You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/07/24 15:25:12 UTC

svn commit: r1150355 - in /webservices/wss4j/trunk/src/test/java/org/apache/ws/security: common/AbstractSAMLCallbackHandler.java saml/SamlTokenTest.java

Author: coheigea
Date: Sun Jul 24 13:25:11 2011
New Revision: 1150355

URL: http://svn.apache.org/viewvc?rev=1150355&view=rev
Log:
Adding in a test for a Resource URI

Modified:
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/AbstractSAMLCallbackHandler.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/AbstractSAMLCallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/AbstractSAMLCallbackHandler.java?rev=1150355&r1=1150354&r2=1150355&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/AbstractSAMLCallbackHandler.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/AbstractSAMLCallbackHandler.java Sun Jul 24 13:25:11 2011
@@ -62,6 +62,7 @@ public abstract class AbstractSAMLCallba
     protected String subjectNameIDFormat = null;
     protected String subjectLocalityIpAddress = null;
     protected String subjectLocalityDnsAddress = null;
+    protected String resource = null;
     
     public void setConfirmationMethod(String confMethod) {
         confirmationMethod = confMethod;
@@ -96,6 +97,10 @@ public abstract class AbstractSAMLCallba
         this.subjectLocalityDnsAddress = dnsAddress;
     }
     
+    public void setResource(String resource) {
+        this.resource = resource;
+    }
+    
     /**
      * Note that the SubjectBean parameter should be null for SAML2.0
      */
@@ -133,6 +138,7 @@ public abstract class AbstractSAMLCallba
             authzBean.setActions(Collections.singletonList(actionBean));
             authzBean.setResource("endpoint");
             authzBean.setDecision(AuthDecisionStatementBean.Decision.PERMIT);
+            authzBean.setResource(resource);
             callback.setAuthDecisionStatementData(Collections.singletonList(authzBean));
         }
     }

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java?rev=1150355&r1=1150354&r2=1150355&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java Sun Jul 24 13:25:11 2011
@@ -595,6 +595,45 @@ public class SamlTokenTest extends org.j
     }
     
     /**
+     * Test that creates, sends and processes an unsigned SAML 1.1 authorization assertion
+     * with a Resource URI.
+     */
+    @org.junit.Test
+    public void testSAML1Resource() throws Exception {
+        SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
+        callbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHZ);
+        callbackHandler.setIssuer("www.example.com");
+        callbackHandler.setResource("http://resource.org");
+        
+        SAMLParms samlParms = new SAMLParms();
+        samlParms.setCallbackHandler(callbackHandler);
+        AssertionWrapper assertion = new AssertionWrapper(samlParms);
+
+        WSSecSAMLToken wsSign = new WSSecSAMLToken();
+
+        Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        WSSecHeader secHeader = new WSSecHeader();
+        secHeader.insertSecurityHeader(doc);
+        
+        Document unsignedDoc = wsSign.build(doc, assertion, secHeader);
+
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("SAML 1.1 Authz Assertion (sender vouches):");
+            String outputString = 
+                org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(unsignedDoc);
+            LOG.debug(outputString);
+        }
+        
+        List<WSSecurityEngineResult> results = verify(unsignedDoc);
+        WSSecurityEngineResult actionResult =
+            WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
+        AssertionWrapper receivedAssertion = 
+            (AssertionWrapper) actionResult.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+        assertTrue(receivedAssertion != null);
+        assertTrue(!receivedAssertion.isSigned());
+    }
+    
+    /**
      * Verifies the soap envelope
      * <p/>
      *