1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.soap.security.wss4j;
18
19 import java.util.Properties;
20
21 import org.springframework.ws.context.DefaultMessageContext;
22 import org.springframework.ws.context.MessageContext;
23 import org.springframework.ws.soap.SoapMessage;
24 import org.springframework.ws.soap.security.wss4j.callback.SimplePasswordValidationCallbackHandler;
25
26 import org.apache.ws.security.WSConstants;
27 import org.junit.Test;
28 import org.w3c.dom.Document;
29
30 import static org.junit.Assert.assertNotNull;
31
32 public abstract class Wss4jMessageInterceptorUsernameTokenTestCase extends Wss4jTestCase {
33
34 private Properties users = new Properties();
35
36 @Override
37 protected void onSetup() throws Exception {
38 users.setProperty("Bert", "Ernie");
39 }
40
41 @Test
42 public void testValidateUsernameTokenPlainText() throws Exception {
43 Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, false);
44 SoapMessage message = loadSoap11Message("usernameTokenPlainText-soap.xml");
45 MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
46 interceptor.validateMessage(message, messageContext);
47 assertValidateUsernameToken(message);
48 }
49
50 @Test
51 public void testValidateUsernameTokenDigest() throws Exception {
52 Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, true);
53 SoapMessage message = loadSoap11Message("usernameTokenDigest-soap.xml");
54 MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
55 interceptor.validateMessage(message, messageContext);
56 assertValidateUsernameToken(message);
57 }
58
59 @Test
60 public void testValidateUsernameTokenWithQualifiedType() throws Exception {
61 Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, false);
62 SoapMessage message = loadSoap11Message("usernameTokenPlainTextQualifiedType-soap.xml");
63 MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
64 interceptor.validateMessage(message, messageContext);
65 assertValidateUsernameToken(message);
66 }
67
68 @Test
69 public void testAddUsernameTokenPlainText() throws Exception {
70 Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", false, false);
71 interceptor.setSecurementUsername("Bert");
72 interceptor.setSecurementPassword("Ernie");
73 SoapMessage message = loadSoap11Message("empty-soap.xml");
74
75 MessageContext messageContext = getSoap11MessageContext(message);
76
77 interceptor.secureMessage(message, messageContext);
78 assertAddUsernameTokenPlainText(message);
79 }
80
81 @Test
82 public void testAddUsernameTokenDigest() throws Exception {
83 Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", false, true);
84 interceptor.setSecurementUsername("Bert");
85 interceptor.setSecurementPassword("Ernie");
86 SoapMessage message = loadSoap11Message("empty-soap.xml");
87
88 MessageContext messageContext = getSoap11MessageContext(message);
89 interceptor.secureMessage(message, messageContext);
90 assertAddUsernameTokenDigest(message);
91 }
92
93 protected void assertValidateUsernameToken(SoapMessage message) throws Exception {
94 Object result = getMessage(message);
95 assertNotNull("No result returned", result);
96 assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
97 getDocument(message));
98 }
99
100 protected void assertAddUsernameTokenPlainText(SoapMessage message) throws Exception {
101 Object result = getMessage(message);
102 assertNotNull("No result returned", result);
103 Document doc = getDocument(message);
104 assertXpathEvaluatesTo("Invalid Username", "Bert",
105 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", doc);
106 assertXpathEvaluatesTo("Invalid Password", "Ernie",
107 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText']/text()",
108 doc);
109 }
110
111 protected void assertAddUsernameTokenDigest(SoapMessage message) throws Exception {
112 Object result = getMessage(message);
113 Document doc = getDocument(message);
114 assertNotNull("No result returned", result);
115 assertXpathEvaluatesTo("Invalid Username", "Bert",
116 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", doc);
117 assertXpathExists("Password does not exist",
118 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest']",
119 doc);
120
121 }
122
123 protected Wss4jSecurityInterceptor prepareInterceptor(String actions, boolean validating, boolean digest)
124 throws Exception {
125 Wss4jSecurityInterceptor interceptor = new Wss4jSecurityInterceptor();
126 if (validating) {
127 interceptor.setValidationActions(actions);
128 }
129 else {
130 interceptor.setSecurementActions(actions);
131 }
132 SimplePasswordValidationCallbackHandler callbackHandler = new SimplePasswordValidationCallbackHandler();
133 callbackHandler.setUsers(users);
134 if (digest) {
135 interceptor.setSecurementPasswordType(WSConstants.PW_DIGEST);
136 }
137 else {
138 interceptor.setSecurementPasswordType(WSConstants.PW_TEXT);
139 }
140 interceptor.setValidationCallbackHandler(callbackHandler);
141 interceptor.afterPropertiesSet();
142 return interceptor;
143 }
144 }