This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/master by this push:
new 51df5be Added a WS-SecurityPolicy code-first demo
51df5be is described below
commit 51df5beeb200a77c274f6c93ca4f65145a1ddcd7
Author: Colm O hEigeartaigh <cohei...@apache.org>
AuthorDate: Thu Apr 12 12:03:53 2018 +0100
Added a WS-SecurityPolicy code-first demo
---
.../cxf/systest/ws/ut/UsernameTokenTest.java | 58 ++++++++++++++++++++++
.../ws/ut/plaintext-pass-timestamp-policy.xml | 38 ++++++++++++++
2 files changed, 96 insertions(+)
diff --git
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
index 101fbaf..6a99d39 100644
---
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
+++
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
@@ -24,12 +24,15 @@ import java.net.URL;
import java.security.KeyStore;
import java.util.Arrays;
import java.util.Collection;
+import java.util.Collections;
import javax.net.ssl.TrustManagerFactory;
import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;
+import org.w3c.dom.Element;
+
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
@@ -37,10 +40,13 @@ import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
+import org.apache.cxf.staxutils.StaxUtils;
import org.apache.cxf.systest.ws.common.SecurityTestUtil;
import org.apache.cxf.systest.ws.common.TestParam;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.ws.policy.WSPolicyFeature;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.example.contract.doubleit.DoubleItPortType;
@@ -140,6 +146,58 @@ public class UsernameTokenTest extends
AbstractBusClientServerTestBase {
((java.io.Closeable)utPort).close();
}
+ // Here we are not using the WSDL and so need to add the policy manually
on the client side
+ @org.junit.Test
+ public void testPlaintextCodeFirst() throws Exception {
+
+ String address = "https://localhost:"; + PORT + "/DoubleItUTPlaintext";
+ QName portQName = new QName(NAMESPACE, "DoubleItPlaintextPort");
+
+ WSPolicyFeature policyFeature = new WSPolicyFeature();
+ Element policyElement =
+
StaxUtils.read(getClass().getResourceAsStream("plaintext-pass-timestamp-policy.xml")).getDocumentElement();
+
policyFeature.setPolicyElements(Collections.singletonList(policyElement));
+
+ JaxWsProxyFactoryBean clientFactoryBean = new JaxWsProxyFactoryBean();
+
clientFactoryBean.setFeatures(Collections.singletonList(policyFeature));
+ clientFactoryBean.setAddress(address);
+ clientFactoryBean.setServiceName(SERVICE_QNAME);
+ clientFactoryBean.setEndpointName(portQName);
+ clientFactoryBean.setServiceClass(DoubleItPortType.class);
+
+ DoubleItPortType port = (DoubleItPortType)clientFactoryBean.create();
+
+ if (test.isStreaming()) {
+ SecurityTestUtil.enableStreaming(port);
+ }
+
+
((BindingProvider)port).getRequestContext().put(SecurityConstants.USERNAME,
"Alice");
+
+
((BindingProvider)port).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER,
+
"org.apache.cxf.systest.ws.common.UTPasswordCallback");
+
+ TrustManagerFactory tmf =
+
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ final KeyStore ts = KeyStore.getInstance("JKS");
+ try (InputStream trustStore =
+ ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks",
UsernameTokenTest.class)) {
+ ts.load(trustStore, "password".toCharArray());
+ }
+ tmf.init(ts);
+
+ TLSClientParameters tlsParams = new TLSClientParameters();
+ tlsParams.setTrustManagers(tmf.getTrustManagers());
+ tlsParams.setDisableCNCheck(true);
+
+ Client client = ClientProxy.getClient(port);
+ HTTPConduit http = (HTTPConduit) client.getConduit();
+ http.setTlsClientParameters(tlsParams);
+
+ assertEquals(50, port.doubleIt(25));
+
+ ((java.io.Closeable)port).close();
+ }
+
@org.junit.Test
public void testPlaintext() throws Exception {
diff --git
a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/plaintext-pass-timestamp-policy.xml
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/plaintext-pass-timestamp-policy.xml
new file mode 100644
index 0000000..265bf4e
--- /dev/null
+++
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/plaintext-pass-timestamp-policy.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0"?>
+<wsp:Policy
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://www.w3.org/ns/ws-policy";
wsu:Id="TransportUsernameTokenPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken>
+ <wsp:Policy/>
+ </sp:HttpsToken>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+ <wsp:Policy>
+ <sp:WssUsernameToken10/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
--
To stop receiving notification emails like this one, please contact
cohei...@apache.org.
