View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.wss4j.policy.stax.test;
20  
21  import java.util.ArrayList;
22  import java.util.List;
23  
24  import javax.xml.namespace.QName;
25  
26  import org.apache.wss4j.common.ext.WSSecurityException;
27  import org.apache.wss4j.policy.stax.enforcer.PolicyEnforcer;
28  import org.apache.wss4j.stax.ext.WSSConstants;
29  import org.apache.wss4j.stax.securityEvent.OperationSecurityEvent;
30  import org.apache.wss4j.stax.securityEvent.RequiredPartSecurityEvent;
31  import org.junit.jupiter.api.Test;
32  
33  import static org.junit.jupiter.api.Assertions.assertEquals;
34  import static org.junit.jupiter.api.Assertions.fail;
35  
36  public class RequiredPartsTest extends AbstractPolicyTestBase {
37  
38      @Test
39      public void testPolicy() throws Exception {
40          String policyString =
41                  "<sp:RequiredParts xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
42                          "<sp:Header Name=\"a\" Namespace=\"http://example.org\"/>\n" +
43                          "</sp:RequiredParts>";
44          PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
45  
46          RequiredPartSecurityEvent requiredPartSecurityEvent = new RequiredPartSecurityEvent();
47          List<QName> headerPath = new ArrayList<>();
48          headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
49          headerPath.add(new QName("http://example.org", "a"));
50          requiredPartSecurityEvent.setElementPath(headerPath);
51          policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
52  
53          //additional requiredParts are also allowed!
54          requiredPartSecurityEvent = new RequiredPartSecurityEvent();
55          headerPath = new ArrayList<>();
56          headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
57          headerPath.add(new QName("http://example.org", "b"));
58          requiredPartSecurityEvent.setElementPath(headerPath);
59          policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
60  
61          OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
62          operationSecurityEvent.setOperation(new QName("definitions"));
63          policyEnforcer.registerSecurityEvent(operationSecurityEvent);
64  
65          policyEnforcer.doFinal();
66      }
67  
68      @Test
69      public void testPolicyMultipleAssertionEventsNegative() throws Exception {
70          String policyString =
71                  "<sp:RequiredParts xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\" xmlns:sp3=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802\">\n" +
72                          "<sp:Header Name=\"a\" Namespace=\"http://example.org\"/>\n" +
73                          "</sp:RequiredParts>";
74          PolicyEnforcer policyEnforcer = buildAndStartPolicyEngine(policyString);
75  
76          RequiredPartSecurityEvent requiredPartSecurityEvent = new RequiredPartSecurityEvent();
77          List<QName> headerPath = new ArrayList<>();
78          headerPath.addAll(WSSConstants.SOAP_11_HEADER_PATH);
79          headerPath.add(new QName("http://example.org", "b"));
80          requiredPartSecurityEvent.setElementPath(headerPath);
81          policyEnforcer.registerSecurityEvent(requiredPartSecurityEvent);
82  
83          OperationSecurityEvent operationSecurityEvent = new OperationSecurityEvent();
84          operationSecurityEvent.setOperation(new QName("definitions"));
85  
86          try {
87              policyEnforcer.registerSecurityEvent(operationSecurityEvent);
88              fail("Exception expected");
89          } catch (WSSecurityException e) {
90              assertEquals(e.getMessage(), "Element {http://example.org}a must be present");
91          }
92      }
93  }