You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by co...@apache.org on 2009/01/22 11:55:21 UTC
svn commit: r736605 -
/webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java
Author: coheigea
Date: Thu Jan 22 02:55:20 2009
New Revision: 736605
URL: http://svn.apache.org/viewvc?rev=736605&view=rev
Log:
Added a test for using a password digest with type "PasswordText".
Modified:
webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java
Modified: webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java?rev=736605&r1=736604&r2=736605&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java (original)
+++ webservices/wss4j/trunk/test/wssec/TestWSSecurityNew5.java Thu Jan 22 02:55:20 2009
@@ -35,6 +35,7 @@
import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.message.WSSecUsernameToken;
import org.apache.ws.security.message.WSSecHeader;
+import org.apache.ws.security.util.Base64;
import org.w3c.dom.Document;
import javax.security.auth.callback.Callback;
@@ -44,6 +45,7 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
+import java.security.MessageDigest;
/**
@@ -260,6 +262,33 @@
}
/**
+ * Test that adds a UserNameToken with a digested password but with type of
+ * password test.
+ * <p/>
+ */
+ public void testUsernameTokenDigestText() throws Exception {
+ WSSecUsernameToken builder = new WSSecUsernameToken();
+ builder.setPasswordType(WSConstants.PASSWORD_TEXT);
+ byte[] password = "verySecret".getBytes();
+ MessageDigest sha = MessageDigest.getInstance("MD5");
+ sha.reset();
+ sha.update(password);
+ String passwdDigest = Base64.encode(sha.digest());
+
+ builder.setUserInfo("wernerd", passwdDigest);
+ log.info("Before adding UsernameToken PW Text....");
+ Document doc = unsignedEnvelope.getAsDocument();
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+ Document signedDoc = builder.build(doc, secHeader);
+ Message signedMsg = SOAPUtil.toAxisMessage(signedDoc);
+ if (log.isDebugEnabled()) {
+ log.debug("Message with UserNameToken PW Text:");
+ XMLUtils.PrettyElementToWriter(signedMsg.getSOAPEnvelope().getAsDOM(), new PrintWriter(System.out));
+ }
+ }
+
+ /**
* Test that adds a UserNameToken with (bad) password text to a WS-Security envelope
* <p/>
*/
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org