Repository: cxf Updated Branches: refs/heads/master be2bf8d64 -> da23fad19
Add another test to check that an exception is thrown if a service response is not signed Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/da23fad1 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/da23fad1 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/da23fad1 Branch: refs/heads/master Commit: da23fad198105185329dccef088267b9fc27c8b8 Parents: be2bf8d Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Wed Mar 29 11:51:53 2017 +0100 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Wed Mar 29 11:53:21 2017 +0100 ---------------------------------------------------------------------- .../jaxrs/security/xml/JAXRSXmlSecTest.java | 49 ++++++++++++++++++++ .../cxf/systest/jaxrs/security/xml/server.xml | 13 ++++++ 2 files changed, 62 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/da23fad1/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java index 1166daa..29d1cc5 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java @@ -397,6 +397,55 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { } @Test + public void testUnsignedServerResponse() throws Exception { + if (STAX_PORT.equals(test.port)) { + // We are only testing the client here + return; + } + String address = "https://localhost:" + test.port + "/xmlnosigresponse/bookstore/books"; + + JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean(); + bean.setAddress(address); + + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = JAXRSXmlSecTest.class.getResource("client.xml"); + Bus springBus = bf.createBus(busFile.toString()); + bean.setBus(springBus); + + Map<String, Object> properties = new HashMap<>(); + properties.put(SecurityConstants.CALLBACK_HANDLER, + "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"); + properties.put(SecurityConstants.SIGNATURE_USERNAME, "alice"); + properties.put(SecurityConstants.SIGNATURE_PROPERTIES, + "org/apache/cxf/systest/jaxrs/security/alice.properties"); + bean.setProperties(properties); + if (test.streaming) { + XmlSecOutInterceptor sigOutInterceptor = new XmlSecOutInterceptor(); + sigOutInterceptor.setSignRequest(true); + bean.getOutInterceptors().add(sigOutInterceptor); + + XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor(); + sigInInterceptor.setRequireSignature(true); + bean.setProvider(sigInInterceptor); + } else { + XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor(); + bean.getOutInterceptors().add(sigOutInterceptor); + + XmlSigInInterceptor sigInInterceptor = new XmlSigInInterceptor(); + bean.getInInterceptors().add(sigInInterceptor); + } + + WebClient wc = bean.createWebClient(); + WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L); + try { + wc.post(new Book("CXF", 126L), Book.class); + fail("Failure expected on an unsigned response message"); + } catch (ProcessingException ex) { + assertTrue(ex.getCause() instanceof BadRequestException); + } + } + + @Test public void testPostBookWithEnvelopedSigKeyName() throws Exception { // This test only applies to StAX - see CXF-7084 if (!test.streaming || !STAX_PORT.equals(test.port)) { http://git-wip-us.apache.org/repos/asf/cxf/blob/da23fad1/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/xml/server.xml ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/xml/server.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/xml/server.xml index 5e10787..63c5551 100644 --- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/xml/server.xml +++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/xml/server.xml @@ -128,6 +128,19 @@ under the License. </jaxrs:properties> </jaxrs:server> + <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-xmlsec}/xmlnosigresponse"> + <jaxrs:serviceBeans> + <ref bean="serviceBean"/> + </jaxrs:serviceBeans> + <jaxrs:providers> + <ref bean="xmlSigInHandler"/> + </jaxrs:providers> + <jaxrs:properties> + <entry key="security.callback-handler" value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/> + <entry key="security.signature.properties" value="org/apache/cxf/systest/jaxrs/security/alice.properties"/> + </jaxrs:properties> + </jaxrs:server> + <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-xmlsec}/xmlsigconstraints"> <jaxrs:serviceBeans> <ref bean="serviceBean"/>