001: /*
002: * Copyright 2006 the original author or authors.
003: *
004: * Licensed under the Apache License, Version 2.0 (the "License");
005: * you may not use this file except in compliance with the License.
006: * You may obtain a copy of the License at
007: *
008: * http://www.apache.org/licenses/LICENSE-2.0
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License.
015: */
016:
017: package org.springframework.ws.soap.security.xwss;
018:
019: import javax.security.auth.callback.Callback;
020: import javax.security.auth.callback.CallbackHandler;
021: import javax.xml.soap.SOAPMessage;
022:
023: import com.sun.xml.wss.impl.callback.DecryptionKeyCallback;
024: import com.sun.xml.wss.impl.callback.EncryptionKeyCallback;
025: import org.springframework.core.io.ClassPathResource;
026: import org.springframework.ws.soap.saaj.SaajSoapMessage;
027: import org.springframework.ws.soap.security.xwss.callback.AbstractCallbackHandler;
028:
029: public class XwssMessageInterceptorEncryptTest extends
030: XwssMessageInterceptorKeyStoreTestCase {
031:
032: public void testEncryptDefaultCertificate() throws Exception {
033: interceptor.setPolicyConfiguration(new ClassPathResource(
034: "encrypt-config.xml", getClass()));
035: CallbackHandler handler = new AbstractCallbackHandler() {
036:
037: protected void handleInternal(Callback callback) {
038: if (callback instanceof EncryptionKeyCallback) {
039: EncryptionKeyCallback keyCallback = (EncryptionKeyCallback) callback;
040: if (keyCallback.getRequest() instanceof EncryptionKeyCallback.AliasX509CertificateRequest) {
041: EncryptionKeyCallback.AliasX509CertificateRequest request = (EncryptionKeyCallback.AliasX509CertificateRequest) keyCallback
042: .getRequest();
043: assertNull("Invalid alias", request.getAlias());
044: request.setX509Certificate(certificate);
045: } else {
046: fail("Unexpected request");
047: }
048: } else {
049: fail("Unexpected callback");
050: }
051: }
052: };
053: interceptor.setCallbackHandler(handler);
054: interceptor.afterPropertiesSet();
055: SaajSoapMessage message = loadSaajMessage("empty-soap.xml");
056: interceptor.secureMessage(message);
057: SOAPMessage result = message.getSaajMessage();
058: assertNotNull("No result returned", result);
059: assertXpathExists(
060: "BinarySecurityToken does not exist",
061: "SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:BinarySecurityToken",
062: result);
063: assertXpathExists(
064: "Signature does not exist",
065: "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/xenc:EncryptedKey",
066: result);
067: }
068:
069: public void testEncryptAlias() throws Exception {
070: interceptor.setPolicyConfiguration(new ClassPathResource(
071: "encrypt-alias-config.xml", getClass()));
072: CallbackHandler handler = new AbstractCallbackHandler() {
073:
074: protected void handleInternal(Callback callback) {
075: if (callback instanceof EncryptionKeyCallback) {
076: EncryptionKeyCallback keyCallback = (EncryptionKeyCallback) callback;
077: if (keyCallback.getRequest() instanceof EncryptionKeyCallback.AliasX509CertificateRequest) {
078: EncryptionKeyCallback.AliasX509CertificateRequest request = (EncryptionKeyCallback.AliasX509CertificateRequest) keyCallback
079: .getRequest();
080: assertEquals("Invalid alias", "alias", request
081: .getAlias());
082: request.setX509Certificate(certificate);
083: } else {
084: fail("Unexpected request");
085: }
086: } else {
087: fail("Unexpected callback");
088: }
089: }
090: };
091: interceptor.setCallbackHandler(handler);
092: interceptor.afterPropertiesSet();
093: SaajSoapMessage message = loadSaajMessage("empty-soap.xml");
094: interceptor.secureMessage(message);
095: SOAPMessage result = message.getSaajMessage();
096: assertNotNull("No result returned", result);
097: assertXpathExists(
098: "BinarySecurityToken does not exist",
099: "SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:BinarySecurityToken",
100: result);
101: assertXpathExists(
102: "Signature does not exist",
103: "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/xenc:EncryptedKey",
104: result);
105: }
106:
107: public void testDecrypt() throws Exception {
108: interceptor.setPolicyConfiguration(new ClassPathResource(
109: "decrypt-config.xml", getClass()));
110: CallbackHandler handler = new AbstractCallbackHandler() {
111:
112: protected void handleInternal(Callback callback) {
113: if (callback instanceof DecryptionKeyCallback) {
114: DecryptionKeyCallback keyCallback = (DecryptionKeyCallback) callback;
115: if (keyCallback.getRequest() instanceof DecryptionKeyCallback.X509CertificateBasedRequest) {
116: DecryptionKeyCallback.X509CertificateBasedRequest request = (DecryptionKeyCallback.X509CertificateBasedRequest) keyCallback
117: .getRequest();
118: assertEquals("Invalid certificate",
119: certificate, request
120: .getX509Certificate());
121: request.setPrivateKey(privateKey);
122: } else {
123: fail("Unexpected request");
124: }
125: } else {
126: fail("Unexpected callback");
127: }
128: }
129: };
130: interceptor.setCallbackHandler(handler);
131: interceptor.afterPropertiesSet();
132: SaajSoapMessage message = loadSaajMessage("encrypted-soap.xml");
133: interceptor.validateMessage(message);
134: SOAPMessage result = message.getSaajMessage();
135: assertNotNull("No result returned", result);
136: assertXpathNotExists("Security Header not removed",
137: "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
138: result);
139: }
140:
141: }
|