Examples of org.apache.wss4j.dom.WSSConfig

• org.apache.wss4j.dom.WSSConfig
  WSSConfig

  Carries configuration data so the WSS4J spec compliance can be modified in runtime. Configure an instance of this object only if you need WSS4J to emulate certain industry clients or previous OASIS specifications for WS-Security interoperability testing purposes.

  The default settings follow the latest OASIS and changing anything might violate the OASIS specs.

  WARNING: changing the default settings will break the compliance with the latest specs. Do this only if you know what you are doing.

     * Test using a UsernameToken derived key for signing a SOAP body via WSHandler
     */
    @org.junit.Test
    public void testHandlerSignatureIterations() throws Exception {

        final WSSConfig cfg = WSSConfig.getNewInstance();
        RequestData reqData = new RequestData();
        reqData.setWssConfig(cfg);
        java.util.Map<String, Object> messageContext = new java.util.TreeMap<String, Object>();
        messageContext.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
        messageContext.put(WSHandlerConstants.DERIVED_KEY_ITERATIONS, "1234");

    private List<WSSecurityEngineResult> verify(
        Document doc,
        boolean allowUsernameTokenDerivedKeys
    ) throws Exception {
        WSSecurityEngine secEngine = new WSSecurityEngine();
        WSSConfig config = WSSConfig.getNewInstance();
        config.setAllowUsernameTokenNoPassword(allowUsernameTokenDerivedKeys);
        secEngine.setWssConfig(config);
        return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
    }

    public static void cleanup() throws Exception {
        SecurityTestUtil.cleanup();
    }

    public SamlReferenceTest() throws Exception {
        WSSConfig config = WSSConfig.getNewInstance();
        config.setValidateSamlSubjectConfirmation(false);
        secEngine.setWssConfig(config);

        // Load the issuer keystore
        issuerCrypto = new Merlin();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());

        verify(signedDoc);
    }

    @org.junit.Test
    public void testSignatureWSHandler() throws Exception {
        final WSSConfig cfg = WSSConfig.getNewInstance();
        final RequestData reqData = new RequestData();
        reqData.setWssConfig(cfg);
        reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();
        config.put(WSHandlerConstants.SIG_PROP_FILE, "crypto_enc.properties");

        verify(encryptedDoc);
    }

    @org.junit.Test
    public void testDecryptionWSHandler() throws Exception {
        final WSSConfig cfg = WSSConfig.getNewInstance();
        final RequestData reqData = new RequestData();
        reqData.setWssConfig(cfg);
        reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();
        config.put(WSHandlerConstants.ENC_PROP_FILE, "crypto_enc.properties");

     * Test signing a message body using a symmetric key with EncryptedKeySHA1.
     * The request is generated using WSHandler, instead of coding it.
     */
    @org.junit.Test
    public void testSymmetricSignatureSHA1Handler() throws Exception {
        final WSSConfig cfg = WSSConfig.getNewInstance();
        RequestData reqData = new RequestData();
        reqData.setWssConfig(cfg);
        java.util.Map<String, Object> messageContext = new java.util.TreeMap<String, Object>();
        messageContext.put(WSHandlerConstants.SIG_KEY_ID, "EncryptedKeySHA1");
        messageContext.put(WSHandlerConstants.SIG_ALGO, SignatureMethod.HMAC_SHA1);

        verify(doc);
    }

    @org.junit.Test
    public void testSignedBSTAction() throws Exception {
        final WSSConfig cfg = WSSConfig.getNewInstance();
        final RequestData reqData = new RequestData();
        reqData.setWssConfig(cfg);
        reqData.setUsername("wss40");

        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();

     * @param doc
     * @throws Exception Thrown when there is a problem in verification
     */
    private List<WSSecurityEngineResult> verify(Document doc) throws Exception {
        WSSecurityEngine secEngine = new WSSecurityEngine();
        WSSConfig config = WSSConfig.getNewInstance();
        config.setValidateSamlSubjectConfirmation(false);
        secEngine.setWssConfig(config);

        List<WSSecurityEngineResult> results =
            secEngine.processSecurityHeader(
                doc, null, null, crypto

    private List<WSSecurityEngineResult> verifyWithoutProfile(Document doc) throws Exception {
        SamlAssertionValidator validator = new SamlAssertionValidator();
        validator.setValidateSignatureAgainstProfile(false);

        WSSecurityEngine secEngine = new WSSecurityEngine();
        WSSConfig config = secEngine.getWssConfig();
        config.setValidator(WSSecurityEngine.SAML_TOKEN, validator);
        config.setValidator(WSSecurityEngine.SAML2_TOKEN, validator);

        List<WSSecurityEngineResult> results =
            secEngine.processSecurityHeader(
                doc, null, null, crypto
            );

    public static void cleanup() throws Exception {
        SecurityTestUtil.cleanup();
    }

    public SamlTokenHOKTest() throws Exception {
        WSSConfig config = WSSConfig.getNewInstance();
        config.setValidateSamlSubjectConfirmation(false);
        secEngine.setWssConfig(config);

        crypto = CryptoFactory.getInstance("crypto.properties");
    }