Wss4jMessageInterceptorHeaderTestCase.java

/*
 * Copyright 2005-2010 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.springframework.ws.soap.security.wss4j;

import static org.junit.Assert.*;

import java.io.ByteArrayOutputStream;
import java.util.Iterator;
import java.util.Properties;
import javax.xml.namespace.QName;

import org.junit.Test;

import org.springframework.ws.context.DefaultMessageContext;
import org.springframework.ws.context.MessageContext;
import org.springframework.ws.soap.SoapHeaderElement;
import org.springframework.ws.soap.SoapMessage;
import org.springframework.ws.soap.security.WsSecurityValidationException;
import org.springframework.ws.soap.security.wss4j.callback.SimplePasswordValidationCallbackHandler;

/**
 * @author Arjen Poutsma
 * @author Tareq Abedrabbo
 * @author Greg Turnquist
 */
public abstract class Wss4jMessageInterceptorHeaderTestCase extends Wss4jTestCase {

	private Wss4jSecurityInterceptor interceptor;
	private Wss4jSecurityInterceptor interceptorThatKeepsSecurityHeader;

	@Override
	protected void onSetup() throws Exception {
		Properties users = new Properties();
		users.setProperty("Bert", "Ernie");
		interceptor = new Wss4jSecurityInterceptor();
		interceptor.setValidateRequest(true);
		interceptor.setSecureResponse(true);
		interceptor.setValidationActions("UsernameToken");
		SimplePasswordValidationCallbackHandler callbackHandler = new SimplePasswordValidationCallbackHandler();
		callbackHandler.setUsers(users);
		interceptor.setValidationCallbackHandler(callbackHandler);
		interceptor.afterPropertiesSet();

		interceptorThatKeepsSecurityHeader = new Wss4jSecurityInterceptor();
		interceptorThatKeepsSecurityHeader.setValidateRequest(true);
		interceptorThatKeepsSecurityHeader.setSecureResponse(true);
		interceptorThatKeepsSecurityHeader.setValidationActions("UsernameToken");
		interceptorThatKeepsSecurityHeader.setValidationCallbackHandler(callbackHandler);
		interceptorThatKeepsSecurityHeader.setRemoveSecurityHeader(false);
		interceptorThatKeepsSecurityHeader.afterPropertiesSet();
	}
	
	@Test
	public void testValidateUsernameTokenPlainText() throws Exception {
		SoapMessage message = loadSoap11Message("usernameTokenPlainTextWithHeaders-soap.xml");
		MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
		interceptor.validateMessage(message, messageContext);
		Object result = getMessage(message);
		assertNotNull("No result returned", result);

		for (Iterator<SoapHeaderElement> i = message.getEnvelope().getHeader().examineAllHeaderElements(); i.hasNext();) {
			SoapHeaderElement element = i.next();
			QName name = element.getName();
			if (name.getNamespaceURI()
					.equals("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")) {
				fail("Security Header not removed");
			}

		}

		assertXpathNotExists("Security Header not removed", "/SOAP-ENV:Envelope/SOAP-ENV:Header/wsse:Security",
				getDocument(message));
		assertXpathExists("header1 not found", "/SOAP-ENV:Envelope/SOAP-ENV:Header/header1", getDocument(message));
		assertXpathExists("header2 not found", "/SOAP-ENV:Envelope/SOAP-ENV:Header/header2", getDocument(message));

	}

	@Test
	public void testValidateUsernameTokenPlainTextButKeepSecurityHeader() throws Exception {
		SoapMessage message = loadSoap11Message("usernameTokenPlainTextWithHeaders-soap.xml");
		MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
		interceptorThatKeepsSecurityHeader.validateMessage(message, messageContext);
		Object result = getMessage(message);
		assertNotNull("No result returned", result);

		boolean foundSecurityHeader = false;
		for (Iterator<SoapHeaderElement> i = message.getEnvelope().getHeader().examineAllHeaderElements(); i.hasNext();) {
			SoapHeaderElement element = i.next();
			QName name = element.getName();
			if (name.getNamespaceURI()
					.equals("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")) {
				foundSecurityHeader = true;
			}

		}
		assertTrue(foundSecurityHeader);

		assertXpathExists("header1 not found", "/SOAP-ENV:Envelope/SOAP-ENV:Header/header1", getDocument(message));
		assertXpathExists("header2 not found", "/SOAP-ENV:Envelope/SOAP-ENV:Header/header2", getDocument(message));

	}

	@Test(expected=WsSecurityValidationException.class)
	public void testEmptySecurityHeader() throws Exception {
		SoapMessage message = loadSoap11Message("emptySecurityHeader-soap.xml");
		MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
		interceptor.validateMessage(message, messageContext);
	}
	
	@Test
	public void testPreserveCustomHeaders() throws Exception {
		interceptor.setSecurementActions("UsernameToken");
		interceptor.setSecurementUsername("Bert");
		interceptor.setSecurementPassword("Ernie");

		ByteArrayOutputStream os = new ByteArrayOutputStream();
		SoapMessage message = loadSoap11Message("customHeader-soap.xml");
		MessageContext messageContext = new DefaultMessageContext(message, getSoap11MessageFactory());
		message.writeTo(os);
		String document = os.toString("UTF-8");
		assertXpathEvaluatesTo("Header 1 does not exist", "test1", "/SOAP-ENV:Envelope/SOAP-ENV:Header/test:header1",
				document);
		assertXpathNotExists("Header 2 exist", "/SOAP-ENV:Envelope/SOAP-ENV:Header/test:header2", document);

		interceptor.secureMessage(message, messageContext);

		SoapHeaderElement element = message.getSoapHeader().addHeaderElement(new QName("http://test", "header2"));
		element.setText("test2");

		os = new ByteArrayOutputStream();
		message.writeTo(os);
		document = os.toString("UTF-8");
		assertXpathEvaluatesTo("Header 1 does not exist", "test1", "/SOAP-ENV:Envelope/SOAP-ENV:Header/test:header1",
				document);
		assertXpathEvaluatesTo("Header 2 does not exist", "test2", "/SOAP-ENV:Envelope/SOAP-ENV:Header/test:header2",
				document);

		os = new ByteArrayOutputStream();
		message.writeTo(os);
		document = os.toString("UTF-8");
		assertXpathEvaluatesTo("Header 1 does not exist", "test1", "/SOAP-ENV:Envelope/SOAP-ENV:Header/test:header1",
				document);
		assertXpathEvaluatesTo("Header 2 does not exist", "test2", "/SOAP-ENV:Envelope/SOAP-ENV:Header/test:header2",
				document);
	}
}