org.apache.cxf.frontend.ClientProxy Java Examples

private static void setupTLS(Greeter port)
    throws IOException, GeneralSecurityException {
    final TLSClientParameters tlsCP = new TLSClientParameters();
    tlsCP.setDisableCNCheck(true);

    final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    try (InputStream is = new FileInputStream("src/main/config/clientKeystore.jks")) {
        keyStore.load(is, "cspass".toCharArray());
    }

    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(keyStore, "ckpass".toCharArray());
    tlsCP.setKeyManagers(kmf.getKeyManagers());

    TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    tmf.init(keyStore);
    tlsCP.setTrustManagers(tmf.getTrustManagers());

    ((HTTPConduit) ClientProxy.getClient(port).getConduit()).setTlsClientParameters(tlsCP);
}
 

@Test
public void testThreadLocalRequestContextIsIsolated() throws InterruptedException {
    URL url = getClass().getResource("/wsdl/hello_world.wsdl");
    javax.xml.ws.Service s = javax.xml.ws.Service.create(url, SERVICE_NAME);
    final Greeter handler = s.getPort(PORT_NAME, Greeter.class);
    final AtomicBoolean isPropertyAPresent = new AtomicBoolean(false);
    // Makes request context thread local
    ClientProxy.getClient(handler).setThreadLocalRequestContext(true);
    // PropertyA should be added to the request context of current thread only
    ClientProxy.getClient(handler).getRequestContext().put("PropertyA", "PropertyAVal");
    Runnable checkRequestContext = new Runnable() {
        @Override
        public void run() {
            if (ClientProxy.getClient(handler).getRequestContext().containsKey("PropertyA")) {
                isPropertyAPresent.set(true);
            }
        }
    };
    Thread thread = new Thread(checkRequestContext);
    thread.start();
    thread.join(60000);

    assertFalse("If we have per thread isolation propertyA should be not present in the context of another thread.",
                isPropertyAPresent.get());
}
 

@Test
public void testHttpWrappedContinuations() throws Exception {
    SpringBusFactory bf = new SpringBusFactory();
    Bus bus = bf.createBus(CLIENT_CONFIG_FILE);
    BusFactory.setDefaultBus(bus);

    QName serviceName = new QName("http://cxf.apache.org/systest/jaxws", "HelloContinuationService");

    URL wsdlURL = new URL("http://localhost:" + PORT + "/hellocontinuation?wsdl");

    HelloContinuationService service = new HelloContinuationService(wsdlURL, serviceName);
    assertNotNull(service);
    final HelloContinuation helloPort = service.getHelloContinuationPort();
    ClientProxy.getClient(helloPort).getInInterceptors().add(new LoggingInInterceptor());
    ClientProxy.getClient(helloPort).getOutInterceptors().add(new LoggingOutInterceptor());
    doTest(helloPort);
    bus.shutdown(true);
}
 

@Test
public void testInvalidRM11WSA200408() throws Exception {
    init("org/apache/cxf/systest/ws/rm/rminterceptors.xml", false);

    // WS-RM 1.1, but using the WS-A 1.0 namespace
    Client client = ClientProxy.getClient(greeter);
    client.getRequestContext().put(RMManager.WSRM_VERSION_PROPERTY, RM11Constants.NAMESPACE_URI);
    client.getRequestContext().put(RMManager.WSRM_WSA_VERSION_PROPERTY, Names200408.WSA_NAMESPACE_NAME);

    try {
        greeter.greetMe("one");
        fail("invalid namespace combination accepted");
    } catch (Exception e) {
        assertTrue(e.getCause() instanceof RMException);
        // verify a partial error text match to exclude an unexpected exception
        // (see UNSUPPORTED_NAMESPACE in Messages.properties)
        final String text = Names200408.WSA_NAMESPACE_NAME + " is not supported";
        assertTrue(e.getCause().getMessage() != null
                   && e.getCause().getMessage().indexOf(text) >= 0);
    }

}
 

@Test
public void testUseBasicAuthFromClient() throws Exception {
    // setup the feature by using JAXWS front-end API
    JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
    // set a fake address to kick off the failover feature
    factory.setAddress("http://localhost:" + PORT + "/SoapContext/GreeterPort");
    factory.setServiceClass(Greeter.class);
    Greeter proxy = factory.create(Greeter.class);

    Client clientProxy = ClientProxy.getClient(proxy);
    HTTPConduit conduit = (HTTPConduit) clientProxy.getConduit();
    conduit.getAuthorization().setAuthorizationType("Basic");
    conduit.getAuthorization().setUserName("user");
    conduit.getAuthorization().setPassword("test");
    
    final BindingProvider bindingProvider = (BindingProvider) proxy;
    bindingProvider.getRequestContext().put("encode.basicauth.with.iso8859", true);

    String response = proxy.greetMe("cxf");
    assertThat("CXF is protected: cxf", equalTo(response));
}
 

private void doWork(URL wsdlUrl, String address) {
    SOAPService service = new SOAPService(wsdlUrl);
    assertNotNull(service);
    Greeter greeter = service.getSoapPort();

    // overwrite client address
    InvocationHandler handler = Proxy.getInvocationHandler(greeter);
    BindingProvider bp = (BindingProvider)handler;
    bp.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
                               address);
    Client client = ClientProxy.getClient(greeter);
    HTTPConduit c = (HTTPConduit)client.getConduit();
    c.setClient(new HTTPClientPolicy());
    c.getClient().setConnection(ConnectionType.CLOSE);

    // invoke twoway call
    greeter.sayHi();
}
 

@Test
public void testInvalidWSRMMustUnderstandOnReceive() throws Exception {
    init("org/apache/cxf/systest/ws/rm/rminterceptors.xml", false);

    // WS-RM 1.0 using the WS-A 1.0 namespace
    Client client = ClientProxy.getClient(greeter);
    client.getRequestContext().put(RMManager.WSRM_VERSION_PROPERTY, RM10Constants.NAMESPACE_URI);
    client.getRequestContext().put(RMManager.WSRM_WSA_VERSION_PROPERTY, Names200408.WSA_NAMESPACE_NAME);

    // rewrite the outgoing message's WS-RM namespace to an invalid one
    TransformOutInterceptor trans = new TransformOutInterceptor();
    Map<String, String> outElements = new HashMap<>();
    outElements.put("{" + RM10Constants.NAMESPACE_URI + "}*", "{http://cxf.apache.org/invalid}*");
    trans.setOutTransformElements(outElements);

    client.getOutInterceptors().add(trans);
    try {
        greeter.greetMe("one");
        fail("invalid wsrm header");
    } catch (Exception e) {
        assertTrue(e.getCause() instanceof SoapFault);
        final String text = "WS-ReliableMessaging is required";
        assertTrue(e.getCause().getMessage(), e.getCause().getMessage() != null
            && e.getCause().getMessage().indexOf(text) >= 0);
    }
}
 

protected void enableWSAForCurrentEndpoint() {
    Endpoint provider = ClientProxy.getClient(greeter).getEndpoint();
    mapAggregator = new MAPAggregator();
    mapCodec = MAPCodec.getInstance(ClientProxy.getClient(greeter).getBus());
    provider.getInInterceptors().add(mapAggregator);
    provider.getInInterceptors().add(mapCodec);

    provider.getOutInterceptors().add(mapAggregator);
    provider.getOutInterceptors().add(mapCodec);

    provider.getInFaultInterceptors().add(mapAggregator);
    provider.getInFaultInterceptors().add(mapCodec);

    provider.getOutFaultInterceptors().add(mapAggregator);
    provider.getOutFaultInterceptors().add(mapCodec);
}
 

protected void enableWSAForCurrentEndpoint() {
    Endpoint provider = ClientProxy.getClient(greeter).getEndpoint();
    mapAggregator = new MAPAggregator();
    mapCodec = MAPCodec.getInstance(ClientProxy.getClient(greeter).getBus());
    provider.getInInterceptors().add(mapAggregator);
    provider.getInInterceptors().add(mapCodec);

    provider.getOutInterceptors().add(mapAggregator);
    provider.getOutInterceptors().add(mapCodec);

    provider.getInFaultInterceptors().add(mapAggregator);
    provider.getInFaultInterceptors().add(mapCodec);

    provider.getOutFaultInterceptors().add(mapAggregator);
    provider.getOutFaultInterceptors().add(mapCodec);
}
 

@Test
public void testSayHi2() throws Exception {
    QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldServiceSoapAction");
    QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
    URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
    HelloWorldService service = new HelloWorldService(wsdl, serviceName);

    HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class);

    ClientProxy.getClient(greeter).getOutInterceptors().add(new LoggingOutInterceptor());
    ClientProxy.getClient(greeter).getOutInterceptors().add(new LoggingInInterceptor());

    ((BindingProvider)greeter).getRequestContext().put(BindingProvider.SOAPACTION_USE_PROPERTY, "true");
    ((BindingProvider)greeter).getRequestContext().put(
        BindingProvider.SOAPACTION_URI_PROPERTY, "SAY_HI_2"
    );

    try {
        greeter.sayHi();
        fail("Failure expected on spoofing attack");
    } catch (Exception ex) {
        // expected
    }
        
    ((java.io.Closeable)greeter).close();
}
 

@Before
public void setUp() throws Exception {
    super.setUp();
    createService(DocumentService.class, "DocService");
    ClientProxyFactoryBean proxyFac = new ClientProxyFactoryBean();
    ReflectionServiceFactoryBean factory = new ReflectionServiceFactoryBean();
    factory.getServiceConfigurations()
        .add(0, new org.apache.cxf.aegis.databinding.XFireCompatibilityServiceConfiguration());
    proxyFac.setServiceFactory(factory);
    proxyFac.setDataBinding(new AegisDatabinding());

    proxyFac.setAddress("local://DocService");
    proxyFac.setBus(getBus());

    Object proxyObj = proxyFac.create(IDocumentService.class);
    docClient = (IDocumentService)proxyObj;
    Client client = ClientProxy.getClient(proxyObj);
    ClientImpl clientImpl = (ClientImpl)client;
    clientImpl.setSynchronousTimeout(1000000000);
}
 

protected void setupGreeter() throws Exception {
    ClusteredGreeterService cs = new ClusteredGreeterService();
    // REVISIT: why doesn't the generic (i.e. non-Port-specific)
    // Service.getPort() load the <jaxws:client> configuration?
    greeter = cs.getReplicatedPortA();
    updateAddressPort(greeter, PORT_A);
    assertTrue("unexpected conduit selector: "
               + ClientProxy.getClient(greeter).getConduitSelector().getClass().getName(),
               ClientProxy.getClient(greeter).getConduitSelector()
               instanceof FailoverTargetSelector);

    updateWsdlExtensors("9051", PORT_A);
    updateWsdlExtensors("9052", PORT_B);
    updateWsdlExtensors("9053", PORT_C);
    updateWsdlExtensors("9055", PORT_E);
}
 

@Test
public void testTimestamp() throws Exception {
    // Create + configure service
    Service service = createService();

    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);

    // Create + configure client
    Echo echo = createClientProxy();

    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());

    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.TIMESTAMP);

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);

    assertEquals("test", echo.echo("test"));
}
 

public void sendRequest() throws Exception {
    JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
    factory.setServiceClass(HelloWorld.class);
    factory.setAddress("http://localhost:8181/cxf/HelloWorldSecurity");
    HelloWorld client = (HelloWorld) factory.create();
    
    Map<String, Object> outProps = new HashMap<String, Object>();
    outProps.put("action", "UsernameToken");

    //add a CustomerSecurityInterceptor for client side to init wss4j staff
    //retrieve and set user/password,  users can easily add this interceptor
    //through spring configuration also
    ClientProxy.getClient(client).getOutInterceptors().add(new CustomerSecurityInterceptor());
    ClientProxy.getClient(client).getOutInterceptors().add(new WSS4JOutInterceptor());
    String ret = client.sayHi("ffang");
    System.out.println(ret);
}
 

@Test
public void testSimpleClientWithWsdlAndBindingId() throws Exception {
    QName portName = new QName("http://cxf.apache.org/systest/jaxws/DocLitWrappedCodeFirstService",
        "DocLitWrappedCodeFirstServicePort");
    QName servName = new QName("http://cxf.apache.org/systest/jaxws/DocLitWrappedCodeFirstService",
        "DocLitWrappedCodeFirstService");

    ClientProxyFactoryBean factory = new ClientProxyFactoryBean();
    factory.setBindingId("http://cxf.apache.org/bindings/xformat");
    factory.setWsdlURL(ServerMisc.DOCLIT_CODEFIRST_URL_XMLBINDING + "?wsdl");
    factory.setServiceName(servName);
    factory.setServiceClass(DocLitWrappedCodeFirstService.class);
    factory.setEndpointName(portName);
    factory.setAddress(ServerMisc.DOCLIT_CODEFIRST_URL_XMLBINDING);
    DocLitWrappedCodeFirstService port = (DocLitWrappedCodeFirstService) factory.create();
    assertNotNull(port);
    assertEquals(factory.getBindingId(), "http://cxf.apache.org/bindings/xformat");
    assertTrue(ClientProxy.getClient(port).getEndpoint().getBinding() instanceof XMLBinding);

    String echoMsg = port.echo("Hello");
    assertEquals("Hello", echoMsg);
}
 

@Test
public void testSaml1() throws Exception {
    // Create + configure service
    Service service = createService();

    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setValidateSamlSubjectConfirmation(false);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);

    // Create + configure client
    Echo echo = createClientProxy();

    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());

    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED);
    properties.put(
        ConfigurationConstants.SAML_CALLBACK_REF, new SAML1CallbackHandler()
    );

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);

    assertEquals("test", echo.echo("test"));
}
 

@Test
public void testInvalidRM11WSA200408OnReceive() throws Exception {
    init("org/apache/cxf/systest/ws/rm/rminterceptors.xml", false);

    // WS-RM 1.0 using the WS-A 1.0 namespace
    Client client = ClientProxy.getClient(greeter);
    client.getRequestContext().put(RMManager.WSRM_VERSION_PROPERTY, RM10Constants.NAMESPACE_URI);
    client.getRequestContext().put(RMManager.WSRM_WSA_VERSION_PROPERTY, Names200408.WSA_NAMESPACE_NAME);

    // rewrite the outgoing message's WS-RM namespace to 1.1
    TransformOutInterceptor trans = new TransformOutInterceptor();
    Map<String, String> outElements = new HashMap<>();
    outElements.put("{" + RM10Constants.NAMESPACE_URI + "}*", "{" + RM11Constants.NAMESPACE_URI + "}*");
    trans.setOutTransformElements(outElements);

    client.getOutInterceptors().add(trans);
    try {
        greeter.greetMe("one");
        fail("invalid namespace combination accepted");
    } catch (Exception e) {
        assertTrue(e.getCause() instanceof SoapFault);
        // verify a partial error text match to exclude an unexpected exception
        // (see WSRM_REQUIRED_EXC in Messages.properties)
        final String text = "WS-ReliableMessaging is required";
        assertTrue(e.getCause().getMessage() != null
                   && e.getCause().getMessage().indexOf(text) >= 0);
    }
}
 

@Test
public void testUnsignedSAML2AudienceRestrictionTokenBadURI() throws Exception {
    QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
    QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
    URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
    HelloWorldService service = new HelloWorldService(wsdl, serviceName);

    HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class);

    SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
    callbackHandler.setSignAssertion(true);
    callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);

    ConditionsBean conditions = new ConditionsBean();
    conditions.setTokenPeriodMinutes(5);
    List<String> audiences = new ArrayList<>();
    audiences.add("jms:jndi:dynamicQueues/test.jmstransport.text.bad");
    AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean();
    audienceRestrictionBean.setAudienceURIs(audiences);
    conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));

    callbackHandler.setConditions(conditions);

    Map<String, Object> outProperties = new HashMap<>();
    outProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED);
    outProperties.put(ConfigurationConstants.SAML_CALLBACK_REF, callbackHandler);

    WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties);
    Client client = ClientProxy.getClient(greeter);
    client.getOutInterceptors().add(outInterceptor);

    try {
        greeter.sayHi();
        fail("Failure expected on a bad audience restriction");
    } catch (SOAPFaultException ex) {
        // expected
    }

    ((java.io.Closeable)greeter).close();
}
 

@Test
public void testWithGetPortExtensionOverJMS() throws Exception {

    NumberFactoryService service = new NumberFactoryService();
    NumberFactory factory = service.getNumberFactoryPort();
    updateAddressPort(factory, PORT);


    // use values >= 30 to create JMS eprs - see NumberFactoryImpl.create

    // verify it is JMS, 999 for JMS will throw a fault
    W3CEndpointReference ref = factory.create("999");
    String s = NumberService.WSDL_LOCATION.toString();
    EmbeddedJMSBrokerLauncher.updateWsdlExtensors(BusFactory.getDefaultBus(), s);
    NumberService numService = new NumberService();

    assertNotNull("reference", ref);
    ServiceImpl serviceImpl = ServiceDelegateAccessor.get(numService);
    Number num = serviceImpl.getPort(ref, Number.class);
    try {
        num.isEven().isEven();
        fail("there should be a fault on val 999");
    } catch (Exception expected) {
        assertTrue("match on exception message " + expected.getMessage(),
                   expected.getMessage().indexOf("999") != -1);
    }
    ClientProxy.getClient(num).getConduit().close();

    ref = factory.create("37");
    assertNotNull("reference", ref);
    num = serviceImpl.getPort(ref, Number.class);
    assertFalse("37 is not even", num.isEven().isEven());

    ClientProxy.getClient(num).getConduit().close();
    ClientProxy.getClient(factory).getConduit().close();
}
 

/**
 * Configures the SSL environment.
 */
protected void configureSSL() {
	TLSClientParameters tlsParams = new TLSClientParameters();
	tlsParams.setDisableCNCheck(true);
	tlsParams.setTrustManagers(new TrustManager[] { new EasyX509TrustManager() });

	org.apache.cxf.endpoint.Client cl = ClientProxy.getClient(client);
	HTTPConduit httpConduit = (HTTPConduit) cl.getConduit();
	httpConduit.setTlsClientParameters(tlsParams);
}
 

@org.junit.Test
public void testUsernameToken() throws Exception {

    SpringBusFactory bf = new SpringBusFactory();

    Bus bus = bf.createBus();
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);

    URL wsdl = PasswordPropertiesTest.class.getResource("DoubleItPassword.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItUTPort");

    DoubleItPortType port =
            service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);

    if (test.isStreaming()) {
        SecurityTestUtil.enableStreaming(port);
    }

    Client client = ClientProxy.getClient(port);
    client.getRequestContext().put(SecurityConstants.USERNAME, "Alice");
    client.getRequestContext().put(SecurityConstants.PASSWORD, "ecilA");

    assertEquals(50, port.doubleIt(25));

    ((java.io.Closeable)port).close();
    bus.shutdown(true);
}
 

@org.junit.Test
public void testBasicAuthViaAuthorizationPolicy() throws Exception {

    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = BasicAuthTest.class.getResource("client.xml");

    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);

    URL wsdl = BasicAuthTest.class.getResource("DoubleItBasicAuth.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItBasicAuthPort2");
    DoubleItPortType utPort =
            service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(utPort, PORT);

    Client client = ClientProxy.getClient(utPort);
    HTTPConduit http = (HTTPConduit) client.getConduit();
    AuthorizationPolicy authorizationPolicy = new AuthorizationPolicy();
    authorizationPolicy.setUserName("Alice");
    authorizationPolicy.setPassword("ecilA");
    authorizationPolicy.setAuthorizationType("Basic");
    http.setAuthorization(authorizationPolicy);

    assertEquals(50, utPort.doubleIt(25));

    ((java.io.Closeable)utPort).close();
    bus.shutdown(true);
}
 

@Test
public void testEncryptDirectReference() throws Exception {
    // Create + configure service
    Service service = createService();

    Map<String, Object> inProperties = new HashMap<>();
    inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.ENCRYPTION);
    inProperties.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
    inProperties.put(ConfigurationConstants.DEC_PROP_FILE, "insecurity.properties");
    WSS4JInInterceptor inInterceptor = new WSS4JInInterceptor(inProperties);
    service.getInInterceptors().add(inInterceptor);

    // Create + configure client
    Echo echo = createClientProxy();

    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());

    WSSSecurityProperties properties = new WSSSecurityProperties();
    List<WSSConstants.Action> actions = new ArrayList<>();
    actions.add(XMLSecurityConstants.ENCRYPTION);
    properties.setActions(actions);
    properties.setEncryptionUser("myalias");
    properties.setEncryptionKeyIdentifier(
        WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE
    );
    properties.setEncryptionSymAlgorithm(XMLSecurityConstants.NS_XENC_AES128);

    Properties cryptoProperties =
        CryptoFactory.getProperties("outsecurity.properties", this.getClass().getClassLoader());
    properties.setEncryptionCryptoProperties(cryptoProperties);
    properties.setCallbackHandler(new TestPwdCallback());
    WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);

    assertEquals("test", echo.echo("test"));
}
 

@Test
public void testSignatureDirectReference() throws Exception {
    // Create + configure service
    Service service = createService();

    WSSSecurityProperties inProperties = new WSSSecurityProperties();
    inProperties.setCallbackHandler(new TestPwdCallback());
    Properties cryptoProperties =
        CryptoFactory.getProperties("insecurity.properties", this.getClass().getClassLoader());
    inProperties.setSignatureVerificationCryptoProperties(cryptoProperties);
    WSS4JStaxInInterceptor inhandler = new WSS4JStaxInInterceptor(inProperties);
    service.getInInterceptors().add(inhandler);

    // Create + configure client
    Echo echo = createClientProxy();

    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());

    Map<String, Object> properties = new HashMap<>();
    properties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
    properties.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
    properties.put(ConfigurationConstants.SIG_PROP_FILE, "outsecurity.properties");
    properties.put(ConfigurationConstants.USER, "myalias");
    properties.put(ConfigurationConstants.SIG_KEY_ID, "DirectReference");

    WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor(properties);
    client.getOutInterceptors().add(ohandler);

    assertEquals("test", echo.echo("test"));
}
 

@org.junit.Test
public void testSignedTimestampReplay() throws Exception {

    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = ActionTest.class.getResource("client.xml");

    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);

    URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItSignedTimestampPort");
    DoubleItPortType port =
            service.getPort(portQName, DoubleItPortType.class);
    updateAddressPort(port, PORT);

    Client cxfClient = ClientProxy.getClient(port);
    SecurityHeaderCacheInterceptor cacheInterceptor =
        new SecurityHeaderCacheInterceptor();
    cxfClient.getOutInterceptors().add(cacheInterceptor);

    // Make two invocations with the same SecurityHeader
    assertEquals(50, port.doubleIt(25));
    try {
        port.doubleIt(25);
        fail("Failure expected on a replayed Timestamp");
    } catch (javax.xml.ws.soap.SOAPFaultException ex) {
        assertEquals(ex.getMessage(), WSSecurityException.UNIFIED_SECURITY_ERR);
    }

    ((java.io.Closeable)port).close();
    bus.shutdown(true);
}
 

@org.junit.Test
public void testImminentExpiry() throws Exception {

    SpringBusFactory bf = new SpringBusFactory();
    URL busFile = CachingTest.class.getResource("cxf-client.xml");

    Bus bus = bf.createBus(busFile.toString());
    BusFactory.setDefaultBus(bus);
    BusFactory.setThreadDefaultBus(bus);

    URL wsdl = CachingTest.class.getResource("DoubleIt.wsdl");
    Service service = Service.create(wsdl, SERVICE_QNAME);
    QName portQName = new QName(NAMESPACE, "DoubleItTransportSAML1Port");
    DoubleItPortType port =
        service.getPort(portQName, DoubleItPortType.class);
    ((BindingProvider)port).getRequestContext().put("thread.local.request.context", "true");
    updateAddressPort(port, PORT);

    // Make a successful invocation
    doubleIt(port, 25);

    Client client = ClientProxy.getClient(port);
    Endpoint ep = client.getEndpoint();
    String id = (String)ep.get(SecurityConstants.TOKEN_ID);
    TokenStore store = (TokenStore)ep.getEndpointInfo().getProperty(TokenStore.class.getName());
    SecurityToken tok = store.getToken(id);
    assertNotNull(tok);

    // Make the token "about to expire"
    tok.setExpires(Instant.now().plusSeconds(5L));
    assertTrue(tok.isAboutToExpire(10L));

    doubleIt(port, 25);

    ((java.io.Closeable)port).close();
    bus.shutdown(true);
}
 

public static void setKeepAliveConnection(Object proxy, boolean keepAlive, boolean force) {
    if (force || "HP-UX".equals(System.getProperty("os.name"))
        || "Windows XP".equals(System.getProperty("os.name"))) {
        Client client = ClientProxy.getClient(proxy);
        HTTPConduit hc = (HTTPConduit)client.getConduit();
        HTTPClientPolicy cp = hc.getClient();
        cp.setConnection(keepAlive ? ConnectionType.KEEP_ALIVE : ConnectionType.CLOSE);
    }
}
 

@Test
public void testHttpsRedirectToHttpFail() throws Exception {
    startServer("Mortimer");
    startServer("Poltim");

    URL wsdl = getClass().getResource("greeting.wsdl");
    assertNotNull("WSDL is null", wsdl);

    SOAPService service = new SOAPService(wsdl, serviceName);
    assertNotNull("Service is null", service);

    Greeter poltim = service.getPort(poltimQ, Greeter.class);
    assertNotNull("Port is null", poltim);
    updateAddressPort(poltim, getPort("PORT2"));

    // Okay, I'm sick of configuration files.
    // This also tests dynamic configuration of the conduit.
    Client client = ClientProxy.getClient(poltim);
    HTTPConduit http =
        (HTTPConduit) client.getConduit();

    HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();

    httpClientPolicy.setAutoRedirect(true);

    http.setClient(httpClientPolicy);
    http.setTlsClientParameters(tlsClientParameters);
    configureProxy(client);
    poltim.sayHi();
    //client -> poltim is https and thus not recorded but then redirected to mortimer
    //client -> mortimer is http and recoreded
    assertProxyRequestCount(1);
}
 

@Test
public void testSignatureConfig() throws Exception {
    // Create + configure service
    Service service = createService();

    Map<String, Object> inProperties = new HashMap<>();
    inProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
    inProperties.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
    inProperties.put(ConfigurationConstants.SIG_VER_PROP_FILE, "insecurity.properties");
    WSS4JInInterceptor inInterceptor = new WSS4JInInterceptor(inProperties);
    service.getInInterceptors().add(inInterceptor);

    // Create + configure client
    Echo echo = createClientProxy();

    Client client = ClientProxy.getClient(echo);
    client.getInInterceptors().add(new LoggingInInterceptor());
    client.getOutInterceptors().add(new LoggingOutInterceptor());

    Map<String, Object> outConfig = new HashMap<>();
    outConfig.put(ConfigurationConstants.ACTION, ConfigurationConstants.SIGNATURE);
    outConfig.put(ConfigurationConstants.SIGNATURE_USER, "myalias");
    outConfig.put(ConfigurationConstants.PW_CALLBACK_REF, new TestPwdCallback());
    outConfig.put(ConfigurationConstants.SIG_PROP_FILE, "outsecurity.properties");
    WSS4JStaxOutInterceptor ohandler = new WSS4JStaxOutInterceptor(outConfig);

    client.getOutInterceptors().add(ohandler);

    assertEquals("test", echo.echo("test"));
}
 

protected boolean isWSAEnabledForCurrentEndpoint() {
    Endpoint provider = ClientProxy.getClient(greeter).getEndpoint();
    boolean enabledIn =
        provider.getInInterceptors().contains(mapAggregator)
        && provider.getInInterceptors().contains(mapCodec)
        && provider.getInFaultInterceptors().contains(mapAggregator)
        && provider.getInFaultInterceptors().contains(mapCodec);
    boolean enabledOut =
        provider.getOutInterceptors().contains(mapAggregator)
        && provider.getOutInterceptors().contains(mapCodec)
        && provider.getOutFaultInterceptors().contains(mapAggregator)
        && provider.getOutFaultInterceptors().contains(mapCodec);
    return enabledIn && enabledOut;
}