Wss4jMessageInterceptorUsernameTokenTestCase xref


1   /*
2    * Copyright 2008 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.ws.soap.security.wss4j;
18  
19  import java.util.Properties;
20  
21  import org.apache.ws.security.WSConstants;
22  import org.w3c.dom.Document;
23  
24  import org.springframework.ws.context.DefaultMessageContext;
25  import org.springframework.ws.context.MessageContext;
26  import org.springframework.ws.soap.SoapMessage;
27  import org.springframework.ws.soap.security.wss4j.callback.SimplePasswordValidationCallbackHandler;
28  
29  public abstract class Wss4jMessageInterceptorUsernameTokenTestCase extends Wss4jTestCase {
30  
31      private Properties users = new Properties();
32  
33      protected void onSetup() throws Exception {
34          users.setProperty("Bert", "Ernie");
35      }
36  
37      public void testValidateUsernameTokenPlainText() throws Exception {
38          Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, false);
39          SoapMessage message = loadSoap11Message("usernameTokenPlainText-soap.xml");
40          MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
41          interceptor.validateMessage(message, messageContext);
42          assertValidateUsernameToken(message);
43      }
44  
45      public void testValidateUsernameTokenDigest() throws Exception {
46          Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, true);
47          SoapMessage message = loadSoap11Message("usernameTokenDigest-soap.xml");
48          MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
49          interceptor.validateMessage(message, messageContext);
50          assertValidateUsernameToken(message);
51      }
52  
53      public void testValidateUsernameTokenWithQualifiedType() throws Exception {
54          Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, false);
55          SoapMessage message = loadSoap11Message("usernameTokenPlainTextQualifiedType-soap.xml");
56          MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
57          interceptor.validateMessage(message, messageContext);
58          assertValidateUsernameToken(message);
59      }
60  
61      public void testAddUsernameTokenPlainText() throws Exception {
62          Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", false, false);
63          interceptor.setSecurementUsername("Bert");
64          interceptor.setSecurementPassword("Ernie");
65          SoapMessage message = loadSoap11Message("empty-soap.xml");
66  
67          MessageContext messageContext = getSoap11MessageContext(message);
68  
69          interceptor.secureMessage(message, messageContext);
70          assertAddUsernameTokenPlainText(message);
71      }
72  
73      public void testAddUsernameTokenDigest() throws Exception {
74          Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", false, true);
75          interceptor.setSecurementUsername("Bert");
76          interceptor.setSecurementPassword("Ernie");
77          SoapMessage message = loadSoap11Message("empty-soap.xml");
78  
79          MessageContext messageContext = getSoap11MessageContext(message);
80          interceptor.secureMessage(message, messageContext);
81          assertAddUsernameTokenDigest(message);
82      }
83  
84      protected void assertValidateUsernameToken(SoapMessage message) throws Exception {
85          Object result = getMessage(message);
86          assertNotNull("No result returned", result);
87          assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
88                  getDocument(message));
89      }
90  
91      protected void assertAddUsernameTokenPlainText(SoapMessage message) throws Exception {
92          Object result = getMessage(message);
93          assertNotNull("No result returned", result);
94          Document doc = getDocument(message);
95          assertXpathEvaluatesTo("Invalid Username", "Bert",
96                  "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", doc);
97          assertXpathEvaluatesTo("Invalid Password", "Ernie",
98                  "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText']/text()",
99                  doc);
100     }
101 
102     protected void assertAddUsernameTokenDigest(SoapMessage message) throws Exception {
103         Object result = getMessage(message);
104         Document doc = getDocument(message);
105         assertNotNull("No result returned", result);
106         assertXpathEvaluatesTo("Invalid Username", "Bert",
107                 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", doc);
108         assertXpathExists("Password does not exist",
109                 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest']",
110                 doc);
111 
112     }
113 
114     protected Wss4jSecurityInterceptor prepareInterceptor(String actions, boolean validating, boolean digest)
115             throws Exception {
116         Wss4jSecurityInterceptor interceptor = new Wss4jSecurityInterceptor();
117         if (validating) {
118             interceptor.setValidationActions(actions);
119         }
120         else {
121             interceptor.setSecurementActions(actions);
122         }
123         SimplePasswordValidationCallbackHandler callbackHandler = new SimplePasswordValidationCallbackHandler();
124         callbackHandler.setUsers(users);
125         if (digest) {
126             interceptor.setSecurementPasswordType(WSConstants.PW_DIGEST);
127         }
128         else {
129             interceptor.setSecurementPasswordType(WSConstants.PW_TEXT);
130         }
131         interceptor.setValidationCallbackHandler(callbackHandler);
132         interceptor.afterPropertiesSet();
133         return interceptor;
134     }
135 }