You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/10/02 18:34:10 UTC
svn commit: r1528553 - in /cxf/trunk:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/
services/sts/sys...
Author: coheigea
Date: Wed Oct 2 16:34:10 2013
New Revision: 1528553
URL: http://svn.apache.org/r1528553
Log:
Added some streaming ws-security tests + removed "self-sign" JAX-WS property
Added:
cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/StaxServer.java
cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/StaxUsernameTokenTest.java
- copied, changed from r1528434, cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java
cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/StaxServer.java
cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/StaxX509TokenTest.java
- copied, changed from r1528434, cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java
cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/stax-server.xml
cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/x509/stax-server.xml
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/Saml2CallbackHandler.java
cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/sendervouches/cxf-intermediary.xml
cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/common/SecurityTestUtil.java
cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java
cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java
cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java
cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java
cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/client.xml
cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/StaxSamlTokenTest.java
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client.xml
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Wed Oct 2 16:34:10 2013
@@ -162,12 +162,6 @@ public final class SecurityConstants {
public static final String IS_BSP_COMPLIANT = "ws-security.is-bsp-compliant";
/**
- * Whether to self-sign a SAML Assertion or not. If this is set to true, then an enveloped signature
- * will be generated when the SAML Assertion is constructed. The default is false.
- */
- public static final String SELF_SIGN_SAML_ASSERTION = "ws-security.self-sign-saml-assertion";
-
- /**
* Whether to cache UsernameToken nonces. The default value is "true" for message recipients, and
* "false" for message initiators. Set it to true to cache for both cases. Set this to "false" to
* not cache UsernameToken nonces. Note that caching only applies when either a UsernameToken
@@ -517,7 +511,7 @@ public final class SecurityConstants {
CALLBACK_HANDLER, SAML_CALLBACK_HANDLER, SIGNATURE_PROPERTIES,
SIGNATURE_CRYPTO, ENCRYPT_PROPERTIES, ENCRYPT_CRYPTO,
VALIDATE_TOKEN, ENABLE_REVOCATION, ALWAYS_ENCRYPT_UT, IS_BSP_COMPLIANT,
- SELF_SIGN_SAML_ASSERTION, ENABLE_NONCE_CACHE, ENABLE_TIMESTAMP_CACHE,
+ ENABLE_NONCE_CACHE, ENABLE_TIMESTAMP_CACHE,
TIMESTAMP_TTL, TIMESTAMP_FUTURE_TTL, SAML_ROLE_ATTRIBUTENAME,
KERBEROS_CLIENT, SPNEGO_CLIENT_ACTION, KERBEROS_JAAS_CONTEXT_NAME, KERBEROS_SPN,
NONCE_CACHE_INSTANCE, TIMESTAMP_CACHE_INSTANCE, CACHE_CONFIG_FILE,
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java Wed Oct 2 16:34:10 2013
@@ -42,7 +42,6 @@ import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.security.DefaultSecurityContext;
-import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.resource.ResourceManager;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.security.transport.TLSSessionInfo;
@@ -282,11 +281,7 @@ public class SamlTokenInterceptor extend
SAMLUtil.doSAMLCallback(handler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
- boolean selfSignAssertion =
- MessageUtils.getContextualBoolean(
- message, SecurityConstants.SELF_SIGN_SAML_ASSERTION, false
- );
- if (selfSignAssertion || samlCallback.isSignAssertion()) {
+ if (samlCallback.isSignAssertion()) {
String issuerName = samlCallback.getIssuerKeyName();
if (issuerName == null) {
String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java Wed Oct 2 16:34:10 2013
@@ -731,24 +731,18 @@ public abstract class AbstractBindingBui
part = new WSEncryptionPart(bst.getID());
part.setElement(bst.getElement());
} else if (tempTok instanceof SamlAssertionWrapper) {
- boolean selfSignAssertion =
- MessageUtils.getContextualBoolean(
- message, SecurityConstants.SELF_SIGN_SAML_ASSERTION, false
- );
- if (!selfSignAssertion) {
- SamlAssertionWrapper assertionWrapper = (SamlAssertionWrapper)tempTok;
-
- Document doc = assertionWrapper.getElement().getOwnerDocument();
- boolean saml1 = assertionWrapper.getSaml1() != null;
- // TODO We only support using a KeyIdentifier for the moment
- SecurityTokenReference secRef =
- createSTRForSamlAssertion(doc, assertionWrapper.getId(), saml1, false);
- Element clone = cloneElement(secRef.getElement());
- addSupportingElement(clone);
- part = new WSEncryptionPart("STRTransform", null, "Element");
- part.setId(secRef.getID());
- part.setElement(clone);
- }
+ SamlAssertionWrapper assertionWrapper = (SamlAssertionWrapper)tempTok;
+
+ Document doc = assertionWrapper.getElement().getOwnerDocument();
+ boolean saml1 = assertionWrapper.getSaml1() != null;
+ // TODO We only support using a KeyIdentifier for the moment
+ SecurityTokenReference secRef =
+ createSTRForSamlAssertion(doc, assertionWrapper.getId(), saml1, false);
+ Element clone = cloneElement(secRef.getElement());
+ addSupportingElement(clone);
+ part = new WSEncryptionPart("STRTransform", null, "Element");
+ part.setId(secRef.getID());
+ part.setElement(clone);
} else if (tempTok instanceof WSSecurityTokenHolder) {
SecurityToken token = ((WSSecurityTokenHolder)tempTok).getToken();
String tokenType = token.getTokenType();
@@ -1005,11 +999,7 @@ public abstract class AbstractBindingBui
SAMLUtil.doSAMLCallback(handler, samlCallback);
SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
- boolean selfSignAssertion =
- MessageUtils.getContextualBoolean(
- message, SecurityConstants.SELF_SIGN_SAML_ASSERTION, false
- );
- if (selfSignAssertion || samlCallback.isSignAssertion()) {
+ if (samlCallback.isSignAssertion()) {
String issuerName = samlCallback.getIssuerKeyName();
if (issuerName == null) {
String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java Wed Oct 2 16:34:10 2013
@@ -589,13 +589,9 @@ public class SymmetricBindingHandler ext
} else if (encrToken instanceof KerberosToken && !isRequestor()) {
encr.setCustomReferenceValue(WSConstants.WSS_KRB_KI_VALUE_TYPE);
encr.setEncKeyId(encrTok.getSHA1());
- } else if (!isRequestor()) {
- if (encrTok.getSHA1() != null) {
- encr.setCustomReferenceValue(encrTok.getSHA1());
- encr.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
- } else {
- encr.setKeyIdentifierType(WSConstants.EMBED_SECURITY_TOKEN_REF);
- }
+ } else if (!isRequestor() && encrTok.getSHA1() != null) {
+ encr.setCustomReferenceValue(encrTok.getSHA1());
+ encr.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
}
encr.prepare(saaj.getSOAPPart(), crypto);
Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/Saml2CallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/Saml2CallbackHandler.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/Saml2CallbackHandler.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/sendervouches/Saml2CallbackHandler.java Wed Oct 2 16:34:10 2013
@@ -68,6 +68,7 @@ public class Saml2CallbackHandler implem
attributeBean.addAttributeValue("user");
attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
callback.setAttributeStatementData(Collections.singletonList(attrBean));
+ callback.setSignAssertion(true);
}
}
}
Modified: cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/sendervouches/cxf-intermediary.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/sendervouches/cxf-intermediary.xml?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/sendervouches/cxf-intermediary.xml (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/sendervouches/cxf-intermediary.xml Wed Oct 2 16:34:10 2013
@@ -84,7 +84,6 @@
<jaxws:properties>
<entry key="ws-security.signature.properties" value="serviceKeystore.properties"/>
<entry key="ws-security.signature.username" value="myservicekey"/>
- <entry key="ws-security.self-sign-saml-assertion" value="true"/>
<entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
</jaxws:properties>
Modified: cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/common/SecurityTestUtil.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/common/SecurityTestUtil.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/common/SecurityTestUtil.java (original)
+++ cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/common/SecurityTestUtil.java Wed Oct 2 16:34:10 2013
@@ -20,6 +20,11 @@ package org.apache.cxf.systest.wssec.exa
import java.io.File;
+import javax.xml.ws.BindingProvider;
+
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.example.contract.doubleit.DoubleItPortType;
+
/**
* A utility class for security tests
*/
@@ -46,4 +51,13 @@ public final class SecurityTestUtil {
}
}
+ public static void enableStreaming(DoubleItPortType port) {
+ ((BindingProvider)port).getRequestContext().put(
+ SecurityConstants.ENABLE_STREAMING_SECURITY, "true"
+ );
+ ((BindingProvider)port).getResponseContext().put(
+ SecurityConstants.ENABLE_STREAMING_SECURITY, "true"
+ );
+ }
+
}
Modified: cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java (original)
+++ cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlCallbackHandler.java Wed Oct 2 16:34:10 2013
@@ -30,6 +30,7 @@ import javax.security.auth.callback.Unsu
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.crypto.CryptoType;
+import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.bean.AttributeBean;
import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
@@ -46,6 +47,7 @@ import org.opensaml.common.SAMLVersion;
public class SamlCallbackHandler implements CallbackHandler {
private String confirmationMethod;
private boolean saml2;
+ private boolean signed;
public SamlCallbackHandler() {
//
@@ -63,8 +65,8 @@ public class SamlCallbackHandler impleme
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof SAMLCallback) {
SAMLCallback callback = (SAMLCallback) callbacks[i];
- if (saml2) {
- callback.setSamlVersion(SAMLVersion.VERSION_20);
+ if (!saml2) {
+ callback.setSamlVersion(SAMLVersion.VERSION_11);
}
callback.setIssuer("sts");
String subjectName = "uid=sts-client,o=mock-sts.com";
@@ -106,6 +108,17 @@ public class SamlCallbackHandler impleme
attributeBean.addAttributeValue("system-user");
attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
callback.setAttributeStatementData(Collections.singletonList(attrBean));
+
+ try {
+ String file = "alice.properties";
+ Crypto crypto = CryptoFactory.getInstance(file);
+ callback.setIssuerCrypto(crypto);
+ callback.setIssuerKeyName("alice");
+ callback.setIssuerKeyPassword("password");
+ callback.setSignAssertion(signed);
+ } catch (WSSecurityException e) {
+ throw new IOException(e);
+ }
}
}
}
@@ -123,5 +136,13 @@ public class SamlCallbackHandler impleme
return keyInfo;
}
+
+ public boolean isSigned() {
+ return signed;
+ }
+
+ public void setSigned(boolean signed) {
+ this.signed = signed;
+ }
}
Modified: cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java (original)
+++ cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/saml/SamlTokenTest.java Wed Oct 2 16:34:10 2013
@@ -40,6 +40,8 @@ import org.junit.BeforeClass;
/**
* A set of tests for SAML Tokens using policies defined in the OASIS spec:
* "WS-SecurityPolicy Examples Version 1.0".
+ *
+ * It tests both DOM + StAX clients against the DOM server
*/
public class SamlTokenTest extends AbstractBusClientServerTestBase {
static final String PORT = allocatePort(Server.class);
@@ -91,6 +93,11 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
+ // DOM
+ samlPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(samlPort);
samlPort.doubleIt(25);
((java.io.Closeable)samlPort).close();
@@ -117,6 +124,11 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT2);
+ // DOM
+ samlPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(samlPort);
samlPort.doubleIt(25);
((java.io.Closeable)samlPort).close();
@@ -143,6 +155,11 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT2);
+ // DOM
+ samlPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(samlPort);
samlPort.doubleIt(25);
((java.io.Closeable)samlPort).close();
@@ -169,6 +186,11 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
+ // DOM
+ samlPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(samlPort);
samlPort.doubleIt(25);
((java.io.Closeable)samlPort).close();
@@ -195,8 +217,13 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
+ // DOM
samlPort.doubleIt(25);
+ // TODO Investigate Streaming
+ // SecurityTestUtil.enableStreaming(samlPort);
+ // samlPort.doubleIt(25);
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
@@ -222,6 +249,11 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
+ // DOM
+ samlPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(samlPort);
samlPort.doubleIt(25);
((java.io.Closeable)samlPort).close();
@@ -247,7 +279,12 @@ public class SamlTokenTest extends Abstr
DoubleItPortType samlPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT2);
+
+ // DOM
+ samlPort.doubleIt(25);
+ // Streaming
+ SecurityTestUtil.enableStreaming(samlPort);
samlPort.doubleIt(25);
((java.io.Closeable)samlPort).close();
@@ -274,6 +311,11 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT2);
+ // DOM
+ samlPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(samlPort);
samlPort.doubleIt(25);
((java.io.Closeable)samlPort).close();
@@ -300,8 +342,13 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(samlPort, PORT);
+ // DOM
samlPort.doubleIt(25);
+ // TODO Investigate Streaming
+ // SecurityTestUtil.enableStreaming(samlPort);
+ // samlPort.doubleIt(25);
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
@@ -327,8 +374,13 @@ public class SamlTokenTest extends Abstr
updateAddressPort(samlPort, PORT);
updateSTSPort((BindingProvider)samlPort, STS_PORT);
+ // DOM
samlPort.doubleIt(25);
+ // TODO Streaming
+ // SecurityTestUtil.enableStreaming(samlPort);
+ // samlPort.doubleIt(25);
+
((java.io.Closeable)samlPort).close();
bus.shutdown(true);
}
Added: cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/StaxServer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/StaxServer.java?rev=1528553&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/StaxServer.java (added)
+++ cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/StaxServer.java Wed Oct 2 16:34:10 2013
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.wssec.examples.ut;
+
+import java.net.URL;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+public class StaxServer extends AbstractBusTestServerBase {
+
+ public StaxServer() {
+
+ }
+
+ protected void run() {
+ URL busFile = StaxServer.class.getResource("stax-server.xml");
+ Bus busLocal = new SpringBusFactory().createBus(busFile);
+ BusFactory.setDefaultBus(busLocal);
+ setBus(busLocal);
+
+ try {
+ new StaxServer();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+}
Copied: cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/StaxUsernameTokenTest.java (from r1528434, cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/StaxUsernameTokenTest.java?p2=cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/StaxUsernameTokenTest.java&p1=cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java&r1=1528434&r2=1528553&rev=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java (original)
+++ cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/StaxUsernameTokenTest.java Wed Oct 2 16:34:10 2013
@@ -36,10 +36,12 @@ import org.junit.BeforeClass;
/**
* A set of tests for Username Tokens using policies defined in the OASIS spec:
* "WS-SecurityPolicy Examples Version 1.0".
+ *
+ * It tests both DOM + StAX clients against the StAX server
*/
-public class UsernameTokenTest extends AbstractBusClientServerTestBase {
- static final String PORT = allocatePort(Server.class);
- static final String PORT2 = allocatePort(Server.class, 2);
+public class StaxUsernameTokenTest extends AbstractBusClientServerTestBase {
+ static final String PORT = allocatePort(StaxServer.class);
+ static final String PORT2 = allocatePort(StaxServer.class, 2);
private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
@@ -50,7 +52,7 @@ public class UsernameTokenTest extends A
"Server failed to launch",
// run the server in the same process
// set this to false to fork
- launchServer(Server.class, true)
+ launchServer(StaxServer.class, true)
);
}
@@ -67,19 +69,24 @@ public class UsernameTokenTest extends A
public void testPlaintext() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenTest.class.getResource("client.xml");
+ URL busFile = StaxUsernameTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenTest.class.getResource("DoubleItUt.wsdl");
+ URL wsdl = StaxUsernameTokenTest.class.getResource("DoubleItUt.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItPlaintextPort");
DoubleItPortType utPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -93,19 +100,24 @@ public class UsernameTokenTest extends A
public void testPlaintextNoPassword() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenTest.class.getResource("client.xml");
+ URL busFile = StaxUsernameTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenTest.class.getResource("DoubleItUt.wsdl");
+ URL wsdl = StaxUsernameTokenTest.class.getResource("DoubleItUt.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItPlaintextNoPasswordPort");
DoubleItPortType utPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -119,19 +131,24 @@ public class UsernameTokenTest extends A
public void testDigest() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenTest.class.getResource("client.xml");
+ URL busFile = StaxUsernameTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenTest.class.getResource("DoubleItUt.wsdl");
+ URL wsdl = StaxUsernameTokenTest.class.getResource("DoubleItUt.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItDigestPort");
DoubleItPortType utPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -145,19 +162,24 @@ public class UsernameTokenTest extends A
public void testTLSSupporting() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenTest.class.getResource("client.xml");
+ URL busFile = StaxUsernameTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenTest.class.getResource("DoubleItUt.wsdl");
+ URL wsdl = StaxUsernameTokenTest.class.getResource("DoubleItUt.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItTLSSupportingPort");
DoubleItPortType utPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT2);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -171,19 +193,24 @@ public class UsernameTokenTest extends A
public void testAsymmetricSESupporting() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenTest.class.getResource("client.xml");
+ URL busFile = StaxUsernameTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenTest.class.getResource("DoubleItUt.wsdl");
+ URL wsdl = StaxUsernameTokenTest.class.getResource("DoubleItUt.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSESupportingPort");
DoubleItPortType utPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -197,19 +224,24 @@ public class UsernameTokenTest extends A
public void testAsymmetricEncrSupporting() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenTest.class.getResource("client.xml");
+ URL busFile = StaxUsernameTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenTest.class.getResource("DoubleItUt.wsdl");
+ URL wsdl = StaxUsernameTokenTest.class.getResource("DoubleItUt.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricEncrSupportingPort");
DoubleItPortType utPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -223,19 +255,24 @@ public class UsernameTokenTest extends A
public void testSymmetricSESupporting() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = UsernameTokenTest.class.getResource("client.xml");
+ URL busFile = StaxUsernameTokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = UsernameTokenTest.class.getResource("DoubleItUt.wsdl");
+ URL wsdl = StaxUsernameTokenTest.class.getResource("DoubleItUt.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSymmetricSESupportingPort");
DoubleItPortType utPort =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
Modified: cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java (original)
+++ cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/ut/UsernameTokenTest.java Wed Oct 2 16:34:10 2013
@@ -36,6 +36,8 @@ import org.junit.BeforeClass;
/**
* A set of tests for Username Tokens using policies defined in the OASIS spec:
* "WS-SecurityPolicy Examples Version 1.0".
+ *
+ * It tests both DOM + StAX clients against the DOM server
*/
public class UsernameTokenTest extends AbstractBusClientServerTestBase {
static final String PORT = allocatePort(Server.class);
@@ -80,6 +82,11 @@ public class UsernameTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -106,6 +113,11 @@ public class UsernameTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -132,6 +144,11 @@ public class UsernameTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -158,6 +175,11 @@ public class UsernameTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT2);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -184,6 +206,11 @@ public class UsernameTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -210,6 +237,11 @@ public class UsernameTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -236,6 +268,11 @@ public class UsernameTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
Added: cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/StaxServer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/StaxServer.java?rev=1528553&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/StaxServer.java (added)
+++ cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/StaxServer.java Wed Oct 2 16:34:10 2013
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.wssec.examples.x509;
+
+import java.net.URL;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+public class StaxServer extends AbstractBusTestServerBase {
+
+ public StaxServer() {
+
+ }
+
+ protected void run() {
+ URL busFile = StaxServer.class.getResource("stax-server.xml");
+ Bus busLocal = new SpringBusFactory().createBus(busFile);
+ BusFactory.setDefaultBus(busLocal);
+ setBus(busLocal);
+
+ try {
+ new StaxServer();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+}
Copied: cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/StaxX509TokenTest.java (from r1528434, cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/StaxX509TokenTest.java?p2=cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/StaxX509TokenTest.java&p1=cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java&r1=1528434&r2=1528553&rev=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java (original)
+++ cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/StaxX509TokenTest.java Wed Oct 2 16:34:10 2013
@@ -36,9 +36,11 @@ import org.junit.BeforeClass;
/**
* A set of tests for X509 Tokens using policies defined in the OASIS spec:
* "WS-SecurityPolicy Examples Version 1.0".
+ *
+ * It tests both DOM + StAX clients against the StAX server
*/
-public class X509TokenTest extends AbstractBusClientServerTestBase {
- static final String PORT = allocatePort(Server.class);
+public class StaxX509TokenTest extends AbstractBusClientServerTestBase {
+ static final String PORT = allocatePort(StaxServer.class);
private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
@@ -49,7 +51,7 @@ public class X509TokenTest extends Abstr
"Server failed to launch",
// run the server in the same process
// set this to false to fork
- launchServer(Server.class, true)
+ launchServer(StaxServer.class, true)
);
}
@@ -66,19 +68,24 @@ public class X509TokenTest extends Abstr
public void testAsymmetricSignEncrypt() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = X509TokenTest.class.getResource("client.xml");
+ URL busFile = StaxX509TokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = X509TokenTest.class.getResource("DoubleItX509.wsdl");
+ URL wsdl = StaxX509TokenTest.class.getResource("DoubleItX509.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSignEncryptPort");
DoubleItPortType x509Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(x509Port, PORT);
+ // DOM
+ x509Port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(x509Port);
x509Port.doubleIt(25);
((java.io.Closeable)x509Port).close();
@@ -92,19 +99,24 @@ public class X509TokenTest extends Abstr
public void testAsymmetricProtectTokens() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = X509TokenTest.class.getResource("client.xml");
+ URL busFile = StaxX509TokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = X509TokenTest.class.getResource("DoubleItX509.wsdl");
+ URL wsdl = StaxX509TokenTest.class.getResource("DoubleItX509.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricProtectTokensPort");
DoubleItPortType x509Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(x509Port, PORT);
+ // DOM
+ x509Port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(x509Port);
x509Port.doubleIt(25);
((java.io.Closeable)x509Port).close();
@@ -113,52 +125,66 @@ public class X509TokenTest extends Abstr
/**
* 2.2.3 (WSS1.1) Anonymous with X.509 Certificate, Sign, Encrypt
+ * TODO Support streaming derived
*/
@org.junit.Test
+ @org.junit.Ignore
public void testSymmetricSignEncrypt() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = X509TokenTest.class.getResource("client.xml");
+ URL busFile = StaxX509TokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = X509TokenTest.class.getResource("DoubleItX509.wsdl");
+ URL wsdl = StaxX509TokenTest.class.getResource("DoubleItX509.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSymmetricSignEncryptPort");
DoubleItPortType x509Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(x509Port, PORT);
+ // DOM
x509Port.doubleIt(25);
+ // TODO - Support derived Streaming
+ // SecurityTestUtil.enableStreaming(x509Port);
+ // x509Port.doubleIt(25);
+
((java.io.Closeable)x509Port).close();
bus.shutdown(true);
}
/**
* 2.2.4 (WSS1.1) Mutual Authentication with X.509 Certificates, Sign, Encrypt
+ * TODO - Support streaming Endorsing
*/
@org.junit.Test
+ @org.junit.Ignore
public void testSymmetricEndorsing() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = X509TokenTest.class.getResource("client.xml");
+ URL busFile = StaxX509TokenTest.class.getResource("client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = X509TokenTest.class.getResource("DoubleItX509.wsdl");
+ URL wsdl = StaxX509TokenTest.class.getResource("DoubleItX509.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSymmetricEndorsingPort");
DoubleItPortType x509Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(x509Port, PORT);
+ // DOM
x509Port.doubleIt(25);
+ // TODO - support endorsing Streaming
+ // SecurityTestUtil.enableStreaming(x509Port);
+ // x509Port.doubleIt(25);
+
((java.io.Closeable)x509Port).close();
bus.shutdown(true);
}
Modified: cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java (original)
+++ cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/x509/X509TokenTest.java Wed Oct 2 16:34:10 2013
@@ -36,6 +36,8 @@ import org.junit.BeforeClass;
/**
* A set of tests for X509 Tokens using policies defined in the OASIS spec:
* "WS-SecurityPolicy Examples Version 1.0".
+ *
+ * It tests both DOM + StAX clients against the DOM server
*/
public class X509TokenTest extends AbstractBusClientServerTestBase {
static final String PORT = allocatePort(Server.class);
@@ -79,6 +81,11 @@ public class X509TokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(x509Port, PORT);
+ // DOM
+ x509Port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(x509Port);
x509Port.doubleIt(25);
((java.io.Closeable)x509Port).close();
@@ -105,6 +112,11 @@ public class X509TokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(x509Port, PORT);
+ // DOM
+ x509Port.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(x509Port);
x509Port.doubleIt(25);
((java.io.Closeable)x509Port).close();
@@ -131,8 +143,13 @@ public class X509TokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(x509Port, PORT);
+ // DOM
x509Port.doubleIt(25);
+ // TODO - Support derived Streaming
+ // SecurityTestUtil.enableStreaming(x509Port);
+ // x509Port.doubleIt(25);
+
((java.io.Closeable)x509Port).close();
bus.shutdown(true);
}
@@ -157,8 +174,13 @@ public class X509TokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(x509Port, PORT);
+ // DOM
x509Port.doubleIt(25);
+ // TODO - support endorsing Streaming
+ // SecurityTestUtil.enableStreaming(x509Port);
+ // x509Port.doubleIt(25);
+
((java.io.Closeable)x509Port).close();
bus.shutdown(true);
}
Modified: cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/client.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/client.xml?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/client.xml (original)
+++ cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/saml/client.xml Wed Oct 2 16:34:10 2013
@@ -62,7 +62,6 @@
value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
<entry key="ws-security.signature.properties" value="alice.properties"/>
<entry key="ws-security.signature.username" value="alice"/>
- <entry key="ws-security.self-sign-saml-assertion" value="true"/>
</jaxws:properties>
</jaxws:client>
@@ -83,7 +82,6 @@
createdFromAPI="true">
<jaxws:properties>
<entry key="ws-security.saml-callback-handler" value-ref="saml1HOKHandler"/>
- <entry key="ws-security.self-sign-saml-assertion" value="true"/>
<entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
<entry key="ws-security.signature.properties" value="alice.properties"/>
@@ -121,7 +119,6 @@
value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
<entry key="ws-security.signature.properties" value="alice.properties"/>
<entry key="ws-security.signature.username" value="alice"/>
- <entry key="ws-security.self-sign-saml-assertion" value="true"/>
</jaxws:properties>
</jaxws:client>
@@ -184,12 +181,14 @@
<bean id="saml1HOKHandler"
class="org.apache.cxf.systest.wssec.examples.saml.SamlCallbackHandler">
<property name="confirmationMethod" value="urn:oasis:names:tc:SAML:1.0:cm:holder-of-key"/>
+ <property name="signed" value="true"/>
</bean>
<bean id="saml2HOKHandler"
class="org.apache.cxf.systest.wssec.examples.saml.SamlCallbackHandler">
<property name="confirmationMethod" value="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"/>
<property name="saml2" value="true"/>
+ <property name="signed" value="true"/>
</bean>
<bean id="saml2BearerHandler"
Modified: cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl (original)
+++ cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl Wed Oct 2 16:34:10 2013
@@ -291,7 +291,8 @@
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
- <sp:Strict/>
+ <!--<sp:Strict/>-->
+ <sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
@@ -400,7 +401,8 @@
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
- <sp:Strict/>
+ <!--<sp:Strict/>-->
+ <sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
Added: cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/stax-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/stax-server.xml?rev=1528553&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/stax-server.xml (added)
+++ cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/stax-server.xml Wed Oct 2 16:34:10 2013
@@ -0,0 +1,184 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:jaxws="http://cxf.apache.org/jaxws"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:p="http://cxf.apache.org/policy"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
+ ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <cxf:bus>
+ <cxf:features>
+ <p:policies/>
+ <cxf:logging/>
+ </cxf:features>
+ </cxf:bus>
+
+ <jaxws:endpoint
+ id="Plaintext"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItUTPlaintext"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItPlaintextPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="PlaintextNoPassword"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItUTPlaintextNoPassword"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItPlaintextNoPasswordPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="Digest"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItUTDigest"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItDigestPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="TLSSupporting"
+ address="https://localhost:${testutil.ports.StaxServer.2}/DoubleItUTTLSSupporting"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItTLSSupportingPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl"
+ depends-on="tls-settings">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="AsymmetricSESupporting"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItUTAsymmetricSESupporting"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItAsymmetricSESupportingPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="useReqSigCert"/>
+ <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="AsymmetricEncrSupporting"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItUTAsymmetricEncrSupporting"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItAsymmetricEncrSupportingPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="SymmetricSESupporting"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItUTSymmetricSESupporting"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItSymmetricSESupportingPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/ut//DoubleItUt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+ <!-- -->
+ <!-- Any services listening on port ${testutil.ports.Server} must use the following -->
+ <!-- Transport Layer Security (TLS) settings -->
+ <!-- -->
+ <httpj:engine-factory id="tls-settings">
+ <httpj:engine port="${testutil.ports.StaxServer.2}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="jks" password="password" resource="Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="jks" password="password" resource="Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:cipherSuitesFilter>
+ <sec:include>.*_EXPORT_.*</sec:include>
+ <sec:include>.*_EXPORT1024_.*</sec:include>
+ <sec:include>.*_WITH_DES_.*</sec:include>
+ <sec:include>.*_WITH_AES_.*</sec:include>
+ <sec:include>.*_WITH_NULL_.*</sec:include>
+ <sec:exclude>.*_DH_anon_.*</sec:exclude>
+ </sec:cipherSuitesFilter>
+ <sec:clientAuthentication want="false" required="false"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+</beans>
Added: cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/x509/stax-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/x509/stax-server.xml?rev=1528553&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/x509/stax-server.xml (added)
+++ cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/x509/stax-server.xml Wed Oct 2 16:34:10 2013
@@ -0,0 +1,122 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:jaxws="http://cxf.apache.org/jaxws"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:p="http://cxf.apache.org/policy"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
+ ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <cxf:bus>
+ <cxf:features>
+ <p:policies/>
+ <cxf:logging/>
+ </cxf:features>
+ </cxf:bus>
+
+ <jaxws:endpoint
+ id="AsymmetricSignEncrypt"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItX509AsymmetricSignEncrypt"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItAsymmetricSignEncryptPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/x509/DoubleItX509.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="useReqSigCert"/>
+ <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="AsymmetricProtectTokens"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItX509AsymmetricProtectTokens"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItAsymmetricProtectTokensPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/x509/DoubleItX509.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="useReqSigCert"/>
+ <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="SymmetricSignEncrypt"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItX509SymmetricSignEncrypt"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItSymmetricSignEncryptPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/x509/DoubleItX509.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <entry key="ws-security.signature.username" value="bob"/>
+ <entry key="ws-security.signature.properties" value="bob.properties"/>
+ <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="SymmetricEndorsing"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItX509SymmetricEndorsing"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItSymmetricEndorsingPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.wssec.examples.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/wssec/examples/x509/DoubleItX509.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.wssec.examples.common.CommonPasswordCallback"/>
+ <!-- TODO Fix the way these properties are inverted -->
+ <entry key="ws-security.signature.username" value="bob"/>
+ <entry key="ws-security.encryption.properties" value="bob.properties"/>
+ <entry key="ws-security.signature.properties" value="alice.properties"/>
+ <entry key="ws-security.encryption.username" value="alice"/>
+ <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+
+
+</beans>
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java Wed Oct 2 16:34:10 2013
@@ -245,13 +245,10 @@ public class SamlTokenTest extends Abstr
updateAddressPort(saml1Port, PORT2);
((BindingProvider)saml1Port).getRequestContext().put(
- "ws-security.saml-callback-handler", new SamlCallbackHandler(false)
+ "ws-security.saml-callback-handler", new SamlCallbackHandler(false, true)
);
((BindingProvider)saml1Port).getRequestContext().put(
- SecurityConstants.SELF_SIGN_SAML_ASSERTION, true
- );
- ((BindingProvider)saml1Port).getRequestContext().put(
SecurityConstants.SIGNATURE_USERNAME, "alice"
);
((BindingProvider)saml1Port).getRequestContext().put(
@@ -635,7 +632,7 @@ public class SamlTokenTest extends Abstr
updateAddressPort(saml1Port, PORT2);
((BindingProvider)saml1Port).getRequestContext().put(
- "ws-security.saml-callback-handler", new SamlCallbackHandler(false)
+ "ws-security.saml-callback-handler", new SamlCallbackHandler(false, true)
);
int result = saml1Port.doubleIt(25);
assertTrue(result == 50);
@@ -690,7 +687,7 @@ public class SamlTokenTest extends Abstr
updateAddressPort(saml1Port, PORT2);
((BindingProvider)saml1Port).getRequestContext().put(
- "ws-security.saml-callback-handler", new SamlCallbackHandler(false)
+ "ws-security.saml-callback-handler", new SamlCallbackHandler(false, true)
);
int result = saml1Port.doubleIt(25);
assertTrue(result == 50);
@@ -744,7 +741,7 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(true, true);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", callbackHandler
@@ -800,7 +797,7 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(true, true);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", callbackHandler
@@ -861,7 +858,7 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(true, true);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
callbackHandler.setKeyInfoIdentifier(CERT_IDENTIFIER.KEY_VALUE);
((BindingProvider)saml2Port).getRequestContext().put(
@@ -924,7 +921,7 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(true, true);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", callbackHandler
@@ -1099,7 +1096,7 @@ public class SamlTokenTest extends Abstr
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(true, true);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", callbackHandler
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/StaxSamlTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/StaxSamlTokenTest.java?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/StaxSamlTokenTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/StaxSamlTokenTest.java Wed Oct 2 16:34:10 2013
@@ -247,16 +247,13 @@ public class StaxSamlTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml1Port, PORT2);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler(false);
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(false, true);
callbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER);
((BindingProvider)saml1Port).getRequestContext().put(
"ws-security.saml-callback-handler", callbackHandler
);
((BindingProvider)saml1Port).getRequestContext().put(
- SecurityConstants.SELF_SIGN_SAML_ASSERTION, true
- );
- ((BindingProvider)saml1Port).getRequestContext().put(
SecurityConstants.SIGNATURE_USERNAME, "alice"
);
((BindingProvider)saml1Port).getRequestContext().put(
@@ -616,7 +613,7 @@ public class StaxSamlTokenTest extends A
updateAddressPort(saml1Port, PORT2);
((BindingProvider)saml1Port).getRequestContext().put(
- "ws-security.saml-callback-handler", new SamlCallbackHandler(false)
+ "ws-security.saml-callback-handler", new SamlCallbackHandler(false, true)
);
int result = saml1Port.doubleIt(25);
assertTrue(result == 50);
@@ -671,7 +668,7 @@ public class StaxSamlTokenTest extends A
updateAddressPort(saml1Port, PORT2);
((BindingProvider)saml1Port).getRequestContext().put(
- "ws-security.saml-callback-handler", new SamlCallbackHandler(false)
+ "ws-security.saml-callback-handler", new SamlCallbackHandler(false, true)
);
int result = saml1Port.doubleIt(25);
assertTrue(result == 50);
@@ -725,7 +722,7 @@ public class StaxSamlTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(true, true);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", callbackHandler
@@ -754,7 +751,7 @@ public class StaxSamlTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(true, true);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", callbackHandler
@@ -784,7 +781,7 @@ public class StaxSamlTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(true, true);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
callbackHandler.setKeyInfoIdentifier(CERT_IDENTIFIER.KEY_VALUE);
((BindingProvider)saml2Port).getRequestContext().put(
@@ -815,7 +812,7 @@ public class StaxSamlTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(true, true);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", callbackHandler
@@ -990,7 +987,7 @@ public class StaxSamlTokenTest extends A
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(saml2Port, PORT2);
- SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler(true, true);
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
((BindingProvider)saml2Port).getRequestContext().put(
"ws-security.saml-callback-handler", callbackHandler
Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client.xml?rev=1528553&r1=1528552&r2=1528553&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client.xml (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client.xml Wed Oct 2 16:34:10 2013
@@ -116,7 +116,6 @@
value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
<entry key="ws-security.signature.username" value="alice"/>
<entry key="ws-security.signature.properties" value="alice.properties"/>
- <entry key="ws-security.self-sign-saml-assertion" value="true"/>
</jaxws:properties>
</jaxws:client>
@@ -127,7 +126,6 @@
value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
<entry key="ws-security.signature.username" value="alice"/>
<entry key="ws-security.signature.properties" value="alice.properties"/>
- <entry key="ws-security.self-sign-saml-assertion" value="true"/>
</jaxws:properties>
</jaxws:client>
@@ -138,7 +136,6 @@
value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
<entry key="ws-security.signature.username" value="alice"/>
<entry key="ws-security.signature.properties" value="alice.properties"/>
- <entry key="ws-security.self-sign-saml-assertion" value="true"/>
</jaxws:properties>
</jaxws:client>
@@ -149,7 +146,6 @@
value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
<entry key="ws-security.signature.username" value="alice"/>
<entry key="ws-security.signature.properties" value="alice.properties"/>
- <entry key="ws-security.self-sign-saml-assertion" value="true"/>
</jaxws:properties>
</jaxws:client>
@@ -162,7 +158,6 @@
<entry key="ws-security.encryption.username" value="bob"/>
<entry key="ws-security.signature.properties" value="alice.properties"/>
<entry key="ws-security.signature.username" value="alice"/>
- <entry key="ws-security.self-sign-saml-assertion" value="true"/>
</jaxws:properties>
</jaxws:client>
@@ -205,7 +200,6 @@
value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
<entry key="ws-security.signature.username" value="alice"/>
<entry key="ws-security.signature.properties" value="alice.properties"/>
- <entry key="ws-security.self-sign-saml-assertion" value="true"/>
</jaxws:properties>
</jaxws:client>