001: /**
002: * Licensed to the Apache Software Foundation (ASF) under one
003: * or more contributor license agreements. See the NOTICE file
004: * distributed with this work for additional information
005: * regarding copyright ownership. The ASF licenses this file
006: * to you under the Apache License, Version 2.0 (the
007: * "License"); you may not use this file except in compliance
008: * with the License. You may obtain a copy of the License at
009: *
010: * http://www.apache.org/licenses/LICENSE-2.0
011: *
012: * Unless required by applicable law or agreed to in writing,
013: * software distributed under the License is distributed on an
014: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015: * KIND, either express or implied. See the License for the
016: * specific language governing permissions and limitations
017: * under the License.
018: */package org.apache.cxf.ws.security.wss4j;
019:
020: import java.io.ByteArrayInputStream;
021: import java.io.ByteArrayOutputStream;
022: import java.security.cert.X509Certificate;
023: import java.util.ArrayList;
024: import java.util.List;
025: import java.util.SortedSet;
026: import java.util.TreeSet;
027:
028: import javax.xml.parsers.DocumentBuilder;
029: import javax.xml.parsers.DocumentBuilderFactory;
030: import javax.xml.soap.MessageFactory;
031: import javax.xml.soap.SOAPMessage;
032: import javax.xml.soap.SOAPPart;
033: import javax.xml.stream.XMLStreamReader;
034: import javax.xml.stream.XMLStreamWriter;
035: import javax.xml.transform.dom.DOMSource;
036:
037: import org.w3c.dom.Document;
038:
039: import org.apache.cxf.binding.soap.SoapMessage;
040: import org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor;
041: import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
042: import org.apache.cxf.helpers.DOMUtils.NullResolver;
043: import org.apache.cxf.interceptor.Interceptor;
044: import org.apache.cxf.message.Exchange;
045: import org.apache.cxf.message.ExchangeImpl;
046: import org.apache.cxf.message.MessageImpl;
047: import org.apache.cxf.phase.Phase;
048: import org.apache.cxf.phase.PhaseInterceptorChain;
049: import org.apache.cxf.staxutils.StaxUtils;
050: import org.apache.ws.security.WSSecurityEngineResult;
051: import org.apache.ws.security.handler.WSHandlerConstants;
052: import org.junit.Test;
053:
054: /**
055: * Ensures that the signature round trip process works.
056: */
057: public class WSS4JInOutTest extends AbstractSecurityTest {
058:
059: public WSS4JInOutTest() {
060: }
061:
062: @Test
063: public void testOrder() throws Exception {
064: //make sure the interceptors get ordered correctly
065: SortedSet<Phase> phases = new TreeSet<Phase>();
066: phases.add(new Phase(Phase.PRE_PROTOCOL, 1));
067:
068: List<Interceptor> lst = new ArrayList<Interceptor>();
069: lst.add(new MustUnderstandInterceptor());
070: lst.add(new WSS4JInInterceptor());
071: lst.add(new SAAJInInterceptor());
072: PhaseInterceptorChain chain = new PhaseInterceptorChain(phases);
073: chain.add(lst);
074: String output = chain.toString();
075: assertTrue(output
076: .contains("MustUnderstandInterceptor, SAAJInInterceptor, WSS4JInInterceptor"));
077: }
078:
079: @Test
080: public void testSignature() throws Exception {
081: Document doc = readDocument("wsse-request-clean.xml");
082:
083: WSS4JOutInterceptor handler = new WSS4JOutInterceptor();
084:
085: SoapMessage msg = new SoapMessage(new MessageImpl());
086: Exchange ex = new ExchangeImpl();
087: ex.setInMessage(msg);
088:
089: SOAPMessage saajMsg = MessageFactory.newInstance()
090: .createMessage();
091: SOAPPart part = saajMsg.getSOAPPart();
092: part.setContent(new DOMSource(doc));
093: saajMsg.saveChanges();
094:
095: msg.setContent(SOAPMessage.class, saajMsg);
096:
097: msg
098: .put(WSHandlerConstants.ACTION,
099: WSHandlerConstants.SIGNATURE);
100: msg.put(WSHandlerConstants.SIG_PROP_FILE,
101: "META-INF/cxf/outsecurity.properties");
102: msg.put(WSHandlerConstants.USER, "myalias");
103: msg.put("password", "myAliasPassword");
104:
105: handler.handleMessage(msg);
106:
107: doc = part;
108:
109: assertValid("//wsse:Security", doc);
110: assertValid("//wsse:Security/ds:Signature", doc);
111:
112: byte[] docbytes = getMessageBytes(doc);
113: XMLStreamReader reader = StaxUtils
114: .createXMLStreamReader(new ByteArrayInputStream(
115: docbytes));
116:
117: DocumentBuilderFactory dbf = DocumentBuilderFactory
118: .newInstance();
119:
120: dbf.setValidating(false);
121: dbf.setIgnoringComments(false);
122: dbf.setIgnoringElementContentWhitespace(true);
123: dbf.setNamespaceAware(true);
124:
125: DocumentBuilder db = dbf.newDocumentBuilder();
126: db.setEntityResolver(new NullResolver());
127: doc = StaxUtils.read(db, reader, false);
128:
129: WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
130:
131: SoapMessage inmsg = new SoapMessage(new MessageImpl());
132: ex.setInMessage(inmsg);
133: inmsg.setContent(SOAPMessage.class, saajMsg);
134:
135: inHandler.setProperty(WSHandlerConstants.ACTION,
136: WSHandlerConstants.SIGNATURE);
137: inHandler.setProperty(WSHandlerConstants.SIG_PROP_FILE,
138: "META-INF/cxf/insecurity.properties");
139:
140: inHandler.handleMessage(inmsg);
141:
142: WSSecurityEngineResult result = (WSSecurityEngineResult) inmsg
143: .get(WSS4JInInterceptor.SIGNATURE_RESULT);
144: assertNotNull(result);
145: X509Certificate certificate = result.getCertificate();
146: assertNotNull(certificate);
147: }
148:
149: @Test
150: public void testDirectReferenceSignature() throws Exception {
151: Document doc = readDocument("wsse-request-clean.xml");
152:
153: WSS4JOutInterceptor handler = new WSS4JOutInterceptor();
154:
155: SoapMessage msg = new SoapMessage(new MessageImpl());
156: Exchange ex = new ExchangeImpl();
157: ex.setInMessage(msg);
158:
159: SOAPMessage saajMsg = MessageFactory.newInstance()
160: .createMessage();
161: SOAPPart part = saajMsg.getSOAPPart();
162: part.setContent(new DOMSource(doc));
163: saajMsg.saveChanges();
164:
165: msg.setContent(SOAPMessage.class, saajMsg);
166:
167: msg
168: .put(WSHandlerConstants.ACTION,
169: WSHandlerConstants.SIGNATURE);
170: msg.put(WSHandlerConstants.SIG_PROP_FILE,
171: "META-INF/cxf/outsecurity.properties");
172: msg.put(WSHandlerConstants.USER, "myalias");
173: msg.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
174: msg.put("password", "myAliasPassword");
175:
176: handler.handleMessage(msg);
177:
178: doc = part;
179:
180: assertValid("//wsse:Security", doc);
181: // Check to see that the binary security token was inserted in the header
182: assertValid("//wsse:Security/wsse:BinarySecurityToken", doc);
183: assertValid("//wsse:Security/ds:Signature", doc);
184:
185: byte[] docbytes = getMessageBytes(doc);
186: XMLStreamReader reader = StaxUtils
187: .createXMLStreamReader(new ByteArrayInputStream(
188: docbytes));
189:
190: DocumentBuilderFactory dbf = DocumentBuilderFactory
191: .newInstance();
192:
193: dbf.setValidating(false);
194: dbf.setIgnoringComments(false);
195: dbf.setIgnoringElementContentWhitespace(true);
196: dbf.setNamespaceAware(true);
197:
198: DocumentBuilder db = dbf.newDocumentBuilder();
199: db.setEntityResolver(new NullResolver());
200: doc = StaxUtils.read(db, reader, false);
201:
202: WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
203:
204: SoapMessage inmsg = new SoapMessage(new MessageImpl());
205: ex.setInMessage(inmsg);
206: inmsg.setContent(SOAPMessage.class, saajMsg);
207:
208: inHandler.setProperty(WSHandlerConstants.ACTION,
209: WSHandlerConstants.SIGNATURE);
210: inHandler.setProperty(WSHandlerConstants.SIG_PROP_FILE,
211: "META-INF/cxf/insecurity.properties");
212:
213: inHandler.handleMessage(inmsg);
214:
215: WSSecurityEngineResult result = (WSSecurityEngineResult) inmsg
216: .get(WSS4JInInterceptor.SIGNATURE_RESULT);
217: assertNotNull(result);
218: X509Certificate certificate = result.getCertificate();
219: assertNotNull(certificate);
220: }
221:
222: private byte[] getMessageBytes(Document doc) throws Exception {
223: // XMLOutputFactory factory = XMLOutputFactory.newInstance();
224: ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
225:
226: // XMLStreamWriter byteArrayWriter =
227: // factory.createXMLStreamWriter(outputStream);
228: XMLStreamWriter byteArrayWriter = StaxUtils
229: .createXMLStreamWriter(outputStream);
230:
231: StaxUtils.writeDocument(doc, byteArrayWriter, false);
232:
233: byteArrayWriter.flush();
234: return outputStream.toByteArray();
235: }
236: }
|