Repository: cxf Updated Branches: refs/heads/master e5b9f0e16 -> 604167d9f
Adding @Ignore'd WS-Security + MTOM tests Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/604167d9 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/604167d9 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/604167d9 Branch: refs/heads/master Commit: 604167d9f0cfc67e01219a19a95353176ce38f79 Parents: e5b9f0e Author: Colm O hEigeartaigh <[email protected]> Authored: Tue Feb 7 16:59:02 2017 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Tue Feb 7 16:59:02 2017 +0000 ---------------------------------------------------------------------- .../cxf/systest/ws/mtom/MTOMSecurityTest.java | 60 +++++++++++- .../cxf/systest/ws/mtom/DoubleItMtom.wsdl | 96 ++++++++++++++++++-- .../org/apache/cxf/systest/ws/mtom/client.xml | 23 ++++- .../org/apache/cxf/systest/ws/mtom/server.xml | 25 ++++- 4 files changed, 189 insertions(+), 15 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/604167d9/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/mtom/MTOMSecurityTest.java ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/mtom/MTOMSecurityTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/mtom/MTOMSecurityTest.java index 508de4b..b590c96 100644 --- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/mtom/MTOMSecurityTest.java +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/mtom/MTOMSecurityTest.java @@ -89,9 +89,10 @@ public class MTOMSecurityTest extends AbstractBusClientServerTestBase { bus.shutdown(true); } - // Here we are not-inlining, but the attachments are signed (as is the SOAP Body) + // Sign an attachment without inlining @org.junit.Test - public void testSignedMTOMSwA() throws Exception { + @org.junit.Ignore + public void testSignedMTOMAction() throws Exception { SpringBusFactory bf = new SpringBusFactory(); URL busFile = MTOMSecurityTest.class.getResource("client.xml"); @@ -102,7 +103,7 @@ public class MTOMSecurityTest extends AbstractBusClientServerTestBase { URL wsdl = MTOMSecurityTest.class.getResource("DoubleItMtom.wsdl"); Service service = Service.create(wsdl, SERVICE_QNAME); - QName portQName = new QName(NAMESPACE, "DoubleItSignedMTOMSwAPort"); + QName portQName = new QName(NAMESPACE, "DoubleItSignedMTOMActionPort"); DoubleItMtomPortType port = service.getPort(portQName, DoubleItMtomPortType.class); updateAddressPort(port, PORT); @@ -219,4 +220,57 @@ public class MTOMSecurityTest extends AbstractBusClientServerTestBase { bus.shutdown(true); } + @org.junit.Test + @org.junit.Ignore + public void testAsymmetricBinaryEncryptBeforeSigningBytesInAttachment() throws Exception { + + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = MTOMSecurityTest.class.getResource("client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + URL wsdl = MTOMSecurityTest.class.getResource("DoubleItMtom.wsdl"); + Service service = Service.create(wsdl, SERVICE_QNAME); + QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricBinaryEncryptBeforeSigningPort"); + DoubleItMtomPortType port = + service.getPort(portQName, DoubleItMtomPortType.class); + updateAddressPort(port, PORT); + + DataSource source = new FileDataSource(new File("src/test/resources/java.jpg")); + DoubleIt4 doubleIt = new DoubleIt4(); + doubleIt.setNumberToDouble(25); + port.doubleIt4(25, new DataHandler(source)); + + ((java.io.Closeable)port).close(); + bus.shutdown(true); + } + + @org.junit.Test + @org.junit.Ignore + public void testSymmetricBinaryBytesInAttachment() throws Exception { + + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = MTOMSecurityTest.class.getResource("client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + URL wsdl = MTOMSecurityTest.class.getResource("DoubleItMtom.wsdl"); + Service service = Service.create(wsdl, SERVICE_QNAME); + QName portQName = new QName(NAMESPACE, "DoubleItSymmetricBinaryPort"); + DoubleItMtomPortType port = + service.getPort(portQName, DoubleItMtomPortType.class); + updateAddressPort(port, PORT); + + DataSource source = new FileDataSource(new File("src/test/resources/java.jpg")); + DoubleIt4 doubleIt = new DoubleIt4(); + doubleIt.setNumberToDouble(25); + port.doubleIt4(25, new DataHandler(source)); + + ((java.io.Closeable)port).close(); + bus.shutdown(true); + } } http://git-wip-us.apache.org/repos/asf/cxf/blob/604167d9/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/DoubleItMtom.wsdl ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/DoubleItMtom.wsdl b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/DoubleItMtom.wsdl index e97c7e0..a06edda 100644 --- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/DoubleItMtom.wsdl +++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/DoubleItMtom.wsdl @@ -52,6 +52,42 @@ </wsdl:fault> </wsdl:operation> </wsdl:binding> + <wsdl:binding name="DoubleItAsymmetricBinaryEncryptBeforeSigningBinding" type="tns:DoubleItMtomPortType"> + <wsp:PolicyReference URI="#DoubleItAsymmetricEncryptBeforeSigningPolicy"/> + <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> + <wsdl:operation name="DoubleIt4"> + <soap:operation soapAction=""/> + <wsdl:input> + <soap:body use="literal"/> + <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/> + </wsdl:input> + <wsdl:output> + <soap:body use="literal"/> + <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/> + </wsdl:output> + <wsdl:fault name="DoubleItFault"> + <soap:body use="literal" name="DoubleItFault"/> + </wsdl:fault> + </wsdl:operation> + </wsdl:binding> + <wsdl:binding name="DoubleItSymmetricBinaryBinding" type="tns:DoubleItMtomPortType"> + <wsp:PolicyReference URI="#DoubleItSymmetricPolicy"/> + <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> + <wsdl:operation name="DoubleIt4"> + <soap:operation soapAction=""/> + <wsdl:input> + <soap:body use="literal"/> + <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/> + </wsdl:input> + <wsdl:output> + <soap:body use="literal"/> + <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/> + </wsdl:output> + <wsdl:fault name="DoubleItFault"> + <soap:body use="literal" name="DoubleItFault"/> + </wsdl:fault> + </wsdl:operation> + </wsdl:binding> <wsdl:binding name="DoubleItAsymmetricBinding" type="tns:DoubleItPortType"> <wsp:PolicyReference URI="#DoubleItAsymmetricPolicy"/> <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> @@ -108,8 +144,8 @@ <wsdl:port name="DoubleItSignedMTOMInlinePort" binding="tns:DoubleItNoSecurityBinding"> <soap:address location="http://localhost:9001/DoubleItSignedMTOMInline"/> </wsdl:port> - <wsdl:port name="DoubleItSignedMTOMSwAPort" binding="tns:DoubleItNoSecurityBinding"> - <soap:address location="http://localhost:9001/DoubleItSignedMTOMSwA"/> + <wsdl:port name="DoubleItSignedMTOMActionPort" binding="tns:DoubleItNoSecurityBinding"> + <soap:address location="http://localhost:9001/DoubleItSignedMTOMAction"/> </wsdl:port> <wsdl:port name="DoubleItAsymmetricPort" binding="tns:DoubleItAsymmetricBinding"> <soap:address location="http://localhost:9001/DoubleItX509Asymmetric"/> @@ -123,6 +159,12 @@ <wsdl:port name="DoubleItAsymmetricBinaryPort" binding="tns:DoubleItAsymmetricBinaryBinding"> <soap:address location="http://localhost:9001/DoubleItX509AsymmetricBinary"/> </wsdl:port> + <wsdl:port name="DoubleItAsymmetricBinaryEncryptBeforeSigningPort" binding="tns:DoubleItAsymmetricBinaryEncryptBeforeSigningBinding"> + <soap:address location="http://localhost:9001/DoubleItX509AsymmetricBinaryEncryptBeforeSigning"/> + </wsdl:port> + <wsdl:port name="DoubleItSymmetricBinaryPort" binding="tns:DoubleItSymmetricBinaryBinding"> + <soap:address location="http://localhost:9001/DoubleItX509SymmetricBinary"/> + </wsdl:port> </wsdl:service> <wsp:Policy wsu:Id="DoubleItAsymmetricPolicy"> @@ -166,6 +208,48 @@ </wsp:ExactlyOne> </wsp:Policy> + <wsp:Policy wsu:Id="DoubleItAsymmetricEncryptBeforeSigningPolicy"> + <wsp:ExactlyOne> + <wsp:All> + <sp:AsymmetricBinding> + <wsp:Policy> + <sp:InitiatorToken> + <wsp:Policy> + <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> + <wsp:Policy> + <sp:WssX509V3Token10/> + </wsp:Policy> + </sp:X509Token> + </wsp:Policy> + </sp:InitiatorToken> + <sp:RecipientToken> + <wsp:Policy> + <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";> + <wsp:Policy> + <sp:WssX509V3Token10/> + </wsp:Policy> + </sp:X509Token> + </wsp:Policy> + </sp:RecipientToken> + <sp:Layout> + <wsp:Policy> + <sp:Lax/> + </wsp:Policy> + </sp:Layout> + <sp:IncludeTimestamp/> + <sp:OnlySignEntireHeadersAndBody/> + <sp:AlgorithmSuite> + <wsp:Policy> + <sp:Basic128/> + </wsp:Policy> + </sp:AlgorithmSuite> + <sp:EncryptBeforeSigning/> + </wsp:Policy> + </sp:AsymmetricBinding> + </wsp:All> + </wsp:ExactlyOne> + </wsp:Policy> + <wsp:Policy wsu:Id="DoubleItSymmetricPolicy"> <wsp:ExactlyOne> <wsp:All> @@ -204,9 +288,9 @@ <sp:EncryptedParts> <sp:Body/> </sp:EncryptedParts> - <!--<sp:SignedParts> + <sp:SignedParts> <sp:Body/> - </sp:SignedParts>--> + </sp:SignedParts> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> @@ -217,9 +301,9 @@ <sp:EncryptedParts> <sp:Body/> </sp:EncryptedParts> - <!--<sp:SignedParts> + <sp:SignedParts> <sp:Body/> - </sp:SignedParts>--> + </sp:SignedParts> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> http://git-wip-us.apache.org/repos/asf/cxf/blob/604167d9/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/client.xml ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/client.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/client.xml index ea20c55..6a98bf1 100644 --- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/client.xml +++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/client.xml @@ -52,7 +52,7 @@ </jaxws:inInterceptors> </jaxws:client> - <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignedMTOMSwAPort"; createdFromAPI="true"> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignedMTOMActionPort"; createdFromAPI="true"> <jaxws:outInterceptors> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <constructor-arg> @@ -62,7 +62,7 @@ <entry key="signaturePropFile" value="alice.properties"/> <entry key="signatureKeyIdentifier" value="DirectReference"/> <entry key="signatureParts" - value="{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{}{http://schemas.xmlsoap.org/soap/envelope/}Body;{}cid:Attachments;"/> + value="{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{}{http://schemas.xmlsoap.org/soap/envelope/}Body;"/> <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/> </map> </constructor-arg> @@ -145,4 +145,23 @@ </jaxws:properties> </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItAsymmetricBinaryEncryptBeforeSigningPort"; createdFromAPI="true"> + <jaxws:properties> + <entry key="security.encryption.properties" value="bob.properties"/> + <entry key="security.encryption.username" value="bob"/> + <entry key="security.signature.properties" value="alice.properties"/> + <entry key="security.signature.username" value="alice"/> + <entry key="security.callback-handler" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/> + <entry key="mtom-enabled" value="true"/> + </jaxws:properties> + </jaxws:client> + + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSymmetricBinaryPort"; createdFromAPI="true"> + <jaxws:properties> + <entry key="security.encryption.properties" value="bob.properties"/> + <entry key="security.encryption.username" value="bob"/> + <entry key="mtom-enabled" value="true"/> + </jaxws:properties> + </jaxws:client> + </beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/604167d9/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/server.xml ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/server.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/server.xml index 38b13b8..413d141 100644 --- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/server.xml +++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/server.xml @@ -59,9 +59,9 @@ </jaxws:properties> </jaxws:endpoint> - <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt"; id="SignedMTOMSwA" - address="http://localhost:${testutil.ports.mtom.Server}/DoubleItSignedMTOMSwA"; - serviceName="s:DoubleItService" endpointName="s:DoubleItSignedMTOMSwAPort" + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt"; id="SignedMTOMAction" + address="http://localhost:${testutil.ports.mtom.Server}/DoubleItSignedMTOMAction"; + serviceName="s:DoubleItService" endpointName="s:DoubleItSignedMTOMActionPort" implementor="org.apache.cxf.systest.ws.mtom.DoubleIt4Impl" wsdlLocation="org/apache/cxf/systest/ws/mtom/DoubleItMtom.wsdl"> <jaxws:outInterceptors> @@ -83,7 +83,6 @@ <map> <entry key="action" value="Signature Timestamp"/> <entry key="signatureVerificationPropFile" value="bob.properties"/> - <entry key="expandXOPIncludeForSignature" value="false"/> </map> </constructor-arg> </bean> @@ -151,4 +150,22 @@ </jaxws:properties> </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt"; id="AsymmetricBinaryEncryptBeforeSigning" address="http://localhost:${testutil.ports.mtom.Server}/DoubleItX509AsymmetricBinaryEncryptBeforeSigning"; serviceName="s:DoubleItService" endpointName="s:DoubleItAsymmetricBinaryEncryptBeforeSigningPort" implementor="org.apache.cxf.systest.ws.mtom.DoubleIt4Impl" wsdlLocation="org/apache/cxf/systest/ws/mtom/DoubleItMtom.wsdl"> + <jaxws:properties> + <entry key="security.callback-handler" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/> + <entry key="security.signature.properties" value="bob.properties"/> + <entry key="security.encryption.properties" value="alice.properties"/> + <entry key="security.encryption.username" value="alice"/> + <entry key="mtom-enabled" value="true"/> + </jaxws:properties> + </jaxws:endpoint> + + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt"; id="SymmetricBinary" address="http://localhost:${testutil.ports.mtom.Server}/DoubleItX509SymmetricBinary"; serviceName="s:DoubleItService" endpointName="s:DoubleItSymmetricBinaryPort" implementor="org.apache.cxf.systest.ws.mtom.DoubleIt4Impl" wsdlLocation="org/apache/cxf/systest/ws/mtom/DoubleItMtom.wsdl"> + <jaxws:properties> + <entry key="security.callback-handler" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/> + <entry key="security.signature.properties" value="bob.properties"/> + <entry key="mtom-enabled" value="true"/> + </jaxws:properties> + </jaxws:endpoint> + </beans>
