List of usage examples for org.w3c.dom Document getElementsByTagNameNS
public NodeList getElementsByTagNameNS(String namespaceURI, String localName);
NodeList of all the Elements with a given local name and namespace URI in document order. From source file:test.be.fedict.eid.dss.DigitalSignatureServiceTest.java
@Test public void testSignedDocument() throws Exception { // setup//from www .j ava2 s . co m String documentStr = "<document><data id=\"id\">hello world</data></document>"; Document document = loadDocument(documentStr); signDocument(document); String signedDocument = toString(document); LOG.debug("signed document: " + signedDocument); NodeList signatureNodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); assertEquals(1, signatureNodeList.getLength()); DigitalSignatureServiceClient client = new DigitalSignatureServiceClient(); // operate boolean result = client.verify(signedDocument.getBytes(), "text/xml"); // verify assertTrue(result); }
From source file:test.integ.be.agiv.security.ClaimsAwareServiceTest.java
@Test public void testSecuritySecondaryParameters() throws Exception { Service service = new Service(); IService iservice = service.getWS2007FederationHttpBindingIService(); BindingProvider bindingProvider = (BindingProvider) iservice; bindingProvider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, ClaimsAwareServiceFactory.SERVICE_LOCATION); InputStream wsdlInputStream = CrabReadTest.class.getResourceAsStream("/ClaimsAwareService.wsdl"); assertNotNull(wsdlInputStream);/*w w w . j av a2 s.c o m*/ DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); Document wsdlDocument = documentBuilder.parse(wsdlInputStream); NodeList requestSecurityTokenTemplateNodeList = wsdlDocument .getElementsByTagNameNS(WSConstants.WS_SECURITY_POLICY_NAMESPACE, "RequestSecurityTokenTemplate"); assertEquals(1, requestSecurityTokenTemplateNodeList.getLength()); Element requestSecurityTokenTemplateElement = (Element) requestSecurityTokenTemplateNodeList.item(0); NodeList secondaryParametersNodeList = requestSecurityTokenTemplateElement.getChildNodes(); IPSTSClient ipStsClient = new IPSTSClient( "https://auth.beta.agiv.be/ipsts/Services/DaliSecurityTokenServiceConfiguration.svc/IWSTrust13", AGIVSecurity.BETA_REALM, secondaryParametersNodeList); SecurityToken ipStsSecurityToken = ipStsClient.getSecurityToken(this.config.getUsername(), this.config.getPassword()); RSTSClient rStsClient = new RSTSClient( "https://auth.beta.agiv.be/sts/Services/SalvadorSecurityTokenServiceConfiguration.svc/IWSTrust13"); SecurityToken rStsSecurityToken = rStsClient.getSecurityToken(ipStsSecurityToken, ClaimsAwareServiceFactory.SERVICE_REALM); Binding binding = bindingProvider.getBinding(); List<Handler> handlerChain = binding.getHandlerChain(); WSAddressingHandler wsAddressingHandler = new WSAddressingHandler(); handlerChain.add(wsAddressingHandler); WSSecurityHandler wsSecurityHandler = new WSSecurityHandler(); handlerChain.add(wsSecurityHandler); handlerChain.add(new LoggingHandler()); binding.setHandlerChain(handlerChain); wsAddressingHandler.setAddressing("http://www.agiv.be/IService/GetData", ClaimsAwareServiceFactory.SERVICE_LOCATION); wsSecurityHandler.setKey(rStsSecurityToken.getKey(), rStsSecurityToken.getAttachedReference(), rStsSecurityToken.getToken(), true); ArrayOfClaimInfo result = iservice.getData(0); List<ClaimInfo> claims = result.getClaimInfo(); boolean myName = false; for (ClaimInfo claim : claims) { LOG.debug(claim.getName() + " = " + claim.getValue()); if (this.config.getUsername().equals(claim.getValue())) { myName = true; } } assertTrue(myName); }
From source file:test.integ.be.agiv.security.CrabReadTest.java
@Test public void testIPSTS() throws Exception { InputStream wsdlInputStream = CrabReadTest.class.getResourceAsStream("/CrabReadService.wsdl"); assertNotNull(wsdlInputStream);/*from ww w. j a v a 2 s . com*/ DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); Document wsdlDocument = documentBuilder.parse(wsdlInputStream); NodeList requestSecurityTokenTemplateNodeList = wsdlDocument .getElementsByTagNameNS(WSConstants.WS_SECURITY_POLICY_NAMESPACE, "RequestSecurityTokenTemplate"); assertEquals(1, requestSecurityTokenTemplateNodeList.getLength()); Element requestSecurityTokenTemplateElement = (Element) requestSecurityTokenTemplateNodeList.item(0); LOG.debug("RequestSecurityTokenTemplate: " + toString(requestSecurityTokenTemplateElement)); NodeList secondaryParametersNodeList = requestSecurityTokenTemplateElement.getChildNodes(); IPSTSClient ipstsClient = new IPSTSClient( "https://auth.beta.agiv.be/ipsts/Services/DaliSecurityTokenServiceConfiguration.svc/CertificateMessage", AGIVSecurity.BETA_REALM); // // urn:agiv.be/crab/beta SecurityToken ipStsSecurityToken = ipstsClient.getSecuritytoken(this.config.getCertificate(), this.config.getPrivateKey()); RSTSClient rstsClient = new RSTSClient( "https://auth.beta.agiv.be/sts/Services/SalvadorSecurityTokenServiceConfiguration.svc/IWSTrust13"); SecurityToken rStsSecurityToken = rstsClient.getSecurityToken(ipStsSecurityToken, "urn:agiv.be/crab/beta"); LOG.debug("R-STS token received"); SecureConversationClient secureConversationClient = new SecureConversationClient( "http://crab.beta.agiv.be/Read/CrabReadService.svc/wsfedsc"); SecurityToken secureConversationToken = secureConversationClient .getSecureConversationToken(rStsSecurityToken); CrabReadService crabReadService = new CrabReadService(); ICrabRead iCrabRead = crabReadService.getWS2007FederationHttpBindingICrabRead(new AddressingFeature()); BindingProvider bindingProvider = (BindingProvider) iCrabRead; bindingProvider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http://crab.beta.agiv.be/Read/CrabReadService.svc/wsfedsc"); Binding binding = bindingProvider.getBinding(); List<Handler> handlerChain = binding.getHandlerChain(); WSSecurityHandler wsSecurityHandler = new WSSecurityHandler(); SecureConversationTokenTestProvider secureConversationTokenProvider = new SecureConversationTokenTestProvider( secureConversationToken); handlerChain.add(new SecureConversationHandler(secureConversationTokenProvider, wsSecurityHandler, "urn:agiv.be/crab/beta")); handlerChain.add(wsSecurityHandler); iCrabRead.findStraat("Vilvoorde", "Blaesenbergstraat"); }
From source file:test.integ.be.agiv.security.GipodTest.java
@Test public void testGipodManualSecurity() throws Exception { InputStream wsdlInputStream = CrabReadTest.class.getResourceAsStream("/GipodService.wsdl"); assertNotNull(wsdlInputStream);//from w w w . jav a2 s.co m DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); Document wsdlDocument = documentBuilder.parse(wsdlInputStream); NodeList requestSecurityTokenTemplateNodeList = wsdlDocument .getElementsByTagNameNS(WSConstants.WS_SECURITY_POLICY_NAMESPACE, "RequestSecurityTokenTemplate"); assertEquals(1, requestSecurityTokenTemplateNodeList.getLength()); Element requestSecurityTokenTemplateElement = (Element) requestSecurityTokenTemplateNodeList.item(0); NodeList secondaryParametersNodeList = requestSecurityTokenTemplateElement.getChildNodes(); IPSTSClient ipstsClient = new IPSTSClient( "https://auth.beta.agiv.be/ipsts/Services/DaliSecurityTokenServiceConfiguration.svc/IWSTrust13", AGIVSecurity.BETA_REALM, secondaryParametersNodeList); SecurityToken ipStsSecurityToken = ipstsClient.getSecurityToken(this.config.getUsername(), this.config.getPassword()); RSTSClient rstsClient = new RSTSClient( "https://auth.beta.agiv.be/sts/Services/SalvadorSecurityTokenServiceConfiguration.svc/IWSTrust13"); SecurityToken rStsSecurityToken = rstsClient.getSecurityToken(ipStsSecurityToken, "urn:agiv.be/gipodbeta"); // "https://wsgipod.beta.agiv.be/SOAP/GipodService.svc"); WSSecurityHandler wsSecurityHandler = new WSSecurityHandler(); TestSecurityTokenProvider securityTokenProvider = new TestSecurityTokenProvider(); securityTokenProvider.addSecurityToken("https://wsgipod.beta.agiv.be/SOAP/GipodService.svc", rStsSecurityToken); AuthenticationHandler authenticationHandler = new AuthenticationHandler(securityTokenProvider, wsSecurityHandler, null); GipodService service = new GipodService(); IGipodService iGipodService = service.getWS2007FederationHttpBindingIGipodService(new AddressingFeature()); BindingProvider bindingProvider = (BindingProvider) iGipodService; bindingProvider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "https://wsgipod.beta.agiv.be/SOAP/GipodService.svc"); Binding binding = bindingProvider.getBinding(); List<Handler> handlerChain = binding.getHandlerChain(); handlerChain.add(authenticationHandler); handlerChain.add(wsSecurityHandler); binding.setHandlerChain(handlerChain); iGipodService.getListLand(); }
From source file:test.integ.be.fedict.eid.idp.WSFederationTest.java
@Test public void testSAML2AssertionTokenSignature() throws Exception { InputStream documentInputStream = WSFederationTest.class .getResourceAsStream("/eid-idp-ws-fed-response.xml"); assertNotNull(documentInputStream);/* w w w .j a v a2 s .com*/ DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); Document wsFedDocument = documentBuilder.parse(documentInputStream); NodeList assertionNodeList = wsFedDocument.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "Assertion"); assertEquals(1, assertionNodeList.getLength()); Element assertionElement = (Element) assertionNodeList.item(0); Document tokenDocument = documentBuilder.newDocument(); Node assertionTokenNode = tokenDocument.importNode(assertionElement, true); tokenDocument.appendChild(assertionTokenNode); LOG.debug("assertion token: " + toString(tokenDocument)); NodeList signatureNodeList = tokenDocument.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature"); assertEquals(1, signatureNodeList.getLength()); Element signatureElement = (Element) signatureNodeList.item(0); XMLSignature xmlSignature = new XMLSignature(signatureElement, ""); KeyInfo keyInfo = xmlSignature.getKeyInfo(); X509Certificate certificate = keyInfo.getX509Certificate(); boolean result = xmlSignature.checkSignatureValue(certificate); assertTrue(result); }
From source file:test.integ.be.fedict.eid.idp.WSFederationTest.java
@Test public void testSecurityTokenServiceClient() throws Exception { SecurityTokenServiceClient securityTokenServiceClient = new SecurityTokenServiceClient( "http://localhost/eid-idp/ws/sts"); InputStream documentInputStream = WSFederationTest.class .getResourceAsStream("/eid-idp-ws-fed-response.xml"); assertNotNull(documentInputStream);/*from w w w. jav a 2s . c o m*/ DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); Document wsFedDocument = documentBuilder.parse(documentInputStream); NodeList assertionNodeList = wsFedDocument.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "Assertion"); assertEquals(1, assertionNodeList.getLength()); Element assertionElement = (Element) assertionNodeList.item(0); securityTokenServiceClient.validateToken(assertionElement, "https://www.e-contract.be:443/eid-idp-sp/wsfed-landing"); }
From source file:test.unit.be.agiv.security.client.RSTSClientTest.java
private void checkSignature(String ipStsRequestResource, String ipStsResponseResource, String rStsRequestResource) throws Exception { Init.init();// ww w . j a v a 2s .c o m DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); InputStream ipStsRequestInputStream = RSTSClientTest.class.getResourceAsStream(ipStsRequestResource); Document ipStsRequest = documentBuilder.parse(ipStsRequestInputStream); InputStream ipStsResponseInputStream = RSTSClientTest.class.getResourceAsStream(ipStsResponseResource); Document ipStsResponse = documentBuilder.parse(ipStsResponseInputStream); InputStream rStsRequestInputStream = RSTSClientTest.class.getResourceAsStream(rStsRequestResource); Document rStsRequest = documentBuilder.parse(rStsRequestInputStream); TestUtils.markAllIdAttributesAsId(rStsRequest); Node clientEntropyNode = XPathAPI.selectSingleNode(ipStsRequest, "soap12:Envelope/soap12:Body/trust:RequestSecurityToken/trust:Entropy/trust:BinarySecret/text()", getNSElement(ipStsRequest)); byte[] clientEntropy = Base64.decode(clientEntropyNode.getTextContent()); LOG.debug("client entropy size: " + clientEntropy.length); Node serverEntropyNode = XPathAPI.selectSingleNode(ipStsResponse, "soap12:Envelope/soap12:Body/trust:RequestSecurityTokenResponseCollection/trust:RequestSecurityTokenResponse/trust:Entropy/trust:BinarySecret/text()", getNSElement(ipStsResponse)); byte[] serverEntropy = Base64.decode(serverEntropyNode.getTextContent()); LOG.debug("server entropy size: " + serverEntropy.length); NodeList signatureNodeList = rStsRequest.getElementsByTagNameNS(Constants.SignatureSpecNS, "Signature"); assertEquals(1, signatureNodeList.getLength()); Element signatureElement = (Element) signatureNodeList.item(0); XMLSignature xmlSignature = new XMLSignature(signatureElement, null); P_SHA1 p_SHA1 = new P_SHA1(); byte[] secretKey = p_SHA1.createKey(clientEntropy, serverEntropy, 0, 256 / 8); LOG.debug("secret key size: " + secretKey.length); Key key = WSSecurityUtil.prepareSecretKey(SignatureMethod.HMAC_SHA1, secretKey); boolean result = xmlSignature.checkSignatureValue(key); SignedInfo signedInfo = xmlSignature.getSignedInfo(); boolean refsResult = signedInfo.verifyReferences(); assertTrue(refsResult); assertTrue(result); }
From source file:test.unit.be.agiv.security.client.SecureConversationClientTest.java
@Test public void testCheckSignature() throws Exception { Init.init();// ww w . j a va2 s.c o m DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); InputStream rStsResponseInputStream = SecureConversationClientTest.class .getResourceAsStream("/r-sts-response.xml"); Document rStsResponse = documentBuilder.parse(rStsResponseInputStream); InputStream secConvRequestInputStream = SecureConversationClientTest.class .getResourceAsStream("/secure-conversation-request.xml"); Document secConvRequest = documentBuilder.parse(secConvRequestInputStream); TestUtils.markAllIdAttributesAsId(secConvRequest); Node requestedProofTokenNode = XPathAPI.selectSingleNode(rStsResponse, "soap12:Envelope/soap12:Body/trust:RequestSecurityTokenResponseCollection/trust:RequestSecurityTokenResponse/trust:RequestedProofToken/trust:BinarySecret/text()", getNSElement(rStsResponse)); byte[] requestedProofToken = Base64.decode(requestedProofTokenNode.getTextContent()); LOG.debug("requested proof token size: " + requestedProofToken.length); NodeList signatureNodeList = secConvRequest.getElementsByTagNameNS(Constants.SignatureSpecNS, "Signature"); assertEquals(1, signatureNodeList.getLength()); Element signatureElement = (Element) signatureNodeList.item(0); XMLSignature xmlSignature = new XMLSignature(signatureElement, null); Key key = WSSecurityUtil.prepareSecretKey(SignatureMethod.HMAC_SHA1, requestedProofToken); boolean result = xmlSignature.checkSignatureValue(key); SignedInfo signedInfo = xmlSignature.getSignedInfo(); boolean refsResult = signedInfo.verifyReferences(); assertTrue(refsResult); assertTrue(result); }
From source file:test.unit.be.agiv.security.client.SecureConversationClientTest.java
@Test public void testCheckClaimsAwareServiceSignature() throws Exception { Init.init();//from w w w . ja va2 s .co m DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); InputStream secConvRequestInputStream = SecureConversationClientTest.class .getResourceAsStream("/secure-conversation-request.xml"); Document secConvRequest = documentBuilder.parse(secConvRequestInputStream); InputStream secConvResponseInputStream = SecureConversationClientTest.class .getResourceAsStream("/secure-conversation-response.xml"); Document secConvResponse = documentBuilder.parse(secConvResponseInputStream); InputStream requestInputStream = SecureConversationClientTest.class .getResourceAsStream("/claims-aware-service-request.xml"); Document request = documentBuilder.parse(requestInputStream); TestUtils.markAllIdAttributesAsId(request); Node clientEntropyNode = XPathAPI.selectSingleNode(secConvRequest, "soap12:Envelope/soap12:Body/trust:RequestSecurityToken/trust:Entropy/trust:BinarySecret/text()", getNSElement(secConvRequest)); byte[] clientEntropy = Base64.decode(clientEntropyNode.getTextContent()); LOG.debug("client entropy size: " + clientEntropy.length); Node serverEntropyNode = XPathAPI.selectSingleNode(secConvResponse, "soap12:Envelope/soap12:Body/trust:RequestSecurityTokenResponseCollection/trust:RequestSecurityTokenResponse/trust:Entropy/trust:BinarySecret/text()", getNSElement(secConvResponse)); byte[] serverEntropy = Base64.decode(serverEntropyNode.getTextContent()); LOG.debug("server entropy size: " + serverEntropy.length); NodeList signatureNodeList = request.getElementsByTagNameNS(Constants.SignatureSpecNS, "Signature"); assertEquals(1, signatureNodeList.getLength()); Element signatureElement = (Element) signatureNodeList.item(0); XMLSignature xmlSignature = new XMLSignature(signatureElement, null); P_SHA1 p_SHA1 = new P_SHA1(); byte[] secretKey = p_SHA1.createKey(clientEntropy, serverEntropy, 0, 256 / 8); LOG.debug("secret key size: " + secretKey.length); Key key = WSSecurityUtil.prepareSecretKey(SignatureMethod.HMAC_SHA1, secretKey); boolean result = xmlSignature.checkSignatureValue(key); SignedInfo signedInfo = xmlSignature.getSignedInfo(); boolean refsResult = signedInfo.verifyReferences(); assertTrue(refsResult); assertTrue(result); }
From source file:test.unit.be.agiv.security.handler.WSSecurityHandlerTest.java
@Test public void testSignature() throws Exception { // setup//ww w .j a v a2 s .com SOAPMessageContext mockContext = EasyMock.createMock(SOAPMessageContext.class); EasyMock.expect(mockContext.get("javax.xml.ws.handler.message.outbound")).andStubReturn(Boolean.TRUE); byte[] secret = new byte[256 / 8]; SecureRandom secureRandom = new SecureRandom(); secureRandom.nextBytes(secret); String tokenIdentifier = "#saml-token-test"; this.testedInstance.setKey(secret, tokenIdentifier, null, false); InputStream requestInputStream = WSSecurityHandlerTest.class .getResourceAsStream("/r-sts-request-before-signing.xml"); SOAPMessage soapMessage = MessageFactory.newInstance(SOAPConstants.SOAP_1_2_PROTOCOL).createMessage(null, requestInputStream); EasyMock.expect(mockContext.getMessage()).andStubReturn(soapMessage); // prepare EasyMock.replay(mockContext); // operate boolean result = this.testedInstance.handleMessage(mockContext); // verify EasyMock.verify(mockContext); assertTrue(result); ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); soapMessage.writeTo(outputStream); LOG.debug("SOAP message: " + new String(outputStream.toByteArray())); DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(outputStream.toByteArray()); Document resultDocument = documentBuilder.parse(byteArrayInputStream); TestUtils.markAllIdAttributesAsId(resultDocument); NodeList signatureNodeList = resultDocument.getElementsByTagNameNS(Constants.SignatureSpecNS, "Signature"); assertEquals(1, signatureNodeList.getLength()); Element signatureElement = (Element) signatureNodeList.item(0); XMLSignature xmlSignature = new XMLSignature(signatureElement, null); Key key = WSSecurityUtil.prepareSecretKey(SignatureMethod.HMAC_SHA1, secret); boolean signatureResult = xmlSignature.checkSignatureValue(key); assertTrue(signatureResult); LOG.debug("signed SOAP: " + toString(resultDocument)); }