コード例 #1
0
  /** Test an invalid UsernameToken with password text */
  @org.junit.Test
  public void testInvalidUsernameTokenText() throws Exception {
    TokenValidator usernameTokenValidator = new UsernameTokenValidator();
    TokenValidatorParameters validatorParameters = createValidatorParameters();
    TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();

    // Create a ValidateTarget consisting of a UsernameToken
    UsernameTokenType usernameToken = new UsernameTokenType();
    AttributedString username = new AttributedString();
    username.setValue("eve");
    usernameToken.setUsername(username);
    JAXBElement<UsernameTokenType> tokenType =
        new JAXBElement<UsernameTokenType>(
            QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);

    // Add a password
    PasswordString password = new PasswordString();
    password.setValue("clarinet");
    password.setType(WSConstants.PASSWORD_TEXT);
    JAXBElement<PasswordString> passwordType =
        new JAXBElement<PasswordString>(QNameConstants.PASSWORD, PasswordString.class, password);
    usernameToken.getAny().add(passwordType);

    ReceivedToken validateTarget = new ReceivedToken(tokenType);
    tokenRequirements.setValidateTarget(validateTarget);
    validatorParameters.setToken(validateTarget);

    assertTrue(usernameTokenValidator.canHandleToken(validateTarget));

    // This will fail as the username is bad
    TokenValidatorResponse validatorResponse =
        usernameTokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);

    // This will fail as the password is bad
    username.setValue("alice");
    password.setValue("badpassword");
    validatorResponse = usernameTokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
  }
コード例 #2
0
  /** Test a valid UsernameToken with password digest */
  @org.junit.Test
  public void testValidUsernameTokenDigest() throws Exception {
    TokenValidator usernameTokenValidator = new UsernameTokenValidator();
    TokenValidatorParameters validatorParameters = createValidatorParameters();
    TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();

    // Create a ValidateTarget consisting of a UsernameToken
    UsernameTokenType usernameToken = new UsernameTokenType();
    AttributedString username = new AttributedString();
    username.setValue("alice");
    usernameToken.setUsername(username);
    JAXBElement<UsernameTokenType> tokenType =
        new JAXBElement<UsernameTokenType>(
            QNameConstants.USERNAME_TOKEN, UsernameTokenType.class, usernameToken);

    // Create a WSS4J UsernameToken
    Document doc = DOMUtils.createDocument();
    UsernameToken ut = new UsernameToken(true, doc, WSConstants.PASSWORD_DIGEST);
    ut.setName("alice");
    ut.setPassword("clarinet");
    ut.addNonce(doc);
    ut.addCreated(true, doc);

    // Add a password
    PasswordString password = new PasswordString();
    password.setValue(ut.getPassword());
    password.setType(WSConstants.PASSWORD_DIGEST);
    JAXBElement<PasswordString> passwordType =
        new JAXBElement<PasswordString>(QNameConstants.PASSWORD, PasswordString.class, password);
    usernameToken.getAny().add(passwordType);

    // Add a nonce
    EncodedString nonce = new EncodedString();
    nonce.setValue(ut.getNonce());
    nonce.setEncodingType(WSConstants.SOAPMESSAGE_NS + "#Base64Binary");
    JAXBElement<EncodedString> nonceType =
        new JAXBElement<EncodedString>(QNameConstants.NONCE, EncodedString.class, nonce);
    usernameToken.getAny().add(nonceType);

    // Add Created value
    String created = ut.getCreated();
    Element createdElement = doc.createElementNS(WSConstants.WSU_NS, "Created");
    createdElement.setAttributeNS(WSConstants.XMLNS_NS, "xmlns", WSConstants.WSU_NS);
    createdElement.setTextContent(created);
    usernameToken.getAny().add(createdElement);

    ReceivedToken validateTarget = new ReceivedToken(tokenType);
    tokenRequirements.setValidateTarget(validateTarget);
    validatorParameters.setToken(validateTarget);

    assertTrue(usernameTokenValidator.canHandleToken(validateTarget));

    TokenValidatorResponse validatorResponse =
        usernameTokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.VALID);

    Principal principal = validatorResponse.getPrincipal();
    assertTrue(principal != null && principal.getName() != null);

    // Expected failure on a bad password
    password.setValue("badpassword");
    validatorResponse = usernameTokenValidator.validateToken(validatorParameters);
    assertTrue(validatorResponse != null);
    assertTrue(validatorResponse.getToken() != null);
    assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
  }