Examples of org.jboss.ws.metadata.wsse.WSSecurityConfiguration

org.jboss.ws.metadata.wsse.WSSecurityConfiguration
Root configuration class, represents the "jboss-ws-security" tag. @author Jason T. Greene @version $Revision: 12505 $

    * Test loading a configuration with a port 'authorize' definition
    * which contains two roles.
    */
   public void testPortRoles() throws Exception
   {
      WSSecurityConfiguration wsConfig = load("jboss-wsse-port-roles.xml");


      Port port = wsConfig.getPorts().get("TestPort");
      Config config = port.getDefaultConfig();
      Authorize authorize = config.getAuthorize();
      assertFalse("Unchecked", authorize.isUnchecked());
      List<Role> roles = authorize.getRoles();

View Full Code Here

    * Test loading a configuration with a default 'authorize' definition
    * which contains one role.
    */
   public void testDefaultRole() throws Exception
   {
      WSSecurityConfiguration wsConfig = load("jboss-wsse-default-role.xml");


      Config config = wsConfig.getDefaultConfig();
      Authorize authorize = config.getAuthorize();
      assertFalse("Unchecked", authorize.isUnchecked());
      List<Role> roles = authorize.getRoles();


      assertEquals("Expected 1 roles", 1, roles.size());

View Full Code Here

    * Test loading a configuration with a port 'authorize' definition
    * which contains one role.
    */
   public void testPortRole() throws Exception
   {
      WSSecurityConfiguration wsConfig = load("jboss-wsse-port-role.xml");


      Port port = wsConfig.getPorts().get("TestPort");
      Config config = port.getDefaultConfig();
      Authorize authorize = config.getAuthorize();
      assertFalse("Unchecked", authorize.isUnchecked());
      List<Role> roles = authorize.getRoles();

View Full Code Here

    * Test loading a configuration with a default 'authorize' definition
    * with unchecked.
    */
   public void testDefaultUnchecked() throws Exception
   {
      WSSecurityConfiguration wsConfig = load("jboss-wsse-default-unchecked.xml");


      Config config = wsConfig.getDefaultConfig();
      Authorize authorize = config.getAuthorize();
      assertTrue("Unchecked", authorize.isUnchecked());
      List<Role> roles = authorize.getRoles();


      assertEquals("Expected 0 roles", 0, roles.size());

View Full Code Here

    * Test loading a configuration with a port 'authorize' definition
    * with unchecked.
    */
   public void testPortUnchecked() throws Exception
   {
      WSSecurityConfiguration wsConfig = load("jboss-wsse-port-unchecked.xml");


      Port port = wsConfig.getPorts().get("TestPort");
      Config config = port.getDefaultConfig();
      Authorize authorize = config.getAuthorize();
      assertTrue("Unchecked", authorize.isUnchecked());
      List<Role> roles = authorize.getRoles();

View Full Code Here

    */
   public void testDefaultRoleUnchecked() throws Exception
   {
      try
      {
         WSSecurityConfiguration wsConfig = load("jboss-wsse-default-role-unchecked.xml");
         fail("Expected exception not thrown.");
      }
      catch (IOException expected)
      {
         Throwable cause = expected.getCause();

View Full Code Here

    */
   public void testPortRoleUnchecked() throws Exception
   {
      try
      {
         WSSecurityConfiguration wsConfig = load("jboss-wsse-port-role-unchecked.xml");
         fail("Expected exception not thrown.");
      }
      catch (IOException expected)
      {
         Throwable cause = expected.getCause();

View Full Code Here

      return new CommonSOAPFaultException(e.getFaultCode(), e.getFaultString());
   }


   public static void handleInbound(CommonMessageContext ctx) throws SOAPException, SOAPFaultException
   {
      WSSecurityConfiguration config = getSecurityConfig(ctx);
      SOAPMessageImpl soapMessage = (SOAPMessageImpl)ctx.getSOAPMessage();


      SOAPHeader soapHeader = soapMessage.getSOAPHeader();
      QName secQName = new QName(Constants.WSSE_NS, "Security");
      Element secHeaderElement = Util.findElement(soapHeader, secQName);


      if (secHeaderElement == null)
      {
         // This is ok, we always allow faults to be received because WS-Security does not encrypt faults
         if (soapMessage.getSOAPBody().getFault() != null)
            return;


         OperationMetaData opMetaData = ctx.getOperationMetaData();
         if (opMetaData == null)
         {
            // Get the operation meta data from the soap message
            // for the server side inbound message.
            EndpointMetaData epMetaData = ctx.getEndpointMetaData();
            opMetaData = soapMessage.getOperationMetaData(epMetaData);
         }


         String operation = opMetaData.getQName().toString();
         String port = opMetaData.getEndpointMetaData().getPortName().getLocalPart();


         if (hasRequirements(config, operation, port))
            throw convertToFault(new InvalidSecurityHeaderException("This service requires <wsse:Security>, which is missing."));


         return;
      }


      try
      {
         SecurityStore securityStore = new SecurityStore(config.getKeyStoreURL(), config.getKeyStoreType(), config.getKeyStorePassword(), config.getKeyPasswords(), config.getTrustStoreURL(),
               config.getTrustStoreType(), config.getTrustStorePassword());
         SecurityDecoder decoder = new SecurityDecoder(securityStore);


         decoder.decode(soapMessage.getSOAPPart(), secHeaderElement);
         
         if (log.isTraceEnabled())

View Full Code Here

      }
   }


   private static WSSecurityConfiguration getSecurityConfig(CommonMessageContext ctx)
   {
      WSSecurityConfiguration config = ctx.getEndpointMetaData().getServiceMetaData().getSecurityConfiguration();
      if (config == null)
         throw new WSException("Cannot obtain security configuration from message context");


      return config;
   }

View Full Code Here

      return operations;
   }


   public static void handleOutbound(CommonMessageContext ctx) throws SOAPException, SOAPFaultException
   {
      WSSecurityConfiguration config = getSecurityConfig(ctx);
      SOAPMessageImpl soapMessage = (SOAPMessageImpl)ctx.getSOAPMessage();


      OperationMetaData opMetaData = ctx.getOperationMetaData();
      String operation = opMetaData.getQName().toString();
      String port = opMetaData.getEndpointMetaData().getPortName().getLocalPart();


      Config operationConfig = getConfig(config, port, operation);


      log.debug("WS-Security config: " + operationConfig);
      
      // Nothing to process
      if (operationConfig == null)
         return;


      ArrayList<OperationDescription<EncodingOperation>> operations = new ArrayList<OperationDescription<EncodingOperation>>();
      Timestamp timestamp = operationConfig.getTimestamp();
      if (timestamp != null)
      {
         operations.add(new OperationDescription<EncodingOperation>(TimestampOperation.class, null, null, timestamp.getTtl(), null));
      }


      if (operationConfig.getUsername() != null)
      {
         Object user = ctx.get(Stub.USERNAME_PROPERTY);
         Object pass = ctx.get(Stub.PASSWORD_PROPERTY);
         
         if (user == null && pass == null)
         {
            user = ctx.get(BindingProvider.USERNAME_PROPERTY);
            pass = ctx.get(BindingProvider.PASSWORD_PROPERTY);
         }


         if (user != null && pass != null)
         {
            operations.add(new OperationDescription<EncodingOperation>(SendUsernameOperation.class, null, user.toString(), pass.toString(), null));
            ctx.put(StubExt.PROPERTY_AUTH_TYPE, StubExt.PROPERTY_AUTH_TYPE_WSSE);
         }
      }


      Sign sign = operationConfig.getSign();
      if (sign != null)
      {
         List<Target> targets = convertTargets(sign.getTargets());
         if (sign.isIncludeTimestamp())
         {
            if (timestamp == null)
               operations.add(new OperationDescription<EncodingOperation>(TimestampOperation.class, null, null, null, null));


            if (targets != null && targets.size() > 0)
               targets.add(new WsuIdTarget("timestamp"));
         }


         operations.add(new OperationDescription<EncodingOperation>(SignatureOperation.class, targets, sign.getAlias(), null, null));
      }


      Encrypt encrypt = operationConfig.getEncrypt();
      if (encrypt != null)
      {
         List<Target> targets = convertTargets(encrypt.getTargets());
         operations.add(new OperationDescription<EncodingOperation>(EncryptionOperation.class, targets, encrypt.getAlias(), null, encrypt.getAlgorithm()));
      }


      if (operations.size() == 0)
         return;


      if(log.isDebugEnabled()) log.debug("Encoding Message:\n" + DOMWriter.printNode(soapMessage.getSOAPPart(), true));


      try
      {
         SecurityStore securityStore = new SecurityStore(config.getKeyStoreURL(), config.getKeyStoreType(), config.getKeyStorePassword(), config.getKeyPasswords() , config.getTrustStoreURL(),
               config.getTrustStoreType(), config.getTrustStorePassword());
         SecurityEncoder encoder = new SecurityEncoder(operations, securityStore);
         encoder.encode(soapMessage.getSOAPPart());
      }
      catch (WSSecurityException e)
      {

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.jboss.ws.metadata.wsse.WSSecurityConfiguration

org.jboss.test.ws.jaxrpc.jbws1316.JBWS1316ConfigurationTestCase

org.jboss.test.ws.jaxrpc.wsse.RoundTripTestCase

org.jboss.test.ws.jaxws.jbws1988.MessageTestCase

org.jboss.test.ws.jaxws.jbws1999.JBWS1999ConfigurationTestCase

org.jboss.test.ws.jaxws.samples.wssecurity.IssuerMatchTestCase

org.jboss.ws.core.CommonClient

org.jboss.ws.core.jaxrpc.client.ServiceObjectFactoryJAXRPC

org.jboss.ws.core.jaxrpc.client.ServiceReferenceable

org.jboss.ws.core.jaxws.client.DispatchImpl

org.jboss.ws.extensions.policy.deployer.domainAssertion.WSSecurityAssertionDeployer

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.