Author: alessio.soldano(a)jboss.com
Date: 2011-02-01 10:17:45 -0500 (Tue, 01 Feb 2011)
New Revision: 13659
Added:
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/SignEncryptFaultTestCase.java
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/SignFaultTestCase.java
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/META-INF/
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/META-INF/jboss-wsse-client.xml
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/WEB-INF/
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/WEB-INF/jboss-wsse-server.xml
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/META-INF/
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/META-INF/jboss-wsse-client.xml
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/WEB-INF/
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/WEB-INF/jboss-wsse-server.xml
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPBodyImpl.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPFaultImpl.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPMessageImpl.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandler.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandlerInbound.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandlerOutbound.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandler.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandlerClient.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandlerServer.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Config.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Encrypt.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/RequireEncryption.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/RequireSignature.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Requires.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Sign.java
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java
stack/native/trunk/modules/core/src/main/resources/schema/jboss-ws-security_1_0.xsd
stack/native/trunk/modules/testsuite/native-tests/scripts/build-samples-jaxws.xml
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/HelloJavaBean.java
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/META-INF/wsdl/HelloService.wsdl
Log:
[JBWS-1119] Adding support for fault signing and encryption
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPBodyImpl.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPBodyImpl.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPBodyImpl.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -50,6 +50,7 @@
* A SOAPFault object, which carries status and/or error information, is an example of a
SOAPBodyElement object.
*
* @author Thomas.Diesler(a)jboss.org
+ * @author <a href="jason.greene(a)jboss.com">Jason T. Greene</a>
*/
public class SOAPBodyImpl extends SOAPElementImpl implements SOAPBody
{
@@ -61,13 +62,30 @@
/** Convert the child into a SOAPBodyElement */
public SOAPElement addChildElement(SOAPElement child) throws SOAPException
{
- if ((child instanceof SOAPBodyElement) == false)
- child = convertToBodyElement(child);
+ if (!(child instanceof SOAPBodyElement))
+ {
+ child = isFault(child) ? convertToSOAPFault(child) :
convertToBodyElement(child);
+ }
child = super.addChildElement(child);
return child;
}
+ private boolean isFault(Node node)
+ {
+ return "Fault".equals(node.getLocalName()) &&
getNamespaceURI().equals(node.getNamespaceURI());
+ }
+
+ private SOAPElement convertToSOAPFault(Node node)
+ {
+ if (!(node instanceof SOAPElementImpl))
+ throw new IllegalArgumentException("SOAPElementImpl expected");
+
+ SOAPElementImpl element = (SOAPElementImpl) node;
+ element.detachNode();
+ return new SOAPFaultImpl(element);
+ }
+
public SOAPBodyElement addBodyElement(Name name) throws SOAPException
{
SOAPBodyElement child = new SOAPBodyElementDoc(name);
@@ -180,7 +198,7 @@
public Node appendChild(Node newChild) throws DOMException
{
if (needsConversionToBodyElement(newChild))
- newChild = convertToBodyElement(newChild);
+ newChild = isFault(newChild) ? convertToSOAPFault(newChild) :
convertToBodyElement(newChild);
return super.appendChild(newChild);
}
@@ -188,7 +206,7 @@
public Node insertBefore(Node newChild, Node refChild) throws DOMException
{
if (needsConversionToBodyElement(newChild))
- newChild = convertToBodyElement(newChild);
+ newChild = isFault(newChild) ? convertToSOAPFault(newChild) :
convertToBodyElement(newChild);
return super.insertBefore(newChild, refChild);
}
@@ -196,7 +214,7 @@
public Node replaceChild(Node newChild, Node oldChild) throws DOMException
{
if (needsConversionToBodyElement(newChild))
- newChild = convertToBodyElement(newChild);
+ newChild = isFault(newChild) ? convertToSOAPFault(newChild) :
convertToBodyElement(newChild);
return super.replaceChild(newChild, oldChild);
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPFaultImpl.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPFaultImpl.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPFaultImpl.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -40,10 +40,13 @@
import org.jboss.logging.Logger;
import org.jboss.ws.Constants;
+import org.jboss.ws.WSException;
import org.jboss.ws.core.utils.SAAJUtils;
+import org.jboss.wsf.common.DOMUtils;
import org.jboss.wsf.common.DOMWriter;
import org.jboss.xb.QNameBuilder;
import org.w3c.dom.Attr;
+import org.w3c.dom.Element;
/**
* An element in the SOAPBody object that contains error and/or status information.
@@ -60,6 +63,7 @@
* goes only to the default actor, which is the final intended recipient.
*
* @author Thomas.Diesler(a)jboss.org
+ * @author <a href="jason.greene(a)jboss.com"/>Jason T. Greene</a>
*/
public class SOAPFaultImpl extends SOAPBodyElementDoc implements SOAPFault
{
@@ -101,6 +105,11 @@
{
super(new NameImpl("Fault", prefix, namespace));
}
+
+ public SOAPFaultImpl(SOAPElementImpl element)
+ {
+ super(element);
+ }
/** Gets the fault code for this SOAPFault object.
*/
@@ -717,15 +726,47 @@
return detail;
}
+ private Detail extractDetail(final QName detailQName)
+ {
+ SOAPElement obj = getChildElement(this, detailQName);
+ Detail detail = null;
+ if (obj instanceof Detail)
+ {
+ detail = (Detail)obj;
+ }
+ else if(obj instanceof SOAPElementImpl)
+ {
+ try
+ {
+ SOAPElementImpl soapEl = (SOAPElementImpl)obj;
+ SOAPFactoryImpl factory = new SOAPFactoryImpl();
+ detail = (Detail)addChildElement(factory.createDetail());
+
+ Iterator<Element> childIt = DOMUtils.getChildElements(soapEl);
+ while (childIt.hasNext())
+ {
+ Element domElement = childIt.next();
+ SOAPElement detailEntry = new
DetailEntryImpl(factory.createElement(domElement, true));
+ detail.addChildElement(detailEntry);
+ }
+ }
+ catch (SOAPException e)
+ {
+ throw new WSException("Unable to create fault detail: " +
e.getMessage());
+ }
+ }
+ return detail;
+ }
+
private void findSoap11DetailElement()
{
- detail = (Detail)getChildElement(this, Constants.SOAP11_DETAIL);
+ this.detail = extractDetail(Constants.SOAP11_DETAIL);
log.trace("findSoap11DetailElement : " + detail);
}
private void findSoap12DetailElement()
{
- detail = (Detail)getChildElement(this, Constants.SOAP12_DETAIL);
+ detail = extractDetail(Constants.SOAP12_DETAIL);
log.trace("findSoap12DetailElement : " + detail);
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPMessageImpl.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPMessageImpl.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/core/soap/SOAPMessageImpl.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -80,6 +80,7 @@
private MimeHeaders mimeHeaders = new MimeHeaders();
private List<AttachmentPart> attachments = new
LinkedList<AttachmentPart>();
private CIDGenerator cidGenerator = new CIDGenerator();
+ private boolean faultMessage;
private boolean isXOPMessage;
private boolean isSWARefMessage;
private SOAPPartImpl soapPart;
@@ -140,6 +141,18 @@
{
return cidGenerator;
}
+
+ /**
+ * Marks this <code>SOAPMessage</code> as a fault. Otherwise, the message
+ * will be checked for a SOAPFault. The reason for this is to allow for
+ * faults to be encrypted, in which case there is no SOAPFault.
+ *
+ * @param faultMessage whether this message is a fault
+ */
+ public void setFaultMessage(boolean faultMessage)
+ {
+ this.faultMessage = faultMessage;
+ }
public boolean isXOPMessage()
{
@@ -442,6 +455,9 @@
public boolean isFaultMessage()
{
+ if (faultMessage)
+ return true;
+
SOAPFault soapFault = null;
try
{
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/WSSecurityDispatcher.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -84,13 +84,10 @@
QName secQName = new QName(Constants.WSSE_NS, "Security");
Element secHeaderElement = (soapHeader != null) ? Util.findElement(soapHeader,
secQName) : null;
+ boolean fault = message.getSOAPBody().getFault() != null;
if (secHeaderElement == null)
{
- // This is ok, we always allow faults to be received because WS-Security does
not encrypt faults
- if (message.getSOAPBody().getFault() != null)
- return;
-
- if (hasRequirements(config))
+ if (hasRequirements(config, fault))
throw convertToFault(new InvalidSecurityHeaderException("This service
requires <wsse:Security>, which is missing."));
}
@@ -98,7 +95,7 @@
{
if (secHeaderElement != null)
{
- decodeHeader(configuration, config, message, secHeaderElement);
+ decodeHeader(configuration, config, message, secHeaderElement, fault);
}
authorize(config);
@@ -115,7 +112,7 @@
}
- private void decodeHeader(WSSecurityConfiguration configuration, Config config,
SOAPMessage message, Element secHeaderElement) throws WSSecurityException
+ private void decodeHeader(WSSecurityConfiguration configuration, Config config,
SOAPMessage message, Element secHeaderElement, boolean fault) throws WSSecurityException
{
SecurityStore securityStore = new SecurityStore(configuration);
NonceFactory factory = Util.loadFactory(NonceFactory.class,
configuration.getNonceFactory(), DefaultNonceFactory.class);
@@ -134,7 +131,7 @@
if (log.isTraceEnabled())
log.trace("Decoded Message:\n" +
DOMWriter.printNode(message.getSOAPPart(), true));
- List<RequireOperation> operations = buildRequireOperations(config);
+ List<RequireOperation> operations = buildRequireOperations(config, fault);
decoder.verify(operations);
if (log.isDebugEnabled())
@@ -162,8 +159,9 @@
if (log.isDebugEnabled())
log.debug("WS-Security config: " + config);
+ boolean fault = message.getSOAPBody().getFault() != null;
// Nothing to process
- if (config == null)
+ if (config == null || (fault && !config.includesFaults()))
return;
ArrayList<EncodingOperation> operations = new
ArrayList<EncodingOperation>();
@@ -181,7 +179,7 @@
}
Sign sign = config.getSign();
- if (sign != null)
+ if (sign != null && (!fault || sign.isIncludeFaults()))
{
List<Target> targets = convertTargets(sign.getTargets());
if (sign.isIncludeTimestamp())
@@ -197,7 +195,7 @@
}
Encrypt encrypt = config.getEncrypt();
- if (encrypt != null)
+ if (encrypt != null && (!fault || encrypt.isIncludeFaults()))
{
List<Target> targets = convertTargets(encrypt.getTargets());
operations.add(new EncryptionOperation(targets, encrypt.getAlias(),
encrypt.getAlgorithm(), encrypt.getWrap(), encrypt.getTokenRefType(), encrypt
@@ -269,7 +267,7 @@
return new CommonSOAPFaultException(e.getFaultCode(), e.getFaultString());
}
- private List<RequireOperation> buildRequireOperations(Config operationConfig)
+ private List<RequireOperation> buildRequireOperations(Config operationConfig,
boolean fault)
{
if (operationConfig == null)
return null;
@@ -284,14 +282,14 @@
operations.add(new RequireTimestampOperation(requireTimestamp.getMaxAge()));
RequireSignature requireSignature = requires.getRequireSignature();
- if (requireSignature != null)
+ if (requireSignature != null && (!fault ||
requireSignature.isIncludeFaults()))
{
List<Target> targets = convertTargets(requireSignature.getTargets());
operations.add(new RequireSignatureOperation(targets));
}
RequireEncryption requireEncryption = requires.getRequireEncryption();
- if (requireEncryption != null)
+ if (requireEncryption != null && (!fault ||
requireEncryption.isIncludeFaults()))
{
List<Target> targets = convertTargets(requireEncryption.getTargets());
operations.add(new RequireEncryptionOperation(targets));
@@ -353,8 +351,10 @@
return operation.getConfig();
}
- private boolean hasRequirements(Config config)
+ private boolean hasRequirements(Config config, boolean fault)
{
- return config != null && config.getRequires() != null;
+ Requires requires = (config != null) ? config.getRequires() : null;
+ return requires != null && (!fault || requires.includesFaults());
+
}
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandler.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandler.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandler.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -27,6 +27,7 @@
import javax.xml.rpc.Stub;
import javax.xml.rpc.handler.GenericHandler;
import javax.xml.rpc.handler.MessageContext;
+import javax.xml.rpc.soap.SOAPFaultException;
import javax.xml.soap.SOAPException;
import org.jboss.logging.Logger;
@@ -51,14 +52,22 @@
{
// provide logging
private static Logger log = Logger.getLogger(WSSecurityHandler.class);
+ protected static String FAULT_THROWN = "org.jboss.ws.wsse.faultThrown";
public QName[] getHeaders()
{
return new QName[] {Constants.WSSE_HEADER_QNAME};
}
+
+ protected boolean thrownByMe(MessageContext msgContext)
+ {
+ Boolean bool = (Boolean)msgContext.getProperty(FAULT_THROWN);
+ return bool != null && bool.booleanValue();
+ }
protected boolean handleInboundSecurity(MessageContext msgContext)
{
+ Exception exception = null;
try
{
WSSecurityConfiguration configuration = getSecurityConfiguration(msgContext);
@@ -72,7 +81,17 @@
}
catch (SOAPException ex)
{
- log.error("Cannot handle inbound ws-security", ex);
+ exception = ex;
+ }
+
+ if (exception != null)
+ {
+ msgContext.setProperty(FAULT_THROWN, true);
+ if (exception instanceof SOAPFaultException)
+ throw (SOAPFaultException) exception;
+
+ // Unexpected exception, log it
+ log.error("Cannot handle inbound ws-security", exception);
return false;
}
return true;
@@ -80,6 +99,7 @@
protected boolean handleOutboundSecurity(MessageContext msgContext)
{
+ Exception exception = null;
try
{
WSSecurityConfiguration configuration = getSecurityConfiguration(msgContext);
@@ -95,7 +115,17 @@
}
catch (SOAPException ex)
{
- log.error("Cannot handle outbound ws-security", ex);
+ exception = ex;
+ }
+
+ if (exception != null)
+ {
+ msgContext.setProperty(FAULT_THROWN, true);
+ if (exception instanceof SOAPFaultException)
+ throw (SOAPFaultException) exception;
+
+ // Unexpected exception, log it
+ log.error("Cannot handle outbound ws-security", exception);
return false;
}
return true;
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandlerInbound.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandlerInbound.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandlerInbound.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -22,7 +22,9 @@
package org.jboss.ws.extensions.security.jaxrpc;
import javax.xml.rpc.handler.MessageContext;
+import javax.xml.rpc.handler.soap.SOAPMessageContext;
+import org.jboss.ws.core.soap.SOAPMessageImpl;
import org.jboss.ws.metadata.wsse.WSSecurityOMFactory;
/**
@@ -43,7 +45,19 @@
{
return handleOutboundSecurity(msgContext);
}
+
+ public boolean handleFault(MessageContext msgContext)
+ {
+ // Skip any WS-Security Faults
+ if (thrownByMe(msgContext))
+ return true;
+ // Mark the message as a fault, in case it ends up being encrypted
+ ((SOAPMessageImpl) ((SOAPMessageContext)
msgContext).getMessage()).setFaultMessage(true);
+
+ return handleOutboundSecurity(msgContext);
+ }
+
protected String getConfigResourceName() {
return WSSecurityOMFactory.SERVER_RESOURCE_NAME;
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandlerOutbound.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandlerOutbound.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxrpc/WSSecurityHandlerOutbound.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -42,7 +42,23 @@
{
return handleInboundSecurity(msgContext);
}
+
+ /* Their is a potential problem that can't be avoided using the JAX-RPC handler
framework.
+ * If a request handler (outbound for the client) throws an exception, this will get
called,
+ * but it will be incorrectly treated as an inbound message.
+ *
+ * This is intended to be called when the response message from the server (inbound)
+ * is a fault message.
+ */
+ public boolean handleFault(MessageContext msgContext)
+ {
+ if (thrownByMe(msgContext))
+ return true;
+ return handleInboundSecurity(msgContext);
+ }
+
+
protected String getConfigResourceName() {
return WSSecurityOMFactory.CLIENT_RESOURCE_NAME;
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandler.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandler.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandler.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -30,6 +30,7 @@
import javax.xml.soap.SOAPException;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.handler.MessageContext;
+import javax.xml.ws.soap.SOAPFaultException;
import org.jboss.logging.Logger;
import org.jboss.ws.WSException;
@@ -54,6 +55,7 @@
{
// provide logging
private static Logger log = Logger.getLogger(WSSecurityHandler.class);
+ protected static String FAULT_THROWN = "org.jboss.ws.wsse.faultThrown";
private static Set<QName> headers;
@@ -68,9 +70,16 @@
{
return headers;
}
+
+ protected boolean thrownByMe(MessageContext msgContext)
+ {
+ Boolean bool = (Boolean)msgContext.get(FAULT_THROWN);
+ return bool != null && bool.booleanValue();
+ }
protected boolean handleInboundSecurity(MessageContext msgContext)
{
+ Exception exception = null;
try
{
WSSecurityConfiguration configuration = getSecurityConfiguration(msgContext);
@@ -83,7 +92,17 @@
}
catch (SOAPException ex)
{
- log.error("Cannot handle inbound ws-security", ex);
+ exception = ex;
+ }
+
+ if (exception != null)
+ {
+ msgContext.put(FAULT_THROWN, true);
+ if (exception instanceof SOAPFaultException)
+ throw (SOAPFaultException)exception;
+
+ // Unexpected exception, log it
+ log.error("Cannot handle inbound ws-security", exception);
return false;
}
return true;
@@ -91,6 +110,7 @@
protected boolean handleOutboundSecurity(MessageContext msgContext)
{
+ Exception exception = null;
try
{
WSSecurityConfiguration configuration = getSecurityConfiguration(msgContext);
@@ -106,7 +126,17 @@
}
catch (SOAPException ex)
{
- log.error("Cannot handle outbound ws-security", ex);
+ exception = ex;
+ }
+
+ if (exception != null)
+ {
+ msgContext.put(FAULT_THROWN, true);
+ if (exception instanceof SOAPFaultException)
+ throw (SOAPFaultException) exception;
+
+ // Unexpected exception, log it
+ log.error("Cannot handle outbound ws-security", exception);
return false;
}
return true;
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandlerClient.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandlerClient.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandlerClient.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -42,7 +42,16 @@
{
return handleOutboundSecurity(msgContext);
}
+
+ @Override
+ public boolean handleFault(MessageContext msgContext)
+ {
+ if (thrownByMe(msgContext))
+ return true;
+ return handleInboundSecurity(msgContext);
+ }
+
protected String getConfigResourceName() {
return WSSecurityOMFactory.CLIENT_RESOURCE_NAME;
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandlerServer.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandlerServer.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/extensions/security/jaxws/WSSecurityHandlerServer.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -22,7 +22,9 @@
package org.jboss.ws.extensions.security.jaxws;
import javax.xml.ws.handler.MessageContext;
+import javax.xml.ws.handler.soap.SOAPMessageContext;
+import org.jboss.ws.core.soap.SOAPMessageImpl;
import org.jboss.ws.metadata.wsse.WSSecurityOMFactory;
/**
@@ -43,7 +45,20 @@
{
return handleOutboundSecurity(msgContext);
}
+
+ @Override
+ public boolean handleFault(MessageContext msgContext)
+ {
+ // Skip any WS-Security Faults
+ if (thrownByMe(msgContext))
+ return true;
+ // Mark the message as a fault, in case it ends up being encrypted
+ ((SOAPMessageImpl) ((SOAPMessageContext)
msgContext).getMessage()).setFaultMessage(true);
+
+ return handleOutboundSecurity(msgContext);
+ }
+
protected String getConfigResourceName() {
return WSSecurityOMFactory.SERVER_RESOURCE_NAME;
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Config.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Config.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Config.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -79,6 +79,11 @@
{
this.username = username;
}
+
+ public boolean includesFaults()
+ {
+ return (sign != null && sign.isIncludeFaults()) || (encrypt != null
&& encrypt.isIncludeFaults());
+ }
public Requires getRequires()
{
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Encrypt.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Encrypt.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Encrypt.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -36,11 +36,12 @@
private String type;
private String alias;
private String algorithm;
+ private boolean includeFaults;
private String keyWrapAlgorithm;
private String tokenRefType;
private String securityDomainAliasLabel;
- public Encrypt(String type, String alias, String algorithm, String wrap, String
tokenRefType, String securityDomainAliasLabel)
+ public Encrypt(String type, String alias, String algorithm, String wrap, String
tokenRefType, String securityDomainAliasLabel, boolean includeFaults)
{
this.type = type;
this.alias = alias;
@@ -48,6 +49,7 @@
this.keyWrapAlgorithm = wrap;
this.tokenRefType = tokenRefType;
this.securityDomainAliasLabel = securityDomainAliasLabel;
+ this.includeFaults = includeFaults;
}
public String getAlias()
@@ -109,4 +111,14 @@
{
this.securityDomainAliasLabel = securityDomainAliasLabel;
}
+
+ public boolean isIncludeFaults()
+ {
+ return includeFaults;
+ }
+
+ public void setIncludeFaults(boolean includeFaults)
+ {
+ this.includeFaults = includeFaults;
+ }
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/RequireEncryption.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/RequireEncryption.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/RequireEncryption.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -30,4 +30,21 @@
public class RequireEncryption extends Targetable
{
private static final long serialVersionUID = 3765798680988205647L;
+
+ private boolean includeFaults;
+
+ public RequireEncryption(boolean includeFaults)
+ {
+ this.includeFaults = includeFaults;
+ }
+
+ public boolean isIncludeFaults()
+ {
+ return includeFaults;
+ }
+
+ public void setIncludeFaults(boolean includeFaults)
+ {
+ this.includeFaults = includeFaults;
+ }
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/RequireSignature.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/RequireSignature.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/RequireSignature.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -30,4 +30,21 @@
public class RequireSignature extends Targetable
{
private static final long serialVersionUID = -3854930944550152309L;
+
+ private boolean includeFaults;
+
+ public RequireSignature(boolean includeFaults)
+ {
+ this.includeFaults = includeFaults;
+ }
+
+ public boolean isIncludeFaults()
+ {
+ return includeFaults;
+ }
+
+ public void setIncludeFaults(boolean includeFaults)
+ {
+ this.includeFaults = includeFaults;
+ }
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Requires.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Requires.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Requires.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -65,4 +65,10 @@
{
this.requireTimestamp = requireTimestamp;
}
+
+ public boolean includesFaults()
+ {
+ return (requireSignature != null && requireSignature.isIncludeFaults())
+ || (requireEncryption != null && requireEncryption.isIncludeFaults());
+ }
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Sign.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Sign.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/Sign.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -33,17 +33,19 @@
private String type;
private String alias;
+ private boolean includeFaults;
private boolean includeTimestamp;
private String tokenRefType;
private String securityDomainAliasLabel;
- public Sign(String type, String alias, boolean includeTimestamp, String tokenRefType,
String securityDomainAliasLabel)
+ public Sign(String type, String alias, boolean includeTimestamp, String tokenRefType,
String securityDomainAliasLabel, boolean includeFaults)
{
this.type = type;
this.alias = alias;
this.includeTimestamp = includeTimestamp;
this.tokenRefType = tokenRefType;
this.securityDomainAliasLabel = securityDomainAliasLabel;
+ this.includeFaults = includeFaults;
}
public String getAlias()
@@ -95,4 +97,14 @@
{
this.securityDomainAliasLabel = securityDomainAliasLabel;
}
+
+ public boolean isIncludeFaults()
+ {
+ return includeFaults;
+ }
+
+ public void setIncludeFaults(boolean includeFaults)
+ {
+ this.includeFaults = includeFaults;
+ }
}
Modified:
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java
===================================================================
---
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/java/org/jboss/ws/metadata/wsse/WSSecurityOMFactory.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -50,7 +50,7 @@
public static final String CLIENT_RESOURCE_NAME = "jboss-wsse-client.xml";
- private static HashMap options = new HashMap(7);
+ private static HashMap<String, String> options = new HashMap<String,
String>(7);
static
{
@@ -94,6 +94,7 @@
}
catch (JBossXBException e)
{
+ log.error("Could not parse " + configURL + ":", e);
IOException ioex = new IOException("Cannot parse: " + configURL);
Throwable cause = e.getCause();
if (cause != null)
@@ -281,19 +282,29 @@
log.trace("newChild: " + localName);
if ("sign".equals(localName))
{
- // By default, we alwyas include a timestamp
- Boolean include = new Boolean(true);
- String timestamp = attrs.getValue("", "includeTimestamp");
- if (timestamp != null)
- include =
(Boolean)SimpleTypeBindings.unmarshal(SimpleTypeBindings.XS_BOOLEAN_NAME, timestamp,
null);
+ // By default, we always include a timestamp
+ boolean includeTimestamp = true;
+ String value = attrs.getValue("", "includeTimestamp");
+ if (value != null)
+ includeTimestamp = (Boolean)
SimpleTypeBindings.unmarshal(SimpleTypeBindings.XS_BOOLEAN_NAME, value, null);
+
+ boolean includeFaults = false;
+ value = attrs.getValue("", "includeFaults");
+ if (value != null)
+ includeFaults = (Boolean)
SimpleTypeBindings.unmarshal(SimpleTypeBindings.XS_BOOLEAN_NAME, value, null);
- return new Sign(attrs.getValue("", "type"),
attrs.getValue("", "alias"), include.booleanValue(),
attrs.getValue("", "tokenReference"), attrs.getValue("",
- "securityDomainAliasLabel"));
+ return new Sign(attrs.getValue("", "type"),
attrs.getValue("", "alias"), includeTimestamp,
attrs.getValue("", "tokenReference"), attrs.getValue("",
+ "securityDomainAliasLabel"), includeFaults);
}
else if ("encrypt".equals(localName))
{
+ boolean includeFaults = false;
+ String value = attrs.getValue("", "includeFaults");
+ if (value != null)
+ includeFaults = (Boolean)
SimpleTypeBindings.unmarshal(SimpleTypeBindings.XS_BOOLEAN_NAME, value, null);
+
return new Encrypt(attrs.getValue("", "type"),
attrs.getValue("", "alias"), attrs.getValue("",
"algorithm"), attrs.getValue("", "keyWrapAlgorithm"), attrs
- .getValue("", "tokenReference"),
attrs.getValue("", "securityDomainAliasLabel"));
+ .getValue("", "tokenReference"),
attrs.getValue("", "securityDomainAliasLabel"), includeFaults);
}
else if ("timestamp".equals(localName))
{
@@ -474,11 +485,21 @@
log.trace("newChild: " + localName);
if ("signature".equals(localName))
{
- return new RequireSignature();
+ boolean includeFaults = false;
+ String value = attrs.getValue("", "includeFaults");
+ if (value != null)
+ includeFaults = (Boolean)
SimpleTypeBindings.unmarshal(SimpleTypeBindings.XS_BOOLEAN_NAME, value, null);
+
+ return new RequireSignature(includeFaults);
}
else if ("encryption".equals(localName))
{
- return new RequireEncryption();
+ boolean includeFaults = false;
+ String value = attrs.getValue("", "includeFaults");
+ if (value != null)
+ includeFaults = (Boolean)
SimpleTypeBindings.unmarshal(SimpleTypeBindings.XS_BOOLEAN_NAME, value, null);
+
+ return new RequireEncryption(includeFaults);
}
else if ("timestamp".equals(localName))
{
Modified:
stack/native/trunk/modules/core/src/main/resources/schema/jboss-ws-security_1_0.xsd
===================================================================
---
stack/native/trunk/modules/core/src/main/resources/schema/jboss-ws-security_1_0.xsd 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/core/src/main/resources/schema/jboss-ws-security_1_0.xsd 2011-02-01
15:17:45 UTC (rev 13659)
@@ -182,11 +182,13 @@
<xs:sequence>
<xs:element name="targets" type="targetsType"
minOccurs="0"/>
</xs:sequence>
+ <xs:attribute name="includeFaults" type="xs:boolean"
use="optional" default="false"/>
</xs:complexType>
<xs:complexType name="requireSignatureType">
<xs:sequence>
<xs:element name="targets" type="targetsType"
minOccurs="0"/>
</xs:sequence>
+ <xs:attribute name="includeFaults" type="xs:boolean"
use="optional" default="false"/>
</xs:complexType>
<xs:complexType name="requiresType">
<xs:all>
@@ -288,6 +290,7 @@
<xs:documentation>The label the ws-security engine needs for looking up (in
the security domain) the alias that is to be used for encryption</xs:documentation>
</xs:annotation>
</xs:attribute>
+ <xs:attribute name="includeFaults" type="xs:boolean"
use="optional" default="false"/>
</xs:complexType>
<xs:complexType name="signType">
<xs:sequence>
@@ -312,6 +315,7 @@
<xs:documentation>The label the ws-security engine needs for looking up (in
the security domain) the alias that is to be used for signing</xs:documentation>
</xs:annotation>
</xs:attribute>
+ <xs:attribute name="includeFaults" type="xs:boolean"
use="optional" default="false"/>
</xs:complexType>
<xs:simpleType name="tokenReferenceType">
<xs:restriction base="xs:string">
Modified:
stack/native/trunk/modules/testsuite/native-tests/scripts/build-samples-jaxws.xml
===================================================================
---
stack/native/trunk/modules/testsuite/native-tests/scripts/build-samples-jaxws.xml 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/testsuite/native-tests/scripts/build-samples-jaxws.xml 2011-02-01
15:17:45 UTC (rev 13659)
@@ -308,6 +308,8 @@
webxml="${tests.output.dir}/test-resources/jaxws/samples/wssecurity/WEB-INF/web.xml">
<classes dir="${tests.output.dir}/test-classes">
<include
name="org/jboss/test/ws/jaxws/samples/wssecurity/Hello.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloException.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloException_Exception.class"/>
<include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloJavaBean.class"/>
<include
name="org/jboss/test/ws/jaxws/samples/wssecurity/UserType.class"/>
<include
name="org/jboss/test/ws/jaxws/samples/wssecurity/ObjectFactory.class"/>
@@ -325,6 +327,8 @@
<war
warfile="${tests.output.dir}/test-libs/jaxws-samples-wssecurity-sign.war"
webxml="${tests.output.dir}/test-resources/jaxws/samples/wssecurity/WEB-INF/web.xml">
<classes dir="${tests.output.dir}/test-classes">
<include
name="org/jboss/test/ws/jaxws/samples/wssecurity/Hello.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloException.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloException_Exception.class"/>
<include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloJavaBean.class"/>
<include
name="org/jboss/test/ws/jaxws/samples/wssecurity/UserType.class"/>
<include
name="org/jboss/test/ws/jaxws/samples/wssecurity/ObjectFactory.class"/>
@@ -338,6 +342,44 @@
</webinf>
</war>
+ <!-- jaxws-samples-wssecurity-sign-fault -->
+ <war
warfile="${tests.output.dir}/test-libs/jaxws-samples-wssecurity-sign-fault.war"
webxml="${tests.output.dir}/test-resources/jaxws/samples/wssecurity/WEB-INF/web.xml">
+ <classes dir="${tests.output.dir}/test-classes">
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/Hello.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloException.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloException_Exception.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloJavaBean.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/UserType.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/ObjectFactory.class"/>
+ </classes>
+ <webinf
dir="${tests.output.dir}/test-resources/jaxws/samples/wssecurity/sign-fault/WEB-INF">
+ <include name="jboss-wsse-server.xml"/>
+ </webinf>
+ <webinf
dir="${tests.output.dir}/test-resources/jaxws/samples/wssecurity">
+ <include name="wsse.keystore"/>
+ <include name="wsse.truststore"/>
+ </webinf>
+ </war>
+
+ <!-- jaxws-samples-wssecurity-sign-encrypt-fault -->
+ <war
warfile="${tests.output.dir}/test-libs/jaxws-samples-wssecurity-sign-encrypt-fault.war"
webxml="${tests.output.dir}/test-resources/jaxws/samples/wssecurity/WEB-INF/web.xml">
+ <classes dir="${tests.output.dir}/test-classes">
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/Hello.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloException.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloException_Exception.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/HelloJavaBean.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/UserType.class"/>
+ <include
name="org/jboss/test/ws/jaxws/samples/wssecurity/ObjectFactory.class"/>
+ </classes>
+ <webinf
dir="${tests.output.dir}/test-resources/jaxws/samples/wssecurity/sign-encrypt-fault/WEB-INF">
+ <include name="jboss-wsse-server.xml"/>
+ </webinf>
+ <webinf
dir="${tests.output.dir}/test-resources/jaxws/samples/wssecurity">
+ <include name="wsse.keystore"/>
+ <include name="wsse.truststore"/>
+ </webinf>
+ </war>
+
<!-- jaxws-samples-wssecurity-username -->
<war
warfile="${tests.output.dir}/test-libs/jaxws-samples-wssecurity-username.war"
webxml="${tests.output.dir}/test-resources/jaxws/samples/wssecurity/simple-username/WEB-INF/web.xml">
Modified:
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/HelloJavaBean.java
===================================================================
---
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/HelloJavaBean.java 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/HelloJavaBean.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -42,4 +42,15 @@
log.info(in0);
return in0;
}
+
+ @WebMethod
+ public void triggerException(@WebParam(name = "String_1") String reason,
@WebParam(name = "int_2") int code) throws HelloException_Exception
+ {
+ String message = "Error: " + reason + ":" + code;
+ HelloException he = new HelloException();
+ he.setMessage(message);
+ he.setCode(code);
+ he.setReason(reason);
+ throw new HelloException_Exception(message, he);
+ }
}
Added:
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/SignEncryptFaultTestCase.java
===================================================================
---
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/SignEncryptFaultTestCase.java
(rev 0)
+++
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/SignEncryptFaultTestCase.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -0,0 +1,98 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wssecurity;
+
+import java.io.File;
+import java.net.URL;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+
+import junit.framework.Test;
+
+import org.jboss.ws.core.StubExt;
+import org.jboss.wsf.test.JBossWSTest;
+import org.jboss.wsf.test.JBossWSTestSetup;
+
+/**
+ * Test WS-Security signature & encryption of faults
+ *
+ * @author alessio.soldano(a)jboss.com
+ */
+public class SignEncryptFaultTestCase extends JBossWSTest
+{
+ /** Deploy the test */
+ public static Test suite() throws Exception
+ {
+ return new JBossWSTestSetup(SignEncryptFaultTestCase.class,
"jaxws-samples-wssecurity-sign-encrypt-fault.war");
+ }
+
+ /**
+ * Test JSE endpoint
+ */
+ public void testEndpoint() throws Exception
+ {
+ Hello hello = getPort();
+ performTest(hello, "Kermit");
+ }
+
+ private void performTest(Hello hello, String msg) throws Exception
+ {
+ UserType in0 = new UserType();
+ in0.setMsg(msg);
+ UserType retObj = hello.echoUserType(in0);
+ assertEquals(msg, retObj.getMsg());
+
+ HelloException_Exception exception = null;
+ try
+ {
+ hello.triggerException("Fake Reason", 124);
+ }
+ catch (HelloException_Exception ex)
+ {
+ exception = ex;
+ }
+ assertNotNull("No exception thrown", exception);
+ assertEquals(exception.getFaultInfo().getReason(), "Fake Reason");
+ assertEquals(exception.getFaultInfo().getCode(), 124);
+ }
+
+ private Hello getPort() throws Exception
+ {
+ URL wsdlURL =
getResourceURL("wsprovide/jaxws/samples/wssecurity/HelloService.wsdl");
+ URL securityURL =
getResourceURL("jaxws/samples/wssecurity/sign-encrypt-fault/META-INF/jboss-wsse-client.xml");
+ QName serviceName = new QName("http://org.jboss.ws/samples/wssecurity",
"HelloService");
+
+ Service service = Service.create(wsdlURL, serviceName);
+
+ Hello port = (Hello)service.getPort(Hello.class);
+ ((StubExt)port).setSecurityConfig(securityURL.toExternalForm());
+ ((StubExt)port).setConfigName("Standard WSSecurity Client");
+
+ Map<String, Object> reqContext =
((BindingProvider)port).getRequestContext();
+ reqContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http://" +
getServerHost() + ":8080/jaxws-samples-wssecurity-sign-encrypt-fault");
+
+ return port;
+ }
+}
Added:
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/SignFaultTestCase.java
===================================================================
---
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/SignFaultTestCase.java
(rev 0)
+++
stack/native/trunk/modules/testsuite/native-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssecurity/SignFaultTestCase.java 2011-02-01
15:17:45 UTC (rev 13659)
@@ -0,0 +1,98 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.jboss.test.ws.jaxws.samples.wssecurity;
+
+import java.io.File;
+import java.net.URL;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+
+import junit.framework.Test;
+
+import org.jboss.ws.core.StubExt;
+import org.jboss.wsf.test.JBossWSTest;
+import org.jboss.wsf.test.JBossWSTestSetup;
+
+/**
+ * Test WS-Security signature of faults
+ *
+ * @author alessio.soldano(a)jboss.com
+ */
+public class SignFaultTestCase extends JBossWSTest
+{
+ /** Deploy the test */
+ public static Test suite() throws Exception
+ {
+ return new JBossWSTestSetup(SignFaultTestCase.class,
"jaxws-samples-wssecurity-sign-fault.war");
+ }
+
+ /**
+ * Test JSE endpoint
+ */
+ public void testEndpoint() throws Exception
+ {
+ Hello hello = getPort();
+ performTest(hello, "Kermit");
+ }
+
+ private void performTest(Hello hello, String msg) throws Exception
+ {
+ UserType in0 = new UserType();
+ in0.setMsg(msg);
+ UserType retObj = hello.echoUserType(in0);
+ assertEquals(msg, retObj.getMsg());
+
+ HelloException_Exception exception = null;
+ try
+ {
+ hello.triggerException("Fake Reason", 124);
+ }
+ catch (HelloException_Exception ex)
+ {
+ exception = ex;
+ }
+ assertNotNull("No exception thrown", exception);
+ assertEquals(exception.getFaultInfo().getReason(), "Fake Reason");
+ assertEquals(exception.getFaultInfo().getCode(), 124);
+ }
+
+ private Hello getPort() throws Exception
+ {
+ URL wsdlURL =
getResourceURL("wsprovide/jaxws/samples/wssecurity/HelloService.wsdl");
+ URL securityURL =
getResourceURL("jaxws/samples/wssecurity/sign-fault/META-INF/jboss-wsse-client.xml");
+ QName serviceName = new QName("http://org.jboss.ws/samples/wssecurity",
"HelloService");
+
+ Service service = Service.create(wsdlURL, serviceName);
+
+ Hello port = (Hello)service.getPort(Hello.class);
+ ((StubExt)port).setSecurityConfig(securityURL.toExternalForm());
+ ((StubExt)port).setConfigName("Standard WSSecurity Client");
+
+ Map<String, Object> reqContext =
((BindingProvider)port).getRequestContext();
+ reqContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http://" +
getServerHost() + ":8080/jaxws-samples-wssecurity-sign-fault");
+
+ return port;
+ }
+}
Modified:
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/META-INF/wsdl/HelloService.wsdl
===================================================================
---
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/META-INF/wsdl/HelloService.wsdl 2011-02-01
08:21:40 UTC (rev 13658)
+++
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/META-INF/wsdl/HelloService.wsdl 2011-02-01
15:17:45 UTC (rev 13659)
@@ -7,6 +7,14 @@
<xs:element minOccurs='0' name='msg'
type='xs:string'/>
</xs:sequence>
</xs:complexType>
+ <xs:complexType name='HelloException'>
+ <xs:sequence>
+ <xs:element name='message' nillable='true'
type='xs:string'/>
+ <xs:element name='code' type='xs:int'/>
+ <xs:element name='reason' nillable='true'
type='xs:string'/>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name='HelloException' type='tns:HelloException'/>
</xs:schema>
</types>
<message name='Hello_echoUserType'>
@@ -15,11 +23,24 @@
<message name='Hello_echoUserTypeResponse'>
<part name='return' type='tns:UserType'/>
</message>
+ <message name='Hello_triggerException'>
+ <part name='String_1' type='xsd:string'/>
+ <part name='int_2' type='xsd:int'/>
+ </message>
+ <message name='Hello_triggerExceptionResponse'/>
+ <message name='HelloException'>
+ <part element='tns:HelloException' name='HelloException'/>
+ </message>
<portType name='Hello'>
<operation name='echoUserType' parameterOrder='user'>
<input message='tns:Hello_echoUserType'/>
<output message='tns:Hello_echoUserTypeResponse'/>
</operation>
+ <operation name='triggerException' parameterOrder='String_1
int_2'>
+ <input message='tns:Hello_triggerException'/>
+ <output message='tns:Hello_triggerExceptionResponse'/>
+ <fault message='tns:HelloException' name='HelloException'/>
+ </operation>
</portType>
<binding name='HelloBinding' type='tns:Hello'>
<soap:binding style='rpc'
transport='http://schemas.xmlsoap.org/soap/http'/>
@@ -32,6 +53,18 @@
<soap:body namespace='http://org.jboss.ws/samples/wssecurity'
use='literal'/>
</output>
</operation>
+ <operation name='triggerException'>
+ <soap:operation soapAction=''/>
+ <input>
+ <soap:body namespace='http://org.jboss.test.ws/wsse'
use='literal'/>
+ </input>
+ <output>
+ <soap:body namespace='http://org.jboss.test.ws/wsse'
use='literal'/>
+ </output>
+ <fault name='HelloException'>
+ <soap:fault name='HelloException' use='literal'/>
+ </fault>
+ </operation>
</binding>
<service name='HelloService'>
<port binding='tns:HelloBinding' name='HelloPort'>
Added:
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/META-INF/jboss-wsse-client.xml
===================================================================
---
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/META-INF/jboss-wsse-client.xml
(rev 0)
+++
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/META-INF/jboss-wsse-client.xml 2011-02-01
15:17:45 UTC (rev 13659)
@@ -0,0 +1,11 @@
+<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
+ <config>
+ <sign type="x509v3" alias="wsse"/>
+ <encrypt type="x509v3" alias="wsse"/>
+ <requires>
+ <signature includeFaults="true"/>
+ <encryption includeFaults="true"/>
+ </requires>
+ </config>
+</jboss-ws-security>
Added:
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/WEB-INF/jboss-wsse-server.xml
===================================================================
---
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/WEB-INF/jboss-wsse-server.xml
(rev 0)
+++
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-encrypt-fault/WEB-INF/jboss-wsse-server.xml 2011-02-01
15:17:45 UTC (rev 13659)
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
+ <key-store-file>WEB-INF/wsse.keystore</key-store-file>
+ <key-store-password>jbossws</key-store-password>
+ <trust-store-file>WEB-INF/wsse.truststore</trust-store-file>
+ <trust-store-password>jbossws</trust-store-password>
+ <config>
+ <sign type="x509v3" alias="wsse"
includeFaults="true"/>
+ <encrypt type="x509v3" alias="wsse"
includeFaults="true"/>
+ <requires>
+ <signature/>
+ <encryption/>
+ </requires>
+ </config>
+</jboss-ws-security>
Added:
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/META-INF/jboss-wsse-client.xml
===================================================================
---
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/META-INF/jboss-wsse-client.xml
(rev 0)
+++
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/META-INF/jboss-wsse-client.xml 2011-02-01
15:17:45 UTC (rev 13659)
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
+ <config>
+ <sign type="x509v3" alias="wsse"/>
+ <requires>
+ <signature includeFaults="true"/>
+ </requires>
+ </config>
+</jboss-ws-security>
Added:
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/WEB-INF/jboss-wsse-server.xml
===================================================================
---
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/WEB-INF/jboss-wsse-server.xml
(rev 0)
+++
stack/native/trunk/modules/testsuite/native-tests/src/test/resources/jaxws/samples/wssecurity/sign-fault/WEB-INF/jboss-wsse-server.xml 2011-02-01
15:17:45 UTC (rev 13659)
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
+ <key-store-file>WEB-INF/wsse.keystore</key-store-file>
+ <key-store-password>jbossws</key-store-password>
+ <trust-store-file>WEB-INF/wsse.truststore</trust-store-file>
+ <trust-store-password>jbossws</trust-store-password>
+ <config>
+ <sign type="x509v3" alias="wsse"
includeFaults="true"/>
+ <requires>
+ <signature/>
+ </requires>
+ </config>
+</jboss-ws-security>