Author: anil.saldhana(a)jboss.com Date: 2011-04-18 12:45:33 -0400 (Mon, 18 Apr 2011) New Revision: 895 Added: integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/TrustTestsBase.java Modified: integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/POJOWSAuthorizationTestCase.java integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/STSWSBinaryTokenTestCase.java integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/STSWSClientTestCase.java integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/POJOBean.java integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/TestBean.java integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/WSTest.java integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/WSTestBean.java Log: refactor tests to include negative cases Modified: integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/POJOWSAuthorizationTestCase.java =================================================================== --- integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/POJOWSAuthorizationTestCase.java 2011-04-18 16:37:07 UTC (rev 894) +++ integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/POJOWSAuthorizationTestCase.java 2011-04-18 16:45:33 UTC (rev 895) @@ -21,6 +21,9 @@ */ package org.picketlink.test.trust.tests; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.fail; + import java.net.URL; import java.util.List; @@ -28,12 +31,9 @@ import javax.xml.ws.BindingProvider; import javax.xml.ws.Service; import javax.xml.ws.handler.Handler; +import javax.xml.ws.soap.SOAPFaultException; import org.junit.Test; -import org.picketlink.identity.federation.api.wstrust.WSTrustClient; -import org.picketlink.identity.federation.api.wstrust.WSTrustClient.SecurityInfo; -import org.picketlink.identity.federation.core.wstrust.WSTrustException; -import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; import org.picketlink.test.trust.ws.WSTest; import org.picketlink.trust.jbossws.SAML2Constants; import org.picketlink.trust.jbossws.handler.SAML2Handler; @@ -44,30 +44,70 @@ * @author Anil Saldhana * @since Oct 3, 2010 */ -public class POJOWSAuthorizationTestCase -{ - private static String username = "UserA"; - private static String password = "PassA"; - +public class POJOWSAuthorizationTestCase extends TrustTestsBase +{ @SuppressWarnings("rawtypes") @Test public void testWSInteraction() throws Exception { - // Step 1: Get a SAML2 Assertion Token from the STS - WSTrustClient client = new WSTrustClient("PicketLinkSTS", "PicketLinkSTSPort", - "http://localhost:8080/picketlink-sts/PicketLinkSTS", - new SecurityInfo(username, password)); - Element assertion = null; - try { - System.out.println("Invoking token service to get SAML assertion for " + username); - assertion = client.issueToken(SAMLUtil.SAML2_TOKEN_TYPE); - System.out.println("SAML assertion for " + username + " successfully obtained!"); - } catch (WSTrustException wse) { - System.out.println("Unable to issue assertion: " + wse.getMessage()); - wse.printStackTrace(); - System.exit(1); + Element assertion = getAssertionFromSTS("UserA", "PassA"); + + // Step 2: Stuff the Assertion on the SOAP message context and add the SAML2Handler to client side handlers + URL wsdl = new URL("http://localhost:8080/pojo-test/POJOBeanService?wsdl"); + QName serviceName = new QName("http://ws.trust.test.picketlink.org/";, "POJOBeanService"); + Service service = Service.create(wsdl, serviceName); + WSTest port = service.getPort(new QName("http://ws.trust.test.picketlink.org/";, "POJOBeanPort"), WSTest.class); + BindingProvider bp = (BindingProvider)port; + bp.getRequestContext().put(SAML2Constants.SAML2_ASSERTION_PROPERTY, assertion); + List<Handler> handlers = bp.getBinding().getHandlerChain(); + handlers.add(new SAML2Handler()); + bp.getBinding().setHandlerChain(handlers); + + //Step 3: Access the WS. Exceptions will be thrown anyway. + assertEquals( "Test", port.echo("Test")); + } + + + @SuppressWarnings("rawtypes") + @Test + public void testWSAccessDeniedInteraction() throws Exception + { + Element assertion = getAssertionFromSTS("UserB", "PassB"); + + // Step 2: Stuff the Assertion on the SOAP message context and add the SAML2Handler to client side handlers + URL wsdl = new URL("http://localhost:8080/pojo-test/POJOBeanService?wsdl"); + QName serviceName = new QName("http://ws.trust.test.picketlink.org/";, "POJOBeanService"); + Service service = Service.create(wsdl, serviceName); + WSTest port = service.getPort(new QName("http://ws.trust.test.picketlink.org/";, "POJOBeanPort"), WSTest.class); + BindingProvider bp = (BindingProvider)port; + bp.getRequestContext().put(SAML2Constants.SAML2_ASSERTION_PROPERTY, assertion); + List<Handler> handlers = bp.getBinding().getHandlerChain(); + handlers.add(new SAML2Handler()); + bp.getBinding().setHandlerChain(handlers); + + try + { + port.echo("Test"); + fail( "Should have thrown exception"); } + catch( Exception e) + { + if(e instanceof SOAPFaultException) + { + //pass + } + else + fail( "Wrong Exception:"+e); + } + } + + @SuppressWarnings("rawtypes") + @Test + public void testWSUncheckedInteraction() throws Exception + { + Element assertion = getAssertionFromSTS("UserB", "PassB"); + // Step 2: Stuff the Assertion on the SOAP message context and add the SAML2Handler to client side handlers URL wsdl = new URL("http://localhost:8080/pojo-test/POJOBeanService?wsdl"); QName serviceName = new QName("http://ws.trust.test.picketlink.org/";, "POJOBeanService"); @@ -80,6 +120,6 @@ bp.getBinding().setHandlerChain(handlers); //Step 3: Access the WS. Exceptions will be thrown anyway. - port.echo("Test"); + assertEquals( "Test", port.echoUnchecked("Test")); } } \ No newline at end of file Modified: integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/STSWSBinaryTokenTestCase.java =================================================================== --- integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/STSWSBinaryTokenTestCase.java 2011-04-18 16:37:07 UTC (rev 894) +++ integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/STSWSBinaryTokenTestCase.java 2011-04-18 16:45:33 UTC (rev 895) @@ -21,12 +21,16 @@ */ package org.picketlink.test.trust.tests; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.fail; + import java.net.URL; import java.util.List; import javax.xml.namespace.QName; import javax.xml.ws.BindingProvider; import javax.xml.ws.Service; +import javax.xml.ws.WebServiceException; import javax.xml.ws.handler.Handler; import javax.xml.ws.handler.MessageContext; @@ -78,6 +82,46 @@ handlers.add(binaryTokenHandler); bp.getBinding().setHandlerChain(handlers); - port.echo("Test"); + assertEquals("Test", port.echo("Test")); } + + /** + * This test case does the following. + * - We set a Test HttpServletRequest on the soap message context. + * - We then inject the {@link BinaryTokenHandler} as a client side handler. + * - On the Server Side, we are hitting the {@link TestBean} which is guarded by the {@link TestBinaryHandler} + * + * The WS has no security. The Server side {@link TestBinaryHandler} ensures that the call comes in with a + * BinarySecurityToken + * + * @throws Exception + */ + @Test + public void testWSLackOfBinaryHandlerInteraction() throws Exception + { + System.setProperty("binary.http.header", "TEST_HEADER"); + + URL wsdl = new URL("http://localhost:8080/picketlink-wstest-tests/TestBean?wsdl"); + QName serviceName = new QName("http://ws.trust.test.picketlink.org/";, "TestBeanService"); + Service service = Service.create(wsdl, serviceName); + WSTest port = service.getPort(new QName("http://ws.trust.test.picketlink.org/";, "TestBeanPort"), WSTest.class); + + TestServletRequest request = new TestServletRequest(); + request.addHeader("TEST_HEADER", "ABCDEFGH"); + + try + { + port.echo("Test"); + fail("Should have thrown exception as we do not have binary handler injected"); + } + catch( Exception e) + { + if( e instanceof WebServiceException) + { + //pass + } + else + fail("wrong exception:"+e); + } + } } \ No newline at end of file Modified: integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/STSWSClientTestCase.java =================================================================== --- integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/STSWSClientTestCase.java 2011-04-18 16:37:07 UTC (rev 894) +++ integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/STSWSClientTestCase.java 2011-04-18 16:45:33 UTC (rev 895) @@ -21,6 +21,8 @@ */ package org.picketlink.test.trust.tests; +import static org.junit.Assert.assertEquals; + import java.net.URL; import java.util.List; @@ -30,10 +32,6 @@ import javax.xml.ws.handler.Handler; import org.junit.Test; -import org.picketlink.identity.federation.api.wstrust.WSTrustClient; -import org.picketlink.identity.federation.api.wstrust.WSTrustClient.SecurityInfo; -import org.picketlink.identity.federation.core.wstrust.WSTrustException; -import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; import org.picketlink.test.trust.ws.WSTest; import org.picketlink.trust.jbossws.SAML2Constants; import org.picketlink.trust.jbossws.handler.SAML2Handler; @@ -45,7 +43,7 @@ * @author Anil Saldhana * @since Oct 3, 2010 */ -public class STSWSClientTestCase +public class STSWSClientTestCase extends TrustTestsBase { private static String username = "UserA"; private static String password = "PassA"; @@ -53,21 +51,8 @@ @SuppressWarnings("rawtypes") @Test public void testWSInteraction() throws Exception - { - // Step 1: Get a SAML2 Assertion Token from the STS - WSTrustClient client = new WSTrustClient("PicketLinkSTS", "PicketLinkSTSPort", - "http://localhost:8080/picketlink-sts/PicketLinkSTS", - new SecurityInfo(username, password)); - Element assertion = null; - try { - System.out.println("Invoking token service to get SAML assertion for " + username); - assertion = client.issueToken(SAMLUtil.SAML2_TOKEN_TYPE); - System.out.println("SAML assertion for " + username + " successfully obtained!"); - } catch (WSTrustException wse) { - System.out.println("Unable to issue assertion: " + wse.getMessage()); - wse.printStackTrace(); - System.exit(1); - } + { + Element assertion = getAssertionFromSTS(username, password); // Step 2: Stuff the Assertion on the SOAP message context and add the SAML2Handler to client side handlers URL wsdl = new URL("http://localhost:8080/picketlink-wstest-tests/WSTestBean?wsdl"); @@ -81,6 +66,6 @@ bp.getBinding().setHandlerChain(handlers); //Step 3: Access the WS. Exceptions will be thrown anyway. - port.echo("Test"); + assertEquals("Test",port.echo("Test")); } } \ No newline at end of file Added: integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/TrustTestsBase.java =================================================================== --- integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/TrustTestsBase.java (rev 0) +++ integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/tests/TrustTestsBase.java 2011-04-18 16:45:33 UTC (rev 895) @@ -0,0 +1,62 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.picketlink.test.trust.tests; + +import org.picketlink.identity.federation.api.wstrust.WSTrustClient; +import org.picketlink.identity.federation.api.wstrust.WSTrustClient.SecurityInfo; +import org.picketlink.identity.federation.core.wstrust.WSTrustException; +import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil; +import org.w3c.dom.Element; + +/** + * Base class for the PicketLink trust tests + * @author Anil.Saldhana(a)redhat.com + * @since Apr 18, 2011 + */ +public class TrustTestsBase +{ + /** + * Method gets a SAML assertion from the PicketLink STS + * @param username username to send to STS + * @param password password to send to STS + * @return + * @throws Exception + */ + protected Element getAssertionFromSTS(String username, String password) throws Exception + { + // Step 1: Get a SAML2 Assertion Token from the STS + WSTrustClient client = new WSTrustClient("PicketLinkSTS", "PicketLinkSTSPort", + "http://localhost:8080/picketlink-sts/PicketLinkSTS", + new SecurityInfo(username, password)); + Element assertion = null; + try { + System.out.println("Invoking token service to get SAML assertion for " + username); + assertion = client.issueToken(SAMLUtil.SAML2_TOKEN_TYPE); + System.out.println("SAML assertion for " + username + " successfully obtained!"); + } catch (WSTrustException wse) { + System.out.println("Unable to issue assertion: " + wse.getMessage()); + wse.printStackTrace(); + System.exit(1); + } + return assertion; + } +} \ No newline at end of file Modified: integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/POJOBean.java =================================================================== --- integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/POJOBean.java 2011-04-18 16:37:07 UTC (rev 894) +++ integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/POJOBean.java 2011-04-18 16:45:33 UTC (rev 895) @@ -37,14 +37,14 @@ public class POJOBean { @WebMethod - public void echo(String echo) + public String echo(String echo) { - System.out.println(echo); + return echo; } @WebMethod - public void echoUnchecked(String echo) + public String echoUnchecked(String echo) { - System.out.println(echo); + return echo; } } \ No newline at end of file Modified: integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/TestBean.java =================================================================== --- integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/TestBean.java 2011-04-18 16:37:07 UTC (rev 894) +++ integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/TestBean.java 2011-04-18 16:45:33 UTC (rev 895) @@ -42,8 +42,15 @@ WebServiceContext wsCtx; @WebMethod - public void echo(String echo) + public String echo(String echo) + { + return echo; + } + + + @WebMethod + public String echoUnchecked(String echo) { - System.out.println(echo); + return echo; } } Modified: integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/WSTest.java =================================================================== --- integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/WSTest.java 2011-04-18 16:37:07 UTC (rev 894) +++ integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/WSTest.java 2011-04-18 16:45:33 UTC (rev 895) @@ -33,5 +33,7 @@ */ public interface WSTest { - public void echo(String echo); + public String echo(String echo); + + public String echoUnchecked(String echo); } Modified: integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/WSTestBean.java =================================================================== --- integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/WSTestBean.java 2011-04-18 16:37:07 UTC (rev 894) +++ integration-tests/trunk/picketlink-trust-tests/src/test/java/org/picketlink/test/trust/ws/WSTestBean.java 2011-04-18 16:45:33 UTC (rev 895) @@ -49,10 +49,22 @@ WebServiceContext wsCtx; @WebMethod - public void echo(String echo) { + public String echo(String echo) { System.out.println("WSTest: " + echo); System.out.println("Principal: " + wsCtx.getUserPrincipal()); System.out.println("Principal.getName(): " + wsCtx.getUserPrincipal().getName()); System.out.println("isUserInRole('testRole'): " + wsCtx.isUserInRole("testRole")); + return echo; } + + + @WebMethod + public String echoUnchecked(String echo) + { + System.out.println("WSTest: " + echo); + System.out.println("Principal: " + wsCtx.getUserPrincipal()); + System.out.println("Principal.getName(): " + wsCtx.getUserPrincipal().getName()); + return echo; + } + } \ No newline at end of file