Added: webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/SecurityTest.java URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/SecurityTest.java?rev=427116&view=auto ============================================================================== --- webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/SecurityTest.java (added) +++ webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/SecurityTest.java Mon Jul 31 06:32:13 2006 @@ -0,0 +1,106 @@ +/* + * Copyright 2006 The Apache Software Foundation. + * Copyright 2006 International Business Machines Corp. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.sandesha2.security; + +import java.io.File; + +import org.apache.axis2.addressing.EndpointReference; +import org.apache.axis2.client.Options; +import org.apache.axis2.client.ServiceClient; +import org.apache.axis2.context.ConfigurationContext; +import org.apache.axis2.context.ConfigurationContextFactory; +import org.apache.axis2.context.MessageContextConstants; +import org.apache.axis2.transport.http.SimpleHTTPServer; +import org.apache.sandesha2.SandeshaTestCase; +import org.apache.sandesha2.client.SandeshaClient; +import org.apache.sandesha2.client.SandeshaClientConstants; +import org.apache.sandesha2.client.SequenceReport; +import org.apache.sandesha2.util.SandeshaUtil; + +/** + * Low-level testcases for the Security handling. This test mostly checks that the code can + * read and write the SecurityTokenReference elements that we expect to find within the create + * sequence messgaes. + */ +public class SecurityTest extends SandeshaTestCase { + + private int serverPort = DEFAULT_SERVER_TEST_PORT; + private SimpleHTTPServer httpServer; + + public SecurityTest(String name) { + super(name); + } + + public void setUp () throws Exception { + super.setUp(); + + String repoPath = "target" + File.separator + "repos" + File.separator + "secure-server"; + String axis2_xml = repoPath + File.separator + "server_axis2.xml"; + + ConfigurationContext configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(repoPath,axis2_xml); + + String serverPortStr = getTestProperty("test.server.port"); + if(serverPortStr != null) serverPort = Integer.parseInt(serverPortStr); + + httpServer = new SimpleHTTPServer (configContext,serverPort); + httpServer.start(); + Thread.sleep(300); + } + + public void tearDown () throws Exception { + if (httpServer!=null) { + httpServer.stop(); + httpServer = null; + } + + Thread.sleep(300); + super.tearDown(); + } + + // Check that we can send a create sequence that includes a token reference. + public void testCreateSequence() throws Exception { + String to = "http://127.0.0.1:"; + serverPort + "/axis2/services/RMSampleService"; + + String repoPath = "target" + File.separator + "repos" + File.separator + "secure-client"; + String axis2_xml = repoPath + File.separator + "client_axis2.xml"; + + ConfigurationContext configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(repoPath,axis2_xml); + ServiceClient serviceClient = new ServiceClient (configContext,null); + String sequenceKey = SandeshaUtil.getUUID(); + + Options clientOptions = new Options (); + + clientOptions.setTo(new EndpointReference (to)); + clientOptions.setProperty(MessageContextConstants.TRANSPORT_URL,to); + clientOptions.setProperty(SandeshaClientConstants.SEQUENCE_KEY,sequenceKey); + serviceClient.setOptions(clientOptions); + + SandeshaClient.createSequence(serviceClient,false); + + SequenceReport sequenceReport = null; + for(int i = 0; i < 15; i++) { + Thread.sleep(1000); + sequenceReport = SandeshaClient.getOutgoingSequenceReport(serviceClient); + if(sequenceReport.getSequenceID() != null) break; + } + assertTrue(sequenceReport.isSecureSequence()); + + serviceClient.finalizeInvoke(); + } + +}
Added: webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java?rev=427116&view=auto ============================================================================== --- webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java (added) +++ webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityManager.java Mon Jul 31 06:32:13 2006 @@ -0,0 +1,103 @@ +/* + * Copyright 2006 The Apache Software Foundation. + * Copyright 2006 International Business Machines Corp. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.sandesha2.security; + +import java.util.HashMap; + +import javax.xml.namespace.QName; + +import org.apache.axiom.om.OMAbstractFactory; +import org.apache.axiom.om.OMAttribute; +import org.apache.axiom.om.OMElement; +import org.apache.axiom.om.OMFactory; +import org.apache.axiom.om.OMNamespace; +import org.apache.axis2.context.ConfigurationContext; +import org.apache.axis2.context.MessageContext; +import org.apache.axis2.description.AxisModule; +import org.apache.sandesha2.Sandesha2Constants; +import org.apache.sandesha2.SandeshaException; + +public class UnitTestSecurityManager extends SecurityManager { + + private static HashMap tokens = new HashMap(); + private static int id = 0; + private static String secNamespace = Sandesha2Constants.SPEC_2005_02.SEC_NS_URI; + + public UnitTestSecurityManager(ConfigurationContext context) { + super(context); + } + + public void initSecurity(AxisModule moduleDesc) { + } + + public SecurityToken getSecurityToken(MessageContext message) + throws SandeshaException + { + UnitTestSecurityToken result = new UnitTestSecurityToken(id++); + tokens.put(getTokenRecoveryData(result), result); + return result; + } + + public SecurityToken getSecurityToken(OMElement theSTR, MessageContext message) + throws SandeshaException + { + OMElement reference = theSTR.getFirstChildWithName(new QName(secNamespace, "Reference")); + String securityTokenURI = reference.getAttributeValue(new QName("URI")); + String key = securityTokenURI.substring(10); + return (SecurityToken) tokens.get(key); + } + + public String getTokenRecoveryData(SecurityToken token) throws SandeshaException { + String key = ((UnitTestSecurityToken)token).getURI(); + return key; + } + + public SecurityToken recoverSecurityToken(String tokenData) + throws SandeshaException { + return (SecurityToken) tokens.get(tokenData); + } + + public void checkProofOfPossession(SecurityToken token, OMElement messagePart, + MessageContext message) throws SandeshaException { + if(token == null) { + throw new SandeshaException("Security manager was passed a null token"); + } + } + + public OMElement createSecurityTokenReference(SecurityToken token, MessageContext message) throws SandeshaException { + String uri = ((UnitTestSecurityToken)token).getURI(); + String type = ((UnitTestSecurityToken)token).getValueType(); + + OMFactory factory = OMAbstractFactory.getOMFactory(); + OMNamespace secNS = factory.createOMNamespace(secNamespace, "wsse"); + OMElement str = factory.createOMElement("SecurityTokenReference", secNS); + + OMElement ref = factory.createOMElement("Reference", secNS); + str.addChild(ref); + + OMAttribute uriAttr = factory.createOMAttribute("URI", null, uri); + OMAttribute typeAttr = factory.createOMAttribute("ValueType", null, type); + + ref.addAttribute(uriAttr); + ref.addAttribute(typeAttr); + + return str; + } + + +} Added: webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityToken.java URL: http://svn.apache.org/viewvc/webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityToken.java?rev=427116&view=auto ============================================================================== --- webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityToken.java (added) +++ webservices/sandesha/trunk/java/test/src/org/apache/sandesha2/security/UnitTestSecurityToken.java Mon Jul 31 06:32:13 2006 @@ -0,0 +1,44 @@ +/* + * Copyright 2006 The Apache Software Foundation. + * Copyright 2006 International Business Machines Corp. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.sandesha2.security; + +class UnitTestSecurityToken implements SecurityToken { + + private int id = 0; + + UnitTestSecurityToken(int id) { + this.id = id; + } + + /** + * The SecurityTokenReference that gets encoded into the CreateSequence message + * includes an URI string. This method returns the value to use. + */ + String getURI() { + return "#BogusURI/" + id; + } + + /** + * The SecurityTokenReference that gets encoded into the CreateSequence message + * includes a ValueType string. This method returns the value to use. + */ + String getValueType() { + return "http://schemas.xmlsoap.org/ws/2005/02/sc/sct";; + } + +} --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
