1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.wss4j;
18
19 import java.util.Properties;
20
21 import org.apache.ws.security.WSConstants;
22 import org.easymock.MockControl;
23
24 import org.springframework.security.Authentication;
25 import org.springframework.security.AuthenticationManager;
26 import org.springframework.security.GrantedAuthority;
27 import org.springframework.security.context.SecurityContextHolder;
28 import org.springframework.security.providers.TestingAuthenticationToken;
29 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
30 import org.springframework.security.userdetails.memory.InMemoryDaoImpl;
31 import org.springframework.ws.context.DefaultMessageContext;
32 import org.springframework.ws.context.MessageContext;
33 import org.springframework.ws.server.EndpointInterceptor;
34 import org.springframework.ws.soap.SoapMessage;
35 import org.springframework.ws.soap.security.wss4j.callback.SpringDigestPasswordValidationCallbackHandler;
36 import org.springframework.ws.soap.security.wss4j.callback.SpringPlainTextPasswordValidationCallbackHandler;
37
38 public abstract class Wss4jMessageInterceptorSpringSecurityCallbackHandlerTestCase extends Wss4jTestCase {
39
40 private Properties users = new Properties();
41
42 private MockControl control;
43
44 private AuthenticationManager mock;
45
46 protected void onSetup() throws Exception {
47 control = MockControl.createControl(AuthenticationManager.class);
48 mock = (AuthenticationManager) control.getMock();
49 users.setProperty("Bert", "Ernie,ROLE_TEST");
50 }
51
52 protected void tearDown() throws Exception {
53 control.verify();
54 SecurityContextHolder.clearContext();
55 }
56
57 public void testValidateUsernameTokenPlainText() throws Exception {
58 EndpointInterceptor interceptor = prepareInterceptor("UsernameToken", true, false);
59 SoapMessage message = loadSoap11Message("usernameTokenPlainText-soap.xml");
60 MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
61 interceptor.handleRequest(messageContext, null);
62 assertValidateUsernameToken(message);
63
64
65 messageContext.getResponse();
66 interceptor.handleResponse(messageContext, null);
67 assertNull("Authentication created", SecurityContextHolder.getContext().getAuthentication());
68 }
69
70 public void testValidateUsernameTokenDigest() throws Exception {
71 EndpointInterceptor interceptor = prepareInterceptor("UsernameToken", true, true);
72 SoapMessage message = loadSoap11Message("usernameTokenDigest-soap.xml");
73 MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
74 interceptor.handleRequest(messageContext, null);
75 assertValidateUsernameToken(message);
76
77
78 messageContext.getResponse();
79 interceptor.handleResponse(messageContext, null);
80 assertNull("Authentication created", SecurityContextHolder.getContext().getAuthentication());
81 }
82
83 protected void assertValidateUsernameToken(SoapMessage message) throws Exception {
84 Object result = getMessage(message);
85 assertNotNull("No result returned", result);
86 assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
87 getDocument(message));
88 assertNotNull("No Authentication created", SecurityContextHolder.getContext().getAuthentication());
89 }
90
91 protected EndpointInterceptor prepareInterceptor(String actions, boolean validating, boolean digest)
92 throws Exception {
93 Wss4jSecurityInterceptor interceptor = new Wss4jSecurityInterceptor();
94 if (validating) {
95 interceptor.setValidationActions(actions);
96 }
97 else {
98 interceptor.setSecurementActions(actions);
99 }
100 if (digest) {
101 SpringDigestPasswordValidationCallbackHandler callbackHandler =
102 new SpringDigestPasswordValidationCallbackHandler();
103 InMemoryDaoImpl userDetailsService = new InMemoryDaoImpl();
104 userDetailsService.setUserProperties(users);
105 userDetailsService.afterPropertiesSet();
106 callbackHandler.setUserDetailsService(userDetailsService);
107 interceptor.setSecurementPasswordType(WSConstants.PW_DIGEST);
108 interceptor.setValidationCallbackHandler(callbackHandler);
109 interceptor.afterPropertiesSet();
110 }
111 else {
112 SpringPlainTextPasswordValidationCallbackHandler callbackHandler =
113 new SpringPlainTextPasswordValidationCallbackHandler();
114 Authentication authResult = new TestingAuthenticationToken("Bert", "Ernie", new GrantedAuthority[0]);
115 control.expectAndReturn(mock.authenticate(new UsernamePasswordAuthenticationToken("Bert", "Ernie")),
116 authResult);
117 callbackHandler.setAuthenticationManager(mock);
118 callbackHandler.afterPropertiesSet();
119 interceptor.setSecurementPasswordType(WSConstants.PW_TEXT);
120 interceptor.setValidationCallbackHandler(callbackHandler);
121 interceptor.afterPropertiesSet();
122 }
123 control.replay();
124 return interceptor;
125 }
126 }