You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/04/12 11:14:30 UTC
[cxf] branch 3.1.x-fixes updated (9bf2460 -> b262c73)
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a change to branch 3.1.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git.
from 9bf2460 [CXF-7705]Use Java EL api and impl bundle from Servicemix for cxf-bean-validation feature
new 8c9a156 Added a WS-SecurityPolicy code-first demo
new b262c73 Recording .gitmergeinfo Changes
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.gitmergeinfo | 1 +
.../cxf/systest/ws/ut/UsernameTokenTest.java | 58 ++++++++++++++++++++++
...icy.xml => plaintext-pass-timestamp-policy.xml} | 1 +
3 files changed, 60 insertions(+)
copy systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/{supp-token-policy.xml => plaintext-pass-timestamp-policy.xml} (97%)
--
To stop receiving notification emails like this one, please contact
coheigea@apache.org.
[cxf] 01/02: Added a WS-SecurityPolicy code-first demo
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.1.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 8c9a156469daa2a974db79e2b1f70224ed773c4b
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Thu Apr 12 12:03:53 2018 +0100
Added a WS-SecurityPolicy code-first demo
(cherry picked from commit 51df5beeb200a77c274f6c93ca4f65145a1ddcd7)
---
.../cxf/systest/ws/ut/UsernameTokenTest.java | 58 ++++++++++++++++++++++
.../ws/ut/plaintext-pass-timestamp-policy.xml | 38 ++++++++++++++
2 files changed, 96 insertions(+)
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
index 236f9c4..e20763a 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
@@ -24,22 +24,28 @@ import java.net.URL;
import java.security.KeyStore;
import java.util.Arrays;
import java.util.Collection;
+import java.util.Collections;
import javax.net.ssl.TrustManagerFactory;
import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;
+import org.w3c.dom.Element;
+
import org.apache.cxf.Bus;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
+import org.apache.cxf.staxutils.StaxUtils;
import org.apache.cxf.systest.ws.common.SecurityTestUtil;
import org.apache.cxf.systest.ws.common.TestParam;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.ws.policy.WSPolicyFeature;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.example.contract.doubleit.DoubleItPortType;
@@ -139,6 +145,58 @@ public class UsernameTokenTest extends AbstractBusClientServerTestBase {
((java.io.Closeable)utPort).close();
}
+ // Here we are not using the WSDL and so need to add the policy manually on the client side
+ @org.junit.Test
+ public void testPlaintextCodeFirst() throws Exception {
+
+ String address = "https://localhost:" + PORT + "/DoubleItUTPlaintext";
+ QName portQName = new QName(NAMESPACE, "DoubleItPlaintextPort");
+
+ WSPolicyFeature policyFeature = new WSPolicyFeature();
+ Element policyElement =
+ StaxUtils.read(getClass().getResourceAsStream("plaintext-pass-timestamp-policy.xml")).getDocumentElement();
+ policyFeature.setPolicyElements(Collections.singletonList(policyElement));
+
+ JaxWsProxyFactoryBean clientFactoryBean = new JaxWsProxyFactoryBean();
+ clientFactoryBean.setFeatures(Collections.singletonList(policyFeature));
+ clientFactoryBean.setAddress(address);
+ clientFactoryBean.setServiceName(SERVICE_QNAME);
+ clientFactoryBean.setEndpointName(portQName);
+ clientFactoryBean.setServiceClass(DoubleItPortType.class);
+
+ DoubleItPortType port = (DoubleItPortType)clientFactoryBean.create();
+
+ if (test.isStreaming()) {
+ SecurityTestUtil.enableStreaming(port);
+ }
+
+ ((BindingProvider)port).getRequestContext().put(SecurityConstants.USERNAME, "Alice");
+
+ ((BindingProvider)port).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER,
+ "org.apache.cxf.systest.ws.common.UTPasswordCallback");
+
+ TrustManagerFactory tmf =
+ TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ final KeyStore ts = KeyStore.getInstance("JKS");
+ try (InputStream trustStore =
+ ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", UsernameTokenTest.class)) {
+ ts.load(trustStore, "password".toCharArray());
+ }
+ tmf.init(ts);
+
+ TLSClientParameters tlsParams = new TLSClientParameters();
+ tlsParams.setTrustManagers(tmf.getTrustManagers());
+ tlsParams.setDisableCNCheck(true);
+
+ Client client = ClientProxy.getClient(port);
+ HTTPConduit http = (HTTPConduit) client.getConduit();
+ http.setTlsClientParameters(tlsParams);
+
+ assertEquals(50, port.doubleIt(25));
+
+ ((java.io.Closeable)port).close();
+ }
+
@org.junit.Test
public void testPlaintext() throws Exception {
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/plaintext-pass-timestamp-policy.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/plaintext-pass-timestamp-policy.xml
new file mode 100644
index 0000000..265bf4e
--- /dev/null
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/plaintext-pass-timestamp-policy.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0"?>
+<wsp:Policy xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://www.w3.org/ns/ws-policy" wsu:Id="TransportUsernameTokenPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken>
+ <wsp:Policy/>
+ </sp:HttpsToken>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssUsernameToken10/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
--
To stop receiving notification emails like this one, please contact
coheigea@apache.org.
[cxf] 02/02: Recording .gitmergeinfo Changes
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.1.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit b262c7391d6f21ed3b7dbc0b9374f35269277245
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Thu Apr 12 12:05:02 2018 +0100
Recording .gitmergeinfo Changes
---
.gitmergeinfo | 1 +
1 file changed, 1 insertion(+)
diff --git a/.gitmergeinfo b/.gitmergeinfo
index 6d6e911..52669a6 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -945,6 +945,7 @@ M 4f4ce80ba2de80219e13943cbd6edbf411117234
M 5022be0c15d90800ee983fe94b07a10a54814991
M 50d3f48781cef7fdde9d4b2c4232feb2c2f4c8aa
M 5188523d89edd94247bbbea70698d64385767a63
+M 51df5beeb200a77c274f6c93ca4f65145a1ddcd7
M 52d77470228a3560f464003c68b30ffe8f1e8b9c
M 530498a452a1445d4b7157f521590296ba45ec75
M 53479782d9acc56f3b88700941f0b33215661769
--
To stop receiving notification emails like this one, please contact
coheigea@apache.org.