org.apache.ws.security.saml
Class SamlNegativeTest

java.lang.Object
  extended by org.junit.Assert
      extended by org.apache.ws.security.saml.SamlNegativeTest

public class SamlNegativeTest
extends org.junit.Assert

This is a set of test-cases where the SAML Assertion is altered in some way and so we expect an exception to be thrown when processing it.


Constructor Summary
SamlNegativeTest()
           
 
Method Summary
 void testHOKNoKeyInfo()
          Test that creates a signed SAML 1.1 authentication assertion that uses holder-of-key, but does not include a KeyInfo in the Subject, and hence will fail processing.
 void testHOKNotSigned()
          Test that creates a SAML 1.1 authentication assertion that uses holder-of-key, but is not signed, and hence will fail processing.
 void testSAML1SignedKeyHolderSigModified()
          Test that creates a signed SAML 1.1 Assertion using HOK, but then modifies the signature object by replacing the enveloped transform with the exclusive c14n transform.
 void testSAML2AuthnAssertionModified()
          Test that creates, sends and processes a signed SAML 2 sender-vouches authentication assertion.
 void testSAML2SignedKeyHolderKeyModified()
          Test that creates a signed SAML 2 Assertion using HOK, but then modifies the assertion.
 void testSAML2TrustFailure()
          Test that creates, sends and processes a signed SAML 2 authentication assertion, but it is rejected in processing as the signature on the assertion is not trusted.
 
Methods inherited from class org.junit.Assert
assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertFalse, assertFalse, assertNotNull, assertNotNull, assertNotSame, assertNotSame, assertNull, assertNull, assertSame, assertSame, assertThat, assertThat, assertTrue, assertTrue, fail, fail
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SamlNegativeTest

public SamlNegativeTest()
                 throws java.lang.Exception
Throws:
java.lang.Exception
Method Detail

testSAML2AuthnAssertionModified

public void testSAML2AuthnAssertionModified()
                                     throws java.lang.Exception
Test that creates, sends and processes a signed SAML 2 sender-vouches authentication assertion. The assertion is altered and so the signature validation should fail.

Throws:
java.lang.Exception

testSAML1SignedKeyHolderSigModified

public void testSAML1SignedKeyHolderSigModified()
                                         throws java.lang.Exception
Test that creates a signed SAML 1.1 Assertion using HOK, but then modifies the signature object by replacing the enveloped transform with the exclusive c14n transform. The signature validation should then fail - the enveloped transform is mandatory for a signed assertion.

Throws:
java.lang.Exception

testSAML2SignedKeyHolderKeyModified

public void testSAML2SignedKeyHolderKeyModified()
                                         throws java.lang.Exception
Test that creates a signed SAML 2 Assertion using HOK, but then modifies the assertion. The signature verification should then fail.

Throws:
java.lang.Exception

testHOKNoKeyInfo

public void testHOKNoKeyInfo()
                      throws java.lang.Exception
Test that creates a signed SAML 1.1 authentication assertion that uses holder-of-key, but does not include a KeyInfo in the Subject, and hence will fail processing.

Throws:
java.lang.Exception

testHOKNotSigned

public void testHOKNotSigned()
                      throws java.lang.Exception
Test that creates a SAML 1.1 authentication assertion that uses holder-of-key, but is not signed, and hence will fail processing.

Throws:
java.lang.Exception

testSAML2TrustFailure

public void testSAML2TrustFailure()
                           throws java.lang.Exception
Test that creates, sends and processes a signed SAML 2 authentication assertion, but it is rejected in processing as the signature on the assertion is not trusted.

Throws:
java.lang.Exception


Copyright © 2004-2013 The Apache Software Foundation. All Rights Reserved.