(ws-axiom) branch master updated: Upgrade wss4j-tests to WSS4J 4.0.1

veithen Sun, 08 Mar 2026 03:19:12 -0700

This is an automated email from the ASF dual-hosted git repository.

veithen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ws-axiom.git



The following commit(s) were added to refs/heads/master by this push:
     new 6accf741d Upgrade wss4j-tests to WSS4J 4.0.1
6accf741d is described below

commit 6accf741db9df705d3c5c40f056b6ddeda49582d
Author: Andreas Veithen-Knowles <[email protected]>
AuthorDate: Sun Mar 8 10:18:57 2026 +0000

    Upgrade wss4j-tests to WSS4J 4.0.1
    
    Migrate from the legacy org.apache.ws.security:wss4j:1.6.19 to
    org.apache.wss4j:wss4j-ws-security-dom:4.0.1. This includes:
    
    - Updated Maven dependency coordinates and version
    - Migrated Java imports and API usage to the new WSS4J 4.x API
    - Updated crypto.properties to use new property prefix
    - Replaced deprecated DSA/DES key algorithms with RSA/AES
---
 systests/wss4j-tests/pom.xml                       | 16 ++---
 systests/wss4j-tests/src/test/java/WSS4JTest.java  | 75 +++++++++++++---------
 .../src/test/resources/crypto.properties           | 10 +--
 3 files changed, 57 insertions(+), 44 deletions(-)

diff --git a/systests/wss4j-tests/pom.xml b/systests/wss4j-tests/pom.xml
index 97083246b..b5143a67b 100644
--- a/systests/wss4j-tests/pom.xml
+++ b/systests/wss4j-tests/pom.xml
@@ -44,9 +44,9 @@
             <scope>test</scope>
         </dependency>
         <dependency>
-            <groupId>org.apache.ws.security</groupId>
-            <artifactId>wss4j</artifactId>
-            <version>1.6.19</version>
+            <groupId>org.apache.wss4j</groupId>
+            <artifactId>wss4j-ws-security-dom</artifactId>
+            <version>4.0.1</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -145,9 +145,9 @@
                         <configuration>
                             <alias>key1</alias>
                             <dname>cn=dummy</dname>
-                            <keyalg>DSA</keyalg>
-                            <keysize>1024</keysize>
-                            <sigalg>SHA1withDSA</sigalg>
+                            <keyalg>RSA</keyalg>
+                            <keysize>2048</keysize>
+                            <sigalg>SHA256withRSA</sigalg>
                         </configuration>
                     </execution>
                     <execution>
@@ -158,8 +158,8 @@
                         </goals>
                         <configuration>
                             <alias>key2</alias>
-                            <keyalg>DES</keyalg>
-                            <keysize>56</keysize>
+                            <keyalg>AES</keyalg>
+                            <keysize>128</keysize>
                         </configuration>
                     </execution>
                 </executions>
diff --git a/systests/wss4j-tests/src/test/java/WSS4JTest.java 
b/systests/wss4j-tests/src/test/java/WSS4JTest.java
index f27cdf525..a804633b2 100644
--- a/systests/wss4j-tests/src/test/java/WSS4JTest.java
+++ b/systests/wss4j-tests/src/test/java/WSS4JTest.java
@@ -18,21 +18,27 @@
  */
 import static org.assertj.core.api.Assertions.assertThat;
 
-import java.util.Vector;
+import java.io.FileInputStream;
+import java.security.KeyStore;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.crypto.SecretKey;
 
 import org.apache.axiom.om.OMAbstractFactory;
 import org.apache.axiom.om.OMMetaFactory;
 import org.apache.axiom.om.OMXMLBuilderFactory;
 import org.apache.axiom.soap.SOAPMessage;
-import org.apache.ws.security.WSConstants;
-import org.apache.ws.security.WSEncryptionPart;
-import org.apache.ws.security.WSSecurityEngine;
-import org.apache.ws.security.WSSecurityException;
-import org.apache.ws.security.components.crypto.Crypto;
-import org.apache.ws.security.components.crypto.CryptoFactory;
-import org.apache.ws.security.message.WSSecEncrypt;
-import org.apache.ws.security.message.WSSecHeader;
-import org.apache.ws.security.message.WSSecSignature;
+import org.apache.wss4j.common.WSEncryptionPart;
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.engine.WSSecurityEngine;
+import org.apache.wss4j.dom.handler.WSHandlerResult;
+import org.apache.wss4j.dom.message.WSSecEncrypt;
+import org.apache.wss4j.dom.message.WSSecHeader;
+import org.apache.wss4j.dom.message.WSSecSignature;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.w3c.dom.Document;
@@ -52,27 +58,28 @@ public class WSS4JTest {
                 .getSOAPMessage();
     }
 
-    private void testSignature(String file, Vector<WSEncryptionPart> parts) 
throws Exception {
-        WSSecSignature sign = new WSSecSignature();
-        sign.setUserInfo("key1", "password");
-        sign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
-        sign.setParts(parts);
-
+    private void testSignature(String file, List<WSEncryptionPart> parts) 
throws Exception {
         SOAPMessage message = load(file);
         Document doc = (Document) message;
 
-        WSSecHeader secHeader = new WSSecHeader();
-        secHeader.insertSecurityHeader(doc);
+        WSSecHeader secHeader = new WSSecHeader(doc);
+        secHeader.insertSecurityHeader();
+
+        WSSecSignature sign = new WSSecSignature(secHeader);
+        sign.setUserInfo("key1", "password");
+        sign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
+        sign.getParts().addAll(parts);
 
-        Document signedDoc = sign.build(doc, crypto, secHeader);
+        Document signedDoc = sign.build(crypto);
 
         WSSecurityEngine secEngine = new WSSecurityEngine();
-        assertThat(secEngine.processSecurityHeader(signedDoc, null, null, 
crypto)).hasSize(2);
+        WSHandlerResult results = secEngine.processSecurityHeader(signedDoc, 
null, null, crypto);
+        assertThat(results.getResults()).hasSize(2);
     }
 
     @Test
     public void testSignHeaderAndBody() throws Exception {
-        Vector<WSEncryptionPart> parts = new Vector<WSEncryptionPart>();
+        List<WSEncryptionPart> parts = new ArrayList<>();
         parts.add(new WSEncryptionPart("header", "urn:ns1", ""));
         parts.add(new WSEncryptionPart("Body", 
"http://schemas.xmlsoap.org/soap/envelope/";, ""));
         testSignature("envelope1.xml", parts);
@@ -80,23 +87,29 @@ public class WSS4JTest {
 
     @Test
     public void testSignPartById() throws Exception {
-        Vector<WSEncryptionPart> parts = new Vector<WSEncryptionPart>();
+        List<WSEncryptionPart> parts = new ArrayList<>();
         parts.add(new WSEncryptionPart("my-id"));
         testSignature("envelope2.xml", parts);
     }
 
     @Test
     public void testEncryptHeader() throws Exception {
-        Vector<WSEncryptionPart> parts = new Vector<WSEncryptionPart>();
-        parts.add(new WSEncryptionPart("header", "urn:ns1", "Header"));
-        WSSecEncrypt encrypt = new WSSecEncrypt();
-        encrypt.setUserInfo("key2", "password");
-        encrypt.setEncryptSymmKey(false);
-        encrypt.setParts(parts);
         SOAPMessage message = load("envelope1.xml");
         Document doc = (Document) message;
-        WSSecHeader secHeader = new WSSecHeader();
-        secHeader.insertSecurityHeader(doc);
-        encrypt.build(doc, crypto, secHeader);
+
+        WSSecHeader secHeader = new WSSecHeader(doc);
+        secHeader.insertSecurityHeader();
+
+        WSSecEncrypt encrypt = new WSSecEncrypt(secHeader);
+        encrypt.setEncryptSymmKey(false);
+        encrypt.getParts().add(new WSEncryptionPart("header", "urn:ns1", 
"Header"));
+
+        KeyStore ks = KeyStore.getInstance("JCEKS");
+        try (FileInputStream fis = new FileInputStream("target/keystore")) {
+            ks.load(fis, "password".toCharArray());
+        }
+        SecretKey secretKey = (SecretKey) ks.getKey("key2", 
"password".toCharArray());
+
+        encrypt.build(crypto, secretKey);
     }
 }
diff --git a/systests/wss4j-tests/src/test/resources/crypto.properties 
b/systests/wss4j-tests/src/test/resources/crypto.properties
index 1837f46cf..05e4c2853 100644
--- a/systests/wss4j-tests/src/test/resources/crypto.properties
+++ b/systests/wss4j-tests/src/test/resources/crypto.properties
@@ -16,8 +16,8 @@
 # specific language governing permissions and limitations
 # under the License.
 #
-org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
-org.apache.ws.security.crypto.merlin.keystore.type=JCEKS
-org.apache.ws.security.crypto.merlin.keystore.password=password
-org.apache.ws.security.crypto.merlin.keystore.alias=cn=dummy
-org.apache.ws.security.crypto.merlin.file=target/keystore
+org.apache.wss4j.crypto.provider=org.apache.wss4j.common.crypto.Merlin
+org.apache.wss4j.crypto.merlin.keystore.type=JCEKS
+org.apache.wss4j.crypto.merlin.keystore.password=password
+org.apache.wss4j.crypto.merlin.keystore.alias=cn=dummy
+org.apache.wss4j.crypto.merlin.file=target/keystore

(ws-axiom) branch master updated: Upgrade wss4j-tests to WSS4J 4.0.1

Reply via email to