You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/10/04 17:54:25 UTC
svn commit: r1529201 - in /cxf/trunk:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/
services/sts/systests/basic/src/test/java/org/apache/cx...
Author: coheigea
Date: Fri Oct 4 15:54:25 2013
New Revision: 1529201
URL: http://svn.apache.org/r1529201
Log:
A bunch of bug fixes for streaming IssuedTokens + some tests
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/bearer/BearerTest.java
cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/SenderVouchesTest.java
cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java?rev=1529201&r1=1529200&r2=1529201&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java Fri Oct 4 15:54:25 2013
@@ -38,6 +38,7 @@ import javax.xml.namespace.QName;
import javax.xml.soap.SOAPException;
import org.w3c.dom.Element;
+
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.common.i18n.Message;
@@ -98,6 +99,8 @@ import org.apache.xml.security.stax.ext.
import org.apache.xml.security.stax.securityToken.OutboundSecurityToken;
import org.apache.xml.security.stax.securityToken.SecurityTokenProvider;
+import org.opensaml.common.SAMLVersion;
+
/**
*
*/
@@ -315,7 +318,7 @@ public abstract class AbstractStaxBindin
return new SecurePart(qname, Modifier.Element);
}
- protected void addIssuedToken(IssuedToken token, SecurityToken secToken,
+ protected SecurePart addIssuedToken(IssuedToken token, SecurityToken secToken,
boolean signed, boolean endorsing) {
if (isTokenRequired(token.getIncludeTokenType())) {
final Element el = secToken.getToken();
@@ -353,13 +356,28 @@ public abstract class AbstractStaxBindin
SAMLCallback samlCallback = (SAMLCallback)callback;
samlCallback.setAssertionElement(el);
samlCallback.setSubject(subjectBean);
+
+ if (WSConstants.SAML_NS.equals(el.getNamespaceURI())) {
+ samlCallback.setSamlVersion(SAMLVersion.VERSION_11);
+ } else {
+ samlCallback.setSamlVersion(SAMLVersion.VERSION_20);
+ }
}
}
}
};
config.put(ConfigurationConstants.SAML_CALLBACK_REF, callbackHandler);
- }
+
+ QName qname = WSSConstants.TAG_saml2_Assertion;
+ if (WSConstants.SAML_NS.equals(el.getNamespaceURI())) {
+ qname = WSSConstants.TAG_saml_Assertion;
+ }
+
+ return new SecurePart(qname, Modifier.Element);
+ }
+
+ return null;
}
protected void policyNotAsserted(Assertion assertion, String reason) {
@@ -721,6 +739,15 @@ public abstract class AbstractStaxBindin
}
} */
+ } else if (isRequestor() && token instanceof IssuedToken) {
+ SecurityToken sigTok = getSecurityToken();
+ SecurePart securePart = addIssuedToken((IssuedToken)token, sigTok, signed, endorse);
+ if (securePart != null) {
+ ret.put(token, securePart);
+ if (suppTokens.isEncryptedToken()) {
+ encryptedTokensList.add(securePart);
+ }
+ }
} else if (isRequestor() && token instanceof KerberosToken) {
SecurePart securePart = addKerberosToken((KerberosToken)token, signed, endorse);
if (securePart != null) {
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java?rev=1529201&r1=1529200&r2=1529201&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java Fri Oct 4 15:54:25 2013
@@ -33,6 +33,7 @@ import org.apache.cxf.common.logging.Log
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.policy.SPConstants.IncludeTokenType;
@@ -42,6 +43,7 @@ import org.apache.wss4j.policy.model.Abs
import org.apache.wss4j.policy.model.AbstractTokenWrapper;
import org.apache.wss4j.policy.model.AlgorithmSuite;
import org.apache.wss4j.policy.model.AsymmetricBinding;
+import org.apache.wss4j.policy.model.IssuedToken;
import org.apache.wss4j.policy.model.X509Token;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.xml.security.stax.ext.SecurePart;
@@ -95,26 +97,13 @@ public class StaxAsymmetricBindingHandle
if (initiatorWrapper == null) {
initiatorWrapper = abinding.getInitiatorToken();
}
- /*
if (initiatorWrapper != null) {
AbstractToken initiatorToken = initiatorWrapper.getToken();
if (initiatorToken instanceof IssuedToken) {
- SecurityToken secToken = getSecurityToken();
- if (secToken == null) {
- policyNotAsserted(initiatorToken, "Security token is not found or expired");
- return;
- } else {
- policyAsserted(initiatorToken);
-
- if (includeToken(initiatorToken.getIncludeTokenType())) {
- Element el = secToken.getToken();
- this.addEncryptedKeyElement(cloneElement(el));
- attached = true;
- }
- }
+ SecurityToken sigTok = getSecurityToken();
+ addIssuedToken((IssuedToken)initiatorToken, sigTok, false, true);
}
}
- */
// Add timestamp
List<SecurePart> sigs = new ArrayList<SecurePart>();
@@ -212,26 +201,13 @@ public class StaxAsymmetricBindingHandle
initiatorWrapper = abinding.getInitiatorToken();
}
- /*
if (initiatorWrapper != null) {
AbstractToken initiatorToken = initiatorWrapper.getToken();
if (initiatorToken instanceof IssuedToken) {
- SecurityToken secToken = getSecurityToken();
- if (secToken == null) {
- policyNotAsserted(initiatorToken, "Security token is not found or expired");
- return;
- } else {
- policyAsserted(initiatorToken);
-
- if (includeToken(initiatorToken.getIncludeTokenType())) {
- Element el = secToken.getToken();
- this.addEncryptedKeyElement(cloneElement(el));
- attached = true;
- }
- }
+ SecurityToken sigTok = getSecurityToken();
+ addIssuedToken((IssuedToken)initiatorToken, sigTok, false, true);
}
}
- */
List<SecurePart> encrParts = null;
List<SecurePart> sigParts = null;
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java?rev=1529201&r1=1529200&r2=1529201&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java Fri Oct 4 15:54:25 2013
@@ -156,7 +156,7 @@ public class StaxSymmetricBindingHandler
addKerberosToken((KerberosToken)encryptionToken, false, false);
} else if (encryptionToken instanceof IssuedToken) {
tok = getSecurityToken();
- addIssuedToken((IssuedToken)encryptionToken, tok, false, false);
+ addIssuedToken((IssuedToken)encryptionToken, tok, false, true);
} else if (encryptionToken instanceof SecureConversationToken
|| encryptionToken instanceof SecurityContextToken
|| encryptionToken instanceof SpnegoContextToken) {
@@ -252,7 +252,7 @@ public class StaxSymmetricBindingHandler
addKerberosToken((KerberosToken)sigToken, false, false);
} else if (sigToken instanceof IssuedToken) {
sigTok = getSecurityToken();
- addIssuedToken((IssuedToken)sigToken, sigTok, false, false);
+ addIssuedToken((IssuedToken)sigToken, sigTok, false, true);
} else if (sigToken instanceof SecureConversationToken
|| sigToken instanceof SecurityContextToken
|| sigToken instanceof SpnegoContextToken) {
Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java?rev=1529201&r1=1529200&r2=1529201&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java Fri Oct 4 15:54:25 2013
@@ -45,6 +45,8 @@ import org.junit.BeforeClass;
* Test the Asymmetric binding. The CXF client gets a token from the STS by authenticating via a
* Username Token over the symmetric binding, and then sends it to the CXF endpoint using
* the asymmetric binding.
+ *
+ * It tests both DOM + StAX clients against the DOM server
*/
public class AsymmetricBindingTest extends AbstractBusClientServerTestBase {
@@ -104,6 +106,16 @@ public class AsymmetricBindingTest exten
TokenTestUtils.updateSTSPort((BindingProvider)asymmetricSaml1Port, STSPORT2);
}
+ // DOM
+ doubleIt(asymmetricSaml1Port, 25);
+
+ // Streaming
+ asymmetricSaml1Port = service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(asymmetricSaml1Port, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)asymmetricSaml1Port, STSPORT2);
+ }
+ SecurityTestUtil.enableStreaming(asymmetricSaml1Port);
doubleIt(asymmetricSaml1Port, 25);
((java.io.Closeable)asymmetricSaml1Port).close();
@@ -130,10 +142,19 @@ public class AsymmetricBindingTest exten
TokenTestUtils.updateSTSPort((BindingProvider)asymmetricSaml2Port, STSPORT2);
}
+ // DOM
doubleIt(asymmetricSaml2Port, 30);
-
TokenTestUtils.verifyToken(asymmetricSaml2Port);
+ // Streaming
+ asymmetricSaml2Port = service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(asymmetricSaml2Port, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)asymmetricSaml2Port, STSPORT2);
+ }
+ SecurityTestUtil.enableStreaming(asymmetricSaml2Port);
+ doubleIt(asymmetricSaml2Port, 25);
+
((java.io.Closeable)asymmetricSaml2Port).close();
bus.shutdown(true);
}
Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/bearer/BearerTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/bearer/BearerTest.java?rev=1529201&r1=1529200&r2=1529201&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/bearer/BearerTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/bearer/BearerTest.java Fri Oct 4 15:54:25 2013
@@ -50,6 +50,8 @@ import org.junit.BeforeClass;
/**
* Test the Bearer TokenType over TLS.
+ *
+ * It tests both DOM + StAX clients against the DOM server
*/
public class BearerTest extends AbstractBusClientServerTestBase {
@@ -177,6 +179,57 @@ public class BearerTest extends Abstract
}
@org.junit.Test
+ public void testSAML2UnsignedBearerStreaming() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = BearerTest.class.getResource("cxf-unsigned-client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = BearerTest.class.getResource("DoubleIt.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItTransportSAML2BearerPort");
+ DoubleItPortType transportSaml2Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(transportSaml2Port, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)transportSaml2Port, STSPORT);
+ }
+ SecurityTestUtil.enableStreaming(transportSaml2Port);
+
+ //
+ // Create a SAML2 Bearer Assertion and add it to the TokenStore so that the
+ // IssuedTokenInterceptorProvider does not invoke on the STS
+ //
+ Client client = ClientProxy.getClient(transportSaml2Port);
+ Endpoint ep = client.getEndpoint();
+ String id = "1234";
+ ep.getEndpointInfo().setProperty(TokenStore.class.getName(), new MemoryTokenStore());
+ ep.getEndpointInfo().setProperty(SecurityConstants.TOKEN_ID, id);
+ TokenStore store = (TokenStore)ep.getEndpointInfo().getProperty(TokenStore.class.getName());
+
+ SAMLCallback samlCallback = new SAMLCallback();
+ SAMLUtil.doSAMLCallback(new Saml2CallbackHandler(), samlCallback);
+ SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ Element assertionElement = assertion.toDOM(db.newDocument());
+
+ SecurityToken tok = new SecurityToken(id);
+ tok.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+ tok.setToken(assertionElement);
+ store.add(tok);
+
+ doubleIt(transportSaml2Port, 50);
+
+ ((java.io.Closeable)transportSaml2Port).close();
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
public void testSAML2BearerNoBinding() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
@@ -207,7 +260,7 @@ public class BearerTest extends Abstract
TokenTestUtils.updateSTSPort((BindingProvider)transportSaml2Port, STSPORT);
}
SecurityTestUtil.enableStreaming(transportSaml2Port);
- // TODO See WSS-358 doubleIt(transportSaml2Port, 45);
+ doubleIt(transportSaml2Port, 45);
((java.io.Closeable)transportSaml2Port).close();
bus.shutdown(true);
Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/SenderVouchesTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/SenderVouchesTest.java?rev=1529201&r1=1529200&r2=1529201&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/SenderVouchesTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/SenderVouchesTest.java Fri Oct 4 15:54:25 2013
@@ -27,7 +27,6 @@ import org.apache.cxf.Bus;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.systest.sts.common.SecurityTestUtil;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-
import org.example.contract.doubleit.DoubleItPortType;
import org.junit.BeforeClass;
@@ -35,6 +34,8 @@ import org.junit.BeforeClass;
* In this test case, a CXF client sends a Username Token via (1-way) TLS to a CXF intermediary.
* The intermediary validates the UsernameToken, and then inserts the username into a SAML
* Assertion which it signs and sends to a provider (via TLS).
+ *
+ * It tests both DOM + StAX clients against the DOM server
*/
public class SenderVouchesTest extends AbstractBusClientServerTestBase {
@@ -84,8 +85,16 @@ public class SenderVouchesTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(transportUTPort, PORT);
+ // DOM
doubleIt(transportUTPort, 25);
+ // Streaming
+ transportUTPort =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(transportUTPort, PORT);
+ SecurityTestUtil.enableStreaming(transportUTPort);
+ doubleIt(transportUTPort, 45);
+
((java.io.Closeable)transportUTPort).close();
bus.shutdown(true);
}
Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java?rev=1529201&r1=1529200&r2=1529201&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java Fri Oct 4 15:54:25 2013
@@ -39,6 +39,8 @@ import org.junit.BeforeClass;
* Test the Symmetric binding. The CXF client gets a token from the STS by authenticating via a
* Username Token over the symmetric binding, and then sends it to the CXF endpoint using
* the symmetric binding.
+ *
+ * It tests both DOM + StAX clients against the DOM server
*/
public class SymmetricBindingTest extends AbstractBusClientServerTestBase {
@@ -97,10 +99,19 @@ public class SymmetricBindingTest extend
TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT2);
}
+ // DOM
doubleIt(symmetricSaml1Port, 25);
-
TokenTestUtils.verifyToken(symmetricSaml1Port);
+ // Streaming
+ symmetricSaml1Port = service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(symmetricSaml1Port, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT);
+ }
+ SecurityTestUtil.enableStreaming(symmetricSaml1Port);
+ doubleIt(symmetricSaml1Port, 25);
+
((java.io.Closeable)symmetricSaml1Port).close();
bus.shutdown(true);
}
@@ -125,10 +136,19 @@ public class SymmetricBindingTest extend
TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT2);
}
+ // DOM
doubleIt(symmetricSaml2Port, 30);
-
TokenTestUtils.verifyToken(symmetricSaml2Port);
+ // Streaming
+ symmetricSaml2Port = service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(symmetricSaml2Port, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT);
+ }
+ SecurityTestUtil.enableStreaming(symmetricSaml2Port);
+ doubleIt(symmetricSaml2Port, 25);
+
((java.io.Closeable)symmetricSaml2Port).close();
bus.shutdown(true);
}
@@ -152,7 +172,17 @@ public class SymmetricBindingTest extend
TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT2);
}
+ // DOM
doubleIt(symmetricSaml1Port, 25);
+
+ // TODO Streaming - Problem with including encrypted SAML Token in header
+ symmetricSaml1Port = service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(symmetricSaml1Port, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT);
+ }
+ SecurityTestUtil.enableStreaming(symmetricSaml1Port);
+ // doubleIt(symmetricSaml1Port, 25);
((java.io.Closeable)symmetricSaml1Port).close();
bus.shutdown(true);
Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java?rev=1529201&r1=1529200&r2=1529201&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java Fri Oct 4 15:54:25 2013
@@ -39,6 +39,8 @@ import org.junit.BeforeClass;
* Test the Symmetric binding. The CXF client gets a token from the STS by authenticating via an
* X.509 Cert over the asymmetric binding, and then sends it to the CXF endpoint using
* the symmetric binding.
+ *
+ * It tests both DOM + StAX clients against the DOM server
*/
public class X509SymmetricBindingTest extends AbstractBusClientServerTestBase {
@@ -98,8 +100,19 @@ public class X509SymmetricBindingTest ex
TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT2);
}
+ // DOM
doubleIt(symmetricSaml1Port, 25);
+ // Streaming
+ symmetricSaml1Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(symmetricSaml1Port, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT);
+ }
+ SecurityTestUtil.enableStreaming(symmetricSaml1Port);
+ doubleIt(symmetricSaml1Port, 45);
+
((java.io.Closeable)symmetricSaml1Port).close();
bus.shutdown(true);
}
@@ -124,10 +137,20 @@ public class X509SymmetricBindingTest ex
TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT2);
}
+ // DOM
doubleIt(symmetricSaml2Port, 30);
-
TokenTestUtils.verifyToken(symmetricSaml2Port);
+ // Streaming
+ symmetricSaml2Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(symmetricSaml2Port, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT);
+ }
+ SecurityTestUtil.enableStreaming(symmetricSaml2Port);
+ doubleIt(symmetricSaml2Port, 45);
+
((java.io.Closeable)symmetricSaml2Port).close();
bus.shutdown(true);
}
@@ -152,7 +175,18 @@ public class X509SymmetricBindingTest ex
TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT2);
}
+ // DOM
doubleIt(symmetricSaml2Port, 30);
+
+ // Streaming
+ symmetricSaml2Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(symmetricSaml2Port, PORT);
+ if (standalone) {
+ TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT);
+ }
+ SecurityTestUtil.enableStreaming(symmetricSaml2Port);
+ doubleIt(symmetricSaml2Port, 45);
((java.io.Closeable)symmetricSaml2Port).close();
bus.shutdown(true);