Java Code Examples for org.apache.cxf.binding.soap.SoapMessage#setContent()
The following examples show how to use
org.apache.cxf.binding.soap.SoapMessage#setContent() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: WSS4JOutInterceptorTest.java From steady with Apache License 2.0 | 6 votes |
|
@Test
public void testSignature() throws Exception {
SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
msg.setContent(SOAPMessage.class, saaj);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myAlias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
SOAPPart doc = saaj.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
}
Example 2
| Source File: WSS4JOutInterceptorTest.java From steady with Apache License 2.0 | 6 votes |
|
@Test
public void testTimestamp() throws Exception {
SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
msg.setContent(SOAPMessage.class, saaj);
ohandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
ohandler.setProperty(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myalias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
SOAPPart doc = saaj.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/wsu:Timestamp", doc);
}
Example 3
| Source File: RMSoapInInterceptorTest.java From cxf with Apache License 2.0 | 6 votes |
|
private SoapMessage setUpInboundMessage(String resource) throws XMLStreamException {
Message message = new MessageImpl();
SoapMessage soapMessage = new SoapMessage(message);
RMProperties rmps = new RMProperties();
rmps.exposeAs(RM10Constants.NAMESPACE_URI);
RMContextUtils.storeRMProperties(soapMessage, rmps, false);
AddressingProperties maps = new AddressingProperties();
RMContextUtils.storeMAPs(maps, soapMessage, false, false);
message.put(Message.SCHEMA_VALIDATION_ENABLED, false);
InputStream is = RMSoapInInterceptorTest.class.getResourceAsStream(resource);
assertNotNull(is);
XMLStreamReader reader = XMLInputFactory.newInstance().createXMLStreamReader(is);
soapMessage.setContent(XMLStreamReader.class, reader);
ReadHeadersInterceptor rji = new ReadHeadersInterceptor(BusFactory.getDefaultBus());
rji.handleMessage(soapMessage);
StartBodyInterceptor sbi = new StartBodyInterceptor();
sbi.handleMessage(soapMessage);
return soapMessage;
}
Example 4
| Source File: RMSoapOutInterceptorTest.java From cxf with Apache License 2.0 | 6 votes |
|
private SoapMessage setupOutboundMessage() throws Exception {
Exchange ex = new ExchangeImpl();
Message message = new MessageImpl();
SoapMessage soapMessage = new SoapMessage(message);
RMProperties rmps = new RMProperties();
rmps.exposeAs(RM10Constants.NAMESPACE_URI);
RMContextUtils.storeRMProperties(soapMessage, rmps, true);
AddressingProperties maps = new AddressingProperties();
RMContextUtils.storeMAPs(maps, soapMessage, true, false);
ex.setOutMessage(soapMessage);
soapMessage.setExchange(ex);
MessageFactory factory = MessageFactory.newInstance(SOAPConstants.SOAP_1_1_PROTOCOL);
SOAPMessage soap = factory.createMessage();
QName bodyName = new QName("http://cxf.apache.org", "dummy", "d");
soap.getSOAPBody().addBodyElement(bodyName);
soapMessage.setContent(SOAPMessage.class, soap);
return soapMessage;
}
Example 5
| Source File: WSS4JInInterceptor.java From steady with Apache License 2.0 | 5 votes |
|
protected void advanceBody(
SoapMessage msg, Node body
) throws SOAPException, XMLStreamException, WSSecurityException {
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new DOMSource(body));
// advance just past body
int evt = reader.next();
int i = 0;
while (reader.hasNext() && i < 1
&& (evt != XMLStreamConstants.END_ELEMENT || evt != XMLStreamConstants.START_ELEMENT)) {
reader.next();
i++;
}
msg.setContent(XMLStreamReader.class, reader);
}
Example 6
| Source File: WSS4JOutInterceptorTest.java From steady with Apache License 2.0 | 5 votes |
|
@Test
public void testUsernameTokenDigest() throws Exception {
SOAPMessage saaj = readSAAJDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
msg.setContent(SOAPMessage.class, saaj);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "username");
msg.put("password", "myAliasPassword");
msg.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
handler.handleMessage(msg);
SOAPPart doc = saaj.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/wsse:UsernameToken", doc);
assertValid("//wsse:Security/wsse:UsernameToken/wsse:Username[text()='username']", doc);
// Test to see that the password digest is used in the header
assertInvalid("//wsse:Security/wsse:UsernameToken/wsse:Password[text()='myAliasPassword']", doc);
}
Example 7
| Source File: WSS4JInInterceptor.java From steady with Apache License 2.0 | 5 votes |
|
protected void advanceBody(
SoapMessage msg, Node body
) throws SOAPException, XMLStreamException, WSSecurityException {
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new DOMSource(body));
// advance just past body
int evt = reader.next();
int i = 0;
while (reader.hasNext() && i < 1
&& (evt != XMLStreamConstants.END_ELEMENT || evt != XMLStreamConstants.START_ELEMENT)) {
reader.next();
i++;
}
msg.setContent(XMLStreamReader.class, reader);
}
Example 8
| Source File: EjbInterceptor.java From tomee with Apache License 2.0 | 5 votes |
|
private void reserialize(SoapMessage message) throws Exception {
SOAPMessage soapMessage = message.getContent(SOAPMessage.class);
if (soapMessage == null) {
return;
}
DOMSource bodySource = new DOMSource(soapMessage.getSOAPPart());
XMLStreamReader xmlReader = StaxUtils.createXMLStreamReader(bodySource);
message.setContent(XMLStreamReader.class, xmlReader);
}
Example 9
| Source File: WSS4JFaultCodeTest.java From cxf with Apache License 2.0 | 5 votes |
|
@Test
public void testSignedEncryptedSOAP12Fault() throws Exception {
Document doc = readDocument("wsse-response-fault.xml");
SoapMessage msg = getSoapMessageForDom(doc, SOAPConstants.SOAP_1_2_PROTOCOL);
SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
doc = saajMsg.getSOAPPart();
byte[] docbytes = getMessageBytes(doc);
doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(ConfigurationConstants.ACTION,
ConfigurationConstants.SIGNATURE + " " + ConfigurationConstants.ENCRYPTION);
inHandler.setProperty(ConfigurationConstants.DEC_PROP_FILE, "insecurity.properties");
inHandler.setProperty(ConfigurationConstants.SIG_VER_PROP_FILE, "insecurity.properties");
inHandler.setProperty(ConfigurationConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());
inHandler.setProperty(
ConfigurationConstants.PW_CALLBACK_CLASS,
"org.apache.cxf.ws.security.wss4j.TestPwdCallback"
);
inHandler.handleMessage(inmsg);
// StaxUtils.print(saajMsg.getSOAPPart());
}
Example 10
| Source File: WSS4JInOutTest.java From steady with Apache License 2.0 | 4 votes |
|
@Test
public void testCustomProcessorObject() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
SOAPPart part = saajMsg.getSOAPPart();
part.setContent(new DOMSource(doc));
saajMsg.saveChanges();
msg.setContent(SOAPMessage.class, saajMsg);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myalias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
doc = part;
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
byte[] docbytes = getMessageBytes(doc);
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setValidating(false);
dbf.setIgnoringComments(false);
dbf.setIgnoringElementContentWhitespace(true);
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
db.setEntityResolver(new NullResolver());
doc = StaxUtils.read(db, reader, false);
final Map<String, Object> properties = new HashMap<String, Object>();
final Map<QName, Object> customMap = new HashMap<QName, Object>();
customMap.put(
new QName(
WSConstants.SIG_NS,
WSConstants.SIG_LN
),
CustomProcessor.class
);
properties.put(
WSS4JInInterceptor.PROCESSOR_MAP,
customMap
);
WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
SoapMessage inmsg = new SoapMessage(new MessageImpl());
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
inHandler.handleMessage(inmsg);
WSSecurityEngineResult result =
(WSSecurityEngineResult) inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
assertNotNull(result);
Object obj = result.get("foo");
assertNotNull(obj);
assertEquals(obj.getClass().getName(), CustomProcessor.class.getName());
}
Example 11
| Source File: WSS4JFaultCodeTest.java From steady with Apache License 2.0 | 4 votes |
|
/**
* Test for WSS4JInInterceptor when it receives a message with no security header.
*/
@Test
public void testNoSecurity() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
SOAPPart part = saajMsg.getSOAPPart();
part.setContent(new DOMSource(doc));
saajMsg.saveChanges();
msg.setContent(SOAPMessage.class, saajMsg);
doc = part;
byte[] docbytes = getMessageBytes(doc);
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setValidating(false);
dbf.setIgnoringComments(false);
dbf.setIgnoringElementContentWhitespace(true);
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
db.setEntityResolver(new NullResolver());
doc = StaxUtils.read(db, reader, false);
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
inHandler.setProperty(WSHandlerConstants.DEC_PROP_FILE, "insecurity.properties");
inHandler.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());
try {
inHandler.handleMessage(inmsg);
fail("Expected failure on an message with no security header");
} catch (SoapFault fault) {
assertTrue(fault.getReason().startsWith(
"An error was discovered processing the <wsse:Security> header"));
QName faultCode = new QName(WSConstants.WSSE_NS, "InvalidSecurity");
assertTrue(fault.getFaultCode().equals(faultCode));
}
}
Example 12
| Source File: WSS4JInOutTest.java From steady with Apache License 2.0 | 4 votes |
|
@Test
public void testCustomProcessorObject() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
SOAPPart part = saajMsg.getSOAPPart();
part.setContent(new DOMSource(doc));
saajMsg.saveChanges();
msg.setContent(SOAPMessage.class, saajMsg);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myalias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
doc = part;
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
byte[] docbytes = getMessageBytes(doc);
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setValidating(false);
dbf.setIgnoringComments(false);
dbf.setIgnoringElementContentWhitespace(true);
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
db.setEntityResolver(new NullResolver());
doc = StaxUtils.read(db, reader, false);
final Map<String, Object> properties = new HashMap<String, Object>();
final Map<QName, Object> customMap = new HashMap<QName, Object>();
customMap.put(
new QName(
WSConstants.SIG_NS,
WSConstants.SIG_LN
),
CustomProcessor.class
);
properties.put(
WSS4JInInterceptor.PROCESSOR_MAP,
customMap
);
WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
SoapMessage inmsg = new SoapMessage(new MessageImpl());
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
inHandler.handleMessage(inmsg);
WSSecurityEngineResult result =
(WSSecurityEngineResult) inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
assertNotNull(result);
Object obj = result.get("foo");
assertNotNull(obj);
assertEquals(obj.getClass().getName(), CustomProcessor.class.getName());
}
Example 13
| Source File: WSS4JInOutTest.java From steady with Apache License 2.0 | 4 votes |
|
@Test
public void testCustomProcessor() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
SOAPPart part = saajMsg.getSOAPPart();
part.setContent(new DOMSource(doc));
saajMsg.saveChanges();
msg.setContent(SOAPMessage.class, saajMsg);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myalias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
doc = part;
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
byte[] docbytes = getMessageBytes(doc);
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setValidating(false);
dbf.setIgnoringComments(false);
dbf.setIgnoringElementContentWhitespace(true);
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
db.setEntityResolver(new NullResolver());
doc = StaxUtils.read(db, reader, false);
final Map<String, Object> properties = new HashMap<String, Object>();
properties.put(
WSS4JInInterceptor.PROCESSOR_MAP,
createCustomProcessorMap()
);
WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
SoapMessage inmsg = new SoapMessage(new MessageImpl());
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.NO_SECURITY);
inHandler.handleMessage(inmsg);
WSSecurityEngineResult result =
(WSSecurityEngineResult) inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
assertNull(result);
}
Example 14
| Source File: WSS4JFaultCodeTest.java From cxf with Apache License 2.0 | 4 votes |
|
/**
* Test that an action mismatch gets mapped to a proper fault code
*/
@Test
public void testActionMismatch() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = getSoapMessageForDom(doc);
msg.put(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP);
handler.handleMessage(msg);
SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
doc = saajMsg.getSOAPPart();
assertValid("//wsse:Security", doc);
byte[] docbytes = getMessageBytes(doc);
doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(ConfigurationConstants.ACTION,
ConfigurationConstants.TIMESTAMP + " " + ConfigurationConstants.USERNAME_TOKEN);
inHandler.setProperty(ConfigurationConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());
inmsg.put(SecurityConstants.RETURN_SECURITY_ERROR, Boolean.TRUE);
try {
inHandler.handleMessage(inmsg);
fail("Expected failure on an action mismatch");
} catch (SoapFault fault) {
assertTrue(fault.getReason().startsWith(
"An error was discovered processing the <wsse:Security> header"));
QName faultCode = new QName(WSS4JConstants.WSSE_NS, "InvalidSecurity");
assertEquals(fault.getFaultCode(), faultCode);
}
}
Example 15
| Source File: WSS4JFaultCodeTest.java From cxf with Apache License 2.0 | 4 votes |
|
/**
* Test that an invalid Timestamp gets mapped to a proper fault code
*/
@Test
public void testInvalidTimestamp() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = getSoapMessageForDom(doc);
msg.put(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP);
msg.put(ConfigurationConstants.TTL_TIMESTAMP, "1");
handler.handleMessage(msg);
SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
doc = saajMsg.getSOAPPart();
assertValid("//wsse:Security", doc);
byte[] docbytes = getMessageBytes(doc);
doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP);
inHandler.setProperty(ConfigurationConstants.TTL_TIMESTAMP, "1");
inmsg.put(SecurityConstants.RETURN_SECURITY_ERROR, Boolean.TRUE);
try {
//
// Sleep for over a second to make the timestamp invalid
//
Thread.sleep(1250);
inHandler.handleMessage(inmsg);
fail("Expected failure on an invalid Timestamp");
} catch (SoapFault fault) {
assertTrue(fault.getReason().contains("Invalid timestamp"));
QName faultCode = new QName(WSS4JConstants.WSSE_NS, "MessageExpired");
assertEquals(fault.getFaultCode(), faultCode);
}
}
Example 16
| Source File: WSS4JInOutTest.java From steady with Apache License 2.0 | 4 votes |
|
@Test
public void testCustomProcessor() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
SOAPPart part = saajMsg.getSOAPPart();
part.setContent(new DOMSource(doc));
saajMsg.saveChanges();
msg.setContent(SOAPMessage.class, saajMsg);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
msg.put(WSHandlerConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(WSHandlerConstants.USER, "myalias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
doc = part;
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
byte[] docbytes = getMessageBytes(doc);
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setValidating(false);
dbf.setIgnoringComments(false);
dbf.setIgnoringElementContentWhitespace(true);
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
db.setEntityResolver(new NullResolver());
doc = StaxUtils.read(db, reader, false);
final Map<String, Object> properties = new HashMap<String, Object>();
properties.put(
WSS4JInInterceptor.PROCESSOR_MAP,
createCustomProcessorMap()
);
WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
SoapMessage inmsg = new SoapMessage(new MessageImpl());
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.NO_SECURITY);
inHandler.handleMessage(inmsg);
WSSecurityEngineResult result =
(WSSecurityEngineResult) inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
assertNull(result);
}
Example 17
| Source File: WSS4JInOutTest.java From cxf with Apache License 2.0 | 4 votes |
|
@Test
public void testCustomProcessor() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = getSoapMessageForDom(doc);
msg.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
msg.put(ConfigurationConstants.SIG_PROP_FILE, "outsecurity.properties");
msg.put(ConfigurationConstants.USER, "myalias");
msg.put("password", "myAliasPassword");
handler.handleMessage(msg);
SOAPMessage saajMsg = msg.getContent(SOAPMessage.class);
doc = saajMsg.getSOAPPart();
assertValid("//wsse:Security", doc);
assertValid("//wsse:Security/ds:Signature", doc);
byte[] docbytes = getMessageBytes(doc);
doc = StaxUtils.read(new ByteArrayInputStream(docbytes));
final Map<String, Object> properties = new HashMap<>();
properties.put(
WSS4JInInterceptor.PROCESSOR_MAP,
createCustomProcessorMap()
);
WSS4JInInterceptor inHandler = new WSS4JInInterceptor(properties);
SoapMessage inmsg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(ConfigurationConstants.ACTION, WSHandlerConstants.NO_SECURITY);
inHandler.handleMessage(inmsg);
List<WSHandlerResult> results = getResults(inmsg);
assertTrue(results != null && results.size() == 1);
List<WSSecurityEngineResult> signatureResults =
results.get(0).getActionResults().get(WSConstants.SIGN);
assertTrue(signatureResults == null || signatureResults.isEmpty());
}
Example 18
| Source File: WSS4JFaultCodeTest.java From steady with Apache License 2.0 | 4 votes |
|
/**
* Test that an action mismatch gets mapped to a proper fault code
*/
@Test
public void testActionMismatch() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
SOAPPart part = saajMsg.getSOAPPart();
part.setContent(new DOMSource(doc));
saajMsg.saveChanges();
msg.setContent(SOAPMessage.class, saajMsg);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
handler.handleMessage(msg);
doc = part;
assertValid("//wsse:Security", doc);
byte[] docbytes = getMessageBytes(doc);
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setValidating(false);
dbf.setIgnoringComments(false);
dbf.setIgnoringElementContentWhitespace(true);
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
db.setEntityResolver(new NullResolver());
doc = StaxUtils.read(db, reader, false);
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(WSHandlerConstants.ACTION,
WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.USERNAME_TOKEN);
inHandler.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, TestPwdCallback.class.getName());
try {
inHandler.handleMessage(inmsg);
fail("Expected failure on an action mismatch");
} catch (SoapFault fault) {
assertTrue(fault.getReason().startsWith(
"An error was discovered processing the <wsse:Security> header"));
QName faultCode = new QName(WSConstants.WSSE_NS, "InvalidSecurity");
assertTrue(fault.getFaultCode().equals(faultCode));
}
}
Example 19
| Source File: WSS4JFaultCodeTest.java From steady with Apache License 2.0 | 4 votes |
|
/**
* Test that an invalid Timestamp gets mapped to a proper fault code
*/
@Test
public void testInvalidTimestamp() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
PhaseInterceptor<SoapMessage> handler = ohandler.createEndingInterceptor();
SoapMessage msg = new SoapMessage(new MessageImpl());
Exchange ex = new ExchangeImpl();
ex.setInMessage(msg);
SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
SOAPPart part = saajMsg.getSOAPPart();
part.setContent(new DOMSource(doc));
saajMsg.saveChanges();
msg.setContent(SOAPMessage.class, saajMsg);
msg.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
msg.put(WSHandlerConstants.TTL_TIMESTAMP, "1");
handler.handleMessage(msg);
doc = part;
assertValid("//wsse:Security", doc);
byte[] docbytes = getMessageBytes(doc);
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new ByteArrayInputStream(docbytes));
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setValidating(false);
dbf.setIgnoringComments(false);
dbf.setIgnoringElementContentWhitespace(true);
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
db.setEntityResolver(new NullResolver());
doc = StaxUtils.read(db, reader, false);
WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
SoapMessage inmsg = new SoapMessage(new MessageImpl());
ex.setInMessage(inmsg);
inmsg.setContent(SOAPMessage.class, saajMsg);
inHandler.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP);
inHandler.setProperty(WSHandlerConstants.TTL_TIMESTAMP, "1");
try {
//
// Sleep for over a second to make the timestamp invalid
//
Thread.sleep(1250);
inHandler.handleMessage(inmsg);
fail("Expected failure on an invalid Timestamp");
} catch (SoapFault fault) {
assertTrue(fault.getReason().startsWith(
"The message has expired"));
QName faultCode = new QName(WSConstants.WSSE_NS, "MessageExpired");
assertTrue(fault.getFaultCode().equals(faultCode));
}
}
Example 20
| Source File: RMSoapOutInterceptorTest.java From cxf with Apache License 2.0 | 4 votes |
|
@Test
public void testEncodeFault() throws Exception {
RMSoapOutInterceptor codec = new RMSoapOutInterceptor();
setUpOutbound();
SoapMessage message = setupOutboundFaultMessage();
// no RM headers and no fault
codec.encode(message);
verifyHeaders(message, new String[] {});
// fault is not a SoapFault
message = setupOutboundFaultMessage();
assertTrue(MessageUtils.isFault(message));
Exception ex = new RuntimeException("");
message.setContent(Exception.class, ex);
codec.encode(message);
verifyHeaders(message, new String[] {});
// fault is a SoapFault but does not have a SequenceFault cause
message = setupOutboundFaultMessage();
SoapFault f = new SoapFault("REASON", RM10Constants.UNKNOWN_SEQUENCE_FAULT_QNAME);
message.setContent(Exception.class, f);
codec.encode(message);
verifyHeaders(message, new String[] {});
// fault is a SoapFault and has a SequenceFault cause
message = setupOutboundFaultMessage();
SequenceFault sf = new SequenceFault("REASON");
sf.setFaultCode(RM10Constants.UNKNOWN_SEQUENCE_FAULT_QNAME);
Identifier sid = new Identifier();
sid.setValue("SID");
sf.setSender(true);
f.initCause(sf);
message.setContent(Exception.class, f);
codec.encode(message);
verifyHeaders(message, new String[] {RMConstants.SEQUENCE_FAULT_NAME});
}
