You are viewing a plain text version of this content. The canonical link for it is here.
Posted to sandesha-dev@ws.apache.org by ch...@apache.org on 2006/07/31 15:32:15 UTC
svn commit: r427116 [2/2] - in /webservices/sandesha/trunk/java: ./ config/ src/org/apache/sandesha2/ src/org/apache/sandesha2/client/ src/org/apache/sandesha2/i18n/ src/org/apache/sandesha2/msgprocessors/ src/org/apache/sandesha2/policy/ src/org/apach...

Added: webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/SecurityTest.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/SecurityTest.java?rev=427116&view=auto
==============================================================================
--- webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/SecurityTest.java (added)
+++ webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/SecurityTest.java Mon Jul 31 06:32:13 2006
@@ -0,0 +1,106 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sandesha2.security;
+
+import java.io.File;
+
+import org.apache.axis2.addressing.EndpointReference;
+import org.apache.axis2.client.Options;
+import org.apache.axis2.client.ServiceClient;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.ConfigurationContextFactory;
+import org.apache.axis2.context.MessageContextConstants;
+import org.apache.axis2.transport.http.SimpleHTTPServer;
+import org.apache.sandesha2.SandeshaTestCase;
+import org.apache.sandesha2.client.SandeshaClient;
+import org.apache.sandesha2.client.SandeshaClientConstants;
+import org.apache.sandesha2.client.SequenceReport;
+import org.apache.sandesha2.util.SandeshaUtil;
+
+/**
+ * Low-level testcases for the Security handling. This test mostly checks that the code can
+ * read and write the SecurityTokenReference elements that we expect to find within the create
+ * sequence messgaes.
+ */
+public class SecurityTest extends SandeshaTestCase {
+
+	private int serverPort = DEFAULT_SERVER_TEST_PORT;
+	private SimpleHTTPServer httpServer;
+	
+	public SecurityTest(String name) {
+		super(name);
+	}
+	
+	public void setUp () throws Exception {
+		super.setUp();
+
+		String repoPath = "target" + File.separator + "repos" + File.separator + "secure-server";
+		String axis2_xml = repoPath + File.separator + "server_axis2.xml";
+
+		ConfigurationContext configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(repoPath,axis2_xml);
+
+		String serverPortStr = getTestProperty("test.server.port");
+		if(serverPortStr != null) serverPort = Integer.parseInt(serverPortStr);
+		
+		httpServer = new SimpleHTTPServer (configContext,serverPort);
+		httpServer.start();
+		Thread.sleep(300);
+	}
+	
+	public void tearDown () throws Exception {
+		if (httpServer!=null) {
+			httpServer.stop();
+			httpServer = null;
+		}
+		
+		Thread.sleep(300);
+		super.tearDown();
+	}
+
+	// Check that we can send a create sequence that includes a token reference.
+	public void testCreateSequence() throws Exception {
+		String to = "http://127.0.0.1:" + serverPort + "/axis2/services/RMSampleService";
+
+		String repoPath = "target" + File.separator + "repos" + File.separator + "secure-client";
+		String axis2_xml = repoPath + File.separator + "client_axis2.xml";
+		
+		ConfigurationContext configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(repoPath,axis2_xml);
+		ServiceClient serviceClient = new ServiceClient (configContext,null);
+		String sequenceKey = SandeshaUtil.getUUID();
+
+		Options clientOptions = new Options ();
+
+		clientOptions.setTo(new EndpointReference (to));
+		clientOptions.setProperty(MessageContextConstants.TRANSPORT_URL,to);
+		clientOptions.setProperty(SandeshaClientConstants.SEQUENCE_KEY,sequenceKey);
+		serviceClient.setOptions(clientOptions);
+		
+		SandeshaClient.createSequence(serviceClient,false);
+		
+		SequenceReport sequenceReport = null;
+		for(int i = 0; i < 15; i++) {
+			Thread.sleep(1000);
+			sequenceReport = SandeshaClient.getOutgoingSequenceReport(serviceClient);
+			if(sequenceReport.getSequenceID() != null) break;
+		}
+		assertTrue(sequenceReport.isSecureSequence());
+		
+		serviceClient.finalizeInvoke();
+	}
+
+}

Added: webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java?rev=427116&view=auto
==============================================================================
--- webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java (added)
+++ webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java Mon Jul 31 06:32:13 2006
@@ -0,0 +1,103 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sandesha2.security;
+
+import java.util.HashMap;
+
+import javax.xml.namespace.QName;
+
+import org.apache.axiom.om.OMAbstractFactory;
+import org.apache.axiom.om.OMAttribute;
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.axiom.om.OMNamespace;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.description.AxisModule;
+import org.apache.sandesha2.Sandesha2Constants;
+import org.apache.sandesha2.SandeshaException;
+
+public class UnitTestSecurityManager extends SecurityManager {
+
+	private static HashMap tokens = new HashMap();
+	private static int id = 0;
+	private static String secNamespace = Sandesha2Constants.SPEC_2005_02.SEC_NS_URI;
+	
+	public UnitTestSecurityManager(ConfigurationContext context) {
+		super(context);
+	}
+	
+	public void initSecurity(AxisModule moduleDesc) {
+	}
+
+	public SecurityToken getSecurityToken(MessageContext message)
+	throws SandeshaException
+	{
+		UnitTestSecurityToken result = new UnitTestSecurityToken(id++);
+		tokens.put(getTokenRecoveryData(result), result);
+		return result;
+	}
+
+	public SecurityToken getSecurityToken(OMElement theSTR,	MessageContext message)
+	throws SandeshaException
+	{
+		OMElement reference = theSTR.getFirstChildWithName(new QName(secNamespace, "Reference"));
+		String securityTokenURI = reference.getAttributeValue(new QName("URI"));
+		String key = securityTokenURI.substring(10);
+		return (SecurityToken) tokens.get(key);
+	}
+
+	public String getTokenRecoveryData(SecurityToken token) throws SandeshaException {
+		String key = ((UnitTestSecurityToken)token).getURI();
+		return key;
+	}
+
+	public SecurityToken recoverSecurityToken(String tokenData)
+			throws SandeshaException {
+		return (SecurityToken) tokens.get(tokenData);
+	}
+
+	public void checkProofOfPossession(SecurityToken token, OMElement messagePart,
+			MessageContext message) throws SandeshaException {
+		if(token == null) {
+			throw new SandeshaException("Security manager was passed a null token");
+		}
+	}
+
+	public OMElement createSecurityTokenReference(SecurityToken token, MessageContext message) throws SandeshaException {
+		String uri = ((UnitTestSecurityToken)token).getURI();
+		String type = ((UnitTestSecurityToken)token).getValueType();
+		
+		OMFactory factory = OMAbstractFactory.getOMFactory();
+		OMNamespace secNS = factory.createOMNamespace(secNamespace, "wsse");
+		OMElement str = factory.createOMElement("SecurityTokenReference", secNS);
+		
+		OMElement ref = factory.createOMElement("Reference", secNS);
+		str.addChild(ref);
+		
+		OMAttribute uriAttr = factory.createOMAttribute("URI", null, uri);
+		OMAttribute typeAttr = factory.createOMAttribute("ValueType", null, type);
+		
+		ref.addAttribute(uriAttr);
+		ref.addAttribute(typeAttr);
+		
+		return str;
+	}
+
+
+}

Added: webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityToken.java?rev=427116&view=auto
==============================================================================
--- webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityToken.java (added)
+++ webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityToken.java Mon Jul 31 06:32:13 2006
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ * Copyright 2006 International Business Machines Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sandesha2.security;
+
+class UnitTestSecurityToken implements SecurityToken {
+
+	private int id = 0;
+	
+	UnitTestSecurityToken(int id) {
+		this.id = id;
+	}
+	
+	/**
+	 * The SecurityTokenReference that gets encoded into the CreateSequence message
+	 * includes an URI string. This method returns the value to use.
+	 */
+	String getURI() {
+		return "#BogusURI/" + id;
+	}
+
+	/**
+	 * The SecurityTokenReference that gets encoded into the CreateSequence message
+	 * includes a ValueType string. This method returns the value to use.
+	 */
+	String getValueType() {
+		return "http://schemas.xmlsoap.org/ws/2005/02/sc/sct";
+	}
+	
+}



---------------------------------------------------------------------
To unsubscribe, e-mail: sandesha-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: sandesha-dev-help@ws.apache.org