Hi Andreas, In my local machine, all tests are passing. I am currently investigating the cause for the test failure.
Thanks AmilaJ On Mon, Jan 9, 2012 at 1:46 PM, Andreas Veithen <[email protected]> wrote: > That change causes a builds failure (see the mails from Jenkins). Can > you please fix that? > > Andreas > > On Sun, Jan 8, 2012 at 16:34, <[email protected]> wrote: >> Author: amilaj >> Date: Sun Jan 8 15:34:56 2012 >> New Revision: 1228870 >> >> URL: http://svn.apache.org/viewvc?rev=1228870&view=rev >> Log: >> Fixing issue RAMPART-269. Also added an integration test case >> >> Added: >> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml >> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml >> Modified: >> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java >> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml >> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java >> >> Modified: >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java >> URL: >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1228870&r1=1228869&r2=1228870&view=diff >> ============================================================================== >> --- >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java >> (original) >> +++ >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java >> Sun Jan 8 15:34:56 2012 >> @@ -311,6 +311,16 @@ public class RampartEngine { >> } >> } else if (WSConstants.SIGN == actInt.intValue()) { >> X509Certificate cert = (X509Certificate) >> wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE); >> + >> + if (rpd.isAsymmetricBinding() && cert == null && >> rpd.getInitiatorToken() != null >> + && !rpd.getInitiatorToken().isDerivedKeys()) { >> + >> + // If symmetric binding is used, the certificate should >> be null. >> + // If certificate is not null then probably initiator >> and >> + // recipient are using 2 different bindings. >> + throw new RampartException("invalidSignatureAlgo"); >> + } >> + >> msgCtx.setProperty(RampartMessageData.X509_CERT, cert); >> } >> >> >> Modified: >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties >> URL: >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1228870&r1=1228869&r2=1228870&view=diff >> ============================================================================== >> --- >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties >> (original) >> +++ >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties >> Sun Jan 8 15:34:56 2012 >> @@ -99,4 +99,5 @@ invalidTransport = Expected transport is >> requiredElementsMissing = Required Elements not found in the incoming >> message : {0} >> repeatingNonceValue = Nonce value : {0}, already seen before for user name >> : {1}. Possibly this could be a replay attack. >> invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart >> configuration file. >> -invalidIssuerAddress = Invalid value for Issuer >> \ No newline at end of file >> +invalidIssuerAddress = Invalid value for Issuer >> +invalidSignatureAlgo=Invalid signature algorithm for Asymmetric binding >> \ No newline at end of file >> >> Modified: axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml >> URL: >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml?rev=1228870&r1=1228869&r2=1228870&view=diff >> ============================================================================== >> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml >> (original) >> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml Sun >> Jan 8 15:34:56 2012 >> @@ -273,6 +273,11 @@ >> <copy overwrite="yes" >> file="src/test/resources/rampart/services-33.xml" >> tofile="target/temp-ramp/META-INF/services.xml" /> >> <jar >> jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar" >> basedir="target/temp-ramp" /> >> >> + <!-- Service 34 --> >> + <copy overwrite="yes" >> file="src/test/resources/rampart/services-34.xml" >> tofile="target/temp-ramp/META-INF/services.xml" /> >> + <jar >> jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar" >> basedir="target/temp-ramp" /> >> + >> + >> <!-- Service SC-1 --> >> <copy overwrite="yes" >> file="src/test/resources/rampart/issuer.properties" >> tofile="target/temp-ramp/issuer.properties" /> >> <copy overwrite="yes" >> file="src/test/resources/rampart/services-sc-1.xml" >> tofile="target/temp-ramp/META-INF/services.xml" /> >> >> Modified: >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java >> URL: >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=1228870&r1=1228869&r2=1228870&view=diff >> ============================================================================== >> --- >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java >> (original) >> +++ >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java >> Sun Jan 8 15:34:56 2012 >> @@ -36,11 +36,24 @@ import org.apache.axis2.integration.Util >> import org.apache.neethi.Policy; >> import org.apache.neethi.PolicyEngine; >> >> +import java.util.MissingResourceException; >> +import java.util.ResourceBundle; >> + >> >> public class RampartTest extends TestCase { >> >> public final static int PORT = UtilServer.TESTING_PORT; >> >> + private static ResourceBundle resources; >> + >> + static { >> + try { >> + resources = >> ResourceBundle.getBundle("org.apache.rampart.errors"); >> + } catch (MissingResourceException e) { >> + throw new RuntimeException(e.getMessage()); >> + } >> + } >> + >> public RampartTest(String name) { >> super(name); >> } >> @@ -83,7 +96,7 @@ public class RampartTest extends TestCas >> "Unlimited Strength Jurisdiction Policy !!!"); >> } >> >> - for (int i = 1; i <= 33; i++) { //<-The number of tests we have >> + for (int i = 1; i <= 34; i++) { //<-The number of tests we have >> if(!basic256Supported && (i == 3 || i == 4 || i == 5)) { >> //Skip the Basic256 tests >> continue; >> @@ -122,18 +135,32 @@ public class RampartTest extends TestCas >> serviceClient.addHeader(header); >> } >> >> - // Invoking the serive in the TestCase-28 should fail. So >> handling it differently.. >> - if (i == 28) { >> + // Invoking the service in the TestCase-28 should fail. So >> handling it differently.. >> + if (i == 28 || i == 34) { >> try { >> + >> //Blocking invocation >> serviceClient.sendReceive(getOMElement()); >> - fail("Service Should throw an error.."); >> + >> + String message = ""; >> + >> + if (i == 34) { >> + message = "Test case 34 should fail. We are >> running the service in symmetric binding mode " + >> + "and client in asymmetric binding >> mode. Therefore test case 34 should fail."; >> + } >> + >> + fail("Service Should throw an error - " + message); >> >> } catch (AxisFault axisFault) { >> - assertEquals("Expected encrypted part missing", >> axisFault.getMessage()); >> + >> + if (i == 28) { >> + >> assertEquals(resources.getString("encryptionMissing"), >> axisFault.getMessage()); >> + } else if (i == 34) { >> + >> assertEquals(resources.getString("invalidSignatureAlgo"), >> axisFault.getMessage()); >> + } >> + >> } >> } >> - >> else{ >> //Blocking invocation >> serviceClient.sendReceive(getEchoElement()); >> >> Added: >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml >> URL: >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml?rev=1228870&view=auto >> ============================================================================== >> --- >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml >> (added) >> +++ >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml >> Sun Jan 8 15:34:56 2012 >> @@ -0,0 +1,102 @@ >> +<?xml version="1.0" encoding="UTF-8"?> >> +<!-- >> + ! >> + ! Copyright 2006 The Apache Software Foundation. >> + ! >> + ! Licensed under the Apache License, Version 2.0 (the "License"); >> + ! you may not use this file except in compliance with the License. >> + ! You may obtain a copy of the License at >> + ! >> + ! http://www.apache.org/licenses/LICENSE-2.0 >> + ! >> + ! Unless required by applicable law or agreed to in writing, software >> + ! distributed under the License is distributed on an "AS IS" BASIS, >> + ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. >> + ! See the License for the specific language governing permissions and >> + ! limitations under the License. >> + !--> >> + >> +<wsp:Policy wsu:Id="SigEncr" >> + >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; >> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"; >> + xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> >> + <wsp:ExactlyOne> >> + <wsp:All> >> + <sp:SymmetricBinding> >> + <wsp:Policy> >> + <sp:ProtectionToken> >> + <wsp:Policy> >> + <sp:X509Token >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";> >> + <wsp:Policy> >> + >> <sp:RequireThumbprintReference/> >> + >> <sp:WssX509V3Token10/> >> + >> </wsp:Policy> >> + </sp:X509Token> >> + </wsp:Policy> >> + </sp:ProtectionToken> >> + <sp:AlgorithmSuite> >> + <wsp:Policy> >> + <sp:Basic256/> >> + </wsp:Policy> >> + </sp:AlgorithmSuite> >> + <sp:Layout> >> + <wsp:Policy> >> + <sp:Lax/> >> + </wsp:Policy> >> + </sp:Layout> >> + <sp:IncludeTimestamp/> >> + <sp:OnlySignEntireHeadersAndBody/> >> + </wsp:Policy> >> + </sp:SymmetricBinding> >> + <sp:Wss10 >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> >> + <wsp:Policy> >> + <sp:MustSupportRefKeyIdentifier/> >> + <sp:MustSupportRefIssuerSerial/> >> + </wsp:Policy> >> + </sp:Wss10> >> + <sp:SignedParts >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> >> + <sp:Body/> >> + </sp:SignedParts> >> + <sp:EncryptedParts >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> >> + <sp:Body/> >> + </sp:EncryptedParts> >> + >> + <ramp:RampartConfig >> xmlns:ramp="http://ws.apache.org/rampart/policy";> >> + <ramp:user>alice</ramp:user> >> + <ramp:encryptionUser>bob</ramp:encryptionUser> >> + >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback >> + </ramp:passwordCallbackClass> >> + >> + <ramp:signatureCrypto> >> + <ramp:crypto >> provider="org.apache.ws.security.components.crypto.Merlin"> >> + <ramp:property >> + >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS >> + </ramp:property> >> + <ramp:property >> name="org.apache.ws.security.crypto.merlin.file"> >> + rampart/store.jks >> + </ramp:property> >> + <ramp:property >> + >> name="org.apache.ws.security.crypto.merlin.keystore.password"> >> + password >> + </ramp:property> >> + </ramp:crypto> >> + </ramp:signatureCrypto> >> + <ramp:encryptionCypto> >> + <ramp:crypto >> provider="org.apache.ws.security.components.crypto.Merlin"> >> + <ramp:property >> + >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS >> + </ramp:property> >> + <ramp:property >> name="org.apache.ws.security.crypto.merlin.file"> >> + rampart/store.jks >> + </ramp:property> >> + <ramp:property >> + >> name="org.apache.ws.security.crypto.merlin.keystore.password"> >> + password >> + </ramp:property> >> + </ramp:crypto> >> + </ramp:encryptionCypto> >> + </ramp:RampartConfig> >> + >> + </wsp:All> >> + </wsp:ExactlyOne> >> +</wsp:Policy> >> \ No newline at end of file >> >> Added: >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml >> URL: >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml?rev=1228870&view=auto >> ============================================================================== >> --- >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml >> (added) >> +++ >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml >> Sun Jan 8 15:34:56 2012 >> @@ -0,0 +1,113 @@ >> +<service name="SecureService34"> >> + >> + <module ref="addressing"/> >> + <module ref="rampart"/> >> + >> + <parameter locked="false" >> name="ServiceClass">org.apache.rampart.Service</parameter> >> + >> + <operation name="echo"> >> + <messageReceiver >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/> >> + <actionMapping>urn:echo</actionMapping> >> + </operation> >> + >> + <operation name="returnError"> >> + <messageReceiver >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/> >> + <actionMapping>urn:returnError</actionMapping> >> + </operation> >> + >> + <wsp:Policy wsu:Id="SigEncr" >> + >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; >> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> >> + <wsp:ExactlyOne> >> + <wsp:All> >> + <sp:AsymmetricBinding >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> >> + <wsp:Policy> >> + <sp:InitiatorToken> >> + <wsp:Policy> >> + <sp:X509Token >> + >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";> >> + <wsp:Policy> >> + <sp:RequireThumbprintReference/> >> + <sp:WssX509V3Token10/> >> + </wsp:Policy> >> + </sp:X509Token> >> + </wsp:Policy> >> + </sp:InitiatorToken> >> + <sp:RecipientToken> >> + <wsp:Policy> >> + <sp:X509Token >> + >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";> >> + <wsp:Policy> >> + <sp:RequireThumbprintReference/> >> + <sp:WssX509V3Token10/> >> + </wsp:Policy> >> + </sp:X509Token> >> + </wsp:Policy> >> + </sp:RecipientToken> >> + <sp:AlgorithmSuite> >> + <wsp:Policy> >> + <sp:TripleDesRsa15/> >> + </wsp:Policy> >> + </sp:AlgorithmSuite> >> + <sp:Layout> >> + <wsp:Policy> >> + <sp:Strict/> >> + </wsp:Policy> >> + </sp:Layout> >> + <sp:IncludeTimestamp/> >> + <sp:OnlySignEntireHeadersAndBody/> >> + </wsp:Policy> >> + </sp:AsymmetricBinding> >> + <sp:Wss10 >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> >> + <wsp:Policy> >> + <sp:MustSupportRefKeyIdentifier/> >> + <sp:MustSupportRefIssuerSerial/> >> + </wsp:Policy> >> + </sp:Wss10> >> + <sp:SignedParts >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> >> + <sp:Body/> >> + </sp:SignedParts> >> + <sp:EncryptedParts >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> >> + <sp:Body/> >> + </sp:EncryptedParts> >> + >> + <ramp:RampartConfig >> xmlns:ramp="http://ws.apache.org/rampart/policy";> >> + <ramp:user>alice</ramp:user> >> + <ramp:encryptionUser>bob</ramp:encryptionUser> >> + >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback >> + </ramp:passwordCallbackClass> >> + >> + <ramp:signatureCrypto> >> + <ramp:crypto >> provider="org.apache.ws.security.components.crypto.Merlin"> >> + <ramp:property >> + >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS >> + </ramp:property> >> + <ramp:property >> name="org.apache.ws.security.crypto.merlin.file"> >> + rampart/store.jks >> + </ramp:property> >> + <ramp:property >> + >> name="org.apache.ws.security.crypto.merlin.keystore.password"> >> + password >> + </ramp:property> >> + </ramp:crypto> >> + </ramp:signatureCrypto> >> + <ramp:encryptionCypto> >> + <ramp:crypto >> provider="org.apache.ws.security.components.crypto.Merlin"> >> + <ramp:property >> + >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS >> + </ramp:property> >> + <ramp:property >> name="org.apache.ws.security.crypto.merlin.file"> >> + rampart/store.jks >> + </ramp:property> >> + <ramp:property >> + >> name="org.apache.ws.security.crypto.merlin.keystore.password"> >> + password >> + </ramp:property> >> + </ramp:crypto> >> + </ramp:encryptionCypto> >> + </ramp:RampartConfig> >> + </wsp:All> >> + </wsp:ExactlyOne> >> + </wsp:Policy> >> + >> +</service> >> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > -- Mobile : +94773330538 --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
