Java Code Examples for javax.xml.soap.SOAPPart#setContent()

The following examples show how to use javax.xml.soap.SOAPPart#setContent() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SOAPUtil.java    From j-road with Apache License 2.0 6 votes vote down vote up
/**
 * Substitutes all occurences of some given string inside the given {@link WebServiceMessage} with another value.
 *
 * @param message message to substitute in
 * @param from the value to substitute
 * @param to the value to substitute with
 * @throws TransformerException
 */
public static void substitute(WebServiceMessage message, String from, String to) throws TransformerException {
  SaajSoapMessage saajSoapMessage = (SaajSoapMessage) message;
  SOAPPart soapPart = saajSoapMessage.getSaajMessage().getSOAPPart();

  Source source = new DOMSource(soapPart);
  StringResult stringResult = new StringResult();

  TransformerFactory.newInstance().newTransformer().transform(source, stringResult);

  String content = stringResult.toString().replaceAll(from, to);

  try {
    soapPart.setContent(new StringSource(content));
  } catch (SOAPException e) {
    throw new TransformerException(e);
  }
}
 
Example 2
Source File: AbstractSecurityTest.java    From steady with Apache License 2.0 5 votes vote down vote up
/**
 * Creates a {@link SoapMessage} from the contents of a document.
 * @param doc the document containing the SOAP content.
 */
protected SoapMessage getSoapMessageForDom(Document doc) throws SOAPException {
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    msg.setContent(SOAPMessage.class, saajMsg);
    return msg;
}
 
Example 3
Source File: ArcherBasicRestConnection.java    From FortifyBugTrackerUtility with MIT License 5 votes vote down vote up
public SOAPMessage readFrom(Class<SOAPMessage> soapEnvelopeClass, Type type, Annotation[] annotations, MediaType mediaType, MultivaluedMap<String, String> stringStringMultivaluedMap, InputStream inputStream) throws IOException, WebApplicationException {
    try {
        MessageFactory messageFactory = MessageFactory.newInstance();
        StreamSource messageSource = new StreamSource(inputStream);
        SOAPMessage message = messageFactory.createMessage();
        SOAPPart soapPart = message.getSOAPPart();
        soapPart.setContent(messageSource);
        return message;
    } catch (SOAPException e) {
        e.printStackTrace();
    }
    return null;
}
 
Example 4
Source File: AbstractSecurityTest.java    From steady with Apache License 2.0 5 votes vote down vote up
/**
 * Creates a {@link SoapMessage} from the contents of a document.
 * @param doc the document containing the SOAP content.
 */
protected SoapMessage getSoapMessageForDom(Document doc) throws SOAPException {
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    msg.setContent(SOAPMessage.class, saajMsg);
    return msg;
}
 
Example 5
Source File: AbstractSecurityTest.java    From steady with Apache License 2.0 5 votes vote down vote up
/**
 * Creates a {@link SoapMessage} from the contents of a document.
 * @param doc the document containing the SOAP content.
 */
protected SoapMessage getSoapMessageForDom(Document doc) throws SOAPException {
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    msg.setContent(SOAPMessage.class, saajMsg);
    return msg;
}
 
Example 6
Source File: WSS4JFaultCodeTest.java    From steady with Apache License 2.0 4 votes vote down vote up
/**
 * Test that an invalid Timestamp gets mapped to a proper fault code 
 */
@Test
public void testInvalidTimestamp() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    msg.put(WSHandlerConstants.TTL_TIMESTAMP, "1");

    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);

    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    inHandler.setProperty(WSHandlerConstants.TTL_TIMESTAMP, "1");

    try {
        //
        // Sleep for over a second to make the timestamp invalid
        //
        Thread.sleep(1250);
        inHandler.handleMessage(inmsg);
        fail("Expected failure on an invalid Timestamp");
    } catch (SoapFault fault) {
        assertTrue(fault.getReason().startsWith(
            "The message has expired"));
        QName faultCode = new QName(WSConstants.WSSE_NS, "MessageExpired");
        assertTrue(fault.getFaultCode().equals(faultCode));
    }
}
 
Example 7
Source File: WSS4JFaultCodeTest.java    From steady with Apache License 2.0 4 votes vote down vote up
/**
 * Test that an invalid Timestamp gets mapped to a proper fault code 
 */
@Test
public void testInvalidTimestamp() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    msg.put(WSHandlerConstants.TTL_TIMESTAMP, "1");

    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);

    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    inHandler.setProperty(WSHandlerConstants.TTL_TIMESTAMP, "1");

    try {
        //
        // Sleep for over a second to make the timestamp invalid
        //
        Thread.sleep(1250);
        inHandler.handleMessage(inmsg);
        fail("Expected failure on an invalid Timestamp");
    } catch (SoapFault fault) {
        assertTrue(fault.getReason().startsWith(
            "The message has expired"));
        QName faultCode = new QName(WSConstants.WSSE_NS, "MessageExpired");
        assertTrue(fault.getFaultCode().equals(faultCode));
    }
}
 
Example 8
Source File: WSS4JFaultCodeTest.java    From steady with Apache License 2.0 4 votes vote down vote up
/**
 * Test for WSS4JInInterceptor when it receives a message with no security header. 
 */
@Test
public void testNoSecurity() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);
    doc = part;
    
    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
    inHandler.setProperty(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
    inHandler.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());

    try {
        inHandler.handleMessage(inmsg);
        fail("Expected failure on an message with no security header");
    } catch (SoapFault fault) {
        assertTrue(fault.getReason().startsWith(
            "An error was discovered processing the <wsse:Security> header"));
        QName faultCode = new QName(WSConstants.WSSE_NS, "InvalidSecurity");
        assertTrue(fault.getFaultCode().equals(faultCode));
    }
}
 
Example 9
Source File: WSS4JInOutTest.java    From steady with Apache License 2.0 4 votes vote down vote up
@Test
public void testCustomProcessor() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
    msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
    msg.put(WSHandlerConstants.USER, "myalias");
    msg.put("password", "myAliasPassword");

    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);
    assertValid("//wsse:Security/ds:Signature", doc);

    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    final Map<String, Object> properties = new HashMap<String, Object>();
    properties.put(
        WSS4JInInterceptor.PROCESSOR_MAP,
        createCustomProcessorMap()
    );
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.NO_SECURITY);

    inHandler.handleMessage(inmsg);
    
    WSSecurityEngineResult result = 
        (WSSecurityEngineResult) inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
    assertNull(result);
}
 
Example 10
Source File: SignatureConfirmationTest.java    From steady with Apache License 2.0 4 votes vote down vote up
private void testSignatureConfirmationResponse(
    List<WSHandlerResult> sigSaved,
    List<WSHandlerResult> sigReceived
) throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    msg.put(WSHandlerConstants.RECV_RESULTS, sigReceived);
    
    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);
    // assertValid("//wsse:Security/wsse11:SignatureConfirmation", doc);

    byte[] docbytes = getMessageBytes(doc);
    // System.out.println(new String(docbytes));
    
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    inmsg.put(WSHandlerConstants.SEND_SIGV, sigSaved);

    inHandler.handleMessage(inmsg);
}
 
Example 11
Source File: SignatureConfirmationTest.java    From steady with Apache License 2.0 4 votes vote down vote up
private void testSignatureConfirmationResponse(
    List<WSHandlerResult> sigSaved,
    List<WSHandlerResult> sigReceived
) throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    msg.put(WSHandlerConstants.RECV_RESULTS, sigReceived);
    
    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);
    // assertValid("//wsse:Security/wsse11:SignatureConfirmation", doc);

    byte[] docbytes = getMessageBytes(doc);
    // System.out.println(new String(docbytes));
    
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    inmsg.put(WSHandlerConstants.SEND_SIGV, sigSaved);

    inHandler.handleMessage(inmsg);
}
 
Example 12
Source File: WSS4JInOutTest.java    From steady with Apache License 2.0 4 votes vote down vote up
@Test
public void testCustomProcessor() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
    msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
    msg.put(WSHandlerConstants.USER, "myalias");
    msg.put("password", "myAliasPassword");

    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);
    assertValid("//wsse:Security/ds:Signature", doc);

    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    final Map<String, Object> properties = new HashMap<String, Object>();
    properties.put(
        WSS4JInInterceptor.PROCESSOR_MAP,
        createCustomProcessorMap()
    );
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.NO_SECURITY);

    inHandler.handleMessage(inmsg);
    
    WSSecurityEngineResult result = 
        (WSSecurityEngineResult) inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
    assertNull(result);
}
 
Example 13
Source File: WSS4JFaultCodeTest.java    From steady with Apache License 2.0 4 votes vote down vote up
/**
 * Test for WSS4JInInterceptor when it receives a message with no security header. 
 */
@Test
public void testNoSecurity() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);
    doc = part;
    
    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
    inHandler.setProperty(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
    inHandler.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());

    try {
        inHandler.handleMessage(inmsg);
        fail("Expected failure on an message with no security header");
    } catch (SoapFault fault) {
        assertTrue(fault.getReason().startsWith(
            "An error was discovered processing the <wsse:Security> header"));
        QName faultCode = new QName(WSConstants.WSSE_NS, "InvalidSecurity");
        assertTrue(fault.getFaultCode().equals(faultCode));
    }
}
 
Example 14
Source File: SamlTokenTest.java    From steady with Apache License 2.0 4 votes vote down vote up
private SoapMessage makeInvocation(
    Map<String, Object> outProperties,
    List<String> xpaths,
    Map<String, Object> inProperties,
    Map<String, String> inMessageProperties
) throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);

    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    for (String key : outProperties.keySet()) {
        msg.put(key, outProperties.get(key));
    }

    handler.handleMessage(msg);

    doc = part;

    for (String xpath : xpaths) {
        assertValid(xpath, doc);
    }

    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor(inProperties);

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    inmsg.put(SecurityConstants.SAML_ROLE_ATTRIBUTENAME, "role");
    for (String inMessageProperty : inMessageProperties.keySet()) {
        inmsg.put(inMessageProperty, inMessageProperties.get(inMessageProperty));
    }
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.handleMessage(inmsg);

    return inmsg;
}
 
Example 15
Source File: SignatureConfirmationTest.java    From steady with Apache License 2.0 4 votes vote down vote up
private void testSignatureConfirmationResponse(
    List<WSHandlerResult> sigSaved,
    List<WSHandlerResult> sigReceived
) throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    msg.put(WSHandlerConstants.RECV_RESULTS, sigReceived);
    
    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);
    // assertValid("//wsse:Security/wsse11:SignatureConfirmation", doc);

    byte[] docbytes = getMessageBytes(doc);
    // System.out.println(new String(docbytes));
    
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    inmsg.put(WSHandlerConstants.SEND_SIGV, sigSaved);

    inHandler.handleMessage(inmsg);
}
 
Example 16
Source File: WSS4JFaultCodeTest.java    From steady with Apache License 2.0 4 votes vote down vote up
/**
 * Test that an invalid Timestamp gets mapped to a proper fault code 
 */
@Test
public void testInvalidTimestamp() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    msg.put(WSHandlerConstants.TTL_TIMESTAMP, "1");

    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);

    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    inHandler.setProperty(WSHandlerConstants.TTL_TIMESTAMP, "1");

    try {
        //
        // Sleep for over a second to make the timestamp invalid
        //
        Thread.sleep(1250);
        inHandler.handleMessage(inmsg);
        fail("Expected failure on an invalid Timestamp");
    } catch (SoapFault fault) {
        assertTrue(fault.getReason().startsWith(
            "The message has expired"));
        QName faultCode = new QName(WSConstants.WSSE_NS, "MessageExpired");
        assertTrue(fault.getFaultCode().equals(faultCode));
    }
}
 
Example 17
Source File: WSS4JInOutTest.java    From steady with Apache License 2.0 4 votes vote down vote up
@Test
public void testCustomProcessorObject() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
    msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
    msg.put(WSHandlerConstants.USER, "myalias");
    msg.put("password", "myAliasPassword");

    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);
    assertValid("//wsse:Security/ds:Signature", doc);

    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    final Map<String, Object> properties = new HashMap<String, Object>();
    final Map<QName, Object> customMap = new HashMap<QName, Object>();
    customMap.put(
        new QName(
            WSConstants.SIG_NS,
            WSConstants.SIG_LN
        ),
        CustomProcessor.class
    );
    properties.put(
        WSS4JInInterceptor.PROCESSOR_MAP,
        customMap
    );
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);

    inHandler.handleMessage(inmsg);
    
    WSSecurityEngineResult result = 
        (WSSecurityEngineResult) inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
    assertNotNull(result);
    
    Object obj = result.get("foo");
    assertNotNull(obj);
    assertEquals(obj.getClass().getName(), CustomProcessor.class.getName());
}
 
Example 18
Source File: WSS4JInOutTest.java    From steady with Apache License 2.0 4 votes vote down vote up
@Test
public void testCustomProcessor() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
    msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
    msg.put(WSHandlerConstants.USER, "myalias");
    msg.put("password", "myAliasPassword");

    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);
    assertValid("//wsse:Security/ds:Signature", doc);

    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    final Map<String, Object> properties = new HashMap<String, Object>();
    properties.put(
        WSS4JInInterceptor.PROCESSOR_MAP,
        createCustomProcessorMap()
    );
    WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.NO_SECURITY);

    inHandler.handleMessage(inmsg);
    
    WSSecurityEngineResult result = 
        (WSSecurityEngineResult) inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
    assertNull(result);
}
 
Example 19
Source File: WSS4JFaultCodeTest.java    From steady with Apache License 2.0 4 votes vote down vote up
/**
 * Test that an action mismatch gets mapped to a proper fault code 
 */
@Test
public void testActionMismatch() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);

    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);

    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, 
        WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.USERNAME_TOKEN);
    inHandler.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());

    try {
        inHandler.handleMessage(inmsg);
        fail("Expected failure on an action mismatch");
    } catch (SoapFault fault) {
        assertTrue(fault.getReason().startsWith(
            "An error was discovered processing the <wsse:Security> header"));
        QName faultCode = new QName(WSConstants.WSSE_NS, "InvalidSecurity");
        assertTrue(fault.getFaultCode().equals(faultCode));
    }
}
 
Example 20
Source File: WSS4JFaultCodeTest.java    From steady with Apache License 2.0 4 votes vote down vote up
/**
 * Test that an invalid Timestamp gets mapped to a proper fault code 
 */
@Test
public void testInvalidTimestamp() throws Exception {
    Document doc = readDocument("wsse-request-clean.xml");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
    PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();

    SoapMessage msg = new SoapMessage(new MessageImpl());
    Exchange ex = new ExchangeImpl();
    ex.setInMessage(msg);
    
    SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
    SOAPPart part = saajMsg.getSOAPPart();
    part.setContent(new DOMSource(doc));
    saajMsg.saveChanges();

    msg.setContent(SOAPMessage.class, saajMsg);

    msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    msg.put(WSHandlerConstants.TTL_TIMESTAMP, "1");

    handler.handleMessage(msg);

    doc = part;
    
    assertValid("//wsse:Security", doc);

    byte[] docbytes = getMessageBytes(doc);
    XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();

    dbf.setValidating(false);
    dbf.setIgnoringComments(false);
    dbf.setIgnoringElementContentWhitespace(true);
    dbf.setNamespaceAware(true);

    DocumentBuilder db = dbf.newDocumentBuilder();
    db.setEntityResolver(new NullResolver());
    doc = StaxUtils.read(db, reader, false);

    WSS4JInInterceptor inHandler = new WSS4JInInterceptor();

    SoapMessage inmsg = new SoapMessage(new MessageImpl());
    ex.setInMessage(inmsg);
    inmsg.setContent(SOAPMessage.class, saajMsg);

    inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
    inHandler.setProperty(WSHandlerConstants.TTL_TIMESTAMP, "1");

    try {
        //
        // Sleep for over a second to make the timestamp invalid
        //
        Thread.sleep(1250);
        inHandler.handleMessage(inmsg);
        fail("Expected failure on an invalid Timestamp");
    } catch (SoapFault fault) {
        assertTrue(fault.getReason().startsWith(
            "The message has expired"));
        QName faultCode = new QName(WSConstants.WSSE_NS, "MessageExpired");
        assertTrue(fault.getFaultCode().equals(faultCode));
    }
}