Repository: camel Updated Branches: refs/heads/master 5f79b2951 -> 0068bf7e0
CAMEL-7416: Improve WS-Security testing applying Colm's patch. Thanks. Project: http://git-wip-us.apache.org/repos/asf/camel/repo Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/0068bf7e Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/0068bf7e Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/0068bf7e Branch: refs/heads/master Commit: 0068bf7e09c9b94077a5cfbe054872b39fc7623d Parents: 5f79b29 Author: Akitoshi Yoshida <a...@apache.org> Authored: Thu May 8 11:57:16 2014 +0200 Committer: Akitoshi Yoshida <a...@apache.org> Committed: Thu May 8 12:00:31 2014 +0200 ---------------------------------------------------------------------- .../wssecurity/camel/WSSecurityRouteTest.java | 120 ++++++++--- .../cxf/wssecurity/server/CxfServer.java | 86 +------- .../src/test/resources/hello_world_wssec.wsdl | 13 +- .../cxf/wssecurity/camel/camel-context.xml | 207 +++++++++++-------- .../component/cxf/wssecurity/client/wssec.xml | 94 ++++++++- .../wssecurity/encrypted-supp-token-policy.xml | 40 ++++ .../component/cxf/wssecurity/server/wssec.xml | 116 ++++++++++- 7 files changed, 480 insertions(+), 196 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/camel/blob/0068bf7e/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/camel/WSSecurityRouteTest.java ---------------------------------------------------------------------- diff --git a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/camel/WSSecurityRouteTest.java b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/camel/WSSecurityRouteTest.java index 4109032..af28c19 100644 --- a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/camel/WSSecurityRouteTest.java +++ b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/camel/WSSecurityRouteTest.java @@ -16,63 +16,135 @@ */ package org.apache.camel.component.cxf.wssecurity.camel; +import java.net.URL; + +import javax.xml.ws.BindingProvider; + import org.apache.camel.CamelContext; import org.apache.camel.component.cxf.CXFTestSupport; -import org.apache.camel.component.cxf.wssecurity.client.Client; import org.apache.camel.component.cxf.wssecurity.server.CxfServer; import org.apache.camel.hello_world_soap_http.Greeter; +import org.apache.camel.hello_world_soap_http.GreeterService; import org.apache.camel.spring.SpringCamelContext; import org.apache.camel.test.junit4.CamelTestSupport; -import org.junit.After; -import org.junit.Before; +import org.apache.cxf.Bus; +import org.apache.cxf.bus.spring.SpringBusFactory; +import org.junit.AfterClass; +import org.junit.BeforeClass; import org.junit.Test; import org.springframework.context.support.AbstractXmlApplicationContext; import org.springframework.context.support.ClassPathXmlApplicationContext; public class WSSecurityRouteTest extends CamelTestSupport { - protected CxfServer cxfServer; - protected AbstractXmlApplicationContext applicationContext; + static final int PORT = CXFTestSupport.getPort1(); + static CxfServer cxfServer; + + private static AbstractXmlApplicationContext applicationContext; - @Before - public void setUp() throws Exception { - //start the back end service - int port = CXFTestSupport.getPort1(); - cxfServer = new CxfServer(port); + @BeforeClass + public static void setupContext() throws Exception { + cxfServer = new CxfServer(); applicationContext = createApplicationContext(); - super.setUp(); } - @After - public void shutdownService() { - if (cxfServer != null) { - cxfServer.stop(); - } + @AfterClass + public static void shutdownService() { if (applicationContext != null) { applicationContext.stop(); } } - @Override protected CamelContext createCamelContext() throws Exception { return SpringCamelContext.springCamelContext(applicationContext); } - - protected ClassPathXmlApplicationContext createApplicationContext() { + private static ClassPathXmlApplicationContext createApplicationContext() { return new ClassPathXmlApplicationContext("org/apache/camel/component/cxf/wssecurity/camel/camel-context.xml"); } - protected String getRouterAddress() { - return "http://localhost:"; + CXFTestSupport.getPort2() + "/WSSecurityRouteTest/GreeterPort"; + @Test + public void testSignature() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = WSSecurityRouteTest.class.getResource("../client/wssec.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + GreeterService gs = new GreeterService(); + Greeter greeter = gs.getGreeterSignaturePort(); + + ((BindingProvider)greeter).getRequestContext().put( + BindingProvider.ENDPOINT_ADDRESS_PROPERTY, + "http://localhost:"; + CXFTestSupport.getPort2() + + "/WSSecurityRouteTest/GreeterSignaturePort" + ); + + assertEquals("Get a wrong response", "Hello Security", greeter.greetMe("Security")); } @Test - public void testInvokeService() throws Exception { - Client client = new Client(getRouterAddress()); - Greeter greeter = client.getClient(); + public void testUsernameToken() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = WSSecurityRouteTest.class.getResource("../client/wssec.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + GreeterService gs = new GreeterService(); + Greeter greeter = gs.getGreeterUsernameTokenPort(); + + ((BindingProvider)greeter).getRequestContext().put( + BindingProvider.ENDPOINT_ADDRESS_PROPERTY, + "http://localhost:"; + CXFTestSupport.getPort2() + + "/WSSecurityRouteTest/GreeterUsernameTokenPort" + ); + + assertEquals("Get a wrong response", "Hello Security", greeter.greetMe("Security")); + } + + @Test + public void testEncryption() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = WSSecurityRouteTest.class.getResource("../client/wssec.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + GreeterService gs = new GreeterService(); + Greeter greeter = gs.getGreeterEncryptionPort(); + + ((BindingProvider)greeter).getRequestContext().put( + BindingProvider.ENDPOINT_ADDRESS_PROPERTY, + "http://localhost:"; + CXFTestSupport.getPort2() + + "/WSSecurityRouteTest/GreeterEncryptionPort" + ); + assertEquals("Get a wrong response", "Hello Security", greeter.greetMe("Security")); } + @Test + public void testSecurityPolicy() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = WSSecurityRouteTest.class.getResource("../client/wssec.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + GreeterService gs = new GreeterService(); + Greeter greeter = gs.getGreeterSecurityPolicyPort(); + + ((BindingProvider)greeter).getRequestContext().put( + BindingProvider.ENDPOINT_ADDRESS_PROPERTY, + "http://localhost:"; + CXFTestSupport.getPort2() + + "/WSSecurityRouteTest/GreeterSecurityPolicyPort" + ); + + assertEquals("Get a wrong response", "Hello Security", greeter.greetMe("Security")); + } } http://git-wip-us.apache.org/repos/asf/camel/blob/0068bf7e/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/server/CxfServer.java ---------------------------------------------------------------------- diff --git a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/server/CxfServer.java b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/server/CxfServer.java index 028b6d9..92d6ba5 100644 --- a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/server/CxfServer.java +++ b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/server/CxfServer.java @@ -16,87 +16,21 @@ */ package org.apache.camel.component.cxf.wssecurity.server; -import java.util.HashMap; -import java.util.Map; +import java.net.URL; -import org.apache.cxf.endpoint.Server; -import org.apache.cxf.jaxws.JaxWsServerFactoryBean; -import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor; -import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor; +import org.apache.camel.component.cxf.wssecurity.camel.WSSecurityRouteTest; +import org.apache.cxf.Bus; +import org.apache.cxf.bus.spring.SpringBusFactory; public class CxfServer { - //private static final String WSU_NS - // = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";; - - private String address; - - private Server server; + public CxfServer() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = WSSecurityRouteTest.class.getResource("../server/wssec.xml"); - public CxfServer(int port) throws Exception { - Object implementor = new GreeterImpl(); - address = "http://localhost:"; + port + "/WSSecurityRouteTest/GreeterPort"; - JaxWsServerFactoryBean bean = new JaxWsServerFactoryBean(); - bean.setAddress(address); - bean.setServiceBean(implementor); - bean.getInInterceptors().add(getWSS4JInInterceptor()); - bean.getOutInterceptors().add(getWSS4JOutInterceptor()); - server = bean.create(); + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); } - public void stop() { - if (server != null) { - server.start(); - } - } - - public static WSS4JOutInterceptor getWSS4JOutInterceptor() throws Exception { - - Map<String, Object> outProps = new HashMap<String, Object>(); - outProps.put("action", "Signature"); - //outProps.put("action", "UsernameToken Timestamp Signature Encrypt"); - - outProps.put("passwordType", "PasswordText"); - outProps.put("user", "serverx509v1"); - outProps.put("passwordCallbackClass", "org.apache.camel.component.cxf.wssecurity.server.UTPasswordCallback"); - - //If you are using the patch WSS-194, then uncomment below two lines and - //comment the above "user" prop line. - //outProps.put("user", "Alice"); - //outProps.put("signatureUser", "serverx509v1"); - - //outProps.put("encryptionUser", "clientx509v1"); - //outProps.put("encryptionPropFile", "wssecurity/etc/Server_SignVerf.properties"); - //outProps.put("encryptionKeyIdentifier", "IssuerSerial"); - //outProps.put("encryptionParts", "{Element}{" + WSU_NS + "}Timestamp;" - // + "{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body";); - - outProps.put("signaturePropFile", "wssecurity/etc/Server_Decrypt.properties"); - outProps.put("signatureKeyIdentifier", "DirectReference"); - outProps.put("signatureParts", //"{Element}{" + WSU_NS + "}Timestamp;" - "{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body";); - - return new WSS4JOutInterceptor(outProps); - } - - public static WSS4JInInterceptor getWSS4JInInterceptor() throws Exception { - - Map<String, Object> inProps = new HashMap<String, Object>(); - - //inProps.put("action", "UsernameToken Timestamp Signature Encrypt"); - inProps.put("action", "Signature"); - inProps.put("passwordType", "PasswordDigest"); - inProps.put("passwordCallbackClass", "org.apache.camel.component.cxf.wssecurity.server.UTPasswordCallback"); - - //inProps.put("decryptionPropFile", "wssecurity/etc/Server_Decrypt.properties"); - //inProps.put("encryptionKeyIdentifier", "IssuerSerial"); - - inProps.put("signaturePropFile", "wssecurity/etc/Server_SignVerf.properties"); - inProps.put("signatureKeyIdentifier", "DirectReference"); - - return new WSS4JInInterceptor(inProps); - - } - - } http://git-wip-us.apache.org/repos/asf/camel/blob/0068bf7e/components/camel-cxf/src/test/resources/hello_world_wssec.wsdl ---------------------------------------------------------------------- diff --git a/components/camel-cxf/src/test/resources/hello_world_wssec.wsdl b/components/camel-cxf/src/test/resources/hello_world_wssec.wsdl index a19ccbe..7d0d9f6 100644 --- a/components/camel-cxf/src/test/resources/hello_world_wssec.wsdl +++ b/components/camel-cxf/src/test/resources/hello_world_wssec.wsdl @@ -126,10 +126,19 @@ </wsdl:binding> <wsdl:service name="GreeterService"> - <wsdl:port binding="tns:Greeter_SOAPBinding" name="GreeterPort"> - <soap:address location="http://localhost:8000/SoapContext/GreeterPort"/> + <wsdl:port binding="tns:Greeter_SOAPBinding" name="GreeterSignaturePort"> + <soap:address location="http://localhost:8000/SoapContext/GreeterSignaturePort"/> <wswa:UsingAddressing xmlns:wswa="http://www.w3.org/2005/02/addressing/wsdl"/> </wsdl:port> + <wsdl:port binding="tns:Greeter_SOAPBinding" name="GreeterUsernameTokenPort"> + <soap:address location="http://localhost:8000/SoapContext/GreeterUsernameTokenPort"/> + </wsdl:port> + <wsdl:port binding="tns:Greeter_SOAPBinding" name="GreeterEncryptionPort"> + <soap:address location="http://localhost:8000/SoapContext/GreeterEncryptionPort"/> + </wsdl:port> + <wsdl:port binding="tns:Greeter_SOAPBinding" name="GreeterSecurityPolicyPort"> + <soap:address location="http://localhost:8000/SoapContext/GreeterSecurityPolicyPort"/> + </wsdl:port> </wsdl:service> </wsdl:definitions> http://git-wip-us.apache.org/repos/asf/camel/blob/0068bf7e/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/camel/camel-context.xml ---------------------------------------------------------------------- diff --git a/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/camel/camel-context.xml b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/camel/camel-context.xml index 32f9897..abccafe 100644 --- a/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/camel/camel-context.xml +++ b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/camel/camel-context.xml @@ -15,95 +15,134 @@ See the License for the specific language governing permissions and limitations under the License. --> -<beans xmlns="http://www.springframework.org/schema/beans"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; - xmlns:camel="http://camel.apache.org/schema/spring"; - xmlns:cxf="http://camel.apache.org/schema/cxf"; - xmlns:cxf-core="http://cxf.apache.org/core"; - xmlns:wsa="http://cxf.apache.org/ws/addressing"; - xsi:schemaLocation=" - http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd - http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd - http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd";> - - <cxf-core:bus> +<beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:camel="http://camel.apache.org/schema/spring"; xmlns:cxf="http://camel.apache.org/schema/cxf"; xmlns:cxf-core="http://cxf.apache.org/core"; xmlns:wsa="http://cxf.apache.org/ws/addressing"; xmlns:p="http://cxf.apache.org/policy"; xsi:schemaLocation=" http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd + http://www.w3.org/ns/ws-policy http://www.w3.org/2007/02/ws-policy.xsd";> + + <cxf-core:bus> <cxf-core:features> <cxf-core:logging/> - <!-- wsa:addressing/--> </cxf-core:features> - </cxf-core:bus> - - <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> + </cxf-core:bus> - <import resource="classpath:META-INF/cxf/cxf.xml"/> - - - <cxf:cxfEndpoint id="route" - address="http://localhost:${CXFTestSupport.port2}/WSSecurityRouteTest/GreeterPort"; - serviceClass="org.apache.camel.hello_world_soap_http.Greeter"> - <cxf:properties> - <entry key="dataFormat" value="CXF_MESSAGE" /> - </cxf:properties> - - <cxf:inInterceptors> - <ref bean="wss4jInInterceptor-server" /> - </cxf:inInterceptors> - - </cxf:cxfEndpoint> - - <cxf:cxfEndpoint id="service" - address="http://localhost:${CXFTestSupport.port1}/WSSecurityRouteTest/GreeterPort"; - serviceClass="org.apache.camel.hello_world_soap_http.Greeter"> - <cxf:properties> - <entry key="dataFormat" value="CXF_MESSAGE" /> - </cxf:properties> - <cxf:inInterceptors> - <ref bean="wss4jInInterceptor-client" /> - </cxf:inInterceptors> - - </cxf:cxfEndpoint> - - - <camelContext id="camel" xmlns="http://camel.apache.org/schema/spring";> - <route errorHandlerRef="noErrorHandler"> - <from uri="cxf:bean:route" /> - <to uri="cxf:bean:service"/> - </route> - - </camelContext> - - <bean id="noErrorHandler" class="org.apache.camel.builder.NoErrorHandlerBuilder"/> - - - <bean id="wss4jInInterceptor-server" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> - <constructor-arg> - <map> - <entry key="action" value="Signature" /> - <!-- entry key="passwordCallbackClass" value="org.apache.camel.component.cxf.wssecurity.server.UTPasswordCallback" /> - <entry key="passwordType" value="PasswordDigest" /--> - <!-- entry key="decryptionPropFile" value="wssecurity/etc/Server_Decrypt.properties" /> - <entry key="encryptionKeyIdentifier" value="IssuerSerial" /--> - + <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> + + <import resource="classpath:META-INF/cxf/cxf.xml"/> + + <cxf:cxfEndpoint + id="signatureRoute" + address="http://localhost:${CXFTestSupport.port2}/WSSecurityRouteTest/GreeterSignaturePort"; + serviceClass="org.apache.camel.hello_world_soap_http.Greeter"> + <cxf:properties> + <entry key="dataFormat" value="CXF_MESSAGE"/> + </cxf:properties> + <cxf:inInterceptors> + <ref bean="wss4jInInterceptor-signature"/> + </cxf:inInterceptors> + </cxf:cxfEndpoint> + + <cxf:cxfEndpoint + id="signatureService" + address="http://localhost:${CXFTestSupport.port1}/WSSecurityRouteTest/GreeterSignaturePort"; + serviceClass="org.apache.camel.hello_world_soap_http.Greeter"> + <cxf:properties> + <entry key="dataFormat" value="CXF_MESSAGE"/> + </cxf:properties> + </cxf:cxfEndpoint> + + <cxf:cxfEndpoint + id="usernameTokenRoute" + address="http://localhost:${CXFTestSupport.port2}/WSSecurityRouteTest/GreeterUsernameTokenPort"; + serviceClass="org.apache.camel.hello_world_soap_http.Greeter"> + <cxf:properties> + <entry key="dataFormat" value="CXF_MESSAGE"/> + </cxf:properties> + <cxf:inInterceptors> + <ref bean="wss4jInInterceptor-usernameToken"/> + </cxf:inInterceptors> + </cxf:cxfEndpoint> + + <cxf:cxfEndpoint + id="usernameTokenService" + address="http://localhost:${CXFTestSupport.port1}/WSSecurityRouteTest/GreeterUsernameTokenPort"; + serviceClass="org.apache.camel.hello_world_soap_http.Greeter"> + <cxf:properties> + <entry key="dataFormat" value="CXF_MESSAGE"/> + </cxf:properties> + </cxf:cxfEndpoint> + + <cxf:cxfEndpoint + id="encryptionRoute" + address="http://localhost:${CXFTestSupport.port2}/WSSecurityRouteTest/GreeterEncryptionPort"; + serviceClass="org.apache.camel.hello_world_soap_http.Greeter"> + <cxf:properties> + <entry key="dataFormat" value="MESSAGE"/> + </cxf:properties> + </cxf:cxfEndpoint> + + <cxf:cxfEndpoint + id="encryptionService" + address="http://localhost:${CXFTestSupport.port1}/WSSecurityRouteTest/GreeterEncryptionPort"; + serviceClass="org.apache.camel.hello_world_soap_http.Greeter"> + <cxf:properties> + <entry key="dataFormat" value="MESSAGE"/> + </cxf:properties> + </cxf:cxfEndpoint> + + <cxf:cxfEndpoint + id="securityPolicyRoute" + address="http://localhost:${CXFTestSupport.port2}/WSSecurityRouteTest/GreeterSecurityPolicyPort"; + serviceClass="org.apache.camel.hello_world_soap_http.Greeter"> + <cxf:properties> + <entry key="dataFormat" value="MESSAGE"/> + </cxf:properties> + </cxf:cxfEndpoint> + + <cxf:cxfEndpoint + id="securityPolicyService" + address="http://localhost:${CXFTestSupport.port1}/WSSecurityRouteTest/GreeterSecurityPolicyPort"; + serviceClass="org.apache.camel.hello_world_soap_http.Greeter"> + <cxf:properties> + <entry key="dataFormat" value="MESSAGE"/> + </cxf:properties> + </cxf:cxfEndpoint> + + <camelContext xmlns="http://camel.apache.org/schema/spring"; id="camel"> + <route errorHandlerRef="noErrorHandler"> + <from uri="cxf:bean:signatureRoute"/> + <to uri="cxf:bean:signatureService"/> + </route> + <route errorHandlerRef="noErrorHandler"> + <from uri="cxf:bean:usernameTokenRoute"/> + <to uri="cxf:bean:usernameTokenService"/> + </route> + <route errorHandlerRef="noErrorHandler"> + <from uri="cxf:bean:encryptionRoute"/> + <to uri="cxf:bean:encryptionService"/> + </route> + <route errorHandlerRef="noErrorHandler"> + <from uri="cxf:bean:securityPolicyRoute"/> + <to uri="cxf:bean:securityPolicyService"/> + </route> + </camelContext> + + <bean id="noErrorHandler" class="org.apache.camel.builder.NoErrorHandlerBuilder"/> + + <bean id="wss4jInInterceptor-signature" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="Signature Timestamp"/> <entry key="signaturePropFile" value="wssecurity/etc/Server_SignVerf.properties"/> - <entry key="signatureKeyIdentifier" value="DirectReference"/> - </map> + </map> </constructor-arg> - </bean> - - <bean id="wss4jInInterceptor-client" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> - <constructor-arg> - <map> - <entry key="action" value="Signature" /> - <!-- entry key="passwordCallbackClass" value="org.apache.camel.component.cxf.wssecurity.server.UTPasswordCallback" /> - <entry key="passwordType" value="PasswordDigest" /--> - <!-- entry key="decryptionPropFile" value="wssecurity/etc/Server_Decrypt.properties" /> - <entry key="encryptionKeyIdentifier" value="IssuerSerial" /--> - - <entry key="signaturePropFile" value="wssecurity/etc/Client_Encrypt.properties"/> - <entry key="signatureKeyIdentifier" value="DirectReference"/> - </map> + </bean> + + <bean id="wss4jInInterceptor-usernameToken" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="UsernameToken"/> + <entry key="passwordCallbackClass" value="org.apache.camel.component.cxf.wssecurity.server.UTPasswordCallback"/> + </map> </constructor-arg> - </bean> - + </bean> + </beans> http://git-wip-us.apache.org/repos/asf/camel/blob/0068bf7e/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/client/wssec.xml ---------------------------------------------------------------------- diff --git a/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/client/wssec.xml b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/client/wssec.xml index 6526527..3ae4bdb 100644 --- a/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/client/wssec.xml +++ b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/client/wssec.xml @@ -24,22 +24,106 @@ xmlns:http="http://cxf.apache.org/transports/http/configuration"; xmlns:wsrm-policy="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"; xmlns:wsrm-mgr="http://cxf.apache.org/ws/rm/manager"; + xmlns:jaxws="http://cxf.apache.org/jaxws"; + xmlns:p="http://cxf.apache.org/policy"; xsi:schemaLocation=" http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://schemas.xmlsoap.org/ws/2005/02/rm/policy http://schemas.xmlsoap.org/ws/2005/02/rm/wsrm-policy.xsd http://cxf.apache.org/ws/rm/manager http://cxf.apache.org/schemas/configuration/wsrm-manager.xsd - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd";> + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd + http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd + http://www.w3.org/ns/ws-policy http://www.w3.org/2007/02/ws-policy.xsd";> <cxf:bus> <cxf:features> <cxf:logging/> - <!-- wsa:addressing/--> </cxf:features> </cxf:bus> - <http:conduit name="{http://cxf.apache.org/hello_world_soap_http}GreeterPort.http-conduit";> - <http:client DecoupledEndpoint="http://localhost:9990/decoupled_endpoint"/> - </http:conduit> + <jaxws:client name="{http://camel.apache.org/hello_world_soap_http}GreeterSignaturePort"; createdFromAPI="true"> + <jaxws:outInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="Signature Timestamp"/> + <entry key="passwordCallbackClass" value="org.apache.camel.component.cxf.wssecurity.client.UTPasswordCallback"/> + <entry key="user" value="clientx509v1"/> + <entry key="signaturePropFile" value="wssecurity/etc/Client_Sign.properties"/> + <entry key="signatureKeyIdentifier" value="DirectReference"/> + <entry key="signatureParts" + value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp"/> + </map> + </constructor-arg> + </bean> + </jaxws:outInterceptors> + <jaxws:inInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="Signature Timestamp"/> + <entry key="signaturePropFile" value="wssecurity/etc/Client_Encrypt.properties"/> + </map> + </constructor-arg> + </bean> + </jaxws:inInterceptors> + </jaxws:client> + + <jaxws:client name="{http://camel.apache.org/hello_world_soap_http}GreeterUsernameTokenPort"; createdFromAPI="true"> + <jaxws:outInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="UsernameToken"/> + <entry key="passwordCallbackClass" value="org.apache.camel.component.cxf.wssecurity.client.UTPasswordCallback"/> + <entry key="user" value="abcd"/> + <entry key="passwordType" value="PasswordDigest"/> + </map> + </constructor-arg> + </bean> + </jaxws:outInterceptors> + </jaxws:client> + + <jaxws:client name="{http://camel.apache.org/hello_world_soap_http}GreeterEncryptionPort"; createdFromAPI="true"> + <jaxws:outInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="Encrypt"/> + <entry key="user" value="serverx509v1"/> + <entry key="encryptionPropFile" value="wssecurity/etc/Client_Encrypt.properties"/> + <entry key="encryptionKeyIdentifier" value="IssuerSerial"/> + </map> + </constructor-arg> + </bean> + </jaxws:outInterceptors> + <jaxws:inInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="Encrypt"/> + <entry key="decryptionPropFile" value="wssecurity/etc/Client_Sign.properties"/> + <entry key="passwordCallbackClass" value="org.apache.camel.component.cxf.wssecurity.client.UTPasswordCallback"/> + </map> + </constructor-arg> + </bean> + </jaxws:inInterceptors> + </jaxws:client> + + <jaxws:client name="{http://camel.apache.org/hello_world_soap_http}GreeterSecurityPolicyPort"; createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="abcd"/> + <entry key="ws-security.callback-handler" value="org.apache.camel.component.cxf.wssecurity.client.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="wssecurity/etc/Client_Encrypt.properties"/> + <entry key="ws-security.encryption.username" value="serverx509v1"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"; + URI="classpath:/org/apache/camel/component/cxf/wssecurity/encrypted-supp-token-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> </beans> http://git-wip-us.apache.org/repos/asf/camel/blob/0068bf7e/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/encrypted-supp-token-policy.xml ---------------------------------------------------------------------- diff --git a/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/encrypted-supp-token-policy.xml b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/encrypted-supp-token-policy.xml new file mode 100644 index 0000000..ba03b64 --- /dev/null +++ b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/encrypted-supp-token-policy.xml @@ -0,0 +1,40 @@ +<?xml version="1.0"?> +<wsp:Policy xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://www.w3.org/ns/ws-policy"; wsu:Id="SymmetricUTSupportingPolicy"> + <wsp:ExactlyOne> + <wsp:All> + <sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> + <wsp:Policy> + <sp:ProtectionToken> + <wsp:Policy> + <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";> + <wsp:Policy> + <sp:WssX509V3Token10/> + <sp:RequireThumbprintReference/> + </wsp:Policy> + </sp:X509Token> + </wsp:Policy> + </sp:ProtectionToken> + <sp:Layout> + <wsp:Policy> + <sp:Lax/> + </wsp:Policy> + </sp:Layout> + <sp:AlgorithmSuite> + <wsp:Policy> + <sp:Basic128/> + </wsp:Policy> + </sp:AlgorithmSuite> + </wsp:Policy> + </sp:SymmetricBinding> + <sp:SignedEncryptedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> + <wsp:Policy> + <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> + <wsp:Policy> + <sp:WssUsernameToken10/> + </wsp:Policy> + </sp:UsernameToken> + </wsp:Policy> + </sp:SignedEncryptedSupportingTokens> + </wsp:All> + </wsp:ExactlyOne> +</wsp:Policy> http://git-wip-us.apache.org/repos/asf/camel/blob/0068bf7e/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/server/wssec.xml ---------------------------------------------------------------------- diff --git a/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/server/wssec.xml b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/server/wssec.xml index 6526527..481004f 100644 --- a/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/server/wssec.xml +++ b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/server/wssec.xml @@ -24,22 +24,128 @@ xmlns:http="http://cxf.apache.org/transports/http/configuration"; xmlns:wsrm-policy="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"; xmlns:wsrm-mgr="http://cxf.apache.org/ws/rm/manager"; + xmlns:jaxws="http://cxf.apache.org/jaxws"; + xmlns:p="http://cxf.apache.org/policy"; xsi:schemaLocation=" http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://schemas.xmlsoap.org/ws/2005/02/rm/policy http://schemas.xmlsoap.org/ws/2005/02/rm/wsrm-policy.xsd http://cxf.apache.org/ws/rm/manager http://cxf.apache.org/schemas/configuration/wsrm-manager.xsd - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd";> + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd + http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd + http://www.w3.org/ns/ws-policy http://www.w3.org/2007/02/ws-policy.xsd";> <cxf:bus> <cxf:features> <cxf:logging/> - <!-- wsa:addressing/--> </cxf:features> </cxf:bus> - <http:conduit name="{http://cxf.apache.org/hello_world_soap_http}GreeterPort.http-conduit";> - <http:client DecoupledEndpoint="http://localhost:9990/decoupled_endpoint"/> - </http:conduit> + <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> + + <jaxws:endpoint xmlns:s="http://camel.apache.org/hello_world_soap_http"; + id="Signature" + address="http://localhost:${CXFTestSupport.port1}/WSSecurityRouteTest/GreeterSignaturePort"; + serviceName="s:GreeterService" + endpointName="s:GreeterSignaturePort" + implementor="org.apache.camel.component.cxf.wssecurity.server.GreeterImpl" + wsdlLocation="hello_world_wssec.wsdl"> + <jaxws:outInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="Signature Timestamp"/> + <entry key="passwordCallbackClass" value="org.apache.camel.component.cxf.wssecurity.server.UTPasswordCallback"/> + <entry key="user" value="serverx509v1"/> + <entry key="signaturePropFile" value="wssecurity/etc/Server_Decrypt.properties"/> + <entry key="signatureKeyIdentifier" value="DirectReference"/> + <entry key="signatureParts" + value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp"/> + </map> + </constructor-arg> + </bean> + </jaxws:outInterceptors> + <jaxws:inInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="Signature Timestamp"/> + <entry key="signaturePropFile" value="wssecurity/etc/Server_SignVerf.properties"/> + </map> + </constructor-arg> + </bean> + </jaxws:inInterceptors> + </jaxws:endpoint> + + <jaxws:endpoint xmlns:s="http://camel.apache.org/hello_world_soap_http"; + id="UsernameToken" + address="http://localhost:${CXFTestSupport.port1}/WSSecurityRouteTest/GreeterUsernameTokenPort"; + serviceName="s:GreeterService" + endpointName="s:GreeterUsernameTokenPort" + implementor="org.apache.camel.component.cxf.wssecurity.server.GreeterImpl" + wsdlLocation="hello_world_wssec.wsdl"> + <jaxws:inInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="UsernameToken"/> + <entry key="passwordCallbackClass" value="org.apache.camel.component.cxf.wssecurity.server.UTPasswordCallback"/> + </map> + </constructor-arg> + </bean> + </jaxws:inInterceptors> + </jaxws:endpoint> + + <jaxws:endpoint xmlns:s="http://camel.apache.org/hello_world_soap_http"; + id="Encryption" + address="http://localhost:${CXFTestSupport.port1}/WSSecurityRouteTest/GreeterEncryptionPort"; + serviceName="s:GreeterService" + endpointName="s:GreeterEncryptionPort" + implementor="org.apache.camel.component.cxf.wssecurity.server.GreeterImpl" + wsdlLocation="hello_world_wssec.wsdl"> + <jaxws:outInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="Encrypt"/> + <entry key="user" value="clientx509v1"/> + <entry key="encryptionPropFile" value="wssecurity/etc/Server_SignVerf.properties"/> + <entry key="encryptionKeyIdentifier" value="IssuerSerial"/> + </map> + </constructor-arg> + </bean> + </jaxws:outInterceptors> + <jaxws:inInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="Encrypt"/> + <entry key="decryptionPropFile" value="wssecurity/etc/Server_Decrypt.properties"/> + <entry key="passwordCallbackClass" value="org.apache.camel.component.cxf.wssecurity.server.UTPasswordCallback"/> + </map> + </constructor-arg> + </bean> + </jaxws:inInterceptors> + </jaxws:endpoint> + + <jaxws:endpoint xmlns:s="http://camel.apache.org/hello_world_soap_http"; + id="SecurityPolicy" + address="http://localhost:${CXFTestSupport.port1}/WSSecurityRouteTest/GreeterSecurityPolicyPort"; + serviceName="s:GreeterService" + endpointName="s:GreeterSecurityPolicyPort" + implementor="org.apache.camel.component.cxf.wssecurity.server.GreeterImpl" + wsdlLocation="hello_world_wssec.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.camel.component.cxf.wssecurity.client.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="wssecurity/etc/Server_Decrypt.properties"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"; + URI="classpath:/org/apache/camel/component/cxf/wssecurity/encrypted-supp-token-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> </beans>
