You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2013/06/08 15:20:19 UTC
svn commit: r1490977 [2/4] - in /webservices/wss4j/trunk:
ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/
ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/
ws-security-policy-stax/src/test/java/org/...
Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AsymmetricBindingIntegrationTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AsymmetricBindingIntegrationTest.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AsymmetricBindingIntegrationTest.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AsymmetricBindingIntegrationTest.java Sat Jun 8 13:20:18 2013
@@ -60,7 +60,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -70,7 +70,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -166,7 +166,7 @@ public class AsymmetricBindingIntegratio
" <wsp:All>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V1Token11/>\n" +
@@ -176,7 +176,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -198,7 +198,7 @@ public class AsymmetricBindingIntegratio
" <wsp:All>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -208,7 +208,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -304,7 +304,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -314,7 +314,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -415,7 +415,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -425,7 +425,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -467,7 +467,7 @@ public class AsymmetricBindingIntegratio
" </sp:ContentEncryptedElements>\n" +
" <sp:SignedSupportingTokens>\n" +
" <wsp:Policy>\n" +
- " <sp:UsernameToken IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:UsernameToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <wsp:Policy>\n" +
" <sp:NoPassword/>\n" +
" </wsp:Policy>\n" +
@@ -532,7 +532,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -542,7 +542,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -584,7 +584,7 @@ public class AsymmetricBindingIntegratio
" </sp:ContentEncryptedElements>\n" +
" <sp:SignedSupportingTokens>\n" +
" <wsp:Policy>\n" +
- " <sp:UsernameToken IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:UsernameToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <wsp:Policy>\n" +
" <sp:NoPassword/>\n" +
" </wsp:Policy>\n" +
@@ -657,7 +657,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -667,7 +667,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -709,7 +709,7 @@ public class AsymmetricBindingIntegratio
" </sp:ContentEncryptedElements>\n" +
" <sp:SignedSupportingTokens>\n" +
" <wsp:Policy>\n" +
- " <sp:UsernameToken IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:UsernameToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <wsp:Policy>\n" +
" <sp:NoPassword/>\n" +
" </wsp:Policy>\n" +
@@ -782,7 +782,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -792,7 +792,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -827,7 +827,7 @@ public class AsymmetricBindingIntegratio
" </sp:EncryptedParts>\n" +
" <sp:SignedSupportingTokens>\n" +
" <wsp:Policy>\n" +
- " <sp:UsernameToken IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:UsernameToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <wsp:Policy>\n" +
" <sp:NoPassword/>\n" +
" </wsp:Policy>\n" +
@@ -892,7 +892,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -902,7 +902,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1008,7 +1008,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1018,7 +1018,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1125,7 +1125,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1135,7 +1135,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1244,7 +1244,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1254,7 +1254,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1359,7 +1359,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1369,7 +1369,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1464,7 +1464,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1474,7 +1474,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1570,7 +1570,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1580,7 +1580,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1683,7 +1683,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1693,7 +1693,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1796,7 +1796,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1806,7 +1806,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1914,7 +1914,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -1924,7 +1924,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -2027,7 +2027,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -2037,7 +2037,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:WssX509V3Token11/>\n" +
@@ -2139,7 +2139,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:SamlToken IncludeToken=\" http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always\">\n" +
+ " <sp:SamlToken sp:IncludeToken=\" http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always\">\n" +
" <sp:IssuerName>www.example.com</sp:IssuerName>\n" +
" <wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
" <sp:WssSamlV20Token11/>\n" +
@@ -2149,7 +2149,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:RequireDerivedKeys/>\n" +
@@ -2168,7 +2168,7 @@ public class AsymmetricBindingIntegratio
" </sp:AsymmetricBinding>\n" +
" <sp:SignedSupportingTokens>\n" +
" <wsp:Policy>\n" +
- " <sp:UsernameToken IncludeToken=\" http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:UsernameToken sp:IncludeToken=\" http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <wsp:Policy>\n" +
" </wsp:Policy>\n" +
" </sp:UsernameToken>\n" +
@@ -2277,7 +2277,7 @@ public class AsymmetricBindingIntegratio
" <wsp:Policy>\n" +
" <sp:InitiatorToken>\n" +
" <wsp:Policy>\n" +
- " <sp:SamlToken IncludeToken=\" http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always\">\n" +
+ " <sp:SamlToken sp:IncludeToken=\" http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always\">\n" +
" <sp:IssuerName>www.example.com</sp:IssuerName>\n" +
" <wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
" <sp:WssSamlV20Token11/>\n" +
@@ -2287,7 +2287,7 @@ public class AsymmetricBindingIntegratio
" </sp:InitiatorToken>\n" +
" <sp:RecipientToken>\n" +
" <wsp:Policy>\n" +
- " <sp:X509Token IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
" <wsp:Policy>\n" +
" <sp:RequireDerivedKeys/>\n" +
@@ -2306,7 +2306,7 @@ public class AsymmetricBindingIntegratio
" </sp:AsymmetricBinding>\n" +
" <sp:SignedSupportingTokens>\n" +
" <wsp:Policy>\n" +
- " <sp:UsernameToken IncludeToken=\" http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:UsernameToken sp:IncludeToken=\" http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
" <wsp:Policy>\n" +
" </wsp:Policy>\n" +
" </sp:UsernameToken>\n" +
@@ -2389,4 +2389,226 @@ public class AsymmetricBindingIntegratio
}
));
}
+
+ @Test
+ public void testRecipientTokenInclusionAlwaysToRecipientPolicy() throws Exception {
+
+ String policyString =
+ "<wsp:ExactlyOne xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\" " +
+ "xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" +
+ " <wsp:All>\n" +
+ " <sp:AsymmetricBinding>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:InitiatorToken>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
+ " <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:WssX509V3Token11/>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:X509Token>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:InitiatorToken>\n" +
+ " <sp:RecipientToken>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:WssX509V3Token11/>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:X509Token>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:RecipientToken>\n" +
+ " <sp:AlgorithmSuite>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:Basic256/>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:AlgorithmSuite>\n" +
+ " <sp:Layout>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:Lax/>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:Layout>\n" +
+ " <sp:IncludeTimestamp/>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:AsymmetricBinding>\n" +
+ " <sp:SignedParts>\n" +
+ " <sp:Body/>\n" +
+ " <sp:Header Name=\"Header1\" Namespace=\"...\"/>\n" +
+ " <sp:Header Namespace=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"/>\n" +
+ " </sp:SignedParts>\n" +
+ " <sp:SignedElements>\n" +
+ " <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Created</sp:XPath>\n" +
+ " </sp:SignedElements>\n" +
+ " <sp:EncryptedParts>\n" +
+ " <sp:Body/>\n" +
+ " <sp:Header Name=\"Header2\" Namespace=\"...\"/>\n" +
+ " <sp:Header Namespace=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"/>\n" +
+ " </sp:EncryptedParts>\n" +
+ " <sp:EncryptedElements>\n" +
+ " <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Created</sp:XPath>\n" +
+ " </sp:EncryptedElements>\n" +
+ " <sp:ContentEncryptedElements>\n" +
+ " <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Expires</sp:XPath>\n" +
+ " </sp:ContentEncryptedElements>\n" +
+ " </wsp:All>\n" +
+ " </wsp:ExactlyOne>";
+
+ WSSSecurityProperties outSecurityProperties = new WSSSecurityProperties();
+ outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ outSecurityProperties.setEncryptionUser("receiver");
+ outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ outSecurityProperties.setSignatureUser("transmitter");
+ outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+ outSecurityProperties.addSignaturePart(new SecurePart(WSSConstants.TAG_wsu_Timestamp, SecurePart.Modifier.Element));
+ outSecurityProperties.addSignaturePart(new SecurePart(WSSConstants.TAG_soap11_Body, SecurePart.Modifier.Element));
+ outSecurityProperties.addEncryptionPart(new SecurePart(WSSConstants.TAG_wsu_Created, SecurePart.Modifier.Element));
+ outSecurityProperties.addEncryptionPart(new SecurePart(WSSConstants.TAG_wsu_Expires, SecurePart.Modifier.Content));
+ outSecurityProperties.addEncryptionPart(new SecurePart(WSSConstants.TAG_soap11_Body, SecurePart.Modifier.Content));
+ WSSConstants.Action[] actions = new WSSConstants.Action[]{WSSConstants.TIMESTAMP, WSSConstants.SIGNATURE, WSSConstants.ENCRYPT};
+ outSecurityProperties.setOutAction(actions);
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+ ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+ WSSSecurityProperties inSecurityProperties = new WSSSecurityProperties();
+ inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+ inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, inSecurityProperties));
+
+ try {
+ Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+
+ //read the whole stream:
+ Transformer transformer = TransformerFactory.newInstance().newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ Assert.fail("Exception expected");
+ } catch (XMLStreamException e) {
+ Assert.assertTrue(e.getCause() instanceof WSSecurityException);
+ Assert.assertEquals(e.getCause().getMessage(), "Token must be included");
+ Assert.assertEquals(((WSSecurityException) e.getCause()).getFaultCode(), WSSecurityException.INVALID_SECURITY);
+ }
+ }
+
+ @Test
+ public void testInitiatorTokenInclusionAlwaysToRecipientPolicy() throws Exception {
+
+ String policyString =
+ "<wsp:ExactlyOne xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\" " +
+ "xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" +
+ " <wsp:All>\n" +
+ " <sp:AsymmetricBinding>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:InitiatorToken>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" +
+ " <sp:IssuerName>CN=transmitter,OU=swssf,C=CH</sp:IssuerName>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:WssX509V3Token11/>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:X509Token>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:InitiatorToken>\n" +
+ " <sp:RecipientToken>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\">\n" +
+ " <sp:IssuerName>CN=receiver,OU=swssf,C=CH</sp:IssuerName>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:WssX509V3Token11/>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:X509Token>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:RecipientToken>\n" +
+ " <sp:AlgorithmSuite>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:Basic256/>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:AlgorithmSuite>\n" +
+ " <sp:Layout>\n" +
+ " <wsp:Policy>\n" +
+ " <sp:Lax/>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:Layout>\n" +
+ " <sp:IncludeTimestamp/>\n" +
+ " </wsp:Policy>\n" +
+ " </sp:AsymmetricBinding>\n" +
+ " <sp:SignedParts>\n" +
+ " <sp:Body/>\n" +
+ " <sp:Header Name=\"Header1\" Namespace=\"...\"/>\n" +
+ " <sp:Header Namespace=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"/>\n" +
+ " </sp:SignedParts>\n" +
+ " <sp:SignedElements>\n" +
+ " <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Created</sp:XPath>\n" +
+ " </sp:SignedElements>\n" +
+ " <sp:EncryptedParts>\n" +
+ " <sp:Body/>\n" +
+ " <sp:Header Name=\"Header2\" Namespace=\"...\"/>\n" +
+ " <sp:Header Namespace=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"/>\n" +
+ " </sp:EncryptedParts>\n" +
+ " <sp:EncryptedElements>\n" +
+ " <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Created</sp:XPath>\n" +
+ " </sp:EncryptedElements>\n" +
+ " <sp:ContentEncryptedElements>\n" +
+ " <sp:XPath xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">wsu:Expires</sp:XPath>\n" +
+ " </sp:ContentEncryptedElements>\n" +
+ " </wsp:All>\n" +
+ " </wsp:ExactlyOne>";
+
+ WSSSecurityProperties outSecurityProperties = new WSSSecurityProperties();
+ outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ outSecurityProperties.setEncryptionUser("receiver");
+ outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+ outSecurityProperties.setSignatureUser("transmitter");
+ outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+ outSecurityProperties.addSignaturePart(new SecurePart(WSSConstants.TAG_wsu_Timestamp, SecurePart.Modifier.Element));
+ outSecurityProperties.addSignaturePart(new SecurePart(WSSConstants.TAG_soap11_Body, SecurePart.Modifier.Element));
+ outSecurityProperties.addEncryptionPart(new SecurePart(WSSConstants.TAG_wsu_Created, SecurePart.Modifier.Element));
+ outSecurityProperties.addEncryptionPart(new SecurePart(WSSConstants.TAG_wsu_Expires, SecurePart.Modifier.Content));
+ outSecurityProperties.addEncryptionPart(new SecurePart(WSSConstants.TAG_soap11_Body, SecurePart.Modifier.Content));
+ WSSConstants.Action[] actions = new WSSConstants.Action[]{WSSConstants.TIMESTAMP, WSSConstants.SIGNATURE, WSSConstants.ENCRYPT};
+ outSecurityProperties.setOutAction(actions);
+
+ InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+ ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+ WSSSecurityProperties inSecurityProperties = new WSSSecurityProperties();
+ inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+ inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+ inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+ PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
+ inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, inSecurityProperties));
+
+ try {
+ Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+
+ //read the whole stream:
+ Transformer transformer = TransformerFactory.newInstance().newTransformer();
+ transformer.transform(new DOMSource(document), new StreamResult(
+ new OutputStream() {
+ @Override
+ public void write(int b) throws IOException {
+ // > /dev/null
+ }
+ }
+ ));
+ Assert.fail("Exception expected");
+ } catch (XMLStreamException e) {
+ Assert.assertTrue(e.getCause() instanceof WSSecurityException);
+ Assert.assertEquals(e.getCause().getMessage(), "Token must be included");
+ Assert.assertEquals(((WSSecurityException) e.getCause()).getFaultCode(), WSSecurityException.INVALID_SECURITY);
+ }
+ }
}
Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/IssuedTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/IssuedTokenTest.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/IssuedTokenTest.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/IssuedTokenTest.java Sat Jun 8 13:20:18 2013
@@ -19,7 +19,6 @@
package org.apache.wss4j.policy.stax.test;
-import junit.framework.Assert;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
@@ -40,6 +39,7 @@ import org.apache.wss4j.stax.securityEve
import org.apache.wss4j.stax.securityEvent.SignedPartSecurityEvent;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
import org.apache.xml.security.stax.securityEvent.ContentEncryptedElementSecurityEvent;
+import org.testng.Assert;
import org.testng.annotations.Test;
import javax.xml.namespace.QName;
@@ -114,7 +114,9 @@ public class IssuedTokenTest extends Abs
SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
SamlSecurityTokenImpl securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
initiatorTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
@@ -124,7 +126,9 @@ public class IssuedTokenTest extends Abs
SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainEncryption);
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
@@ -173,14 +177,18 @@ public class IssuedTokenTest extends Abs
SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
SamlSecurityTokenImpl securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
initiatorTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainEncryption);
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
@@ -234,7 +242,9 @@ public class IssuedTokenTest extends Abs
SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
SamlSecurityTokenImpl securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
initiatorTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
@@ -244,7 +254,9 @@ public class IssuedTokenTest extends Abs
SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainEncryption);
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
@@ -298,7 +310,9 @@ public class IssuedTokenTest extends Abs
SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
SamlSecurityTokenImpl securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
initiatorTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
@@ -308,7 +322,9 @@ public class IssuedTokenTest extends Abs
SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainEncryption);
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
@@ -361,7 +377,9 @@ public class IssuedTokenTest extends Abs
SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
SamlSecurityTokenImpl securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
initiatorTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
@@ -371,7 +389,9 @@ public class IssuedTokenTest extends Abs
SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainEncryption);
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/KerberosTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/KerberosTokenTest.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/KerberosTokenTest.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/KerberosTokenTest.java Sat Jun 8 13:20:18 2013
@@ -27,6 +27,7 @@ import org.apache.wss4j.stax.securityEve
import org.apache.wss4j.stax.securityEvent.OperationSecurityEvent;
import org.apache.wss4j.stax.securityEvent.SignedPartSecurityEvent;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
+import org.apache.xml.security.stax.impl.util.IDGenerator;
import org.apache.xml.security.stax.securityEvent.ContentEncryptedElementSecurityEvent;
import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
import org.testng.Assert;
@@ -78,7 +79,7 @@ public class KerberosTokenTest extends A
initiatorTokenSecurityEvent.setIssuerName("xs:anyURI");
KerberosServiceSecurityTokenImpl kerberosServiceSecurityToken =
- new KerberosServiceSecurityTokenImpl(null, null, null, WSSConstants.NS_Kerberos5_AP_REQ, null,
+ new KerberosServiceSecurityTokenImpl(null, null, null, WSSConstants.NS_Kerberos5_AP_REQ, IDGenerator.generateID(null),
WSSecurityTokenConstants.KeyIdentifier_EmbeddedKeyIdentifierRef);
kerberosServiceSecurityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
initiatorTokenSecurityEvent.setSecurityToken(kerberosServiceSecurityToken);
@@ -88,7 +89,7 @@ public class KerberosTokenTest extends A
recipientTokenSecurityEvent.setIssuerName("xs:anyURI");
kerberosServiceSecurityToken =
- new KerberosServiceSecurityTokenImpl(null, null, null, WSSConstants.NS_Kerberos5_AP_REQ, null,
+ new KerberosServiceSecurityTokenImpl(null, null, null, WSSConstants.NS_Kerberos5_AP_REQ, IDGenerator.generateID(null),
WSSecurityTokenConstants.KeyIdentifier_EmbeddedKeyIdentifierRef);
kerberosServiceSecurityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainEncryption);
recipientTokenSecurityEvent.setSecurityToken(kerberosServiceSecurityToken);
@@ -154,7 +155,7 @@ public class KerberosTokenTest extends A
initiatorTokenSecurityEvent.setIssuerName("xs:anyURI");
KerberosServiceSecurityTokenImpl kerberosServiceSecurityToken =
- new KerberosServiceSecurityTokenImpl(null, null, null, WSSConstants.NS_GSS_Kerberos5_AP_REQ, null,
+ new KerberosServiceSecurityTokenImpl(null, null, null, WSSConstants.NS_GSS_Kerberos5_AP_REQ, IDGenerator.generateID(null),
WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier);
kerberosServiceSecurityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
initiatorTokenSecurityEvent.setSecurityToken(kerberosServiceSecurityToken);
@@ -164,7 +165,7 @@ public class KerberosTokenTest extends A
recipientTokenSecurityEvent.setIssuerName("xs:anyURI");
kerberosServiceSecurityToken =
- new KerberosServiceSecurityTokenImpl(null, null, null, WSSConstants.NS_Kerberos5_AP_REQ, null,
+ new KerberosServiceSecurityTokenImpl(null, null, null, WSSConstants.NS_Kerberos5_AP_REQ, IDGenerator.generateID(null),
WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier);
kerberosServiceSecurityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainEncryption);
recipientTokenSecurityEvent.setSecurityToken(kerberosServiceSecurityToken);
Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/SamlTokenTest.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/SamlTokenTest.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/SamlTokenTest.java Sat Jun 8 13:20:18 2013
@@ -87,14 +87,18 @@ public class SamlTokenTest extends Abstr
SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
SamlSecurityTokenImpl securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
initiatorTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainEncryption);
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
@@ -165,7 +169,9 @@ public class SamlTokenTest extends Abstr
SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
SamlSecurityTokenImpl securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
initiatorTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
@@ -175,7 +181,9 @@ public class SamlTokenTest extends Abstr
SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
securityToken =
- new SamlSecurityTokenImpl(samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null, null, null);
+ new SamlSecurityTokenImpl(
+ samlAssertionWrapper, getX509Token(WSSecurityTokenConstants.X509V3Token), null, null,
+ WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference, null);
securityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainEncryption);
recipientTokenSecurityEvent.setSecurityToken(securityToken);
policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);