예제 #1
0
  /** Test the Bearer SAML1 case with a Lifetime element */
  @org.junit.Test
  public void testBearerSaml1Lifetime() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = IssueUnitTest.class.getResource("cxf-client.xml");

    Bus bus = bf.createBus(busFile.toString());
    SpringBusFactory.setDefaultBus(bus);
    SpringBusFactory.setThreadDefaultBus(bus);

    // Get a token
    SecurityToken token =
        requestSecurityTokenTTL(SAML1_TOKEN_TYPE, BEARER_KEYTYPE, bus, DEFAULT_ADDRESS);
    assertTrue(SAML1_TOKEN_TYPE.equals(token.getTokenType()));
    assertTrue(token.getToken() != null);

    // Process the token
    List<WSSecurityEngineResult> results = processToken(token);
    assertTrue(results != null && results.size() == 1);
    SamlAssertionWrapper assertion =
        (SamlAssertionWrapper) results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
    assertTrue(assertion != null);
    assertTrue(assertion.getSaml1() != null && assertion.getSaml2() == null);
    assertTrue(assertion.isSigned());

    List<String> methods = assertion.getConfirmationMethods();
    String confirmMethod = null;
    if (methods != null && methods.size() > 0) {
      confirmMethod = methods.get(0);
    }
    assertTrue(confirmMethod.contains("bearer"));

    bus.shutdown(true);
  }
예제 #2
0
  /** Test the Symmetric Key SAML1 case */
  @org.junit.Test
  public void testSymmetricKeySaml1() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = IssueUnitTest.class.getResource("cxf-client.xml");

    Bus bus = bf.createBus(busFile.toString());
    SpringBusFactory.setDefaultBus(bus);
    SpringBusFactory.setThreadDefaultBus(bus);

    // Get a token
    SecurityToken token =
        requestSecurityToken(SAML1_TOKEN_TYPE, SYMMETRIC_KEY_KEYTYPE, bus, DEFAULT_ADDRESS);
    assertTrue(token.getSecret() != null && token.getSecret().length > 0);
    assertTrue(SAML1_TOKEN_TYPE.equals(token.getTokenType()));
    assertTrue(token.getToken() != null);

    // Process the token
    List<WSSecurityEngineResult> results = processToken(token);

    assertTrue(results != null && results.size() == 1);
    SamlAssertionWrapper assertion =
        (SamlAssertionWrapper) results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
    assertTrue(assertion != null);
    assertTrue(assertion.getSaml1() != null && assertion.getSaml2() == null);
    assertTrue(assertion.isSigned());

    List<String> methods = assertion.getConfirmationMethods();
    String confirmMethod = null;
    if (methods != null && methods.size() > 0) {
      confirmMethod = methods.get(0);
    }
    assertTrue(OpenSAMLUtil.isMethodHolderOfKey(confirmMethod));
    SAMLKeyInfo subjectKeyInfo = assertion.getSubjectKeyInfo();
    assertTrue(subjectKeyInfo.getSecret() != null);

    bus.shutdown(true);
  }
예제 #3
0
  // CHECKSTYLE:OFF
  @org.junit.Test
  public void testSAMLinWSSecToOtherRealm() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = IssueUnitTest.class.getResource("cxf-client.xml");

    Bus bus = bf.createBus(busFile.toString());
    SpringBusFactory.setDefaultBus(bus);
    SpringBusFactory.setThreadDefaultBus(bus);

    Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
    CallbackHandler callbackHandler = new CommonCallbackHandler();

    // Create SAML token
    Element samlToken =
        createSAMLAssertion(
            WSConstants.WSS_SAML2_TOKEN_TYPE,
            crypto,
            "mystskey",
            callbackHandler,
            null,
            "alice",
            "a-issuer");

    String id = null;
    QName elName = DOMUtils.getElementQName(samlToken);
    if (elName.equals(new QName(WSConstants.SAML_NS, "Assertion"))
        && samlToken.hasAttributeNS(null, "AssertionID")) {
      id = samlToken.getAttributeNS(null, "AssertionID");
    } else if (elName.equals(new QName(WSConstants.SAML2_NS, "Assertion"))
        && samlToken.hasAttributeNS(null, "ID")) {
      id = samlToken.getAttributeNS(null, "ID");
    }
    if (id == null) {
      id = samlToken.getAttributeNS(WSConstants.WSU_NS, "Id");
    }

    SecurityToken wstoken = new SecurityToken(id, samlToken, null, null);
    Map<String, Object> properties = new HashMap<String, Object>();
    properties.put(SecurityConstants.TOKEN, wstoken);
    properties.put(SecurityConstants.TOKEN_ID, wstoken.getId());

    // Get a token

    SecurityToken token =
        requestSecurityToken(
            SAML2_TOKEN_TYPE,
            BEARER_KEYTYPE,
            null,
            bus,
            DEFAULT_ADDRESS,
            null,
            properties,
            "b-issuer",
            "Transport_SAML_Port");

    /*
    SecurityToken token =
            requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, null,
                    bus, DEFAULT_ADDRESS, null, properties, "b-issuer", null);
                    */
    assertTrue(SAML2_TOKEN_TYPE.equals(token.getTokenType()));
    assertTrue(token.getToken() != null);

    List<WSSecurityEngineResult> results = processToken(token);
    assertTrue(results != null && results.size() == 1);
    SamlAssertionWrapper assertion =
        (SamlAssertionWrapper) results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
    assertTrue(assertion != null);
    assertTrue(assertion.isSigned());

    List<String> methods = assertion.getConfirmationMethods();
    String confirmMethod = null;
    if (methods != null && methods.size() > 0) {
      confirmMethod = methods.get(0);
    }
    assertTrue(confirmMethod.contains("bearer"));

    assertTrue("b-issuer".equals(assertion.getIssuerString()));
    String subjectName = assertion.getSaml2().getSubject().getNameID().getValue();
    assertTrue("Subject must be ALICE instead of " + subjectName, "ALICE".equals(subjectName));
  }