You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/06/15 17:20:25 UTC
[1/3] cxf git commit: Re-enabling SAML tests
Repository: cxf
Updated Branches:
refs/heads/2.6.x-fixes 185d7dbc3 -> 7aa3f2da2
Re-enabling SAML tests
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/38d0447c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/38d0447c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/38d0447c
Branch: refs/heads/2.6.x-fixes
Commit: 38d0447c78d55862842b32c04c90382cb0808e4d
Parents: 185d7db
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Jun 15 17:54:17 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Jun 15 17:54:17 2017 +0100
----------------------------------------------------------------------
.../wssec/examples/saml/SamlTokenTest.java | 89 ++++++++++----------
.../wssec/examples/saml/server/server.xml | 6 ++
2 files changed, 50 insertions(+), 45 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/38d0447c/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java
----------------------------------------------------------------------
diff --git a/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java b/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java
index c25b7cb..4f0eab9 100644
--- a/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java
+++ b/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java
@@ -37,18 +37,17 @@ import org.apache.cxf.ws.security.trust.STSClient;
import org.example.contract.doubleit.DoubleItPortType;
import org.junit.BeforeClass;
-import org.junit.Ignore;
/**
* A set of tests for SAML Tokens using policies defined in the OASIS spec:
* "WS-SecurityPolicy Examples Version 1.0".
*/
-@Ignore("invalid")
+//@Ignore("invalid")
public class SamlTokenTest extends AbstractBusClientServerTestBase {
static final String PORT = allocatePort(Server.class);
static final String PORT2 = allocatePort(Server.class, 2);
static final String STS_PORT = allocatePort(STSServer.class);
-
+
private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
@@ -67,7 +66,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
launchServer(STSServer.class, true)
);
}
-
+
@org.junit.AfterClass
public static void cleanup() throws Exception {
SecurityTestUtil.cleanup();
@@ -90,16 +89,16 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItBearerPort");
- DoubleItPortType samlPort =
+ DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
-
+
samlPort.doubleIt(25);
-
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
-
+
/**
* 2.3.1.2 (WSS1.0) SAML1.1 Assertion (Sender Vouches) over SSL
*/
@@ -116,16 +115,16 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItTLSSenderVouchesPort");
- DoubleItPortType samlPort =
+ DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT2);
-
+
samlPort.doubleIt(25);
-
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
-
+
/**
* 2.3.1.3 (WSS1.0) SAML1.1 Assertion (HK) over SSL
*/
@@ -142,16 +141,16 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItTLSHOKSignedEndorsingPort");
- DoubleItPortType samlPort =
+ DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT2);
-
+
samlPort.doubleIt(25);
-
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
-
+
/**
* 2.3.1.4 (WSS1.0) SAML1.1 Sender Vouches with X.509 Certificates, Sign, Optional Encrypt
*/
@@ -168,16 +167,16 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSignedPort");
- DoubleItPortType samlPort =
+ DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
-
+
samlPort.doubleIt(25);
-
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
-
+
/**
* 2.3.1.5 (WSS1.0) SAML1.1 Holder of Key, Sign, Optional Encrypt
*/
@@ -194,17 +193,17 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricInitiatorPort");
- DoubleItPortType samlPort =
+ DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
-
+
samlPort.doubleIt(25);
-
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
-
-
+
+
/**
* 2.3.2.1 (WSS1.1) SAML 2.0 Bearer
*/
@@ -221,16 +220,16 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSaml2BearerPort");
- DoubleItPortType samlPort =
+ DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
-
+
samlPort.doubleIt(25);
-
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
-
+
/**
* 2.3.2.2 (WSS1.1) SAML2.0 Sender Vouches over SSL
*/
@@ -247,16 +246,16 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItTLSSenderVouchesSaml2Port");
- DoubleItPortType samlPort =
+ DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT2);
-
+
samlPort.doubleIt(25);
-
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
-
+
/**
* 2.3.2.3 (WSS1.1) SAML2.0 HoK over SSL
*/
@@ -273,16 +272,16 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItTLSHOKSignedEndorsingSaml2Port");
- DoubleItPortType samlPort =
+ DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT2);
-
+
samlPort.doubleIt(25);
-
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
-
+
/**
* 2.3.2.4 (WSS1.1) SAML1.1/2.0 Sender Vouches with X.509 Certificate, Sign, Encrypt
*/
@@ -299,16 +298,16 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSymmetricSVPort");
- DoubleItPortType samlPort =
+ DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
-
+
samlPort.doubleIt(25);
-
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
-
+
/**
* 2.3.2.5 (WSS1.1) SAML1.1/2.0 Holder of Key, Sign, Encrypt
*/
@@ -325,17 +324,17 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSymmetricIssuedTokenPort");
- DoubleItPortType samlPort =
+ DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
updateSTSPort((BindingProvider)samlPort, STS_PORT);
-
+
samlPort.doubleIt(25);
-
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
-
+
private static void updateSTSPort(BindingProvider p, String port) {
STSClient stsClient = (STSClient)p.getRequestContext().get(SecurityConstants.STS_CLIENT);
if (stsClient != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/38d0447c/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/server/server.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/server/server.xml b/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/server/server.xml
index 98346a4..3d8f70c 100644
--- a/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/server/server.xml
+++ b/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/server/server.xml
@@ -43,6 +43,10 @@
</cxf:features>
</cxf:bus>
+ <bean id="allowUnsignedBearerAssertions" class="org.apache.ws.security.validate.SamlAssertionValidator">
+ <property name="requireBearerSignature" value="false" />
+ </bean>
+
<jaxws:endpoint
id="Bearer"
address="http://localhost:${testutil.ports.Server}/DoubleItSamlBearer"
@@ -52,6 +56,7 @@
implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
wsdlLocation="org/apache/cxf/systest/wssec/examples/saml/DoubleItSaml.wsdl">
<jaxws:properties>
+ <entry key="ws-security.saml1.validator" value-ref="allowUnsignedBearerAssertions"/>
</jaxws:properties>
</jaxws:endpoint>
@@ -131,6 +136,7 @@
<entry key="ws-security.signature.properties" value="bob.properties"/>
<entry key="ws-security.encryption.username" value="useReqSigCert"/>
<entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/>
+ <entry key="ws-security.saml2.validator" value-ref="allowUnsignedBearerAssertions"/>
</jaxws:properties>
</jaxws:endpoint>
[2/3] cxf git commit: Re-enabling SAML SSO tests
Posted by co...@apache.org.
Re-enabling SAML SSO tests
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7b5c17f4
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7b5c17f4
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7b5c17f4
Branch: refs/heads/2.6.x-fixes
Commit: 7b5c17f4be63753772d1462edd3dd591c239faa6
Parents: 38d0447
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Jun 15 18:10:48 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Jun 15 18:10:48 2017 +0100
----------------------------------------------------------------------
.../saml/sso/SAMLResponseValidatorTest.java | 108 +++++++++----------
1 file changed, 52 insertions(+), 56 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/7b5c17f4/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
index 1cf4310..fc5f79f 100644
--- a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
+++ b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
@@ -27,8 +27,6 @@ import java.security.cert.X509Certificate;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
-import org.junit.Ignore;
-
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoType;
@@ -55,85 +53,84 @@ import org.w3c.dom.Element;
* Some unit tests for the SAMLProtocolResponseValidator.
*/
public class SAMLResponseValidatorTest extends org.junit.Assert {
-
+
static {
OpenSAMLUtil.initSamlEngine();
}
@org.junit.Test
- @Ignore("invalid")
public void testCreateAndValidateResponse() throws Exception {
DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory.newInstance();
docBuilderFactory.setNamespaceAware(true);
DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder();
Document doc = docBuilder.newDocument();
-
- Status status =
+
+ Status status =
SAML2PResponseComponentBuilder.createStatus(
SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null
);
- Response response =
+ Response response =
SAML2PResponseComponentBuilder.createSAMLResponse(
"http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status
);
-
+
// Create an AuthenticationAssertion
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("http://cxf.apache.org/issuer");
- callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
-
+ callbackHandler.setConfirmationMethod(SAML2Constants.CONF_SENDER_VOUCHES);
+
SAMLParms samlParms = new SAMLParms();
samlParms.setCallbackHandler(callbackHandler);
AssertionWrapper assertion = new AssertionWrapper(samlParms);
-
+
response.getAssertions().add(assertion.getSaml2());
-
+
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
assertNotNull(policyElement);
-
+
Response marshalledResponse = (Response)OpenSAMLUtil.fromDom(policyElement);
-
+
// Validate the Response
SAMLProtocolResponseValidator validator = new SAMLProtocolResponseValidator();
validator.validateSamlResponse(marshalledResponse, null, null);
}
-
+
@org.junit.Test
public void testInvalidStatusCode() throws Exception {
DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory.newInstance();
docBuilderFactory.setNamespaceAware(true);
DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder();
Document doc = docBuilder.newDocument();
-
- Status status =
+
+ Status status =
SAML2PResponseComponentBuilder.createStatus(
SAMLProtocolResponseValidator.SAML1_STATUSCODE_SUCCESS, null
);
- Response response =
+ Response response =
SAML2PResponseComponentBuilder.createSAMLResponse(
"http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status
);
-
+
// Create an AuthenticationAssertion
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("http://cxf.apache.org/issuer");
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
-
+
SAMLParms samlParms = new SAMLParms();
samlParms.setCallbackHandler(callbackHandler);
AssertionWrapper assertion = new AssertionWrapper(samlParms);
-
+
response.getAssertions().add(assertion.getSaml2());
-
+
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
assertNotNull(policyElement);
-
+
Response marshalledResponse = (Response)OpenSAMLUtil.fromDom(policyElement);
-
+
// Validate the Response
SAMLProtocolResponseValidator validator = new SAMLProtocolResponseValidator();
try {
@@ -143,50 +140,50 @@ public class SAMLResponseValidatorTest extends org.junit.Assert {
// expected
}
}
-
+
@org.junit.Test
public void testResponseSignedAssertion() throws Exception {
DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory.newInstance();
docBuilderFactory.setNamespaceAware(true);
DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder();
Document doc = docBuilder.newDocument();
-
- Status status =
+
+ Status status =
SAML2PResponseComponentBuilder.createStatus(
SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null
);
- Response response =
+ Response response =
SAML2PResponseComponentBuilder.createSAMLResponse(
"http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status
);
-
+
// Create an AuthenticationAssertion
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("http://cxf.apache.org/issuer");
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
-
+
SAMLParms samlParms = new SAMLParms();
samlParms.setCallbackHandler(callbackHandler);
AssertionWrapper assertion = new AssertionWrapper(samlParms);
-
+
Crypto issuerCrypto = new Merlin();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
ClassLoader loader = Loader.getClassLoader(SAMLResponseValidatorTest.class);
InputStream input = Merlin.loadInputStream(loader, "alice.jks");
keyStore.load(input, "password".toCharArray());
((Merlin)issuerCrypto).setKeyStore(keyStore);
-
+
assertion.signAssertion("alice", "password", issuerCrypto, false);
-
+
response.getAssertions().add(assertion.getSaml2());
-
+
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
assertNotNull(policyElement);
-
+
Response marshalledResponse = (Response)OpenSAMLUtil.fromDom(policyElement);
-
+
// Validate the Response
SAMLProtocolResponseValidator validator = new SAMLProtocolResponseValidator();
try {
@@ -195,56 +192,55 @@ public class SAMLResponseValidatorTest extends org.junit.Assert {
} catch (WSSecurityException ex) {
// expected
}
-
+
// Validate the Response
validator.validateSamlResponse(
marshalledResponse, issuerCrypto, new KeystorePasswordCallback()
);
}
-
+
@org.junit.Test
- @Ignore("invalid")
public void testSignedResponse() throws Exception {
DocumentBuilderFactory docBuilderFactory = DocumentBuilderFactory.newInstance();
docBuilderFactory.setNamespaceAware(true);
DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder();
Document doc = docBuilder.newDocument();
-
- Status status =
+
+ Status status =
SAML2PResponseComponentBuilder.createStatus(
SAMLProtocolResponseValidator.SAML2_STATUSCODE_SUCCESS, null
);
- Response response =
+ Response response =
SAML2PResponseComponentBuilder.createSAMLResponse(
"http://cxf.apache.org/saml", "http://cxf.apache.org/issuer", status
);
-
+
// Create an AuthenticationAssertion
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);
callbackHandler.setIssuer("http://cxf.apache.org/issuer");
- callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
-
+ callbackHandler.setConfirmationMethod(SAML2Constants.CONF_SENDER_VOUCHES);
+
SAMLParms samlParms = new SAMLParms();
samlParms.setCallbackHandler(callbackHandler);
AssertionWrapper assertion = new AssertionWrapper(samlParms);
-
+
Crypto issuerCrypto = new Merlin();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
ClassLoader loader = Loader.getClassLoader(SAMLResponseValidatorTest.class);
InputStream input = Merlin.loadInputStream(loader, "alice.jks");
keyStore.load(input, "password".toCharArray());
((Merlin)issuerCrypto).setKeyStore(keyStore);
-
+
response.getAssertions().add(assertion.getSaml2());
signResponse(response, "alice", "password", issuerCrypto);
-
+
Element policyElement = OpenSAMLUtil.toDom(response, doc);
doc.appendChild(policyElement);
assertNotNull(policyElement);
-
+
Response marshalledResponse = (Response)OpenSAMLUtil.fromDom(policyElement);
-
+
// Validate the Response
SAMLProtocolResponseValidator validator = new SAMLProtocolResponseValidator();
try {
@@ -253,14 +249,14 @@ public class SAMLResponseValidatorTest extends org.junit.Assert {
} catch (WSSecurityException ex) {
// expected
}
-
+
// Validate the Response
validator.validateSamlResponse(
marshalledResponse, issuerCrypto, new KeystorePasswordCallback()
);
}
-
+
/**
* Sign a SAML Response
*/
@@ -275,7 +271,7 @@ public class SAMLResponseValidatorTest extends org.junit.Assert {
//
Signature signature = OpenSAMLUtil.buildSignature();
signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
-
+
// prepare to sign the SAML token
CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
cryptoType.setAlias(issuerKeyName);
@@ -292,7 +288,7 @@ public class SAMLResponseValidatorTest extends org.junit.Assert {
if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
sigAlgo = SignatureConstants.ALGO_ID_SIGNATURE_DSA;
}
-
+
PrivateKey privateKey = null;
try {
privateKey = issuerCrypto.getPrivateKey(issuerKeyName, issuerKeyPassword);
@@ -310,7 +306,7 @@ public class SAMLResponseValidatorTest extends org.junit.Assert {
X509KeyInfoGeneratorFactory kiFactory = new X509KeyInfoGeneratorFactory();
kiFactory.setEmitEntityCertificate(true);
-
+
try {
KeyInfo keyInfo = kiFactory.newInstance().generate(signingCredential);
signature.setKeyInfo(keyInfo);
@@ -325,5 +321,5 @@ public class SAMLResponseValidatorTest extends org.junit.Assert {
signableObject.releaseDOM();
signableObject.releaseChildrenDOM(true);
}
-
+
}
[3/3] cxf git commit: Re-enabling SAML tests in ws-security
Posted by co...@apache.org.
Re-enabling SAML tests in ws-security
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7aa3f2da
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7aa3f2da
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7aa3f2da
Branch: refs/heads/2.6.x-fixes
Commit: 7aa3f2da2b6bb50e1a252cccfc72bd1b305c9c2e
Parents: 7b5c17f
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Jun 15 18:20:14 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Jun 15 18:20:14 2017 +0100
----------------------------------------------------------------------
.../cxf/systest/ws/saml/SamlTokenTest.java | 174 +++++++++----------
.../cxf/systest/ws/saml/client/client.xml | 1 +
2 files changed, 87 insertions(+), 88 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/7aa3f2da/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
index 8f67f48..b7f8674 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
@@ -36,7 +36,6 @@ import org.apache.ws.security.saml.ext.bean.KeyInfoBean.CERT_IDENTIFIER;
import org.apache.ws.security.saml.ext.builder.SAML2Constants;
import org.example.contract.doubleit.DoubleItPortType;
import org.junit.BeforeClass;
-import org.junit.Ignore;
/**
* A set of tests for SAML Tokens.
@@ -44,7 +43,7 @@ import org.junit.Ignore;
public class SamlTokenTest extends AbstractBusClientServerTestBase {
static final String PORT = allocatePort(Server.class);
static final String PORT2 = allocatePort(Server.class, 2);
-
+
private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
@@ -57,7 +56,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
launchServer(Server.class, true)
);
}
-
+
@org.junit.AfterClass
public static void cleanup() throws Exception {
SecurityTestUtil.cleanup();
@@ -77,17 +76,17 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml1TransportPort");
- DoubleItPortType saml1Port =
+ DoubleItPortType saml1Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml1Port, PORT2);
-
+
try {
saml1Port.doubleIt(25);
fail("Expected failure on an invocation with no SAML Assertion");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
assertTrue(ex.getMessage().contains("No SAML CallbackHandler available"));
}
-
+
((BindingProvider)saml1Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler()
);
@@ -103,16 +102,16 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
);
int result = saml1Port.doubleIt(25);
assertTrue(result == 50);
-
+
// Don't send any Token...failure expected
portQName = new QName(NAMESPACE, "DoubleItSaml1TransportPort2");
saml1Port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml1Port, PORT2);
-
+
((BindingProvider)saml1Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler(false)
);
-
+
try {
saml1Port.doubleIt(25);
fail("Failure expected on no token");
@@ -120,11 +119,11 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
String error = "The received token does not match the token inclusion requirement";
assertTrue(ex.getMessage().contains(error));
}
-
+
((java.io.Closeable)saml1Port).close();
bus.shutdown(true);
}
-
+
@org.junit.Test
public void testSaml1Supporting() throws Exception {
@@ -138,21 +137,21 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml1SupportingPort");
- DoubleItPortType saml1Port =
+ DoubleItPortType saml1Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml1Port, PORT2);
-
+
((BindingProvider)saml1Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler(false)
);
-
+
int result = saml1Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml1Port).close();
bus.shutdown(true);
}
-
+
// Self-signing (see CXF-5248)
@org.junit.Test
public void testSaml1SupportingSelfSigned() throws Exception {
@@ -167,14 +166,14 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml1SupportingPort");
- DoubleItPortType saml1Port =
+ DoubleItPortType saml1Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml1Port, PORT2);
-
+
((BindingProvider)saml1Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler(false)
);
-
+
((BindingProvider)saml1Port).getRequestContext().put(
SecurityConstants.SELF_SIGN_SAML_ASSERTION, true
);
@@ -182,21 +181,21 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
SecurityConstants.SIGNATURE_USERNAME, "alice"
);
((BindingProvider)saml1Port).getRequestContext().put(
- SecurityConstants.SIGNATURE_PROPERTIES,
+ SecurityConstants.SIGNATURE_PROPERTIES,
"org/apache/cxf/systest/ws/wssec10/client/alice.properties"
);
((BindingProvider)saml1Port).getRequestContext().put(
- SecurityConstants.CALLBACK_HANDLER,
+ SecurityConstants.CALLBACK_HANDLER,
"org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"
);
-
+
int result = saml1Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml1Port).close();
bus.shutdown(true);
}
-
+
@org.junit.Test
public void testSaml2OverSymmetric() throws Exception {
@@ -210,17 +209,17 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2SymmetricPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT);
-
+
try {
saml2Port.doubleIt(25);
fail("Expected failure on an invocation with no SAML Assertion");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
assertTrue(ex.getMessage().contains("No SAML CallbackHandler available"));
}
-
+
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler(false)
);
@@ -230,15 +229,15 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
assertTrue(ex.getMessage().contains("Wrong SAML Version"));
}
-
+
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler()
);
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
-
+
try {
- SamlCallbackHandler callbackHandler =
+ SamlCallbackHandler callbackHandler =
new SamlCallbackHandler();
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
((BindingProvider)saml2Port).getRequestContext().put(
@@ -249,11 +248,11 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
// assertTrue(ex.getMessage().contains("SAML token security failure"));
}
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
-
+
/**
* Some negative tests. Send a sender-vouches assertion as a SupportingToken...this will
* fail as the provider will demand that there is a signature covering both the assertion
@@ -272,21 +271,21 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2SymmetricSupportingPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT);
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler()
);
-
+
try {
saml2Port.doubleIt(25);
fail("Expected failure on an invocation with an unsigned SAML SV Assertion");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
assertTrue(ex.getMessage().contains("Assertion fails sender-vouches requirements"));
}
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
@@ -304,7 +303,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2AsymmetricPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT);
@@ -314,7 +313,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
assertTrue(ex.getMessage().contains("No SAML CallbackHandler available"));
}
-
+
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler(false)
);
@@ -324,22 +323,22 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
assertTrue(ex.getMessage().contains("Wrong SAML Version"));
}
-
+
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler()
);
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
-
+
// Don't send any Token...failure expected
portQName = new QName(NAMESPACE, "DoubleItSaml2AsymmetricPort2");
saml2Port = service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT);
-
+
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler()
);
-
+
try {
saml2Port.doubleIt(25);
fail("Failure expected on no token");
@@ -347,11 +346,11 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
String error = "The received token does not match the token inclusion requirement";
assertTrue(ex.getMessage().contains(error));
}
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
-
+
@org.junit.Test
public void testSaml1SelfSignedOverTransport() throws Exception {
@@ -365,20 +364,20 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml1SelfSignedTransportPort");
- DoubleItPortType saml1Port =
+ DoubleItPortType saml1Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml1Port, PORT2);
-
+
((BindingProvider)saml1Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler(false)
);
int result = saml1Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml1Port).close();
bus.shutdown(true);
}
-
+
@org.junit.Test
public void testSaml1SelfSignedOverTransportSP11() throws Exception {
@@ -392,20 +391,20 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml1SelfSignedTransportSP11Port");
- DoubleItPortType saml1Port =
+ DoubleItPortType saml1Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml1Port, PORT2);
-
+
((BindingProvider)saml1Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler(false)
);
int result = saml1Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml1Port).close();
bus.shutdown(true);
}
-
+
@org.junit.Test
public void testAsymmetricSamlInitiator() throws Exception {
@@ -419,10 +418,10 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSamlInitiatorPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT);
-
+
SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
@@ -430,11 +429,11 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
);
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
-
+
@org.junit.Test
public void testSaml2OverSymmetricSignedElements() throws Exception {
@@ -448,20 +447,20 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2SymmetricSignedElementsPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT);
-
+
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler()
);
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
-
+
@org.junit.Test
public void testSaml2EndorsingOverTransport() throws Exception {
@@ -475,10 +474,10 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2EndorsingTransportPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
-
+
SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
@@ -487,11 +486,11 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
-
+
@org.junit.Test
public void testSaml2EndorsingPKOverTransport() throws Exception {
@@ -505,10 +504,10 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2EndorsingTransportPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
-
+
SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
callbackHandler.setKeyInfoIdentifier(CERT_IDENTIFIER.KEY_VALUE);
@@ -518,11 +517,11 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
-
+
@org.junit.Test
public void testSaml2EndorsingOverTransportSP11() throws Exception {
@@ -536,10 +535,10 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2EndorsingTransportSP11Port");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
-
+
SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
@@ -548,7 +547,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
@@ -566,21 +565,20 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2AsymmetricSignedEncryptedPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT);
-
+
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", new SamlCallbackHandler()
);
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
- @Ignore("invalid")
@org.junit.Test
public void testSaml2OverAsymmetricEncrypted() throws Exception {
@@ -594,10 +592,10 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2AsymmetricEncryptedPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT);
-
+
SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
((BindingProvider)saml2Port).getRequestContext().put(
@@ -605,12 +603,12 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
);
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
-
-
+
+
@org.junit.Test
public void testSaml2EndorsingEncryptedOverTransport() throws Exception {
@@ -624,10 +622,10 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSaml2EndorsingEncryptedTransportPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
-
+
SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
@@ -636,11 +634,11 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
-
+
@org.junit.Test
public void testNoSamlToken() throws Exception {
@@ -654,10 +652,10 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItInlinePolicyPort");
- DoubleItPortType saml2Port =
+ DoubleItPortType saml2Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
-
+
try {
saml2Port.doubleIt(25);
fail("Failure expected on no SamlToken");
@@ -665,10 +663,10 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase {
String error = "The received token does not match the token inclusion requirement";
assertTrue(ex.getMessage().contains(error));
}
-
+
((java.io.Closeable)saml2Port).close();
bus.shutdown(true);
}
-
-
+
+
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/7aa3f2da/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml
index 9dc839f..ba5f93b 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml
@@ -212,6 +212,7 @@
<entry key="ws-security.signature.properties"
value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
<entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.self-sign-saml-assertion" value="true"/>
</jaxws:properties>
</jaxws:client>