Repository: cxf
Updated Branches:
refs/heads/2.7.x-fixes f6d9f8114 -> ad1c0971c
Adding a test-case for adding + parsing a BinarySecurityToken
Conflicts:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java
systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/DoubleItTokens.wsdl
systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/client.xml
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/87f0669f
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/87f0669f
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/87f0669f
Branch: refs/heads/2.7.x-fixes
Commit: 87f0669f930e87a2979ed322d6aa72e36c97caed
Parents: f6d9f81
Author: Colm O hEigeartaigh <[email protected]>
Authored: Mon May 12 12:49:54 2014 +0100
Committer: Colm O hEigeartaigh <[email protected]>
Committed: Mon May 12 12:50:53 2014 +0100
----------------------------------------------------------------------
.../wss4j/BinarySecurityTokenInterceptor.java | 179 +++++++++++++++++++
.../wss4j/KerberosTokenInterceptor.java | 39 ++--
.../apache/cxf/systest/ws/tokens/BSTServer.java | 47 +++++
.../ws/tokens/BinarySecurityTokenTest.java | 104 +++++++++++
.../cxf/systest/ws/tokens/DoubleItBSTImpl.java | 72 ++++++++
.../cxf/systest/ws/tokens/DoubleItTokens.wsdl | 21 +++
.../apache/cxf/systest/ws/tokens/bst-server.xml | 36 ++++
.../org/apache/cxf/systest/ws/tokens/client.xml | 177 ++++++++++++++++++
8 files changed, 651 insertions(+), 24 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/87f0669f/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
----------------------------------------------------------------------
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
new file mode 100644
index 0000000..052fc16
--- /dev/null
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/BinarySecurityTokenInterceptor.java
@@ -0,0 +1,179 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.ws.security.wss4j;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.xml.namespace.QName;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.headers.Header;
+import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.interceptor.security.DefaultSecurityContext;
+import org.apache.cxf.security.SecurityContext;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.tokenstore.SecurityToken;
+import org.apache.cxf.ws.security.tokenstore.TokenStore;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.WSDocInfo;
+import org.apache.wss4j.dom.WSSConfig;
+import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.dom.handler.RequestData;
+import org.apache.wss4j.dom.handler.WSHandlerConstants;
+import org.apache.wss4j.dom.handler.WSHandlerResult;
+import org.apache.wss4j.dom.processor.BinarySecurityTokenProcessor;
+import org.apache.wss4j.dom.validate.Validator;
+import org.apache.wss4j.policy.model.AbstractToken;
+
+/**
+ * An interceptor to add a BinarySecurityToken token to the security header of
an outbound request, and to
+ * process a BinarySecurityToken on an inbound request. It takes the
BinarySecurityToken from the message
+ * context on the outbound side.
+ */
+public class BinarySecurityTokenInterceptor extends AbstractTokenInterceptor {
+
+ public BinarySecurityTokenInterceptor() {
+ super();
+ }
+
+ protected void processToken(SoapMessage message) {
+ Header h = findSecurityHeader(message, false);
+ if (h == null) {
+ return;
+ }
+ Element el = (Element)h.getObject();
+ Element child = DOMUtils.getFirstElement(el);
+ while (child != null) {
+ if (WSConstants.BINARY_TOKEN_LN.equals(child.getLocalName())
+ && WSConstants.WSSE_NS.equals(child.getNamespaceURI())) {
+ try {
+ List<WSSecurityEngineResult> bstResults =
processToken(child, message);
+ if (bstResults != null) {
+ List<WSHandlerResult> results =
CastUtils.cast((List<?>)message
+ .get(WSHandlerConstants.RECV_RESULTS));
+ if (results == null) {
+ results = new ArrayList<WSHandlerResult>();
+ message.put(WSHandlerConstants.RECV_RESULTS,
results);
+ }
+ WSHandlerResult rResult = new WSHandlerResult(null,
bstResults);
+ results.add(0, rResult);
+
+ assertTokens(message);
+
+ Principal principal =
+
(Principal)bstResults.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL);
+ message.put(WSS4JInInterceptor.PRINCIPAL_RESULT,
principal);
+
+ SecurityContext sc =
message.get(SecurityContext.class);
+ if (sc == null || sc.getUserPrincipal() == null) {
+ message.put(SecurityContext.class, new
DefaultSecurityContext(principal, null));
+ }
+
+ }
+ } catch (WSSecurityException ex) {
+ throw new Fault(ex);
+ }
+ }
+ child = DOMUtils.getNextElement(child);
+ }
+ }
+
+ private List<WSSecurityEngineResult> processToken(Element tokenElement,
final SoapMessage message)
+ throws WSSecurityException {
+ WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument());
+ RequestData data = new RequestData() {
+ public CallbackHandler getCallbackHandler() {
+ return getCallback(message);
+ }
+ public Validator getValidator(QName qName) throws
WSSecurityException {
+ String key = SecurityConstants.BST_TOKEN_VALIDATOR;
+ Object o = message.getContextualProperty(key);
+ try {
+ if (o instanceof Validator) {
+ return (Validator)o;
+ } else if (o instanceof Class) {
+ return (Validator)((Class<?>)o).newInstance();
+ } else if (o instanceof String) {
+ return
(Validator)ClassLoaderUtils.loadClass(o.toString(),
+
BinarySecurityTokenInterceptor.class)
+
.newInstance();
+ }
+ } catch (RuntimeException t) {
+ throw t;
+ } catch (Exception ex) {
+ throw new
WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
+ }
+ return super.getValidator(qName);
+ }
+ };
+ data.setWssConfig(WSSConfig.getNewInstance());
+
+ BinarySecurityTokenProcessor p = new BinarySecurityTokenProcessor();
+ List<WSSecurityEngineResult> results =
+ p.handleToken(tokenElement, data, wsDocInfo);
+ return results;
+ }
+
+ protected AbstractToken assertTokens(SoapMessage message) {
+ // Assert tokens here if required
+ return null;
+ }
+
+ protected void addToken(SoapMessage message) {
+ SecurityToken securityToken = getSecurityToken(message);
+ if (securityToken == null || securityToken.getToken() == null) {
+ // No SecurityToken so just return
+ return;
+ }
+
+ assertTokens(message);
+ Header h = findSecurityHeader(message, true);
+ Element el = (Element)h.getObject();
+
el.appendChild(el.getOwnerDocument().importNode(securityToken.getToken(),
true));
+ }
+
+ private SecurityToken getSecurityToken(SoapMessage message) {
+ if (message.getContextualProperty(SecurityConstants.TOKEN) instanceof
SecurityToken) {
+ return
(SecurityToken)message.getContextualProperty(SecurityConstants.TOKEN);
+ }
+
+ // Get the TokenStore
+ TokenStore tokenStore = getTokenStore(message);
+ if (tokenStore == null) {
+ return null;
+ }
+
+ String id =
(String)message.getContextualProperty(SecurityConstants.TOKEN_ID);
+ if (id != null) {
+ return tokenStore.getToken(id);
+ }
+ return null;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/87f0669f/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java
----------------------------------------------------------------------
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java
index c3e42d9..19efb19 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/KerberosTokenInterceptor.java
@@ -19,16 +19,8 @@
package org.apache.cxf.ws.security.wss4j;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.security.auth.callback.CallbackHandler;
-import javax.xml.namespace.QName;
-
-import org.w3c.dom.Element;
-
import org.apache.cxf.binding.soap.SoapMessage;
+<<<<<<< HEAD
import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.headers.Header;
import org.apache.cxf.helpers.CastUtils;
@@ -51,6 +43,11 @@ import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
import org.apache.ws.security.processor.BinarySecurityTokenProcessor;
import org.apache.ws.security.validate.Validator;
+=======
+import org.apache.cxf.ws.policy.AssertionInfoMap;
+import org.apache.wss4j.policy.SPConstants;
+import org.apache.wss4j.policy.model.AbstractToken;
+>>>>>>> 2120019... Adding a test-case for adding + parsing a
BinarySecurityToken
/**
* An interceptor to add a Kerberos token to the security header of an
outbound request, and to
@@ -58,12 +55,13 @@ import org.apache.ws.security.validate.Validator;
* context on the outbound side, where it was previously placed by the
* KerberosTokenInterceptorProvider.
*/
-public class KerberosTokenInterceptor extends AbstractTokenInterceptor {
+public class KerberosTokenInterceptor extends BinarySecurityTokenInterceptor {
public KerberosTokenInterceptor() {
super();
}
+<<<<<<< HEAD
protected void processToken(SoapMessage message) {
Header h = findSecurityHeader(message, false);
if (h == null) {
@@ -157,20 +155,13 @@ public class KerberosTokenInterceptor extends
AbstractTokenInterceptor {
Header h = findSecurityHeader(message, true);
Element el = (Element)h.getObject();
el.appendChild(el.getOwnerDocument().importNode(securityToken.getToken(),
true));
+=======
+ protected AbstractToken assertTokens(SoapMessage message) {
+ AssertionInfoMap aim = message.get(AssertionInfoMap.class);
+ assertPolicy(aim, "WssKerberosV5ApReqToken11");
+ assertPolicy(aim, "WssGssKerberosV5ApReqToken11");
+ return assertTokens(message, SPConstants.KERBEROS_TOKEN, false);
+>>>>>>> 2120019... Adding a test-case for adding + parsing a
BinarySecurityToken
}
- private SecurityToken getSecurityToken(SoapMessage message) {
- // Get the TokenStore
- TokenStore tokenStore = getTokenStore(message);
- if (tokenStore == null) {
- return null;
- }
-
- String id =
(String)message.getContextualProperty(SecurityConstants.TOKEN_ID);
- if (id != null) {
- return tokenStore.getToken(id);
- }
- return null;
- }
-
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/87f0669f/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/BSTServer.java
----------------------------------------------------------------------
diff --git
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/BSTServer.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/BSTServer.java
new file mode 100644
index 0000000..166e59b
--- /dev/null
+++
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/BSTServer.java
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.ws.tokens;
+
+import java.net.URL;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+public class BSTServer extends AbstractBusTestServerBase {
+
+ public BSTServer() {
+
+ }
+
+ protected void run() {
+ URL busFile = BSTServer.class.getResource("bst-server.xml");
+ Bus busLocal = new SpringBusFactory().createBus(busFile);
+ BusFactory.setDefaultBus(busLocal);
+ setBus(busLocal);
+
+ try {
+ new BSTServer();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/87f0669f/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/BinarySecurityTokenTest.java
----------------------------------------------------------------------
diff --git
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/BinarySecurityTokenTest.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/BinarySecurityTokenTest.java
new file mode 100644
index 0000000..640b317
--- /dev/null
+++
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/BinarySecurityTokenTest.java
@@ -0,0 +1,104 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.ws.tokens;
+
+import java.net.URL;
+import java.util.UUID;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+
+import org.w3c.dom.Document;
+import org.apache.cxf.Bus;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.systest.ws.common.SecurityTestUtil;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.tokenstore.SecurityToken;
+import org.apache.wss4j.dom.message.token.BinarySecurity;
+import org.example.contract.doubleit.DoubleItPortType;
+import org.junit.BeforeClass;
+
+/**
+ * This is a test to add a custom BinarySecurityToken to the security header
of a service request,
+ * and to process it accordingly.
+ */
+public class BinarySecurityTokenTest extends AbstractBusClientServerTestBase {
+ static final String PORT = allocatePort(BSTServer.class);
+
+ private static final String NAMESPACE =
"http://www.example.org/contract/DoubleIt";;
+ private static final QName SERVICE_QNAME = new QName(NAMESPACE,
"DoubleItService");
+
+ @BeforeClass
+ public static void startServers() throws Exception {
+ assertTrue(
+ "Server failed to launch",
+ // run the server in the same process
+ // set this to false to fork
+ launchServer(BSTServer.class, true)
+ );
+ }
+
+ @org.junit.AfterClass
+ public static void cleanup() throws Exception {
+ SecurityTestUtil.cleanup();
+ stopAllServers();
+ }
+
+ @org.junit.Test
+ public void testBinarySecurityToken() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = BinarySecurityTokenTest.class.getResource("client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl =
BinarySecurityTokenTest.class.getResource("DoubleItTokens.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+
+ // Successful invocation
+ QName portQName = new QName(NAMESPACE,
"DoubleItBinarySecurityTokenPort");
+ DoubleItPortType port = service.getPort(portQName,
DoubleItPortType.class);
+ updateAddressPort(port, PORT);
+
+ // Mock up a BinarySecurityToken to add
+ SecurityToken securityToken = new SecurityToken();
+ securityToken.setId("_" + UUID.randomUUID().toString());
+
+ Document doc = DOMUtils.newDocument();
+ BinarySecurity binarySecurity = new BinarySecurity(doc);
+ binarySecurity.setValueType("http://custom-value-type";);
+ binarySecurity.setToken("This is a token".getBytes());
+
+ securityToken.setToken(binarySecurity.getElement());
+
+
((BindingProvider)port).getRequestContext().put(SecurityConstants.TOKEN,
securityToken);
+
+ port.doubleIt(25);
+
+ ((java.io.Closeable)port).close();
+ bus.shutdown(true);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/87f0669f/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/DoubleItBSTImpl.java
----------------------------------------------------------------------
diff --git
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/DoubleItBSTImpl.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/DoubleItBSTImpl.java
new file mode 100644
index 0000000..09fd847
--- /dev/null
+++
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/tokens/DoubleItBSTImpl.java
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.ws.tokens;
+
+import java.util.Arrays;
+import java.util.List;
+
+import javax.annotation.Resource;
+import javax.jws.WebService;
+import javax.xml.ws.WebServiceContext;
+
+import org.apache.cxf.feature.Features;
+import org.apache.cxf.helpers.CastUtils;
+import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.dom.handler.WSHandlerConstants;
+import org.apache.wss4j.dom.handler.WSHandlerResult;
+import org.apache.wss4j.dom.message.token.BinarySecurity;
+import org.example.contract.doubleit.DoubleItFault;
+import org.example.contract.doubleit.DoubleItPortType;
+import org.junit.Assert;
+
+@WebService(targetNamespace = "http://www.example.org/contract/DoubleIt";,
+ serviceName = "DoubleItService",
+ endpointInterface =
"org.example.contract.doubleit.DoubleItPortType")
+@Features(features = "org.apache.cxf.feature.LoggingFeature")
+public class DoubleItBSTImpl implements DoubleItPortType {
+
+ @Resource
+ WebServiceContext wsContext;
+
+ public int doubleIt(int numberToDouble) throws DoubleItFault {
+ if (numberToDouble == 0) {
+ throw new DoubleItFault("0 can't be doubled!");
+ }
+
+ List<WSHandlerResult> results =
+
CastUtils.cast((List<?>)wsContext.getMessageContext().get(WSHandlerConstants.RECV_RESULTS));
+ Assert.assertNotNull("Security Results cannot be null", results);
+ Assert.assertTrue(results.size() > 0);
+
+ WSHandlerResult result = results.get(0);
+ List<WSSecurityEngineResult> securityResults = result.getResults();
+ Assert.assertNotNull("Security Results cannot be null",
securityResults);
+ Assert.assertTrue(securityResults.size() > 0);
+
+ WSSecurityEngineResult securityResult = securityResults.get(0);
+ BinarySecurity binarySecurityToken =
+
(BinarySecurity)securityResult.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
+ Assert.assertNotNull(binarySecurityToken);
+
+ Assert.assertTrue(Arrays.equals(binarySecurityToken.getToken(), "This
is a token".getBytes()));
+
+ return numberToDouble * 2;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/87f0669f/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/DoubleItTokens.wsdl
----------------------------------------------------------------------
diff --git
a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/DoubleItTokens.wsdl
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/DoubleItTokens.wsdl
index 2eb4218..e32a23b 100644
---
a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/DoubleItTokens.wsdl
+++
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/DoubleItTokens.wsdl
@@ -49,7 +49,25 @@
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
+<<<<<<< HEAD
+=======
+ <wsdl:binding name="DoubleItNoSecurityBinding" type="tns:DoubleItPortType">
+ <soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http"/>
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction=""/>
+ <wsdl:input>
+ <soap:body use="literal"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal"/>
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault"/>
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
+>>>>>>> 2120019... Adding a test-case for adding + parsing a
BinarySecurityToken
<wsdl:service name="DoubleItService">
<wsdl:port name="DoubleItSignedSupportingPort"
binding="tns:DoubleItStandardBinding">
<soap:address
location="http://localhost:9010/DoubleItSignedSupporting"; />
@@ -96,6 +114,9 @@
<wsdl:port name="DoubleItSignedEndorsingSupportingPort3"
binding="tns:DoubleItStandardBinding">
<soap:address
location="http://localhost:9010/DoubleItSignedEndorsingSupporting3"; />
</wsdl:port>
+ <wsdl:port name="DoubleItBinarySecurityTokenPort"
binding="tns:DoubleItNoSecurityBinding">
+ <soap:address
location="http://localhost:9010/DoubleItBinarySecurityToken"/>
+ </wsdl:port>
</wsdl:service>
<wsp:Policy wsu:Id="SignEncryptBodyPolicy">
http://git-wip-us.apache.org/repos/asf/cxf/blob/87f0669f/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/bst-server.xml
----------------------------------------------------------------------
diff --git
a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/bst-server.xml
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/bst-server.xml
new file mode 100644
index 0000000..b0782e5
--- /dev/null
+++
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/bst-server.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:jaxws="http://cxf.apache.org/jaxws";
xmlns:http="http://cxf.apache.org/transports/http/configuration";
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration";
xmlns:sec="http://cxf.apache.org/configuration/security";
xmlns:cxf="http://cxf.apache.org/core"; xmlns:p="http://cxf.apache.org/policy";
xsi:schemaLocation=" http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/core
http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy
http://cxf.apache.org/schemas/policy.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apa
che.org/transports/http-jetty/configuration
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd
http://www.w3.org/ns/ws-policy
http://www.w3.org/2007/02/ws-policy.xsd ">
+ <bean
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <cxf:bus>
+ <cxf:features>
+ <p:policies/>
+ <cxf:logging/>
+ </cxf:features>
+ </cxf:bus>
+
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt";
id="BinarySecurityToken"
address="http://localhost:${testutil.ports.BSTServer}/DoubleItBinarySecurityToken";
serviceName="s:DoubleItService"
endpointName="s:DoubleItBinarySecurityTokenPort"
implementor="org.apache.cxf.systest.ws.tokens.DoubleItBSTImpl"
wsdlLocation="org/apache/cxf/systest/ws/tokens/DoubleItTokens.wsdl">
+ <jaxws:inInterceptors>
+ <bean
class="org.apache.cxf.ws.security.wss4j.BinarySecurityTokenInterceptor" />
+ </jaxws:inInterceptors>
+ </jaxws:endpoint>
+
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/87f0669f/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/client.xml
----------------------------------------------------------------------
diff --git
a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/client.xml
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/client.xml
new file mode 100644
index 0000000..5048afb
--- /dev/null
+++
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/tokens/client.xml
@@ -0,0 +1,177 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:http="http://cxf.apache.org/transports/http/configuration";
xmlns:jaxws="http://cxf.apache.org/jaxws";
xmlns:cxf="http://cxf.apache.org/core"; xmlns:p="http://cxf.apache.org/policy";
xmlns:sec="http://cxf.apache.org/configuration/security"; xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli
cy.xsd http://www.w3.org/ns/ws-policy
http://www.w3.org/2007/02/ws-policy.xsd";>
+ <cxf:bus>
+ <cxf:features>
+ <p:policies/>
+ <cxf:logging/>
+ </cxf:features>
+ </cxf:bus>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItSignedSupportingPort";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="bob"/>
+ <entry key="ws-security.signature.properties"
value="alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.username-token.always.encrypted"
value="false"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference
xmlns:wsp="http://www.w3.org/ns/ws-policy";
URI="classpath:/org/apache/cxf/systest/ws/tokens/signed-supp-token-policy.xml"/>
+ </p:policies>
+ </jaxws:features>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItSignedSupportingPort2";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="bob"/>
+ <entry key="ws-security.signature.properties"
value="alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.username-token.always.encrypted"
value="false"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference
xmlns:wsp="http://www.w3.org/ns/ws-policy";
URI="classpath:/org/apache/cxf/systest/ws/tokens/supp-token-policy.xml"/>
+ </p:policies>
+ </jaxws:features>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItSignedSupportingPort3";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="bob"/>
+ <entry key="ws-security.signature.properties"
value="alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.username-token.always.encrypted"
value="false"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference
xmlns:wsp="http://www.w3.org/ns/ws-policy";
URI="classpath:/org/apache/cxf/systest/ws/tokens/encrypted-supp-token-policy.xml"/>
+ </p:policies>
+ </jaxws:features>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedSupportingPort";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="bob"/>
+ <entry key="ws-security.signature.properties"
value="alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.username-token.always.encrypted"
value="false"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference
xmlns:wsp="http://www.w3.org/ns/ws-policy";
URI="classpath:/org/apache/cxf/systest/ws/tokens/encrypted-supp-token-policy.xml"/>
+ </p:policies>
+ </jaxws:features>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedSupportingPort2";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="bob"/>
+ <entry key="ws-security.signature.properties"
value="alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.username-token.always.encrypted"
value="false"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference
xmlns:wsp="http://www.w3.org/ns/ws-policy";
URI="classpath:/org/apache/cxf/systest/ws/tokens/supp-token-policy.xml"/>
+ </p:policies>
+ </jaxws:features>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedSupportingPort3";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="bob"/>
+ <entry key="ws-security.signature.properties"
value="alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.username-token.always.encrypted"
value="false"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference
xmlns:wsp="http://www.w3.org/ns/ws-policy";
URI="classpath:/org/apache/cxf/systest/ws/tokens/signed-supp-token-policy.xml"/>
+ </p:policies>
+ </jaxws:features>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItSignedEncryptedSupportingPort";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="bob"/>
+ <entry key="ws-security.signature.properties"
value="alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.username-token.always.encrypted"
value="false"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference
xmlns:wsp="http://www.w3.org/ns/ws-policy";
URI="classpath:/org/apache/cxf/systest/ws/tokens/signed-encrypted-supp-token-policy.xml"/>
+ </p:policies>
+ </jaxws:features>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItSignedEncryptedSupportingPort2";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="bob"/>
+ <entry key="ws-security.signature.properties"
value="alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.username-token.always.encrypted"
value="false"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference
xmlns:wsp="http://www.w3.org/ns/ws-policy";
URI="classpath:/org/apache/cxf/systest/ws/tokens/signed-supp-token-policy.xml"/>
+ </p:policies>
+ </jaxws:features>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItSignedEncryptedSupportingPort3";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
value="bob.properties"/>
+ <entry key="ws-security.encryption.username" value="bob"/>
+ <entry key="ws-security.signature.properties"
value="alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.username-token.always.encrypted"
value="false"/>
+ </jaxws:properties>
+ <jaxws:features>
+ <p:policies>
+ <wsp:PolicyReference
xmlns:wsp="http://www.w3.org/ns/ws-policy";
URI="classpath:/org/apache/cxf/systest/ws/tokens/encrypted-supp-token-policy.xml"/>
+ </p:policies>
+ </jaxws:features>
+ </jaxws:client>
+
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItBinarySecurityTokenPort";
createdFromAPI="true">
+ <jaxws:outInterceptors>
+ <bean
class="org.apache.cxf.ws.security.wss4j.BinarySecurityTokenInterceptor" />
+ </jaxws:outInterceptors>
+ </jaxws:client>
+</beans>
