Adding an STS systest
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/af105982 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/af105982 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/af105982 Branch: refs/heads/3.0.x-fixes Commit: af1059822116be982968826b8462de329a68c0a9 Parents: 354298c Author: Colm O hEigeartaigh <[email protected]> Authored: Wed Jan 6 15:13:55 2016 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Wed Jan 6 15:27:33 2016 +0000 ---------------------------------------------------------------------- .../X509SymmetricBindingTest.java | 29 ++++++ .../systest/sts/x509_symmetric/DoubleIt.wsdl | 94 ++++++++++++++++++++ .../systest/sts/x509_symmetric/cxf-client.xml | 8 ++ .../systest/sts/x509_symmetric/cxf-service.xml | 8 ++ .../sts/x509_symmetric/cxf-stax-service.xml | 9 ++ 5 files changed, 148 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/af105982/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java ---------------------------------------------------------------------- diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java index 1132d52..f019cfe 100644 --- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java +++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java @@ -203,6 +203,35 @@ public class X509SymmetricBindingTest extends AbstractBusClientServerTestBase { ((java.io.Closeable)symmetricSaml2Port).close(); bus.shutdown(true); } + + @org.junit.Test + public void testX509SAML2Supporting() throws Exception { + + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = X509SymmetricBindingTest.class.getResource("cxf-client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + URL wsdl = X509SymmetricBindingTest.class.getResource("DoubleIt.wsdl"); + Service service = Service.create(wsdl, SERVICE_QNAME); + QName portQName = new QName(NAMESPACE, "DoubleItSymmetricSAML2SupportingPort"); + DoubleItPortType symmetricSaml2Port = + service.getPort(portQName, DoubleItPortType.class); + updateAddressPort(symmetricSaml2Port, test.getPort()); + + TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, test.getStsPort()); + + if (test.isStreaming()) { + SecurityTestUtil.enableStreaming(symmetricSaml2Port); + } + + doubleIt(symmetricSaml2Port, 30); + + ((java.io.Closeable)symmetricSaml2Port).close(); + bus.shutdown(true); + } private static void doubleIt(DoubleItPortType port, int numToDouble) { int resp = port.doubleIt(numToDouble); http://git-wip-us.apache.org/repos/asf/cxf/blob/af105982/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/DoubleIt.wsdl ---------------------------------------------------------------------- diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/DoubleIt.wsdl b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/DoubleIt.wsdl index de7ebbe..ff9ca36 100644 --- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/DoubleIt.wsdl +++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/DoubleIt.wsdl @@ -64,6 +64,21 @@ </wsdl:output> </wsdl:operation> </wsdl:binding> + <wsdl:binding name="DoubleItSymmetricSAML2SupportingBinding" type="tns:DoubleItPortType"> + <wsp:PolicyReference URI="#DoubleItSymmetricBindingSAML2SupportingPolicy"/> + <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> + <wsdl:operation name="DoubleIt"> + <soap:operation soapAction=""/> + <wsdl:input> + <soap:body use="literal"/> + <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/> + </wsdl:input> + <wsdl:output> + <soap:body use="literal"/> + <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/> + </wsdl:output> + </wsdl:operation> + </wsdl:binding> <wsdl:service name="DoubleItService"> <wsdl:port name="DoubleItSymmetricSAML1Port" binding="tns:DoubleItSymmetricSAML1Binding"> <soap:address location="http://localhost:8082/doubleit/services/doubleitsymmetricsaml1"/> @@ -74,6 +89,9 @@ <wsdl:port name="DoubleItSymmetricSAML2EndorsingPort" binding="tns:DoubleItSymmetricSAML2EndorsingBinding"> <soap:address location="http://localhost:8082/doubleit/services/doubleitsymmetricsaml2endorsing"/> </wsdl:port> + <wsdl:port name="DoubleItSymmetricSAML2SupportingPort" binding="tns:DoubleItSymmetricSAML2SupportingBinding"> + <soap:address location="http://localhost:8082/doubleit/services/doubleitsymmetricsaml2supporting"/> + </wsdl:port> </wsdl:service> <wsp:Policy wsu:Id="DoubleItSymmetricBindingSAML1Policy"> <wsp:ExactlyOne> @@ -287,6 +305,82 @@ </wsp:All> </wsp:ExactlyOne> </wsp:Policy> + <wsp:Policy wsu:Id="DoubleItSymmetricBindingSAML2SupportingPolicy"> + <wsp:ExactlyOne> + <wsp:All> + <wsam:Addressing wsp:Optional="false"> + <wsp:Policy/> + </wsam:Addressing> + <sp:SymmetricBinding> + <wsp:Policy> + <sp:ProtectionToken> + <wsp:Policy> + <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";> + <wsp:Policy> + <sp:RequireThumbprintReference/> + <sp:WssX509V3Token10/> + </wsp:Policy> + </sp:X509Token> + </wsp:Policy> + </sp:ProtectionToken> + <sp:Layout> + <wsp:Policy> + <sp:Lax/> + </wsp:Policy> + </sp:Layout> + <sp:IncludeTimestamp/> + <sp:OnlySignEntireHeadersAndBody/> + <sp:AlgorithmSuite> + <wsp:Policy> + <sp:Basic128/> + </wsp:Policy> + </sp:AlgorithmSuite> + </wsp:Policy> + </sp:SymmetricBinding> + <sp:SignedEncryptedSupportingTokens> + <wsp:Policy> + <sp:IssuedToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> + <sp:RequestSecurityTokenTemplate> + <t:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</t:TokenType> + <t:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</t:KeyType> + </sp:RequestSecurityTokenTemplate> + <wsp:Policy> + <sp:RequireInternalReference/> + </wsp:Policy> + <sp:Issuer> + <wsaw:Address>http://localhost:8080/SecurityTokenService/UT + </wsaw:Address> + <wsaw:Metadata> + <wsx:Metadata> + <wsx:MetadataSection> + <wsx:MetadataReference> + <wsaw:Address>http://localhost:8080/SecurityTokenService/UT/mex + </wsaw:Address> + </wsx:MetadataReference> + </wsx:MetadataSection> + </wsx:Metadata> + </wsaw:Metadata> + </sp:Issuer> + </sp:IssuedToken> + </wsp:Policy> + </sp:SignedEncryptedSupportingTokens> + <sp:Wss11> + <wsp:Policy> + <sp:MustSupportRefIssuerSerial/> + <sp:MustSupportRefThumbprint/> + <sp:MustSupportRefEncryptedKey/> + </wsp:Policy> + </sp:Wss11> + <sp:Trust13> + <wsp:Policy> + <sp:MustSupportIssuedTokens/> + <sp:RequireClientEntropy/> + <sp:RequireServerEntropy/> + </wsp:Policy> + </sp:Trust13> + </wsp:All> + </wsp:ExactlyOne> + </wsp:Policy> <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Input_Policy"> <wsp:ExactlyOne> <wsp:All> http://git-wip-us.apache.org/repos/asf/cxf/blob/af105982/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-client.xml ---------------------------------------------------------------------- diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-client.xml b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-client.xml index cef6329..8d82e71 100644 --- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-client.xml +++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-client.xml @@ -55,4 +55,12 @@ <entry key="ws-security.sts.client" value-ref="stsClient"/> </jaxws:properties> </jaxws:client> + + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSymmetricSAML2SupportingPort"; createdFromAPI="true"> + <jaxws:properties> + <entry key="security.encryption.properties" value="clientKeystore.properties"/> + <entry key="security.encryption.username" value="myservicekey"/> + <entry key="security.sts.client" value-ref="stsClient"/> + </jaxws:properties> + </jaxws:client> </beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/af105982/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-service.xml ---------------------------------------------------------------------- diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-service.xml b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-service.xml index 986ea56..ed9815b 100644 --- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-service.xml +++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-service.xml @@ -74,4 +74,12 @@ <entry key="ws-security.is-bsp-compliant" value="false"/> </jaxws:properties> </jaxws:endpoint> + + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt"; id="doubleitsymmetricsaml2supporting" implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl" endpointName="s:DoubleItSymmetricSAML2SupportingPort" serviceName="s:DoubleItService" address="http://localhost:${testutil.ports.x509_symmetric.Server}/doubleit/services/doubleitsymmetricsaml2supporting"; wsdlLocation="org/apache/cxf/systest/sts/x509_symmetric/DoubleIt.wsdl"> + <jaxws:properties> + <entry key="security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/> + <entry key="security.signature.properties" value="serviceKeystore.properties"/> + <entry key="ws-security.is-bsp-compliant" value="false"/> + </jaxws:properties> + </jaxws:endpoint> </beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/af105982/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-stax-service.xml ---------------------------------------------------------------------- diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-stax-service.xml b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-stax-service.xml index e2e6f28..d49b196 100644 --- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-stax-service.xml +++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/x509_symmetric/cxf-stax-service.xml @@ -77,4 +77,13 @@ <entry key="ws-security.enable.streaming" value="true"/> </jaxws:properties> </jaxws:endpoint> + + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt"; id="doubleitsymmetricsaml2supporting" implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl" endpointName="s:DoubleItSymmetricSAML2SupportingPort" serviceName="s:DoubleItService" address="http://localhost:${testutil.ports.x509_symmetric.StaxServer}/doubleit/services/doubleitsymmetricsaml2supporting"; wsdlLocation="org/apache/cxf/systest/sts/x509_symmetric/DoubleIt.wsdl"> + <jaxws:properties> + <entry key="security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/> + <entry key="security.signature.properties" value="serviceKeystore.properties"/> + <entry key="ws-security.is-bsp-compliant" value="false"/> + <entry key="ws-security.enable.streaming" value="true"/> + </jaxws:properties> + </jaxws:endpoint> </beans>
