1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.wss4j;
18
19 import java.util.Properties;
20
21 import org.apache.ws.security.WSConstants;
22 import org.w3c.dom.Document;
23
24 import org.springframework.ws.context.DefaultMessageContext;
25 import org.springframework.ws.context.MessageContext;
26 import org.springframework.ws.soap.SoapMessage;
27 import org.springframework.ws.soap.security.wss4j.callback.SimplePasswordValidationCallbackHandler;
28
29 public abstract class Wss4jMessageInterceptorUsernameTokenTestCase extends Wss4jTestCase {
30
31 private Properties users = new Properties();
32
33 protected void onSetup() throws Exception {
34 users.setProperty("Bert", "Ernie");
35 }
36
37 public void testValidateUsernameTokenPlainText() throws Exception {
38 Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, false);
39 SoapMessage message = loadSoap11Message("usernameTokenPlainText-soap.xml");
40 MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
41 interceptor.validateMessage(message, messageContext);
42 assertValidateUsernameToken(message);
43 }
44
45 public void testValidateUsernameTokenDigest() throws Exception {
46 Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, true);
47 SoapMessage message = loadSoap11Message("usernameTokenDigest-soap.xml");
48 MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
49 interceptor.validateMessage(message, messageContext);
50 assertValidateUsernameToken(message);
51 }
52
53 public void testValidateUsernameTokenWithQualifiedType() throws Exception {
54 Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, false);
55 SoapMessage message = loadSoap11Message("usernameTokenPlainTextQualifiedType-soap.xml");
56 MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
57 interceptor.validateMessage(message, messageContext);
58 assertValidateUsernameToken(message);
59 }
60
61 public void testAddUsernameTokenPlainText() throws Exception {
62 Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", false, false);
63 interceptor.setSecurementUsername("Bert");
64 interceptor.setSecurementPassword("Ernie");
65 SoapMessage message = loadSoap11Message("empty-soap.xml");
66
67 MessageContext messageContext = getSoap11MessageContext(message);
68
69 interceptor.secureMessage(message, messageContext);
70 assertAddUsernameTokenPlainText(message);
71 }
72
73 public void testAddUsernameTokenDigest() throws Exception {
74 Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", false, true);
75 interceptor.setSecurementUsername("Bert");
76 interceptor.setSecurementPassword("Ernie");
77 SoapMessage message = loadSoap11Message("empty-soap.xml");
78
79 MessageContext messageContext = getSoap11MessageContext(message);
80 interceptor.secureMessage(message, messageContext);
81 assertAddUsernameTokenDigest(message);
82 }
83
84 protected void assertValidateUsernameToken(SoapMessage message) throws Exception {
85 Object result = getMessage(message);
86 assertNotNull("No result returned", result);
87 assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
88 getDocument(message));
89 }
90
91 protected void assertAddUsernameTokenPlainText(SoapMessage message) throws Exception {
92 Object result = getMessage(message);
93 assertNotNull("No result returned", result);
94 Document doc = getDocument(message);
95 assertXpathEvaluatesTo("Invalid Username", "Bert",
96 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", doc);
97 assertXpathEvaluatesTo("Invalid Password", "Ernie",
98 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText']/text()",
99 doc);
100 }
101
102 protected void assertAddUsernameTokenDigest(SoapMessage message) throws Exception {
103 Object result = getMessage(message);
104 Document doc = getDocument(message);
105 assertNotNull("No result returned", result);
106 assertXpathEvaluatesTo("Invalid Username", "Bert",
107 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", doc);
108 assertXpathExists("Password does not exist",
109 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest']",
110 doc);
111
112 }
113
114 protected Wss4jSecurityInterceptor prepareInterceptor(String actions, boolean validating, boolean digest)
115 throws Exception {
116 Wss4jSecurityInterceptor interceptor = new Wss4jSecurityInterceptor();
117 if (validating) {
118 interceptor.setValidationActions(actions);
119 }
120 else {
121 interceptor.setSecurementActions(actions);
122 }
123 SimplePasswordValidationCallbackHandler callbackHandler = new SimplePasswordValidationCallbackHandler();
124 callbackHandler.setUsers(users);
125 if (digest) {
126 interceptor.setSecurementPasswordType(WSConstants.PW_DIGEST);
127 }
128 else {
129 interceptor.setSecurementPasswordType(WSConstants.PW_TEXT);
130 }
131 interceptor.setValidationCallbackHandler(callbackHandler);
132 interceptor.afterPropertiesSet();
133 return interceptor;
134 }
135 }