Wss4jMessageInterceptorUsernameTokenTestCase xref


1   /*
2    * Copyright 2005-2010 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.ws.soap.security.wss4j;
18  
19  import java.util.Properties;
20  
21  import org.springframework.ws.context.DefaultMessageContext;
22  import org.springframework.ws.context.MessageContext;
23  import org.springframework.ws.soap.SoapMessage;
24  import org.springframework.ws.soap.security.wss4j.callback.SimplePasswordValidationCallbackHandler;
25  
26  import org.apache.ws.security.WSConstants;
27  import org.junit.Test;
28  import org.w3c.dom.Document;
29  
30  import static org.junit.Assert.assertNotNull;
31  
32  public abstract class Wss4jMessageInterceptorUsernameTokenTestCase extends Wss4jTestCase {
33  
34      private Properties users = new Properties();
35  
36      @Override
37      protected void onSetup() throws Exception {
38          users.setProperty("Bert", "Ernie");
39      }
40  
41      @Test
42      public void testValidateUsernameTokenPlainText() throws Exception {
43          Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, false);
44          SoapMessage message = loadSoap11Message("usernameTokenPlainText-soap.xml");
45          MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
46          interceptor.validateMessage(message, messageContext);
47          assertValidateUsernameToken(message);
48      }
49  
50      @Test
51      public void testValidateUsernameTokenDigest() throws Exception {
52          Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, true);
53          SoapMessage message = loadSoap11Message("usernameTokenDigest-soap.xml");
54          MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
55          interceptor.validateMessage(message, messageContext);
56          assertValidateUsernameToken(message);
57      }
58  
59      @Test
60      public void testValidateUsernameTokenWithQualifiedType() throws Exception {
61          Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", true, false);
62          SoapMessage message = loadSoap11Message("usernameTokenPlainTextQualifiedType-soap.xml");
63          MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
64          interceptor.validateMessage(message, messageContext);
65          assertValidateUsernameToken(message);
66      }
67  
68      @Test
69      public void testAddUsernameTokenPlainText() throws Exception {
70          Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", false, false);
71          interceptor.setSecurementUsername("Bert");
72          interceptor.setSecurementPassword("Ernie");
73          SoapMessage message = loadSoap11Message("empty-soap.xml");
74  
75          MessageContext messageContext = getSoap11MessageContext(message);
76  
77          interceptor.secureMessage(message, messageContext);
78          assertAddUsernameTokenPlainText(message);
79      }
80  
81      @Test
82      public void testAddUsernameTokenDigest() throws Exception {
83          Wss4jSecurityInterceptor interceptor = prepareInterceptor("UsernameToken", false, true);
84          interceptor.setSecurementUsername("Bert");
85          interceptor.setSecurementPassword("Ernie");
86          SoapMessage message = loadSoap11Message("empty-soap.xml");
87  
88          MessageContext messageContext = getSoap11MessageContext(message);
89          interceptor.secureMessage(message, messageContext);
90          assertAddUsernameTokenDigest(message);
91      }
92  
93      protected void assertValidateUsernameToken(SoapMessage message) throws Exception {
94          Object result = getMessage(message);
95          assertNotNull("No result returned", result);
96          assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
97                  getDocument(message));
98      }
99  
100     protected void assertAddUsernameTokenPlainText(SoapMessage message) throws Exception {
101         Object result = getMessage(message);
102         assertNotNull("No result returned", result);
103         Document doc = getDocument(message);
104         assertXpathEvaluatesTo("Invalid Username", "Bert",
105                 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", doc);
106         assertXpathEvaluatesTo("Invalid Password", "Ernie",
107                 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText']/text()",
108                 doc);
109     }
110 
111     protected void assertAddUsernameTokenDigest(SoapMessage message) throws Exception {
112         Object result = getMessage(message);
113         Document doc = getDocument(message);
114         assertNotNull("No result returned", result);
115         assertXpathEvaluatesTo("Invalid Username", "Bert",
116                 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Username/text()", doc);
117         assertXpathExists("Password does not exist",
118                 "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security/wsse:UsernameToken/wsse:Password[@Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest']",
119                 doc);
120 
121     }
122 
123     protected Wss4jSecurityInterceptor prepareInterceptor(String actions, boolean validating, boolean digest)
124             throws Exception {
125         Wss4jSecurityInterceptor interceptor = new Wss4jSecurityInterceptor();
126         if (validating) {
127             interceptor.setValidationActions(actions);
128         }
129         else {
130             interceptor.setSecurementActions(actions);
131         }
132         SimplePasswordValidationCallbackHandler callbackHandler = new SimplePasswordValidationCallbackHandler();
133         callbackHandler.setUsers(users);
134         if (digest) {
135             interceptor.setSecurementPasswordType(WSConstants.PW_DIGEST);
136         }
137         else {
138             interceptor.setSecurementPasswordType(WSConstants.PW_TEXT);
139         }
140         interceptor.setValidationCallbackHandler(callbackHandler);
141         interceptor.afterPropertiesSet();
142         return interceptor;
143     }
144 }