This sample uses SOAP web services with WSSecurity username token authentication. Clients must authenticate with proper wsse security elements and username
password. You can read more about the Citrus SOAP features in reference guide
The sample project uses both client and server components to demonstrate WSSecurity configuration. The Citrus SOAP web service
server endpoint validates incoming requests using the Spring Wss4jSecurityInterceptor.
First of all we add the dependency spring-ws-security to the Maven POM.
After that we can configure the SOAP client to use WSS4J security username and password for all requests.
The client interceptor list contains the Wss4jSecurityInterceptor security interceptor that automatically adds username and password
tokens in the SOAP header.
The server component has to verify incoming requests to have this token set as expected:
The server security interceptor validates with simple username password handler. As a result only granted users can access
the web services.
When you execute the test client and server operations will send and receive messages with WSSecurity enabled. You will see the security headers
added to the SOAP message headers accordingly.
The sample application uses Maven as build tool. So you can compile, package and test the
sample with Maven.
mvn clean install
This executes the complete Maven build lifecycle. During the build you will see Citrus performing some integration tests.
Execute all Citrus tests by calling
You can also pick a single test by calling
mvn integration-test -Ptest=TodoListIT
You should see Citrus performing several tests with lots of debugging output.
And of course green tests at the very end of the build.
Of course you can also start the Citrus tests from your favorite IDE.
Just start the Citrus test using the TestNG IDE integration in IntelliJ, Eclipse or Netbeans.