Author: anil.saldhana(a)jboss.com
Date: 2011-05-10 19:56:45 -0400 (Tue, 10 May 2011)
New Revision: 935
Added:
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/JBWSTokenIssuingLoginModuleUnitTestCase.java
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/ServletToWSTestCase.java
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/servlets/
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/servlets/TestWSInvokingServlet.java
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/jboss-web.xml
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/jboss-wsse.xml
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/web.xml
Modified:
integration-tests/trunk/picketlink-trust-tests/pom.xml
integration-tests/trunk/picketlink-trust-tests/src/test/resources/domains/sts-jboss-beans.xml
integration-tests/trunk/picketlink-trust-tests/src/test/resources/props/sts-roles.properties
integration-tests/trunk/picketlink-trust-tests/src/test/resources/webapp/WEB-INF/web.xml
Log:
add tests to verify usage of BinaryTokenHandler in outgoing WS call to STS
Modified: integration-tests/trunk/picketlink-trust-tests/pom.xml
===================================================================
--- integration-tests/trunk/picketlink-trust-tests/pom.xml 2011-05-10 23:52:55 UTC (rev
934)
+++ integration-tests/trunk/picketlink-trust-tests/pom.xml 2011-05-10 23:56:45 UTC (rev
935)
@@ -28,30 +28,76 @@
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.1.1</version>
- <executions>
- <execution>
- <phase>package</phase>
- <goals>
- <goal>war</goal>
- </goals>
- </execution>
- </executions>
<configuration>
<warName>pojo-test</warName>
<packagingExcludes>WEB-INF/lib/*.jar</packagingExcludes>
<warSourceDirectory>src/test/resources/webapp</warSourceDirectory>
+
<webappDirectory>${project.build.directory}/${project.build.finalName}-pojo-test</webappDirectory>
<webResources>
<resource>
<!-- this is relative to the pom.xml directory -->
<directory>target/test-classes</directory>
<targetPath>WEB-INF/classes</targetPath>
<includes>
- <include>**/POJOBean*</include>
+ <include>**/POJOBean*</include>
<include>**/auth*</include>
</includes>
</resource>
</webResources>
</configuration>
+ <executions>
+ <execution>
+ <id>pojo</id>
+ <phase>package</phase>
+ <configuration>
+ <warName>pojo-test</warName>
+ <packagingExcludes>WEB-INF/lib/*.jar</packagingExcludes>
+
<warSourceDirectory>src/test/resources/webapp</warSourceDirectory>
+
<webappDirectory>${project.build.directory}/${project.build.finalName}-pojo-test</webappDirectory>
+ <webResources>
+ <resource>
+ <!-- this is relative to the pom.xml directory -->
+ <directory>target/test-classes</directory>
+ <targetPath>WEB-INF/classes</targetPath>
+ <includes>
+ <include>**/POJOBean*</include>
+ <include>**/auth*</include>
+ </includes>
+ </resource>
+ </webResources>
+ </configuration>
+ <goals>
+ <goal>war</goal>
+ </goals>
+ </execution>
+
+ <execution>
+ <id>binary</id>
+ <phase>package</phase>
+ <configuration>
+ <warName>binary-test</warName>
+ <packagingExcludes>WEB-INF/lib/*.jar</packagingExcludes>
+
<warSourceDirectory>src/test/resources/binary</warSourceDirectory>
+
<webappDirectory>${project.build.directory}/${project.build.finalName}-binary-test</webappDirectory>
+ <webResources>
+ <resource>
+ <!-- this is relative to the pom.xml directory -->
+ <directory>target/test-classes</directory>
+ <targetPath>WEB-INF/classes</targetPath>
+ <includes>
+ <include>**/TestWSInvokingServlet.class</include>
+ </includes>
+ <excludes>
+ <exclude>binary/**</exclude>
+ </excludes>
+ </resource>
+ </webResources>
+ </configuration>
+ <goals>
+ <goal>war</goal>
+ </goals>
+ </execution>
+ </executions>
</plugin>
<plugin>
@@ -109,6 +155,12 @@
<artifactId>picketlink-trust-jbossws</artifactId>
<version>${version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.jboss.spec.javax.servlet</groupId>
+ <artifactId>jboss-servlet-api_3.0_spec</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
Added:
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/JBWSTokenIssuingLoginModuleUnitTestCase.java
===================================================================
---
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/JBWSTokenIssuingLoginModuleUnitTestCase.java
(rev 0)
+++
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/JBWSTokenIssuingLoginModuleUnitTestCase.java 2011-05-10
23:56:45 UTC (rev 935)
@@ -0,0 +1,89 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.picketlink.test.trust.tests;
+
+import static org.junit.Assert.assertEquals;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+
+import org.jboss.security.auth.callback.JBossCallbackHandler;
+import org.junit.Before;
+import org.junit.Test;
+import org.picketlink.trust.jbossws.jaas.JBWSTokenIssuingLoginModule;
+
+/**
+ * Unit test the {@link JBWSTokenIssuingLoginModule}
+ * @author Anil.Saldhana(a)redhat.com
+ * @since Apr 25, 2011
+ */
+public class JBWSTokenIssuingLoginModuleUnitTestCase
+{
+ @Test
+ public void testLM() throws Exception
+ {
+ System.setProperty("binary.http.header", "TEST_HEADER");
+ LoginContext lc = new LoginContext("test", new JBossCallbackHandler());
+ lc.login();
+ Subject subject = lc.getSubject();
+ assertEquals( 1, subject.getPublicCredentials().size());
+ }
+
+ @Before
+ public void setup() throws Exception
+ {
+ Configuration.setConfiguration(new Configuration()
+ {
+ @Override
+ public void refresh()
+ {
+ }
+
+ @Override
+ public AppConfigurationEntry[] getAppConfigurationEntry(String arg0)
+ {
+ Map<String,Object> options = new HashMap<String,Object>();
+ options.put("endpointAddress",
"http://localhost:8080/picketlink-sts");
+
options.put("wspAppliesTo","http://services.testcorp.org/p...;
+
+ options.put("serviceName", "PicketLinkSTS");
+ options.put("portName", "PicketLinkSTSPort");
+ options.put("inject.callerprincipal", "true");
+ options.put("groupPrincipalName", "Membership");
+ // options.put("handlerChain", "binary");
+ options.put("username", "UserA");
+ options.put("password", "PassA");
+
+ AppConfigurationEntry entry = new
AppConfigurationEntry(JBWSTokenIssuingLoginModule.class.getName(),
+ LoginModuleControlFlag.REQUIRED, options);
+
+ return new AppConfigurationEntry[] {entry};
+ }
+ });
+ }
+}
\ No newline at end of file
Added:
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/ServletToWSTestCase.java
===================================================================
---
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/ServletToWSTestCase.java
(rev 0)
+++
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/ServletToWSTestCase.java 2011-05-10
23:56:45 UTC (rev 935)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.picketlink.test.trust.tests;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.methods.PostMethod;
+import org.junit.Test;
+
+/**
+ * A Test that passes a binary header to a servlet
+ * that is governed by the {@code PicketLinkAuthenticator}.
+ * The {@code JBWSTokenIssuingLoginModule} is invoked which
+ * calls the STS. On the call to the STS, the binary token handler
+ * kicks in and reads the binary token and adds it to the sts call.
+ *
+ * Once the SAML2 Assertion is obtained, the servlet then makes
+ * a call to the WS
+ *
+ * @author Anil.Saldhana(a)redhat.com
+ * @since May 9, 2011
+ */
+public class ServletToWSTestCase
+{
+ @Test
+ public void testServlet2WS() throws Exception
+ {
+ HttpClient client = new HttpClient();
+ PostMethod post = new
PostMethod("http://localhost:8080/binary-test/TestWSInvokingServlet");
+ post.addRequestHeader("TEST_HEADER", "somevalue");
+ int result = client.executeMethod(post);
+ assertEquals(200, result);
+ }
+}
\ No newline at end of file
Added:
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/servlets/TestWSInvokingServlet.java
===================================================================
---
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/servlets/TestWSInvokingServlet.java
(rev 0)
+++
integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/servlets/TestWSInvokingServlet.java 2011-05-10
23:56:45 UTC (rev 935)
@@ -0,0 +1,69 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.picketlink.test.trust.ws.servlets;
+
+import java.io.IOException;
+import java.net.URL;
+import java.util.List;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+import javax.xml.ws.handler.Handler;
+
+import org.picketlink.test.trust.ws.WSTest;
+import org.picketlink.trust.jbossws.handler.BinaryTokenHandler;
+
+/**
+ * A Servlet that invokes a WS
+ * @author Anil.Saldhana(a)redhat.com
+ * @since May 9, 2011
+ */
+public class TestWSInvokingServlet extends HttpServlet
+{
+ private static final long serialVersionUID = 1L;
+
+ @SuppressWarnings("rawtypes")
+ @Override
+ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws
ServletException, IOException
+ {
+ System.setProperty("binary.http.header", "TEST_HEADER");
+
+ URL wsdl = new
URL("http://localhost:8080/picketlink-wstest-tests/TestBean?wsdl");
+ QName serviceName = new
QName("http://ws.trust.test.picketlink.org/",
"TestBeanService");
+ Service service = Service.create(wsdl, serviceName);
+ WSTest port = service.getPort(new
QName("http://ws.trust.test.picketlink.org/", "TestBeanPort"),
WSTest.class);
+
+ BindingProvider bp = (BindingProvider) port;
+ List<Handler> handlers = bp.getBinding().getHandlerChain();
+ handlers.add(new BinaryTokenHandler());
+ bp.getBinding().setHandlerChain(handlers);
+
+ String value = port.echo("Test");
+ if( value == null || value.equals("Test") == false)
+ throw new ServletException();
+ }
+}
\ No newline at end of file
Added:
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/jboss-web.xml
===================================================================
---
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/jboss-web.xml
(rev 0)
+++
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/jboss-web.xml 2011-05-10
23:56:45 UTC (rev 935)
@@ -0,0 +1,3 @@
+<jboss-web>
+ <security-domain>binary</security-domain>
+</jboss-web>
\ No newline at end of file
Added:
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/jboss-wsse.xml
===================================================================
---
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/jboss-wsse.xml
(rev 0)
+++
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/jboss-wsse.xml 2011-05-10
23:56:45 UTC (rev 935)
@@ -0,0 +1,26 @@
+<jboss-ws-security
xmlns="http://www.jboss.com/ws-security/config"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.jboss.com/ws-security/config
+
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
+
+ <port name="POJOBeanPort">
+ <operation
name="{http://ws.trust.test.picketlink.org/}echoUnchecked">
+ <config>
+ <authorize>
+ <unchecked/>
+ </authorize>
+ </config>
+ </operation>
+
+ <operation
name="{http://ws.trust.test.picketlink.org/}echo">
+ <config>
+ <authorize>
+ <role>JBossAdmin</role>
+ </authorize>
+ </config>
+ </operation>
+ </port>
+
+
+
+</jboss-ws-security>
\ No newline at end of file
Added:
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/web.xml
===================================================================
---
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/web.xml
(rev 0)
+++
integration-tests/trunk/picketlink-trust-tests/src/test/resources/binary/WEB-INF/web.xml 2011-05-10
23:56:45 UTC (rev 935)
@@ -0,0 +1,35 @@
+<web-app
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+ version="2.5">
+
+ <servlet>
+ <display-name>TestWSInvokingServlet</display-name>
+ <servlet-name>TestWSInvokingServlet</servlet-name>
+ <servlet-class>org.picketlink.test.trust.ws.servlets.TestWSInvokingServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>TestWSInvokingServlet</servlet-name>
+ <url-pattern>/TestWSInvokingServlet</url-pattern>
+ </servlet-mapping>
+
+ <security-constraint>
+ <display-name>Restricted POST</display-name>
+ <web-resource-collection>
+ <web-resource-name>POST</web-resource-name>
+ <url-pattern>/TestWSInvokingServlet</url-pattern>
+ <http-method>POST</http-method>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>JBossAdmin</role-name>
+ </auth-constraint>
+ <user-data-constraint>
+ <transport-guarantee>NONE</transport-guarantee>
+ </user-data-constraint>
+ </security-constraint>
+
+ <login-config>
+ <auth-method>SECURITY_DOMAIN</auth-method>
+ <realm-name>default</realm-name>
+ </login-config>
+</web-app>
\ No newline at end of file
Modified:
integration-tests/trunk/picketlink-trust-tests/src/test/resources/domains/sts-jboss-beans.xml
===================================================================
---
integration-tests/trunk/picketlink-trust-tests/src/test/resources/domains/sts-jboss-beans.xml 2011-05-10
23:52:55 UTC (rev 934)
+++
integration-tests/trunk/picketlink-trust-tests/src/test/resources/domains/sts-jboss-beans.xml 2011-05-10
23:56:45 UTC (rev 935)
@@ -1,8 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<deployment xmlns="urn:jboss:bean-deployer:2.0">
-
- <!-- ejb3 test application-policy definition -->
<application-policy xmlns="urn:jboss:security-beans:1.0"
name="sts">
<authentication>
<login-module
code="org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSLoginModule"
flag="required">
@@ -17,6 +15,33 @@
</authentication>
</application-policy>
+
+ <application-policy xmlns="urn:jboss:security-beans:1.0"
name="binary">
+ <authentication>
+ <login-module
code="org.picketlink.trust.jbossws.jaas.JBWSTokenIssuingLoginModule"
flag="required">
+ <module-option
name="endpointAddress">http://localhost:8080/picketlink-sts/PicketLinkSTS</module-option>
+ <module-option
name="serviceName">PicketLinkSTS</module-option>
+ <module-option
name="portName">PicketLinkSTSPort</module-option>
+ <module-option
name="inject.callerprincipal">true</module-option>
+ <module-option
name="handlerChain">binary</module-option>
+ <module-option name="username">admin</module-option>
+ <module-option
name="password">MASK-0BbleBL2LZk=</module-option>
+ <module-option name="salt">18273645</module-option>
+ <module-option
name="iterationCount">56</module-option>
+ <module-option
name="useOptionsCredentials">true</module-option>
+ <module-option
name="overrideDispatch">true</module-option>
+ <module-option
name="wspAppliesTo">http://services.testcorp.org/provider1&l...
+ <module-option
name="password-stacking">useFirstPass</module-option>
+ </login-module>
+
+ <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
+ <module-option
name="usersProperties">sts-users.properties</module-option>
+ <module-option
name="rolesProperties">sts-roles.properties</module-option>
+ <module-option
name="password-stacking">useFirstPass</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
<!-- ejb3 test application-policy definition -->
<application-policy xmlns="urn:jboss:security-beans:1.0"
name="jmx-console">
<authentication>
@@ -26,5 +51,14 @@
</login-module>
</authentication>
</application-policy>
+
+
+ <bean name="PicketLinkTestSystemProperties"
+ class="org.jboss.varia.property.SystemPropertiesService">
+ <property name="properties">
+ binary.http.header=TEST_HEADER
+ </property>
+ </bean>
+
</deployment>
\ No newline at end of file
Modified:
integration-tests/trunk/picketlink-trust-tests/src/test/resources/props/sts-roles.properties
===================================================================
---
integration-tests/trunk/picketlink-trust-tests/src/test/resources/props/sts-roles.properties 2011-05-10
23:52:55 UTC (rev 934)
+++
integration-tests/trunk/picketlink-trust-tests/src/test/resources/props/sts-roles.properties 2011-05-10
23:56:45 UTC (rev 935)
@@ -2,4 +2,5 @@
UserA=STSClient,testRole,JBossAdmin
UserB=STSClient
UserC=STSClient
-admin=JBossAdmin
\ No newline at end of file
+admin=JBossAdmin
+custom-authenticator-user=STSClient
Modified:
integration-tests/trunk/picketlink-trust-tests/src/test/resources/webapp/WEB-INF/web.xml
===================================================================
---
integration-tests/trunk/picketlink-trust-tests/src/test/resources/webapp/WEB-INF/web.xml 2011-05-10
23:52:55 UTC (rev 934)
+++
integration-tests/trunk/picketlink-trust-tests/src/test/resources/webapp/WEB-INF/web.xml 2011-05-10
23:56:45 UTC (rev 935)
@@ -7,7 +7,7 @@
<servlet-name>POJOBeanService</servlet-name>
<servlet-class>org.picketlink.test.trust.ws.POJOBean</servlet-class>
<load-on-startup>1</load-on-startup>
- </servlet>
+ </servlet>
<servlet-mapping>
<servlet-name>POJOBeanService</servlet-name>
<url-pattern>/POJOBeanService</url-pattern>