if (appliesToAddress != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(appliesToAddress)); audienceRestrictions.add(audienceRestriction); if (address != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(address)); audienceRestrictions.add(audienceRestriction); if (address != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(address)); audienceRestrictions.add(audienceRestriction);
if (appliesToAddress != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(appliesToAddress)); audienceRestrictions.add(audienceRestriction); if (address != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(address)); audienceRestrictions.add(audienceRestriction); if (address != null) { AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList(address)); audienceRestrictions.add(audienceRestriction);
List<AudienceRestrictionBean> audienceRestrictions = new ArrayList<>(); AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList( service.getServiceName().toString())); audienceRestrictions.add(audienceRestriction);
@Test public void testUnsignedSAML2AudienceRestrictionTokenURI() throws Exception { QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService"); QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort"); URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl"); HelloWorldService service = new HelloWorldService(wsdl, serviceName); String response = new String("Bonjour"); HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class); SamlCallbackHandler callbackHandler = new SamlCallbackHandler(); callbackHandler.setSignAssertion(true); callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER); ConditionsBean conditions = new ConditionsBean(); conditions.setTokenPeriodMinutes(5); List<String> audiences = new ArrayList<>(); audiences.add("jms:jndi:dynamicQueues/test.jmstransport.text"); AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean(); audienceRestrictionBean.setAudienceURIs(audiences); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean)); callbackHandler.setConditions(conditions); Map<String, Object> outProperties = new HashMap<>(); outProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED); outProperties.put(ConfigurationConstants.SAML_CALLBACK_REF, callbackHandler); WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties); Client client = ClientProxy.getClient(greeter); client.getOutInterceptors().add(outInterceptor); String reply = greeter.sayHi(); assertNotNull("no response received from service", reply); assertEquals(response, reply); ((java.io.Closeable)greeter).close(); }
@Test public void testUnsignedSAML2AudienceRestrictionTokenServiceName() throws Exception { QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService"); QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort"); URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl"); HelloWorldService service = new HelloWorldService(wsdl, serviceName); String response = new String("Bonjour"); HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class); SamlCallbackHandler callbackHandler = new SamlCallbackHandler(); callbackHandler.setSignAssertion(true); callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER); ConditionsBean conditions = new ConditionsBean(); conditions.setTokenPeriodMinutes(5); List<String> audiences = new ArrayList<>(); audiences.add("{http://cxf.apache.org/hello_world_jms}HelloWorldService"); AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean(); audienceRestrictionBean.setAudienceURIs(audiences); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean)); callbackHandler.setConditions(conditions); Map<String, Object> outProperties = new HashMap<>(); outProperties.put(ConfigurationConstants.ACTION, ConfigurationConstants.SAML_TOKEN_UNSIGNED); outProperties.put(ConfigurationConstants.SAML_CALLBACK_REF, callbackHandler); WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties); Client client = ClientProxy.getClient(greeter); client.getOutInterceptors().add(outInterceptor); String reply = greeter.sayHi(); assertNotNull("no response received from service", reply); assertEquals(response, reply); ((java.io.Closeable)greeter).close(); }
audiences.add("{http://cxf.apache.org/hello_world_jms}BadHelloWorldService"); AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean(); audienceRestrictionBean.setAudienceURIs(audiences); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
List<AudienceRestrictionBean> audienceRestrictions = new ArrayList<>(); AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList( "https://localhost:" + portNumber + "/DoubleItSaml2Transport2")); audienceRestrictions.add(audienceRestriction); audienceRestriction.setAudienceURIs(Collections.singletonList( "https://localhost:" + portNumber + "/DoubleItSaml2Transport2unknown")); audienceRestrictions.clear();
audiences.add("jms:jndi:dynamicQueues/test.jmstransport.text.bad"); AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean(); audienceRestrictionBean.setAudienceURIs(audiences); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
List<AudienceRestrictionBean> audienceRestrictions = new ArrayList<>(); AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean(); audienceRestriction.setAudienceURIs(Collections.singletonList( service.getServiceName().toString() + ".xyz")); audienceRestrictions.add(audienceRestriction);
audienceRestriction.setAudienceURIs(Collections.singletonList(requestIssuer)); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction)); callbackHandler.setConditions(conditions);
audienceRestriction.setAudienceURIs(Collections.singletonList("https://sp.example.com/SAML2")); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
audienceRestriction.setAudienceURIs(Collections.singletonList(audience)); conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));