Another SCT system test + a NPE fix
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5ae19059 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5ae19059 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5ae19059 Branch: refs/heads/3.0.x-fixes Commit: 5ae190595f03bab2c9d9e41c7d7d6c4cad59086e Parents: 74e64bf Author: Colm O hEigeartaigh <[email protected]> Authored: Mon Sep 15 15:20:00 2014 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Mon Sep 15 15:31:43 2014 +0100 ---------------------------------------------------------------------- .../policy/interceptors/NegotiationUtils.java | 10 ++-- .../sts/secure_conv/SecureConversationTest.java | 21 +++++++ .../cxf/systest/sts/secure_conv/DoubleIt.wsdl | 61 ++++++++++++++++++++ .../cxf/systest/sts/secure_conv/cxf-client.xml | 6 ++ .../cxf/systest/sts/secure_conv/cxf-service.xml | 19 ++++++ 5 files changed, 113 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/5ae19059/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java index 6d7c0cd..68c05b8 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/NegotiationUtils.java @@ -275,11 +275,13 @@ final class NegotiationUtils { getTokenStore(message).add(token); } } - final SecurityContext sc = token.getSecurityContext(); - if (sc != null) { - message.put(SecurityContext.class, sc); + if (token != null) { + final SecurityContext sc = token.getSecurityContext(); + if (sc != null) { + message.put(SecurityContext.class, sc); + } + return true; } - return true; } } } http://git-wip-us.apache.org/repos/asf/cxf/blob/5ae19059/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecureConversationTest.java ---------------------------------------------------------------------- diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecureConversationTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecureConversationTest.java index ec88ad8..921998b 100644 --- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecureConversationTest.java +++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecureConversationTest.java @@ -110,6 +110,27 @@ public class SecureConversationTest extends AbstractBusClientServerTestBase { bus.shutdown(true); } + @org.junit.Test + public void testSecureConversationSupporting() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = SecureConversationTest.class.getResource("cxf-client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + URL wsdl = SecureConversationTest.class.getResource("DoubleIt.wsdl"); + Service service = Service.create(wsdl, SERVICE_QNAME); + QName portQName = new QName(NAMESPACE, "DoubleItTransportSupportingPort"); + DoubleItPortType transportPort = + service.getPort(portQName, DoubleItPortType.class); + updateAddressPort(transportPort, PORT); + + doubleIt(transportPort, 25); + + bus.shutdown(true); + } + private static void doubleIt(DoubleItPortType port, int numToDouble) { int resp = port.doubleIt(numToDouble); assertTrue(resp == 2 * numToDouble); http://git-wip-us.apache.org/repos/asf/cxf/blob/5ae19059/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/DoubleIt.wsdl ---------------------------------------------------------------------- diff --git a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/DoubleIt.wsdl b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/DoubleIt.wsdl index 66185cc..d860e53 100644 --- a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/DoubleIt.wsdl +++ b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/DoubleIt.wsdl @@ -49,6 +49,21 @@ </wsdl:output> </wsdl:operation> </wsdl:binding> + <wsdl:binding name="DoubleItTransportSupportingBinding" type="tns:DoubleItPortType"> + <wsp:PolicyReference URI="#DoubleItBindingTransportSupportingPolicy"/> + <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> + <wsdl:operation name="DoubleIt"> + <soap:operation soapAction=""/> + <wsdl:input> + <soap:body use="literal"/> + <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/> + </wsdl:input> + <wsdl:output> + <soap:body use="literal"/> + <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/> + </wsdl:output> + </wsdl:operation> + </wsdl:binding> <wsdl:service name="DoubleItService"> <wsdl:port name="DoubleItTransportSecureConvPort" binding="tns:DoubleItTransportSecureConvBinding"> <soap:address location="https://localhost:8081/doubleit/services/doubleittransportsecureconv"/> @@ -56,6 +71,10 @@ <wsdl:port name="DoubleItSymmetricSecureConvPort" binding="tns:DoubleItSymmetricSecureConvBinding"> <soap:address location="http://localhost:8082/doubleit/services/doubleitsymmetricsecureconv"/> </wsdl:port> + <wsdl:port name="DoubleItTransportSupportingPort" + binding="tns:DoubleItTransportSupportingBinding"> + <soap:address location="https://localhost:8081/doubleit/services/doubleittransportsupporting"/> + </wsdl:port> </wsdl:service> <wsp:Policy wsu:Id="DoubleItBindingTransportSecureConvPolicy"> <wsp:ExactlyOne> @@ -226,6 +245,48 @@ </wsp:All> </wsp:ExactlyOne> </wsp:Policy> + <wsp:Policy wsu:Id="DoubleItBindingTransportSupportingPolicy"> + <wsp:ExactlyOne> + <wsp:All> + <wsam:Addressing wsp:Optional="false"> + <wsp:Policy/> + </wsam:Addressing> + <sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> + <wsp:Policy> + <sp:TransportToken> + <wsp:Policy> + <sp:HttpsToken> + <wsp:Policy/> + </sp:HttpsToken> + </wsp:Policy> + </sp:TransportToken> + <sp:AlgorithmSuite> + <wsp:Policy> + <sp:Basic128/> + </wsp:Policy> + </sp:AlgorithmSuite> + <sp:Layout> + <wsp:Policy> + <sp:Lax/> + </wsp:Policy> + </sp:Layout> + <sp:IncludeTimestamp/> + </wsp:Policy> + </sp:TransportBinding> + <sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> + <wsp:Policy> + <sp:SecureConversationToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> + <wsp:Policy> + <sp:BootstrapPolicy> + <wsp:Policy /> + </sp:BootstrapPolicy> + </wsp:Policy> + </sp:SecureConversationToken> + </wsp:Policy> + </sp:SupportingTokens> + </wsp:All> + </wsp:ExactlyOne> + </wsp:Policy> <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Input_Policy"> <wsp:ExactlyOne> <wsp:All> http://git-wip-us.apache.org/repos/asf/cxf/blob/5ae19059/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/cxf-client.xml ---------------------------------------------------------------------- diff --git a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/cxf-client.xml b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/cxf-client.xml index aead21c..2349fb9 100644 --- a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/cxf-client.xml +++ b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/cxf-client.xml @@ -49,6 +49,12 @@ <entry key="ws-security.sts.client" value-ref="stsClient"/> </jaxws:properties> </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItTransportSupportingPort"; createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.sts.client" value-ref="stsClient"/> + </jaxws:properties> + </jaxws:client> + <http:conduit name="https://localhost:.*";> <http:tlsClientParameters disableCNCheck="true"> <sec:trustManagers> http://git-wip-us.apache.org/repos/asf/cxf/blob/5ae19059/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/cxf-service.xml ---------------------------------------------------------------------- diff --git a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/cxf-service.xml b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/cxf-service.xml index e4fc8ef..6ddfd39 100644 --- a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/cxf-service.xml +++ b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/secure_conv/cxf-service.xml @@ -55,6 +55,25 @@ </entry> </jaxws:properties> </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt"; id="doubleittransportsupporting" implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl" endpointName="s:DoubleItTransportSupportingPort" serviceName="s:DoubleItService" depends-on="ClientAuthHttpsSettings" address="https://localhost:${testutil.ports.Server}/doubleit/services/doubleittransportsupporting"; wsdlLocation="org/apache/cxf/systest/sts/secure_conv/DoubleIt.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/> + <entry key="ws-security.signature.properties" value="serviceKeystore.properties"/> + <entry key="ws-security.sct.validator"> + <bean class="org.apache.cxf.systest.sts.secure_conv.SCTTokenValidator"/> + </entry> + <entry key="ws-security.sts.client"> + <bean class="org.apache.cxf.ws.security.trust.STSClient"> + <constructor-arg ref="cxf"/> + <property name="wsdlLocation" value="https://localhost:${testutil.ports.STSServer}/SecurityTokenService/TransportSCT?wsdl"/> + <property name="serviceName" value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService"/> + <property name="endpointName" value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Transport_Port"/> + <property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/> + </bean> + </entry> + </jaxws:properties> + </jaxws:endpoint> + <httpj:engine-factory id="ClientAuthHttpsSettings" bus="cxf"> <httpj:engine port="${testutil.ports.Server}"> <httpj:tlsServerParameters>
