You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2018/02/08 16:35:16 UTC
svn commit: r1823581 - in
/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom:
common/AbstractSAMLCallbackHandler.java common/SAML2CallbackHandler.java
saml/SamlTokenTest.java
Author: coheigea
Date: Thu Feb 8 16:35:15 2018
New Revision: 1823581
URL: http://svn.apache.org/viewvc?rev=1823581&view=rev
Log:
Adding a test for WSS-622
Modified:
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/AbstractSAMLCallbackHandler.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SAML2CallbackHandler.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java
Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/AbstractSAMLCallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/AbstractSAMLCallbackHandler.java?rev=1823581&r1=1823580&r2=1823581&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/AbstractSAMLCallbackHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/AbstractSAMLCallbackHandler.java Thu Feb 8 16:35:15 2018
@@ -30,6 +30,7 @@ import org.apache.wss4j.common.saml.bean
import org.apache.wss4j.common.saml.bean.ConditionsBean;
import org.apache.wss4j.common.saml.bean.KeyInfoBean;
import org.apache.wss4j.common.saml.bean.KeyInfoBean.CERT_IDENTIFIER;
+import org.apache.wss4j.common.saml.bean.NameIDBean;
import org.apache.wss4j.common.saml.bean.SubjectBean;
import org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean;
import org.apache.wss4j.common.saml.bean.SubjectLocalityBean;
@@ -80,6 +81,15 @@ public abstract class AbstractSAMLCallba
private String issuerPassword;
private Element assertionAdviceElement;
private Element keyInfoElement;
+ protected NameIDBean subjectConfirmationNameID;
+
+ public NameIDBean getSubjectConfirmationNameID() {
+ return subjectConfirmationNameID;
+ }
+
+ public void setSubjectConfirmationNameID(NameIDBean subjectConfirmationNameID) {
+ this.subjectConfirmationNameID = subjectConfirmationNameID;
+ }
public void setSubjectConfirmationData(SubjectConfirmationDataBean subjectConfirmationData) {
this.subjectConfirmationData = subjectConfirmationData;
Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SAML2CallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SAML2CallbackHandler.java?rev=1823581&r1=1823580&r2=1823581&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SAML2CallbackHandler.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SAML2CallbackHandler.java Thu Feb 8 16:35:15 2018
@@ -81,6 +81,9 @@ public class SAML2CallbackHandler extend
if (subjectNameIDFormat != null) {
subjectBean.setSubjectNameIDFormat(subjectNameIDFormat);
}
+ if (subjectConfirmationNameID != null) {
+ subjectBean.setSubjectConfirmationNameID(subjectConfirmationNameID);
+ }
subjectBean.setSubjectConfirmationData(subjectConfirmationData);
if (SAML2Constants.CONF_HOLDER_KEY.equals(confirmationMethod)) {
try {
Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java?rev=1823581&r1=1823580&r2=1823581&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java Thu Feb 8 16:35:15 2018
@@ -40,6 +40,7 @@ import org.apache.wss4j.common.ext.WSSec
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
+import org.apache.wss4j.common.saml.bean.NameIDBean;
import org.apache.wss4j.common.saml.bean.SubjectConfirmationDataBean;
import org.apache.wss4j.common.saml.builder.SAML1Constants;
import org.apache.wss4j.common.saml.builder.SAML2Constants;
@@ -702,6 +703,52 @@ public class SamlTokenTest extends org.j
WSHandlerResult results = createAndVerifyMessage(callbackHandler, true);
WSSecurityEngineResult actionResult =
+ results.getActionResults().get(WSConstants.ST_UNSIGNED).get(0);
+
+ SamlAssertionWrapper receivedSamlAssertion =
+ (SamlAssertionWrapper) actionResult.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ assertTrue(receivedSamlAssertion != null);
+ assertFalse(receivedSamlAssertion.isSigned());
+ }
+
+ /**
+ * Test that creates, sends and processes an unsigned SAML 2 authentication assertion with
+ * a NameID in the Subject (see https://issues.apache.org/jira/browse/WSS-622)
+ */
+ @Test
+ public void testSAML2SubjectConfirmationNameID() throws Exception {
+ SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
+ callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
+ callbackHandler.setIssuer("www.example.com");
+
+ NameIDBean nameID = new NameIDBean();
+ nameID.setNameIDFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
+ nameID.setNameQualifier("confirmationNameQualifier");
+ nameID.setNameValue("confirmationNameQualifierValue");
+ callbackHandler.setSubjectConfirmationNameID(nameID);
+
+ SAMLCallback samlCallback = new SAMLCallback();
+ SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
+ SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
+
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader(doc);
+ secHeader.insertSecurityHeader();
+
+ WSSecSAMLToken wsSign = new WSSecSAMLToken(secHeader);
+
+ Document unsignedDoc = wsSign.build(samlAssertion);
+
+ String outputString =
+ XMLUtils.prettyDocumentToString(unsignedDoc);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("SAML 2 Authn Assertion (sender vouches):");
+ LOG.debug(outputString);
+ }
+ assertTrue(outputString.contains("confirmationNameQualifierValue"));
+
+ WSHandlerResult results = createAndVerifyMessage(callbackHandler, true);
+ WSSecurityEngineResult actionResult =
results.getActionResults().get(WSConstants.ST_UNSIGNED).get(0);
SamlAssertionWrapper receivedSamlAssertion =