You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by co...@apache.org on 2009/01/22 11:55:21 UTC

svn commit: r736605 - /webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java

Author: coheigea
Date: Thu Jan 22 02:55:20 2009
New Revision: 736605

URL: http://svn.apache.org/viewvc?rev=736605&view=rev
Log:
Added a test for using a password digest with type "PasswordText".

Modified:
    webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java

Modified: webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java?rev=736605&r1=736604&r2=736605&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java (original)
+++ webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java Thu Jan 22 02:55:20 2009
@@ -35,6 +35,7 @@
 import org.apache.ws.security.WSSConfig;
 import org.apache.ws.security.message.WSSecUsernameToken;
 import org.apache.ws.security.message.WSSecHeader;
+import org.apache.ws.security.util.Base64;
 import org.w3c.dom.Document;
 
 import javax.security.auth.callback.Callback;
@@ -44,6 +45,7 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.PrintWriter;
+import java.security.MessageDigest;
 
 
 /**
@@ -260,6 +262,33 @@
     }
     
     /**
+     * Test that adds a UserNameToken with a digested password but with type of
+     * password test.
+     * <p/>
+     */
+    public void testUsernameTokenDigestText() throws Exception {
+        WSSecUsernameToken builder = new WSSecUsernameToken();
+        builder.setPasswordType(WSConstants.PASSWORD_TEXT);
+        byte[] password = "verySecret".getBytes();
+        MessageDigest sha = MessageDigest.getInstance("MD5");
+        sha.reset();
+        sha.update(password);
+        String passwdDigest = Base64.encode(sha.digest());
+        
+        builder.setUserInfo("wernerd", passwdDigest);
+        log.info("Before adding UsernameToken PW Text....");
+        Document doc = unsignedEnvelope.getAsDocument();
+        WSSecHeader secHeader = new WSSecHeader();
+        secHeader.insertSecurityHeader(doc);
+        Document signedDoc = builder.build(doc, secHeader);
+        Message signedMsg = SOAPUtil.toAxisMessage(signedDoc);
+        if (log.isDebugEnabled()) {
+            log.debug("Message with UserNameToken PW Text:");
+            XMLUtils.PrettyElementToWriter(signedMsg.getSOAPEnvelope().getAsDOM(), new PrintWriter(System.out));
+        }
+    }
+    
+    /**
      * Test that adds a UserNameToken with (bad) password text to a WS-Security envelope
      * <p/>
      */



---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org