tests/camel-itest/src/test/java/org/apache/camel/itest/security/GreeterClientTest.java - camel - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.camel.itest.security;

 import java.util.HashMap;
 import java.util.Map;

 import javax.xml.namespace.QName;
 import javax.xml.ws.BindingProvider;
 import javax.xml.ws.soap.SOAPFaultException;

 import org.apache.camel.CamelContext;
 import org.apache.camel.test.spring.junit5.CamelSpringTest;
 import org.apache.cxf.endpoint.Client;
 import org.apache.cxf.frontend.ClientProxy;
 import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
 import org.apache.hello_world_soap_http.Greeter;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.test.context.ContextConfiguration;

 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.junit.jupiter.api.Assertions.fail;

 @CamelSpringTest
 @ContextConfiguration(locations = {"camel-context.xml"})
 public class GreeterClientTest {
     private static final java.net.URL WSDL_LOC;
     static {
         java.net.URL tmp = null;
         try {
             tmp = GreeterClientTest.class.getClassLoader().getResource("wsdl/hello_world.wsdl");
         } catch (final Exception e) {
             e.printStackTrace();
         }
         WSDL_LOC = tmp;
     }
     private static final QName SERVICE_QNAME =
         new QName("http://apache.org/hello_world_soap_http", "SOAPService");

     private static final QName PORT_QNAME =
         new QName("http://apache.org/hello_world_soap_http", "SoapOverHttp"
         );

     @Autowired
     protected CamelContext camelContext;

     protected String sendMessageWithUsernameToken(String username, String password, String message) throws Exception {
         final javax.xml.ws.Service svc = javax.xml.ws.Service.create(WSDL_LOC, SERVICE_QNAME);
         final Greeter greeter = svc.getPort(PORT_QNAME, Greeter.class);

         Client client = ClientProxy.getClient(greeter);
         Map<String, Object> props = new HashMap<>();
         props.put("action", "UsernameToken");
         props.put("user", username);
         // Set the password type to be plain text,
         // so we can keep using the password to authenticate with spring security
         props.put("passwordType", "PasswordText");
         WSS4JOutInterceptor wss4jOut = new WSS4JOutInterceptor(props);

         client.getOutInterceptors().add(wss4jOut);
         ((BindingProvider)greeter).getRequestContext().put("password", password);

         return greeter.greetMe(message);
     }

     @BeforeEach
     public void setUp() {
         if (!camelContext.isStarted()) {
             camelContext.start();
         }
     }

     @AfterEach
     public void tearDown() {
         camelContext.stop();
     }

     @Test
     void testServiceWithValidateUser() throws Exception {

         String response = sendMessageWithUsernameToken("jim", "jimspassword", "CXF");

         assertEquals(" Hello CXF", response);

         try {
             sendMessageWithUsernameToken("jim", "foo", "CXF");
             fail("should fail");
         } catch (Exception ex) {
             String msg = ex.getMessage();
             assertTrue(ex instanceof SOAPFaultException, "Get a wrong type exception.");
             assertTrue(msg.startsWith("The security token could not be authenticated or authorized")
                        || msg.startsWith("A security error was encountered when verifying the messag"),
                        "Get a wrong exception message: " + msg);
         }
     }

     @Test
     void testServiceWithNotAuthorizedUser() {
         try {
             // this user doesn't have the right to access the processor
             sendMessageWithUsernameToken("bob", "bobspassword", "CXF");
             fail("should fail");
         } catch (Exception ex) {
             assertTrue(ex instanceof SOAPFaultException, "Get a wrong type exception.");
             assertTrue(ex.getMessage().startsWith("Cannot access the processor which has been protected."), "Get a wrong exception message");
             assertTrue(ex.getMessage().endsWith("Caused by: [org.springframework.security.access.AccessDeniedException - Access is denied]"), "Get a wrong exception message");
         }
     }

 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.camel.itest.security;

	import java.util.HashMap;
	import java.util.Map;

	import javax.xml.namespace.QName;
	import javax.xml.ws.BindingProvider;
	import javax.xml.ws.soap.SOAPFaultException;

	import org.apache.camel.CamelContext;
	import org.apache.camel.test.spring.junit5.CamelSpringTest;
	import org.apache.cxf.endpoint.Client;
	import org.apache.cxf.frontend.ClientProxy;
	import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
	import org.apache.hello_world_soap_http.Greeter;
	import org.junit.jupiter.api.AfterEach;
	import org.junit.jupiter.api.BeforeEach;
	import org.junit.jupiter.api.Test;
	import org.springframework.beans.factory.annotation.Autowired;
	import org.springframework.test.context.ContextConfiguration;

	import static org.junit.jupiter.api.Assertions.assertEquals;
	import static org.junit.jupiter.api.Assertions.assertTrue;
	import static org.junit.jupiter.api.Assertions.fail;

	@CamelSpringTest
	@ContextConfiguration(locations = {"camel-context.xml"})
	public class GreeterClientTest {
	private static final java.net.URL WSDL_LOC;
	static {
	java.net.URL tmp = null;
	try {
	tmp = GreeterClientTest.class.getClassLoader().getResource("wsdl/hello_world.wsdl");
	} catch (final Exception e) {
	e.printStackTrace();
	}
	WSDL_LOC = tmp;
	}
	private static final QName SERVICE_QNAME =
	new QName("http://apache.org/hello_world_soap_http", "SOAPService");

	private static final QName PORT_QNAME =
	new QName("http://apache.org/hello_world_soap_http", "SoapOverHttp"
	);

	@Autowired
	protected CamelContext camelContext;

	protected String sendMessageWithUsernameToken(String username, String password, String message) throws Exception {
	final javax.xml.ws.Service svc = javax.xml.ws.Service.create(WSDL_LOC, SERVICE_QNAME);
	final Greeter greeter = svc.getPort(PORT_QNAME, Greeter.class);

	Client client = ClientProxy.getClient(greeter);
	Map<String, Object> props = new HashMap<>();
	props.put("action", "UsernameToken");
	props.put("user", username);
	// Set the password type to be plain text,
	// so we can keep using the password to authenticate with spring security
	props.put("passwordType", "PasswordText");
	WSS4JOutInterceptor wss4jOut = new WSS4JOutInterceptor(props);

	client.getOutInterceptors().add(wss4jOut);
	((BindingProvider)greeter).getRequestContext().put("password", password);

	return greeter.greetMe(message);
	}

	@BeforeEach
	public void setUp() {
	if (!camelContext.isStarted()) {
	camelContext.start();
	}
	}

	@AfterEach
	public void tearDown() {
	camelContext.stop();
	}

	@Test
	void testServiceWithValidateUser() throws Exception {

	String response = sendMessageWithUsernameToken("jim", "jimspassword", "CXF");

	assertEquals(" Hello CXF", response);

	try {
	sendMessageWithUsernameToken("jim", "foo", "CXF");
	fail("should fail");
	} catch (Exception ex) {
	String msg = ex.getMessage();
	assertTrue(ex instanceof SOAPFaultException, "Get a wrong type exception.");
	assertTrue(msg.startsWith("The security token could not be authenticated or authorized")
	\|\| msg.startsWith("A security error was encountered when verifying the messag"),
	"Get a wrong exception message: " + msg);
	}
	}

	@Test
	void testServiceWithNotAuthorizedUser() {
	try {
	// this user doesn't have the right to access the processor
	sendMessageWithUsernameToken("bob", "bobspassword", "CXF");
	fail("should fail");
	} catch (Exception ex) {
	assertTrue(ex instanceof SOAPFaultException, "Get a wrong type exception.");
	assertTrue(ex.getMessage().startsWith("Cannot access the processor which has been protected."), "Get a wrong exception message");
	assertTrue(ex.getMessage().endsWith("Caused by: [org.springframework.security.access.AccessDeniedException - Access is denied]"), "Get a wrong exception message");
	}
	}

	}