1 /**
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19 package org.apache.wss4j.policy.stax.test;
20
21 public class LayoutTest extends AbstractPolicyTestBase {
22
23 /*@Test
24 public void testPolicyStrict() throws Exception {
25 String policyString =
26 "<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
27 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
28 "<sp:Layout xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
29 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
30 "<sp:LaxTsFirst/>\n" +
31 "</wsp:Policy>\n" +
32 "</sp:Layout>\n" +
33 "</wsp:Policy>\n" +
34 "</sp:AsymmetricBinding>";
35
36 PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
37 TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent();
38 policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
39
40 RequiredElementSecurityEvent requiredElementSecurityEvent = new RequiredElementSecurityEvent();
41 List<QName> headerPath = new ArrayList<>();
42 headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
43 headerPath.add(WSSConstants.TAG_WSU_TIMESTAMP);
44 requiredElementSecurityEvent.setElementPath(headerPath);
45 policyEnforcer.registerSecurityEvent(requiredElementSecurityEvent);
46
47 X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent();
48 SecurityToken securityToken = getX509Token(WSSecurityTokenConstants.X509V3Token);
49 securityToken.addTokenUsage(WSTokenConstants.TOKENUSAGE_MAIN_SIGNATURE);
50 x509TokenSecurityEvent.setSecurityToken(securityToken);
51 policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
52
53 List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<>();
54 protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
55 protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
56 SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(x509TokenSecurityEvent.getSecurityToken(), true, protectionOrder);
57 signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
58 policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
59
60 OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
61 operationSecurityEvent.setOperation(new QName("definitions"));
62 policyEnforcer.registerSecurityEvent(operationSecurityEvent);
63
64 policyEnforcer.doFinal();
65 }*/
66
67 /*@Test
68 public void testPolicyLaxTsFirst() throws Exception {
69 String policyString =
70 "<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
71 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
72 "<sp:Layout xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
73 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
74 "<sp:LaxTsFirst/>\n" +
75 "</wsp:Policy>\n" +
76 "</sp:Layout>\n" +
77 "</wsp:Policy>\n" +
78 "</sp:AsymmetricBinding>";
79
80 PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
81 TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent();
82 policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
83
84 RequiredElementSecurityEvent requiredElementSecurityEvent = new RequiredElementSecurityEvent();
85 List<QName> headerPath = new ArrayList<>();
86 headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
87 headerPath.add(WSSConstants.TAG_WSU_TIMESTAMP);
88 requiredElementSecurityEvent.setElementPath(headerPath);
89 policyEnforcer.registerSecurityEvent(requiredElementSecurityEvent);
90
91 X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent();
92 SecurityToken securityToken = getX509Token(WSSecurityTokenConstants.X509V3Token);
93 securityToken.addTokenUsage(WSTokenConstants.TOKENUSAGE_MAIN_SIGNATURE);
94 x509TokenSecurityEvent.setSecurityToken(securityToken);
95 policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
96
97 List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<>();
98 protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
99 protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
100 SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(x509TokenSecurityEvent.getSecurityToken(), true, protectionOrder);
101 signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
102 policyEnforcer.registerSecurityEvent(signedPartSecurityEvent);
103
104 OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
105 operationSecurityEvent.setOperation(new QName("definitions"));
106 policyEnforcer.registerSecurityEvent(operationSecurityEvent);
107
108 policyEnforcer.doFinal();
109 }*/
110
111 /*@Test
112 public void testPolicyLaxTsFirstNegative() throws Exception {
113 String policyString =
114 "<sp:Layout xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
115 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
116 "<sp:LaxTsFirst/>\n" +
117 "</wsp:Policy>\n" +
118 "</sp:Layout>";
119 PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
120 X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent();
121 SecurityToken securityToken = getX509Token(WSSecurityTokenConstants.X509V3Token);
122 securityToken.addTokenUsage(WSTokenConstants.TOKENUSAGE_MAIN_SIGNATURE);
123 x509TokenSecurityEvent.setSecurityToken(securityToken);
124 policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
125
126 OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
127 operationSecurityEvent.setOperation(new QName("definitions"));
128 try {
129 policyEnforcer.registerSecurityEvent(operationSecurityEvent);
130 fail("Exception expected");
131 } catch (WSSecurityException e) {
132 assertTrue(e.getCause() instanceof PolicyViolationException);
133 assertEquals(e.getCause().getMessage(), "\n" +
134 "Policy enforces LaxTsFirst but X509Token occured first");
135 }
136 }*/
137
138 /*@Test
139 public void testPolicyLaxTsLast() throws Exception {
140 String policyString =
141 "<sp:Layout xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
142 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
143 "<sp:LaxTsLast/>\n" +
144 "</wsp:Policy>\n" +
145 "</sp:Layout>";
146 PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
147 X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent();
148 SecurityToken securityToken = getX509Token(WSSecurityTokenConstants.X509V3Token);
149 securityToken.addTokenUsage(WSTokenConstants.TOKENUSAGE_MAIN_SIGNATURE);
150 x509TokenSecurityEvent.setSecurityToken(securityToken);
151 policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
152 TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent();
153 policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
154
155 OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
156 operationSecurityEvent.setOperation(new QName("definitions"));
157 policyEnforcer.registerSecurityEvent(operationSecurityEvent);
158
159 policyEnforcer.doFinal();
160 }*/
161
162 /*@Test
163 public void testPolicyLaxTsLastNegative() throws Exception {
164 String policyString =
165 "<sp:Layout xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
166 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" +
167 "<sp:LaxTsLast/>\n" +
168 "</wsp:Policy>\n" +
169 "</sp:Layout>";
170 PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
171 TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent();
172 policyEnforcer.registerSecurityEvent(timestampSecurityEvent);
173 X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent();
174 SecurityToken securityToken = getX509Token(WSSecurityTokenConstants.X509V3Token);
175 securityToken.addTokenUsage(WSTokenConstants.TOKENUSAGE_MAIN_SIGNATURE);
176 x509TokenSecurityEvent.setSecurityToken(securityToken);
177 policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent);
178
179 OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
180 operationSecurityEvent.setOperation(new QName("definitions"));
181 try {
182 policyEnforcer.registerSecurityEvent(operationSecurityEvent);
183 fail("Exception expected");
184 } catch (WSSecurityException e) {
185 assertTrue(e.getCause() instanceof PolicyViolationException);
186 assertEquals(e.getCause().getMessage(), "\n" +
187 "Policy enforces LaxTsLast but X509Token occured last");
188 }
189 }*/
190 }