1 /** 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 */ 19 package org.apache.wss4j.policy.stax.test; 20 21 public class LayoutTest extends AbstractPolicyTestBase { 22 23 /*@Test 24 public void testPolicyStrict() throws Exception { 25 String policyString = 26 "<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" + 27 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" + 28 "<sp:Layout xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" + 29 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" + 30 "<sp:LaxTsFirst/>\n" + 31 "</wsp:Policy>\n" + 32 "</sp:Layout>\n" + 33 "</wsp:Policy>\n" + 34 "</sp:AsymmetricBinding>"; 35 36 PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString); 37 TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent(); 38 policyEnforcer.registerSecurityEvent(timestampSecurityEvent); 39 40 RequiredElementSecurityEvent requiredElementSecurityEvent = new RequiredElementSecurityEvent(); 41 List<QName> headerPath = new ArrayList<>(); 42 headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH); 43 headerPath.add(WSSConstants.TAG_WSU_TIMESTAMP); 44 requiredElementSecurityEvent.setElementPath(headerPath); 45 policyEnforcer.registerSecurityEvent(requiredElementSecurityEvent); 46 47 X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent(); 48 SecurityToken securityToken = getX509Token(WSSecurityTokenConstants.X509V3Token); 49 securityToken.addTokenUsage(WSTokenConstants.TOKENUSAGE_MAIN_SIGNATURE); 50 x509TokenSecurityEvent.setSecurityToken(securityToken); 51 policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent); 52 53 List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<>(); 54 protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE); 55 protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION); 56 SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(x509TokenSecurityEvent.getSecurityToken(), true, protectionOrder); 57 signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH); 58 policyEnforcer.registerSecurityEvent(signedPartSecurityEvent); 59 60 OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent(); 61 operationSecurityEvent.setOperation(new QName("definitions")); 62 policyEnforcer.registerSecurityEvent(operationSecurityEvent); 63 64 policyEnforcer.doFinal(); 65 }*/ 66 67 /*@Test 68 public void testPolicyLaxTsFirst() throws Exception { 69 String policyString = 70 "<sp:AsymmetricBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" + 71 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" + 72 "<sp:Layout xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" + 73 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" + 74 "<sp:LaxTsFirst/>\n" + 75 "</wsp:Policy>\n" + 76 "</sp:Layout>\n" + 77 "</wsp:Policy>\n" + 78 "</sp:AsymmetricBinding>"; 79 80 PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString); 81 TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent(); 82 policyEnforcer.registerSecurityEvent(timestampSecurityEvent); 83 84 RequiredElementSecurityEvent requiredElementSecurityEvent = new RequiredElementSecurityEvent(); 85 List<QName> headerPath = new ArrayList<>(); 86 headerPath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH); 87 headerPath.add(WSSConstants.TAG_WSU_TIMESTAMP); 88 requiredElementSecurityEvent.setElementPath(headerPath); 89 policyEnforcer.registerSecurityEvent(requiredElementSecurityEvent); 90 91 X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent(); 92 SecurityToken securityToken = getX509Token(WSSecurityTokenConstants.X509V3Token); 93 securityToken.addTokenUsage(WSTokenConstants.TOKENUSAGE_MAIN_SIGNATURE); 94 x509TokenSecurityEvent.setSecurityToken(securityToken); 95 policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent); 96 97 List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<>(); 98 protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE); 99 protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION); 100 SignedPartSecurityEvent signedPartSecurityEvent = new SignedPartSecurityEvent(x509TokenSecurityEvent.getSecurityToken(), true, protectionOrder); 101 signedPartSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH); 102 policyEnforcer.registerSecurityEvent(signedPartSecurityEvent); 103 104 OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent(); 105 operationSecurityEvent.setOperation(new QName("definitions")); 106 policyEnforcer.registerSecurityEvent(operationSecurityEvent); 107 108 policyEnforcer.doFinal(); 109 }*/ 110 111 /*@Test 112 public void testPolicyLaxTsFirstNegative() throws Exception { 113 String policyString = 114 "<sp:Layout xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" + 115 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" + 116 "<sp:LaxTsFirst/>\n" + 117 "</wsp:Policy>\n" + 118 "</sp:Layout>"; 119 PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString); 120 X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent(); 121 SecurityToken securityToken = getX509Token(WSSecurityTokenConstants.X509V3Token); 122 securityToken.addTokenUsage(WSTokenConstants.TOKENUSAGE_MAIN_SIGNATURE); 123 x509TokenSecurityEvent.setSecurityToken(securityToken); 124 policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent); 125 126 OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent(); 127 operationSecurityEvent.setOperation(new QName("definitions")); 128 try { 129 policyEnforcer.registerSecurityEvent(operationSecurityEvent); 130 fail("Exception expected"); 131 } catch (WSSecurityException e) { 132 assertTrue(e.getCause() instanceof PolicyViolationException); 133 assertEquals(e.getCause().getMessage(), "\n" + 134 "Policy enforces LaxTsFirst but X509Token occured first"); 135 } 136 }*/ 137 138 /*@Test 139 public void testPolicyLaxTsLast() throws Exception { 140 String policyString = 141 "<sp:Layout xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" + 142 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" + 143 "<sp:LaxTsLast/>\n" + 144 "</wsp:Policy>\n" + 145 "</sp:Layout>"; 146 PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString); 147 X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent(); 148 SecurityToken securityToken = getX509Token(WSSecurityTokenConstants.X509V3Token); 149 securityToken.addTokenUsage(WSTokenConstants.TOKENUSAGE_MAIN_SIGNATURE); 150 x509TokenSecurityEvent.setSecurityToken(securityToken); 151 policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent); 152 TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent(); 153 policyEnforcer.registerSecurityEvent(timestampSecurityEvent); 154 155 OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent(); 156 operationSecurityEvent.setOperation(new QName("definitions")); 157 policyEnforcer.registerSecurityEvent(operationSecurityEvent); 158 159 policyEnforcer.doFinal(); 160 }*/ 161 162 /*@Test 163 public void testPolicyLaxTsLastNegative() throws Exception { 164 String policyString = 165 "<sp:Layout xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" + 166 "<wsp:Policy xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\">\n" + 167 "<sp:LaxTsLast/>\n" + 168 "</wsp:Policy>\n" + 169 "</sp:Layout>"; 170 PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString); 171 TimestampSecurityEvent timestampSecurityEvent = new TimestampSecurityEvent(); 172 policyEnforcer.registerSecurityEvent(timestampSecurityEvent); 173 X509TokenSecurityEvent x509TokenSecurityEvent = new X509TokenSecurityEvent(); 174 SecurityToken securityToken = getX509Token(WSSecurityTokenConstants.X509V3Token); 175 securityToken.addTokenUsage(WSTokenConstants.TOKENUSAGE_MAIN_SIGNATURE); 176 x509TokenSecurityEvent.setSecurityToken(securityToken); 177 policyEnforcer.registerSecurityEvent(x509TokenSecurityEvent); 178 179 OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent(); 180 operationSecurityEvent.setOperation(new QName("definitions")); 181 try { 182 policyEnforcer.registerSecurityEvent(operationSecurityEvent); 183 fail("Exception expected"); 184 } catch (WSSecurityException e) { 185 assertTrue(e.getCause() instanceof PolicyViolationException); 186 assertEquals(e.getCause().getMessage(), "\n" + 187 "Policy enforces LaxTsLast but X509Token occured last"); 188 } 189 }*/ 190 }