/** Configures SOAP interceptors for the given client. */
protected void configureInterceptors(Client client) {
client.getInInterceptors().add(new Cxf3791WorkaroundInterceptor());
// WS-Addressing-related interceptors
if (wsTransactionConfiguration.isAddressing()) {
MustUnderstandDecoratorInterceptor interceptor = new MustUnderstandDecoratorInterceptor();
for (String nsUri : SoapUtils.WS_ADDRESSING_NS_URIS) {
interceptor.addHeader(new QName(nsUri, "Action"));
}
client.getOutInterceptors().add(interceptor);
MAPCodec mapCodec = new MAPCodec();
MAPAggregator mapAggregator = new MAPAggregator();
client.getInInterceptors().add(mapCodec);
client.getInInterceptors().add(mapAggregator);
client.getInFaultInterceptors().add(mapCodec);
client.getInFaultInterceptors().add(mapAggregator);
client.getOutInterceptors().add(mapCodec);
client.getOutInterceptors().add(mapAggregator);
client.getOutFaultInterceptors().add(mapCodec);
client.getOutFaultInterceptors().add(mapAggregator);
}
if (wsTransactionConfiguration.isSwaOutSupport()) {
client.getOutInterceptors().add(new ProvidedAttachmentOutInterceptor());
client.getOutInterceptors().add(new FixContentTypeOutInterceptor());
}
InterceptorUtils.copyInterceptorsFromProvider(customInterceptors, client);
}
@Override
protected void configureInterceptors(Client client) {
super.configureInterceptors(client);
client.getInInterceptors().add(new InPayloadExtractorInterceptor());
client.getInInterceptors().add(new InNamespaceMergeInterceptor());
client.getInInterceptors().add(new InPayloadInjectorInterceptor(0));
client.getEndpoint().getService().setDataBinding(new PlainXmlDataBinding());
}
@Test
public void testSaml1SignedSenderVouches() throws Exception {
// Create + configure service
Service service = createService();
WSSSecurityProperties inProperties = new WSSSecurityProperties();
Properties cryptoProperties =
CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
service.getInInterceptors().add(inhandler);
// Create + configure client
Echo echo = createClientProxy();
Client client = ClientProxy.getClient(echo);
client.getInInterceptors().add(new LoggingInInterceptor());
client.getOutInterceptors().add(new LoggingOutInterceptor());
Map<String, Object> properties = new HashMap<String, Object>();
properties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
properties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
properties.put(WSHandlerConstants.USER, "alice");
properties.put(WSHandlerConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
properties.put(WSHandlerConstants.SIG_PROP_FILE, "alice.properties");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
client.getOutInterceptors().add(ohandler);
assertEquals("test", echo.echo("test"));
}
@Test
public void testSaml1() throws Exception {
// Create + configure service
Service service = createService();
WSSSecurityProperties inProperties = new WSSSecurityProperties();
inProperties.setValidateSamlSubjectConfirmation(false);
WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
service.getInInterceptors().add(inhandler);
// Create + configure client
Echo echo = createClientProxy();
Client client = ClientProxy.getClient(echo);
client.getInInterceptors().add(new LoggingInInterceptor());
client.getOutInterceptors().add(new LoggingOutInterceptor());
Map<String, Object> properties = new HashMap<String, Object>();
properties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
properties.put(WSHandlerConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler());
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
client.getOutInterceptors().add(ohandler);
assertEquals("test", echo.echo("test"));
}
@Test
public void testSaml2TokenHOK() throws Exception {
// Create + configure service
Service service = createService();
WSSSecurityProperties inProperties = new WSSSecurityProperties();
Properties cryptoProperties =
CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
CustomStaxSamlValidator validator = new CustomStaxSamlValidator();
inProperties.addValidator(WSConstants.SAML_TOKEN, validator);
inProperties.addValidator(WSConstants.SAML2_TOKEN, validator);
WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
service.getInInterceptors().add(inhandler);
// Create + configure client
Echo echo = createClientProxy();
Client client = ClientProxy.getClient(echo);
client.getInInterceptors().add(new LoggingInInterceptor());
client.getOutInterceptors().add(new LoggingOutInterceptor());
Map<String, Object> properties = new HashMap<String, Object>();
properties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
callbackHandler.setSignAssertion(true);
properties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
properties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
properties.put(WSHandlerConstants.USER, "alice");
properties.put(WSHandlerConstants.PW_CALLBACK_REF, new PasswordCallbackHandler());
properties.put(WSHandlerConstants.SIG_PROP_FILE, "alice.properties");
WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
client.getOutInterceptors().add(ohandler);
try {
echo.echo("test");
fail("Failure expected on receiving sender vouches instead of HOK");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
// expected
}
validator.setRequireSenderVouches(false);
try {
echo.echo("test");
fail("Failure expected on receiving a SAML 1.1 Token instead of SAML 2.0");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
// expected
}
validator.setRequireSAML1Assertion(false);
assertEquals("test", echo.echo("test"));
}
private MetadataModelServicePortType getMMSSoapClient()
throws GeneralSecurityException, IOException {
MetadataModelServicePortType mmsPort = MMSSoapClientFactory.createSoapClient(MMS_URL);
Client client = ClientProxy.getClient(mmsPort);
client.getInInterceptors().add(new LoggingInInterceptor());
client.getOutInterceptors().add(new LoggingOutInterceptor());
return mmsPort;
}
@Override
protected void configureInterceptors(Client client) {
super.configureInterceptors(client);
client.getInInterceptors().add(new InPayloadExtractorInterceptor(SOAP_BODY));
client.getInInterceptors().add(new InNamespaceMergeInterceptor());
client.getInInterceptors().add(new InPayloadInjectorInterceptor(0));
client.getEndpoint().getService().setDataBinding(new PlainXmlDataBinding());
// install auditing-related interceptors if the user has not switched auditing off
if (auditStrategy != null) {
client
.getOutInterceptors()
.add(
new AuditOutRequestInterceptor<>(
auditStrategy, correlator, getWsTransactionConfiguration()));
AuditResponseInterceptor<Hl7v3AuditDataset> auditInterceptor =
new AuditResponseInterceptor<>(auditStrategy, false, correlator, false);
client.getInInterceptors().add(auditInterceptor);
client.getInFaultInterceptors().add(auditInterceptor);
}
}
@Test
public void testClientProxyFactory() {
JaxWsProxyFactoryBean cf = new JaxWsProxyFactoryBean();
cf.setAddress("http://localhost:" + PORT + "/test");
cf.setServiceClass(Greeter.class);
cf.setBus(getBus());
Configurer c = getBus().getExtension(Configurer.class);
c.configureBean("client.proxyFactory", cf);
Greeter greeter = (Greeter) cf.create();
Client client = ClientProxy.getClient(greeter);
checkAddressInterceptors(client.getInInterceptors());
}
@Override
public void initialize(Client client, Bus bus) {
// check if there is logging interceptor
removeInterceptorWhichIsOutThePhases(
client.getInInterceptors(), REMAINING_IN_PHASES, getInInterceptorNames());
removeInterceptorWhichIsOutThePhases(
client.getEndpoint().getInInterceptors(), REMAINING_IN_PHASES, getInInterceptorNames());
client.getEndpoint().getBinding().getInInterceptors().clear();
// we need to keep the LoggingOutputInterceptor
getOutInterceptorNames().add(LoggingOutInterceptor.class.getName());
removeInterceptorWhichIsOutThePhases(
client.getOutInterceptors(), REMAINING_OUT_PHASES, getOutInterceptorNames());
removeInterceptorWhichIsOutThePhases(
client.getEndpoint().getOutInterceptors(), REMAINING_OUT_PHASES, getOutInterceptorNames());
client.getEndpoint().getBinding().getOutInterceptors().clear();
client.getEndpoint().getOutInterceptors().add(new RawMessageContentRedirectInterceptor());
}