001: /*
002: * Copyright 2006 the original author or authors.
003: *
004: * Licensed under the Apache License, Version 2.0 (the "License");
005: * you may not use this file except in compliance with the License.
006: * You may obtain a copy of the License at
007: *
008: * http://www.apache.org/licenses/LICENSE-2.0
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License.
015: */
016:
017: package org.springframework.ws.soap.security.xwss;
018:
019: import javax.security.auth.callback.Callback;
020: import javax.security.auth.callback.CallbackHandler;
021: import javax.xml.soap.SOAPMessage;
022:
023: import com.sun.xml.wss.impl.callback.PasswordCallback;
024: import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
025: import com.sun.xml.wss.impl.callback.TimestampValidationCallback;
026: import com.sun.xml.wss.impl.callback.UsernameCallback;
027: import org.springframework.core.io.ClassPathResource;
028: import org.springframework.ws.soap.saaj.SaajSoapMessage;
029: import org.springframework.ws.soap.security.xwss.callback.AbstractCallbackHandler;
030:
031: public class XwssMessageInterceptorUsernameTokenTest extends
032: XwssMessageInterceptorTestCase {
033:
034: public void testAddUsernameTokenDigest() throws Exception {
035: interceptor.setPolicyConfiguration(new ClassPathResource(
036: "usernameToken-digest-config.xml", getClass()));
037: CallbackHandler handler = new AbstractCallbackHandler() {
038:
039: protected void handleInternal(Callback callback) {
040: if (callback instanceof UsernameCallback) {
041: ((UsernameCallback) callback).setUsername("Bert");
042: } else if (callback instanceof PasswordCallback) {
043: PasswordCallback passwordCallback = (PasswordCallback) callback;
044: passwordCallback.setPassword("Ernie");
045: } else {
046: fail("Unexpected callback");
047: }
048: }
049: };
050: interceptor.setCallbackHandler(handler);
051: interceptor.afterPropertiesSet();
052: SaajSoapMessage message = loadSaajMessage("empty-soap.xml");
053: interceptor.secureMessage(message);
054: SOAPMessage result = message.getSaajMessage();
055: assertNotNull("No result returned", result);
056: assertXpathEvaluatesTo(
057: "Invalid Username",
058: "Bert",
059: "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()",
060: result);
061: assertXpathExists(
062: "Password does not exist",
063: "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest']",
064: result);
065: }
066:
067: public void testAddUsernameTokenPlainText() throws Exception {
068: interceptor.setPolicyConfiguration(new ClassPathResource(
069: "usernameToken-plainText-config.xml", getClass()));
070: CallbackHandler handler = new AbstractCallbackHandler() {
071:
072: protected void handleInternal(Callback callback) {
073: if (callback instanceof UsernameCallback) {
074: ((UsernameCallback) callback).setUsername("Bert");
075: } else if (callback instanceof PasswordCallback) {
076: PasswordCallback passwordCallback = (PasswordCallback) callback;
077: passwordCallback.setPassword("Ernie");
078: } else {
079: fail("Unexpected callback");
080: }
081: }
082: };
083: interceptor.setCallbackHandler(handler);
084: interceptor.afterPropertiesSet();
085: SaajSoapMessage message = loadSaajMessage("empty-soap.xml");
086: interceptor.secureMessage(message);
087: SOAPMessage result = message.getSaajMessage();
088: assertNotNull("No result returned", result);
089: assertXpathEvaluatesTo(
090: "Invalid Username",
091: "Bert",
092: "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()",
093: result);
094: assertXpathEvaluatesTo(
095: "Invalid Password",
096: "Ernie",
097: "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText']/text()",
098: result);
099: }
100:
101: public void testValidateUsernameTokenPlainText() throws Exception {
102: interceptor
103: .setPolicyConfiguration(new ClassPathResource(
104: "requireUsernameToken-plainText-config.xml",
105: getClass()));
106: CallbackHandler handler = new AbstractCallbackHandler() {
107:
108: protected void handleInternal(Callback callback) {
109: if (callback instanceof PasswordValidationCallback) {
110: PasswordValidationCallback validationCallback = (PasswordValidationCallback) callback;
111: validationCallback
112: .setValidator(new PasswordValidationCallback.PasswordValidator() {
113: public boolean validate(
114: PasswordValidationCallback.Request request) {
115: if (request instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
116: PasswordValidationCallback.PlainTextPasswordRequest passwordRequest = (PasswordValidationCallback.PlainTextPasswordRequest) request;
117: assertEquals(
118: "Invalid username",
119: "Bert", passwordRequest
120: .getUsername());
121: assertEquals(
122: "Invalid password",
123: "Ernie",
124: passwordRequest
125: .getPassword());
126: return true;
127: } else {
128: fail("Unexpected request");
129: return false;
130: }
131: }
132: });
133: } else {
134: fail("Unexpected callback");
135: }
136: }
137: };
138: interceptor.setCallbackHandler(handler);
139: interceptor.afterPropertiesSet();
140: SaajSoapMessage message = loadSaajMessage("usernameTokenPlainText-soap.xml");
141: interceptor.validateMessage(message);
142: SOAPMessage result = message.getSaajMessage();
143: assertNotNull("No result returned", result);
144: assertXpathNotExists("Security Header not removed",
145: "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
146: result);
147: }
148:
149: public void testValidateUsernameTokenDigest() throws Exception {
150: interceptor.setPolicyConfiguration(new ClassPathResource(
151: "requireUsernameToken-digest-config.xml", getClass()));
152: CallbackHandler handler = new AbstractCallbackHandler() {
153:
154: protected void handleInternal(Callback callback) {
155: if (callback instanceof PasswordValidationCallback) {
156: PasswordValidationCallback validationCallback = (PasswordValidationCallback) callback;
157: if (validationCallback.getRequest() instanceof PasswordValidationCallback.DigestPasswordRequest) {
158: PasswordValidationCallback.DigestPasswordRequest passwordRequest = (PasswordValidationCallback.DigestPasswordRequest) validationCallback
159: .getRequest();
160: assertEquals("Invalid username", "Bert",
161: passwordRequest.getUsername());
162: passwordRequest.setPassword("Ernie");
163: validationCallback
164: .setValidator(new PasswordValidationCallback.DigestPasswordValidator());
165: } else {
166: fail("Unexpected request");
167: }
168: } else if (callback instanceof TimestampValidationCallback) {
169: TimestampValidationCallback validationCallback = (TimestampValidationCallback) callback;
170: validationCallback
171: .setValidator(new TimestampValidationCallback.TimestampValidator() {
172: public void validate(
173: TimestampValidationCallback.Request request) {
174: }
175: });
176: } else {
177: fail("Unexpected callback");
178: }
179: }
180: };
181: interceptor.setCallbackHandler(handler);
182: interceptor.afterPropertiesSet();
183: SaajSoapMessage message = loadSaajMessage("usernameTokenDigest-soap.xml");
184: interceptor.validateMessage(message);
185: SOAPMessage result = message.getSaajMessage();
186: assertNotNull("No result returned", result);
187: assertXpathNotExists("Security Header not removed",
188: "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
189: result);
190: }
191:
192: }
|