Package org.apache.wss4j.dom.saml

Class SamlReferenceTest

  • public class SamlReferenceTest
extends Object
    Some tests for how SAML tokens are referenced.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void testAssertionBelowSTR()
      WS-Security Test Case for WSS-178 - "signature verification failure of signed saml token due to "The Reference for URI (bst-saml-uri) has no XMLSignatureInput".
      void testSAML1HOKDirectReference()
      Test that creates, sends and processes an signed SAML 1.1 holder-of-key assertion, where the SecurityTokenReference that points to the SAML Assertion uses a direct reference, and not a KeyIdentifier.
      void testSAML1HOKEKDirectReference()
      The body of the SOAP request is encrypted using a secret key, which is in turn encrypted using the certificate embedded in the SAML assertion and referenced using Direct Reference.
      void testSAML1HOKEKKeyIdentifier()
      The body of the SOAP request is encrypted using a secret key, which is in turn encrypted using the certificate embedded in the SAML assertion and referenced using a Key Identifier.
      void testSAML1HOKKeyIdentifier()
      Test that creates, sends and processes an signed SAML 1.1 holder-of-key assertion, where the SecurityTokenReference that points to the SAML Assertion uses a KeyIdentifier, and not a direct reference.
      void testSAML1SVDirectReference()
      Test that creates, sends and processes an signed SAML 1.1 sender-vouches assertion, where the SecurityTokenReference that points to the SAML Assertion uses a direct reference, and not a KeyIdentifier.
      void testSAML1SVKeyIdentifier()
      Test that creates, sends and processes an signed SAML 1.1 sender-vouches assertion, where the SecurityTokenReference that points to the SAML Assertion uses a KeyIdentifier, and not a direct reference.
      void testSAML2HOKDirectReference()
      Test that creates, sends and processes an signed SAML 2 holder-of-key assertion, where the SecurityTokenReference that points to the SAML Assertion uses a direct reference, and not a KeyIdentifier.
      void testSAML2HOKEKDirectReference()
      The body of the SOAP request is encrypted using a secret key, which is in turn encrypted using the certificate embedded in the SAML assertion and referenced using Direct Reference.
      void testSAML2HOKEKKeyIdentifier()
      The body of the SOAP request is encrypted using a secret key, which is in turn encrypted using the certificate embedded in the SAML assertion and referenced using a Key Identifier.
      void testSAML2HOKKeyIdentifier()
      Test that creates, sends and processes an signed SAML 2 holder-of-key assertion, where the SecurityTokenReference that points to the SAML Assertion uses a KeyIdentifier, and not a direct reference.
      void testSAML2SVDirectReference()
      Test that creates, sends and processes an signed SAML 2 sender-vouches assertion, where the SecurityTokenReference that points to the SAML Assertion uses a direct reference, and not a KeyIdentifier.
      void testSAML2SVKeyIdentifier()
      Test that creates, sends and processes an signed SAML 2 sender-vouches assertion, where the SecurityTokenReference that points to the SAML Assertion uses a KeyIdentifier, and not a direct reference.

    • Constructor Detail

    • Method Detail

      • testSAML1SVKeyIdentifier

        @Test
public void testSAML1SVKeyIdentifier()
                              throws Exception
        Test that creates, sends and processes an signed SAML 1.1 sender-vouches assertion, where the SecurityTokenReference that points to the SAML Assertion uses a KeyIdentifier, and not a direct reference.
        Throws:
        Exception

      • testSAML1SVDirectReference

        @Test
public void testSAML1SVDirectReference()
                                throws Exception
        Test that creates, sends and processes an signed SAML 1.1 sender-vouches assertion, where the SecurityTokenReference that points to the SAML Assertion uses a direct reference, and not a KeyIdentifier. This method is not spec compliant and is included to make sure we can process third-party Assertions referenced in this way.
        Throws:
        Exception

      • testSAML1HOKKeyIdentifier

        @Test
public void testSAML1HOKKeyIdentifier()
                               throws Exception
        Test that creates, sends and processes an signed SAML 1.1 holder-of-key assertion, where the SecurityTokenReference that points to the SAML Assertion uses a KeyIdentifier, and not a direct reference. This tests that we can process a KeyIdentifier to a SAML Assertion in the KeyInfo of a Signature.
        Throws:
        Exception

      • testSAML1HOKDirectReference

        @Test
public void testSAML1HOKDirectReference()
                                 throws Exception
        Test that creates, sends and processes an signed SAML 1.1 holder-of-key assertion, where the SecurityTokenReference that points to the SAML Assertion uses a direct reference, and not a KeyIdentifier. This method is not spec compliant and is included to make sure we can process third-party Assertions referenced in this way. This tests that we can process a Direct Reference to a SAML Assertion in the KeyInfo of a Signature.
        Throws:
        Exception

      • testAssertionBelowSTR

        @Test
public void testAssertionBelowSTR()
                           throws Exception
        WS-Security Test Case for WSS-178 - "signature verification failure of signed saml token due to "The Reference for URI (bst-saml-uri) has no XMLSignatureInput". The problem is that the signature is referring to a SecurityTokenReference via the STRTransform, which in turn is referring to the SAML Assertion. The request is putting the SAML Assertion below the SecurityTokenReference, and this is causing SecurityTokenReference.getTokenElement to fail.
        Throws:
        Exception

      • testSAML1HOKEKKeyIdentifier

        @Test
public void testSAML1HOKEKKeyIdentifier()
                                 throws Exception
        The body of the SOAP request is encrypted using a secret key, which is in turn encrypted using the certificate embedded in the SAML assertion and referenced using a Key Identifier. This tests that we can process a KeyIdentifier to a SAML Assertion in the KeyInfo of an EncryptedKey.
        Throws:
        Exception

      • testSAML1HOKEKDirectReference

        @Test
public void testSAML1HOKEKDirectReference()
                                   throws Exception
        The body of the SOAP request is encrypted using a secret key, which is in turn encrypted using the certificate embedded in the SAML assertion and referenced using Direct Reference. This method is not spec compliant and is included to make sure we can process third-party Assertions referenced in this way. This tests that we can process a Direct Reference to a SAML Assertion in the KeyInfo of an EncryptedKey.
        Throws:
        Exception

      • testSAML2SVKeyIdentifier

        @Test
public void testSAML2SVKeyIdentifier()
                              throws Exception
        Test that creates, sends and processes an signed SAML 2 sender-vouches assertion, where the SecurityTokenReference that points to the SAML Assertion uses a KeyIdentifier, and not a direct reference.
        Throws:
        Exception

      • testSAML2SVDirectReference

        @Test
public void testSAML2SVDirectReference()
                                throws Exception
        Test that creates, sends and processes an signed SAML 2 sender-vouches assertion, where the SecurityTokenReference that points to the SAML Assertion uses a direct reference, and not a KeyIdentifier. Unlike the SAML 1.1 case, this is spec-compliant.
        Throws:
        Exception

      • testSAML2HOKKeyIdentifier

        @Test
public void testSAML2HOKKeyIdentifier()
                               throws Exception
        Test that creates, sends and processes an signed SAML 2 holder-of-key assertion, where the SecurityTokenReference that points to the SAML Assertion uses a KeyIdentifier, and not a direct reference. This tests that we can process a KeyIdentifier to a SAML Assertion in the KeyInfo of a Signature.
        Throws:
        Exception

      • testSAML2HOKDirectReference

        @Test
public void testSAML2HOKDirectReference()
                                 throws Exception
        Test that creates, sends and processes an signed SAML 2 holder-of-key assertion, where the SecurityTokenReference that points to the SAML Assertion uses a direct reference, and not a KeyIdentifier. Unlike the SAML 1.1 case, this is spec-compliant. This tests that we can process a Direct Reference to a SAML Assertion in the KeyInfo of a Signature.
        Throws:
        Exception

      • testSAML2HOKEKKeyIdentifier

        @Test
public void testSAML2HOKEKKeyIdentifier()
                                 throws Exception
        The body of the SOAP request is encrypted using a secret key, which is in turn encrypted using the certificate embedded in the SAML assertion and referenced using a Key Identifier. This tests that we can process a KeyIdentifier to a SAML Assertion in the KeyInfo of an EncryptedKey.
        Throws:
        Exception

      • testSAML2HOKEKDirectReference

        @Test
public void testSAML2HOKEKDirectReference()
                                   throws Exception
        The body of the SOAP request is encrypted using a secret key, which is in turn encrypted using the certificate embedded in the SAML assertion and referenced using Direct Reference. Unlike the SAML 1.1 case, this is spec-compliant. This tests that we can process a Direct Reference to a SAML Assertion in the KeyInfo of an EncryptedKey.
        Throws:
        Exception