Examples of org.apache.wss4j.dom.WSSConfig

• org.apache.wss4j.dom.WSSConfig
  WSSConfig

  Carries configuration data so the WSS4J spec compliance can be modified in runtime. Configure an instance of this object only if you need WSS4J to emulate certain industry clients or previous OASIS specifications for WS-Security interoperability testing purposes.

  The default settings follow the latest OASIS and changing anything might violate the OASIS specs.

  WARNING: changing the default settings will break the compliance with the latest specs. Do this only if you know what you are doing.

        }

        //
        // Do some processing
        //
        WSSConfig wssConfig = WSSConfig.getNewInstance();
        wssConfig.setTimeStampTTL(-1);
        try {
            verify(createdDoc, wssConfig);
            fail("The timestamp validation should have failed");
        } catch (WSSecurityException ex) {
            assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED);

            LOG.debug(outputString);
        }
        //
        // Do some processing
        //
        WSSConfig config = WSSConfig.getNewInstance();
        verify(doc, config);
        try {
            config.setTimeStampFutureTTL(0);
            verify(doc, config);
            fail("The timestamp validation should have failed");
        } catch (WSSecurityException ex) {
            assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED);
        }

            LOG.debug(outputString);
        }
        //
        // Do some processing
        //
        WSSConfig config = WSSConfig.getNewInstance();
        try {
            verify(doc, config);
            fail("The timestamp validation should have failed");
        } catch (WSSecurityException ex) {
            assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED);

        }

        //
        // Do some processing
        //
        WSSConfig wssConfig = WSSConfig.getNewInstance();
        try {
            verify(createdDoc, wssConfig);
            fail("Expected failure on multiple timestamps");
        } catch (WSSecurityException ex) {
            // expected

        }
        //
        // Do some processing - disable the validator to make sure that the Timestamp processor
        // is rejecting the Timestamp
        //
        WSSConfig wssConfig = WSSConfig.getNewInstance();
        wssConfig.setValidator(WSSecurityEngine.TIMESTAMP, new NoOpValidator());
        try {
            verify(doc, wssConfig);
            fail("The timestamp validation should have failed");
        } catch (WSSecurityException ex) {
            //assertTrue(ex.getMessage().contains("Unparseable date"));

            LOG.debug(outputString);
        }
        //
        // Do some processing
        //
        WSSConfig wssConfig = WSSConfig.getNewInstance();
        wssConfig.setValidator(WSSecurityEngine.TIMESTAMP, new NoOpValidator());
        try {
            verify(doc, WSSConfig.getNewInstance());
            fail("The timestamp validation should have failed");
        } catch (WSSecurityException ex) {
            //

        secHeader.insertSecurityHeader(doc);

        WSSecTimestamp timestamp = new WSSecTimestamp();
        timestamp.setTimeToLive(300);

        WSSConfig config = WSSConfig.getNewInstance();
        WSTimeSource spoofedTimeSource = new WSTimeSource() {

            public Date now() {
                Date currentTime = new Date();
                currentTime.setTime(currentTime.getTime() - (500L * 1000L));
                return currentTime;
            }

        };
        config.setCurrentTime(spoofedTimeSource);

        timestamp.setWsConfig(config);
        Document createdDoc = timestamp.build(doc, secHeader);

        if (LOG.isDebugEnabled()) {

        Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader secHeader = new WSSecHeader();
        secHeader.insertSecurityHeader(doc);

        WSSConfig wssConfig = WSSConfig.getNewInstance();
        wssConfig.setPrecisionInMilliSeconds(false);
        WSSecTimestamp timestamp = new WSSecTimestamp();
        timestamp.setWsConfig(wssConfig);
        timestamp.setTimeToLive(300);
        Document createdDoc = timestamp.build(doc, secHeader);

    public static void cleanup() throws Exception {
        SecurityTestUtil.cleanup();
    }

    public SamlTokenDerivedTest() throws Exception {
        WSSConfig config = WSSConfig.getNewInstance();
        config.setValidateSamlSubjectConfirmation(false);
        secEngine.setWssConfig(config);
        crypto = CryptoFactory.getInstance("crypto.properties");
    }

     * Test using a UsernameToken derived key for signing a SOAP body via WSHandler
     */
    @org.junit.Test
    public void testHandlerSignature() throws Exception {

        final WSSConfig cfg = WSSConfig.getNewInstance();
        RequestData reqData = new RequestData();
        reqData.setWssConfig(cfg);
        java.util.Map<String, Object> messageContext = new java.util.TreeMap<String, Object>();
        messageContext.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
        reqData.setMsgContext(messageContext);