Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTDerivedKeyTest.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTDerivedKeyTest.java?rev=1043498&r1=1043497&r2=1043498&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTDerivedKeyTest.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTDerivedKeyTest.java Wed Dec 8 16:28:19 2010 @@ -24,10 +24,10 @@ import org.apache.commons.logging.LogFac import org.apache.ws.security.WSConstants; import org.apache.ws.security.WSSecurityEngineResult; import org.apache.ws.security.WSSecurityException; -import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSecurityEngine; import org.apache.ws.security.common.EncodedPasswordCallbackHandler; import org.apache.ws.security.common.SOAPUtil; +import org.apache.ws.security.common.UsernamePasswordCallbackHandler; import org.apache.ws.security.components.crypto.Crypto; import org.apache.ws.security.components.crypto.CryptoFactory; import org.apache.ws.security.message.token.UsernameToken; @@ -35,11 +35,7 @@ import org.apache.ws.security.util.Base6 import org.apache.ws.security.util.WSSecurityUtil; import org.w3c.dom.Document; -import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; - -import java.io.IOException; import java.security.MessageDigest; import java.util.Arrays; @@ -50,7 +46,7 @@ import java.util.List; * UsernameTokenProfile 1.1 specification. The derived keys are used to encrypt * and sign, as per wsc:DerivedKeyToken. */ -public class UTDerivedKeyTest extends org.junit.Assert implements CallbackHandler { +public class UTDerivedKeyTest extends org.junit.Assert { private static final Log LOG = LogFactory.getLog(UTDerivedKeyTest.class); private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" @@ -66,6 +62,7 @@ public class UTDerivedKeyTest extends or + "</SOAP-ENV:Envelope>"; private WSSecurityEngine secEngine = new WSSecurityEngine(); + private CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler(); private Crypto crypto = CryptoFactory.getInstance(); /** @@ -270,7 +267,7 @@ public class UTDerivedKeyTest extends or /** * Test using a UsernameToken derived key for encrypting a SOAP body. In this test the - * user is "alice" rather than "bob", and so decryption should fail. + * user is "colm" rather than "bob", and so decryption should fail. */ @org.junit.Test public void testDerivedKeyBadUserEncryption() throws Exception { @@ -279,7 +276,7 @@ public class UTDerivedKeyTest extends or secHeader.insertSecurityHeader(doc); WSSecUsernameToken builder = new WSSecUsernameToken(); - builder.setUserInfo("alice", "security"); + builder.setUserInfo("colm", "security"); builder.addDerivedKey(false, null, 1000); builder.prepare(doc); @@ -468,7 +465,7 @@ public class UTDerivedKeyTest extends or /** * Test using a UsernameToken derived key for signing a SOAP body. In this test the - * user is "alice" rather than "bob", and so signature verification should fail. + * user is "colm" rather than "bob", and so signature verification should fail. */ @org.junit.Test public void testDerivedKeyBadUserSignature() throws Exception { @@ -477,7 +474,7 @@ public class UTDerivedKeyTest extends or secHeader.insertSecurityHeader(doc); WSSecUsernameToken builder = new WSSecUsernameToken(); - builder.setUserInfo("alice", "security"); + builder.setUserInfo("colm", "security"); builder.addDerivedKey(true, null, 1000); builder.prepare(doc); @@ -518,25 +515,7 @@ public class UTDerivedKeyTest extends or * @throws java.lang.Exception Thrown when there is a problem in verification */ private List<WSSecurityEngineResult> verify(Document doc) throws Exception { - return secEngine.processSecurityHeader(doc, null, this, crypto); - } - - - public void handle(Callback[] callbacks) - throws IOException, UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof WSPasswordCallback) { - WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; - if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN - && "bob".equals(pc.getIdentifier())) { - pc.setPassword("security"); - } else { - throw new IOException("Authentication failed"); - } - } else { - throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); - } - } + return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto); } }
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTSignatureTest.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTSignatureTest.java?rev=1043498&r1=1043497&r2=1043498&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTSignatureTest.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTSignatureTest.java Wed Dec 8 16:28:19 2010 @@ -25,10 +25,10 @@ import org.apache.ws.security.WSConstant import org.apache.ws.security.WSSConfig; import org.apache.ws.security.WSSecurityEngineResult; import org.apache.ws.security.WSSecurityException; -import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSecurityEngine; import org.apache.ws.security.common.CustomHandler; import org.apache.ws.security.common.SOAPUtil; +import org.apache.ws.security.common.UsernamePasswordCallbackHandler; import org.apache.ws.security.components.crypto.Crypto; import org.apache.ws.security.components.crypto.CryptoFactory; import org.apache.ws.security.handler.RequestData; @@ -36,11 +36,7 @@ import org.apache.ws.security.handler.WS import org.apache.ws.security.util.WSSecurityUtil; import org.w3c.dom.Document; -import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; - -import java.io.IOException; import java.util.List; @@ -52,7 +48,7 @@ import java.util.List; * different to UTWseSignatureTest, which derives a key for signature using a * non-standard implementation. */ -public class UTSignatureTest extends org.junit.Assert implements CallbackHandler { +public class UTSignatureTest extends org.junit.Assert { private static final Log LOG = LogFactory.getLog(UTSignatureTest.class); private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" @@ -68,6 +64,7 @@ public class UTSignatureTest extends org + "</SOAP-ENV:Envelope>"; private WSSecurityEngine secEngine = new WSSecurityEngine(); + private CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler(); private Crypto crypto = CryptoFactory.getInstance(); /** @@ -115,7 +112,7 @@ public class UTSignatureTest extends org /** * Test using a UsernameToken derived key for signing a SOAP body. In this test the - * user is "alice" rather than "bob", and so signature verification should fail. + * user is "colm" rather than "bob", and so signature verification should fail. */ @org.junit.Test public void testBadUserSignature() throws Exception { @@ -124,7 +121,7 @@ public class UTSignatureTest extends org secHeader.insertSecurityHeader(doc); WSSecUsernameToken builder = new WSSecUsernameToken(); - builder.setUserInfo("alice", "security"); + builder.setUserInfo("colm", "security"); builder.addDerivedKey(true, null, 1000); builder.prepare(doc); @@ -163,7 +160,7 @@ public class UTSignatureTest extends org RequestData reqData = new RequestData(); reqData.setWssConfig(cfg); java.util.Map<String, Object> messageContext = new java.util.TreeMap<String, Object>(); - messageContext.put(WSHandlerConstants.PW_CALLBACK_REF, this); + messageContext.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler); messageContext.put(WSHandlerConstants.USE_DERIVED_KEY, "true"); reqData.setMsgContext(messageContext); reqData.setUsername("bob"); @@ -209,7 +206,7 @@ public class UTSignatureTest extends org RequestData reqData = new RequestData(); reqData.setWssConfig(cfg); java.util.Map<String, Object> messageContext = new java.util.TreeMap<String, Object>(); - messageContext.put(WSHandlerConstants.PW_CALLBACK_REF, this); + messageContext.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler); messageContext.put(WSHandlerConstants.USE_DERIVED_KEY, "true"); messageContext.put(WSHandlerConstants.DERIVED_KEY_ITERATIONS, "1234"); reqData.setMsgContext(messageContext); @@ -254,25 +251,7 @@ public class UTSignatureTest extends org * @throws java.lang.Exception Thrown when there is a problem in verification */ private List<WSSecurityEngineResult> verify(Document doc) throws Exception { - return secEngine.processSecurityHeader(doc, null, this, crypto); - } - - - public void handle(Callback[] callbacks) - throws IOException, UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof WSPasswordCallback) { - WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; - if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN - && "bob".equals(pc.getIdentifier())) { - pc.setPassword("security"); - } else { - throw new IOException("Authentication failed"); - } - } else { - throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); - } - } + return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto); } } Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTWseSignatureTest.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTWseSignatureTest.java?rev=1043498&r1=1043497&r2=1043498&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTWseSignatureTest.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UTWseSignatureTest.java Wed Dec 8 16:28:19 2010 @@ -21,21 +21,18 @@ package org.apache.ws.security.message; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSConfig; import org.apache.ws.security.WSSecurityEngine; import org.apache.ws.security.WSConstants; import org.apache.ws.security.common.CustomHandler; import org.apache.ws.security.common.SOAPUtil; +import org.apache.ws.security.common.UsernamePasswordCallbackHandler; import org.apache.ws.security.handler.RequestData; import org.apache.ws.security.handler.WSHandlerConstants; import org.w3c.dom.Document; -import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; -import java.io.IOException; /** @@ -43,7 +40,7 @@ import java.io.IOException; * * @author Werner Dittmann ([email protected]) */ -public class UTWseSignatureTest extends org.junit.Assert implements CallbackHandler { +public class UTWseSignatureTest extends org.junit.Assert { private static final Log LOG = LogFactory.getLog(UTWseSignatureTest.class); private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" @@ -59,6 +56,7 @@ public class UTWseSignatureTest extends + "</SOAP-ENV:Envelope>"; private WSSecurityEngine secEngine = new WSSecurityEngine(); + private CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler(); /** * Test the specific signing method that use UsernameToken values @@ -144,7 +142,7 @@ public class UTWseSignatureTest extends // It should fail on the default key length of 16... // try { - secEngine.processSecurityHeader(doc, null, this, null); + secEngine.processSecurityHeader(doc, null, callbackHandler, null); fail ("An error was expected on verifying the signature"); } catch (Exception ex) { // expected @@ -154,7 +152,7 @@ public class UTWseSignatureTest extends WSSConfig wssConfig = WSSConfig.getNewInstance(); wssConfig.setSecretKeyLength(32); wss226SecurityEngine.setWssConfig(wssConfig); - wss226SecurityEngine.processSecurityHeader(doc, null, this, null); + wss226SecurityEngine.processSecurityHeader(doc, null, callbackHandler, null); } /** @@ -192,7 +190,7 @@ public class UTWseSignatureTest extends // It should fail on the default key length of 16... // try { - secEngine.processSecurityHeader(doc, null, this, null); + secEngine.processSecurityHeader(doc, null, callbackHandler, null); fail ("An error was expected on verifying the signature"); } catch (Exception ex) { // expected @@ -202,7 +200,7 @@ public class UTWseSignatureTest extends WSSecurityEngine wss226SecurityEngine = new WSSecurityEngine(); wss226SecurityEngine.setWssConfig(reqData.getWssConfig()); - wss226SecurityEngine.processSecurityHeader(doc, null, this, null); + wss226SecurityEngine.processSecurityHeader(doc, null, callbackHandler, null); } /** @@ -256,25 +254,8 @@ public class UTWseSignatureTest extends */ private void verify(Document doc) throws Exception { LOG.info("Before verifying UsernameToken...."); - secEngine.processSecurityHeader(doc, null, this, null); + secEngine.processSecurityHeader(doc, null, callbackHandler, null); LOG.info("After verifying UsernameToken...."); } - public void handle(Callback[] callbacks) - throws IOException, UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof WSPasswordCallback) { - WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; - /* - * here call a function/method to lookup the password for - * the given identifier (e.g. a user name or keystore alias) - * e.g.: pc.setPassword(passStore.getPassword(pc.getIdentfifier)) - * for Testing we supply a fixed name here. - */ - pc.setPassword("verySecret"); - } else { - throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); - } - } - } } Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UsernameTokenTest.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UsernameTokenTest.java?rev=1043498&r1=1043497&r2=1043498&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UsernameTokenTest.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/UsernameTokenTest.java Wed Dec 8 16:28:19 2010 @@ -28,6 +28,7 @@ import org.apache.ws.security.WSConstant import org.apache.ws.security.WSSConfig; import org.apache.ws.security.common.CustomHandler; import org.apache.ws.security.common.EncodedPasswordCallbackHandler; +import org.apache.ws.security.common.UsernamePasswordCallbackHandler; import org.apache.ws.security.common.SOAPUtil; import org.apache.ws.security.handler.RequestData; import org.apache.ws.security.handler.WSHandlerConstants; @@ -113,6 +114,7 @@ public class UsernameTokenTest extends o + "</SOAP-ENV:Body>\r\n \r\n" + "</SOAP-ENV:Envelope>"; private WSSecurityEngine secEngine = new WSSecurityEngine(); + private CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler(); /** * Test that adds a UserNameToken with password Digest to a WS-Security envelope @@ -369,7 +371,7 @@ public class UsernameTokenTest extends o public void testUsernameTokenNoPassword() throws Exception { WSSecUsernameToken builder = new WSSecUsernameToken(); builder.setPasswordType(null); - builder.setUserInfo("wernerd", null); + builder.setUserInfo("nopassuser", null); LOG.info("Before adding UsernameToken with no password...."); Document doc = SOAPUtil.toSOAPPart(SOAPMSG); WSSecHeader secHeader = new WSSecHeader(); @@ -407,7 +409,7 @@ public class UsernameTokenTest extends o org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc); LOG.debug(outputString); } - verify(signedDoc); + secEngine.processSecurityHeader(doc, null, this, null); } /** @@ -423,7 +425,7 @@ public class UsernameTokenTest extends o LOG.debug(outputString); } - verify(doc); + secEngine.processSecurityHeader(doc, null, this, null); } /** @@ -448,7 +450,7 @@ public class UsernameTokenTest extends o LOG.debug(outputString); } try { - verify(signedDoc); + secEngine.processSecurityHeader(signedDoc, null, this, null); throw new Exception("Custom token types are not permitted"); } catch (WSSecurityException ex) { assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION); @@ -478,7 +480,7 @@ public class UsernameTokenTest extends o LOG.debug(outputString); } try { - verify(signedDoc); + secEngine.processSecurityHeader(signedDoc, null, this, null); throw new Exception("Custom token types are not permitted"); } catch (WSSecurityException ex) { assertTrue(ex.getErrorCode() == WSSecurityException.FAILED_AUTHENTICATION); @@ -514,7 +516,7 @@ public class UsernameTokenTest extends o WSSConfig cfg = WSSConfig.getNewInstance(); cfg.setHandleCustomPasswordTypes(true); secEngine.setWssConfig(cfg); - verify(signedDoc); + secEngine.processSecurityHeader(signedDoc, null, this, null); // // Go back to default for other tests @@ -690,19 +692,19 @@ public class UsernameTokenTest extends o */ private void verify(Document doc) throws Exception { LOG.info("Before verifying UsernameToken...."); - secEngine.processSecurityHeader(doc, null, this, null); + secEngine.processSecurityHeader(doc, null, callbackHandler, null); LOG.info("After verifying UsernameToken...."); } + /** + * A CallbackHandler for some (mostly insecure) scenarios. + */ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof WSPasswordCallback) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN - && "wernerd".equals(pc.getIdentifier())) { - pc.setPassword("verySecret"); - } else if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN && "emptyuser".equals(pc.getIdentifier())) { pc.setPassword(""); } else if ( Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BSTKerberosTest.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BSTKerberosTest.java?rev=1043498&r1=1043497&r2=1043498&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BSTKerberosTest.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/BSTKerberosTest.java Wed Dec 8 16:28:19 2010 @@ -22,10 +22,10 @@ package org.apache.ws.security.message.t import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.ws.security.WSEncryptionPart; -import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSecurityEngine; import org.apache.ws.security.WSSConfig; import org.apache.ws.security.WSConstants; +import org.apache.ws.security.common.KeystoreCallbackHandler; import org.apache.ws.security.common.SOAPUtil; import org.apache.ws.security.components.crypto.Crypto; import org.apache.ws.security.components.crypto.CryptoFactory; @@ -36,16 +36,13 @@ import org.apache.ws.security.message.to import org.apache.ws.security.util.WSSecurityUtil; import org.w3c.dom.Document; -import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; -import java.io.IOException; import java.util.ArrayList; /** * This is a test for the Kerberos Token Profile 1.1 */ -public class BSTKerberosTest extends org.junit.Assert implements CallbackHandler { +public class BSTKerberosTest extends org.junit.Assert { private static final Log LOG = LogFactory.getLog(BSTKerberosTest.class); private static final String AP_REQ = "http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5_AP_REQ";; @@ -65,6 +62,7 @@ public class BSTKerberosTest extends org + "</SOAP-ENV:Envelope>"; private WSSecurityEngine secEngine = new WSSecurityEngine(); + private CallbackHandler callbackHandler = new KeystoreCallbackHandler(); private Crypto crypto = CryptoFactory.getInstance(); /** @@ -185,7 +183,7 @@ public class BSTKerberosTest extends org * @throws Exception Thrown when there is a problem in verification */ private void verify(Document doc) throws Exception { - secEngine.processSecurityHeader(doc, null, this, crypto); + secEngine.processSecurityHeader(doc, null, callbackHandler, crypto); if (LOG.isDebugEnabled()) { LOG.debug("Verfied and decrypted message:"); String outputString = @@ -194,21 +192,4 @@ public class BSTKerberosTest extends org } } - public void handle(Callback[] callbacks) - throws IOException, UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof WSPasswordCallback) { - WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; - /* - * here call a function/method to lookup the password for - * the given identifier (e.g. a user name or keystore alias) - * e.g.: pc.setPassword(passStore.getPassword(pc.getIdentfifier)) - * for Testing we supply a fixed name here. - */ - pc.setPassword("security"); - } else { - throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); - } - } - } } Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/WCFUsernameTokenTest.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/WCFUsernameTokenTest.java?rev=1043498&r1=1043497&r2=1043498&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/WCFUsernameTokenTest.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/token/WCFUsernameTokenTest.java Wed Dec 8 16:28:19 2010 @@ -22,17 +22,13 @@ package org.apache.ws.security.message.t import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.ws.security.WSSecurityException; -import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSecurityEngine; -import org.apache.ws.security.WSConstants; import org.apache.ws.security.WSSConfig; import org.apache.ws.security.common.SOAPUtil; +import org.apache.ws.security.common.UsernamePasswordCallbackHandler; import org.w3c.dom.Document; -import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; -import java.io.IOException; /** @@ -41,7 +37,7 @@ import java.io.IOException; * The issue is that WCF generated Username Tokens where the password type is namespace * qualified (incorrectly). WSS-199 added the ability to process these Username Tokens. */ -public class WCFUsernameTokenTest extends org.junit.Assert implements CallbackHandler { +public class WCFUsernameTokenTest extends org.junit.Assert { private static final Log LOG = LogFactory.getLog(WCFUsernameTokenTest.class); private static final String SOAPUTMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" @@ -62,6 +58,7 @@ public class WCFUsernameTokenTest extend + "</SOAP-ENV:Body>\r\n \r\n" + "</SOAP-ENV:Envelope>"; private WSSecurityEngine secEngine = new WSSecurityEngine(); + private CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler(); /** * Test that adds a UserNameToken with a namespace qualified type. This should fail @@ -115,27 +112,8 @@ public class WCFUsernameTokenTest extend */ private void verify(Document doc) throws Exception { LOG.info("Before verifying UsernameToken...."); - secEngine.processSecurityHeader(doc, null, this, null); + secEngine.processSecurityHeader(doc, null, callbackHandler, null); LOG.info("After verifying UsernameToken...."); } - public void handle(Callback[] callbacks) - throws IOException, UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof WSPasswordCallback) { - WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; - assertEquals(pc.getPasswordType(), WSConstants.PASSWORD_TEXT); - if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN - && "wernerd".equals(pc.getIdentifier())) { - pc.setPassword("verySecret"); - } else if ( - pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN - ) { - throw new IOException("Authentication failed"); - } - } else { - throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); - } - } - } } Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/EncryptedKeyDataRefTest.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/EncryptedKeyDataRefTest.java?rev=1043498&r1=1043497&r2=1043498&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/EncryptedKeyDataRefTest.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/EncryptedKeyDataRefTest.java Wed Dec 8 16:28:19 2010 @@ -19,22 +19,19 @@ package org.apache.ws.security.processor; -import java.io.IOException; import java.util.List; import java.util.ArrayList; -import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.ws.security.WSConstants; import org.apache.ws.security.WSDataRef; import org.apache.ws.security.WSEncryptionPart; -import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSecurityEngine; import org.apache.ws.security.WSSecurityEngineResult; +import org.apache.ws.security.common.KeystoreCallbackHandler; import org.apache.ws.security.common.SOAPUtil; import org.apache.ws.security.components.crypto.Crypto; import org.apache.ws.security.components.crypto.CryptoFactory; @@ -56,7 +53,7 @@ import org.w3c.dom.Element; * WSDataRef object must contain the correct QName of the decrypted element. * */ -public class EncryptedKeyDataRefTest extends org.junit.Assert implements CallbackHandler { +public class EncryptedKeyDataRefTest extends org.junit.Assert { private static final Log LOG = LogFactory.getLog(EncryptedKeyDataRefTest.class); private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" @@ -70,6 +67,7 @@ public class EncryptedKeyDataRefTest ext + "</SOAP-ENV:Envelope>"; private WSSecurityEngine secEngine = new WSSecurityEngine(); + private CallbackHandler callbackHandler = new KeystoreCallbackHandler(); private Crypto crypto = CryptoFactory.getInstance("wss40.properties"); /** @@ -142,7 +140,7 @@ public class EncryptedKeyDataRefTest ext // Retrieve the wsResults List List<WSSecurityEngineResult> wsResults = - secEngine.processSecurityHeader(doc, null, this, crypto); + secEngine.processSecurityHeader(doc, null, callbackHandler, crypto); boolean found = false; for (int i = 0; i < wsResults.size(); i++) { @@ -190,22 +188,4 @@ public class EncryptedKeyDataRefTest ext } - public void handle(Callback[] callbacks) throws IOException, - UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof WSPasswordCallback) { - WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; - /* - * here call a function/method to lookup the password for the - * given identifier (e.g. a user name or keystore alias) e.g.: - * pc.setPassword(passStore.getPassword(pc.getIdentfifier)) for - * Testing we supply a fixed name here. - */ - pc.setPassword("security"); - } else { - throw new UnsupportedCallbackException(callbacks[i], - "Unrecognized Callback"); - } - } - } } Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/ReferenceListDataRefTest.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/ReferenceListDataRefTest.java?rev=1043498&r1=1043497&r2=1043498&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/ReferenceListDataRefTest.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/processor/ReferenceListDataRefTest.java Wed Dec 8 16:28:19 2010 @@ -19,22 +19,19 @@ package org.apache.ws.security.processor; -import java.io.IOException; import java.util.List; import java.util.ArrayList; -import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.ws.security.WSConstants; import org.apache.ws.security.WSDataRef; import org.apache.ws.security.WSEncryptionPart; -import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSecurityEngine; import org.apache.ws.security.WSSecurityEngineResult; +import org.apache.ws.security.common.KeystoreCallbackHandler; import org.apache.ws.security.common.SOAPUtil; import org.apache.ws.security.components.crypto.Crypto; import org.apache.ws.security.components.crypto.CryptoFactory; @@ -56,7 +53,7 @@ import org.w3c.dom.Element; * WSDataRef object must contain the correct QName of the decrypted element. * */ -public class ReferenceListDataRefTest extends org.junit.Assert implements CallbackHandler { +public class ReferenceListDataRefTest extends org.junit.Assert { private static final Log LOG = LogFactory.getLog(ReferenceListDataRefTest.class); private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" @@ -70,6 +67,7 @@ public class ReferenceListDataRefTest ex + "</SOAP-ENV:Envelope>"; private WSSecurityEngine secEngine = new WSSecurityEngine(); + private CallbackHandler callbackHandler = new KeystoreCallbackHandler(); private Crypto crypto = CryptoFactory.getInstance("wss40.properties"); /** @@ -138,7 +136,7 @@ public class ReferenceListDataRefTest ex // Retrieve the wsResults List List<WSSecurityEngineResult> wsResults = - secEngine.processSecurityHeader(doc, null, this, crypto); + secEngine.processSecurityHeader(doc, null, callbackHandler, crypto); boolean found = false; for (int i = 0; i < wsResults.size(); i++) { @@ -186,22 +184,4 @@ public class ReferenceListDataRefTest ex } - public void handle(Callback[] callbacks) throws IOException, - UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof WSPasswordCallback) { - WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; - /* - * here call a function/method to lookup the password for the - * given identifier (e.g. a user name or keystore alias) e.g.: - * pc.setPassword(passStore.getPassword(pc.getIdentfifier)) for - * Testing we supply a fixed name here. - */ - pc.setPassword("security"); - } else { - throw new UnsupportedCallbackException(callbacks[i], - "Unrecognized Callback"); - } - } - } } Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlReferenceTest.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlReferenceTest.java?rev=1043498&r1=1043497&r2=1043498&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlReferenceTest.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlReferenceTest.java Wed Dec 8 16:28:19 2010 @@ -23,9 +23,9 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.ws.security.WSConstants; import org.apache.ws.security.WSEncryptionPart; -import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSecurityEngine; import org.apache.ws.security.WSSecurityEngineResult; +import org.apache.ws.security.common.KeystoreCallbackHandler; import org.apache.ws.security.common.SOAPUtil; import org.apache.ws.security.components.crypto.Crypto; import org.apache.ws.security.components.crypto.CryptoFactory; @@ -40,18 +40,15 @@ import org.w3c.dom.Node; import org.opensaml.SAMLAssertion; -import java.io.IOException; import java.util.List; import java.util.ArrayList; -import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; /** * Some tests for how SAML tokens are referenced. */ -public class SamlReferenceTest extends org.junit.Assert implements CallbackHandler { +public class SamlReferenceTest extends org.junit.Assert { private static final Log LOG = LogFactory.getLog(SamlReferenceTest.class); private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" @@ -65,6 +62,7 @@ public class SamlReferenceTest extends o + "</SOAP-ENV:Envelope>"; private WSSecurityEngine secEngine = new WSSecurityEngine(); + private CallbackHandler callbackHandler = new KeystoreCallbackHandler(); /** * The body of the SOAP request is encrypted using a secret key, which is in turn encrypted @@ -181,30 +179,11 @@ public class SamlReferenceTest extends o */ private List<WSSecurityEngineResult> verify(Document doc, Crypto verifyCrypto) throws Exception { List<WSSecurityEngineResult> results = - secEngine.processSecurityHeader(doc, null, this, verifyCrypto); + secEngine.processSecurityHeader(doc, null, callbackHandler, verifyCrypto); String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc); assertTrue(outputString.indexOf("LogTestService2") > 0 ? true : false); return results; } - public void handle(Callback[] callbacks) - throws IOException, UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof WSPasswordCallback) { - WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; - /* - * here call a function/method to lookup the password for - * the given identifier (e.g. a user name or keystore alias) - * e.g.: pc.setPassword(passStore.getPassword(pc.getIdentfifier)) - * for Testing we supply a fixed name here. - */ - pc.setPassword("security"); - } else { - throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); - } - } - } - - } Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SignedSamlTokenTest.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SignedSamlTokenTest.java?rev=1043498&r1=1043497&r2=1043498&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SignedSamlTokenTest.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SignedSamlTokenTest.java Wed Dec 8 16:28:19 2010 @@ -25,11 +25,11 @@ import org.apache.ws.security.saml.SAMLI import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.ws.security.WSConstants; -import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSConfig; import org.apache.ws.security.WSSecurityEngine; import org.apache.ws.security.WSSecurityEngineResult; import org.apache.ws.security.common.CustomHandler; +import org.apache.ws.security.common.KeystoreCallbackHandler; import org.apache.ws.security.common.SOAPUtil; import org.apache.ws.security.components.crypto.Crypto; import org.apache.ws.security.components.crypto.CryptoFactory; @@ -41,10 +41,7 @@ import org.w3c.dom.Document; import org.opensaml.SAMLAssertion; -import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; -import java.io.IOException; import java.util.List; /** @@ -52,7 +49,7 @@ import java.util.List; * * @author Davanum Srinivas ([email protected]) */ -public class SignedSamlTokenTest extends org.junit.Assert implements CallbackHandler { +public class SignedSamlTokenTest extends org.junit.Assert { private static final Log LOG = LogFactory.getLog(SignedSamlTokenTest.class); private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" @@ -66,6 +63,7 @@ public class SignedSamlTokenTest extends + "</SOAP-ENV:Envelope>"; private WSSecurityEngine secEngine = new WSSecurityEngine(); + private CallbackHandler callbackHandler = new KeystoreCallbackHandler(); private Crypto crypto = CryptoFactory.getInstance("crypto.properties"); /** @@ -237,7 +235,7 @@ public class SignedSamlTokenTest extends handler.receive(WSConstants.ST_SIGNED, reqData); secEngine.processSecurityHeader( - signedDoc, null, this, reqData.getSigCrypto(), reqData.getDecCrypto() + signedDoc, null, callbackHandler, reqData.getSigCrypto(), reqData.getDecCrypto() ); // @@ -410,29 +408,11 @@ public class SignedSamlTokenTest extends */ private List<WSSecurityEngineResult> verify(Document doc) throws Exception { List<WSSecurityEngineResult> results = - secEngine.processSecurityHeader(doc, null, this, crypto); + secEngine.processSecurityHeader(doc, null, callbackHandler, crypto); String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc); assertTrue(outputString.indexOf("LogTestService2") > 0 ? true : false); return results; } - public void handle(Callback[] callbacks) - throws IOException, UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof WSPasswordCallback) { - WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; - /* - * here call a function/method to lookup the password for - * the given identifier (e.g. a user name or keystore alias) - * e.g.: pc.setPassword(passStore.getPassword(pc.getIdentfifier)) - * for Testing we supply a fixed name here. - */ - pc.setPassword("security"); - } else { - throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback"); - } - } - } - }
