1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.xwss.callback;
18
19 import java.io.InputStream;
20 import java.security.KeyStore;
21 import java.security.cert.X509Certificate;
22
23 import com.sun.xml.wss.impl.callback.CertificateValidationCallback;
24 import junit.framework.TestCase;
25 import org.easymock.MockControl;
26
27 import org.springframework.core.io.ClassPathResource;
28 import org.springframework.security.AuthenticationManager;
29 import org.springframework.security.BadCredentialsException;
30 import org.springframework.security.GrantedAuthority;
31 import org.springframework.security.context.SecurityContextHolder;
32 import org.springframework.security.providers.TestingAuthenticationToken;
33 import org.springframework.security.providers.x509.X509AuthenticationToken;
34 import org.springframework.ws.soap.security.callback.CleanupCallback;
35
36 public class SpringCertificateValidationCallbackHandlerTest extends TestCase {
37
38 private SpringCertificateValidationCallbackHandler callbackHandler;
39
40 private MockControl control;
41
42 private AuthenticationManager mock;
43
44 private X509Certificate certificate;
45
46 private CertificateValidationCallback callback;
47
48 protected void setUp() throws Exception {
49 callbackHandler = new SpringCertificateValidationCallbackHandler();
50 control = MockControl.createControl(AuthenticationManager.class);
51 mock = (AuthenticationManager) control.getMock();
52 callbackHandler.setAuthenticationManager(mock);
53 KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
54 InputStream is = null;
55 try {
56 is = new ClassPathResource("/org/springframework/ws/soap/security/xwss/test-keystore.jks").getInputStream();
57 keyStore.load(is, "password".toCharArray());
58 }
59 finally {
60 if (is != null) {
61 is.close();
62 }
63 }
64 certificate = (X509Certificate) keyStore.getCertificate("alias");
65 callback = new CertificateValidationCallback(certificate);
66 }
67
68 protected void tearDown() throws Exception {
69 SecurityContextHolder.clearContext();
70 }
71
72 public void testValidateCertificateValid() throws Exception {
73 mock.authenticate(new X509AuthenticationToken(certificate));
74 control.setMatcher(MockControl.ALWAYS_MATCHER);
75 control.setReturnValue(new TestingAuthenticationToken(certificate, null, new GrantedAuthority[0]));
76 control.replay();
77 callbackHandler.handleInternal(callback);
78 boolean authenticated = callback.getResult();
79 assertTrue("Not authenticated", authenticated);
80 assertNotNull("No Authentication created", SecurityContextHolder.getContext().getAuthentication());
81 control.verify();
82 }
83
84 public void testValidateCertificateInvalid() throws Exception {
85 mock.authenticate(new X509AuthenticationToken(certificate));
86 control.setMatcher(MockControl.ALWAYS_MATCHER);
87 control.setThrowable(new BadCredentialsException(""));
88 control.replay();
89 callbackHandler.handleInternal(callback);
90 boolean authenticated = callback.getResult();
91 assertFalse("Authenticated", authenticated);
92 assertNull("Authentication created", SecurityContextHolder.getContext().getAuthentication());
93 control.verify();
94 }
95
96 public void testCleanUp() throws Exception {
97 TestingAuthenticationToken authentication =
98 new TestingAuthenticationToken(new Object(), new Object(), new GrantedAuthority[0]);
99 SecurityContextHolder.getContext().setAuthentication(authentication);
100
101 CleanupCallback cleanupCallback = new CleanupCallback();
102 callbackHandler.handleInternal(cleanupCallback);
103 assertNull("Authentication created", SecurityContextHolder.getContext().getAuthentication());
104 }
105
106 }