XwssMessageInterceptorUsernameTokenTest xref


1   /*
2    * Copyright 2006 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.ws.soap.security.xwss;
18  
19  import javax.security.auth.callback.Callback;
20  import javax.security.auth.callback.CallbackHandler;
21  import javax.xml.soap.SOAPMessage;
22  
23  import com.sun.xml.wss.impl.callback.PasswordCallback;
24  import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
25  import com.sun.xml.wss.impl.callback.TimestampValidationCallback;
26  import com.sun.xml.wss.impl.callback.UsernameCallback;
27  
28  import org.springframework.core.io.ClassPathResource;
29  import org.springframework.ws.soap.saaj.SaajSoapMessage;
30  import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;
31  
32  public class XwssMessageInterceptorUsernameTokenTest extends AbstractXwssMessageInterceptorTestCase {
33  
34      public void testAddUsernameTokenDigest() throws Exception {
35          interceptor.setPolicyConfiguration(new ClassPathResource("usernameToken-digest-config.xml", getClass()));
36          CallbackHandler handler = new AbstractCallbackHandler() {
37  
38              protected void handleInternal(Callback callback) {
39                  if (callback instanceof UsernameCallback) {
40                      ((UsernameCallback) callback).setUsername("Bert");
41                  }
42                  else if (callback instanceof PasswordCallback) {
43                      PasswordCallback passwordCallback = (PasswordCallback) callback;
44                      passwordCallback.setPassword("Ernie");
45                  }
46                  else {
47                      fail("Unexpected callback");
48                  }
49              }
50          };
51          interceptor.setCallbackHandler(handler);
52          interceptor.afterPropertiesSet();
53          SaajSoapMessage message = loadSaajMessage("empty-soap.xml");
54          interceptor.secureMessage(message, null);
55          SOAPMessage result = message.getSaajMessage();
56          assertNotNull("No result returned", result);
57          assertXpathEvaluatesTo("Invalid Username", "Bert",
58                  "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", result);
59          assertXpathExists("Password does not exist",
60                  "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest']",
61                  result);
62      }
63  
64      public void testAddUsernameTokenPlainText() throws Exception {
65          interceptor.setPolicyConfiguration(new ClassPathResource("usernameToken-plainText-config.xml", getClass()));
66          CallbackHandler handler = new AbstractCallbackHandler() {
67  
68              protected void handleInternal(Callback callback) {
69                  if (callback instanceof UsernameCallback) {
70                      ((UsernameCallback) callback).setUsername("Bert");
71                  }
72                  else if (callback instanceof PasswordCallback) {
73                      PasswordCallback passwordCallback = (PasswordCallback) callback;
74                      passwordCallback.setPassword("Ernie");
75                  }
76                  else {
77                      fail("Unexpected callback");
78                  }
79              }
80          };
81          interceptor.setCallbackHandler(handler);
82          interceptor.afterPropertiesSet();
83          SaajSoapMessage message = loadSaajMessage("empty-soap.xml");
84          interceptor.secureMessage(message, null);
85          SOAPMessage result = message.getSaajMessage();
86          assertNotNull("No result returned", result);
87          assertXpathEvaluatesTo("Invalid Username", "Bert",
88                  "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", result);
89          assertXpathEvaluatesTo("Invalid Password", "Ernie",
90                  "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText']/text()",
91                  result);
92      }
93  
94      public void testValidateUsernameTokenPlainText() throws Exception {
95          interceptor
96                  .setPolicyConfiguration(new ClassPathResource("requireUsernameToken-plainText-config.xml", getClass()));
97          CallbackHandler handler = new AbstractCallbackHandler() {
98  
99              protected void handleInternal(Callback callback) {
100                 if (callback instanceof PasswordValidationCallback) {
101                     PasswordValidationCallback validationCallback = (PasswordValidationCallback) callback;
102                     validationCallback.setValidator(new PasswordValidationCallback.PasswordValidator() {
103                         public boolean validate(PasswordValidationCallback.Request request) {
104                             if (request instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
105                                 PasswordValidationCallback.PlainTextPasswordRequest passwordRequest =
106                                         (PasswordValidationCallback.PlainTextPasswordRequest) request;
107                                 assertEquals("Invalid username", "Bert", passwordRequest.getUsername());
108                                 assertEquals("Invalid password", "Ernie", passwordRequest.getPassword());
109                                 return true;
110                             }
111                             else {
112                                 fail("Unexpected request");
113                                 return false;
114                             }
115                         }
116                     });
117                 }
118                 else {
119                     fail("Unexpected callback");
120                 }
121             }
122         };
123         interceptor.setCallbackHandler(handler);
124         interceptor.afterPropertiesSet();
125         SaajSoapMessage message = loadSaajMessage("usernameTokenPlainText-soap.xml");
126         interceptor.validateMessage(message, null);
127         SOAPMessage result = message.getSaajMessage();
128         assertNotNull("No result returned", result);
129         assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security", result);
130     }
131 
132     public void testValidateUsernameTokenDigest() throws Exception {
133         interceptor.setPolicyConfiguration(new ClassPathResource("requireUsernameToken-digest-config.xml", getClass()));
134         CallbackHandler handler = new AbstractCallbackHandler() {
135 
136             protected void handleInternal(Callback callback) {
137                 if (callback instanceof PasswordValidationCallback) {
138                     PasswordValidationCallback validationCallback = (PasswordValidationCallback) callback;
139                     if (validationCallback.getRequest() instanceof PasswordValidationCallback.DigestPasswordRequest) {
140                         PasswordValidationCallback.DigestPasswordRequest passwordRequest =
141                                 (PasswordValidationCallback.DigestPasswordRequest) validationCallback.getRequest();
142                         assertEquals("Invalid username", "Bert", passwordRequest.getUsername());
143                         passwordRequest.setPassword("Ernie");
144                         validationCallback.setValidator(new PasswordValidationCallback.DigestPasswordValidator());
145                     }
146                     else {
147                         fail("Unexpected request");
148                     }
149                 }
150                 else if (callback instanceof TimestampValidationCallback) {
151                     TimestampValidationCallback validationCallback = (TimestampValidationCallback) callback;
152                     validationCallback.setValidator(new TimestampValidationCallback.TimestampValidator() {
153                         public void validate(TimestampValidationCallback.Request request) {
154                         }
155                     });
156                 }
157                 else {
158                     fail("Unexpected callback");
159                 }
160             }
161         };
162         interceptor.setCallbackHandler(handler);
163         interceptor.afterPropertiesSet();
164         SaajSoapMessage message = loadSaajMessage("usernameTokenDigest-soap.xml");
165         interceptor.validateMessage(message, null);
166         SOAPMessage result = message.getSaajMessage();
167         assertNotNull("No result returned", result);
168         assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security", result);
169     }
170 
171 }