Repository: cxf-fediz Updated Branches: refs/heads/master 74719f299 -> c7666265b
Adding more Federation tests for the CXF plugin Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/c7666265 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/c7666265 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/c7666265 Branch: refs/heads/master Commit: c7666265b3907aab919e8c32ccfab3d0cd986a9c Parents: 74719f2 Author: Colm O hEigeartaigh <[email protected]> Authored: Tue Sep 2 11:34:59 2014 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Tue Sep 2 11:34:59 2014 +0100 ---------------------------------------------------------------------- .../federation/FederationTest.java | 12 +++++-- .../cxf/fediz/example/FedizExceptionMapper.java | 36 ++++++++++++++++++++ .../org/apache/cxf/fediz/example/Service.java | 33 ++++++++++++++++-- .../src/main/webapp/WEB-INF/cxf-service.xml | 13 ++++++- systests/simpleWebapp/pom.xml | 7 +++- 5 files changed, 93 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c7666265/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java ---------------------------------------------------------------------- diff --git a/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java b/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java index ec4aebf..f763340 100644 --- a/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java +++ b/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java @@ -25,6 +25,7 @@ import org.apache.catalina.LifecycleState; import org.apache.catalina.connector.Connector; import org.apache.catalina.startup.Tomcat; import org.apache.cxf.fediz.core.ClaimTypes; +import org.apache.cxf.fediz.integrationtests.AbstractTests; import org.apache.cxf.fediz.integrationtests.HTTPTestUtils; import org.junit.AfterClass; import org.junit.Assert; @@ -33,7 +34,7 @@ import org.junit.BeforeClass; /** * A test for WS-Federation using the CXF plugin (deployed in Tomcat). */ -public class FederationTest { +public class FederationTest extends AbstractTests { static String idpHttpsPort; static String rpHttpsPort; @@ -170,11 +171,12 @@ public class FederationTest { } @org.junit.Test - public void testAlice() throws Exception { + public void testUserAliceClientAuth() throws Exception { String url = "https://localhost:"; + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet"; String user = "alice"; String password = "ecila"; - String response = HTTPTestUtils.sendHttpGet(url, user, password, Integer.parseInt(getIdpHttpsPort())); + String response = + HTTPTestUtils.sendHttpGet(url, user, password, 200, 200, Integer.parseInt(getIdpHttpsPort())); Assert.assertTrue("Principal not " + user, response.indexOf("userPrincipal=" + user) > 0); Assert.assertTrue("User " + user + " does not have role Admin", response.indexOf("role:Admin=false") > 0); @@ -192,5 +194,9 @@ public class FederationTest { response.indexOf(claim + "[email protected]") > 0); } + + public String getServletContextName() { + return "fedizhelloworld"; + } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c7666265/systests/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/FedizExceptionMapper.java ---------------------------------------------------------------------- diff --git a/systests/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/FedizExceptionMapper.java b/systests/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/FedizExceptionMapper.java new file mode 100644 index 0000000..0a31396 --- /dev/null +++ b/systests/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/FedizExceptionMapper.java @@ -0,0 +1,36 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.cxf.fediz.example; + +import javax.ws.rs.core.Response; +import javax.ws.rs.ext.ExceptionMapper; + +import org.apache.cxf.interceptor.security.AccessDeniedException; + +/** + * Map 500 -> 403 + */ +public class FedizExceptionMapper implements ExceptionMapper<AccessDeniedException> { + + public Response toResponse(AccessDeniedException exception) { + return Response.status(Response.Status.FORBIDDEN).build(); + } + +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c7666265/systests/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/Service.java ---------------------------------------------------------------------- diff --git a/systests/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/Service.java b/systests/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/Service.java index f974e02..d91f8ba 100644 --- a/systests/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/Service.java +++ b/systests/cxfWebapp/src/main/java/org/apache/cxf/fediz/example/Service.java @@ -36,15 +36,42 @@ import org.apache.cxf.fediz.core.FedizPrincipal; import org.apache.cxf.fediz.core.SecurityTokenThreadLocal; import org.apache.cxf.jaxrs.ext.MessageContext; -@Path("/") +@Path("/secure/") +@Produces("text/html") public class Service { @Context private MessageContext messageContext; + @Path("/admin/fedservlet") + @RolesAllowed("Admin") + @GET + public String doGetAdmin(@Context UriInfo uriInfo) throws Exception { + return doGet(uriInfo); + } + + @Path("/manager/fedservlet") + @RolesAllowed("Manager") + @GET + public String doGetManager(@Context UriInfo uriInfo) throws Exception { + return doGet(uriInfo); + } + + @Path("/user/fedservlet") + @RolesAllowed({ "User", "Admin", "Manager" }) + @GET + public String doGetUser(@Context UriInfo uriInfo) throws Exception { + return doGet(uriInfo); + } + + @Path("/fedservlet") + @RolesAllowed({ "User", "Admin", "Manager", "Authenticated" }) @GET @Produces("text/html") - @RolesAllowed("Authenticated") - public String doGet(@Context UriInfo uriInfo) throws Exception { + public String doGetSecure(@Context UriInfo uriInfo) throws Exception { + return doGet(uriInfo); + } + + private String doGet(@Context UriInfo uriInfo) throws Exception { StringBuilder out = new StringBuilder(); out.append("<html>\n"); http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c7666265/systests/cxfWebapp/src/main/webapp/WEB-INF/cxf-service.xml ---------------------------------------------------------------------- diff --git a/systests/cxfWebapp/src/main/webapp/WEB-INF/cxf-service.xml b/systests/cxfWebapp/src/main/webapp/WEB-INF/cxf-service.xml index 215e10a..db04ac7 100644 --- a/systests/cxfWebapp/src/main/webapp/WEB-INF/cxf-service.xml +++ b/systests/cxfWebapp/src/main/webapp/WEB-INF/cxf-service.xml @@ -54,14 +54,25 @@ <property name="configFile" value="fediz_config.xml"/> </bean> + <bean id="exceptionMapper" class="org.apache.cxf.fediz.example.FedizExceptionMapper" /> + + <bean id="authorizationInterceptor" + class="org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor"> + <property name="securedObject" ref="serviceBean" /> + </bean> + <jaxrs:server - address="/secure/fedservlet"> + address="/"> <jaxrs:serviceBeans> <ref bean="serviceBean"/> </jaxrs:serviceBeans> <jaxrs:providers> <ref bean="fedizFilter"/> + <ref bean="exceptionMapper"/> </jaxrs:providers> + <jaxrs:inInterceptors> + <ref bean="authorizationInterceptor"/> + </jaxrs:inInterceptors> </jaxrs:server> </beans> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c7666265/systests/simpleWebapp/pom.xml ---------------------------------------------------------------------- diff --git a/systests/simpleWebapp/pom.xml b/systests/simpleWebapp/pom.xml index 9d7e34c..375f119 100644 --- a/systests/simpleWebapp/pom.xml +++ b/systests/simpleWebapp/pom.xml @@ -50,7 +50,12 @@ <groupId>org.apache.commons</groupId> <artifactId>commons-lang3</artifactId> <version>${commons.lang.version}</version> - </dependency> + </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-frontend-jaxrs</artifactId> + <version>${cxf.version}</version> + </dependency> </dependencies> <build> <!-- Name of the generated WAR file -->
