You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/05/17 15:01:21 UTC
[1/3] cxf git commit: Security test refactor
Repository: cxf
Updated Branches:
refs/heads/master 1f038da1a -> 25b8c0e57
Security test refactor
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/25b8c0e5
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/25b8c0e5
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/25b8c0e5
Branch: refs/heads/master
Commit: 25b8c0e575f1f62a2746d2574fdea5772858fc60
Parents: 32f21e5
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue May 17 16:00:42 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue May 17 16:01:14 2016 +0100
----------------------------------------------------------------------
.../wss4j/AbstractPolicySecurityTest.java | 5 +-
.../ws/security/wss4j/AbstractSecurityTest.java | 87 +++++++++--
.../security/wss4j/SecurityActionTokenTest.java | 96 +-----------
.../wss4j/SignatureConfirmationTest.java | 52 ++-----
.../ws/security/wss4j/WSS4JFaultCodeTest.java | 80 ++--------
.../cxf/ws/security/wss4j/WSS4JInOutTest.java | 156 ++++---------------
.../security/wss4j/WSS4JOutInterceptorTest.java | 82 +++-------
.../security/wss4j/saml/DOMToStaxSamlTest.java | 20 +--
.../ws/security/wss4j/saml/SamlTokenTest.java | 87 +++--------
9 files changed, 179 insertions(+), 486 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
index 4dd9410..5702b5e 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java
@@ -109,8 +109,7 @@ public abstract class AbstractPolicySecurityTest extends AbstractSecurityTest {
final Element inPolicyElement;
if (inPolicyDocument != null) {
- inPolicyElement = this.readDocument(inPolicyDocument)
- .getDocumentElement();
+ inPolicyElement = this.readDocument(inPolicyDocument).getDocumentElement();
} else {
inPolicyElement = outPolicyElement;
}
@@ -410,7 +409,7 @@ public abstract class AbstractPolicySecurityTest extends AbstractSecurityTest {
SoapMessage msg = this.getSoapMessageForDom(doc, aim);
msg.put(SecurityConstants.SIGNATURE_PROPERTIES, "outsecurity.properties");
msg.put(SecurityConstants.ENCRYPT_PROPERTIES, "outsecurity.properties");
- msg.put(SecurityConstants.CALLBACK_HANDLER, TestPwdCallback.class.getName());
+ msg.put(SecurityConstants.CALLBACK_HANDLER, new TestPwdCallback());
msg.put(SecurityConstants.SIGNATURE_USERNAME, "myalias");
msg.put(SecurityConstants.ENCRYPT_USERNAME, "myalias");
http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
index 22b09b4..e5e531d 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java
@@ -18,29 +18,36 @@
*/
package org.apache.cxf.ws.security.wss4j;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.File;
-import java.io.IOException;
import java.io.InputStream;
+import java.util.List;
+import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import javax.xml.soap.SOAPPart;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
import javax.xml.transform.dom.DOMSource;
import org.w3c.dom.Document;
-import org.xml.sax.SAXException;
-
import org.apache.cxf.binding.soap.Soap11;
import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.helpers.DOMUtils.NullResolver;
import org.apache.cxf.message.Exchange;
import org.apache.cxf.message.ExchangeImpl;
import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.phase.PhaseInterceptor;
import org.apache.cxf.staxutils.StaxUtils;
import org.apache.cxf.test.AbstractCXFTest;
import org.apache.wss4j.dom.WSConstants;
@@ -71,16 +78,6 @@ public abstract class AbstractSecurityTest extends AbstractCXFTest {
}
/**
- * Reads a classpath resource into a SAAJ structure.
- * @param name the name of the classpath resource
- */
- protected SOAPMessage readSAAJDocument(String name) throws SAXException, IOException,
- ParserConfigurationException, SOAPException {
- InputStream inStream = getClass().getResourceAsStream(name);
- return MessageFactory.newInstance().createMessage(null, inStream);
- }
-
- /**
* Creates a {@link SoapMessage} from the contents of a document.
* @param doc the document containing the SOAP content.
*/
@@ -90,17 +87,75 @@ public abstract class AbstractSecurityTest extends AbstractCXFTest {
part.setContent(new DOMSource(doc));
saajMsg.saveChanges();
- // Hack to create the context map
MessageImpl message = new MessageImpl();
- message.getContextualProperty("XYZ");
-
SoapMessage msg = new SoapMessage(message);
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
msg.setContent(SOAPMessage.class, saajMsg);
+
return msg;
}
+ protected byte[] getMessageBytes(Document doc) throws Exception {
+ ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+ XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
+ StaxUtils.writeDocument(doc, byteArrayWriter, false);
+ byteArrayWriter.flush();
+ return outputStream.toByteArray();
+ }
+
+ protected SoapMessage makeInvocation(
+ Map<String, Object> outProperties,
+ List<String> xpaths,
+ Map<String, Object> inProperties
+ ) throws Exception {
+ Document doc = readDocument("wsse-request-clean.xml");
+
+ WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
+ PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
+
+ SoapMessage msg = getSoapMessageForDom(doc);
+
+ for (String key : outProperties.keySet()) {
+ msg.put(key, outProperties.get(key));
+ }
+
+ handler.handleMessage(msg);
+
+ SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+ doc = saajMsg.getSOAPPart();
+
+ for (String xpath : xpaths) {
+ assertValid(xpath, doc);
+ }
+
+ byte[] docbytes = getMessageBytes(doc);
+ XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
+
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+
+ dbf.setValidating(false);
+ dbf.setIgnoringComments(false);
+ dbf.setIgnoringElementContentWhitespace(true);
+ dbf.setNamespaceAware(true);
+
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ db.setEntityResolver(new NullResolver());
+ doc = StaxUtils.read(db, reader, false);
+
+ WSS4JInInterceptor inHandler = new WSS4JInInterceptor(inProperties);
+
+ SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
+ ex.setInMessage(inmsg);
+ inmsg.setContent(SOAPMessage.class, saajMsg);
+
+
+ inHandler.handleMessage(inmsg);
+
+ return inmsg;
+ }
+
protected static boolean checkUnrestrictedPoliciesInstalled() {
try {
byte[] data = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};
http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
index 28c7cf3..549e8bf 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SecurityActionTokenTest.java
@@ -18,8 +18,6 @@
*/
package org.apache.cxf.ws.security.wss4j;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
@@ -27,23 +25,10 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
-import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
-import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
-
import org.w3c.dom.Document;
+
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.helpers.DOMUtils.NullResolver;
-import org.apache.cxf.message.Exchange;
-import org.apache.cxf.message.ExchangeImpl;
-import org.apache.cxf.message.MessageImpl;
-import org.apache.cxf.phase.PhaseInterceptor;
import org.apache.cxf.staxutils.StaxUtils;
import org.apache.wss4j.common.EncryptionActionToken;
import org.apache.wss4j.common.SignatureActionToken;
@@ -73,7 +58,7 @@ public class SecurityActionTokenTest extends AbstractSecurityTest {
outProperties.put(WSHandlerConstants.HANDLER_ACTIONS, actions);
outProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback());
- Map<String, String> inProperties = new HashMap<>();
+ Map<String, Object> inProperties = new HashMap<>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "insecurity.properties");
@@ -102,13 +87,10 @@ public class SecurityActionTokenTest extends AbstractSecurityTest {
Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(WSHandlerConstants.HANDLER_ACTIONS, actions);
- Map<String, String> inProperties = new HashMap<String, String>();
+ Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
inProperties.put(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
- inProperties.put(
- WSHandlerConstants.PW_CALLBACK_CLASS,
- "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
- );
+ inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback());
List<String> xpaths = new ArrayList<String>();
xpaths.add("//wsse:Security");
@@ -145,82 +127,12 @@ public class SecurityActionTokenTest extends AbstractSecurityTest {
);
}
- private byte[] getMessageBytes(Document doc) throws Exception {
- ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
- XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
- StaxUtils.writeDocument(doc, byteArrayWriter, false);
- byteArrayWriter.flush();
- return outputStream.toByteArray();
- }
-
private List<WSHandlerResult> getResults(SoapMessage inmsg) {
final List<WSHandlerResult> handlerResults =
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
return handlerResults;
}
- private SoapMessage makeInvocation(
- Map<String, Object> outProperties,
- List<String> xpaths,
- Map<String, String> inProperties
- ) throws Exception {
- Document doc = readDocument("wsse-request-clean.xml");
-
- WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
- PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
-
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
-
- for (String key : outProperties.keySet()) {
- msg.put(key, outProperties.get(key));
- }
-
- handler.handleMessage(msg);
-
- doc = part;
-
- for (String xpath : xpaths) {
- assertValid(xpath, doc);
- }
-
- byte[] docbytes = getMessageBytes(doc);
- XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
-
- DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
-
- dbf.setValidating(false);
- dbf.setIgnoringComments(false);
- dbf.setIgnoringElementContentWhitespace(true);
- dbf.setNamespaceAware(true);
-
- DocumentBuilder db = dbf.newDocumentBuilder();
- db.setEntityResolver(new NullResolver());
- doc = StaxUtils.read(db, reader, false);
-
- WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
-
- SoapMessage inmsg = new SoapMessage(new MessageImpl());
- ex.setInMessage(inmsg);
- inmsg.setContent(SOAPMessage.class, saajMsg);
-
- for (String key : inProperties.keySet()) {
- inHandler.setProperty(key, inProperties.get(key));
- }
-
- inHandler.handleMessage(inmsg);
-
- return inmsg;
- }
-
// FOR DEBUGGING ONLY
/*private*/ static String serialize(Document doc) {
return StaxUtils.toString(doc);
http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
index 3f2e07f..d4caa27 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
@@ -19,20 +19,16 @@
package org.apache.cxf.ws.security.wss4j;
import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
import java.util.List;
import java.util.Set;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
import org.w3c.dom.Document;
+
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.helpers.DOMUtils.NullResolver;
@@ -44,7 +40,6 @@ import org.apache.cxf.staxutils.StaxUtils;
import org.apache.wss4j.dom.handler.WSHandlerConstants;
import org.apache.wss4j.dom.handler.WSHandlerResult;
-
/**
* This a test of the Signature Confirmation functionality that is contained in the
* WS-Security 1.1 specification. The requestor signs an outbound SOAP message and saves
@@ -65,16 +60,7 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
+ SoapMessage msg = getSoapMessageForDom(doc);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
msg.put(WSHandlerConstants.ENABLE_SIGNATURE_CONFIRMATION, "true");
@@ -88,7 +74,9 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
msg.put(org.apache.cxf.message.Message.REQUESTOR_ROLE, true);
handler.handleMessage(msg);
- doc = part;
+
+ SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+ doc = saajMsg.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
@@ -117,6 +105,7 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
@@ -147,23 +136,15 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
+ SoapMessage msg = getSoapMessageForDom(doc);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
msg.put(WSHandlerConstants.RECV_RESULTS, sigReceived);
handler.handleMessage(msg);
- doc = part;
+ SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+ doc = saajMsg.getSOAPPart();
assertValid("//wsse:Security", doc);
// assertValid("//wsse:Security/wsse11:SignatureConfirmation", doc);
@@ -187,6 +168,7 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
@@ -196,18 +178,4 @@ public class SignatureConfirmationTest extends AbstractSecurityTest {
inHandler.handleMessage(inmsg);
}
-
- private byte[] getMessageBytes(Document doc) throws Exception {
- // XMLOutputFactory factory = XMLOutputFactory.newInstance();
- ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-
- // XMLStreamWriter byteArrayWriter =
- // factory.createXMLStreamWriter(outputStream);
- XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-
- StaxUtils.writeDocument(doc, byteArrayWriter, false);
-
- byteArrayWriter.flush();
- return outputStream.toByteArray();
- }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
index a554c5c..bf1f9c3 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
@@ -19,20 +19,15 @@
package org.apache.cxf.ws.security.wss4j;
import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
-import javax.xml.soap.SOAPConstants;
import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
import org.w3c.dom.Document;
+
import org.apache.cxf.binding.soap.SoapFault;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.helpers.DOMUtils.NullResolver;
@@ -63,17 +58,9 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
public void testNoSecurity() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
- doc = part;
+ SoapMessage msg = getSoapMessageForDom(doc);
+ SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+ doc = saajMsg.getSOAPPart();
byte[] docbytes = getMessageBytes(doc);
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
@@ -92,6 +79,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
@@ -123,23 +111,15 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
+ SoapMessage msg = getSoapMessageForDom(doc);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
msg.put(WSHandlerConstants.TTL_TIMESTAMP, "1");
handler.handleMessage(msg);
- doc = part;
+ SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+ doc = saajMsg.getSOAPPart();
assertValid("//wsse:Security", doc);
@@ -160,6 +140,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
@@ -192,22 +173,14 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
+ SoapMessage msg = getSoapMessageForDom(doc);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
handler.handleMessage(msg);
- doc = part;
+ SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+ doc = saajMsg.getSOAPPart();
assertValid("//wsse:Security", doc);
@@ -228,6 +201,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
@@ -254,17 +228,9 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
public void testSignedEncryptedSOAP12Fault() throws Exception {
Document doc = readDocument("wsse-response-fault.xml");
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance(SOAPConstants.SOAP_1_2_PROTOCOL).createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
- doc = part;
+ SoapMessage msg = getSoapMessageForDom(doc);
+ SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+ doc = saajMsg.getSOAPPart();
byte[] docbytes = getMessageBytes(doc);
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
@@ -283,6 +249,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
@@ -310,17 +277,4 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
}
}
- private byte[] getMessageBytes(Document doc) throws Exception {
- // XMLOutputFactory factory = XMLOutputFactory.newInstance();
- ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-
- // XMLStreamWriter byteArrayWriter =
- // factory.createXMLStreamWriter(outputStream);
- XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
-
- StaxUtils.writeDocument(doc, byteArrayWriter, false);
-
- byteArrayWriter.flush();
- return outputStream.toByteArray();
- }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
index 9a95315..31debf3 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
@@ -19,7 +19,6 @@
package org.apache.cxf.ws.security.wss4j;
import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
@@ -32,14 +31,11 @@ import java.util.TreeSet;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
import org.w3c.dom.Document;
+
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor;
import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
@@ -91,13 +87,13 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
@Test
public void testSignature() throws Exception {
- Map<String, String> outProperties = new HashMap<String, String>();
+ Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
outProperties.put(WSHandlerConstants.USER, "myalias");
outProperties.put("password", "myAliasPassword");
- Map<String, String> inProperties = new HashMap<String, String>();
+ Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "insecurity.properties");
@@ -117,14 +113,14 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
@Test
public void testDirectReferenceSignature() throws Exception {
- Map<String, String> outProperties = new HashMap<String, String>();
+ Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
outProperties.put(WSHandlerConstants.USER, "myalias");
outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
outProperties.put("password", "myAliasPassword");
- Map<String, String> inProperties = new HashMap<String, String>();
+ Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "insecurity.properties");
@@ -145,19 +141,16 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
@Test
public void testEncryption() throws Exception {
- Map<String, String> outProperties = new HashMap<String, String>();
+ Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
outProperties.put(WSHandlerConstants.ENC_PROP_FILE, "outsecurity.properties");
outProperties.put(WSHandlerConstants.USER, "myalias");
outProperties.put("password", "myAliasPassword");
- Map<String, String> inProperties = new HashMap<String, String>();
+ Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
inProperties.put(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
- inProperties.put(
- WSHandlerConstants.PW_CALLBACK_CLASS,
- "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
- );
+ inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback());
List<String> xpaths = new ArrayList<String>();
xpaths.add("//wsse:Security");
@@ -196,7 +189,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
@Test
public void testEncryptedUsernameToken() throws Exception {
- Map<String, String> outProperties = new HashMap<String, String>();
+ Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(
WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.ENCRYPT
@@ -210,16 +203,13 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
"{Content}{" + WSConstants.WSSE_NS + "}UsernameToken"
);
- Map<String, String> inProperties = new HashMap<String, String>();
+ Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(
WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.ENCRYPT
);
inProperties.put(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
- inProperties.put(
- WSHandlerConstants.PW_CALLBACK_CLASS,
- "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
- );
+ inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback());
List<String> xpaths = new ArrayList<String>();
xpaths.add("//wsse:Security");
@@ -251,19 +241,16 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
@Test
public void testUsernameToken() throws Exception {
- Map<String, String> outProperties = new HashMap<String, String>();
+ Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
outProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProperties.put(WSHandlerConstants.USER, "alice");
outProperties.put("password", "alicePassword");
- Map<String, String> inProperties = new HashMap<String, String>();
+ Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
inProperties.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
- inProperties.put(
- WSHandlerConstants.PW_CALLBACK_CLASS,
- "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
- );
+ inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new TestPwdCallback());
List<String> xpaths = new ArrayList<String>();
xpaths.add("//wsse:Security");
@@ -286,16 +273,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
+ SoapMessage msg = getSoapMessageForDom(doc);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
@@ -304,7 +282,8 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
handler.handleMessage(msg);
- doc = part;
+ SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+ doc = saajMsg.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
@@ -331,6 +310,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
@@ -352,16 +332,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
+ SoapMessage msg = getSoapMessageForDom(doc);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
@@ -370,7 +341,8 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
handler.handleMessage(msg);
- doc = part;
+ SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+ doc = saajMsg.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
@@ -405,9 +377,10 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
-
+
inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
inHandler.handleMessage(inmsg);
@@ -425,17 +398,15 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
@Test
public void testPKIPath() throws Exception {
- Map<String, String> outProperties = new HashMap<String, String>();
+ Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
outProperties.put(WSHandlerConstants.USER, "alice");
outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "alice.properties");
- outProperties.put(
- WSHandlerConstants.PW_CALLBACK_CLASS, KeystorePasswordCallback.class.getName()
- );
+ outProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new KeystorePasswordCallback());
outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
outProperties.put(WSHandlerConstants.USE_SINGLE_CERTIFICATE, "false");
- Map<String, String> inProperties = new HashMap<String, String>();
+ Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "cxfca.properties");
@@ -456,7 +427,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
@Test
public void testUsernameTokenSignature() throws Exception {
- Map<String, String> outProperties = new HashMap<String, String>();
+ Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(
WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.SIGNATURE);
@@ -470,7 +441,7 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
"org.apache.cxf.ws.security.wss4j.TestPwdCallback"
);
- Map<String, String> inProperties = new HashMap<String, String>();
+ Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(
WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.SIGNATURE
@@ -490,15 +461,6 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
makeInvocation(outProperties, xpaths, inProperties);
}
-
- private byte[] getMessageBytes(Document doc) throws Exception {
- ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
- XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
- StaxUtils.writeDocument(doc, byteArrayWriter, false);
- byteArrayWriter.flush();
- return outputStream.toByteArray();
- }
-
/**
* @return a processor map suitable for custom processing of
* signatures (in this case, the actual processor is
@@ -523,68 +485,6 @@ public class WSS4JInOutTest extends AbstractSecurityTest {
return handlerResults;
}
- private SoapMessage makeInvocation(
- Map<String, String> outProperties,
- List<String> xpaths,
- Map<String, String> inProperties
- ) throws Exception {
- Document doc = readDocument("wsse-request-clean.xml");
-
- WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
- PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
-
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
-
- for (String key : outProperties.keySet()) {
- msg.put(key, outProperties.get(key));
- }
-
- handler.handleMessage(msg);
-
- doc = part;
-
- for (String xpath : xpaths) {
- assertValid(xpath, doc);
- }
-
- byte[] docbytes = getMessageBytes(doc);
- XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
-
- DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
-
- dbf.setValidating(false);
- dbf.setIgnoringComments(false);
- dbf.setIgnoringElementContentWhitespace(true);
- dbf.setNamespaceAware(true);
-
- DocumentBuilder db = dbf.newDocumentBuilder();
- db.setEntityResolver(new NullResolver());
- doc = StaxUtils.read(db, reader, false);
-
- WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
-
- SoapMessage inmsg = new SoapMessage(new MessageImpl());
- ex.setInMessage(inmsg);
- inmsg.setContent(SOAPMessage.class, saajMsg);
-
- for (String key : inProperties.keySet()) {
- inHandler.setProperty(key, inProperties.get(key));
- }
-
- inHandler.handleMessage(inmsg);
-
- return inmsg;
- }
-
// FOR DEBUGGING ONLY
/*private*/ static String serialize(Document doc) {
return StaxUtils.toString(doc);
http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
index 5e5b184..bcb0d95 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
@@ -22,14 +22,11 @@ import java.util.HashMap;
import java.util.Map;
import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
import org.w3c.dom.Document;
+
import org.apache.cxf.binding.soap.SoapFault;
import org.apache.cxf.binding.soap.SoapMessage;
-import org.apache.cxf.message.Exchange;
-import org.apache.cxf.message.ExchangeImpl;
-import org.apache.cxf.message.MessageImpl;
import org.apache.cxf.phase.PhaseInterceptor;
import org.apache.wss4j.common.SecurityActionToken;
import org.apache.wss4j.common.ext.WSSecurityException;
@@ -44,17 +41,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
@Test
public void testUsernameTokenText() throws Exception {
- SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+ Document doc = readDocument("wsse-request-clean.xml");
+ SoapMessage msg = getSoapMessageForDom(doc);
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- msg.setContent(SOAPMessage.class, saaj);
-
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "username");
@@ -62,7 +54,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
msg.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
handler.handleMessage(msg);
- SOAPPart doc = saaj.getSOAPPart();
+ doc = msg.getContent(SOAPMessage.class).getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/wsse:UsernameToken", doc);
assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
@@ -72,17 +64,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
@Test
public void testUsernameTokenDigest() throws Exception {
- SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+ Document doc = readDocument("wsse-request-clean.xml");
+ SoapMessage msg = getSoapMessageForDom(doc);
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- msg.setContent(SOAPMessage.class, saaj);
-
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "username");
@@ -90,7 +77,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
msg.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
handler.handleMessage(msg);
- SOAPPart doc = saaj.getSOAPPart();
+ doc = msg.getContent(SOAPMessage.class).getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/wsse:UsernameToken", doc);
assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
@@ -100,17 +87,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
@Test
public void testEncrypt() throws Exception {
- SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+ Document doc = readDocument("wsse-request-clean.xml");
+ SoapMessage msg = getSoapMessageForDom(doc);
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- msg.setContent(SOAPMessage.class, saaj);
-
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.ENC_PROP_FILE, "outsecurity.properties");
@@ -119,24 +101,19 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
handler.handleMessage(msg);
- SOAPPart doc = saaj.getSOAPPart();
+ doc = msg.getContent(SOAPMessage.class).getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//s:Body/xenc:EncryptedData", doc);
}
@Test
public void testSignature() throws Exception {
- SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+ Document doc = readDocument("wsse-request-clean.xml");
+ SoapMessage msg = getSoapMessageForDom(doc);
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- msg.setContent(SOAPMessage.class, saaj);
-
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myAlias");
@@ -144,24 +121,19 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
handler.handleMessage(msg);
- SOAPPart doc = saaj.getSOAPPart();
+ doc = msg.getContent(SOAPMessage.class).getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
}
@Test
public void testTimestamp() throws Exception {
- SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+ Document doc = readDocument("wsse-request-clean.xml");
+ SoapMessage msg = getSoapMessageForDom(doc);
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- msg.setContent(SOAPMessage.class, saaj);
-
ohandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
ohandler.setProperty(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myalias");
@@ -169,23 +141,18 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
handler.handleMessage(msg);
- SOAPPart doc = saaj.getSOAPPart();
+ doc = msg.getContent(SOAPMessage.class).getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/wsu:Timestamp", doc);
}
@Test
public void testOverrideCustomAction() throws Exception {
- SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+ Document doc = readDocument("wsse-request-clean.xml");
+ SoapMessage msg = getSoapMessageForDom(doc);
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
-
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- msg.setContent(SOAPMessage.class, saaj);
CountingUsernameTokenAction action = new CountingUsernameTokenAction();
Map<Object, Object> customActions = new HashMap<Object, Object>(1);
@@ -199,7 +166,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
msg.put(WSS4JOutInterceptor.WSS4J_ACTION_MAP, customActions);
handler.handleMessage(msg);
- SOAPPart doc = saaj.getSOAPPart();
+ doc = msg.getContent(SOAPMessage.class).getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/wsse:UsernameToken", doc);
assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
@@ -225,17 +192,12 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
@Test
public void testAddCustomAction() throws Exception {
- SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
+ Document doc = readDocument("wsse-request-clean.xml");
+ SoapMessage msg = getSoapMessageForDom(doc);
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- msg.setContent(SOAPMessage.class, saaj);
-
CountingUsernameTokenAction action = new CountingUsernameTokenAction();
Map<Object, Object> customActions = new HashMap<Object, Object>(1);
customActions.put(12345, action);
@@ -248,7 +210,7 @@ public class WSS4JOutInterceptorTest extends AbstractSecurityTest {
msg.put(WSS4JOutInterceptor.WSS4J_ACTION_MAP, customActions);
handler.handleMessage(msg);
- SOAPPart doc = saaj.getSOAPPart();
+ doc = msg.getContent(SOAPMessage.class).getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/wsse:UsernameToken", doc);
assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
index bd6d2e8..50b85dc 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/DOMToStaxSamlTest.java
@@ -100,10 +100,8 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
Map<String, Object> properties = new HashMap<String, Object>();
properties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
- properties.put(
- WSHandlerConstants.SAML_CALLBACK_CLASS,
- "org.apache.cxf.ws.security.wss4j.saml.SAML1CallbackHandler"
- );
+ properties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
+
properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
properties.put(WSHandlerConstants.USER, "alice");
properties.put(WSHandlerConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
@@ -165,10 +163,8 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
Map<String, Object> properties = new HashMap<String, Object>();
properties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
- properties.put(
- WSHandlerConstants.SAML_CALLBACK_CLASS,
- "org.apache.cxf.ws.security.wss4j.saml.SAML2CallbackHandler"
- );
+ properties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
+
properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
properties.put(WSHandlerConstants.USER, "alice");
properties.put(WSHandlerConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
@@ -209,9 +205,7 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY);
callbackHandler.setSignAssertion(true);
- properties.put(
- WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
- );
+ properties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
properties.put(WSHandlerConstants.USER, "alice");
@@ -261,9 +255,7 @@ public class DOMToStaxSamlTest extends AbstractSecurityTest {
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
callbackHandler.setSignAssertion(true);
- properties.put(
- WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
- );
+ properties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
properties.put(WSHandlerConstants.USER, "alice");
http://git-wip-us.apache.org/repos/asf/cxf/blob/25b8c0e5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
index 038ef65..1425a34 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/saml/SamlTokenTest.java
@@ -19,8 +19,8 @@
package org.apache.cxf.ws.security.wss4j.saml;
import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -28,12 +28,8 @@ import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPMessage;
-import javax.xml.soap.SOAPPart;
import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.XMLStreamWriter;
-import javax.xml.transform.dom.DOMSource;
import org.w3c.dom.Document;
@@ -88,10 +84,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
private SecurityContext testSaml1Token(boolean allowUnsignedPrincipal) throws Exception {
Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
- outProperties.put(
- WSHandlerConstants.SAML_CALLBACK_CLASS,
- "org.apache.cxf.ws.security.wss4j.saml.SAML1CallbackHandler"
- );
+ outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
@@ -130,10 +123,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
public void testSaml1TokenSignedSenderVouches() throws Exception {
Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
- outProperties.put(
- WSHandlerConstants.SAML_CALLBACK_CLASS,
- "org.apache.cxf.ws.security.wss4j.saml.SAML1CallbackHandler"
- );
+ outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
outProperties.put(WSHandlerConstants.USER, "alice");
outProperties.put("password", "password");
@@ -176,10 +166,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
public void testSaml2Token() throws Exception {
Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
- outProperties.put(
- WSHandlerConstants.SAML_CALLBACK_CLASS,
- "org.apache.cxf.ws.security.wss4j.saml.SAML2CallbackHandler"
- );
+ outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
@@ -213,10 +200,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
public void testSaml2TokenSignedSenderVouches() throws Exception {
Map<String, Object> outProperties = new HashMap<String, Object>();
outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
- outProperties.put(
- WSHandlerConstants.SAML_CALLBACK_CLASS,
- "org.apache.cxf.ws.security.wss4j.saml.SAML2CallbackHandler"
- );
+ outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML2CallbackHandler());
outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
outProperties.put(WSHandlerConstants.USER, "alice");
outProperties.put("password", "password");
@@ -270,9 +254,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY);
callbackHandler.setSignAssertion(true);
- outProperties.put(
- WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
- );
+ outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(
@@ -291,14 +273,14 @@ public class SamlTokenTest extends AbstractSecurityTest {
xpaths.add("//wsse:Security/saml1:Assertion");
try {
- makeInvocation(outProperties, xpaths, inProperties);
+ makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
fail("Failure expected in SAML Validator");
} catch (Fault ex) {
// expected
}
validator.setRequireSenderVouches(false);
- Message message = makeInvocation(outProperties, xpaths, inProperties);
+ Message message = makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
final List<WSHandlerResult> handlerResults =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
@@ -328,9 +310,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
callbackHandler.setSignAssertion(true);
- outProperties.put(
- WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
- );
+ outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(
@@ -349,7 +329,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
xpaths.add("//wsse:Security/saml2:Assertion");
try {
- makeInvocation(outProperties, xpaths, inProperties);
+ makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
fail("Failure expected in SAML Validator");
} catch (Fault ex) {
// expected
@@ -357,14 +337,14 @@ public class SamlTokenTest extends AbstractSecurityTest {
validator.setRequireSenderVouches(false);
try {
- makeInvocation(outProperties, xpaths, inProperties);
+ makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
fail("Failure expected in SAML Validator");
} catch (Fault ex) {
// expected
}
validator.setRequireSAML1Assertion(false);
- Message message = makeInvocation(outProperties, xpaths, inProperties);
+ Message message = makeInvocation(outProperties, xpaths, inProperties, Collections.emptyMap());
final List<WSHandlerResult> handlerResults =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
@@ -397,9 +377,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
callbackHandler.setStatement(Statement.ATTR);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
- outProperties.put(
- WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
- );
+ outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(
@@ -457,9 +435,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
callbackHandler.setStatement(Statement.ATTR);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
- outProperties.put(
- WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
- );
+ outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(
@@ -516,9 +492,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
callbackHandler.setStatement(Statement.ATTR);
callbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER);
- outProperties.put(
- WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler
- );
+ outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
Map<String, Object> inProperties = new HashMap<String, Object>();
inProperties.put(
@@ -561,14 +535,6 @@ public class SamlTokenTest extends AbstractSecurityTest {
private SoapMessage makeInvocation(
Map<String, Object> outProperties,
List<String> xpaths,
- Map<String, Object> inProperties
- ) throws Exception {
- return makeInvocation(outProperties, xpaths, inProperties, new HashMap<String, String>());
- }
-
- private SoapMessage makeInvocation(
- Map<String, Object> outProperties,
- List<String> xpaths,
Map<String, Object> inProperties,
Map<String, String> inMessageProperties
) throws Exception {
@@ -577,16 +543,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
- SoapMessage msg = new SoapMessage(new MessageImpl());
- Exchange ex = new ExchangeImpl();
- ex.setInMessage(msg);
-
- SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
- SOAPPart part = saajMsg.getSOAPPart();
- part.setContent(new DOMSource(doc));
- saajMsg.saveChanges();
-
- msg.setContent(SOAPMessage.class, saajMsg);
+ SoapMessage msg = getSoapMessageForDom(doc);
for (String key : outProperties.keySet()) {
msg.put(key, outProperties.get(key));
@@ -594,7 +551,8 @@ public class SamlTokenTest extends AbstractSecurityTest {
handler.handleMessage(msg);
- doc = part;
+ SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
+ doc = saajMsg.getSOAPPart();
for (String xpath : xpaths) {
assertValid(xpath, doc);
@@ -621,6 +579,7 @@ public class SamlTokenTest extends AbstractSecurityTest {
for (String inMessageProperty : inMessageProperties.keySet()) {
inmsg.put(inMessageProperty, inMessageProperties.get(inMessageProperty));
}
+ Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
@@ -629,14 +588,6 @@ public class SamlTokenTest extends AbstractSecurityTest {
return inmsg;
}
- private byte[] getMessageBytes(Document doc) throws Exception {
- ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
- XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
- StaxUtils.writeDocument(doc, byteArrayWriter, false);
- byteArrayWriter.flush();
- return outputStream.toByteArray();
- }
-
// FOR DEBUGGING ONLY
/*private*/ static String serialize(Document doc) throws Exception {
return StaxUtils.toString(doc);
[2/3] cxf git commit: More unit tests for CXF-6900
Posted by co...@apache.org.
More unit tests for CXF-6900
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/32f21e54
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/32f21e54
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/32f21e54
Branch: refs/heads/master
Commit: 32f21e540d83e447193181d4a0e7ccd91a0474d0
Parents: f549970
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue May 17 12:48:51 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue May 17 16:01:14 2016 +0100
----------------------------------------------------------------------
.../ws/security/wss4j/WSS4JFaultCodeTest.java | 65 ++++++++++++++++++++
.../ws/security/wss4j/wsse-response-fault.xml | 1 +
2 files changed, 66 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/32f21e54/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
index 4be3341..a554c5c 100644
--- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
+++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java
@@ -25,6 +25,7 @@ import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPConstants;
import javax.xml.soap.SOAPMessage;
import javax.xml.soap.SOAPPart;
import javax.xml.stream.XMLStreamReader;
@@ -58,6 +59,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
* Test for WSS4JInInterceptor when it receives a message with no security header.
*/
@Test
+ @org.junit.Ignore
public void testNoSecurity() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
@@ -114,6 +116,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
* Test that an invalid Timestamp gets mapped to a proper fault code
*/
@Test
+ @org.junit.Ignore
public void testInvalidTimestamp() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
@@ -182,6 +185,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
* Test that an action mismatch gets mapped to a proper fault code
*/
@Test
+ @org.junit.Ignore
public void testActionMismatch() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
@@ -244,7 +248,68 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest {
}
}
+ // TODO - See CXF-6900.
+ @Test
+ @org.junit.Ignore
+ public void testSignedEncryptedSOAP12Fault() throws Exception {
+ Document doc = readDocument("wsse-response-fault.xml");
+
+ SoapMessage msg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
+ ex.setInMessage(msg);
+
+ SOAPMessage saajMsg = MessageFactory.newInstance(SOAPConstants.SOAP_1_2_PROTOCOL).createMessage();
+ SOAPPart part = saajMsg.getSOAPPart();
+ part.setContent(new DOMSource(doc));
+ saajMsg.saveChanges();
+
+ msg.setContent(SOAPMessage.class, saajMsg);
+ doc = part;
+
+ byte[] docbytes = getMessageBytes(doc);
+ XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
+
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+
+ dbf.setValidating(false);
+ dbf.setIgnoringComments(false);
+ dbf.setIgnoringElementContentWhitespace(true);
+ dbf.setNamespaceAware(true);
+
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ db.setEntityResolver(new NullResolver());
+ doc = StaxUtils.read(db, reader, false);
+
+ WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
+
+ SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ ex.setInMessage(inmsg);
+ inmsg.setContent(SOAPMessage.class, saajMsg);
+ inHandler.setProperty(WSHandlerConstants.ACTION,
+ WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT);
+ inHandler.setProperty(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
+ inHandler.setProperty(WSHandlerConstants.SIG_VER_PROP_FILE, "insecurity.properties");
+ inHandler.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());
+ inHandler.setProperty(
+ WSHandlerConstants.PW_CALLBACK_CLASS,
+ "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
+ );
+
+ inmsg.put(SecurityConstants.RETURN_SECURITY_ERROR, Boolean.TRUE);
+
+ try {
+ inHandler.handleMessage(inmsg);
+ fail("Expected failure on a SOAP Fault");
+ } catch (SoapFault fault) {
+ fault.printStackTrace();
+ // TODO assertTrue(fault.getReason().startsWith(
+ // "An error was discovered processing the <wsse:Security> header"));
+ QName faultCode = new QName(WSConstants.WSSE_NS, "InvalidSecurity");
+ assertTrue(fault.getFaultCode().equals(faultCode));
+ }
+ }
+
private byte[] getMessageBytes(Document doc) throws Exception {
// XMLOutputFactory factory = XMLOutputFactory.newInstance();
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
http://git-wip-us.apache.org/repos/asf/cxf/blob/32f21e54/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/wsse-response-fault.xml
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/wsse-response-fault.xml b/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/wsse-response-fault.xml
new file mode 100644
index 0000000..77570c5
--- /dev/null
+++ b/rt/ws/security/src/test/resources/org/apache/cxf/ws/security/wss4j/wsse-response-fault.xml
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><s:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" s:mustUnderstand="true"><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EK-94f8e6f3-2aca-42b4-8b7c-708cba43ec52"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference><ds:X509Data><ds:X509IssuerSerial><ds:X509IssuerName>CN=myAlias</ds:X509IssuerName><ds:X509SerialNumber>1181668586</ds:X509SerialNumber></ds:X509IssuerSerial></ds:X509Data></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>AuYaQYEBTTTZojvmDCIXwrxB32H
YooiXzJO6klKsNtqJ0C7MQIvkzvGpyqy266sSyKAAifDA1kx5rUP0y574CWOcWhbrD0OlQzvCmFvDwkAKea5tbCc1WeLNmN48KHv0OLRi2AKaWAcTkhAb0IzU1Dw7n7hrWz2Op+lNSp0xdU0=</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI="#ED-facc107a-9306-4081-873e-20110577c13c"/></xenc:ReferenceList></xenc:EncryptedKey><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-bd8fa67d-2c97-4a21-b5af-3b82795a26ff"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="s xsd xsi"/></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#id-2168e513-ba4c-413e-a765-9400f67b0b90"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xsd xsi"/></ds:Transform></ds:Transforms><ds:DigestMet
hod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>0Il0KUXoOUSLWESWGEv/WxIMZVM=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>JEVxpip0nlvGlfMpXDU2lkrALdEvgNDVlyCtj4UxwN20B3rOP6Si8J5MO4Q9uHFq1+Olkl0qVp9VsldD/DppbA5Ghl30WYYupe/qyyN5lrSk6HYVe+3MwGkP8uRNZS8lW2JG+MssUvuDbLtIo8hwJw+iQhH/bY6Ffy1xjR+lVrQ=</ds:SignatureValue><ds:KeyInfo Id="KI-fcd5d6b1-1c7d-4121-8f84-bc1450387bb5"><wsse:SecurityTokenReference wsu:Id="STR-5dfa2eaf-5327-4ef7-a26f-d911a4c41f23" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><ds:X509Data><ds:X509IssuerSerial><ds:X509IssuerName>CN=myAlias</ds:X509IssuerName><ds:X509SerialNumber>1181668586</ds:X509SerialNumber></ds:X509IssuerSerial></ds:X509Data></wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature></wsse:Security></s:Header><s:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/
01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-2168e513-ba4c-413e-a765-9400f67b0b90"><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="ED-facc107a-9306-4081-873e-20110577c13c" Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"><wsse:Reference URI="#EK-94f8e6f3-2aca-42b4-8b7c-708cba43ec52"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>9aLrBzw1l/Re54FsBK4UusyzwA0zllEGWvTASH4OE65JK1/9vmEYayJx6Okg5QMo2bSa+rTLIjr4dxe/r5XWw/qD6mrAh4tooFgaPynx7O3htfvoujI1DbqaT1XbfiG/IR0z71Lu4za0xbDc7+t6YeGV+He
hIP1psneYxZbcN/W1mhAL+gfnhXdfB+PNGZMivgy/LpqjJGtFmTpUHvk0IwNYzfyiNrE+sBYIZKJtsdI=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></s:Body></s:Envelope>
\ No newline at end of file
[3/3] cxf git commit: Adding @Ignore'd unit test for CXF-6900
Posted by co...@apache.org.
Adding @Ignore'd unit test for CXF-6900
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f5499705
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f5499705
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f5499705
Branch: refs/heads/master
Commit: f5499705ef50b6e0c6ae3060953a6cff4d63b3cc
Parents: 1f038da
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue May 17 12:43:58 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue May 17 16:01:14 2016 +0100
----------------------------------------------------------------------
.../cxf/binding/soap/saaj/ParseBodyTest.java | 61 ++++++++++++++++++++
.../cxf/binding/soap/saaj/soap12-fault.xml | 6 ++
2 files changed, 67 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/f5499705/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java
----------------------------------------------------------------------
diff --git a/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java b/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java
index 4e8d5bc..bcdb6f9 100644
--- a/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java
+++ b/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java
@@ -20,12 +20,25 @@ package org.apache.cxf.binding.soap.saaj;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.soap.MessageFactory;
+import javax.xml.soap.SOAPConstants;
import javax.xml.soap.SOAPMessage;
+import javax.xml.soap.SOAPPart;
import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
import javax.xml.transform.dom.DOMSource;
+import org.w3c.dom.Document;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.helpers.DOMUtils.NullResolver;
+import org.apache.cxf.message.Exchange;
+import org.apache.cxf.message.ExchangeImpl;
+import org.apache.cxf.message.MessageImpl;
import org.apache.cxf.staxutils.StaxUtils;
import org.junit.Assert;
import org.junit.Test;
@@ -71,6 +84,43 @@ public class ParseBodyTest extends Assert {
public void testUsingStaxUtilsCopyWithSAAJWriterData2() throws Exception {
testUsingStaxUtilsCopyWithSAAJWriter(2);
}
+
+ // TODO - See CXF-6900
+ @Test
+ @org.junit.Ignore
+ public void testReadSOAPFault() throws Exception {
+ InputStream inStream = getClass().getResourceAsStream("soap12-fault.xml");
+ Document doc = StaxUtils.read(inStream);
+
+ SoapMessage msg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
+ ex.setInMessage(msg);
+
+ SOAPMessage saajMsg = MessageFactory.newInstance(SOAPConstants.SOAP_1_2_PROTOCOL).createMessage();
+ SOAPPart part = saajMsg.getSOAPPart();
+ part.setContent(new DOMSource(doc));
+ saajMsg.saveChanges();
+
+ msg.setContent(SOAPMessage.class, saajMsg);
+ doc = part;
+
+ // System.out.println("OUTPUT: " + StaxUtils.toString(doc));
+
+ byte[] docbytes = getMessageBytes(doc);
+ XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
+
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+
+ dbf.setValidating(false);
+ dbf.setIgnoringComments(false);
+ dbf.setIgnoringElementContentWhitespace(true);
+ dbf.setNamespaceAware(true);
+
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ db.setEntityResolver(new NullResolver());
+ doc = StaxUtils.read(db, reader, false);
+
+ }
private void testUsingStaxUtilsCopyWithSAAJWriter(int n) throws Exception {
prepare(n);
@@ -86,4 +136,15 @@ public class ParseBodyTest extends Assert {
//System.out.println("UsingStaxUtilsCopyWithSAAJWriter: " + result);
assertEquals(DATA[n], result);
}
+
+ private byte[] getMessageBytes(Document doc) throws Exception {
+ ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+
+ XMLStreamWriter byteArrayWriter = StaxUtils.createXMLStreamWriter(outputStream);
+
+ StaxUtils.writeDocument(doc, byteArrayWriter, false);
+
+ byteArrayWriter.flush();
+ return outputStream.toByteArray();
+ }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f5499705/rt/bindings/soap/src/test/resources/org/apache/cxf/binding/soap/saaj/soap12-fault.xml
----------------------------------------------------------------------
diff --git a/rt/bindings/soap/src/test/resources/org/apache/cxf/binding/soap/saaj/soap12-fault.xml b/rt/bindings/soap/src/test/resources/org/apache/cxf/binding/soap/saaj/soap12-fault.xml
new file mode 100644
index 0000000..7539a49
--- /dev/null
+++ b/rt/bindings/soap/src/test/resources/org/apache/cxf/binding/soap/saaj/soap12-fault.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <s:Body>
+ <Fault xmlns="http://www.w3.org/2003/05/soap-envelope"><Code><Value>Receiver</Value></Code><Reason><Text xml:lang="en">Error Message.</Text></Reason></Fault>
+ </s:Body>
+</s:Envelope>