Author: coheigea
Date: Mon Sep 29 06:19:39 2008
New Revision: 700123
URL: http://svn.apache.org/viewvc?rev=700123&view=rev
Log:
[WSS-137] - Improved certificate error reporting
- No code now results in the cryptic "Unexpected number of X509Data: for
Signature" message
- Added the following error messages:
- noUserCertsFound = No certificates for user {0} were found for {1}
- noCertsFound = No certificates were found for {0}
- unknownSignatureAlgorithm = An unknown signature algorithm was specified:
{0}
- Added a test for the new error messages.
- Also moved the test *.properties from the src dir to the test dir
Added:
webservices/wss4j/trunk/test/crypto.properties (with props)
webservices/wss4j/trunk/test/cryptoSKI.properties (with props)
webservices/wss4j/trunk/test/saml.properties (with props)
webservices/wss4j/trunk/test/saml3.properties (with props)
webservices/wss4j/trunk/test/saml4.properties (with props)
webservices/wss4j/trunk/test/wssec/TestWSSecurityCertError.java (with
props)
webservices/wss4j/trunk/test/x509v1.properties (with props)
Removed:
webservices/wss4j/trunk/src/crypto.properties
webservices/wss4j/trunk/src/cryptoSKI.properties
webservices/wss4j/trunk/src/saml.properties
webservices/wss4j/trunk/src/saml3.properties
webservices/wss4j/trunk/src/saml4.properties
webservices/wss4j/trunk/src/x509v1.properties
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoFactory.java
webservices/wss4j/trunk/src/org/apache/ws/security/errors.properties
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSEncryptBody.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncryptedKey.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSignEnvelope.java
webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java
webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSecSignatureSAML.java
webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSignSAMLEnvelope.java
webservices/wss4j/trunk/test/wssec/PackageTests.java
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoFactory.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoFactory.java?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoFactory.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoFactory.java
Mon Sep 29 06:19:39 2008
@@ -49,7 +49,7 @@
* <code>Loader.getResource()</code> method.
* <p/>
*
- * @return The cyrpto implementation was defined
+ * @return The crypto implementation was defined
*/
public static Crypto getInstance() {
return getInstance("crypto.properties");
@@ -86,7 +86,7 @@
* and the Crypto impl class name.
* These properties are dependent on the crypto
implementation
* @param classLoader The class loader to use
- * @return The cyrpto implementation or null if no cryptoClassName was
defined
+ * @return The crypto implementation or null if no cryptoClassName was
defined
*/
public static Crypto getInstance(Properties properties, ClassLoader
classLoader) {
String cryptoClassName =
properties.getProperty("org.apache.ws.security.crypto.provider");
@@ -103,9 +103,9 @@
*
* @param cryptoClassName This is the crypto implementation class. No
default is
* provided here.
- * @param properties The Properties that are forwarded to the crypto
implementaion.
+ * @param properties The Properties that are forwarded to the crypto
implementation.
* These properties are dependent on the crypto
implementation
- * @return The cyrpto implementation or null if no cryptoClassName was
defined
+ * @return The crypto implementation or null if no cryptoClassName was
defined
*
* @deprecated use @link{#getInstance(java.lang.String,
java.util.Map)} instead.
*/
@@ -146,7 +146,7 @@
* <p/>
*
* @param propFilename The name of the property file to load
- * @return The cyrpto implementation that was defined
+ * @return The crypto implementation that was defined
*/
public static Crypto getInstance(String propFilename) {
Properties properties = null;
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/errors.properties
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/errors.properties?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/errors.properties
(original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/errors.properties Mon
Sep 29 06:19:39 2008
@@ -21,6 +21,9 @@
invalidValueType = Bad ValueType \"{0}\"
unsupportedKeyInfo = Unsupported KeyInfo type
invalidX509Data = Unexpected number of X509Data: {0}
+unknownSignatureAlgorithm = An unknown signature algorithm was specified: {0}
+noUserCertsFound = No certificates for user {0} were found for {1}
+noCertsFound = No certificates were found for {0}
invalidCertData = Unexpected number of certificates: {0}
noSKIHandling = Error during processing of SKI data: {0}
invalidDataRef = Cannot handle multiple data references
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSEncryptBody.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSEncryptBody.java?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSEncryptBody.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSEncryptBody.java
Mon Sep 29 06:19:39 2008
@@ -338,9 +338,11 @@
} else {
X509Certificate[] certs = crypto.getCertificates(user);
if (certs == null || certs.length <= 0) {
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "invalidX509Data",
- new Object[]{"for Encryption"});
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noUserCertsFound",
+ new Object[] { user, "encryption" }
+ );
}
remoteCert = certs[0];
}
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncrypt.java
Mon Sep 29 06:19:39 2008
@@ -250,8 +250,11 @@
} else {
X509Certificate[] certs = crypto.getCertificates(user);
if (certs == null || certs.length <= 0) {
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "invalidX509Data", new Object[] { "for Encryption"
});
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noUserCertsFound",
+ new Object[] { user, "encryption" }
+ );
}
remoteCert = certs[0];
}
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncryptedKey.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncryptedKey.java?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncryptedKey.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecEncryptedKey.java
Mon Sep 29 06:19:39 2008
@@ -164,8 +164,11 @@
} else {
X509Certificate[] certs = crypto.getCertificates(user);
if (certs == null || certs.length <= 0) {
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "invalidX509Data", new Object[] { "for Encryption" });
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noUserCertsFound",
+ new Object[] { user, "encryption" }
+ );
}
remoteCert = certs[0];
}
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSecSignature.java
Mon Sep 29 06:19:39 2008
@@ -312,8 +312,11 @@
&& keyIdentifierType !=
WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER) {
certs = crypto.getCertificates(user);
if (certs == null || certs.length <= 0) {
- throw new
WSSecurityException(WSSecurityException.FAILURE,
- "invalidX509Data", new Object[]
{ "for Signature" });
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noUserCertsFound",
+ new Object[] { user, "signature" }
+ );
}
certUri = "CertId-" + certs[0].hashCode();
/*
@@ -329,9 +332,12 @@
sigAlgo =
XMLSignature.ALGO_ID_SIGNATURE_RSA;
} else {
throw new WSSecurityException(
-
WSSecurityException.FAILURE,
- "invalidX509Data",
- new Object[] { "for
Signature - unknown public key Algo" });
+ WSSecurityException.FAILURE,
+ "unknownSignatureAlgorithm",
+ new Object[] {
+ pubKeyAlgo
+ }
+ );
}
}
}
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSignEnvelope.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSignEnvelope.java?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSignEnvelope.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/message/WSSignEnvelope.java
Mon Sep 29 06:19:39 2008
@@ -255,8 +255,11 @@
if (keyIdentifierType != WSConstants.UT_SIGNING) {
certs = crypto.getCertificates(user);
if (certs == null || certs.length <= 0) {
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "invalidX509Data", new Object[] { "for Signature" });
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noUserCertsFound",
+ new Object[] { user, "signature" }
+ );
}
certUri = "CertId-" + certs[0].hashCode();
if (sigAlgo == null) {
@@ -268,9 +271,12 @@
sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_RSA;
} else {
throw new WSSecurityException(
- WSSecurityException.FAILURE,
- "invalidX509Data",
- new Object[] { "for Signature - unkown public key
Algo" });
+ WSSecurityException.FAILURE,
+ "unknownSignatureAlgorithm",
+ new Object[] {
+ pubKeyAlgo
+ }
+ );
}
}
}
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/processor/EncryptedKeyProcessor.java
Mon Sep 29 06:19:39 2008
@@ -186,8 +186,11 @@
else if (secRef.containsKeyIdentifier()) {
X509Certificate[] certs = secRef.getKeyIdentifier(crypto);
if (certs == null || certs.length < 1 || certs[0] == null)
{
- throw new
WSSecurityException(WSSecurityException.FAILURE,
- "invalidX509Data", new Object[]{"for
decryption (KeyId)"});
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noCertsFound",
+ new Object[] { "decryption (KeyId)" }
+ );
}
/*
* Here we have the certificate. Now find the alias for it.
Needed to identify
@@ -217,9 +220,11 @@
}
X509Certificate cert =
token.getX509Certificate(crypto);
if (cert == null) {
- throw new
WSSecurityException(WSSecurityException.FAILURE,
- "invalidX509Data",
- new Object[]{"for decryption"});
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noCertsFound",
+ new Object[] { "decryption" }
+ );
}
/*
* Here we have the certificate. Now find the alias for
it. Needed to identify
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSecSignatureSAML.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSecSignatureSAML.java?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSecSignatureSAML.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSecSignatureSAML.java
Mon Sep 29 06:19:39 2008
@@ -214,7 +214,7 @@
}
/*
* Gather some info about the document to process and store it for
- * retrival
+ * retrieval
*/
wsDocInfo = new WSDocInfo(doc.hashCode());
@@ -263,8 +263,11 @@
wsDocInfo.setCrypto(userCrypto);
}
if (certs == null || certs.length <= 0) {
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "invalidX509Data", new Object[] { "for Signature" });
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noCertsFound",
+ new Object[] { "SAML signature" }
+ );
}
if (sigAlgo == null) {
String pubKeyAlgo = certs[0].getPublicKey().getAlgorithm();
@@ -275,9 +278,12 @@
sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_RSA;
} else {
throw new WSSecurityException(
- WSSecurityException.FAILURE,
- "invalidX509Data",
- new Object[] { "for Signature - unkown public key
Algo" });
+ WSSecurityException.FAILURE,
+ "unknownSignatureAlgorithm",
+ new Object[] {
+ pubKeyAlgo
+ }
+ );
}
}
sig = null;
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSignSAMLEnvelope.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSignSAMLEnvelope.java?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSignSAMLEnvelope.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/saml/WSSignSAMLEnvelope.java
Mon Sep 29 06:19:39 2008
@@ -138,7 +138,7 @@
}
/*
* Gather some info about the document to process and store it for
- * retrival
+ * retrieval
*/
WSDocInfo wsDocInfo = new WSDocInfo(doc.hashCode());
@@ -193,8 +193,11 @@
// Set the id of the elements to be used as digest source
// String id = setBodyID(doc);
if (certs == null || certs.length <= 0) {
- throw new WSSecurityException(WSSecurityException.FAILURE,
- "invalidX509Data", new Object[] { "for Signature" });
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noCertsFound",
+ new Object[] { "SAML signature" }
+ );
}
if (sigAlgo == null) {
String pubKeyAlgo = certs[0].getPublicKey().getAlgorithm();
@@ -205,9 +208,12 @@
sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_RSA;
} else {
throw new WSSecurityException(
- WSSecurityException.FAILURE,
- "invalidX509Data",
- new Object[] { "for Signature - unkown public key
Algo" });
+ WSSecurityException.FAILURE,
+ "unknownSignatureAlgorithm",
+ new Object[] {
+ pubKeyAlgo
+ }
+ );
}
}
XMLSignature sig = null;
Added: webservices/wss4j/trunk/test/crypto.properties
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/crypto.properties?rev=700123&view=auto
==============================================================================
--- webservices/wss4j/trunk/test/crypto.properties (added)
+++ webservices/wss4j/trunk/test/crypto.properties Mon Sep 29 06:19:39 2008
@@ -0,0 +1,6 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
+org.apache.ws.security.crypto.merlin.keystore.password=security
+org.apache.ws.security.crypto.merlin.keystore.alias=16c73ab6-b892-458f-abf5-2f875f74882e
+org.apache.ws.security.crypto.merlin.alias.password=security
+org.apache.ws.security.crypto.merlin.file=keys/x509.PFX.MSFT
Propchange: webservices/wss4j/trunk/test/crypto.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: webservices/wss4j/trunk/test/crypto.properties
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: webservices/wss4j/trunk/test/crypto.properties
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: webservices/wss4j/trunk/test/cryptoSKI.properties
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/cryptoSKI.properties?rev=700123&view=auto
==============================================================================
--- webservices/wss4j/trunk/test/cryptoSKI.properties (added)
+++ webservices/wss4j/trunk/test/cryptoSKI.properties Mon Sep 29 06:19:39 2008
@@ -0,0 +1,4 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=security
+org.apache.ws.security.crypto.merlin.file=keys/wss4j.keystore
Propchange: webservices/wss4j/trunk/test/cryptoSKI.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: webservices/wss4j/trunk/test/cryptoSKI.properties
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: webservices/wss4j/trunk/test/cryptoSKI.properties
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: webservices/wss4j/trunk/test/saml.properties
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/saml.properties?rev=700123&view=auto
==============================================================================
--- webservices/wss4j/trunk/test/saml.properties (added)
+++ webservices/wss4j/trunk/test/saml.properties Mon Sep 29 06:19:39 2008
@@ -0,0 +1,12 @@
+org.apache.ws.security.saml.issuerClass=org.apache.ws.security.saml.SAMLIssuerImpl
+org.apache.ws.security.saml.issuer.cryptoProp.file=crypto.properties
+org.apache.ws.security.saml.issuer.key.name=16c73ab6-b892-458f-abf5-2f875f74882e
+org.apache.ws.security.saml.issuer.key.password=security
+org.apache.ws.security.saml.issuer=www.example.com
+org.apache.ws.security.saml.subjectNameId.name=uid=joe,ou=people,ou=saml-demo,o=example.com
+org.apache.ws.security.saml.subjectNameId.qualifier=www.example.com
+org.apache.ws.security.saml.authenticationMethod=password
+org.apache.ws.security.saml.confirmationMethod=senderVouches
+#org.apache.ws.security.saml.confirmationMethod=keyHolder
+#org.apache.ws.security.saml
+#org.apache.ws.security.saml
Propchange: webservices/wss4j/trunk/test/saml.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: webservices/wss4j/trunk/test/saml.properties
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: webservices/wss4j/trunk/test/saml.properties
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: webservices/wss4j/trunk/test/saml3.properties
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/saml3.properties?rev=700123&view=auto
==============================================================================
--- webservices/wss4j/trunk/test/saml3.properties (added)
+++ webservices/wss4j/trunk/test/saml3.properties Mon Sep 29 06:19:39 2008
@@ -0,0 +1,11 @@
+org.apache.ws.security.saml.issuer.cryptoProp.file=crypto.properties
+org.apache.ws.security.saml.issuer.key.name=16c73ab6-b892-458f-abf5-2f875f74882e
+org.apache.ws.security.saml.issuer.key.password=security
+org.apache.ws.security.saml.issuer=www.example.com
+org.apache.ws.security.saml.subjectNameId.name=uid=joe,ou=people,ou=saml-demo,o=example.com
+org.apache.ws.security.saml.subjectNameId.qualifier=www.example.com
+org.apache.ws.security.saml.authenticationMethod=password
+org.apache.ws.security.saml.confirmationMethod=senderVouches
+#org.apache.ws.security.saml.confirmationMethod=keyHolder
+#org.apache.ws.security.saml
+#org.apache.ws.security.saml
Propchange: webservices/wss4j/trunk/test/saml3.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: webservices/wss4j/trunk/test/saml3.properties
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: webservices/wss4j/trunk/test/saml3.properties
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: webservices/wss4j/trunk/test/saml4.properties
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/saml4.properties?rev=700123&view=auto
==============================================================================
--- webservices/wss4j/trunk/test/saml4.properties (added)
+++ webservices/wss4j/trunk/test/saml4.properties Mon Sep 29 06:19:39 2008
@@ -0,0 +1,12 @@
+org.apache.ws.security.saml.issuerClass=org.apache.ws.security.saml.SAMLIssuerImpl
+org.apache.ws.security.saml.issuer.cryptoProp.file=crypto.properties
+org.apache.ws.security.saml.issuer.key.name=16c73ab6-b892-458f-abf5-2f875f74882e
+org.apache.ws.security.saml.issuer.key.password=security
+org.apache.ws.security.saml.issuer=www.example.com
+org.apache.ws.security.saml.subjectNameId.name=uid=joe,ou=people,ou=saml-demo,o=example.com
+org.apache.ws.security.saml.subjectNameId.qualifier=www.example.com
+org.apache.ws.security.saml.authenticationMethod=password
+#org.apache.ws.security.saml.confirmationMethod=senderVouches
+org.apache.ws.security.saml.confirmationMethod=keyHolder
+#org.apache.ws.security.saml
+#org.apache.ws.security.saml
Propchange: webservices/wss4j/trunk/test/saml4.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: webservices/wss4j/trunk/test/saml4.properties
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: webservices/wss4j/trunk/test/saml4.properties
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: webservices/wss4j/trunk/test/wssec/PackageTests.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/PackageTests.java?rev=700123&r1=700122&r2=700123&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/wssec/PackageTests.java (original)
+++ webservices/wss4j/trunk/test/wssec/PackageTests.java Mon Sep 29 06:19:39
2008
@@ -78,6 +78,7 @@
suite.addTestSuite(TestWSSecurityUTDK.class);
suite.addTestSuite(TestWSSecurityDataRef.class);
suite.addTestSuite(TestWSSecurityDataRef1.class);
+ suite.addTestSuite(TestWSSecurityCertError.class);
return suite;
}
Added: webservices/wss4j/trunk/test/wssec/TestWSSecurityCertError.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityCertError.java?rev=700123&view=auto
==============================================================================
--- webservices/wss4j/trunk/test/wssec/TestWSSecurityCertError.java (added)
+++ webservices/wss4j/trunk/test/wssec/TestWSSecurityCertError.java Mon Sep 29
06:19:39 2008
@@ -0,0 +1,148 @@
+/*
+ * Copyright 2003-2004 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package wssec;
+
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+import org.apache.axis.Message;
+import org.apache.axis.MessageContext;
+import org.apache.axis.SOAPPart;
+import org.apache.axis.client.AxisClient;
+import org.apache.axis.configuration.NullProvider;
+import org.apache.axis.message.SOAPEnvelope;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ws.security.WSPasswordCallback;
+import org.apache.ws.security.WSSecurityEngine;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.message.WSSecEncrypt;
+import org.apache.ws.security.message.WSSecSignature;
+import org.apache.ws.security.message.WSSecHeader;
+import org.w3c.dom.Document;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * This class tests for error messages that apply to certificates, e.g. when a
bad
+ * "username" is used for encryption or signature. See WSS-137.
+ */
+public class TestWSSecurityCertError extends TestCase {
+ static final String NS = "http://www.w3.org/2000/09/xmldsig#";;
+ static final String soapMsg = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
+ "<SOAP-ENV:Envelope
xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\";
xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\";
xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\";>" + "<SOAP-ENV:Body>" +
"<add xmlns=\"http://ws.apache.org/counter/counter_port_type\";>" + "<value
xmlns=\"\">15</value>" + "</add>" + "</SOAP-ENV:Body>\r\n \r\n" +
"</SOAP-ENV:Envelope>";
+ static final WSSecurityEngine secEngine = new WSSecurityEngine();
+ MessageContext msgContext;
+ SOAPEnvelope unsignedEnvelope;
+
+ /**
+ * TestWSSecurity constructor
+ * <p/>
+ *
+ * @param name name of the test
+ */
+ public TestWSSecurityCertError(String name) {
+ super(name);
+ }
+
+ /**
+ * JUnit suite
+ * <p/>
+ *
+ * @return a junit test suite
+ */
+ public static Test suite() {
+ return new TestSuite(TestWSSecurityNew3.class);
+ }
+
+ /**
+ * Main method
+ * <p/>
+ *
+ * @param args command line args
+ */
+ public static void main(String[] args) {
+ junit.textui.TestRunner.run(suite());
+ }
+
+ /**
+ * Setup method
+ * <p/>
+ *
+ * @throws java.lang.Exception Thrown when there is a problem in setup
+ */
+ protected void setUp() throws Exception {
+ AxisClient tmpEngine = new AxisClient(new NullProvider());
+ msgContext = new MessageContext(tmpEngine);
+ unsignedEnvelope = getSOAPEnvelope();
+ }
+
+ /**
+ * Constructs a soap envelope
+ * <p/>
+ *
+ * @return soap envelope
+ * @throws java.lang.Exception if there is any problem constructing the
soap envelope
+ */
+ protected SOAPEnvelope getSOAPEnvelope() throws Exception {
+ InputStream in = new ByteArrayInputStream(soapMsg.getBytes());
+ Message msg = new Message(in);
+ msg.setMessageContext(msgContext);
+ return msg.getSOAPEnvelope();
+ }
+
+ /**
+ * Test for when a bad certificate is used for Signature
+ */
+ public void testX509Signature() throws Exception {
+ WSSecSignature builder = new WSSecSignature();
+ builder.setUserInfo("bob", "security");
+ Document doc = unsignedEnvelope.getAsDocument();
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+ try {
+ builder.build(doc, CryptoFactory.getInstance(), secHeader);
+ fail("Expected failure on a bad username");
+ } catch (WSSecurityException ex) {
+ String expectedError = "No certificates for user bob were found
for signature";
+ assertTrue(ex.getMessage().indexOf(expectedError) != -1);
+ }
+ }
+
+ /**
+ * Test for when a bad certificate is used for Encryption
+ */
+ public void testEncryption() throws Exception {
+ WSSecEncrypt builder = new WSSecEncrypt();
+ builder.setUserInfo("alice");
+ Document doc = unsignedEnvelope.getAsDocument();
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+ try {
+ builder.build(doc, CryptoFactory.getInstance(), secHeader);
+ fail("Expected failure on a bad username");
+ } catch (WSSecurityException ex) {
+ String expectedError = "No certificates for user alice were found
for encryption";
+ assertTrue(ex.getMessage().indexOf(expectedError) != -1);
+ }
+ }
+
+}
Propchange: webservices/wss4j/trunk/test/wssec/TestWSSecurityCertError.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: webservices/wss4j/trunk/test/wssec/TestWSSecurityCertError.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added: webservices/wss4j/trunk/test/x509v1.properties
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/x509v1.properties?rev=700123&view=auto
==============================================================================
--- webservices/wss4j/trunk/test/x509v1.properties (added)
+++ webservices/wss4j/trunk/test/x509v1.properties Mon Sep 29 06:19:39 2008
@@ -0,0 +1,4 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=security
+org.apache.ws.security.crypto.merlin.file=keys/x509v1.keystore
Propchange: webservices/wss4j/trunk/test/x509v1.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: webservices/wss4j/trunk/test/x509v1.properties
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: webservices/wss4j/trunk/test/x509v1.properties
------------------------------------------------------------------------------
svn:mime-type = text/plain
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
