Skip to content
Permalink
Browse files
Another EncryptBeforeSigning fix
git-svn-id: https://svn.apache.org/repos/asf/cxf/trunk@1564724 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information
coheigea committed Feb 5, 2014
1 parent 0c77f4f commit 5df3f72f1a26b7c9ac2888ab65e41f4105706580
Show file tree
Hide file tree
Showing 6 changed files with 112 additions and 1 deletion.
@@ -252,7 +252,7 @@ private void doEncryptBeforeSign() {
this.addDerivedKeyElement(secondRefList);
} else if (!secondEncrParts.isEmpty()) {
//Encrypt, get hold of the ref list and add it
secondRefList = ((WSSecEncrypt)encr).encryptForRef(null, encrParts);
secondRefList = ((WSSecEncrypt)encr).encryptForRef(null, secondEncrParts);
this.addDerivedKeyElement(secondRefList);
}
}
@@ -768,6 +768,33 @@ public void testAsymmetricUsernameToken() throws Exception {
bus.shutdown(true);
}

@org.junit.Test
public void testSymmetricUsernameToken() throws Exception {

SpringBusFactory bf = new SpringBusFactory();
URL busFile = X509TokenTest.class.getResource("client.xml");

Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);

URL wsdl = X509TokenTest.class.getResource("DoubleItX509.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSymmetricUsernameTokenPort");
DoubleItPortType x509Port =
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(x509Port, test.getPort());

if (test.isStreaming()) {
SecurityTestUtil.enableStreaming(x509Port);
}

x509Port.doubleIt(25);

((java.io.Closeable)x509Port).close();
bus.shutdown(true);
}

@org.junit.Test
public void testSymmetricProtectTokens() throws Exception {

@@ -415,6 +415,24 @@
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
<wsdl:binding name="DoubleItSymmetricUsernameTokenBinding" type="tns:DoubleItPortType">
<wsp:PolicyReference URI="#DoubleItSymmetricUsernameTokenPolicy"/>
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="DoubleIt">
<soap:operation soapAction=""/>
<wsdl:input>
<soap:body use="literal"/>
<wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal"/>
<wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
</wsdl:output>
<wsdl:fault name="DoubleItFault">
<soap:body use="literal" name="DoubleItFault"/>
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
<wsdl:binding name="DoubleItSymmetricProtectTokensBinding" type="tns:DoubleItPortType">
<wsp:PolicyReference URI="#DoubleItSymmetricProtectTokensPolicy"/>
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
@@ -641,6 +659,9 @@
<wsdl:port name="DoubleItAsymmetricUsernameTokenPort" binding="tns:DoubleItAsymmetricUsernameTokenBinding">
<soap:address location="http://localhost:9001/DoubleItX509AsymmetricUsernameToken"/>
</wsdl:port>
<wsdl:port name="DoubleItSymmetricUsernameTokenPort" binding="tns:DoubleItSymmetricUsernameTokenBinding">
<soap:address location="http://localhost:9001/DoubleItX509SymmetricUsernameToken"/>
</wsdl:port>
<wsdl:port name="DoubleItSymmetricProtectTokensPort" binding="tns:DoubleItSymmetricProtectTokensBinding">
<soap:address location="http://localhost:9001/DoubleItX509SymmetricProtect"/>
</wsdl:port>
@@ -1390,6 +1411,48 @@
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="DoubleItSymmetricUsernameTokenPolicy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SymmetricBinding>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token11/>
<sp:RequireThumbprintReference/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
<sp:EncryptBeforeSigning/>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:EncryptedSupportingTokens>
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken11/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:EncryptedSupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="DoubleItSymmetricProtectTokensPolicy">
<wsp:ExactlyOne>
<wsp:All>
@@ -230,6 +230,14 @@
<entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
</jaxws:properties>
</jaxws:client>
<jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSymmetricUsernameTokenPort" createdFromAPI="true">
<jaxws:properties>
<entry key="ws-security.encryption.properties" value="bob.properties"/>
<entry key="ws-security.encryption.username" value="bob"/>
<entry key="ws-security.username" value="alice"/>
<entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
</jaxws:properties>
</jaxws:client>
<jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSymmetricProtectTokensPort" createdFromAPI="true">
<jaxws:properties>
<entry key="ws-security.encryption.properties" value="bob.properties"/>
@@ -238,6 +238,12 @@
<entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/>
</jaxws:properties>
</jaxws:endpoint>
<jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SymmetricUsernameToken" address="http://localhost:${testutil.ports.Server}/DoubleItX509SymmetricUsernameToken" serviceName="s:DoubleItService" endpointName="s:DoubleItSymmetricUsernameTokenPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl">
<jaxws:properties>
<entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
<entry key="ws-security.signature.properties" value="bob.properties"/>
</jaxws:properties>
</jaxws:endpoint>
<jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SymmetricProtectTokens" address="http://localhost:${testutil.ports.Server}/DoubleItX509SymmetricProtect" serviceName="s:DoubleItService" endpointName="s:DoubleItSymmetricProtectTokensPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl">
<jaxws:properties>
<entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
@@ -263,6 +263,13 @@
<entry key="ws-security.enable.streaming" value="true"/>
</jaxws:properties>
</jaxws:endpoint>
<jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SymmetricUsernameToken" address="http://localhost:${testutil.ports.StaxServer}/DoubleItX509SymmetricUsernameToken" serviceName="s:DoubleItService" endpointName="s:DoubleItSymmetricUsernameTokenPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl">
<jaxws:properties>
<entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
<entry key="ws-security.signature.properties" value="bob.properties"/>
<entry key="ws-security.enable.streaming" value="true"/>
</jaxws:properties>
</jaxws:endpoint>
<jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SymmetricProtectTokens" address="http://localhost:${testutil.ports.StaxServer}/DoubleItX509SymmetricProtect" serviceName="s:DoubleItService" endpointName="s:DoubleItSymmetricProtectTokensPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl">
<jaxws:properties>
<entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>

0 comments on commit 5df3f72

Please sign in to comment.