You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/07/02 17:22:07 UTC
svn commit: r1498970 - in /cxf/trunk:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandle...
Author: coheigea
Date: Tue Jul 2 15:22:06 2013
New Revision: 1498970
URL: http://svn.apache.org/r1498970
Log:
Added support for streaming policies that don't have a binding
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SamlTokenInterceptorProvider.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/UsernameTokenInterceptorProvider.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxOutInterceptor.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosTokenTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/StaxKerberosTokenTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/StaxSamlTokenTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/kerberos/server/server.xml
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/kerberos/server/stax-server.xml
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/server.xml
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/stax-server.xml
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/DoubleItUt.wsdl
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/client.xml
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/server.xml
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/stax-server.xml
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/KerberosTokenInterceptorProvider.java Tue Jul 2 15:22:06 2013
@@ -49,6 +49,8 @@ import org.apache.cxf.ws.security.tokens
import org.apache.cxf.ws.security.tokenstore.TokenStoreFactory;
import org.apache.cxf.ws.security.wss4j.KerberosTokenInterceptor;
import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor;
+import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JStaxInInterceptor;
+import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JStaxOutInterceptor;
import org.apache.cxf.ws.security.wss4j.PolicyStaxActionInInterceptor;
import org.apache.cxf.ws.security.wss4j.StaxSecurityContextInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
@@ -91,6 +93,11 @@ public class KerberosTokenInterceptorPro
this.getOutInterceptors().add(new KerberosTokenInterceptor());
this.getInInterceptors().add(new KerberosTokenInterceptor());
+
+ this.getOutInterceptors().add(PolicyBasedWSS4JStaxOutInterceptor.INSTANCE);
+ this.getOutFaultInterceptors().add(PolicyBasedWSS4JStaxOutInterceptor.INSTANCE);
+ this.getInInterceptors().add(PolicyBasedWSS4JStaxInInterceptor.INSTANCE);
+ this.getInFaultInterceptors().add(PolicyBasedWSS4JStaxInInterceptor.INSTANCE);
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SamlTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SamlTokenInterceptorProvider.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SamlTokenInterceptorProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SamlTokenInterceptorProvider.java Tue Jul 2 15:22:06 2013
@@ -25,6 +25,8 @@ import java.util.Collection;
import javax.xml.namespace.QName;
import org.apache.cxf.ws.policy.AbstractPolicyInterceptorProvider;
+import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JStaxInInterceptor;
+import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JStaxOutInterceptor;
import org.apache.cxf.ws.security.wss4j.SamlTokenInterceptor;
import org.apache.wss4j.policy.SP11Constants;
import org.apache.wss4j.policy.SP12Constants;
@@ -46,6 +48,11 @@ public class SamlTokenInterceptorProvide
super(ASSERTION_TYPES);
this.getOutInterceptors().add(new SamlTokenInterceptor());
this.getInInterceptors().add(new SamlTokenInterceptor());
+
+ this.getOutInterceptors().add(PolicyBasedWSS4JStaxOutInterceptor.INSTANCE);
+ this.getOutFaultInterceptors().add(PolicyBasedWSS4JStaxOutInterceptor.INSTANCE);
+ this.getInInterceptors().add(PolicyBasedWSS4JStaxInInterceptor.INSTANCE);
+ this.getInFaultInterceptors().add(PolicyBasedWSS4JStaxInInterceptor.INSTANCE);
}
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/UsernameTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/UsernameTokenInterceptorProvider.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/UsernameTokenInterceptorProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/UsernameTokenInterceptorProvider.java Tue Jul 2 15:22:06 2013
@@ -26,6 +26,8 @@ import javax.xml.namespace.QName;
import org.apache.cxf.Bus;
import org.apache.cxf.ws.policy.AbstractPolicyInterceptorProvider;
+import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JStaxInInterceptor;
+import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JStaxOutInterceptor;
import org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor;
import org.apache.wss4j.policy.SP11Constants;
import org.apache.wss4j.policy.SP12Constants;
@@ -57,6 +59,11 @@ public class UsernameTokenInterceptorPro
this.getOutInterceptors().add(new UsernameTokenInterceptor());
this.getInInterceptors().add(inInterceptor == null ? new UsernameTokenInterceptor() : inInterceptor);
//not needed on fault chains
+
+ this.getOutInterceptors().add(PolicyBasedWSS4JStaxOutInterceptor.INSTANCE);
+ this.getOutFaultInterceptors().add(PolicyBasedWSS4JStaxOutInterceptor.INSTANCE);
+ this.getInInterceptors().add(PolicyBasedWSS4JStaxInInterceptor.INSTANCE);
+ this.getInFaultInterceptors().add(PolicyBasedWSS4JStaxInInterceptor.INSTANCE);
}
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java Tue Jul 2 15:22:06 2013
@@ -342,21 +342,17 @@ public class PolicyBasedWSS4JStaxOutInte
super.configureProperties(msg, outboundTokens);
- Collection<AssertionInfo> ais =
- getAllAssertionsByLocalname(aim, SPConstants.TRANSPORT_BINDING);
- if (!ais.isEmpty()) {
+ if (!getAllAssertionsByLocalname(aim, SPConstants.TRANSPORT_BINDING).isEmpty()) {
new StaxTransportBindingHandler(getProperties(), msg, outboundTokens).handleBinding();
- }
-
- ais = getAllAssertionsByLocalname(aim, SPConstants.ASYMMETRIC_BINDING);
- if (!ais.isEmpty()) {
+ } else if (!getAllAssertionsByLocalname(aim, SPConstants.ASYMMETRIC_BINDING).isEmpty()) {
new StaxAsymmetricBindingHandler(getProperties(), msg, outboundTokens).handleBinding();
- }
-
- ais = getAllAssertionsByLocalname(aim, SPConstants.SYMMETRIC_BINDING);
- if (!ais.isEmpty()) {
+ } else if (!getAllAssertionsByLocalname(aim, SPConstants.SYMMETRIC_BINDING).isEmpty()) {
new StaxSymmetricBindingHandler(getProperties(), msg, outboundTokens).handleBinding();
+ } else {
+ // Fall back to Transport Binding
+ new StaxTransportBindingHandler(getProperties(), msg, outboundTokens).handleBinding();
}
+
}
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxOutInterceptor.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxOutInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxOutInterceptor.java Tue Jul 2 15:22:06 2013
@@ -37,6 +37,7 @@ import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
+import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.wss4j.common.ConfigurationConstants;
import org.apache.wss4j.common.crypto.Crypto;
@@ -133,6 +134,12 @@ public class WSS4JStaxOutInterceptor ext
secProps = ConfigurationConverter.convert(getProperties());
}
+ if ((secProps.getOutAction() == null || secProps.getOutAction().length == 0)
+ && mc.get(AssertionInfoMap.class) != null) {
+ // If no actions configured (with SecurityPolicy) then return
+ return;
+ }
+
SecurityEventListener securityEventListener =
configureSecurityEventListener(mc, secProps);
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxTransportBindingHandler.java Tue Jul 2 15:22:06 2013
@@ -75,9 +75,11 @@ public class StaxTransportBindingHandler
if (this.isRequestor()) {
tbinding = (TransportBinding)getBinding(aim);
- TransportToken token = tbinding.getTransportToken();
- if (token.getToken() instanceof IssuedToken) {
- // TODO
+ if (tbinding != null) {
+ TransportToken token = tbinding.getTransportToken();
+ if (token.getToken() instanceof IssuedToken) {
+ // TODO
+ }
}
try {
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosTokenTest.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosTokenTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/KerberosTokenTest.java Tue Jul 2 15:22:06 2013
@@ -191,8 +191,12 @@ public class KerberosTokenTest extends A
updateAddressPort(kerberosPort, PORT);
- int result = kerberosPort.doubleIt(25);
- assertTrue(result == 50);
+ // DOM
+ kerberosPort.doubleIt(25);
+
+ // TODO - See WSS-458 Streaming
+ // SecurityTestUtil.enableStreaming(kerberosPort);
+ // kerberosPort.doubleIt(25);
((java.io.Closeable)kerberosPort).close();
bus.shutdown(true);
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/StaxKerberosTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/StaxKerberosTokenTest.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/StaxKerberosTokenTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/kerberos/StaxKerberosTokenTest.java Tue Jul 2 15:22:06 2013
@@ -170,6 +170,39 @@ public class StaxKerberosTokenTest exten
}
@org.junit.Test
+ public void testKerberosSupporting() throws Exception {
+
+ if (!unrestrictedPoliciesInstalled) {
+ return;
+ }
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = KerberosTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = KerberosTokenTest.class.getResource("DoubleItKerberos.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItKerberosSupportingPort");
+ DoubleItPortType kerberosPort =
+ service.getPort(portQName, DoubleItPortType.class);
+
+ updateAddressPort(kerberosPort, PORT);
+
+ // DOM
+ kerberosPort.doubleIt(25);
+
+ // TODO - See WSS-458 Streaming
+ // SecurityTestUtil.enableStreaming(kerberosPort);
+ // kerberosPort.doubleIt(25);
+
+ ((java.io.Closeable)kerberosPort).close();
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
public void testKerberosOverAsymmetric() throws Exception {
if (!unrestrictedPoliciesInstalled) {
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java Tue Jul 2 15:22:06 2013
@@ -190,6 +190,39 @@ public class SamlTokenTest extends Abstr
}
@org.junit.Test
+ public void testSaml1Supporting() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = SamlTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItSaml1SupportingPort");
+ DoubleItPortType saml1Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(saml1Port, PORT2);
+
+ ((BindingProvider)saml1Port).getRequestContext().put(
+ "ws-security.saml-callback-handler", new SamlCallbackHandler(false)
+ );
+
+ // DOM
+ int result = saml1Port.doubleIt(25);
+ assertTrue(result == 50);
+
+ // TODO - See WSS-458 Streaming
+ // SecurityTestUtil.enableStreaming(saml1Port);
+ // saml1Port.doubleIt(25);
+
+ ((java.io.Closeable)saml1Port).close();
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
public void testSaml1ElementOverTransport() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/StaxSamlTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/StaxSamlTokenTest.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/StaxSamlTokenTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/StaxSamlTokenTest.java Tue Jul 2 15:22:06 2013
@@ -34,6 +34,7 @@ import org.apache.cxf.systest.ws.saml.cl
import org.apache.cxf.systest.ws.saml.server.StaxServer;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.wss4j.common.saml.bean.KeyInfoBean.CERT_IDENTIFIER;
+import org.apache.wss4j.common.saml.builder.SAML1Constants;
import org.apache.wss4j.common.saml.builder.SAML2Constants;
import org.example.contract.doubleit.DoubleItPortType;
import org.junit.BeforeClass;
@@ -190,6 +191,41 @@ public class StaxSamlTokenTest extends A
}
@org.junit.Test
+ public void testSaml1Supporting() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = StaxSamlTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = StaxSamlTokenTest.class.getResource("DoubleItSaml.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItSaml1SupportingPort");
+ DoubleItPortType saml1Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(saml1Port, PORT2);
+
+ SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(false);
+ samlCallbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER);
+ ((BindingProvider)saml1Port).getRequestContext().put(
+ "ws-security.saml-callback-handler", samlCallbackHandler
+ );
+
+ // DOM
+ int result = saml1Port.doubleIt(25);
+ assertTrue(result == 50);
+
+ // TODO - See WSS-458 Streaming
+ // SecurityTestUtil.enableStreaming(saml1Port);
+ // saml1Port.doubleIt(25);
+
+ ((java.io.Closeable)saml1Port).close();
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
public void testSaml1ElementOverTransport() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenTest.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/StaxUsernameTokenTest.java Tue Jul 2 15:22:06 2013
@@ -119,6 +119,34 @@ public class StaxUsernameTokenTest exten
}
@org.junit.Test
+ public void testPlaintextSupporting() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = StaxUsernameTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = StaxUsernameTokenTest.class.getResource("DoubleItUt.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItPlaintextSupportingPort");
+ DoubleItPortType utPort =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(utPort, PORT);
+
+ // DOM
+ utPort.doubleIt(25);
+
+ // TODO - See WSS-458 Streaming
+ // SecurityTestUtil.enableStreaming(utPort);
+ // utPort.doubleIt(25);
+
+ ((java.io.Closeable)utPort).close();
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
public void testPasswordHashed() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java Tue Jul 2 15:22:06 2013
@@ -119,6 +119,34 @@ public class UsernameTokenTest extends A
}
@org.junit.Test
+ public void testPlaintextSupporting() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = UsernameTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = UsernameTokenTest.class.getResource("DoubleItUt.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItPlaintextSupportingPort");
+ DoubleItPortType utPort =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(utPort, PORT);
+
+ // DOM
+ utPort.doubleIt(25);
+
+ // TODO - See WSS-458 Streaming
+ // SecurityTestUtil.enableStreaming(utPort);
+ // utPort.doubleIt(25);
+
+ ((java.io.Closeable)utPort).close();
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
public void testPasswordHashed() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/kerberos/server/server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/kerberos/server/server.xml?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/kerberos/server/server.xml (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/kerberos/server/server.xml Tue Jul 2 15:22:06 2013
@@ -138,7 +138,7 @@
</jaxws:endpoint>
<jaxws:endpoint
- id="Kerberosupporting"
+ id="KerberosSupporting"
address="http://localhost:${testutil.ports.Server}/DoubleItKerberosSupporting"
serviceName="s:DoubleItService"
endpointName="s:DoubleItKerberosSupportingPort"
Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/kerberos/server/stax-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/kerberos/server/stax-server.xml?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/kerberos/server/stax-server.xml (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/kerberos/server/stax-server.xml Tue Jul 2 15:22:06 2013
@@ -131,6 +131,25 @@
</jaxws:endpoint>
<jaxws:endpoint
+ id="KerberosSupporting"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosSupporting"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItKerberosSupportingPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/kerberos/DoubleItKerberos.wsdl">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ <entry key="ws-security.signature.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/bob.properties"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
id="KerberosOverAsymmetric"
address="http://localhost:${testutil.ports.StaxServer}/DoubleItKerberosAsymmetric"
serviceName="s:DoubleItService"
Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl Tue Jul 2 15:22:06 2013
@@ -49,6 +49,23 @@
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
+ <wsdl:binding name="DoubleItSaml1SupportingBinding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItSaml1SupportingPolicy" />
+ <soap:binding style="document"
+ transport="http://schemas.xmlsoap.org/soap/http" />
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction="" />
+ <wsdl:input>
+ <soap:body use="literal" />
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal" />
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault" />
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
<wsdl:binding name="DoubleItSaml1SelfSignedTransportBinding" type="tns:DoubleItPortType">
<wsp:PolicyReference URI="#DoubleItSaml1SelfSignedTransportPolicy" />
<soap:binding style="document"
@@ -298,6 +315,9 @@
<wsdl:port name="DoubleItSaml1TransportPort" binding="tns:DoubleItSaml1TransportBinding">
<soap:address location="https://localhost:9009/DoubleItSaml1Transport" />
</wsdl:port>
+ <wsdl:port name="DoubleItSaml1SupportingPort" binding="tns:DoubleItSaml1SupportingBinding">
+ <soap:address location="https://localhost:9009/DoubleItSaml1Supporting" />
+ </wsdl:port>
<wsdl:port name="DoubleItSaml1TransportPort2" binding="tns:DoubleItInlinePolicyBinding">
<soap:address location="https://localhost:9009/DoubleItSaml1Transport2" />
</wsdl:port>
@@ -397,6 +417,22 @@
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItSaml1SupportingPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SupportingTokens>
+ <wsp:Policy>
+ <sp:SamlToken
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssSamlV11Token11/>
+ </wsp:Policy>
+ </sp:SamlToken>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
<wsp:Policy wsu:Id="DoubleItSaml1SelfSignedTransportPolicy">
<wsp:ExactlyOne>
<wsp:All>
Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/server.xml?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/server.xml (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/server.xml Tue Jul 2 15:22:06 2013
@@ -105,6 +105,21 @@
</jaxws:endpoint>
+ <jaxws:endpoint
+ id="Saml1SupportingToken"
+ address="https://localhost:${testutil.ports.Server.2}/DoubleItSaml1Supporting"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItSaml1SupportingPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
<jaxws:endpoint
id="Saml2TokenOverSymmetric"
address="http://localhost:${testutil.ports.Server}/DoubleItSaml2Symmetric"
Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/stax-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/stax-server.xml?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/stax-server.xml (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/stax-server.xml Tue Jul 2 15:22:06 2013
@@ -107,6 +107,22 @@
</jaxws:endpoint>
+ <jaxws:endpoint
+ id="Saml1SupportingToken"
+ address="https://localhost:${testutil.ports.StaxServer.2}/DoubleItSaml1Supporting"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItSaml1SupportingPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
<jaxws:endpoint
id="Saml2TokenOverSymmetric"
address="http://localhost:${testutil.ports.StaxServer}/DoubleItSaml2Symmetric"
Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/DoubleItUt.wsdl
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/DoubleItUt.wsdl?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/DoubleItUt.wsdl (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/DoubleItUt.wsdl Tue Jul 2 15:22:06 2013
@@ -68,6 +68,23 @@
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
+ <wsdl:binding name="DoubleItPlaintextSupportingBinding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItPlaintextSupportingPolicy" />
+ <soap:binding style="document"
+ transport="http://schemas.xmlsoap.org/soap/http" />
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction="" />
+ <wsdl:input>
+ <soap:body use="literal" />
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal" />
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault" />
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
<wsdl:binding name="DoubleItHashedBinding" type="tns:DoubleItPortType">
<wsp:PolicyReference URI="#DoubleItHashedPolicy" />
<soap:binding style="document"
@@ -203,6 +220,9 @@
<wsdl:port name="DoubleItPlaintextCreatedPort" binding="tns:DoubleItPlaintextCreatedBinding">
<soap:address location="https://localhost:9009/DoubleItUTPlaintextCreated" />
</wsdl:port>
+ <wsdl:port name="DoubleItPlaintextSupportingPort" binding="tns:DoubleItPlaintextSupportingBinding">
+ <soap:address location="https://localhost:9009/DoubleItUTPlaintextSupporting" />
+ </wsdl:port>
<wsdl:port name="DoubleItHashedPort" binding="tns:DoubleItHashedBinding">
<soap:address location="https://localhost:9009/DoubleItUTHashed" />
</wsdl:port>
@@ -309,6 +329,23 @@
</wsp:ExactlyOne>
</wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItPlaintextSupportingPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SupportingTokens>
+ <wsp:Policy>
+ <sp:UsernameToken
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssUsernameToken10/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
<wsp:Policy wsu:Id="DoubleItHashedPolicy">
<wsp:ExactlyOne>
<wsp:All>
Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/client.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/client.xml?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/client.xml (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/client.xml Tue Jul 2 15:22:06 2013
@@ -65,6 +65,15 @@
</jaxws:properties>
</jaxws:client>
+ <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItPlaintextSupportingPort"
+ createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ </jaxws:properties>
+ </jaxws:client>
+
<jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItHashedPort"
createdFromAPI="true">
<jaxws:properties>
Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/server.xml?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/server.xml (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/server.xml Tue Jul 2 15:22:06 2013
@@ -104,6 +104,23 @@
</jaxws:endpoint>
<jaxws:endpoint
+ id="PlaintextSupporting"
+ address="https://localhost:${testutil.ports.Server}/DoubleItUTPlaintextSupporting"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItPlaintextSupportingPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUt.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
id="Hashed"
address="https://localhost:${testutil.ports.Server}/DoubleItUTHashed"
serviceName="s:DoubleItService"
Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/stax-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/stax-server.xml?rev=1498970&r1=1498969&r2=1498970&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/stax-server.xml (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/stax-server.xml Tue Jul 2 15:22:06 2013
@@ -106,6 +106,24 @@
</jaxws:endpoint>
<jaxws:endpoint
+ id="PlaintextSupporting"
+ address="https://localhost:${testutil.ports.StaxServer}/DoubleItUTPlaintextSupporting"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItPlaintextSupportingPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/ut/DoubleItUt.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
id="Hashed"
address="https://localhost:${testutil.ports.StaxServer}/DoubleItUTHashed"
serviceName="s:DoubleItService"