org.opensaml.ws.security.provider

Class ClientCertAuthRuleTest

java.lang.Object

junit.framework.Assert

junit.framework.TestCase

org.custommonkey.xmlunit.XMLTestCase

org.opensaml.ws.BaseTestCase

org.opensaml.ws.security.BaseSecurityPolicyRuleTestCase

org.opensaml.ws.security.provider.ClientCertAuthRuleTest

All Implemented Interfaces:

junit.framework.Test, org.custommonkey.xmlunit.XMLConstants, org.custommonkey.xmlunit.XSLTConstants

public class ClientCertAuthRuleTest
extends BaseSecurityPolicyRuleTestCase

Test client certificate authentication security policy rule.

Field Summary

Fields

Modifier and Type	Field and Description
private org.opensaml.ws.security.provider.CertificateNameOptions	certNameOpts
private List<Credential>	credentials
private X509Certificate	entityCert
private String	entityCertBase64
private String	entityCN
private String	entityDNSAltName
private String	entitySubjectDN
private String	entityURIAltName
private BasicX509Credential	entityX509Cred
private org.springframework.mock.web.MockHttpServletRequest	httpRequest
private String	issuer
private X509Certificate	otherCert1
private String	otherCert1Base64
private CollectionCredentialResolver	resolver

Fields inherited from class org.opensaml.ws.security.BaseSecurityPolicyRuleTestCase

messageContext, rule

Fields inherited from class org.opensaml.ws.BaseTestCase

builderFactory, marshallerFactory, parserPool, unmarshallerFactory

Fields inherited from interface org.custommonkey.xmlunit.XSLTConstants

JAVA5_XSLTC_FACTORY_NAME, XSLT_END, XSLT_IDENTITY_TEMPLATE, XSLT_START, XSLT_START_NO_VERSION, XSLT_STRIP_COMMENTS_TEMPLATE, XSLT_STRIP_WHITESPACE, XSLT_XML_OUTPUT_NOINDENT

Fields inherited from interface org.custommonkey.xmlunit.XMLConstants

CLOSE_NODE, END_CDATA, END_COMMENT, END_PROCESSING_INSTRUCTION, OPEN_END_NODE, OPEN_START_NODE, START_CDATA, START_COMMENT, START_DOCTYPE, START_PROCESSING_INSTRUCTION, W3C_XML_SCHEMA_INSTANCE_NO_NAMESPACE_SCHEMA_LOCATION_ATTR, W3C_XML_SCHEMA_INSTANCE_NS_URI, W3C_XML_SCHEMA_INSTANCE_SCHEMA_LOCATION_ATTR, W3C_XML_SCHEMA_INSTANCE_TYPE_ATTR, W3C_XML_SCHEMA_NS_URI, XML_DECLARATION, XMLNS_ATTRIBUTE_URI, XMLNS_PREFIX, XPATH_ATTRIBUTE_IDENTIFIER, XPATH_CHARACTER_NODE_IDENTIFIER, XPATH_COMMENT_IDENTIFIER, XPATH_NODE_INDEX_END, XPATH_NODE_INDEX_START, XPATH_PROCESSING_INSTRUCTION_IDENTIFIER, XPATH_SEPARATOR

Constructor Summary

Constructors

Constructor and Description
ClientCertAuthRuleTest()

Method Summary

Methods

Modifier and Type	Method and Description
protected org.opensaml.ws.transport.InTransport	buildInTransport() Build the inbound message message InTransport that will be set in the message context.
protected org.springframework.mock.web.MockHttpServletRequest	buildServletRequest() Builds a mock HttpServletRequest.
protected void	confirmRequestCert() Sanity check that request cert is there.
protected X509Certificate[]	getRequestCertChain() Get the cert chain from the request's inbound transport adapted HTTPServletRequest.
protected void	setRequestCertChain(X509Certificate[] certChain) Set the cert chain in the message context's inbound transport adapted HTTPServletRequest.
protected void	setUp()
void	testCertIssuerDerivationDNSAltNAme() Test trusted client.
void	testCertIssuerDerivationSubjectCN() Test trusted client.
void	testCertIssuerDerivationSubjectDN() Test trusted client.
void	testCertIssuerDerivationURIAltName() Test trusted client.
void	testClientNotTrusted() Test untrusted client.
void	testClientTrusted() Test trusted client.
void	testUntrustedClientWithCertIssuerDerivations() Test untrusted client.

Methods inherited from class org.opensaml.ws.security.BaseSecurityPolicyRuleTestCase

assertRuleFailure, assertRuleSuccess, buildInboundMessage, buildMessageContext

Methods inherited from class org.opensaml.ws.BaseTestCase

assertEquals, assertEquals, buildXMLObject

Methods inherited from class org.custommonkey.xmlunit.XMLTestCase

assertNodeTestPasses, assertNodeTestPasses, assertNodeTestPasses, assertXMLEqual, assertXMLEqual, assertXMLEqual, assertXMLEqual, assertXMLEqual, assertXMLEqual, assertXMLEqual, assertXMLEqual, assertXMLEqual, assertXMLEqual, assertXMLIdentical, assertXMLIdentical, assertXMLNotEqual, assertXMLNotEqual, assertXMLNotEqual, assertXMLNotEqual, assertXMLNotEqual, assertXMLNotEqual, assertXMLNotEqual, assertXMLNotEqual, assertXMLValid, assertXMLValid, assertXMLValid, assertXMLValid, assertXMLValid, assertXMLValid, assertXMLValid, assertXpathEvaluatesTo, assertXpathEvaluatesTo, assertXpathEvaluatesTo, assertXpathExists, assertXpathExists, assertXpathExists, assertXpathNotExists, assertXpathNotExists, assertXpathNotExists, assertXpathsEqual, assertXpathsEqual, assertXpathsEqual, assertXpathsEqual, assertXpathsEqual, assertXpathsEqual, assertXpathsNotEqual, assertXpathsNotEqual, assertXpathsNotEqual, assertXpathsNotEqual, assertXpathsNotEqual, assertXpathsNotEqual, assertXpathValuesEqual, assertXpathValuesEqual, assertXpathValuesEqual, assertXpathValuesEqual, assertXpathValuesEqual, assertXpathValuesEqual, assertXpathValuesNotEqual, assertXpathValuesNotEqual, assertXpathValuesNotEqual, assertXpathValuesNotEqual, assertXpathValuesNotEqual, assertXpathValuesNotEqual, compareXML, compareXML, compareXML, compareXML, compareXML, compareXML

Methods inherited from class junit.framework.TestCase

countTestCases, createResult, getName, run, run, runBare, runTest, setName, tearDown, toString

Methods inherited from class junit.framework.Assert

assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertFalse, assertFalse, assertNotNull, assertNotNull, assertNotSame, assertNotSame, assertNull, assertNull, assertSame, assertSame, assertTrue, assertTrue, fail, fail, failNotEquals, failNotSame, failSame

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

entitySubjectDN

private String entitySubjectDN

entityCN

private String entityCN

entityDNSAltName

private String entityDNSAltName

entityURIAltName

private String entityURIAltName

entityCert

private X509Certificate entityCert

entityCertBase64

private String entityCertBase64

otherCert1

private X509Certificate otherCert1

otherCert1Base64

private String otherCert1Base64

resolver

private CollectionCredentialResolver resolver

credentials

private List<Credential> credentials

entityX509Cred

private BasicX509Credential entityX509Cred

issuer

private String issuer

certNameOpts

private org.opensaml.ws.security.provider.CertificateNameOptions certNameOpts

httpRequest

private org.springframework.mock.web.MockHttpServletRequest httpRequest

Constructor Detail

ClientCertAuthRuleTest

public ClientCertAuthRuleTest()

Method Detail

setUp

protected void setUp()
              throws Exception

Overrides:

setUp in class BaseSecurityPolicyRuleTestCase

Throws:

Exception

testClientTrusted

public void testClientTrusted()

Test trusted client. Prior context issuer set.

testClientNotTrusted

public void testClientNotTrusted()

Test untrusted client.

testCertIssuerDerivationSubjectDN

public void testCertIssuerDerivationSubjectDN()

Test trusted client. No context issuer. Derive issuer from subject DN.

testCertIssuerDerivationSubjectCN

public void testCertIssuerDerivationSubjectCN()

Test trusted client. No context issuer. Derive issuer from subject common name (CN).

testCertIssuerDerivationDNSAltNAme

public void testCertIssuerDerivationDNSAltNAme()

Test trusted client. No context issuer. Derive issuer from DNS alt name.

testCertIssuerDerivationURIAltName

public void testCertIssuerDerivationURIAltName()

Test trusted client. No context issuer. Derive issuer from URI alt name.

testUntrustedClientWithCertIssuerDerivations

public void testUntrustedClientWithCertIssuerDerivations()

Test untrusted client. No context issuer. Context authN state should be unattempted, since certificate derivation attempts shouldn't count against them.

buildServletRequest

protected org.springframework.mock.web.MockHttpServletRequest buildServletRequest()

Builds a mock HttpServletRequest.

Returns:

the mock request

buildInTransport

protected org.opensaml.ws.transport.InTransport buildInTransport()

Build the inbound message message InTransport that will be set in the message context.

Overrides:

buildInTransport in class BaseSecurityPolicyRuleTestCase

Returns:

InTransport

setRequestCertChain

protected void setRequestCertChain(X509Certificate[] certChain)

Set the cert chain in the message context's inbound transport adapted HTTPServletRequest.

Parameters:

certChain - the cert chain to set

getRequestCertChain

protected X509Certificate[] getRequestCertChain()

Get the cert chain from the request's inbound transport adapted HTTPServletRequest.

Returns:

the cert chain

confirmRequestCert

protected void confirmRequestCert()

Sanity check that request cert is there.