This is an automated email from the ASF dual-hosted git repository. jamesnetherton pushed a commit to branch 2.13.x in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
commit 6f9e37c68d83a63858cd515f6b521129404f562a Author: Peter Palaga <[email protected]> AuthorDate: Tue Nov 22 15:06:58 2022 +0100 Show a workaround for #4291 SoapFault: BSP:R3227: A SECURITY_HEADER MUST NOT contain more than one TIMESTAMP --- .../cxf-soap-ws-security-server/README.adoc | 19 ++++++++++ .../cxf-soap/cxf-soap-ws-security-server/pom.xml | 17 +++++++++ .../way/it/WsSecurityPolicyServerRoutesCxfWay.java | 33 ++++++++++++++++ .../it/WssSecurityPolicyHelloServiceCxfWay.java | 27 +++++++++++++ .../WssSecurityPolicyHelloServiceCxfWayImpl.java | 44 ++++++++++++++++++++++ .../src/main/resources/application.properties | 2 + .../way/it/CxfWssSecurityPolicyServerCxfWayIT.java | 24 ++++++++++++ .../it/CxfWssSecurityPolicyServerCxfWayTest.java} | 17 +++++---- .../server/it/CxfWssSecurityPolicyServerTest.java | 2 + integration-tests/cxf-soap-grouped/pom.xml | 13 +++++++ 10 files changed, 190 insertions(+), 8 deletions(-) diff --git a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/README.adoc b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/README.adoc new file mode 100644 index 0000000000..f5a485d1ac --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/README.adoc @@ -0,0 +1,19 @@ + += WS-Security and WS-SecurityPolicy tests + +== WS-SecurityPolicy + +We test in two ways how the SOAP service endpoints are deployed: the Camel way and the Quariverse CXF way. + +=== The Camel way + +* I.e. there is a Camel route with `from("cxf:...")` +* See `WsSecurityPolicyServerRoutes` and `WssSecurityPolicyHelloServiceImpl` + +=== The Quariverse CXF way + +* I.e. they are mapped to an URI path via Quariverse CXF settings in `application.properties` +* The service method then forwards to a Camel route defined in `WsSecurityPolicyServerRoutesCxfWay` +* See also `WssSecurityPolicyHelloServiceCxfWayImpl` +* This way may come in handy in situations when the Camel way does not work properly, + such as https://github.com/apache/camel-quarkus/issues/4291 \ No newline at end of file diff --git a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/pom.xml b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/pom.xml index 72dfc1f8d0..f5816fc6da 100644 --- a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/pom.xml +++ b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/pom.xml @@ -35,6 +35,10 @@ <groupId>org.apache.camel.quarkus</groupId> <artifactId>camel-quarkus-cxf-soap</artifactId> </dependency> + <dependency> + <groupId>org.apache.camel.quarkus</groupId> + <artifactId>camel-quarkus-direct</artifactId> + </dependency> <dependency> <groupId>io.quarkiverse.cxf</groupId> <artifactId>quarkus-cxf-rt-ws-security</artifactId> @@ -346,6 +350,19 @@ </exclusion> </exclusions> </dependency> + <dependency> + <groupId>org.apache.camel.quarkus</groupId> + <artifactId>camel-quarkus-direct-deployment</artifactId> + <version>${project.version}</version> + <type>pom</type> + <scope>test</scope> + <exclusions> + <exclusion> + <groupId>*</groupId> + <artifactId>*</artifactId> + </exclusion> + </exclusions> + </dependency> </dependencies> </profile> <profile> diff --git a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/WsSecurityPolicyServerRoutesCxfWay.java b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/WsSecurityPolicyServerRoutesCxfWay.java new file mode 100644 index 0000000000..48e5320c54 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/WsSecurityPolicyServerRoutesCxfWay.java @@ -0,0 +1,33 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.securitypolicy.server.cxf.way.it; + +import javax.enterprise.context.ApplicationScoped; + +import org.apache.camel.builder.RouteBuilder; + +@ApplicationScoped +public class WsSecurityPolicyServerRoutesCxfWay extends RouteBuilder { + + @Override + public void configure() { + from("direct:wsSecurityPolicyCxfWay") + .setBody(exchange -> "SecurityPolicy hello " + exchange.getMessage().getBody(String.class) + " CXF way"); + + } + +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/WssSecurityPolicyHelloServiceCxfWay.java b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/WssSecurityPolicyHelloServiceCxfWay.java new file mode 100644 index 0000000000..f6a1601102 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/WssSecurityPolicyHelloServiceCxfWay.java @@ -0,0 +1,27 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.securitypolicy.server.cxf.way.it; + +import javax.jws.WebMethod; +import javax.jws.WebService; + +@WebService(targetNamespace = "https://quarkiverse.github.io/quarkiverse-docs/quarkus-cxf/ws-securitypolicy";) +public interface WssSecurityPolicyHelloServiceCxfWay { + + @WebMethod + String sayHello(String name); +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/WssSecurityPolicyHelloServiceCxfWayImpl.java b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/WssSecurityPolicyHelloServiceCxfWayImpl.java new file mode 100644 index 0000000000..857c7af315 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/WssSecurityPolicyHelloServiceCxfWayImpl.java @@ -0,0 +1,44 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.securitypolicy.server.cxf.way.it; + +import javax.inject.Inject; +import javax.jws.WebService; + +import org.apache.camel.ProducerTemplate; +import org.apache.cxf.annotations.EndpointProperties; +import org.apache.cxf.annotations.EndpointProperty; +import org.apache.cxf.annotations.Policy; + +@WebService(portName = "EncryptSecurityServicePort", serviceName = "WssSecurityPolicyHelloServiceCxfWay", targetNamespace = "https://quarkiverse.github.io/quarkiverse-docs/quarkus-cxf/ws-securitypolicy";, endpointInterface = "org.apache.camel.quarkus.component.cxf.soap.securitypolicy.server.cxf.way.it.WssSecurityPolicyHelloServiceCxfWay") +@Policy(placement = Policy.Placement.BINDING, uri = "encrypt-sign-policy.xml") +@EndpointProperties(value = { + @EndpointProperty(key = "ws-security.signature.properties", value = "bob.properties"), + @EndpointProperty(key = "ws-security.encryption.properties", value = "bob.properties"), + @EndpointProperty(key = "ws-security.signature.username", value = "bob"), + @EndpointProperty(key = "ws-security.encryption.username", value = "alice"), + @EndpointProperty(key = "ws-security.callback-handler", value = "org.apache.camel.quarkus.component.cxf.soap.securitypolicy.server.it.PasswordCallbackHandler") +}) +public class WssSecurityPolicyHelloServiceCxfWayImpl implements WssSecurityPolicyHelloServiceCxfWay { + + @Inject + ProducerTemplate producerTemplate; + + public String sayHello(String name) { + return producerTemplate.requestBody("direct:wsSecurityPolicyCxfWay", name, String.class); + } +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/resources/application.properties b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/resources/application.properties index 7ca94be086..b562d19234 100644 --- a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/resources/application.properties +++ b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/main/resources/application.properties @@ -17,4 +17,6 @@ quarkus.cxf.path=/soapservice +quarkus.cxf.endpoint."/security-policy-hello-cxf-way".implementor=org.apache.camel.quarkus.component.cxf.soap.securitypolicy.server.cxf.way.it.WssSecurityPolicyHelloServiceCxfWayImpl + quarkus.native.resources.includes=bob.properties,alice.properties,alice.jks,bob.jks,encrypt-sign-policy.xml diff --git a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/CxfWssSecurityPolicyServerCxfWayIT.java b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/CxfWssSecurityPolicyServerCxfWayIT.java new file mode 100644 index 0000000000..204192b390 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/CxfWssSecurityPolicyServerCxfWayIT.java @@ -0,0 +1,24 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.securitypolicy.server.cxf.way.it; + +import io.quarkus.test.junit.QuarkusIntegrationTest; + +@QuarkusIntegrationTest +public class CxfWssSecurityPolicyServerCxfWayIT extends CxfWssSecurityPolicyServerCxfWayTest { + +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/it/CxfWssSecurityPolicyServerTest.java b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/CxfWssSecurityPolicyServerCxfWayTest.java similarity index 96% copy from integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/it/CxfWssSecurityPolicyServerTest.java copy to integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/CxfWssSecurityPolicyServerCxfWayTest.java index 7a0fd487bb..3bd067863d 100644 --- a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/it/CxfWssSecurityPolicyServerTest.java +++ b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/cxf/way/it/CxfWssSecurityPolicyServerCxfWayTest.java @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.camel.quarkus.component.cxf.soap.securitypolicy.server.it; +package org.apache.camel.quarkus.component.cxf.soap.securitypolicy.server.cxf.way.it; import java.io.IOException; import java.util.Map; @@ -25,6 +25,7 @@ import io.quarkiverse.cxf.test.QuarkusCxfClientTestUtil; import io.quarkus.test.junit.QuarkusTest; import io.restassured.RestAssured; import io.restassured.config.RestAssuredConfig; +import org.apache.camel.quarkus.component.cxf.soap.securitypolicy.server.it.PasswordCallbackHandler; import org.apache.cxf.ws.security.SecurityConstants; import org.assertj.core.api.Assertions; import org.hamcrest.CoreMatchers; @@ -35,11 +36,11 @@ import static io.quarkiverse.cxf.test.QuarkusCxfClientTestUtil.anyNs; import static io.restassured.RestAssured.given; @QuarkusTest -public class CxfWssSecurityPolicyServerTest { +public class CxfWssSecurityPolicyServerCxfWayTest { @Test void encrypetdSigned() throws IOException { - WssSecurityPolicyHelloService client = getPlainClient(); + WssSecurityPolicyHelloServiceCxfWay client = getPlainClient(); Map<String, Object> ctx = ((BindingProvider) client).getRequestContext(); ctx.put(SecurityConstants.CALLBACK_HANDLER, new PasswordCallbackHandler()); @@ -50,12 +51,12 @@ public class CxfWssSecurityPolicyServerTest { ctx.put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("alice.properties")); - Assertions.assertThat(client.sayHello("foo")).isEqualTo("Secure Hello foo!"); + Assertions.assertThat(client.sayHello("foo")).isEqualTo("SecurityPolicy hello foo CXF way"); } @Test void noSecurityConfig() throws IOException { - WssSecurityPolicyHelloService client = getPlainClient(); + WssSecurityPolicyHelloServiceCxfWay client = getPlainClient(); /* Make sure that it fails properly when called without a password */ Assertions.assertThatExceptionOfType(javax.xml.ws.soap.SOAPFaultException.class) .isThrownBy(() -> client.sayHello("bar")) @@ -205,10 +206,10 @@ public class CxfWssSecurityPolicyServerTest { CoreMatchers.is("SecurityServiceEncryptThenSignPolicy"))); } - WssSecurityPolicyHelloService getPlainClient() { + WssSecurityPolicyHelloServiceCxfWay getPlainClient() { return QuarkusCxfClientTestUtil.getClient( "https://quarkiverse.github.io/quarkiverse-docs/quarkus-cxf/ws-securitypolicy";, - WssSecurityPolicyHelloService.class, - "/soapservice/security-policy-hello"); + WssSecurityPolicyHelloServiceCxfWay.class, + "/soapservice/security-policy-hello-cxf-way"); } } diff --git a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/it/CxfWssSecurityPolicyServerTest.java b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/it/CxfWssSecurityPolicyServerTest.java index 7a0fd487bb..2bf6366da2 100644 --- a/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/it/CxfWssSecurityPolicyServerTest.java +++ b/integration-test-groups/cxf-soap/cxf-soap-ws-security-server/src/test/java/org/apache/camel/quarkus/component/cxf/soap/securitypolicy/server/it/CxfWssSecurityPolicyServerTest.java @@ -29,6 +29,7 @@ import org.apache.cxf.ws.security.SecurityConstants; import org.assertj.core.api.Assertions; import org.hamcrest.CoreMatchers; import org.hamcrest.Matchers; +import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; import static io.quarkiverse.cxf.test.QuarkusCxfClientTestUtil.anyNs; @@ -38,6 +39,7 @@ import static io.restassured.RestAssured.given; public class CxfWssSecurityPolicyServerTest { @Test + @Disabled("https://github.com/apache/camel-quarkus/issues/4291";) void encrypetdSigned() throws IOException { WssSecurityPolicyHelloService client = getPlainClient(); diff --git a/integration-tests/cxf-soap-grouped/pom.xml b/integration-tests/cxf-soap-grouped/pom.xml index 842e3fa584..5f78fd1813 100644 --- a/integration-tests/cxf-soap-grouped/pom.xml +++ b/integration-tests/cxf-soap-grouped/pom.xml @@ -231,6 +231,19 @@ </activation> <dependencies> <!-- The following dependencies guarantee that this module is built after them. You can update them by running `mvn process-resources -Pformat -N` from the source tree root directory --> + <dependency> + <groupId>org.apache.camel.quarkus</groupId> + <artifactId>camel-quarkus-bean-deployment</artifactId> + <version>${project.version}</version> + <type>pom</type> + <scope>test</scope> + <exclusions> + <exclusion> + <groupId>*</groupId> + <artifactId>*</artifactId> + </exclusion> + </exclusions> + </dependency> <dependency> <groupId>org.apache.camel.quarkus</groupId> <artifactId>camel-quarkus-cxf-soap-deployment</artifactId>
