XwssMessageInterceptorUsernameTokenTest xref


1   /*
2    * Copyright 2006 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.ws.soap.security.xwss;
18  
19  import javax.security.auth.callback.Callback;
20  import javax.security.auth.callback.CallbackHandler;
21  import javax.xml.soap.SOAPMessage;
22  
23  import com.sun.xml.wss.impl.callback.PasswordCallback;
24  import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
25  import com.sun.xml.wss.impl.callback.TimestampValidationCallback;
26  import com.sun.xml.wss.impl.callback.UsernameCallback;
27  import org.springframework.core.io.ClassPathResource;
28  import org.springframework.ws.soap.saaj.SaajSoapMessage;
29  import org.springframework.ws.soap.security.xwss.callback.AbstractCallbackHandler;
30  
31  public class XwssMessageInterceptorUsernameTokenTest extends XwssMessageInterceptorTestCase {
32  
33      public void testAddUsernameTokenDigest() throws Exception {
34          interceptor.setPolicyConfiguration(new ClassPathResource("usernameToken-digest-config.xml", getClass()));
35          CallbackHandler handler = new AbstractCallbackHandler() {
36  
37              protected void handleInternal(Callback callback) {
38                  if (callback instanceof UsernameCallback) {
39                      ((UsernameCallback) callback).setUsername("Bert");
40                  }
41                  else if (callback instanceof PasswordCallback) {
42                      PasswordCallback passwordCallback = (PasswordCallback) callback;
43                      passwordCallback.setPassword("Ernie");
44                  }
45                  else {
46                      fail("Unexpected callback");
47                  }
48              }
49          };
50          interceptor.setCallbackHandler(handler);
51          interceptor.afterPropertiesSet();
52          SaajSoapMessage message = loadSaajMessage("empty-soap.xml");
53          interceptor.secureMessage(message);
54          SOAPMessage result = message.getSaajMessage();
55          assertNotNull("No result returned", result);
56          assertXpathEvaluatesTo("Invalid Username", "Bert",
57                  "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", result);
58          assertXpathExists("Password does not exist",
59                  "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest']",
60                  result);
61      }
62  
63      public void testAddUsernameTokenPlainText() throws Exception {
64          interceptor.setPolicyConfiguration(new ClassPathResource("usernameToken-plainText-config.xml", getClass()));
65          CallbackHandler handler = new AbstractCallbackHandler() {
66  
67              protected void handleInternal(Callback callback) {
68                  if (callback instanceof UsernameCallback) {
69                      ((UsernameCallback) callback).setUsername("Bert");
70                  }
71                  else if (callback instanceof PasswordCallback) {
72                      PasswordCallback passwordCallback = (PasswordCallback) callback;
73                      passwordCallback.setPassword("Ernie");
74                  }
75                  else {
76                      fail("Unexpected callback");
77                  }
78              }
79          };
80          interceptor.setCallbackHandler(handler);
81          interceptor.afterPropertiesSet();
82          SaajSoapMessage message = loadSaajMessage("empty-soap.xml");
83          interceptor.secureMessage(message);
84          SOAPMessage result = message.getSaajMessage();
85          assertNotNull("No result returned", result);
86          assertXpathEvaluatesTo("Invalid Username", "Bert",
87                  "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", result);
88          assertXpathEvaluatesTo("Invalid Password", "Ernie",
89                  "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText']/text()",
90                  result);
91      }
92  
93      public void testValidateUsernameTokenPlainText() throws Exception {
94          interceptor
95                  .setPolicyConfiguration(new ClassPathResource("requireUsernameToken-plainText-config.xml", getClass()));
96          CallbackHandler handler = new AbstractCallbackHandler() {
97  
98              protected void handleInternal(Callback callback) {
99                  if (callback instanceof PasswordValidationCallback) {
100                     PasswordValidationCallback validationCallback = (PasswordValidationCallback) callback;
101                     validationCallback.setValidator(new PasswordValidationCallback.PasswordValidator() {
102                         public boolean validate(PasswordValidationCallback.Request request) {
103                             if (request instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
104                                 PasswordValidationCallback.PlainTextPasswordRequest passwordRequest =
105                                         (PasswordValidationCallback.PlainTextPasswordRequest) request;
106                                 assertEquals("Invalid username", "Bert", passwordRequest.getUsername());
107                                 assertEquals("Invalid password", "Ernie", passwordRequest.getPassword());
108                                 return true;
109                             }
110                             else {
111                                 fail("Unexpected request");
112                                 return false;
113                             }
114                         }
115                     });
116                 }
117                 else {
118                     fail("Unexpected callback");
119                 }
120             }
121         };
122         interceptor.setCallbackHandler(handler);
123         interceptor.afterPropertiesSet();
124         SaajSoapMessage message = loadSaajMessage("usernameTokenPlainText-soap.xml");
125         interceptor.validateMessage(message);
126         SOAPMessage result = message.getSaajMessage();
127         assertNotNull("No result returned", result);
128         assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security", result);
129     }
130 
131     public void testValidateUsernameTokenDigest() throws Exception {
132         interceptor.setPolicyConfiguration(new ClassPathResource("requireUsernameToken-digest-config.xml", getClass()));
133         CallbackHandler handler = new AbstractCallbackHandler() {
134 
135             protected void handleInternal(Callback callback) {
136                 if (callback instanceof PasswordValidationCallback) {
137                     PasswordValidationCallback validationCallback = (PasswordValidationCallback) callback;
138                     if (validationCallback.getRequest() instanceof PasswordValidationCallback.DigestPasswordRequest) {
139                         PasswordValidationCallback.DigestPasswordRequest passwordRequest =
140                                 (PasswordValidationCallback.DigestPasswordRequest) validationCallback.getRequest();
141                         assertEquals("Invalid username", "Bert", passwordRequest.getUsername());
142                         passwordRequest.setPassword("Ernie");
143                         validationCallback.setValidator(new PasswordValidationCallback.DigestPasswordValidator());
144                     }
145                     else {
146                         fail("Unexpected request");
147                     }
148                 }
149                 else if (callback instanceof TimestampValidationCallback) {
150                     TimestampValidationCallback validationCallback = (TimestampValidationCallback) callback;
151                     validationCallback.setValidator(new TimestampValidationCallback.TimestampValidator() {
152                         public void validate(TimestampValidationCallback.Request request) {
153                         }
154                     });
155                 }
156                 else {
157                     fail("Unexpected callback");
158                 }
159             }
160         };
161         interceptor.setCallbackHandler(handler);
162         interceptor.afterPropertiesSet();
163         SaajSoapMessage message = loadSaajMessage("usernameTokenDigest-soap.xml");
164         interceptor.validateMessage(message);
165         SOAPMessage result = message.getSaajMessage();
166         assertNotNull("No result returned", result);
167         assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security", result);
168     }
169 
170 }