1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.wss4j;
18
19 import java.util.Properties;
20
21 import org.springframework.ws.WebServiceMessage;
22 import org.springframework.ws.context.DefaultMessageContext;
23 import org.springframework.ws.context.MessageContext;
24 import org.springframework.ws.soap.SoapMessage;
25 import org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean;
26
27 import org.junit.Test;
28 import org.w3c.dom.Document;
29
30 import static org.junit.Assert.assertNotNull;
31
32 public abstract class Wss4jMessageInterceptorSignTestCase extends Wss4jTestCase {
33
34 protected Wss4jSecurityInterceptor interceptor;
35
36 @Override
37 protected void onSetup() throws Exception {
38 interceptor = new Wss4jSecurityInterceptor();
39 interceptor.setValidationActions("Signature");
40
41 CryptoFactoryBean cryptoFactoryBean = new CryptoFactoryBean();
42 Properties cryptoFactoryBeanConfig = new Properties();
43 cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.provider",
44 "org.apache.ws.security.components.crypto.Merlin");
45 cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "jceks");
46 cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "123456");
47
48
49 cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.merlin.file", "private.jks");
50 cryptoFactoryBean.setConfiguration(cryptoFactoryBeanConfig);
51 cryptoFactoryBean.afterPropertiesSet();
52 interceptor.setValidationSignatureCrypto(cryptoFactoryBean
53 .getObject());
54 interceptor.setSecurementSignatureCrypto(cryptoFactoryBean
55 .getObject());
56 interceptor.afterPropertiesSet();
57
58 }
59
60 @Test
61 public void testValidateCertificate() throws Exception {
62 SoapMessage message = loadSoap11Message("signed-soap.xml");
63
64 MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
65 interceptor.validateMessage(message, messageContext);
66 Object result = getMessage(message);
67 assertNotNull("No result returned", result);
68 assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
69 getDocument(message));
70 }
71
72 @Test
73 public void testValidateCertificateWithSignatureConfirmation() throws Exception {
74 SoapMessage message = loadSoap11Message("signed-soap.xml");
75 MessageContext messageContext = getSoap11MessageContext(message);
76 interceptor.setEnableSignatureConfirmation(true);
77 interceptor.validateMessage(message, messageContext);
78 WebServiceMessage response = messageContext.getResponse();
79 interceptor.secureMessage(message, messageContext);
80 assertNotNull("No result returned", response);
81 Document document = getDocument((SoapMessage) response);
82 assertXpathExists("Absent SignatureConfirmation element",
83 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse11:SignatureConfirmation", document);
84 }
85
86 @Test
87 public void testSignResponse() throws Exception {
88 interceptor.setSecurementActions("Signature");
89 interceptor.setEnableSignatureConfirmation(false);
90 interceptor.setSecurementPassword("123456");
91 interceptor.setSecurementUsername("rsaKey");
92 SoapMessage message = loadSoap11Message("empty-soap.xml");
93 MessageContext messageContext = getSoap11MessageContext(message);
94
95
96
97 interceptor.secureMessage(message, messageContext);
98
99 Document document = getDocument(message);
100 assertXpathExists("Absent SignatureConfirmation element",
101 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/ds:Signature", document);
102
103
104 }
105
106 @Test
107 public void testSignResponseWithSignatureUser() throws Exception {
108 interceptor.setSecurementActions("Signature");
109 interceptor.setEnableSignatureConfirmation(false);
110 interceptor.setSecurementPassword("123456");
111 interceptor.setSecurementSignatureUser("rsaKey");
112 SoapMessage message = loadSoap11Message("empty-soap.xml");
113 MessageContext messageContext = getSoap11MessageContext(message);
114
115 interceptor.secureMessage(message, messageContext);
116
117 Document document = getDocument(message);
118 assertXpathExists("Absent SignatureConfirmation element",
119 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/ds:Signature", document);
120
121
122 }
123 }