Author: rsearls Date: 2014-03-12 11:23:05 -0400 (Wed, 12 Mar 2014) New Revision: 18499 Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jars-jaxws.xml stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustBearerTestCase.java stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/BearerService.wsdl Log: [JBWS-3738] (2nd attenpt) unclean code in attempting to resolve bearer test issues. Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jars-jaxws.xml =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jars-jaxws.xml 2014-03-12 08:09:51 UTC (rev 18498) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jars-jaxws.xml 2014-03-12 15:23:05 UTC (rev 18499) @@ -466,10 +466,6 @@ <include name="clientKeystore.properties" /> <include name="clientstore.jks" /> </metainf> - <!-- rls test only --> - <metainf dir="${tests.output.dir}/test-resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl"> - <include name="bearer-ws-trust-1.4-service.wsdl" /> - </metainf> </jar> <!-- jaxws-samples-wsse-policy-trust-actas --> Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustBearerTestCase.java =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustBearerTestCase.java 2014-03-12 08:09:51 UTC (rev 18498) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustBearerTestCase.java 2014-03-12 15:23:05 UTC (rev 18499) @@ -22,6 +22,8 @@ package org.jboss.test.ws.jaxws.samples.wsse.policy.trust; import java.net.URL; +import java.security.KeyStore; +import java.security.KeyStoreException; import java.util.Map; import javax.xml.namespace.QName; @@ -32,14 +34,28 @@ import org.apache.cxf.Bus; import org.apache.cxf.BusFactory; +import org.apache.cxf.configuration.Configurer; +import org.apache.cxf.configuration.jsse.TLSClientParameters; +import org.apache.cxf.transport.ConduitInitiator; +import org.apache.cxf.transport.ConduitInitiatorManager; +import org.apache.cxf.transport.http.HTTPConduit; +import org.apache.cxf.transport.http.URLConnectionHTTPConduit; import org.apache.cxf.ws.security.SecurityConstants; import org.apache.cxf.ws.security.trust.STSClient; +import org.jboss.test.ws.jaxws.samples.wsse.policy.basic.UsernameOverTransportTestCase; import org.jboss.test.ws.jaxws.samples.wsse.policy.trust.bearer.BearerIface; import org.jboss.test.ws.jaxws.samples.wsse.policy.trust.shared.ClientCallbackHandler; +import org.jboss.wsf.stack.cxf.client.configuration.BeanCustomizer; +import org.jboss.wsf.stack.cxf.client.configuration.JBossWSConfigurer; import org.jboss.wsf.test.JBossWSCXFTestSetup; import org.jboss.wsf.test.JBossWSTest; +import org.apache.cxf.service.model.EndpointInfo; +import java.io.InputStream; +import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; - /** * A demo of using SAML Bearer key type * @@ -48,17 +64,20 @@ */ public class WSTrustBearerTestCase extends JBossWSTest { + private final String httpsserviceURL = "https://" + getServerHost() + + ":8443/jaxws-samples-wsse-policy-trust-bearer/BearerService"; private final String serviceURL = "http://" + getServerHost() + ":8080/jaxws-samples-wsse-policy-trust-bearer/BearerService"; public static Test suite() { - //deploy client, STS and service; start a security domain to be used by the STS for authenticating client - JBossWSCXFTestSetup testSetup = WSTrustTestUtils.getTestSetup(WSTrustBearerTestCase.class, + // NOTE skip setting up security-domain in server config. This was done manually. + JBossWSCXFTestSetup testSetup = new JBossWSCXFTestSetup(WSTrustBearerTestCase.class, "jaxws-samples-wsse-policy-trust-client.jar jaxws-samples-wsse-policy-trust-sts-bearer.war jaxws-samples-wsse-policy-trust-bearer.war"); return testSetup; + } public void testAllInOneBearer() throws Exception @@ -67,12 +86,15 @@ Bus bus = BusFactory.newInstance().createBus(); try { + String tmpServiceURL = httpsserviceURL; //serviceURL + setHTTPConduit(tmpServiceURL, bus); BusFactory.setThreadDefaultBus(bus); + //------------------------------ final QName serviceName = new QName("http://www.jboss.org/jbossws/ws-extensions/bearerwssecuritypo...;, "BearerService"); - final URL wsdlURL = new URL(serviceURL + "?wsdl"); + final URL wsdlURL = new URL(tmpServiceURL + "?wsdl"); Service service = Service.create(wsdlURL, serviceName); BearerIface proxy = (BearerIface) service.getPort(BearerIface.class); @@ -103,7 +125,65 @@ assertTrue(false); } } - + + private void setHTTPConduit(String tmpServiceURL, Bus bus) throws Exception { + + URL myWsdlURL = new URL(tmpServiceURL + "?wsdl"); + EndpointInfo endpointInfo = new EndpointInfo(); + endpointInfo.setName(new QName("http://cxf.apache.org", "TransportURIResolver")); + endpointInfo.setAddress(myWsdlURL.toURI().toString()); + HTTPConduit httpConduit = new URLConnectionHTTPConduit(bus, endpointInfo, + endpointInfo.getTarget()); + + TLSClientParameters tlsParams = new TLSClientParameters(); + tlsParams.setSecureSocketProtocol("SSL"); //TLSv1 // SSL .. try this + setKeyManagers(tlsParams, "ckpass", "META-INF/clientstore.jks"); + tlsParams.setDisableCNCheck(true); + + httpConduit.setTlsClientParameters(tlsParams); + + JBossWSConfigurer configurer = (JBossWSConfigurer)bus.getExtension(Configurer.class); + BeanCustomizer customizer = configurer.getCustomizer(); + customizer.customize(httpConduit); + + } + + + private TLSClientParameters setKeyManagers(TLSClientParameters tlsParams, + String keyPassword, String keyStoreLoc) + throws KeyStoreException, Exception { + + keyStoreLoc = "META-INF/clientstore.jks"; + InputStream inStream = Thread.currentThread().getContextClassLoader() + .getResourceAsStream(keyStoreLoc); + KeyStore keyStore = KeyStore.getInstance("JKS"); + keyStore.load(inStream, "cspass".toCharArray()); + inStream.close(); + + + String alg = KeyManagerFactory.getDefaultAlgorithm(); + char[] keyPass = keyPassword != null + ? keyPassword.toCharArray() + : null; + KeyManagerFactory keyMF = KeyManagerFactory.getInstance(alg); + keyMF.init(keyStore, keyPass); + KeyManager[] myKeyManagers = keyMF.getKeyManagers(); + tlsParams.setKeyManagers(myKeyManagers); + + inStream = Thread.currentThread().getContextClassLoader() + .getResourceAsStream(keyStoreLoc); + KeyStore trustStore = KeyStore.getInstance("JKS"); + trustStore.load(inStream, "cspass".toCharArray()); + inStream.close(); + TrustManagerFactory trustMF = TrustManagerFactory.getInstance(alg); + trustMF.init(trustStore); + TrustManager[] myTrustStoreKeyManagers = trustMF.getTrustManagers(); + tlsParams.setTrustManagers(myTrustStoreKeyManagers); + return tlsParams; + } + + + private static String appendIssuedTokenSuffix(String prop) { return prop + ".it"; Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/BearerService.wsdl =================================================================== --- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/BearerService.wsdl 2014-03-12 08:09:51 UTC (rev 18498) +++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/BearerService.wsdl 2014-03-12 15:23:05 UTC (rev 18499) @@ -52,7 +52,8 @@ </binding> <service name="BearerService"> <port name="BearerServicePort" binding="tns:BearerServicePortBinding"> - <soap:address location="http://@jboss.bind.address@:8080/jaxws-samples-wsse-policy-trust-bearer/BearerService"/> + <soap:address location="https://@jboss.bind.address@:8443/jaxws-samples-wsse-policy-trust-bearer/BearerService"/> + </port> </service> @@ -63,7 +64,7 @@ <wsam:Addressing wsp:Optional="false"> <wsp:Policy /> </wsam:Addressing> - <!-- + <!-- --> <sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702&... <wsp:Policy> @@ -86,7 +87,7 @@ </sp:Layout> <sp:IncludeTimestamp /> </wsp:Policy> - </sp:TransportBinding>--> + </sp:TransportBinding> <sp:SignedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702&...