You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2011/09/18 15:51:36 UTC
svn commit: r1172285 [36/48] - in /webservices/wss4j/branches/swssf: ./
cxf-integration/ cxf-integration/src/ cxf-integration/src/main/
cxf-integration/src/main/java/ cxf-integration/src/main/java/org/
cxf-integration/src/main/java/org/swssf/ cxf-integ...
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/InteroperabilityTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/InteroperabilityTest.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/InteroperabilityTest.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/InteroperabilityTest.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,759 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.test;
+
+import org.apache.ws.security.handler.WSHandlerConstants;
+import org.swssf.WSSec;
+import org.swssf.ext.*;
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.securityEvent.SecurityEventListener;
+import org.swssf.test.utils.StAX2DOM;
+import org.swssf.test.utils.XmlReaderToWriter;
+import org.testng.Assert;
+import org.testng.annotations.Test;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+import javax.xml.rpc.JAXRPCException;
+import javax.xml.rpc.handler.MessageContext;
+import javax.xml.soap.SOAPConstants;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathExpression;
+import java.io.*;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class InteroperabilityTest extends AbstractTestBase {
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilityInbound() throws Exception {
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+ Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ Document document = doInboundSecurity(securityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ //read the whole stream:
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilityInboundSOAP12() throws Exception {
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.2.xml");
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://www.w3.org/2003/05/soap-envelope}Body;");
+ Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, properties, SOAPConstants.SOAP_1_2_PROTOCOL);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ Document document = doInboundSecurity(securityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ //read the whole stream:
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilityEncryptedSignatureInbound() throws Exception {
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+ properties.setProperty(WSHandlerConstants.ENCRYPTION_PARTS, "{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+ Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ Document document = doInboundSecurity(securityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ //read the whole stream:
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ }
+
+ //Not supported ATM: Timestamp encrypted and then Signed
+ /*
+ @Test(invocationCount = 1)
+ public void testInteroperabilitySignedEncryptedTimestampInbound() throws Exception {
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.ENCRYPT + " " + WSHandlerConstants.SIGNATURE;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+ properties.setProperty(WSHandlerConstants.ENCRYPTION_PARTS, "{Content}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+ Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ Document document = doInboundSecurity(securityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ //read the whole stream:
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ //transformer.transform(new DOMSource(document), new StreamResult(System.out));
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ }
+*/
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilityInboundReverseOrder() throws Exception {
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+
+ String action = WSHandlerConstants.ENCRYPT + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.TIMESTAMP;
+ Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, new Properties());
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ Document document = doInboundSecurity(securityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ //read the whole stream:
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ }
+
+ @Test
+ public void testInteroperabilityOutbound() throws Exception {
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setEncryptionUser("receiver");
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("transmitter");
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+ securityProperties.setOutAction(actions);
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+ ByteArrayOutputStream baos = doOutboundSecurity(securityProperties, sourceDocument);
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Document document = doInboundSecurityWithWSS4J(documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray())), action);
+ }
+
+ @Test
+ public void testInteroperabilityOutboundReverseOrder() throws Exception {
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setEncryptionUser("receiver");
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("transmitter");
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.ENCRYPT, Constants.Action.SIGNATURE, Constants.Action.TIMESTAMP};
+ securityProperties.setOutAction(actions);
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+ ByteArrayOutputStream baos = doOutboundSecurity(securityProperties, sourceDocument);
+
+ String action = WSHandlerConstants.ENCRYPT + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.TIMESTAMP;
+ Document document = doInboundSecurityWithWSS4J(documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray())), action);
+ }
+
+ @Test
+ public void testInteroperabilityOutboundSignature() throws Exception {
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setEncryptionUser("receiver");
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("transmitter");
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.SIGNATURE};
+ securityProperties.setOutAction(actions);
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+ ByteArrayOutputStream baos = doOutboundSecurity(securityProperties, sourceDocument);
+
+ String action = WSHandlerConstants.SIGNATURE;
+ Document document = doInboundSecurityWithWSS4J(documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray())), action);
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilityInboundSecurityHeaderTimestampOrder() throws Exception {
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+ properties.setProperty(WSHandlerConstants.ENCRYPTION_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+ Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ XPathExpression xPathExpression = getXPath("/env:Envelope/env:Header/wsse:Security/xenc:EncryptedData");
+ Element timeStamp = (Element) xPathExpression.evaluate(securedDocument, XPathConstants.NODE);
+ Element securityHeaderNode = (Element) timeStamp.getParentNode();
+ securityHeaderNode.removeChild(timeStamp);
+
+ xPathExpression = getXPath("/env:Envelope/env:Header/wsse:Security/dsig:Signature");
+ Element signature = (Element) xPathExpression.evaluate(securedDocument, XPathConstants.NODE);
+
+ securityHeaderNode.insertBefore(timeStamp, signature);
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ Document document = doInboundSecurity(securityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ //read the whole stream:
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ }
+
+ @Test
+ public void testEncDecryptionUseReqSigCert() throws Exception {
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ {
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+ MessageContext messageContext = doOutboundSecurityWithWSS4J_1(sourceDocument, action, properties, SOAPConstants.SOAP_1_1_PROTOCOL);
+ Document securedDocument = (Document) messageContext.getProperty(SECURED_DOCUMENT);
+
+ //some test that we can really sure we get what we want from WSS4J
+ NodeList nodeList = securedDocument.getElementsByTagNameNS(Constants.TAG_dsig_Signature.getNamespaceURI(), Constants.TAG_dsig_Signature.getLocalPart());
+ Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), Constants.TAG_wsse_Security.getLocalPart());
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+ }
+
+ final List<SecurityEvent> securityEventList = new ArrayList<SecurityEvent>();
+ //done signature; now test sig-verification:
+ {
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.setCallbackHandler(new org.swssf.test.CallbackHandlerImpl());
+ InboundWSSec wsSecIn = WSSec.getInboundWSSec(securityProperties);
+
+ SecurityEventListener securityEventListener = new SecurityEventListener() {
+ public void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException {
+ securityEventList.add(securityEvent);
+ }
+ };
+
+ XMLStreamReader xmlStreamReader = wsSecIn.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())), new ArrayList<SecurityEvent>(), securityEventListener);
+
+ Document document = StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), xmlStreamReader);
+
+ //header element must still be there
+ NodeList nodeList = document.getElementsByTagNameNS(Constants.TAG_dsig_Signature.getNamespaceURI(), Constants.TAG_dsig_Signature.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 1);
+ Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), Constants.TAG_wsse_Security.getLocalPart());
+ }
+
+ //so we have a request generated, now do the response:
+ baos = new ByteArrayOutputStream();
+ {
+ SecurityProperties securityProperties = new SecurityProperties();
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+ securityProperties.setOutAction(actions);
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("receiver");
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setUseReqSigCertForEncryption(true);
+
+ OutboundWSSec wsSecOut = WSSec.getOutboundWSSec(securityProperties);
+ XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos, "UTF-8", securityEventList);
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"));
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ Document document = documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+ NodeList nodeList = document.getElementsByTagNameNS(Constants.TAG_dsig_Signature.getNamespaceURI(), Constants.TAG_dsig_Signature.getLocalPart());
+ Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), Constants.TAG_wsse_Security.getLocalPart());
+
+ nodeList = document.getElementsByTagNameNS(Constants.TAG_dsig_Reference.getNamespaceURI(), Constants.TAG_dsig_Reference.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 1);
+
+ nodeList = document.getElementsByTagNameNS(Constants.NS_SOAP11, Constants.TAG_soap_Body_LocalName);
+ Assert.assertEquals(nodeList.getLength(), 1);
+ String idAttrValue = ((Element) nodeList.item(0)).getAttributeNS(Constants.ATT_wsu_Id.getNamespaceURI(), Constants.ATT_wsu_Id.getLocalPart());
+ Assert.assertNotNull(idAttrValue);
+ Assert.assertTrue(idAttrValue.startsWith("id-"), "wsu:id Attribute doesn't start with id");
+ }
+
+ //verify SigConf response:
+ {
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ doInboundSecurityWithWSS4J_1(documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray())), action, SOAPConstants.SOAP_1_1_PROTOCOL, properties, true);
+ }
+ }
+
+ @Test
+ public void testEncryptedSignatureC14NInclusivePartsOutbound() throws Exception {
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ {
+ SecurityProperties securityProperties = new SecurityProperties();
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+ securityProperties.setOutAction(actions);
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("transmitter");
+ securityProperties.setEncryptionUser("receiver");
+ securityProperties.addSignaturePart(new SecurePart("complexType", "http://www.w3.org/1999/XMLSchema", SecurePart.Modifier.Element));
+ securityProperties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments");
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+
+ OutboundWSSec wsSecOut = WSSec.getOutboundWSSec(securityProperties);
+ XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos, "UTF-8", new ArrayList<SecurityEvent>());
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"));
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ Document document = documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+ NodeList nodeList = document.getElementsByTagNameNS(Constants.TAG_dsig_Signature.getNamespaceURI(), Constants.TAG_dsig_Signature.getLocalPart());
+ Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), Constants.TAG_wsse_Security.getLocalPart());
+
+ nodeList = document.getElementsByTagNameNS(Constants.TAG_dsig_Reference.getNamespaceURI(), Constants.TAG_dsig_Reference.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 25);
+
+ nodeList = document.getElementsByTagNameNS("http://www.w3.org/1999/XMLSchema", "complexType");
+ Assert.assertEquals(nodeList.getLength(), 0);
+ }
+
+ //done signature; now test sig-verification:
+ {
+ String action = WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.IS_BSP_COMPLIANT, "false");
+ doInboundSecurityWithWSS4J_1(documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray())), action, SOAPConstants.SOAP_1_1_PROTOCOL, properties, false);
+ }
+ }
+
+ /**
+ * Inclusive Canonicalization with Encryption is problematic because xenc namespace "leaks"
+ * WSS4J sets the xenc ns on the soap envelope which is not included in the signature on the sending
+ * side. swsssf sets the ns where it belongs and so we don't have this problem. But if we
+ * get an xenc ns on the envelope we will get a signature error. This case can't be handled correctly.
+ * This is also one of the reasons why a exclusive canonicalisation is preferred for SOAP
+ *
+ * @throws Exception
+ */
+ @Test(invocationCount = 100) //retest 100 times to make sure we don't have a threading issue
+ public void testSignatureC14NInclusivePartsInbound() throws Exception {
+ Document securedDocument;
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ {
+ SecurityProperties securityProperties = new SecurityProperties();
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+ securityProperties.setOutAction(actions);
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("transmitter");
+ securityProperties.setEncryptionUser("receiver");
+ securityProperties.addSignaturePart(new SecurePart("complexType", "http://www.w3.org/1999/XMLSchema", SecurePart.Modifier.Element));
+ securityProperties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments");
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+
+ OutboundWSSec wsSecOut = WSSec.getOutboundWSSec(securityProperties);
+ XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos, "UTF-8", new ArrayList<SecurityEvent>());
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"));
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ securedDocument = documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+ NodeList nodeList = securedDocument.getElementsByTagNameNS(Constants.TAG_dsig_Signature.getNamespaceURI(), Constants.TAG_dsig_Signature.getLocalPart());
+ Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), Constants.TAG_wsse_Security.getLocalPart());
+ }
+
+ {
+ String action = WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.IS_BSP_COMPLIANT, "false");
+ doInboundSecurityWithWSS4J_1(documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray())), action, SOAPConstants.SOAP_1_1_PROTOCOL, properties, false);
+ }
+
+ //done signature; now test sig-verification:
+ {
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ InboundWSSec wsSecIn = WSSec.getInboundWSSec(securityProperties);
+ XMLStreamReader xmlStreamReader = wsSecIn.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ Document document = StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), xmlStreamReader);
+
+ //header element must still be there
+ NodeList nodeList = document.getElementsByTagNameNS(Constants.TAG_dsig_Signature.getNamespaceURI(), Constants.TAG_dsig_Signature.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 1);
+ Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), Constants.TAG_wsse_Security.getLocalPart());
+ }
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilitySOAPActionInbound() throws Exception {
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+ properties.setProperty(WSHandlerConstants.ACTOR, "test");
+ Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setActor("test");
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ Document document = doInboundSecurity(securityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ //read the whole stream:
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilityInvalidSOAPActionInbound() throws Exception {
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+ properties.setProperty(WSHandlerConstants.ACTOR, "test");
+ Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setActor("anotherTest");
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ try {
+ Document document = doInboundSecurity(securityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ //read the whole stream:
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ Assert.fail("XMLStreamException expected");
+ } catch (XMLStreamException e) {
+ Assert.assertEquals(e.getMessage(), "org.swssf.ext.WSSecurityException: General security error (Security header is missing)");
+ }
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilitySOAPRoleInbound() throws Exception {
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.2.xml");
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.ACTOR, "test");
+ properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://www.w3.org/2003/05/soap-envelope}Body;");
+ Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, properties, SOAPConstants.SOAP_1_2_PROTOCOL);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setActor("test");
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ Document document = doInboundSecurity(securityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ //read the whole stream:
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilityTwoSecurityHeadersSOAPRoleInbound() throws Exception {
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.2.xml");
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://www.w3.org/2003/05/soap-envelope}Body;");
+ Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, properties, SOAPConstants.SOAP_1_2_PROTOCOL);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ properties.setProperty(WSHandlerConstants.ACTOR, "test");
+ securedDocument = doOutboundSecurityWithWSS4J(new ByteArrayInputStream(baos.toByteArray()), action, properties, SOAPConstants.SOAP_1_2_PROTOCOL);
+
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ baos.reset();
+ transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setActor("test");
+ securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ Document document = doInboundSecurity(securityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())));
+
+ //read the whole stream:
+ transformer = TRANSFORMER_FACTORY.newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilitySOAPActionOutbound() throws Exception {
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setActor("test");
+ securityProperties.setEncryptionUser("receiver");
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("transmitter");
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+ securityProperties.setOutAction(actions);
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+ ByteArrayOutputStream baos = doOutboundSecurity(securityProperties, sourceDocument);
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.ACTOR, "test");
+ doInboundSecurityWithWSS4J_1(documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray())), action, SOAPConstants.SOAP_1_1_PROTOCOL, properties, false);
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilityInvalidSOAPActionOutbound() throws Exception {
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setActor("test");
+ securityProperties.setEncryptionUser("receiver");
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("transmitter");
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+ securityProperties.setOutAction(actions);
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+ ByteArrayOutputStream baos = doOutboundSecurity(securityProperties, sourceDocument);
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.ACTOR, "anotherTest");
+ try {
+ doInboundSecurityWithWSS4J_1(documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray())), action, SOAPConstants.SOAP_1_1_PROTOCOL, properties, false);
+ Assert.fail("Expected JAXRPCException");
+ } catch (JAXRPCException e) {
+ Assert.assertEquals(e.getMessage(), "WSS4JHandler: Request does not contain required Security header");
+ }
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilitySOAPRoleOutbound() throws Exception {
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setActor("test");
+ securityProperties.setEncryptionUser("receiver");
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("transmitter");
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+ securityProperties.setOutAction(actions);
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.2.xml");
+
+ ByteArrayOutputStream baos = doOutboundSecurity(securityProperties, sourceDocument);
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.ACTOR, "test");
+ doInboundSecurityWithWSS4J_1(documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray())), action, SOAPConstants.SOAP_1_2_PROTOCOL, properties, false);
+ }
+
+ @Test(invocationCount = 1)
+ public void testInteroperabilityTwoSecurityHeadersSOAPRoleOutbound() throws Exception {
+
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setEncryptionUser("receiver");
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("transmitter");
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+ securityProperties.setOutAction(actions);
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.2.xml");
+
+ ByteArrayOutputStream baos = doOutboundSecurity(securityProperties, sourceDocument);
+
+ securityProperties.setActor("test");
+ baos = doOutboundSecurity(securityProperties, new ByteArrayInputStream(baos.toByteArray()));
+
+ String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+ Properties properties = new Properties();
+ properties.setProperty(WSHandlerConstants.ACTOR, "test");
+ doInboundSecurityWithWSS4J_1(documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray())), action, SOAPConstants.SOAP_1_2_PROTOCOL, properties, false);
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/InteroperabilityTest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/OutputChainTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/OutputChainTest.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/OutputChainTest.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/OutputChainTest.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,148 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.test;
+
+import org.swssf.WSSec;
+import org.swssf.ext.Constants;
+import org.swssf.ext.OutboundWSSec;
+import org.swssf.ext.SecurityProperties;
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.test.utils.XmlReaderToWriter;
+import org.testng.Assert;
+import org.testng.annotations.Test;
+import org.w3c.dom.Document;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.util.ArrayList;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class OutputChainTest extends AbstractTestBase {
+
+ @Test
+ public void testEncryptionAction() throws Exception {
+ SecurityProperties securityProperties = new SecurityProperties();
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.ENCRYPT};
+ securityProperties.setOutAction(actions);
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.setEncryptionUser("receiver");
+
+ OutboundWSSec wsSecOut = WSSec.getOutboundWSSec(securityProperties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos, "UTF-8", new ArrayList<SecurityEvent>());
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"));
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ Document document = documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+ NodeList nodeList = document.getElementsByTagNameNS(Constants.TAG_xenc_EncryptedKey.getNamespaceURI(), Constants.TAG_xenc_EncryptedKey.getLocalPart());
+ Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), Constants.TAG_wsse_Security.getLocalPart());
+
+ nodeList = document.getElementsByTagNameNS(Constants.TAG_xenc_EncryptedData.getNamespaceURI(), Constants.TAG_xenc_EncryptedData.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 1);
+
+ Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), "Body");
+ NodeList childNodes = nodeList.item(0).getParentNode().getChildNodes();
+ for (int i = 0; i < childNodes.getLength(); i++) {
+ Node child = childNodes.item(i);
+ if (child.getNodeType() == Node.TEXT_NODE) {
+ Assert.assertEquals(child.getTextContent().trim(), "");
+ } else if (child.getNodeType() == Node.ELEMENT_NODE) {
+ Assert.assertEquals(child, nodeList.item(0));
+ } else {
+ Assert.fail("Unexpected Node encountered");
+ }
+ }
+
+ nodeList = document.getElementsByTagNameNS(Constants.TAG_dsig_Signature.getNamespaceURI(), Constants.TAG_dsig_Signature.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 0);
+
+ nodeList = document.getElementsByTagNameNS(Constants.TAG_wsu_Timestamp.getNamespaceURI(), Constants.TAG_wsu_Timestamp.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 0);
+ }
+
+ @Test
+ public void testSignatureAction() throws Exception {
+ SecurityProperties securityProperties = new SecurityProperties();
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.SIGNATURE};
+ securityProperties.setOutAction(actions);
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("receiver");
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+
+ OutboundWSSec wsSecOut = WSSec.getOutboundWSSec(securityProperties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos, "UTF-8", new ArrayList<SecurityEvent>());
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"));
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ Document document = documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+ NodeList nodeList = document.getElementsByTagNameNS(Constants.TAG_dsig_Signature.getNamespaceURI(), Constants.TAG_dsig_Signature.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 1);
+
+ Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), Constants.TAG_wsse_Security.getLocalPart());
+
+ nodeList = document.getElementsByTagNameNS(Constants.NS_SOAP11, Constants.TAG_soap_Body_LocalName);
+ Assert.assertEquals(nodeList.getLength(), 1);
+
+ Node attr = nodeList.item(0).getAttributes().getNamedItemNS(Constants.ATT_wsu_Id.getNamespaceURI(), Constants.ATT_wsu_Id.getLocalPart());
+ Assert.assertNotNull(attr);
+
+ nodeList = document.getElementsByTagNameNS(Constants.TAG_xenc_EncryptedData.getNamespaceURI(), Constants.TAG_xenc_EncryptedData.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 0);
+
+ nodeList = document.getElementsByTagNameNS(Constants.TAG_wsu_Timestamp.getNamespaceURI(), Constants.TAG_wsu_Timestamp.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 0);
+ }
+
+ @Test
+ public void testTimeStampAction() throws Exception {
+ SecurityProperties securityProperties = new SecurityProperties();
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.TIMESTAMP};
+ securityProperties.setOutAction(actions);
+
+ OutboundWSSec wsSecOut = WSSec.getOutboundWSSec(securityProperties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos, "UTF-8", new ArrayList<SecurityEvent>());
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"));
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ Document document = documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+
+ NodeList nodeList = document.getElementsByTagNameNS(Constants.TAG_wsu_Timestamp.getNamespaceURI(), Constants.TAG_wsu_Timestamp.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 1);
+
+ Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), Constants.TAG_wsse_Security.getLocalPart());
+
+ nodeList = document.getElementsByTagNameNS(Constants.TAG_xenc_EncryptedData.getNamespaceURI(), Constants.TAG_xenc_EncryptedData.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 0);
+
+ nodeList = document.getElementsByTagNameNS(Constants.TAG_dsig_Signature.getNamespaceURI(), Constants.TAG_dsig_Signature.getLocalPart());
+ Assert.assertEquals(nodeList.getLength(), 0);
+ }
+}
\ No newline at end of file
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/OutputChainTest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/OutputProcessorChainTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/OutputProcessorChainTest.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/OutputProcessorChainTest.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/OutputProcessorChainTest.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,252 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.test;
+
+import org.swssf.ext.*;
+import org.swssf.impl.OutputProcessorChainImpl;
+import org.testng.Assert;
+import org.testng.annotations.Test;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.events.XMLEvent;
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class OutputProcessorChainTest extends AbstractTestBase {
+
+ abstract class AbstractOutputProcessor implements OutputProcessor {
+
+ private Constants.Phase phase = Constants.Phase.PROCESSING;
+ private Set<Object> beforeProcessors = new HashSet<Object>();
+ private Set<Object> afterProcessors = new HashSet<Object>();
+
+ public Set<Object> getBeforeProcessors() {
+ return beforeProcessors;
+ }
+
+ public Set<Object> getAfterProcessors() {
+ return afterProcessors;
+ }
+
+ public Constants.Phase getPhase() {
+ return phase;
+ }
+
+ public void setPhase(Constants.Phase phase) {
+ this.phase = phase;
+ }
+
+ public void processNextEvent(XMLEvent xmlEvent, OutputProcessorChain outputProcessorChain) throws XMLStreamException, WSSecurityException {
+ }
+
+ public void doFinal(OutputProcessorChain outputProcessorChain) throws XMLStreamException, WSSecurityException {
+ }
+ }
+
+ @Test
+ public void testAddProcessorPhase1() {
+ OutputProcessorChainImpl outputProcessorChain = new OutputProcessorChainImpl(new SecurityContextImpl());
+
+ AbstractOutputProcessor outputProcessor1 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor1);
+
+ AbstractOutputProcessor outputProcessor2 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor2);
+
+ AbstractOutputProcessor outputProcessor3 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor3);
+
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(0), outputProcessor1);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(1), outputProcessor2);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(2), outputProcessor3);
+ }
+
+ @Test
+ public void testAddProcessorPhase2() {
+ OutputProcessorChainImpl outputProcessorChain = new OutputProcessorChainImpl(new SecurityContextImpl());
+
+ AbstractOutputProcessor outputProcessor1 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor1);
+
+ AbstractOutputProcessor outputProcessor2 = new AbstractOutputProcessor() {
+ };
+ outputProcessor2.setPhase(Constants.Phase.PREPROCESSING);
+ outputProcessorChain.addProcessor(outputProcessor2);
+
+ AbstractOutputProcessor outputProcessor3 = new AbstractOutputProcessor() {
+ };
+ outputProcessor3.setPhase(Constants.Phase.POSTPROCESSING);
+ outputProcessorChain.addProcessor(outputProcessor3);
+
+ AbstractOutputProcessor outputProcessor4 = new AbstractOutputProcessor() {
+ };
+ outputProcessor4.setPhase(Constants.Phase.POSTPROCESSING);
+ outputProcessorChain.addProcessor(outputProcessor4);
+
+ AbstractOutputProcessor outputProcessor5 = new AbstractOutputProcessor() {
+ };
+ outputProcessor5.setPhase(Constants.Phase.PREPROCESSING);
+ outputProcessorChain.addProcessor(outputProcessor5);
+
+ AbstractOutputProcessor outputProcessor6 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor6);
+
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(0), outputProcessor2);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(1), outputProcessor5);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(2), outputProcessor1);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(3), outputProcessor6);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(4), outputProcessor3);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(5), outputProcessor4);
+ }
+
+ @Test
+ public void testAddProcessorBefore1() {
+ OutputProcessorChainImpl outputProcessorChain = new OutputProcessorChainImpl(new SecurityContextImpl());
+
+ AbstractOutputProcessor outputProcessor1 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor1);
+
+ AbstractOutputProcessor outputProcessor2 = new AbstractOutputProcessor() {
+ };
+ outputProcessor2.setPhase(Constants.Phase.PREPROCESSING);
+ outputProcessorChain.addProcessor(outputProcessor2);
+
+ AbstractOutputProcessor outputProcessor3 = new AbstractOutputProcessor() {
+ };
+ outputProcessor3.setPhase(Constants.Phase.POSTPROCESSING);
+ outputProcessorChain.addProcessor(outputProcessor3);
+
+ AbstractOutputProcessor outputProcessor4 = new AbstractOutputProcessor() {
+ };
+ outputProcessor4.setPhase(Constants.Phase.POSTPROCESSING);
+ outputProcessor4.getBeforeProcessors().add(outputProcessor3.getClass().getName());
+ outputProcessorChain.addProcessor(outputProcessor4);
+
+ AbstractOutputProcessor outputProcessor5 = new AbstractOutputProcessor() {
+ };
+ outputProcessor5.setPhase(Constants.Phase.PREPROCESSING);
+ outputProcessor5.getBeforeProcessors().add(outputProcessor2.getClass().getName());
+ outputProcessorChain.addProcessor(outputProcessor5);
+
+ AbstractOutputProcessor outputProcessor6 = new AbstractOutputProcessor() {
+ };
+ outputProcessor6.getBeforeProcessors().add(outputProcessor1.getClass().getName());
+ outputProcessorChain.addProcessor(outputProcessor6);
+
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(0), outputProcessor5);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(1), outputProcessor2);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(2), outputProcessor6);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(3), outputProcessor1);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(4), outputProcessor4);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(5), outputProcessor3);
+ }
+
+ @Test
+ public void testAddProcessorAfter1() {
+ OutputProcessorChainImpl outputProcessorChain = new OutputProcessorChainImpl(new SecurityContextImpl());
+
+ AbstractOutputProcessor outputProcessor1 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor1);
+
+ AbstractOutputProcessor outputProcessor2 = new AbstractOutputProcessor() {
+ };
+ outputProcessor2.setPhase(Constants.Phase.PREPROCESSING);
+ outputProcessorChain.addProcessor(outputProcessor2);
+
+ AbstractOutputProcessor outputProcessor3 = new AbstractOutputProcessor() {
+ };
+ outputProcessor3.setPhase(Constants.Phase.POSTPROCESSING);
+ outputProcessorChain.addProcessor(outputProcessor3);
+
+ AbstractOutputProcessor outputProcessor4 = new AbstractOutputProcessor() {
+ };
+ outputProcessor4.setPhase(Constants.Phase.POSTPROCESSING);
+ outputProcessor4.getAfterProcessors().add(outputProcessor3.getClass().getName());
+ outputProcessorChain.addProcessor(outputProcessor4);
+
+ AbstractOutputProcessor outputProcessor5 = new AbstractOutputProcessor() {
+ };
+ outputProcessor5.setPhase(Constants.Phase.PREPROCESSING);
+ outputProcessor5.getAfterProcessors().add(outputProcessor2.getClass().getName());
+ outputProcessorChain.addProcessor(outputProcessor5);
+
+ AbstractOutputProcessor outputProcessor6 = new AbstractOutputProcessor() {
+ };
+ outputProcessor6.getAfterProcessors().add(outputProcessor1.getClass().getName());
+ outputProcessorChain.addProcessor(outputProcessor6);
+
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(0), outputProcessor2);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(1), outputProcessor5);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(2), outputProcessor1);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(3), outputProcessor6);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(4), outputProcessor3);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(5), outputProcessor4);
+ }
+
+ @Test
+ public void testAddProcessorBeforeAndAfter1() {
+ OutputProcessorChainImpl outputProcessorChain = new OutputProcessorChainImpl(new SecurityContextImpl());
+
+ AbstractOutputProcessor outputProcessor1 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor1);
+
+ AbstractOutputProcessor outputProcessor2 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor2);
+
+ AbstractOutputProcessor outputProcessor3 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor3);
+
+ AbstractOutputProcessor outputProcessor4 = new AbstractOutputProcessor() {
+ };
+ outputProcessorChain.addProcessor(outputProcessor4);
+
+ AbstractOutputProcessor outputProcessor5 = new AbstractOutputProcessor() {
+ };
+ outputProcessor5.getBeforeProcessors().add("");
+ outputProcessor5.getAfterProcessors().add(outputProcessor3.getClass().getName());
+ outputProcessorChain.addProcessor(outputProcessor5);
+
+ AbstractOutputProcessor outputProcessor6 = new AbstractOutputProcessor() {
+ };
+ outputProcessor6.getBeforeProcessors().add(outputProcessor5.getClass().getName());
+ outputProcessor6.getAfterProcessors().add("");
+ outputProcessorChain.addProcessor(outputProcessor6);
+
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(0), outputProcessor1);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(1), outputProcessor2);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(2), outputProcessor3);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(3), outputProcessor6);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(4), outputProcessor5);
+ Assert.assertEquals(outputProcessorChain.getProcessors().get(5), outputProcessor4);
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/OutputProcessorChainTest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/PerformanceMemoryTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/PerformanceMemoryTest.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/PerformanceMemoryTest.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/PerformanceMemoryTest.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,445 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.test;
+
+import org.apache.ws.security.handler.WSHandlerConstants;
+import org.swssf.WSSec;
+import org.swssf.ext.Constants;
+import org.swssf.ext.InboundWSSec;
+import org.swssf.ext.OutboundWSSec;
+import org.swssf.ext.SecurityProperties;
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.test.utils.XmlReaderToWriter;
+import org.testng.annotations.Test;
+import org.w3c.dom.Document;
+import org.w3c.dom.NodeList;
+
+import javax.xml.stream.XMLStreamConstants;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+import java.io.*;
+import java.util.ArrayList;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Properties;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class PerformanceMemoryTest extends AbstractTestBase {
+
+ private File prepareBigEncryptedFile(int factor) throws Exception {
+ File target = genBigFile(factor);
+ File output = new File("target/enc.xml");
+ doStreamingSecurityOutbound(target, output);
+ return output;
+ }
+
+ private void doStreamingSecurityOutbound(File source, File output) throws Exception {
+ SecurityProperties securityProperties = new SecurityProperties();
+ securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ securityProperties.setEncryptionUser("receiver");
+ securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ securityProperties.setSignatureUser("transmitter");
+ securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ Constants.Action[] actions = new Constants.Action[]{Constants.Action.ENCRYPT};
+ securityProperties.setOutAction(actions);
+ securityProperties.setTimestampTTL(60 * 60 * 24 * 7); //a week for testing:)
+
+ InputStream sourceDocument = new BufferedInputStream(new FileInputStream(source));
+ OutboundWSSec wsSecOut = WSSec.getOutboundWSSec(securityProperties);
+
+ XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(new FileOutputStream(output), "UTF-8", new ArrayList<SecurityEvent>());
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument);
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+ xmlStreamReader.close();
+ }
+
+ private File genBigFile(int factor) throws IOException {
+ File source = new File("ReferenzInstanzdokument20060922.xml");
+ File target = new File("target/tmp.xml");
+ FileWriter fileWriter = new FileWriter(target);
+ fileWriter.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
+ "<env:Envelope xmlns:env=\"http://schemas.xmlsoap.org/soap/envelope/\">\n" +
+ "<env:Header></env:Header>\n" +
+ "<env:Body><test xmlns=\"http://www.example.com\">");
+ fileWriter.close();
+ FileOutputStream fileOutputStream = new FileOutputStream(target, true);
+ for (int i = 0; i <= factor; i++) {
+ int read = 0;
+ byte[] buffer = new byte[4096];
+ FileInputStream fileInputStream = new FileInputStream(source);
+ while ((read = fileInputStream.read(buffer)) != -1) {
+ fileOutputStream.write(buffer, 0, read);
+ }
+ fileInputStream.close();
+ }
+ fileWriter = new FileWriter(target, true);
+ fileWriter.write("</test></env:Body>\n" +
+ "</env:Envelope>");
+ fileWriter.close();
+ return target;
+ }
+
+ /*
+ private int countTags(File file) throws Exception {
+ int tagCount = 0;
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(new FileInputStream(file));
+ while (xmlStreamReader.hasNext()) {
+ int eventType = xmlStreamReader.next();
+ if (eventType == XMLStreamConstants.START_ELEMENT) {
+ tagCount++;
+ }
+ }
+ return tagCount;
+ }
+ */
+
+ private int[] tagCounts = new int[]{33391, 63731, 94071, 124411, 154751, 185091, 215431, 245771, 276111, 306451, 336791, 367131, 397471, 427811, 458151};
+
+ @Test(groups = {"timing-out"})
+ public void setUpOut() throws Exception {
+ File input = genBigFile(1);
+ Document doc = doOutboundSecurityWithWSS4J(new FileInputStream(input), WSHandlerConstants.ENCRYPT, new Properties());
+ javax.xml.transform.Transformer transformer = TransformerFactory.newInstance().newTransformer();
+ transformer.transform(new DOMSource(doc), new StreamResult(new File("target/bigfile-dom.xml")));
+ doStreamingSecurityOutbound(input, new File("target/bigfile-stream.xml"));
+ }
+
+ @Test(groups = "streaming-memory-out")
+ public void testStreamingOutMemoryPerformance() throws Exception {
+
+ FileWriter samples = new FileWriter("memory-samples-stream-out.txt");
+ long memoryDiff = 0;
+
+ for (int i = 1; i <= 15; i++) {
+ System.out.println("Run " + i);
+
+ long startMem = getUsedMemory();
+ System.out.println("Start Mem: " + startMem / 1024.0 / 1024.0);
+
+ File input = genBigFile(i * 10);
+
+ ThreadStopper threadStopper = new ThreadStopper();
+ Thread thread = new Thread(new MemorySamplerThread(threadStopper, samples, memoryDiff));
+ thread.setPriority(8);
+ thread.start();
+
+ long start = System.currentTimeMillis();
+ doStreamingSecurityOutbound(input, new File("target/bigfile-stream.xml"));
+
+ samples.write("" + tagCounts[i - 1]);
+ samples.write(" ");
+ samples.flush();
+
+ threadStopper.setStop(true);
+
+ System.out.println("Stream Time: " + (System.currentTimeMillis() - start) / 1000.0 + "s");
+ System.out.println("Tag Count: " + tagCounts[i - 1]);
+ System.out.println("");
+
+ thread.join();
+
+ samples.write("\n");
+ samples.flush();
+ long endMem = getUsedMemory();
+ memoryDiff = endMem - startMem;
+ System.out.println("Memory leak: " + ((memoryDiff)) / 1024.0 / 1024.0);
+ System.out.println("Used memory: " + (endMem / 1024.0 / 1024.0));
+ System.out.println("");
+ }
+
+ samples.close();
+ }
+
+ @Test(groups = "dom-memory-out")
+ public void testDOMOutMemoryPerformance() throws Exception {
+
+ FileWriter samples = new FileWriter("memory-samples-dom-out.txt");
+ long memoryDiff = 0;
+ long leakedMemory = 0;
+
+ for (int i = 1; i <= 15; i++) {
+ System.out.println("Run " + i);
+
+ long startMem = getUsedMemory();
+ System.out.println("Start Mem: " + startMem / 1024.0 / 1024.0);
+
+ File input = genBigFile(i * 10);
+
+ ThreadStopper threadStopper = new ThreadStopper();
+ Thread thread = new Thread(new MemorySamplerThread(threadStopper, samples, leakedMemory));
+ thread.setPriority(8);
+ thread.start();
+
+ long start = System.currentTimeMillis();
+
+ Document doc = doOutboundSecurityWithWSS4J(new FileInputStream(input), WSHandlerConstants.ENCRYPT, new Properties());
+ javax.xml.transform.Transformer transformer = TransformerFactory.newInstance().newTransformer();
+ transformer.transform(new DOMSource(doc), new StreamResult(new File("target/bigfile-dom.xml")));
+
+ samples.write("" + tagCounts[i - 1]);
+ samples.write(" ");
+ samples.flush();
+
+ threadStopper.setStop(true);
+
+ System.out.println("DOM Time: " + (System.currentTimeMillis() - start) / 1000.0 + "s");
+ System.out.println("Tag Count: " + tagCounts[i - 1]);
+ System.out.println("");
+
+ thread.join();
+
+ samples.write("\n");
+ samples.flush();
+ long endMem = getUsedMemory();
+ memoryDiff = endMem - startMem;
+ leakedMemory += memoryDiff;
+ System.out.println("Memory leak: " + ((memoryDiff)) / 1024.0 / 1024.0);
+ System.out.println("Used memory: " + (endMem / 1024.0 / 1024.0));
+ System.out.println("");
+ }
+
+ samples.close();
+ }
+
+ @Test(groups = "stream")
+ public void testStreamingMemoryPerformance() throws Exception {
+
+ FileWriter samples = new FileWriter("memory-samples-stream.txt");
+ long memoryDiff = 0;
+
+ for (int i = 1; i <= 15; i++) {
+ System.out.println("Run " + i);
+
+ long startMem = getUsedMemory();
+ System.out.println("Start Mem: " + startMem / 1024.0 / 1024.0);
+
+ File input = prepareBigEncryptedFile(i * 10);
+
+ ThreadStopper threadStopper = new ThreadStopper();
+ Thread thread = new Thread(new MemorySamplerThread(threadStopper, samples, memoryDiff));
+ thread.setPriority(8);
+ thread.start();
+
+ long start = System.currentTimeMillis();
+ int tagCount = doStreamingInSecurity(input);
+
+ samples.write("" + tagCount);
+ samples.write(" ");
+ samples.flush();
+
+ threadStopper.setStop(true);
+
+ System.out.println("Stream Time: " + (System.currentTimeMillis() - start) / 1000.0 + "s");
+ System.out.println("Tag Count: " + tagCount);
+ System.out.println("");
+
+ thread.join();
+
+ samples.write("\n");
+ samples.flush();
+ long endMem = getUsedMemory();
+ memoryDiff = endMem - startMem;
+ System.out.println("Memory leak: " + ((memoryDiff)) / 1024.0 / 1024.0);
+ System.out.println("Used memory: " + (endMem / 1024.0 / 1024.0));
+ System.out.println("");
+ }
+
+ samples.close();
+ }
+
+ private static void gc() {
+ /*
+ try {
+ System.gc();
+ Thread.sleep(100);
+ System.runFinalization();
+ Thread.sleep(100);
+ System.gc();
+ Thread.sleep(100);
+ System.runFinalization();
+ Thread.sleep(100);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ */
+ System.gc();
+ System.runFinalization();
+ System.gc();
+ }
+
+
+ private static long getUsedMemory() {
+ gc();
+ long totalMemory = Runtime.getRuntime().totalMemory();
+ gc();
+ long freeMemory = Runtime.getRuntime().freeMemory();
+ return totalMemory - freeMemory;
+ }
+
+ @Test(groups = "dom")
+ public void testDOMMemoryPerformance() throws Exception {
+
+ FileWriter samples = new FileWriter("memory-samples-dom.txt");
+ long memoryDiff = 0;
+ long leakedMemory = 0;
+
+ for (int i = 1; i <= 15; i++) {
+ System.out.println("Run " + i);
+
+ long startMem = getUsedMemory();
+ System.out.println("Start Mem: " + startMem / 1024.0 / 1024.0);
+
+ File input = prepareBigEncryptedFile(i * 10);
+
+ ThreadStopper threadStopper = new ThreadStopper();
+ Thread thread = new Thread(new MemorySamplerThread(threadStopper, samples, leakedMemory));
+ thread.setPriority(8);
+ thread.start();
+
+ long start = System.currentTimeMillis();
+ int tagCount = doDOMInSecurity(input);
+
+ samples.write("" + tagCount);
+ samples.write(" ");
+ samples.flush();
+
+ threadStopper.setStop(true);
+
+ System.out.println("DOM Time: " + (System.currentTimeMillis() - start) / 1000.0 + "s");
+ System.out.println("Tag Count: " + tagCount);
+ System.out.println("");
+
+ thread.join();
+
+ samples.write("\n");
+ samples.flush();
+ long endMem = getUsedMemory();
+ memoryDiff = endMem - startMem;
+ leakedMemory += memoryDiff;
+ System.out.println("Memory leak: " + ((memoryDiff)) / 1024.0 / 1024.0);
+ System.out.println("Used memory: " + (endMem / 1024.0 / 1024.0));
+ System.out.println("");
+ }
+
+ samples.close();
+ }
+
+ private int doDOMInSecurity(File input) throws Exception {
+ String action = WSHandlerConstants.ENCRYPT;
+ Document document = doInboundSecurityWithWSS4J(documentBuilderFactory.newDocumentBuilder().parse(input), action);
+ NodeList nodeList = document.getElementsByTagName("*");
+ int tagCount = nodeList.getLength();
+ return tagCount;
+ }
+
+ private int doStreamingInSecurity(File input) throws Exception {
+ SecurityProperties inSecurityProperties = new SecurityProperties();
+ inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+
+ InboundWSSec wsSecIn = WSSec.getInboundWSSec(inSecurityProperties);
+ FileInputStream fileInputStream = new FileInputStream(input);
+ XMLStreamReader outXmlStreamReader = wsSecIn.processInMessage(xmlInputFactory.createXMLStreamReader(fileInputStream));
+
+ int tagCount = 0;
+ while (outXmlStreamReader.hasNext()) {
+ int eventType = outXmlStreamReader.next();
+ if (eventType == XMLStreamConstants.START_ELEMENT) {
+ tagCount++;
+ }
+ }
+ fileInputStream.close();
+ outXmlStreamReader.close();
+ return tagCount;
+ }
+
+ class ThreadStopper {
+ private volatile boolean stop = false;
+
+ public boolean isStop() {
+ return stop;
+ }
+
+ public void setStop(boolean stop) {
+ this.stop = stop;
+ }
+ }
+
+ class MemorySamplerThread implements Runnable {
+
+ private ThreadStopper threadStopper;
+ private FileWriter fileWriter;
+ private long memoryDiff = 0;
+ private Thread parentThread;
+
+ private List<Integer> memory = new LinkedList<Integer>();
+
+ MemorySamplerThread(ThreadStopper threadStopper, FileWriter fileWriter, long memoryDiff) {
+ this.threadStopper = threadStopper;
+ this.fileWriter = fileWriter;
+ this.memoryDiff = memoryDiff;
+ this.parentThread = Thread.currentThread();
+ }
+
+ public void run() {
+
+ int sleepTime = 100;
+
+ while (!threadStopper.isStop()) {
+ try {
+ Thread.sleep(sleepTime);
+ if (threadStopper.isStop()) {
+ break;
+ }
+ } catch (InterruptedException e) {
+ throw new RuntimeException(e);
+ }
+ //parentThread.suspend();
+ memory.add((int) (((getUsedMemory()) - memoryDiff) / 1024.0 / 1024.0));
+ //System.out.println("Sample: " + memory.get(memory.size() - 1));
+ //parentThread.resume();
+ }
+
+ System.out.println("Collected " + memory.size() + " samples");
+
+ int maxMem = Integer.MIN_VALUE;
+ for (int i = 0; i < memory.size(); i++) {
+ //System.out.println("Sample: " + memory.get(i));
+ int mem = memory.get(i);
+ maxMem = mem > maxMem ? mem : maxMem;
+ }
+
+ try {
+ fileWriter.write("" + maxMem);
+ fileWriter.flush();
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+
+ System.out.println("Max memory usage: " + maxMem + "MB");
+ }
+ }
+}
Propchange: webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/test/PerformanceMemoryTest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision