DOMToStaxRoundTripTest exte
client.getOutInterceptors().add(ohandler);
assertEquals("test", echo.echo("test"));
+
+ // Negative test for wrong password type
+ service.getInInterceptors().remove(inhandler);
+
+ inProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
+ inhandler = new WSS4JStaxInInterceptor(inProperties);
+ service.getInInterceptors().add(inhandler);
+
+ try {
+ echo.echo("test");
+ fail("Failure expected on the wrong password type");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ String error = "The security token could not be authenticated or authorized";
+ assertTrue(ex.getMessage().contains(error));
+ }
}
@Test
@@ -79,6 +96,7 @@ public class DOMToStaxRoundTripTest exte
Service service = createService();
WSSSecurityProperties inProperties = new WSSSecurityProperties();
+ inProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST);
inProperties.setCallbackHandler(new TestPwdCallback());
WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
service.getInInterceptors().add(inhandler);
@@ -100,6 +118,22 @@ public class DOMToStaxRoundTripTest exte
client.getOutInterceptors().add(ohandler);
assertEquals("test", echo.echo("test"));
+
+ // Negative test for wrong password type
+ service.getInInterceptors().remove(inhandler);
+
+ inProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT);
+ inhandler = new WSS4JStaxInInterceptor(inProperties);
+ service.getInInterceptors().add(inhandler);
+
+ try {
+ echo.echo("test");
+ fail("Failure expected on the wrong password type");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ String error = "The security token could not be authenticated or authorized";
+ assertTrue(ex.getMessage().contains(error));
+ }
}
@Test