ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1468368 - in /webservices/wss4j/trunk: ws-security-dom/src/main/java/org/apache/wss4j/dom/action/ ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/ ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ ws-security-stax/src/...
Date Tue, 16 Apr 2013 11:11:40 GMT
Author: coheigea
Date: Tue Apr 16 11:11:39 2013
New Revision: 1468368

URL: http://svn.apache.org/r1468368
Log:
Added a common way of adding Nonce + Created Elements to (plaintext) UsernameTokens

Modified:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandlerConstants.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSSecurityProperties.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/UsernameTokenTest.java

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java?rev=1468368&r1=1468367&r2=1468368&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java
Tue Apr 16 11:11:39 2013
@@ -48,18 +48,14 @@ public class UsernameTokenAction impleme
         builder.setPasswordsAreEncoded(reqData.getWssConfig().getPasswordsAreEncoded());
         builder.setUserInfo(username, password);
 
-        if (reqData.getUtElements() != null && reqData.getUtElements().length >
0) {
-            for (int j = 0; j < reqData.getUtElements().length; j++) {
-                String utElement = reqData.getUtElements()[j].trim();
-                if (utElement.equals("Nonce")) {
-                    builder.addNonce();
-                }
-                if (utElement.equals("Created")) {
-                    builder.addCreated();
-                }
-                reqData.getUtElements()[j] = null;
-            }
+        if (reqData.isAddUsernameTokenNonce()) {
+            builder.addNonce();
         }
+        
+        if (reqData.isAddUsernameTokenCreated()) {
+            builder.addCreated();
+        }
+
         builder.build(doc, reqData.getSecHeader());        
     }
 }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java?rev=1468368&r1=1468367&r2=1468368&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
Tue Apr 16 11:11:39 2013
@@ -58,7 +58,6 @@ public class RequestData {
     private String actor;
     private String username ;
     private String pwType = WSConstants.PASSWORD_DIGEST; // Make this the default when no
password type is given.
-    private String[] utElements;
     private Crypto sigCrypto;
     private Crypto sigVerCrypto;
     private Crypto encCrypto;
@@ -97,6 +96,8 @@ public class RequestData {
     private AlgorithmSuite samlAlgorithmSuite;
     private boolean disableBSPEnforcement;
     private boolean allowRSA15KeyTransportAlgorithm;
+    private boolean addUsernameTokenNonce;
+    private boolean addUsernameTokenCreated;
 
     public void clear() {
         soapConstants = null;
@@ -105,7 +106,6 @@ public class RequestData {
         signatureParts.clear();
         encryptParts.clear();
         encCert = null;
-        utElements = null;
         wssConfig = null;
         signatureValues.clear();
         signatureDigestAlgorithm = null;
@@ -127,6 +127,8 @@ public class RequestData {
         setOriginalSignatureActionPosition(0);
         setDisableBSPEnforcement(false);
         allowRSA15KeyTransportAlgorithm = false;
+        setAddUsernameTokenNonce(false);
+        setAddUsernameTokenCreated(false);
     }
 
     public Object getMsgContext() {
@@ -185,14 +187,6 @@ public class RequestData {
         this.pwType = pwType;
     }
 
-    public String[] getUtElements() {
-        return utElements;
-    }
-
-    public void setUtElements(String[] utElements) {
-        this.utElements = utElements;
-    }
-
     public Crypto getSigCrypto() {
         return sigCrypto;
     }
@@ -601,5 +595,21 @@ public class RequestData {
     public void setAllowRSA15KeyTransportAlgorithm(boolean allowRSA15KeyTransportAlgorithm)
{
         this.allowRSA15KeyTransportAlgorithm = allowRSA15KeyTransportAlgorithm;
     }
+
+    public boolean isAddUsernameTokenNonce() {
+        return addUsernameTokenNonce;
+    }
+
+    public void setAddUsernameTokenNonce(boolean addUsernameTokenNonce) {
+        this.addUsernameTokenNonce = addUsernameTokenNonce;
+    }
+
+    public boolean isAddUsernameTokenCreated() {
+        return addUsernameTokenCreated;
+    }
+
+    public void setAddUsernameTokenCreated(boolean addUsernameTokenCreated) {
+        this.addUsernameTokenCreated = addUsernameTokenCreated;
+    }
         
 }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java?rev=1468368&r1=1468367&r2=1468368&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
Tue Apr 16 11:11:39 2013
@@ -464,10 +464,13 @@ public abstract class WSHandler {
             }
         }
         
-        String add = getString(WSHandlerConstants.ADD_UT_ELEMENTS, mc);
-        if (add != null) {
-            reqData.setUtElements(StringUtil.split(add, ' '));
-        }
+        boolean addNonce = 
+            decodeBooleanConfigValue(reqData, WSHandlerConstants.ADD_USERNAMETOKEN_NONCE,
false);
+        reqData.setAddUsernameTokenNonce(addNonce);
+        
+        boolean addCreated = 
+            decodeBooleanConfigValue(reqData, WSHandlerConstants.ADD_USERNAMETOKEN_CREATED,
false);
+        reqData.setAddUsernameTokenCreated(addCreated);
         
         String derivedMAC = getString(WSHandlerConstants.USE_DERIVED_KEY_FOR_MAC, mc);
         boolean useDerivedKeyForMAC = Boolean.parseBoolean(derivedMAC);

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandlerConstants.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandlerConstants.java?rev=1468368&r1=1468367&r2=1468368&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandlerConstants.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandlerConstants.java
Tue Apr 16 11:11:39 2013
@@ -377,6 +377,20 @@ public final class WSHandlerConstants {
     public static final String ADD_INCLUSIVE_PREFIXES = "addInclusivePrefixes";
     
     /**
+     * Whether to add a Nonce Element to a UsernameToken. This only applies when the
+     * password type is of type "text". A Nonce is automatically added for the "digest"
+     * case. The default is false.
+     */
+    public static final String ADD_USERNAMETOKEN_NONCE = "addUsernameTokenNonce";
+    
+    /**
+     * Whether to add a Created Element to a UsernameToken. This only applies when the
+     * password type is of type "text". A Created is automatically added for the "digest"
+     * case. The default is false.
+     */
+    public static final String ADD_USERNAMETOKEN_CREATED = "addUsernameTokenCreated";
+    
+    /**
      * This variable controls whether types other than PasswordDigest or PasswordText
      * are allowed when processing UsernameTokens. The default value is "false".
      */
@@ -495,20 +509,6 @@ public final class WSHandlerConstants {
     public static final String PASSWORD_TYPE = "passwordType";
     
     /**
-     * Parameter to generate additional elements (nonce and created) in a 
-     * <code>UsernameToken</code>.
-     * <p/>
-     * The value of this parameter is a list of element names that are added
-     * to the UsernameToken. The names of the list a separated by spaces.
-     * <p/>
-     * The list may contain the names <code>nonce</code> and
-     * <code>created</code> only. Use this option if the password type is
-     * <code>passwordText</code> and the handler shall add the <code>Nonce</code>
-     * and/or <code>Created</code> elements.
-     */
-    public static final String ADD_UT_ELEMENTS = "addUTElements";
-
-    /**
      * Defines which key identifier type to use for signature. The WS-Security specifications
      * recommends to use the identifier type <code>IssuerSerial</code>. For possible
signature 
      * key identifier types refer to {@link #getKeyIdentifier(String)}. 

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java?rev=1468368&r1=1468367&r2=1468368&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
Tue Apr 16 11:11:39 2013
@@ -1034,6 +1034,33 @@ public class UsernameTokenTest extends o
         newEngine.processSecurityHeader(doc, "", data);
     }
     
+    @org.junit.Test
+    public void testUsernameTokenWSHandlerNonceCreated() throws Exception {
+        CustomHandler handler = new CustomHandler();
+        Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        
+        RequestData reqData = new RequestData();
+        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();
+        config.put("password", "verySecret");
+        config.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
+        config.put(WSHandlerConstants.ADD_USERNAMETOKEN_NONCE, "true");
+        config.put(WSHandlerConstants.ADD_USERNAMETOKEN_CREATED, "true");
+        reqData.setUsername("wernerd");
+        reqData.setMsgContext(config);
+        
+        java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
+        actions.add(WSConstants.UT);
+        
+        handler.send(WSConstants.UT, doc, reqData, actions, true);
+        
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Username Token via WSHandler");
+            String outputString = 
+                XMLUtils.PrettyDocumentToString(doc);
+            LOG.debug(outputString);
+        }
+    }
+    
     private List<WSSecurityEngineResult> verify(Document doc) throws Exception {
         return verify(doc, false);
     }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSSecurityProperties.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSSecurityProperties.java?rev=1468368&r1=1468367&r2=1468368&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSSecurityProperties.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/ext/WSSSecurityProperties.java
Tue Apr 16 11:11:39 2013
@@ -64,6 +64,8 @@ public class WSSSecurityProperties exten
     private Integer utTTL = 300;
     private Integer utFutureTTL = 60;
     private Integer derivedKeyIterations = 1000;
+    private boolean addUsernameTokenNonce;
+    private boolean addUsernameTokenCreated;
 
     /**
      * This variable controls whether types other than PasswordDigest or PasswordText
@@ -138,6 +140,8 @@ public class WSSSecurityProperties exten
         this.allowRSA15KeyTransportAlgorithm = wssSecurityProperties.allowRSA15KeyTransportAlgorithm;
         this.derivedKeyIterations = wssSecurityProperties.derivedKeyIterations;
         this.useDerivedKeyForMAC = wssSecurityProperties.useDerivedKeyForMAC;
+        this.addUsernameTokenNonce = wssSecurityProperties.addUsernameTokenNonce;
+        this.addUsernameTokenCreated = wssSecurityProperties.addUsernameTokenCreated;
     }
 
     /**
@@ -721,5 +725,21 @@ public class WSSSecurityProperties exten
     public void setUseDerivedKeyForMAC(boolean useDerivedKeyForMAC) {
         this.useDerivedKeyForMAC = useDerivedKeyForMAC;
     }
+
+    public boolean isAddUsernameTokenNonce() {
+        return addUsernameTokenNonce;
+    }
+
+    public void setAddUsernameTokenNonce(boolean addUsernameTokenNonce) {
+        this.addUsernameTokenNonce = addUsernameTokenNonce;
+    }
+
+    public boolean isAddUsernameTokenCreated() {
+        return addUsernameTokenCreated;
+    }
+
+    public void setAddUsernameTokenCreated(boolean addUsernameTokenCreated) {
+        this.addUsernameTokenCreated = addUsernameTokenCreated;
+    }
     
 }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java?rev=1468368&r1=1468367&r2=1468368&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/output/UsernameTokenOutputProcessor.java
Tue Apr 16 11:11:39 2013
@@ -61,8 +61,6 @@ public class UsernameTokenOutputProcesso
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE);
             }
             
-            XMLGregorianCalendar created = WSSConstants.datatypeFactory.newXMLGregorianCalendar(new
GregorianCalendar());
-
             final String wsuId = IDGenerator.generateID(null);
             
             boolean useDerivedKeyForMAC = 
@@ -70,20 +68,31 @@ public class UsernameTokenOutputProcesso
             int derivedIterations = 
                 ((WSSSecurityProperties)getSecurityProperties()).getDerivedKeyIterations();
             byte[] salt = null;
-            byte[] nonceValue = null;
             if (WSSConstants.USERNAMETOKEN_SIGNED.equals(getAction())) {
                 salt = UsernameTokenUtil.generateSalt(useDerivedKeyForMAC);
-            } else {
+            }
+            
+            byte[] nonceValue = null;
+            if ((usernameTokenPasswordType == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST)
+                || ((WSSSecurityProperties) getSecurityProperties()).isAddUsernameTokenNonce())
{
                 nonceValue = new byte[16];
                 WSSConstants.secureRandom.nextBytes(nonceValue);
             }
+            
+            XMLGregorianCalendar created = null;
+            String createdStr = "";
+            if ((usernameTokenPasswordType == WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST)
+                || ((WSSSecurityProperties) getSecurityProperties()).isAddUsernameTokenCreated())
{
+                created = WSSConstants.datatypeFactory.newXMLGregorianCalendar(new GregorianCalendar());
+                createdStr = created.toXMLFormat();
+            }
 
             final OutputProcessor outputProcessor = this;
 
             final OutboundUsernameSecurityToken usernameSecurityToken =
                     new OutboundUsernameSecurityToken(((WSSSecurityProperties) getSecurityProperties()).getTokenUser(),
                             password,
-                            created.toXMLFormat(),
+                            createdStr,
                             nonceValue,
                             wsuId,
                             salt,
@@ -189,8 +198,7 @@ public class UsernameTokenOutputProcesso
                         }
                     }
 
-                    if (((WSSSecurityProperties) getSecurityProperties()).getUsernameTokenPasswordType()
== WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST
-                        && !WSSConstants.USERNAMETOKEN_SIGNED.equals(action)) {
+                    if (nonceValue != null && !WSSConstants.USERNAMETOKEN_SIGNED.equals(action))
{
                         attributes = new ArrayList<XMLSecAttribute>(1);
                         attributes.add(createAttribute(WSSConstants.ATT_NULL_EncodingType,
WSSConstants.SOAPMESSAGE_NS10_BASE64_ENCODING));
                         createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsse_Nonce,
false, attributes);
@@ -198,11 +206,16 @@ public class UsernameTokenOutputProcesso
 
                         createCharactersAndOutputAsEvent(subOutputProcessorChain, new Base64(76,
new byte[]{'\n'}).encodeToString(this.nonceValue));
                         createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsse_Nonce);
+                        
+                    }
+                    
+                    if (created != null && !WSSConstants.USERNAMETOKEN_SIGNED.equals(action))
{
                         createStartElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsu_Created,
false, null);
 
                         createCharactersAndOutputAsEvent(subOutputProcessorChain, this.created.toXMLFormat());
                         createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsu_Created);
                     }
+                    
                     createEndElementAndOutputAsEvent(subOutputProcessorChain, WSSConstants.TAG_wsse_UsernameToken);
 
                     outputProcessorChain.removeProcessor(this);

Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/UsernameTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/UsernameTokenTest.java?rev=1468368&r1=1468367&r2=1468368&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/UsernameTokenTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/UsernameTokenTest.java
Tue Apr 16 11:11:39 2013
@@ -662,4 +662,82 @@ public class UsernameTokenTest extends A
             Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
         }
     }
+    
+    @Test
+    public void testInboundTextNonceCreated() throws Exception {
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        {
+            InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+            String action = WSHandlerConstants.USERNAME_TOKEN;
+            Properties properties = new Properties();
+            properties.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
+            properties.setProperty(WSHandlerConstants.ADD_USERNAMETOKEN_NONCE, "true");
+            properties.setProperty(WSHandlerConstants.ADD_USERNAMETOKEN_CREATED, "true");
+            Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action,
properties);
+
+            //some test that we can really sure we get what we want from WSS4J
+            NodeList nodeList = securedDocument.getElementsByTagNameNS(WSSConstants.TAG_wsse_UsernameToken.getNamespaceURI(),
WSSConstants.TAG_wsse_UsernameToken.getLocalPart());
+            Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
+
+            nodeList = securedDocument.getElementsByTagNameNS(WSSConstants.TAG_wsse_Password.getNamespaceURI(),
WSSConstants.TAG_wsse_Password.getLocalPart());
+            Assert.assertEquals(nodeList.getLength(), 1);
+            Assert.assertEquals(((Element) nodeList.item(0)).getAttributeNS(null, WSSConstants.ATT_NULL_Type.getLocalPart()),
WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT.getNamespace());
+
+            javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+            transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+        }
+
+        //done UsernameToken; now verification:
+        {
+            WSSSecurityProperties securityProperties = new WSSSecurityProperties();
+            securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+            InboundWSSec wsSecIn = WSSec.getInboundWSSec(securityProperties);
+
+            XMLStreamReader xmlStreamReader = wsSecIn.processInMessage(xmlInputFactory.createXMLStreamReader(new
ByteArrayInputStream(baos.toByteArray())), null, null);
+
+            Document document = StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(),
xmlStreamReader);
+
+            //header element must still be there
+            NodeList nodeList = document.getElementsByTagNameNS(WSSConstants.TAG_wsse_UsernameToken.getNamespaceURI(),
WSSConstants.TAG_wsse_UsernameToken.getLocalPart());
+            Assert.assertEquals(nodeList.getLength(), 1);
+            Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
+        }
+    }
+    
+    @Test
+    public void testOutboundTextNonceCreated() throws Exception {
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+        {
+            WSSSecurityProperties securityProperties = new WSSSecurityProperties();
+            WSSConstants.Action[] actions = new WSSConstants.Action[]{WSSConstants.USERNAMETOKEN};
+            securityProperties.setOutAction(actions);
+            securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
+            securityProperties.setTokenUser("transmitter");
+            securityProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT);
+            securityProperties.setCallbackHandler(new CallbackHandlerImpl());
+            securityProperties.setAddUsernameTokenNonce(true);
+            securityProperties.setAddUsernameTokenCreated(true);
+
+            OutboundWSSec wsSecOut = WSSec.getOutboundWSSec(securityProperties);
+            XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos, "UTF-8", new
ArrayList<SecurityEvent>());
+            XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"));
+            XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+            xmlStreamWriter.close();
+
+            Document document = documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+            NodeList nodeList = document.getElementsByTagNameNS(WSSConstants.TAG_wsse_UsernameToken.getNamespaceURI(),
WSSConstants.TAG_wsse_UsernameToken.getLocalPart());
+            Assert.assertEquals(nodeList.item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
+
+            nodeList = document.getElementsByTagNameNS(WSSConstants.TAG_wsse_Password.getNamespaceURI(),
WSSConstants.TAG_wsse_Password.getLocalPart());
+            Assert.assertEquals(nodeList.getLength(), 1);
+            Assert.assertEquals(((Element) nodeList.item(0)).getAttributeNS(null, WSSConstants.ATT_NULL_Type.getLocalPart()),
WSSConstants.UsernameTokenPasswordType.PASSWORD_TEXT.getNamespace());
+        }
+
+        //done UsernameToken; now verification:
+        {
+            String action = WSHandlerConstants.USERNAME_TOKEN;
+            doInboundSecurityWithWSS4J(documentBuilderFactory.newDocumentBuilder().parse(new
ByteArrayInputStream(baos.toByteArray())), action);
+        }
+    }
 }



Mime
View raw message