You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by Andreas Veithen <an...@gmail.com> on 2012/01/09 09:16:54 UTC
Re: svn commit: r1228870 - in /axis/axis2/java/rampart/trunk/modules:
rampart-core/src/main/java/org/apache/rampart/ rampart-integration/
rampart-integration/src/test/java/org/apache/rampart/ rampart-integration/src/test/resources/rampart/
rampart-in
That change causes a builds failure (see the mails from Jenkins). Can
you please fix that?
Andreas
On Sun, Jan 8, 2012 at 16:34, <am...@apache.org> wrote:
> Author: amilaj
> Date: Sun Jan 8 15:34:56 2012
> New Revision: 1228870
>
> URL: http://svn.apache.org/viewvc?rev=1228870&view=rev
> Log:
> Fixing issue RAMPART-269. Also added an integration test case
>
> Added:
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
> Modified:
> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>
> Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1228870&r1=1228869&r2=1228870&view=diff
> ==============================================================================
> --- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java (original)
> +++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java Sun Jan 8 15:34:56 2012
> @@ -311,6 +311,16 @@ public class RampartEngine {
> }
> } else if (WSConstants.SIGN == actInt.intValue()) {
> X509Certificate cert = (X509Certificate) wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
> +
> + if (rpd.isAsymmetricBinding() && cert == null && rpd.getInitiatorToken() != null
> + && !rpd.getInitiatorToken().isDerivedKeys()) {
> +
> + // If symmetric binding is used, the certificate should be null.
> + // If certificate is not null then probably initiator and
> + // recipient are using 2 different bindings.
> + throw new RampartException("invalidSignatureAlgo");
> + }
> +
> msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
> }
>
>
> Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1228870&r1=1228869&r2=1228870&view=diff
> ==============================================================================
> --- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties (original)
> +++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties Sun Jan 8 15:34:56 2012
> @@ -99,4 +99,5 @@ invalidTransport = Expected transport is
> requiredElementsMissing = Required Elements not found in the incoming message : {0}
> repeatingNonceValue = Nonce value : {0}, already seen before for user name : {1}. Possibly this could be a replay attack.
> invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart configuration file.
> -invalidIssuerAddress = Invalid value for Issuer
> \ No newline at end of file
> +invalidIssuerAddress = Invalid value for Issuer
> +invalidSignatureAlgo=Invalid signature algorithm for Asymmetric binding
> \ No newline at end of file
>
> Modified: axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml?rev=1228870&r1=1228869&r2=1228870&view=diff
> ==============================================================================
> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml (original)
> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml Sun Jan 8 15:34:56 2012
> @@ -273,6 +273,11 @@
> <copy overwrite="yes" file="src/test/resources/rampart/services-33.xml" tofile="target/temp-ramp/META-INF/services.xml" />
> <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar" basedir="target/temp-ramp" />
>
> + <!-- Service 34 -->
> + <copy overwrite="yes" file="src/test/resources/rampart/services-34.xml" tofile="target/temp-ramp/META-INF/services.xml" />
> + <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar" basedir="target/temp-ramp" />
> +
> +
> <!-- Service SC-1 -->
> <copy overwrite="yes" file="src/test/resources/rampart/issuer.properties" tofile="target/temp-ramp/issuer.properties" />
> <copy overwrite="yes" file="src/test/resources/rampart/services-sc-1.xml" tofile="target/temp-ramp/META-INF/services.xml" />
>
> Modified: axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=1228870&r1=1228869&r2=1228870&view=diff
> ==============================================================================
> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java (original)
> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java Sun Jan 8 15:34:56 2012
> @@ -36,11 +36,24 @@ import org.apache.axis2.integration.Util
> import org.apache.neethi.Policy;
> import org.apache.neethi.PolicyEngine;
>
> +import java.util.MissingResourceException;
> +import java.util.ResourceBundle;
> +
>
> public class RampartTest extends TestCase {
>
> public final static int PORT = UtilServer.TESTING_PORT;
>
> + private static ResourceBundle resources;
> +
> + static {
> + try {
> + resources = ResourceBundle.getBundle("org.apache.rampart.errors");
> + } catch (MissingResourceException e) {
> + throw new RuntimeException(e.getMessage());
> + }
> + }
> +
> public RampartTest(String name) {
> super(name);
> }
> @@ -83,7 +96,7 @@ public class RampartTest extends TestCas
> "Unlimited Strength Jurisdiction Policy !!!");
> }
>
> - for (int i = 1; i <= 33; i++) { //<-The number of tests we have
> + for (int i = 1; i <= 34; i++) { //<-The number of tests we have
> if(!basic256Supported && (i == 3 || i == 4 || i == 5)) {
> //Skip the Basic256 tests
> continue;
> @@ -122,18 +135,32 @@ public class RampartTest extends TestCas
> serviceClient.addHeader(header);
> }
>
> - // Invoking the serive in the TestCase-28 should fail. So handling it differently..
> - if (i == 28) {
> + // Invoking the service in the TestCase-28 should fail. So handling it differently..
> + if (i == 28 || i == 34) {
> try {
> +
> //Blocking invocation
> serviceClient.sendReceive(getOMElement());
> - fail("Service Should throw an error..");
> +
> + String message = "";
> +
> + if (i == 34) {
> + message = "Test case 34 should fail. We are running the service in symmetric binding mode " +
> + "and client in asymmetric binding mode. Therefore test case 34 should fail.";
> + }
> +
> + fail("Service Should throw an error - " + message);
>
> } catch (AxisFault axisFault) {
> - assertEquals("Expected encrypted part missing", axisFault.getMessage());
> +
> + if (i == 28) {
> + assertEquals(resources.getString("encryptionMissing"), axisFault.getMessage());
> + } else if (i == 34) {
> + assertEquals(resources.getString("invalidSignatureAlgo"), axisFault.getMessage());
> + }
> +
> }
> }
> -
> else{
> //Blocking invocation
> serviceClient.sendReceive(getEchoElement());
>
> Added: axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml?rev=1228870&view=auto
> ==============================================================================
> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml (added)
> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml Sun Jan 8 15:34:56 2012
> @@ -0,0 +1,102 @@
> +<?xml version="1.0" encoding="UTF-8"?>
> +<!--
> + !
> + ! Copyright 2006 The Apache Software Foundation.
> + !
> + ! Licensed under the Apache License, Version 2.0 (the "License");
> + ! you may not use this file except in compliance with the License.
> + ! You may obtain a copy of the License at
> + !
> + ! http://www.apache.org/licenses/LICENSE-2.0
> + !
> + ! Unless required by applicable law or agreed to in writing, software
> + ! distributed under the License is distributed on an "AS IS" BASIS,
> + ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
> + ! See the License for the specific language governing permissions and
> + ! limitations under the License.
> + !-->
> +
> +<wsp:Policy wsu:Id="SigEncr"
> + xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> + xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> + <wsp:ExactlyOne>
> + <wsp:All>
> + <sp:SymmetricBinding>
> + <wsp:Policy>
> + <sp:ProtectionToken>
> + <wsp:Policy>
> + <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> + <wsp:Policy>
> + <sp:RequireThumbprintReference/>
> + <sp:WssX509V3Token10/>
> + </wsp:Policy>
> + </sp:X509Token>
> + </wsp:Policy>
> + </sp:ProtectionToken>
> + <sp:AlgorithmSuite>
> + <wsp:Policy>
> + <sp:Basic256/>
> + </wsp:Policy>
> + </sp:AlgorithmSuite>
> + <sp:Layout>
> + <wsp:Policy>
> + <sp:Lax/>
> + </wsp:Policy>
> + </sp:Layout>
> + <sp:IncludeTimestamp/>
> + <sp:OnlySignEntireHeadersAndBody/>
> + </wsp:Policy>
> + </sp:SymmetricBinding>
> + <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> + <wsp:Policy>
> + <sp:MustSupportRefKeyIdentifier/>
> + <sp:MustSupportRefIssuerSerial/>
> + </wsp:Policy>
> + </sp:Wss10>
> + <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> + <sp:Body/>
> + </sp:SignedParts>
> + <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> + <sp:Body/>
> + </sp:EncryptedParts>
> +
> + <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
> + <ramp:user>alice</ramp:user>
> + <ramp:encryptionUser>bob</ramp:encryptionUser>
> + <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
> + </ramp:passwordCallbackClass>
> +
> + <ramp:signatureCrypto>
> + <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
> + <ramp:property
> + name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
> + </ramp:property>
> + <ramp:property name="org.apache.ws.security.crypto.merlin.file">
> + rampart/store.jks
> + </ramp:property>
> + <ramp:property
> + name="org.apache.ws.security.crypto.merlin.keystore.password">
> + password
> + </ramp:property>
> + </ramp:crypto>
> + </ramp:signatureCrypto>
> + <ramp:encryptionCypto>
> + <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
> + <ramp:property
> + name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
> + </ramp:property>
> + <ramp:property name="org.apache.ws.security.crypto.merlin.file">
> + rampart/store.jks
> + </ramp:property>
> + <ramp:property
> + name="org.apache.ws.security.crypto.merlin.keystore.password">
> + password
> + </ramp:property>
> + </ramp:crypto>
> + </ramp:encryptionCypto>
> + </ramp:RampartConfig>
> +
> + </wsp:All>
> + </wsp:ExactlyOne>
> +</wsp:Policy>
> \ No newline at end of file
>
> Added: axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml?rev=1228870&view=auto
> ==============================================================================
> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml (added)
> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml Sun Jan 8 15:34:56 2012
> @@ -0,0 +1,113 @@
> +<service name="SecureService34">
> +
> + <module ref="addressing"/>
> + <module ref="rampart"/>
> +
> + <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
> +
> + <operation name="echo">
> + <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
> + <actionMapping>urn:echo</actionMapping>
> + </operation>
> +
> + <operation name="returnError">
> + <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
> + <actionMapping>urn:returnError</actionMapping>
> + </operation>
> +
> + <wsp:Policy wsu:Id="SigEncr"
> + xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
> + <wsp:ExactlyOne>
> + <wsp:All>
> + <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> + <wsp:Policy>
> + <sp:InitiatorToken>
> + <wsp:Policy>
> + <sp:X509Token
> + sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> + <wsp:Policy>
> + <sp:RequireThumbprintReference/>
> + <sp:WssX509V3Token10/>
> + </wsp:Policy>
> + </sp:X509Token>
> + </wsp:Policy>
> + </sp:InitiatorToken>
> + <sp:RecipientToken>
> + <wsp:Policy>
> + <sp:X509Token
> + sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> + <wsp:Policy>
> + <sp:RequireThumbprintReference/>
> + <sp:WssX509V3Token10/>
> + </wsp:Policy>
> + </sp:X509Token>
> + </wsp:Policy>
> + </sp:RecipientToken>
> + <sp:AlgorithmSuite>
> + <wsp:Policy>
> + <sp:TripleDesRsa15/>
> + </wsp:Policy>
> + </sp:AlgorithmSuite>
> + <sp:Layout>
> + <wsp:Policy>
> + <sp:Strict/>
> + </wsp:Policy>
> + </sp:Layout>
> + <sp:IncludeTimestamp/>
> + <sp:OnlySignEntireHeadersAndBody/>
> + </wsp:Policy>
> + </sp:AsymmetricBinding>
> + <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> + <wsp:Policy>
> + <sp:MustSupportRefKeyIdentifier/>
> + <sp:MustSupportRefIssuerSerial/>
> + </wsp:Policy>
> + </sp:Wss10>
> + <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> + <sp:Body/>
> + </sp:SignedParts>
> + <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> + <sp:Body/>
> + </sp:EncryptedParts>
> +
> + <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
> + <ramp:user>alice</ramp:user>
> + <ramp:encryptionUser>bob</ramp:encryptionUser>
> + <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
> + </ramp:passwordCallbackClass>
> +
> + <ramp:signatureCrypto>
> + <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
> + <ramp:property
> + name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
> + </ramp:property>
> + <ramp:property name="org.apache.ws.security.crypto.merlin.file">
> + rampart/store.jks
> + </ramp:property>
> + <ramp:property
> + name="org.apache.ws.security.crypto.merlin.keystore.password">
> + password
> + </ramp:property>
> + </ramp:crypto>
> + </ramp:signatureCrypto>
> + <ramp:encryptionCypto>
> + <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
> + <ramp:property
> + name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
> + </ramp:property>
> + <ramp:property name="org.apache.ws.security.crypto.merlin.file">
> + rampart/store.jks
> + </ramp:property>
> + <ramp:property
> + name="org.apache.ws.security.crypto.merlin.keystore.password">
> + password
> + </ramp:property>
> + </ramp:crypto>
> + </ramp:encryptionCypto>
> + </ramp:RampartConfig>
> + </wsp:All>
> + </wsp:ExactlyOne>
> + </wsp:Policy>
> +
> +</service>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org
Re: svn commit: r1228870 - in /axis/axis2/java/rampart/trunk/modules:
rampart-core/src/main/java/org/apache/rampart/ rampart-integration/
rampart-integration/src/test/java/org/apache/rampart/ rampart-integration/src/test/resources/rampart/
rampart-in
Posted by Andreas Veithen <an...@gmail.com>.
On Mon, Jan 23, 2012 at 06:24, Amila Jayasekara <am...@wso2.com> wrote:
> On Tue, Jan 10, 2012 at 3:12 PM, Andreas Veithen
> <an...@gmail.com> wrote:
>> On Tue, Jan 10, 2012 at 05:22, Amila Jayasekara <am...@wso2.com> wrote:
>>> Hi Andreas,
>>>
>>> I am unable to reproduce this issue in my local environment. I am
>>> trying to force a build in Jenkins, but i am unable to find a link to
>>> do it.
>>> Can u pls let me know how to force a build ?
>>
>> You need to log in with your Apache account. Then you will see a
>> "Build Now" link in the job page. You will also have access to the Job
>> configuration.
>
> Hi Andreas,
>
> I am using my apache account (amilaj). Still i cannot see "Build Now"
> link in any of the pages. Do i need to have special privileges to
> force builds ?
I really don't know. I got my account a long time ago, even before
they switched to LDAP if I remember correctly. You should contact
builds@apache.org with that question.
> Thanks
> AmilaJ
>
>>
>>> Thanks
>>> AmilaJ
>>>
>>> On Mon, Jan 9, 2012 at 5:57 PM, Sagara Gunathunga
>>> <sa...@gmail.com> wrote:
>>>> I just build latest trunk on my local machine successfully seems like issue
>>>> with build server.
>>>>
>>>> Thanks !
>>>>
>>>> On Mon, Jan 9, 2012 at 5:27 PM, Amila Jayasekara <am...@wso2.com> wrote:
>>>>>
>>>>> Hi Andreas,
>>>>>
>>>>> In my local machine, all tests are passing. I am currently
>>>>> investigating the cause for the test failure.
>>>>>
>>>>> Thanks
>>>>> AmilaJ
>>>>>
>>>>> On Mon, Jan 9, 2012 at 1:46 PM, Andreas Veithen
>>>>> <an...@gmail.com> wrote:
>>>>> > That change causes a builds failure (see the mails from Jenkins). Can
>>>>> > you please fix that?
>>>>> >
>>>>> > Andreas
>>>>> >
>>>>> > On Sun, Jan 8, 2012 at 16:34, <am...@apache.org> wrote:
>>>>> >> Author: amilaj
>>>>> >> Date: Sun Jan 8 15:34:56 2012
>>>>> >> New Revision: 1228870
>>>>> >>
>>>>> >> URL: http://svn.apache.org/viewvc?rev=1228870&view=rev
>>>>> >> Log:
>>>>> >> Fixing issue RAMPART-269. Also added an integration test case
>>>>> >>
>>>>> >> Added:
>>>>> >>
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>>>> >>
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>>>> >> Modified:
>>>>> >>
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>>>> >>
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>>>> >>
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>>>> >>
>>>>> >> Modified:
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>>>> >> URL:
>>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>>>>> >>
>>>>> >> ==============================================================================
>>>>> >> ---
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>>>> >> (original)
>>>>> >> +++
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>>>> >> Sun Jan 8 15:34:56 2012
>>>>> >> @@ -311,6 +311,16 @@ public class RampartEngine {
>>>>> >> }
>>>>> >> } else if (WSConstants.SIGN == actInt.intValue()) {
>>>>> >> X509Certificate cert = (X509Certificate)
>>>>> >> wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
>>>>> >> +
>>>>> >> + if (rpd.isAsymmetricBinding() && cert == null &&
>>>>> >> rpd.getInitiatorToken() != null
>>>>> >> + && !rpd.getInitiatorToken().isDerivedKeys()) {
>>>>> >> +
>>>>> >> + // If symmetric binding is used, the certificate
>>>>> >> should be null.
>>>>> >> + // If certificate is not null then probably
>>>>> >> initiator and
>>>>> >> + // recipient are using 2 different bindings.
>>>>> >> + throw new
>>>>> >> RampartException("invalidSignatureAlgo");
>>>>> >> + }
>>>>> >> +
>>>>> >> msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
>>>>> >> }
>>>>> >>
>>>>> >>
>>>>> >> Modified:
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>>>> >> URL:
>>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1228870&r1=1228869&r2=1228870&view=diff
>>>>> >>
>>>>> >> ==============================================================================
>>>>> >> ---
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>>>> >> (original)
>>>>> >> +++
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>>>> >> Sun Jan 8 15:34:56 2012
>>>>> >> @@ -99,4 +99,5 @@ invalidTransport = Expected transport is
>>>>> >> requiredElementsMissing = Required Elements not found in the incoming
>>>>> >> message : {0}
>>>>> >> repeatingNonceValue = Nonce value : {0}, already seen before for user
>>>>> >> name : {1}. Possibly this could be a replay attack.
>>>>> >> invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart
>>>>> >> configuration file.
>>>>> >> -invalidIssuerAddress = Invalid value for Issuer
>>>>> >> \ No newline at end of file
>>>>> >> +invalidIssuerAddress = Invalid value for Issuer
>>>>> >> +invalidSignatureAlgo=Invalid signature algorithm for Asymmetric
>>>>> >> binding
>>>>> >> \ No newline at end of file
>>>>> >>
>>>>> >> Modified:
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>>>> >> URL:
>>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml?rev=1228870&r1=1228869&r2=1228870&view=diff
>>>>> >>
>>>>> >> ==============================================================================
>>>>> >> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>>>> >> (original)
>>>>> >> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>>>> >> Sun Jan 8 15:34:56 2012
>>>>> >> @@ -273,6 +273,11 @@
>>>>> >> <copy overwrite="yes"
>>>>> >> file="src/test/resources/rampart/services-33.xml"
>>>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>>>> >> <jar
>>>>> >> jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar"
>>>>> >> basedir="target/temp-ramp" />
>>>>> >>
>>>>> >> + <!-- Service 34 -->
>>>>> >> + <copy overwrite="yes"
>>>>> >> file="src/test/resources/rampart/services-34.xml"
>>>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>>>> >> + <jar
>>>>> >> jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar"
>>>>> >> basedir="target/temp-ramp" />
>>>>> >> +
>>>>> >> +
>>>>> >> <!-- Service SC-1 -->
>>>>> >> <copy overwrite="yes"
>>>>> >> file="src/test/resources/rampart/issuer.properties"
>>>>> >> tofile="target/temp-ramp/issuer.properties" />
>>>>> >> <copy overwrite="yes"
>>>>> >> file="src/test/resources/rampart/services-sc-1.xml"
>>>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>>>> >>
>>>>> >> Modified:
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>>>> >> URL:
>>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>>>>> >>
>>>>> >> ==============================================================================
>>>>> >> ---
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>>>> >> (original)
>>>>> >> +++
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>>>> >> Sun Jan 8 15:34:56 2012
>>>>> >> @@ -36,11 +36,24 @@ import org.apache.axis2.integration.Util
>>>>> >> import org.apache.neethi.Policy;
>>>>> >> import org.apache.neethi.PolicyEngine;
>>>>> >>
>>>>> >> +import java.util.MissingResourceException;
>>>>> >> +import java.util.ResourceBundle;
>>>>> >> +
>>>>> >>
>>>>> >> public class RampartTest extends TestCase {
>>>>> >>
>>>>> >> public final static int PORT = UtilServer.TESTING_PORT;
>>>>> >>
>>>>> >> + private static ResourceBundle resources;
>>>>> >> +
>>>>> >> + static {
>>>>> >> + try {
>>>>> >> + resources =
>>>>> >> ResourceBundle.getBundle("org.apache.rampart.errors");
>>>>> >> + } catch (MissingResourceException e) {
>>>>> >> + throw new RuntimeException(e.getMessage());
>>>>> >> + }
>>>>> >> + }
>>>>> >> +
>>>>> >> public RampartTest(String name) {
>>>>> >> super(name);
>>>>> >> }
>>>>> >> @@ -83,7 +96,7 @@ public class RampartTest extends TestCas
>>>>> >> "Unlimited Strength Jurisdiction Policy !!!");
>>>>> >> }
>>>>> >>
>>>>> >> - for (int i = 1; i <= 33; i++) { //<-The number of tests we
>>>>> >> have
>>>>> >> + for (int i = 1; i <= 34; i++) { //<-The number of tests we
>>>>> >> have
>>>>> >> if(!basic256Supported && (i == 3 || i == 4 || i == 5))
>>>>> >> {
>>>>> >> //Skip the Basic256 tests
>>>>> >> continue;
>>>>> >> @@ -122,18 +135,32 @@ public class RampartTest extends TestCas
>>>>> >> serviceClient.addHeader(header);
>>>>> >> }
>>>>> >>
>>>>> >> - // Invoking the serive in the TestCase-28 should fail.
>>>>> >> So handling it differently..
>>>>> >> - if (i == 28) {
>>>>> >> + // Invoking the service in the TestCase-28 should
>>>>> >> fail. So handling it differently..
>>>>> >> + if (i == 28 || i == 34) {
>>>>> >> try {
>>>>> >> +
>>>>> >> //Blocking invocation
>>>>> >> serviceClient.sendReceive(getOMElement());
>>>>> >> - fail("Service Should throw an error..");
>>>>> >> +
>>>>> >> + String message = "";
>>>>> >> +
>>>>> >> + if (i == 34) {
>>>>> >> + message = "Test case 34 should fail. We
>>>>> >> are running the service in symmetric binding mode " +
>>>>> >> + "and client in asymmetric
>>>>> >> binding mode. Therefore test case 34 should fail.";
>>>>> >> + }
>>>>> >> +
>>>>> >> + fail("Service Should throw an error - " +
>>>>> >> message);
>>>>> >>
>>>>> >> } catch (AxisFault axisFault) {
>>>>> >> - assertEquals("Expected encrypted part
>>>>> >> missing", axisFault.getMessage());
>>>>> >> +
>>>>> >> + if (i == 28) {
>>>>> >> +
>>>>> >> assertEquals(resources.getString("encryptionMissing"),
>>>>> >> axisFault.getMessage());
>>>>> >> + } else if (i == 34) {
>>>>> >> +
>>>>> >> assertEquals(resources.getString("invalidSignatureAlgo"),
>>>>> >> axisFault.getMessage());
>>>>> >> + }
>>>>> >> +
>>>>> >> }
>>>>> >> }
>>>>> >> -
>>>>> >> else{
>>>>> >> //Blocking invocation
>>>>> >> serviceClient.sendReceive(getEchoElement());
>>>>> >>
>>>>> >> Added:
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>>>> >> URL:
>>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml?rev=1228870&view=auto
>>>>> >>
>>>>> >> ==============================================================================
>>>>> >> ---
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>>>> >> (added)
>>>>> >> +++
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>>>> >> Sun Jan 8 15:34:56 2012
>>>>> >> @@ -0,0 +1,102 @@
>>>>> >> +<?xml version="1.0" encoding="UTF-8"?>
>>>>> >> +<!--
>>>>> >> + !
>>>>> >> + ! Copyright 2006 The Apache Software Foundation.
>>>>> >> + !
>>>>> >> + ! Licensed under the Apache License, Version 2.0 (the "License");
>>>>> >> + ! you may not use this file except in compliance with the License.
>>>>> >> + ! You may obtain a copy of the License at
>>>>> >> + !
>>>>> >> + ! http://www.apache.org/licenses/LICENSE-2.0
>>>>> >> + !
>>>>> >> + ! Unless required by applicable law or agreed to in writing, software
>>>>> >> + ! distributed under the License is distributed on an "AS IS" BASIS,
>>>>> >> + ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>>>>> >> implied.
>>>>> >> + ! See the License for the specific language governing permissions and
>>>>> >> + ! limitations under the License.
>>>>> >> + !-->
>>>>> >> +
>>>>> >> +<wsp:Policy wsu:Id="SigEncr"
>>>>> >> +
>>>>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>>> >> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>>>>> >> +
>>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>> >> + <wsp:ExactlyOne>
>>>>> >> + <wsp:All>
>>>>> >> + <sp:SymmetricBinding>
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:ProtectionToken>
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:X509Token
>>>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>>>>> >> +
>>>>> >> <wsp:Policy>
>>>>> >> +
>>>>> >> <sp:RequireThumbprintReference/>
>>>>> >> +
>>>>> >> <sp:WssX509V3Token10/>
>>>>> >> +
>>>>> >> </wsp:Policy>
>>>>> >> +
>>>>> >> </sp:X509Token>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:ProtectionToken>
>>>>> >> + <sp:AlgorithmSuite>
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:Basic256/>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:AlgorithmSuite>
>>>>> >> + <sp:Layout>
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:Lax/>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:Layout>
>>>>> >> + <sp:IncludeTimestamp/>
>>>>> >> +
>>>>> >> <sp:OnlySignEntireHeadersAndBody/>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:SymmetricBinding>
>>>>> >> + <sp:Wss10
>>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:MustSupportRefKeyIdentifier/>
>>>>> >> + <sp:MustSupportRefIssuerSerial/>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:Wss10>
>>>>> >> + <sp:SignedParts
>>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>> >> + <sp:Body/>
>>>>> >> + </sp:SignedParts>
>>>>> >> + <sp:EncryptedParts
>>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>> >> + <sp:Body/>
>>>>> >> + </sp:EncryptedParts>
>>>>> >> +
>>>>> >> + <ramp:RampartConfig
>>>>> >> xmlns:ramp="http://ws.apache.org/rampart/policy">
>>>>> >> + <ramp:user>alice</ramp:user>
>>>>> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>>>>> >> +
>>>>> >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>>>>> >> + </ramp:passwordCallbackClass>
>>>>> >> +
>>>>> >> + <ramp:signatureCrypto>
>>>>> >> + <ramp:crypto
>>>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>>>> >> + <ramp:property
>>>>> >> +
>>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>>>> >> + </ramp:property>
>>>>> >> + <ramp:property
>>>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>>>> >> + rampart/store.jks
>>>>> >> + </ramp:property>
>>>>> >> + <ramp:property
>>>>> >> +
>>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>>>> >> + password
>>>>> >> + </ramp:property>
>>>>> >> + </ramp:crypto>
>>>>> >> + </ramp:signatureCrypto>
>>>>> >> + <ramp:encryptionCypto>
>>>>> >> + <ramp:crypto
>>>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>>>> >> + <ramp:property
>>>>> >> +
>>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>>>> >> + </ramp:property>
>>>>> >> + <ramp:property
>>>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>>>> >> + rampart/store.jks
>>>>> >> + </ramp:property>
>>>>> >> + <ramp:property
>>>>> >> +
>>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>>>> >> + password
>>>>> >> + </ramp:property>
>>>>> >> + </ramp:crypto>
>>>>> >> + </ramp:encryptionCypto>
>>>>> >> + </ramp:RampartConfig>
>>>>> >> +
>>>>> >> + </wsp:All>
>>>>> >> + </wsp:ExactlyOne>
>>>>> >> +</wsp:Policy>
>>>>> >> \ No newline at end of file
>>>>> >>
>>>>> >> Added:
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>>>> >> URL:
>>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml?rev=1228870&view=auto
>>>>> >>
>>>>> >> ==============================================================================
>>>>> >> ---
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>>>> >> (added)
>>>>> >> +++
>>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>>>> >> Sun Jan 8 15:34:56 2012
>>>>> >> @@ -0,0 +1,113 @@
>>>>> >> +<service name="SecureService34">
>>>>> >> +
>>>>> >> + <module ref="addressing"/>
>>>>> >> + <module ref="rampart"/>
>>>>> >> +
>>>>> >> + <parameter locked="false"
>>>>> >> name="ServiceClass">org.apache.rampart.Service</parameter>
>>>>> >> +
>>>>> >> + <operation name="echo">
>>>>> >> + <messageReceiver
>>>>> >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>>>>> >> + <actionMapping>urn:echo</actionMapping>
>>>>> >> + </operation>
>>>>> >> +
>>>>> >> + <operation name="returnError">
>>>>> >> + <messageReceiver
>>>>> >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>>>>> >> + <actionMapping>urn:returnError</actionMapping>
>>>>> >> + </operation>
>>>>> >> +
>>>>> >> + <wsp:Policy wsu:Id="SigEncr"
>>>>> >> +
>>>>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>>> >> +
>>>>> >> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>>>>> >> + <wsp:ExactlyOne>
>>>>> >> + <wsp:All>
>>>>> >> + <sp:AsymmetricBinding
>>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:InitiatorToken>
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:X509Token
>>>>> >> +
>>>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
>>>>> >> + <wsp:Policy>
>>>>> >> +
>>>>> >> <sp:RequireThumbprintReference/>
>>>>> >> + <sp:WssX509V3Token10/>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:X509Token>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:InitiatorToken>
>>>>> >> + <sp:RecipientToken>
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:X509Token
>>>>> >> +
>>>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>>>>> >> + <wsp:Policy>
>>>>> >> +
>>>>> >> <sp:RequireThumbprintReference/>
>>>>> >> + <sp:WssX509V3Token10/>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:X509Token>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:RecipientToken>
>>>>> >> + <sp:AlgorithmSuite>
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:TripleDesRsa15/>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:AlgorithmSuite>
>>>>> >> + <sp:Layout>
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:Strict/>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:Layout>
>>>>> >> + <sp:IncludeTimestamp/>
>>>>> >> + <sp:OnlySignEntireHeadersAndBody/>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:AsymmetricBinding>
>>>>> >> + <sp:Wss10
>>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>> >> + <wsp:Policy>
>>>>> >> + <sp:MustSupportRefKeyIdentifier/>
>>>>> >> + <sp:MustSupportRefIssuerSerial/>
>>>>> >> + </wsp:Policy>
>>>>> >> + </sp:Wss10>
>>>>> >> + <sp:SignedParts
>>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>> >> + <sp:Body/>
>>>>> >> + </sp:SignedParts>
>>>>> >> + <sp:EncryptedParts
>>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>> >> + <sp:Body/>
>>>>> >> + </sp:EncryptedParts>
>>>>> >> +
>>>>> >> + <ramp:RampartConfig
>>>>> >> xmlns:ramp="http://ws.apache.org/rampart/policy">
>>>>> >> + <ramp:user>alice</ramp:user>
>>>>> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>>>>> >> +
>>>>> >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>>>>> >> + </ramp:passwordCallbackClass>
>>>>> >> +
>>>>> >> + <ramp:signatureCrypto>
>>>>> >> + <ramp:crypto
>>>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>>>> >> + <ramp:property
>>>>> >> +
>>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>>>> >> + </ramp:property>
>>>>> >> + <ramp:property
>>>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>>>> >> + rampart/store.jks
>>>>> >> + </ramp:property>
>>>>> >> + <ramp:property
>>>>> >> +
>>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>>>> >> + password
>>>>> >> + </ramp:property>
>>>>> >> + </ramp:crypto>
>>>>> >> + </ramp:signatureCrypto>
>>>>> >> + <ramp:encryptionCypto>
>>>>> >> + <ramp:crypto
>>>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>>>> >> + <ramp:property
>>>>> >> +
>>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>>>> >> + </ramp:property>
>>>>> >> + <ramp:property
>>>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>>>> >> + rampart/store.jks
>>>>> >> + </ramp:property>
>>>>> >> + <ramp:property
>>>>> >> +
>>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>>>> >> + password
>>>>> >> + </ramp:property>
>>>>> >> + </ramp:crypto>
>>>>> >> + </ramp:encryptionCypto>
>>>>> >> + </ramp:RampartConfig>
>>>>> >> + </wsp:All>
>>>>> >> + </wsp:ExactlyOne>
>>>>> >> + </wsp:Policy>
>>>>> >> +
>>>>> >> +</service>
>>>>> >>
>>>>> >>
>>>>> >
>>>>> > ---------------------------------------------------------------------
>>>>> > To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>>>> > For additional commands, e-mail: java-dev-help@axis.apache.org
>>>>> >
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Mobile : +94773330538
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>>>> For additional commands, e-mail: java-dev-help@axis.apache.org
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Sagara Gunathunga
>>>>
>>>> Blog - http://ssagara.blogspot.com
>>>> Web - http://people.apache.org/~sagara/
>>>> LinkedIn - http://www.linkedin.com/in/ssagara
>>>
>>>
>>>
>>> --
>>> Mobile : +94773330538
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>> For additional commands, e-mail: java-dev-help@axis.apache.org
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>> For additional commands, e-mail: java-dev-help@axis.apache.org
>>
>
>
>
> --
> Mobile : +94773330538
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-dev-help@axis.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org
Re: svn commit: r1228870 - in /axis/axis2/java/rampart/trunk/modules:
rampart-core/src/main/java/org/apache/rampart/ rampart-integration/
rampart-integration/src/test/java/org/apache/rampart/ rampart-integration/src/test/resources/rampart/
rampart-in
Posted by Amila Jayasekara <am...@wso2.com>.
On Tue, Jan 10, 2012 at 3:12 PM, Andreas Veithen
<an...@gmail.com> wrote:
> On Tue, Jan 10, 2012 at 05:22, Amila Jayasekara <am...@wso2.com> wrote:
>> Hi Andreas,
>>
>> I am unable to reproduce this issue in my local environment. I am
>> trying to force a build in Jenkins, but i am unable to find a link to
>> do it.
>> Can u pls let me know how to force a build ?
>
> You need to log in with your Apache account. Then you will see a
> "Build Now" link in the job page. You will also have access to the Job
> configuration.
Hi Andreas,
I am using my apache account (amilaj). Still i cannot see "Build Now"
link in any of the pages. Do i need to have special privileges to
force builds ?
Thanks
AmilaJ
>
>> Thanks
>> AmilaJ
>>
>> On Mon, Jan 9, 2012 at 5:57 PM, Sagara Gunathunga
>> <sa...@gmail.com> wrote:
>>> I just build latest trunk on my local machine successfully seems like issue
>>> with build server.
>>>
>>> Thanks !
>>>
>>> On Mon, Jan 9, 2012 at 5:27 PM, Amila Jayasekara <am...@wso2.com> wrote:
>>>>
>>>> Hi Andreas,
>>>>
>>>> In my local machine, all tests are passing. I am currently
>>>> investigating the cause for the test failure.
>>>>
>>>> Thanks
>>>> AmilaJ
>>>>
>>>> On Mon, Jan 9, 2012 at 1:46 PM, Andreas Veithen
>>>> <an...@gmail.com> wrote:
>>>> > That change causes a builds failure (see the mails from Jenkins). Can
>>>> > you please fix that?
>>>> >
>>>> > Andreas
>>>> >
>>>> > On Sun, Jan 8, 2012 at 16:34, <am...@apache.org> wrote:
>>>> >> Author: amilaj
>>>> >> Date: Sun Jan 8 15:34:56 2012
>>>> >> New Revision: 1228870
>>>> >>
>>>> >> URL: http://svn.apache.org/viewvc?rev=1228870&view=rev
>>>> >> Log:
>>>> >> Fixing issue RAMPART-269. Also added an integration test case
>>>> >>
>>>> >> Added:
>>>> >>
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>>> >>
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>>> >> Modified:
>>>> >>
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>>> >>
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>>> >>
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>>> >>
>>>> >> Modified:
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>>> >> URL:
>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>>>> >>
>>>> >> ==============================================================================
>>>> >> ---
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>>> >> (original)
>>>> >> +++
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>>> >> Sun Jan 8 15:34:56 2012
>>>> >> @@ -311,6 +311,16 @@ public class RampartEngine {
>>>> >> }
>>>> >> } else if (WSConstants.SIGN == actInt.intValue()) {
>>>> >> X509Certificate cert = (X509Certificate)
>>>> >> wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
>>>> >> +
>>>> >> + if (rpd.isAsymmetricBinding() && cert == null &&
>>>> >> rpd.getInitiatorToken() != null
>>>> >> + && !rpd.getInitiatorToken().isDerivedKeys()) {
>>>> >> +
>>>> >> + // If symmetric binding is used, the certificate
>>>> >> should be null.
>>>> >> + // If certificate is not null then probably
>>>> >> initiator and
>>>> >> + // recipient are using 2 different bindings.
>>>> >> + throw new
>>>> >> RampartException("invalidSignatureAlgo");
>>>> >> + }
>>>> >> +
>>>> >> msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
>>>> >> }
>>>> >>
>>>> >>
>>>> >> Modified:
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>>> >> URL:
>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1228870&r1=1228869&r2=1228870&view=diff
>>>> >>
>>>> >> ==============================================================================
>>>> >> ---
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>>> >> (original)
>>>> >> +++
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>>> >> Sun Jan 8 15:34:56 2012
>>>> >> @@ -99,4 +99,5 @@ invalidTransport = Expected transport is
>>>> >> requiredElementsMissing = Required Elements not found in the incoming
>>>> >> message : {0}
>>>> >> repeatingNonceValue = Nonce value : {0}, already seen before for user
>>>> >> name : {1}. Possibly this could be a replay attack.
>>>> >> invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart
>>>> >> configuration file.
>>>> >> -invalidIssuerAddress = Invalid value for Issuer
>>>> >> \ No newline at end of file
>>>> >> +invalidIssuerAddress = Invalid value for Issuer
>>>> >> +invalidSignatureAlgo=Invalid signature algorithm for Asymmetric
>>>> >> binding
>>>> >> \ No newline at end of file
>>>> >>
>>>> >> Modified:
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>>> >> URL:
>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml?rev=1228870&r1=1228869&r2=1228870&view=diff
>>>> >>
>>>> >> ==============================================================================
>>>> >> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>>> >> (original)
>>>> >> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>>> >> Sun Jan 8 15:34:56 2012
>>>> >> @@ -273,6 +273,11 @@
>>>> >> <copy overwrite="yes"
>>>> >> file="src/test/resources/rampart/services-33.xml"
>>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>>> >> <jar
>>>> >> jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar"
>>>> >> basedir="target/temp-ramp" />
>>>> >>
>>>> >> + <!-- Service 34 -->
>>>> >> + <copy overwrite="yes"
>>>> >> file="src/test/resources/rampart/services-34.xml"
>>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>>> >> + <jar
>>>> >> jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar"
>>>> >> basedir="target/temp-ramp" />
>>>> >> +
>>>> >> +
>>>> >> <!-- Service SC-1 -->
>>>> >> <copy overwrite="yes"
>>>> >> file="src/test/resources/rampart/issuer.properties"
>>>> >> tofile="target/temp-ramp/issuer.properties" />
>>>> >> <copy overwrite="yes"
>>>> >> file="src/test/resources/rampart/services-sc-1.xml"
>>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>>> >>
>>>> >> Modified:
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>>> >> URL:
>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>>>> >>
>>>> >> ==============================================================================
>>>> >> ---
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>>> >> (original)
>>>> >> +++
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>>> >> Sun Jan 8 15:34:56 2012
>>>> >> @@ -36,11 +36,24 @@ import org.apache.axis2.integration.Util
>>>> >> import org.apache.neethi.Policy;
>>>> >> import org.apache.neethi.PolicyEngine;
>>>> >>
>>>> >> +import java.util.MissingResourceException;
>>>> >> +import java.util.ResourceBundle;
>>>> >> +
>>>> >>
>>>> >> public class RampartTest extends TestCase {
>>>> >>
>>>> >> public final static int PORT = UtilServer.TESTING_PORT;
>>>> >>
>>>> >> + private static ResourceBundle resources;
>>>> >> +
>>>> >> + static {
>>>> >> + try {
>>>> >> + resources =
>>>> >> ResourceBundle.getBundle("org.apache.rampart.errors");
>>>> >> + } catch (MissingResourceException e) {
>>>> >> + throw new RuntimeException(e.getMessage());
>>>> >> + }
>>>> >> + }
>>>> >> +
>>>> >> public RampartTest(String name) {
>>>> >> super(name);
>>>> >> }
>>>> >> @@ -83,7 +96,7 @@ public class RampartTest extends TestCas
>>>> >> "Unlimited Strength Jurisdiction Policy !!!");
>>>> >> }
>>>> >>
>>>> >> - for (int i = 1; i <= 33; i++) { //<-The number of tests we
>>>> >> have
>>>> >> + for (int i = 1; i <= 34; i++) { //<-The number of tests we
>>>> >> have
>>>> >> if(!basic256Supported && (i == 3 || i == 4 || i == 5))
>>>> >> {
>>>> >> //Skip the Basic256 tests
>>>> >> continue;
>>>> >> @@ -122,18 +135,32 @@ public class RampartTest extends TestCas
>>>> >> serviceClient.addHeader(header);
>>>> >> }
>>>> >>
>>>> >> - // Invoking the serive in the TestCase-28 should fail.
>>>> >> So handling it differently..
>>>> >> - if (i == 28) {
>>>> >> + // Invoking the service in the TestCase-28 should
>>>> >> fail. So handling it differently..
>>>> >> + if (i == 28 || i == 34) {
>>>> >> try {
>>>> >> +
>>>> >> //Blocking invocation
>>>> >> serviceClient.sendReceive(getOMElement());
>>>> >> - fail("Service Should throw an error..");
>>>> >> +
>>>> >> + String message = "";
>>>> >> +
>>>> >> + if (i == 34) {
>>>> >> + message = "Test case 34 should fail. We
>>>> >> are running the service in symmetric binding mode " +
>>>> >> + "and client in asymmetric
>>>> >> binding mode. Therefore test case 34 should fail.";
>>>> >> + }
>>>> >> +
>>>> >> + fail("Service Should throw an error - " +
>>>> >> message);
>>>> >>
>>>> >> } catch (AxisFault axisFault) {
>>>> >> - assertEquals("Expected encrypted part
>>>> >> missing", axisFault.getMessage());
>>>> >> +
>>>> >> + if (i == 28) {
>>>> >> +
>>>> >> assertEquals(resources.getString("encryptionMissing"),
>>>> >> axisFault.getMessage());
>>>> >> + } else if (i == 34) {
>>>> >> +
>>>> >> assertEquals(resources.getString("invalidSignatureAlgo"),
>>>> >> axisFault.getMessage());
>>>> >> + }
>>>> >> +
>>>> >> }
>>>> >> }
>>>> >> -
>>>> >> else{
>>>> >> //Blocking invocation
>>>> >> serviceClient.sendReceive(getEchoElement());
>>>> >>
>>>> >> Added:
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>>> >> URL:
>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml?rev=1228870&view=auto
>>>> >>
>>>> >> ==============================================================================
>>>> >> ---
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>>> >> (added)
>>>> >> +++
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>>> >> Sun Jan 8 15:34:56 2012
>>>> >> @@ -0,0 +1,102 @@
>>>> >> +<?xml version="1.0" encoding="UTF-8"?>
>>>> >> +<!--
>>>> >> + !
>>>> >> + ! Copyright 2006 The Apache Software Foundation.
>>>> >> + !
>>>> >> + ! Licensed under the Apache License, Version 2.0 (the "License");
>>>> >> + ! you may not use this file except in compliance with the License.
>>>> >> + ! You may obtain a copy of the License at
>>>> >> + !
>>>> >> + ! http://www.apache.org/licenses/LICENSE-2.0
>>>> >> + !
>>>> >> + ! Unless required by applicable law or agreed to in writing, software
>>>> >> + ! distributed under the License is distributed on an "AS IS" BASIS,
>>>> >> + ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>>>> >> implied.
>>>> >> + ! See the License for the specific language governing permissions and
>>>> >> + ! limitations under the License.
>>>> >> + !-->
>>>> >> +
>>>> >> +<wsp:Policy wsu:Id="SigEncr"
>>>> >> +
>>>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>> >> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>>>> >> +
>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>> >> + <wsp:ExactlyOne>
>>>> >> + <wsp:All>
>>>> >> + <sp:SymmetricBinding>
>>>> >> + <wsp:Policy>
>>>> >> + <sp:ProtectionToken>
>>>> >> + <wsp:Policy>
>>>> >> + <sp:X509Token
>>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>>>> >> +
>>>> >> <wsp:Policy>
>>>> >> +
>>>> >> <sp:RequireThumbprintReference/>
>>>> >> +
>>>> >> <sp:WssX509V3Token10/>
>>>> >> +
>>>> >> </wsp:Policy>
>>>> >> +
>>>> >> </sp:X509Token>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:ProtectionToken>
>>>> >> + <sp:AlgorithmSuite>
>>>> >> + <wsp:Policy>
>>>> >> + <sp:Basic256/>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:AlgorithmSuite>
>>>> >> + <sp:Layout>
>>>> >> + <wsp:Policy>
>>>> >> + <sp:Lax/>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:Layout>
>>>> >> + <sp:IncludeTimestamp/>
>>>> >> +
>>>> >> <sp:OnlySignEntireHeadersAndBody/>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:SymmetricBinding>
>>>> >> + <sp:Wss10
>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>> >> + <wsp:Policy>
>>>> >> + <sp:MustSupportRefKeyIdentifier/>
>>>> >> + <sp:MustSupportRefIssuerSerial/>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:Wss10>
>>>> >> + <sp:SignedParts
>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>> >> + <sp:Body/>
>>>> >> + </sp:SignedParts>
>>>> >> + <sp:EncryptedParts
>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>> >> + <sp:Body/>
>>>> >> + </sp:EncryptedParts>
>>>> >> +
>>>> >> + <ramp:RampartConfig
>>>> >> xmlns:ramp="http://ws.apache.org/rampart/policy">
>>>> >> + <ramp:user>alice</ramp:user>
>>>> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>>>> >> +
>>>> >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>>>> >> + </ramp:passwordCallbackClass>
>>>> >> +
>>>> >> + <ramp:signatureCrypto>
>>>> >> + <ramp:crypto
>>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>>> >> + <ramp:property
>>>> >> +
>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>>> >> + </ramp:property>
>>>> >> + <ramp:property
>>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>>> >> + rampart/store.jks
>>>> >> + </ramp:property>
>>>> >> + <ramp:property
>>>> >> +
>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>>> >> + password
>>>> >> + </ramp:property>
>>>> >> + </ramp:crypto>
>>>> >> + </ramp:signatureCrypto>
>>>> >> + <ramp:encryptionCypto>
>>>> >> + <ramp:crypto
>>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>>> >> + <ramp:property
>>>> >> +
>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>>> >> + </ramp:property>
>>>> >> + <ramp:property
>>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>>> >> + rampart/store.jks
>>>> >> + </ramp:property>
>>>> >> + <ramp:property
>>>> >> +
>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>>> >> + password
>>>> >> + </ramp:property>
>>>> >> + </ramp:crypto>
>>>> >> + </ramp:encryptionCypto>
>>>> >> + </ramp:RampartConfig>
>>>> >> +
>>>> >> + </wsp:All>
>>>> >> + </wsp:ExactlyOne>
>>>> >> +</wsp:Policy>
>>>> >> \ No newline at end of file
>>>> >>
>>>> >> Added:
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>>> >> URL:
>>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml?rev=1228870&view=auto
>>>> >>
>>>> >> ==============================================================================
>>>> >> ---
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>>> >> (added)
>>>> >> +++
>>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>>> >> Sun Jan 8 15:34:56 2012
>>>> >> @@ -0,0 +1,113 @@
>>>> >> +<service name="SecureService34">
>>>> >> +
>>>> >> + <module ref="addressing"/>
>>>> >> + <module ref="rampart"/>
>>>> >> +
>>>> >> + <parameter locked="false"
>>>> >> name="ServiceClass">org.apache.rampart.Service</parameter>
>>>> >> +
>>>> >> + <operation name="echo">
>>>> >> + <messageReceiver
>>>> >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>>>> >> + <actionMapping>urn:echo</actionMapping>
>>>> >> + </operation>
>>>> >> +
>>>> >> + <operation name="returnError">
>>>> >> + <messageReceiver
>>>> >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>>>> >> + <actionMapping>urn:returnError</actionMapping>
>>>> >> + </operation>
>>>> >> +
>>>> >> + <wsp:Policy wsu:Id="SigEncr"
>>>> >> +
>>>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>> >> +
>>>> >> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>>>> >> + <wsp:ExactlyOne>
>>>> >> + <wsp:All>
>>>> >> + <sp:AsymmetricBinding
>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>> >> + <wsp:Policy>
>>>> >> + <sp:InitiatorToken>
>>>> >> + <wsp:Policy>
>>>> >> + <sp:X509Token
>>>> >> +
>>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
>>>> >> + <wsp:Policy>
>>>> >> +
>>>> >> <sp:RequireThumbprintReference/>
>>>> >> + <sp:WssX509V3Token10/>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:X509Token>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:InitiatorToken>
>>>> >> + <sp:RecipientToken>
>>>> >> + <wsp:Policy>
>>>> >> + <sp:X509Token
>>>> >> +
>>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>>>> >> + <wsp:Policy>
>>>> >> +
>>>> >> <sp:RequireThumbprintReference/>
>>>> >> + <sp:WssX509V3Token10/>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:X509Token>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:RecipientToken>
>>>> >> + <sp:AlgorithmSuite>
>>>> >> + <wsp:Policy>
>>>> >> + <sp:TripleDesRsa15/>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:AlgorithmSuite>
>>>> >> + <sp:Layout>
>>>> >> + <wsp:Policy>
>>>> >> + <sp:Strict/>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:Layout>
>>>> >> + <sp:IncludeTimestamp/>
>>>> >> + <sp:OnlySignEntireHeadersAndBody/>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:AsymmetricBinding>
>>>> >> + <sp:Wss10
>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>> >> + <wsp:Policy>
>>>> >> + <sp:MustSupportRefKeyIdentifier/>
>>>> >> + <sp:MustSupportRefIssuerSerial/>
>>>> >> + </wsp:Policy>
>>>> >> + </sp:Wss10>
>>>> >> + <sp:SignedParts
>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>> >> + <sp:Body/>
>>>> >> + </sp:SignedParts>
>>>> >> + <sp:EncryptedParts
>>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>> >> + <sp:Body/>
>>>> >> + </sp:EncryptedParts>
>>>> >> +
>>>> >> + <ramp:RampartConfig
>>>> >> xmlns:ramp="http://ws.apache.org/rampart/policy">
>>>> >> + <ramp:user>alice</ramp:user>
>>>> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>>>> >> +
>>>> >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>>>> >> + </ramp:passwordCallbackClass>
>>>> >> +
>>>> >> + <ramp:signatureCrypto>
>>>> >> + <ramp:crypto
>>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>>> >> + <ramp:property
>>>> >> +
>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>>> >> + </ramp:property>
>>>> >> + <ramp:property
>>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>>> >> + rampart/store.jks
>>>> >> + </ramp:property>
>>>> >> + <ramp:property
>>>> >> +
>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>>> >> + password
>>>> >> + </ramp:property>
>>>> >> + </ramp:crypto>
>>>> >> + </ramp:signatureCrypto>
>>>> >> + <ramp:encryptionCypto>
>>>> >> + <ramp:crypto
>>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>>> >> + <ramp:property
>>>> >> +
>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>>> >> + </ramp:property>
>>>> >> + <ramp:property
>>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>>> >> + rampart/store.jks
>>>> >> + </ramp:property>
>>>> >> + <ramp:property
>>>> >> +
>>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>>> >> + password
>>>> >> + </ramp:property>
>>>> >> + </ramp:crypto>
>>>> >> + </ramp:encryptionCypto>
>>>> >> + </ramp:RampartConfig>
>>>> >> + </wsp:All>
>>>> >> + </wsp:ExactlyOne>
>>>> >> + </wsp:Policy>
>>>> >> +
>>>> >> +</service>
>>>> >>
>>>> >>
>>>> >
>>>> > ---------------------------------------------------------------------
>>>> > To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>>> > For additional commands, e-mail: java-dev-help@axis.apache.org
>>>> >
>>>>
>>>>
>>>>
>>>> --
>>>> Mobile : +94773330538
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>>> For additional commands, e-mail: java-dev-help@axis.apache.org
>>>>
>>>
>>>
>>>
>>> --
>>> Sagara Gunathunga
>>>
>>> Blog - http://ssagara.blogspot.com
>>> Web - http://people.apache.org/~sagara/
>>> LinkedIn - http://www.linkedin.com/in/ssagara
>>
>>
>>
>> --
>> Mobile : +94773330538
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>> For additional commands, e-mail: java-dev-help@axis.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-dev-help@axis.apache.org
>
--
Mobile : +94773330538
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org
Re: svn commit: r1228870 - in /axis/axis2/java/rampart/trunk/modules:
rampart-core/src/main/java/org/apache/rampart/ rampart-integration/
rampart-integration/src/test/java/org/apache/rampart/ rampart-integration/src/test/resources/rampart/
rampart-in
Posted by Andreas Veithen <an...@gmail.com>.
On Tue, Jan 10, 2012 at 05:22, Amila Jayasekara <am...@wso2.com> wrote:
> Hi Andreas,
>
> I am unable to reproduce this issue in my local environment. I am
> trying to force a build in Jenkins, but i am unable to find a link to
> do it.
> Can u pls let me know how to force a build ?
You need to log in with your Apache account. Then you will see a
"Build Now" link in the job page. You will also have access to the Job
configuration.
> Thanks
> AmilaJ
>
> On Mon, Jan 9, 2012 at 5:57 PM, Sagara Gunathunga
> <sa...@gmail.com> wrote:
>> I just build latest trunk on my local machine successfully seems like issue
>> with build server.
>>
>> Thanks !
>>
>> On Mon, Jan 9, 2012 at 5:27 PM, Amila Jayasekara <am...@wso2.com> wrote:
>>>
>>> Hi Andreas,
>>>
>>> In my local machine, all tests are passing. I am currently
>>> investigating the cause for the test failure.
>>>
>>> Thanks
>>> AmilaJ
>>>
>>> On Mon, Jan 9, 2012 at 1:46 PM, Andreas Veithen
>>> <an...@gmail.com> wrote:
>>> > That change causes a builds failure (see the mails from Jenkins). Can
>>> > you please fix that?
>>> >
>>> > Andreas
>>> >
>>> > On Sun, Jan 8, 2012 at 16:34, <am...@apache.org> wrote:
>>> >> Author: amilaj
>>> >> Date: Sun Jan 8 15:34:56 2012
>>> >> New Revision: 1228870
>>> >>
>>> >> URL: http://svn.apache.org/viewvc?rev=1228870&view=rev
>>> >> Log:
>>> >> Fixing issue RAMPART-269. Also added an integration test case
>>> >>
>>> >> Added:
>>> >>
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>> >>
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>> >> Modified:
>>> >>
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>> >>
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>> >>
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>> >>
>>> >> Modified:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>>> >>
>>> >> ==============================================================================
>>> >> ---
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>> >> (original)
>>> >> +++
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -311,6 +311,16 @@ public class RampartEngine {
>>> >> }
>>> >> } else if (WSConstants.SIGN == actInt.intValue()) {
>>> >> X509Certificate cert = (X509Certificate)
>>> >> wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
>>> >> +
>>> >> + if (rpd.isAsymmetricBinding() && cert == null &&
>>> >> rpd.getInitiatorToken() != null
>>> >> + && !rpd.getInitiatorToken().isDerivedKeys()) {
>>> >> +
>>> >> + // If symmetric binding is used, the certificate
>>> >> should be null.
>>> >> + // If certificate is not null then probably
>>> >> initiator and
>>> >> + // recipient are using 2 different bindings.
>>> >> + throw new
>>> >> RampartException("invalidSignatureAlgo");
>>> >> + }
>>> >> +
>>> >> msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
>>> >> }
>>> >>
>>> >>
>>> >> Modified:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1228870&r1=1228869&r2=1228870&view=diff
>>> >>
>>> >> ==============================================================================
>>> >> ---
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>> >> (original)
>>> >> +++
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -99,4 +99,5 @@ invalidTransport = Expected transport is
>>> >> requiredElementsMissing = Required Elements not found in the incoming
>>> >> message : {0}
>>> >> repeatingNonceValue = Nonce value : {0}, already seen before for user
>>> >> name : {1}. Possibly this could be a replay attack.
>>> >> invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart
>>> >> configuration file.
>>> >> -invalidIssuerAddress = Invalid value for Issuer
>>> >> \ No newline at end of file
>>> >> +invalidIssuerAddress = Invalid value for Issuer
>>> >> +invalidSignatureAlgo=Invalid signature algorithm for Asymmetric
>>> >> binding
>>> >> \ No newline at end of file
>>> >>
>>> >> Modified:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml?rev=1228870&r1=1228869&r2=1228870&view=diff
>>> >>
>>> >> ==============================================================================
>>> >> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>> >> (original)
>>> >> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -273,6 +273,11 @@
>>> >> <copy overwrite="yes"
>>> >> file="src/test/resources/rampart/services-33.xml"
>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>> >> <jar
>>> >> jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar"
>>> >> basedir="target/temp-ramp" />
>>> >>
>>> >> + <!-- Service 34 -->
>>> >> + <copy overwrite="yes"
>>> >> file="src/test/resources/rampart/services-34.xml"
>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>> >> + <jar
>>> >> jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar"
>>> >> basedir="target/temp-ramp" />
>>> >> +
>>> >> +
>>> >> <!-- Service SC-1 -->
>>> >> <copy overwrite="yes"
>>> >> file="src/test/resources/rampart/issuer.properties"
>>> >> tofile="target/temp-ramp/issuer.properties" />
>>> >> <copy overwrite="yes"
>>> >> file="src/test/resources/rampart/services-sc-1.xml"
>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>> >>
>>> >> Modified:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>>> >>
>>> >> ==============================================================================
>>> >> ---
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>> >> (original)
>>> >> +++
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -36,11 +36,24 @@ import org.apache.axis2.integration.Util
>>> >> import org.apache.neethi.Policy;
>>> >> import org.apache.neethi.PolicyEngine;
>>> >>
>>> >> +import java.util.MissingResourceException;
>>> >> +import java.util.ResourceBundle;
>>> >> +
>>> >>
>>> >> public class RampartTest extends TestCase {
>>> >>
>>> >> public final static int PORT = UtilServer.TESTING_PORT;
>>> >>
>>> >> + private static ResourceBundle resources;
>>> >> +
>>> >> + static {
>>> >> + try {
>>> >> + resources =
>>> >> ResourceBundle.getBundle("org.apache.rampart.errors");
>>> >> + } catch (MissingResourceException e) {
>>> >> + throw new RuntimeException(e.getMessage());
>>> >> + }
>>> >> + }
>>> >> +
>>> >> public RampartTest(String name) {
>>> >> super(name);
>>> >> }
>>> >> @@ -83,7 +96,7 @@ public class RampartTest extends TestCas
>>> >> "Unlimited Strength Jurisdiction Policy !!!");
>>> >> }
>>> >>
>>> >> - for (int i = 1; i <= 33; i++) { //<-The number of tests we
>>> >> have
>>> >> + for (int i = 1; i <= 34; i++) { //<-The number of tests we
>>> >> have
>>> >> if(!basic256Supported && (i == 3 || i == 4 || i == 5))
>>> >> {
>>> >> //Skip the Basic256 tests
>>> >> continue;
>>> >> @@ -122,18 +135,32 @@ public class RampartTest extends TestCas
>>> >> serviceClient.addHeader(header);
>>> >> }
>>> >>
>>> >> - // Invoking the serive in the TestCase-28 should fail.
>>> >> So handling it differently..
>>> >> - if (i == 28) {
>>> >> + // Invoking the service in the TestCase-28 should
>>> >> fail. So handling it differently..
>>> >> + if (i == 28 || i == 34) {
>>> >> try {
>>> >> +
>>> >> //Blocking invocation
>>> >> serviceClient.sendReceive(getOMElement());
>>> >> - fail("Service Should throw an error..");
>>> >> +
>>> >> + String message = "";
>>> >> +
>>> >> + if (i == 34) {
>>> >> + message = "Test case 34 should fail. We
>>> >> are running the service in symmetric binding mode " +
>>> >> + "and client in asymmetric
>>> >> binding mode. Therefore test case 34 should fail.";
>>> >> + }
>>> >> +
>>> >> + fail("Service Should throw an error - " +
>>> >> message);
>>> >>
>>> >> } catch (AxisFault axisFault) {
>>> >> - assertEquals("Expected encrypted part
>>> >> missing", axisFault.getMessage());
>>> >> +
>>> >> + if (i == 28) {
>>> >> +
>>> >> assertEquals(resources.getString("encryptionMissing"),
>>> >> axisFault.getMessage());
>>> >> + } else if (i == 34) {
>>> >> +
>>> >> assertEquals(resources.getString("invalidSignatureAlgo"),
>>> >> axisFault.getMessage());
>>> >> + }
>>> >> +
>>> >> }
>>> >> }
>>> >> -
>>> >> else{
>>> >> //Blocking invocation
>>> >> serviceClient.sendReceive(getEchoElement());
>>> >>
>>> >> Added:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml?rev=1228870&view=auto
>>> >>
>>> >> ==============================================================================
>>> >> ---
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>> >> (added)
>>> >> +++
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -0,0 +1,102 @@
>>> >> +<?xml version="1.0" encoding="UTF-8"?>
>>> >> +<!--
>>> >> + !
>>> >> + ! Copyright 2006 The Apache Software Foundation.
>>> >> + !
>>> >> + ! Licensed under the Apache License, Version 2.0 (the "License");
>>> >> + ! you may not use this file except in compliance with the License.
>>> >> + ! You may obtain a copy of the License at
>>> >> + !
>>> >> + ! http://www.apache.org/licenses/LICENSE-2.0
>>> >> + !
>>> >> + ! Unless required by applicable law or agreed to in writing, software
>>> >> + ! distributed under the License is distributed on an "AS IS" BASIS,
>>> >> + ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>>> >> implied.
>>> >> + ! See the License for the specific language governing permissions and
>>> >> + ! limitations under the License.
>>> >> + !-->
>>> >> +
>>> >> +<wsp:Policy wsu:Id="SigEncr"
>>> >> +
>>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>> >> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>>> >> +
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <wsp:ExactlyOne>
>>> >> + <wsp:All>
>>> >> + <sp:SymmetricBinding>
>>> >> + <wsp:Policy>
>>> >> + <sp:ProtectionToken>
>>> >> + <wsp:Policy>
>>> >> + <sp:X509Token
>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>>> >> +
>>> >> <wsp:Policy>
>>> >> +
>>> >> <sp:RequireThumbprintReference/>
>>> >> +
>>> >> <sp:WssX509V3Token10/>
>>> >> +
>>> >> </wsp:Policy>
>>> >> +
>>> >> </sp:X509Token>
>>> >> + </wsp:Policy>
>>> >> + </sp:ProtectionToken>
>>> >> + <sp:AlgorithmSuite>
>>> >> + <wsp:Policy>
>>> >> + <sp:Basic256/>
>>> >> + </wsp:Policy>
>>> >> + </sp:AlgorithmSuite>
>>> >> + <sp:Layout>
>>> >> + <wsp:Policy>
>>> >> + <sp:Lax/>
>>> >> + </wsp:Policy>
>>> >> + </sp:Layout>
>>> >> + <sp:IncludeTimestamp/>
>>> >> +
>>> >> <sp:OnlySignEntireHeadersAndBody/>
>>> >> + </wsp:Policy>
>>> >> + </sp:SymmetricBinding>
>>> >> + <sp:Wss10
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <wsp:Policy>
>>> >> + <sp:MustSupportRefKeyIdentifier/>
>>> >> + <sp:MustSupportRefIssuerSerial/>
>>> >> + </wsp:Policy>
>>> >> + </sp:Wss10>
>>> >> + <sp:SignedParts
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <sp:Body/>
>>> >> + </sp:SignedParts>
>>> >> + <sp:EncryptedParts
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <sp:Body/>
>>> >> + </sp:EncryptedParts>
>>> >> +
>>> >> + <ramp:RampartConfig
>>> >> xmlns:ramp="http://ws.apache.org/rampart/policy">
>>> >> + <ramp:user>alice</ramp:user>
>>> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>>> >> +
>>> >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>>> >> + </ramp:passwordCallbackClass>
>>> >> +
>>> >> + <ramp:signatureCrypto>
>>> >> + <ramp:crypto
>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>> >> + rampart/store.jks
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>> >> + password
>>> >> + </ramp:property>
>>> >> + </ramp:crypto>
>>> >> + </ramp:signatureCrypto>
>>> >> + <ramp:encryptionCypto>
>>> >> + <ramp:crypto
>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>> >> + rampart/store.jks
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>> >> + password
>>> >> + </ramp:property>
>>> >> + </ramp:crypto>
>>> >> + </ramp:encryptionCypto>
>>> >> + </ramp:RampartConfig>
>>> >> +
>>> >> + </wsp:All>
>>> >> + </wsp:ExactlyOne>
>>> >> +</wsp:Policy>
>>> >> \ No newline at end of file
>>> >>
>>> >> Added:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml?rev=1228870&view=auto
>>> >>
>>> >> ==============================================================================
>>> >> ---
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>> >> (added)
>>> >> +++
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -0,0 +1,113 @@
>>> >> +<service name="SecureService34">
>>> >> +
>>> >> + <module ref="addressing"/>
>>> >> + <module ref="rampart"/>
>>> >> +
>>> >> + <parameter locked="false"
>>> >> name="ServiceClass">org.apache.rampart.Service</parameter>
>>> >> +
>>> >> + <operation name="echo">
>>> >> + <messageReceiver
>>> >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>>> >> + <actionMapping>urn:echo</actionMapping>
>>> >> + </operation>
>>> >> +
>>> >> + <operation name="returnError">
>>> >> + <messageReceiver
>>> >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>>> >> + <actionMapping>urn:returnError</actionMapping>
>>> >> + </operation>
>>> >> +
>>> >> + <wsp:Policy wsu:Id="SigEncr"
>>> >> +
>>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>> >> +
>>> >> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>>> >> + <wsp:ExactlyOne>
>>> >> + <wsp:All>
>>> >> + <sp:AsymmetricBinding
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <wsp:Policy>
>>> >> + <sp:InitiatorToken>
>>> >> + <wsp:Policy>
>>> >> + <sp:X509Token
>>> >> +
>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
>>> >> + <wsp:Policy>
>>> >> +
>>> >> <sp:RequireThumbprintReference/>
>>> >> + <sp:WssX509V3Token10/>
>>> >> + </wsp:Policy>
>>> >> + </sp:X509Token>
>>> >> + </wsp:Policy>
>>> >> + </sp:InitiatorToken>
>>> >> + <sp:RecipientToken>
>>> >> + <wsp:Policy>
>>> >> + <sp:X509Token
>>> >> +
>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>>> >> + <wsp:Policy>
>>> >> +
>>> >> <sp:RequireThumbprintReference/>
>>> >> + <sp:WssX509V3Token10/>
>>> >> + </wsp:Policy>
>>> >> + </sp:X509Token>
>>> >> + </wsp:Policy>
>>> >> + </sp:RecipientToken>
>>> >> + <sp:AlgorithmSuite>
>>> >> + <wsp:Policy>
>>> >> + <sp:TripleDesRsa15/>
>>> >> + </wsp:Policy>
>>> >> + </sp:AlgorithmSuite>
>>> >> + <sp:Layout>
>>> >> + <wsp:Policy>
>>> >> + <sp:Strict/>
>>> >> + </wsp:Policy>
>>> >> + </sp:Layout>
>>> >> + <sp:IncludeTimestamp/>
>>> >> + <sp:OnlySignEntireHeadersAndBody/>
>>> >> + </wsp:Policy>
>>> >> + </sp:AsymmetricBinding>
>>> >> + <sp:Wss10
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <wsp:Policy>
>>> >> + <sp:MustSupportRefKeyIdentifier/>
>>> >> + <sp:MustSupportRefIssuerSerial/>
>>> >> + </wsp:Policy>
>>> >> + </sp:Wss10>
>>> >> + <sp:SignedParts
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <sp:Body/>
>>> >> + </sp:SignedParts>
>>> >> + <sp:EncryptedParts
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <sp:Body/>
>>> >> + </sp:EncryptedParts>
>>> >> +
>>> >> + <ramp:RampartConfig
>>> >> xmlns:ramp="http://ws.apache.org/rampart/policy">
>>> >> + <ramp:user>alice</ramp:user>
>>> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>>> >> +
>>> >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>>> >> + </ramp:passwordCallbackClass>
>>> >> +
>>> >> + <ramp:signatureCrypto>
>>> >> + <ramp:crypto
>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>> >> + rampart/store.jks
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>> >> + password
>>> >> + </ramp:property>
>>> >> + </ramp:crypto>
>>> >> + </ramp:signatureCrypto>
>>> >> + <ramp:encryptionCypto>
>>> >> + <ramp:crypto
>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>> >> + rampart/store.jks
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>> >> + password
>>> >> + </ramp:property>
>>> >> + </ramp:crypto>
>>> >> + </ramp:encryptionCypto>
>>> >> + </ramp:RampartConfig>
>>> >> + </wsp:All>
>>> >> + </wsp:ExactlyOne>
>>> >> + </wsp:Policy>
>>> >> +
>>> >> +</service>
>>> >>
>>> >>
>>> >
>>> > ---------------------------------------------------------------------
>>> > To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>> > For additional commands, e-mail: java-dev-help@axis.apache.org
>>> >
>>>
>>>
>>>
>>> --
>>> Mobile : +94773330538
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>> For additional commands, e-mail: java-dev-help@axis.apache.org
>>>
>>
>>
>>
>> --
>> Sagara Gunathunga
>>
>> Blog - http://ssagara.blogspot.com
>> Web - http://people.apache.org/~sagara/
>> LinkedIn - http://www.linkedin.com/in/ssagara
>
>
>
> --
> Mobile : +94773330538
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-dev-help@axis.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org
Re: svn commit: r1228870 - in /axis/axis2/java/rampart/trunk/modules:
rampart-core/src/main/java/org/apache/rampart/ rampart-integration/
rampart-integration/src/test/java/org/apache/rampart/ rampart-integration/src/test/resources/rampart/
rampart-in
Posted by Amila Jayasekara <am...@wso2.com>.
Temporarily commented the assetion check. Need to further investigate
the issue with exact build machine configurations. Build is passing
now.
Will start a separate mail thread to get build machine configurations.
Thanks
AmilaJ
On Tue, Jan 10, 2012 at 9:52 AM, Amila Jayasekara <am...@wso2.com> wrote:
> Hi Andreas,
>
> I am unable to reproduce this issue in my local environment. I am
> trying to force a build in Jenkins, but i am unable to find a link to
> do it.
> Can u pls let me know how to force a build ?
>
> Thanks
> AmilaJ
>
> On Mon, Jan 9, 2012 at 5:57 PM, Sagara Gunathunga
> <sa...@gmail.com> wrote:
>> I just build latest trunk on my local machine successfully seems like issue
>> with build server.
>>
>> Thanks !
>>
>> On Mon, Jan 9, 2012 at 5:27 PM, Amila Jayasekara <am...@wso2.com> wrote:
>>>
>>> Hi Andreas,
>>>
>>> In my local machine, all tests are passing. I am currently
>>> investigating the cause for the test failure.
>>>
>>> Thanks
>>> AmilaJ
>>>
>>> On Mon, Jan 9, 2012 at 1:46 PM, Andreas Veithen
>>> <an...@gmail.com> wrote:
>>> > That change causes a builds failure (see the mails from Jenkins). Can
>>> > you please fix that?
>>> >
>>> > Andreas
>>> >
>>> > On Sun, Jan 8, 2012 at 16:34, <am...@apache.org> wrote:
>>> >> Author: amilaj
>>> >> Date: Sun Jan 8 15:34:56 2012
>>> >> New Revision: 1228870
>>> >>
>>> >> URL: http://svn.apache.org/viewvc?rev=1228870&view=rev
>>> >> Log:
>>> >> Fixing issue RAMPART-269. Also added an integration test case
>>> >>
>>> >> Added:
>>> >>
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>> >>
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>> >> Modified:
>>> >>
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>> >>
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>> >>
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>> >>
>>> >> Modified:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>>> >>
>>> >> ==============================================================================
>>> >> ---
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>> >> (original)
>>> >> +++
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -311,6 +311,16 @@ public class RampartEngine {
>>> >> }
>>> >> } else if (WSConstants.SIGN == actInt.intValue()) {
>>> >> X509Certificate cert = (X509Certificate)
>>> >> wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
>>> >> +
>>> >> + if (rpd.isAsymmetricBinding() && cert == null &&
>>> >> rpd.getInitiatorToken() != null
>>> >> + && !rpd.getInitiatorToken().isDerivedKeys()) {
>>> >> +
>>> >> + // If symmetric binding is used, the certificate
>>> >> should be null.
>>> >> + // If certificate is not null then probably
>>> >> initiator and
>>> >> + // recipient are using 2 different bindings.
>>> >> + throw new
>>> >> RampartException("invalidSignatureAlgo");
>>> >> + }
>>> >> +
>>> >> msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
>>> >> }
>>> >>
>>> >>
>>> >> Modified:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1228870&r1=1228869&r2=1228870&view=diff
>>> >>
>>> >> ==============================================================================
>>> >> ---
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>> >> (original)
>>> >> +++
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -99,4 +99,5 @@ invalidTransport = Expected transport is
>>> >> requiredElementsMissing = Required Elements not found in the incoming
>>> >> message : {0}
>>> >> repeatingNonceValue = Nonce value : {0}, already seen before for user
>>> >> name : {1}. Possibly this could be a replay attack.
>>> >> invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart
>>> >> configuration file.
>>> >> -invalidIssuerAddress = Invalid value for Issuer
>>> >> \ No newline at end of file
>>> >> +invalidIssuerAddress = Invalid value for Issuer
>>> >> +invalidSignatureAlgo=Invalid signature algorithm for Asymmetric
>>> >> binding
>>> >> \ No newline at end of file
>>> >>
>>> >> Modified:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml?rev=1228870&r1=1228869&r2=1228870&view=diff
>>> >>
>>> >> ==============================================================================
>>> >> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>> >> (original)
>>> >> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -273,6 +273,11 @@
>>> >> <copy overwrite="yes"
>>> >> file="src/test/resources/rampart/services-33.xml"
>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>> >> <jar
>>> >> jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar"
>>> >> basedir="target/temp-ramp" />
>>> >>
>>> >> + <!-- Service 34 -->
>>> >> + <copy overwrite="yes"
>>> >> file="src/test/resources/rampart/services-34.xml"
>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>> >> + <jar
>>> >> jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar"
>>> >> basedir="target/temp-ramp" />
>>> >> +
>>> >> +
>>> >> <!-- Service SC-1 -->
>>> >> <copy overwrite="yes"
>>> >> file="src/test/resources/rampart/issuer.properties"
>>> >> tofile="target/temp-ramp/issuer.properties" />
>>> >> <copy overwrite="yes"
>>> >> file="src/test/resources/rampart/services-sc-1.xml"
>>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>>> >>
>>> >> Modified:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>>> >>
>>> >> ==============================================================================
>>> >> ---
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>> >> (original)
>>> >> +++
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -36,11 +36,24 @@ import org.apache.axis2.integration.Util
>>> >> import org.apache.neethi.Policy;
>>> >> import org.apache.neethi.PolicyEngine;
>>> >>
>>> >> +import java.util.MissingResourceException;
>>> >> +import java.util.ResourceBundle;
>>> >> +
>>> >>
>>> >> public class RampartTest extends TestCase {
>>> >>
>>> >> public final static int PORT = UtilServer.TESTING_PORT;
>>> >>
>>> >> + private static ResourceBundle resources;
>>> >> +
>>> >> + static {
>>> >> + try {
>>> >> + resources =
>>> >> ResourceBundle.getBundle("org.apache.rampart.errors");
>>> >> + } catch (MissingResourceException e) {
>>> >> + throw new RuntimeException(e.getMessage());
>>> >> + }
>>> >> + }
>>> >> +
>>> >> public RampartTest(String name) {
>>> >> super(name);
>>> >> }
>>> >> @@ -83,7 +96,7 @@ public class RampartTest extends TestCas
>>> >> "Unlimited Strength Jurisdiction Policy !!!");
>>> >> }
>>> >>
>>> >> - for (int i = 1; i <= 33; i++) { //<-The number of tests we
>>> >> have
>>> >> + for (int i = 1; i <= 34; i++) { //<-The number of tests we
>>> >> have
>>> >> if(!basic256Supported && (i == 3 || i == 4 || i == 5))
>>> >> {
>>> >> //Skip the Basic256 tests
>>> >> continue;
>>> >> @@ -122,18 +135,32 @@ public class RampartTest extends TestCas
>>> >> serviceClient.addHeader(header);
>>> >> }
>>> >>
>>> >> - // Invoking the serive in the TestCase-28 should fail.
>>> >> So handling it differently..
>>> >> - if (i == 28) {
>>> >> + // Invoking the service in the TestCase-28 should
>>> >> fail. So handling it differently..
>>> >> + if (i == 28 || i == 34) {
>>> >> try {
>>> >> +
>>> >> //Blocking invocation
>>> >> serviceClient.sendReceive(getOMElement());
>>> >> - fail("Service Should throw an error..");
>>> >> +
>>> >> + String message = "";
>>> >> +
>>> >> + if (i == 34) {
>>> >> + message = "Test case 34 should fail. We
>>> >> are running the service in symmetric binding mode " +
>>> >> + "and client in asymmetric
>>> >> binding mode. Therefore test case 34 should fail.";
>>> >> + }
>>> >> +
>>> >> + fail("Service Should throw an error - " +
>>> >> message);
>>> >>
>>> >> } catch (AxisFault axisFault) {
>>> >> - assertEquals("Expected encrypted part
>>> >> missing", axisFault.getMessage());
>>> >> +
>>> >> + if (i == 28) {
>>> >> +
>>> >> assertEquals(resources.getString("encryptionMissing"),
>>> >> axisFault.getMessage());
>>> >> + } else if (i == 34) {
>>> >> +
>>> >> assertEquals(resources.getString("invalidSignatureAlgo"),
>>> >> axisFault.getMessage());
>>> >> + }
>>> >> +
>>> >> }
>>> >> }
>>> >> -
>>> >> else{
>>> >> //Blocking invocation
>>> >> serviceClient.sendReceive(getEchoElement());
>>> >>
>>> >> Added:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml?rev=1228870&view=auto
>>> >>
>>> >> ==============================================================================
>>> >> ---
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>> >> (added)
>>> >> +++
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -0,0 +1,102 @@
>>> >> +<?xml version="1.0" encoding="UTF-8"?>
>>> >> +<!--
>>> >> + !
>>> >> + ! Copyright 2006 The Apache Software Foundation.
>>> >> + !
>>> >> + ! Licensed under the Apache License, Version 2.0 (the "License");
>>> >> + ! you may not use this file except in compliance with the License.
>>> >> + ! You may obtain a copy of the License at
>>> >> + !
>>> >> + ! http://www.apache.org/licenses/LICENSE-2.0
>>> >> + !
>>> >> + ! Unless required by applicable law or agreed to in writing, software
>>> >> + ! distributed under the License is distributed on an "AS IS" BASIS,
>>> >> + ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>>> >> implied.
>>> >> + ! See the License for the specific language governing permissions and
>>> >> + ! limitations under the License.
>>> >> + !-->
>>> >> +
>>> >> +<wsp:Policy wsu:Id="SigEncr"
>>> >> +
>>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>> >> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>>> >> +
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <wsp:ExactlyOne>
>>> >> + <wsp:All>
>>> >> + <sp:SymmetricBinding>
>>> >> + <wsp:Policy>
>>> >> + <sp:ProtectionToken>
>>> >> + <wsp:Policy>
>>> >> + <sp:X509Token
>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>>> >> +
>>> >> <wsp:Policy>
>>> >> +
>>> >> <sp:RequireThumbprintReference/>
>>> >> +
>>> >> <sp:WssX509V3Token10/>
>>> >> +
>>> >> </wsp:Policy>
>>> >> +
>>> >> </sp:X509Token>
>>> >> + </wsp:Policy>
>>> >> + </sp:ProtectionToken>
>>> >> + <sp:AlgorithmSuite>
>>> >> + <wsp:Policy>
>>> >> + <sp:Basic256/>
>>> >> + </wsp:Policy>
>>> >> + </sp:AlgorithmSuite>
>>> >> + <sp:Layout>
>>> >> + <wsp:Policy>
>>> >> + <sp:Lax/>
>>> >> + </wsp:Policy>
>>> >> + </sp:Layout>
>>> >> + <sp:IncludeTimestamp/>
>>> >> +
>>> >> <sp:OnlySignEntireHeadersAndBody/>
>>> >> + </wsp:Policy>
>>> >> + </sp:SymmetricBinding>
>>> >> + <sp:Wss10
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <wsp:Policy>
>>> >> + <sp:MustSupportRefKeyIdentifier/>
>>> >> + <sp:MustSupportRefIssuerSerial/>
>>> >> + </wsp:Policy>
>>> >> + </sp:Wss10>
>>> >> + <sp:SignedParts
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <sp:Body/>
>>> >> + </sp:SignedParts>
>>> >> + <sp:EncryptedParts
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <sp:Body/>
>>> >> + </sp:EncryptedParts>
>>> >> +
>>> >> + <ramp:RampartConfig
>>> >> xmlns:ramp="http://ws.apache.org/rampart/policy">
>>> >> + <ramp:user>alice</ramp:user>
>>> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>>> >> +
>>> >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>>> >> + </ramp:passwordCallbackClass>
>>> >> +
>>> >> + <ramp:signatureCrypto>
>>> >> + <ramp:crypto
>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>> >> + rampart/store.jks
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>> >> + password
>>> >> + </ramp:property>
>>> >> + </ramp:crypto>
>>> >> + </ramp:signatureCrypto>
>>> >> + <ramp:encryptionCypto>
>>> >> + <ramp:crypto
>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>> >> + rampart/store.jks
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>> >> + password
>>> >> + </ramp:property>
>>> >> + </ramp:crypto>
>>> >> + </ramp:encryptionCypto>
>>> >> + </ramp:RampartConfig>
>>> >> +
>>> >> + </wsp:All>
>>> >> + </wsp:ExactlyOne>
>>> >> +</wsp:Policy>
>>> >> \ No newline at end of file
>>> >>
>>> >> Added:
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>> >> URL:
>>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml?rev=1228870&view=auto
>>> >>
>>> >> ==============================================================================
>>> >> ---
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>> >> (added)
>>> >> +++
>>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>>> >> Sun Jan 8 15:34:56 2012
>>> >> @@ -0,0 +1,113 @@
>>> >> +<service name="SecureService34">
>>> >> +
>>> >> + <module ref="addressing"/>
>>> >> + <module ref="rampart"/>
>>> >> +
>>> >> + <parameter locked="false"
>>> >> name="ServiceClass">org.apache.rampart.Service</parameter>
>>> >> +
>>> >> + <operation name="echo">
>>> >> + <messageReceiver
>>> >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>>> >> + <actionMapping>urn:echo</actionMapping>
>>> >> + </operation>
>>> >> +
>>> >> + <operation name="returnError">
>>> >> + <messageReceiver
>>> >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>>> >> + <actionMapping>urn:returnError</actionMapping>
>>> >> + </operation>
>>> >> +
>>> >> + <wsp:Policy wsu:Id="SigEncr"
>>> >> +
>>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>> >> +
>>> >> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>>> >> + <wsp:ExactlyOne>
>>> >> + <wsp:All>
>>> >> + <sp:AsymmetricBinding
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <wsp:Policy>
>>> >> + <sp:InitiatorToken>
>>> >> + <wsp:Policy>
>>> >> + <sp:X509Token
>>> >> +
>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
>>> >> + <wsp:Policy>
>>> >> +
>>> >> <sp:RequireThumbprintReference/>
>>> >> + <sp:WssX509V3Token10/>
>>> >> + </wsp:Policy>
>>> >> + </sp:X509Token>
>>> >> + </wsp:Policy>
>>> >> + </sp:InitiatorToken>
>>> >> + <sp:RecipientToken>
>>> >> + <wsp:Policy>
>>> >> + <sp:X509Token
>>> >> +
>>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>>> >> + <wsp:Policy>
>>> >> +
>>> >> <sp:RequireThumbprintReference/>
>>> >> + <sp:WssX509V3Token10/>
>>> >> + </wsp:Policy>
>>> >> + </sp:X509Token>
>>> >> + </wsp:Policy>
>>> >> + </sp:RecipientToken>
>>> >> + <sp:AlgorithmSuite>
>>> >> + <wsp:Policy>
>>> >> + <sp:TripleDesRsa15/>
>>> >> + </wsp:Policy>
>>> >> + </sp:AlgorithmSuite>
>>> >> + <sp:Layout>
>>> >> + <wsp:Policy>
>>> >> + <sp:Strict/>
>>> >> + </wsp:Policy>
>>> >> + </sp:Layout>
>>> >> + <sp:IncludeTimestamp/>
>>> >> + <sp:OnlySignEntireHeadersAndBody/>
>>> >> + </wsp:Policy>
>>> >> + </sp:AsymmetricBinding>
>>> >> + <sp:Wss10
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <wsp:Policy>
>>> >> + <sp:MustSupportRefKeyIdentifier/>
>>> >> + <sp:MustSupportRefIssuerSerial/>
>>> >> + </wsp:Policy>
>>> >> + </sp:Wss10>
>>> >> + <sp:SignedParts
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <sp:Body/>
>>> >> + </sp:SignedParts>
>>> >> + <sp:EncryptedParts
>>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >> + <sp:Body/>
>>> >> + </sp:EncryptedParts>
>>> >> +
>>> >> + <ramp:RampartConfig
>>> >> xmlns:ramp="http://ws.apache.org/rampart/policy">
>>> >> + <ramp:user>alice</ramp:user>
>>> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>>> >> +
>>> >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>>> >> + </ramp:passwordCallbackClass>
>>> >> +
>>> >> + <ramp:signatureCrypto>
>>> >> + <ramp:crypto
>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>> >> + rampart/store.jks
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>> >> + password
>>> >> + </ramp:property>
>>> >> + </ramp:crypto>
>>> >> + </ramp:signatureCrypto>
>>> >> + <ramp:encryptionCypto>
>>> >> + <ramp:crypto
>>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> name="org.apache.ws.security.crypto.merlin.file">
>>> >> + rampart/store.jks
>>> >> + </ramp:property>
>>> >> + <ramp:property
>>> >> +
>>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>>> >> + password
>>> >> + </ramp:property>
>>> >> + </ramp:crypto>
>>> >> + </ramp:encryptionCypto>
>>> >> + </ramp:RampartConfig>
>>> >> + </wsp:All>
>>> >> + </wsp:ExactlyOne>
>>> >> + </wsp:Policy>
>>> >> +
>>> >> +</service>
>>> >>
>>> >>
>>> >
>>> > ---------------------------------------------------------------------
>>> > To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>> > For additional commands, e-mail: java-dev-help@axis.apache.org
>>> >
>>>
>>>
>>>
>>> --
>>> Mobile : +94773330538
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>> For additional commands, e-mail: java-dev-help@axis.apache.org
>>>
>>
>>
>>
>> --
>> Sagara Gunathunga
>>
>> Blog - http://ssagara.blogspot.com
>> Web - http://people.apache.org/~sagara/
>> LinkedIn - http://www.linkedin.com/in/ssagara
>
>
>
> --
> Mobile : +94773330538
--
Mobile : +94773330538
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org
Re: svn commit: r1228870 - in /axis/axis2/java/rampart/trunk/modules:
rampart-core/src/main/java/org/apache/rampart/ rampart-integration/
rampart-integration/src/test/java/org/apache/rampart/ rampart-integration/src/test/resources/rampart/
rampart-in
Posted by Amila Jayasekara <am...@wso2.com>.
Hi Andreas,
I am unable to reproduce this issue in my local environment. I am
trying to force a build in Jenkins, but i am unable to find a link to
do it.
Can u pls let me know how to force a build ?
Thanks
AmilaJ
On Mon, Jan 9, 2012 at 5:57 PM, Sagara Gunathunga
<sa...@gmail.com> wrote:
> I just build latest trunk on my local machine successfully seems like issue
> with build server.
>
> Thanks !
>
> On Mon, Jan 9, 2012 at 5:27 PM, Amila Jayasekara <am...@wso2.com> wrote:
>>
>> Hi Andreas,
>>
>> In my local machine, all tests are passing. I am currently
>> investigating the cause for the test failure.
>>
>> Thanks
>> AmilaJ
>>
>> On Mon, Jan 9, 2012 at 1:46 PM, Andreas Veithen
>> <an...@gmail.com> wrote:
>> > That change causes a builds failure (see the mails from Jenkins). Can
>> > you please fix that?
>> >
>> > Andreas
>> >
>> > On Sun, Jan 8, 2012 at 16:34, <am...@apache.org> wrote:
>> >> Author: amilaj
>> >> Date: Sun Jan 8 15:34:56 2012
>> >> New Revision: 1228870
>> >>
>> >> URL: http://svn.apache.org/viewvc?rev=1228870&view=rev
>> >> Log:
>> >> Fixing issue RAMPART-269. Also added an integration test case
>> >>
>> >> Added:
>> >>
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>> >>
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>> >> Modified:
>> >>
>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>> >>
>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>> >>
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>> >>
>> >> Modified:
>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>> >> URL:
>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>> >>
>> >> ==============================================================================
>> >> ---
>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>> >> (original)
>> >> +++
>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>> >> Sun Jan 8 15:34:56 2012
>> >> @@ -311,6 +311,16 @@ public class RampartEngine {
>> >> }
>> >> } else if (WSConstants.SIGN == actInt.intValue()) {
>> >> X509Certificate cert = (X509Certificate)
>> >> wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
>> >> +
>> >> + if (rpd.isAsymmetricBinding() && cert == null &&
>> >> rpd.getInitiatorToken() != null
>> >> + && !rpd.getInitiatorToken().isDerivedKeys()) {
>> >> +
>> >> + // If symmetric binding is used, the certificate
>> >> should be null.
>> >> + // If certificate is not null then probably
>> >> initiator and
>> >> + // recipient are using 2 different bindings.
>> >> + throw new
>> >> RampartException("invalidSignatureAlgo");
>> >> + }
>> >> +
>> >> msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
>> >> }
>> >>
>> >>
>> >> Modified:
>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>> >> URL:
>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1228870&r1=1228869&r2=1228870&view=diff
>> >>
>> >> ==============================================================================
>> >> ---
>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>> >> (original)
>> >> +++
>> >> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>> >> Sun Jan 8 15:34:56 2012
>> >> @@ -99,4 +99,5 @@ invalidTransport = Expected transport is
>> >> requiredElementsMissing = Required Elements not found in the incoming
>> >> message : {0}
>> >> repeatingNonceValue = Nonce value : {0}, already seen before for user
>> >> name : {1}. Possibly this could be a replay attack.
>> >> invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart
>> >> configuration file.
>> >> -invalidIssuerAddress = Invalid value for Issuer
>> >> \ No newline at end of file
>> >> +invalidIssuerAddress = Invalid value for Issuer
>> >> +invalidSignatureAlgo=Invalid signature algorithm for Asymmetric
>> >> binding
>> >> \ No newline at end of file
>> >>
>> >> Modified:
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>> >> URL:
>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml?rev=1228870&r1=1228869&r2=1228870&view=diff
>> >>
>> >> ==============================================================================
>> >> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>> >> (original)
>> >> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>> >> Sun Jan 8 15:34:56 2012
>> >> @@ -273,6 +273,11 @@
>> >> <copy overwrite="yes"
>> >> file="src/test/resources/rampart/services-33.xml"
>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>> >> <jar
>> >> jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar"
>> >> basedir="target/temp-ramp" />
>> >>
>> >> + <!-- Service 34 -->
>> >> + <copy overwrite="yes"
>> >> file="src/test/resources/rampart/services-34.xml"
>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>> >> + <jar
>> >> jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar"
>> >> basedir="target/temp-ramp" />
>> >> +
>> >> +
>> >> <!-- Service SC-1 -->
>> >> <copy overwrite="yes"
>> >> file="src/test/resources/rampart/issuer.properties"
>> >> tofile="target/temp-ramp/issuer.properties" />
>> >> <copy overwrite="yes"
>> >> file="src/test/resources/rampart/services-sc-1.xml"
>> >> tofile="target/temp-ramp/META-INF/services.xml" />
>> >>
>> >> Modified:
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>> >> URL:
>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>> >>
>> >> ==============================================================================
>> >> ---
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>> >> (original)
>> >> +++
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>> >> Sun Jan 8 15:34:56 2012
>> >> @@ -36,11 +36,24 @@ import org.apache.axis2.integration.Util
>> >> import org.apache.neethi.Policy;
>> >> import org.apache.neethi.PolicyEngine;
>> >>
>> >> +import java.util.MissingResourceException;
>> >> +import java.util.ResourceBundle;
>> >> +
>> >>
>> >> public class RampartTest extends TestCase {
>> >>
>> >> public final static int PORT = UtilServer.TESTING_PORT;
>> >>
>> >> + private static ResourceBundle resources;
>> >> +
>> >> + static {
>> >> + try {
>> >> + resources =
>> >> ResourceBundle.getBundle("org.apache.rampart.errors");
>> >> + } catch (MissingResourceException e) {
>> >> + throw new RuntimeException(e.getMessage());
>> >> + }
>> >> + }
>> >> +
>> >> public RampartTest(String name) {
>> >> super(name);
>> >> }
>> >> @@ -83,7 +96,7 @@ public class RampartTest extends TestCas
>> >> "Unlimited Strength Jurisdiction Policy !!!");
>> >> }
>> >>
>> >> - for (int i = 1; i <= 33; i++) { //<-The number of tests we
>> >> have
>> >> + for (int i = 1; i <= 34; i++) { //<-The number of tests we
>> >> have
>> >> if(!basic256Supported && (i == 3 || i == 4 || i == 5))
>> >> {
>> >> //Skip the Basic256 tests
>> >> continue;
>> >> @@ -122,18 +135,32 @@ public class RampartTest extends TestCas
>> >> serviceClient.addHeader(header);
>> >> }
>> >>
>> >> - // Invoking the serive in the TestCase-28 should fail.
>> >> So handling it differently..
>> >> - if (i == 28) {
>> >> + // Invoking the service in the TestCase-28 should
>> >> fail. So handling it differently..
>> >> + if (i == 28 || i == 34) {
>> >> try {
>> >> +
>> >> //Blocking invocation
>> >> serviceClient.sendReceive(getOMElement());
>> >> - fail("Service Should throw an error..");
>> >> +
>> >> + String message = "";
>> >> +
>> >> + if (i == 34) {
>> >> + message = "Test case 34 should fail. We
>> >> are running the service in symmetric binding mode " +
>> >> + "and client in asymmetric
>> >> binding mode. Therefore test case 34 should fail.";
>> >> + }
>> >> +
>> >> + fail("Service Should throw an error - " +
>> >> message);
>> >>
>> >> } catch (AxisFault axisFault) {
>> >> - assertEquals("Expected encrypted part
>> >> missing", axisFault.getMessage());
>> >> +
>> >> + if (i == 28) {
>> >> +
>> >> assertEquals(resources.getString("encryptionMissing"),
>> >> axisFault.getMessage());
>> >> + } else if (i == 34) {
>> >> +
>> >> assertEquals(resources.getString("invalidSignatureAlgo"),
>> >> axisFault.getMessage());
>> >> + }
>> >> +
>> >> }
>> >> }
>> >> -
>> >> else{
>> >> //Blocking invocation
>> >> serviceClient.sendReceive(getEchoElement());
>> >>
>> >> Added:
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>> >> URL:
>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml?rev=1228870&view=auto
>> >>
>> >> ==============================================================================
>> >> ---
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>> >> (added)
>> >> +++
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>> >> Sun Jan 8 15:34:56 2012
>> >> @@ -0,0 +1,102 @@
>> >> +<?xml version="1.0" encoding="UTF-8"?>
>> >> +<!--
>> >> + !
>> >> + ! Copyright 2006 The Apache Software Foundation.
>> >> + !
>> >> + ! Licensed under the Apache License, Version 2.0 (the "License");
>> >> + ! you may not use this file except in compliance with the License.
>> >> + ! You may obtain a copy of the License at
>> >> + !
>> >> + ! http://www.apache.org/licenses/LICENSE-2.0
>> >> + !
>> >> + ! Unless required by applicable law or agreed to in writing, software
>> >> + ! distributed under the License is distributed on an "AS IS" BASIS,
>> >> + ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>> >> implied.
>> >> + ! See the License for the specific language governing permissions and
>> >> + ! limitations under the License.
>> >> + !-->
>> >> +
>> >> +<wsp:Policy wsu:Id="SigEncr"
>> >> +
>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>> >> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>> >> +
>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> >> + <wsp:ExactlyOne>
>> >> + <wsp:All>
>> >> + <sp:SymmetricBinding>
>> >> + <wsp:Policy>
>> >> + <sp:ProtectionToken>
>> >> + <wsp:Policy>
>> >> + <sp:X509Token
>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>> >> +
>> >> <wsp:Policy>
>> >> +
>> >> <sp:RequireThumbprintReference/>
>> >> +
>> >> <sp:WssX509V3Token10/>
>> >> +
>> >> </wsp:Policy>
>> >> +
>> >> </sp:X509Token>
>> >> + </wsp:Policy>
>> >> + </sp:ProtectionToken>
>> >> + <sp:AlgorithmSuite>
>> >> + <wsp:Policy>
>> >> + <sp:Basic256/>
>> >> + </wsp:Policy>
>> >> + </sp:AlgorithmSuite>
>> >> + <sp:Layout>
>> >> + <wsp:Policy>
>> >> + <sp:Lax/>
>> >> + </wsp:Policy>
>> >> + </sp:Layout>
>> >> + <sp:IncludeTimestamp/>
>> >> +
>> >> <sp:OnlySignEntireHeadersAndBody/>
>> >> + </wsp:Policy>
>> >> + </sp:SymmetricBinding>
>> >> + <sp:Wss10
>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> >> + <wsp:Policy>
>> >> + <sp:MustSupportRefKeyIdentifier/>
>> >> + <sp:MustSupportRefIssuerSerial/>
>> >> + </wsp:Policy>
>> >> + </sp:Wss10>
>> >> + <sp:SignedParts
>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> >> + <sp:Body/>
>> >> + </sp:SignedParts>
>> >> + <sp:EncryptedParts
>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> >> + <sp:Body/>
>> >> + </sp:EncryptedParts>
>> >> +
>> >> + <ramp:RampartConfig
>> >> xmlns:ramp="http://ws.apache.org/rampart/policy">
>> >> + <ramp:user>alice</ramp:user>
>> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>> >> +
>> >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>> >> + </ramp:passwordCallbackClass>
>> >> +
>> >> + <ramp:signatureCrypto>
>> >> + <ramp:crypto
>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>> >> + <ramp:property
>> >> +
>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>> >> + </ramp:property>
>> >> + <ramp:property
>> >> name="org.apache.ws.security.crypto.merlin.file">
>> >> + rampart/store.jks
>> >> + </ramp:property>
>> >> + <ramp:property
>> >> +
>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>> >> + password
>> >> + </ramp:property>
>> >> + </ramp:crypto>
>> >> + </ramp:signatureCrypto>
>> >> + <ramp:encryptionCypto>
>> >> + <ramp:crypto
>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>> >> + <ramp:property
>> >> +
>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>> >> + </ramp:property>
>> >> + <ramp:property
>> >> name="org.apache.ws.security.crypto.merlin.file">
>> >> + rampart/store.jks
>> >> + </ramp:property>
>> >> + <ramp:property
>> >> +
>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>> >> + password
>> >> + </ramp:property>
>> >> + </ramp:crypto>
>> >> + </ramp:encryptionCypto>
>> >> + </ramp:RampartConfig>
>> >> +
>> >> + </wsp:All>
>> >> + </wsp:ExactlyOne>
>> >> +</wsp:Policy>
>> >> \ No newline at end of file
>> >>
>> >> Added:
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>> >> URL:
>> >> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml?rev=1228870&view=auto
>> >>
>> >> ==============================================================================
>> >> ---
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>> >> (added)
>> >> +++
>> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>> >> Sun Jan 8 15:34:56 2012
>> >> @@ -0,0 +1,113 @@
>> >> +<service name="SecureService34">
>> >> +
>> >> + <module ref="addressing"/>
>> >> + <module ref="rampart"/>
>> >> +
>> >> + <parameter locked="false"
>> >> name="ServiceClass">org.apache.rampart.Service</parameter>
>> >> +
>> >> + <operation name="echo">
>> >> + <messageReceiver
>> >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>> >> + <actionMapping>urn:echo</actionMapping>
>> >> + </operation>
>> >> +
>> >> + <operation name="returnError">
>> >> + <messageReceiver
>> >> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>> >> + <actionMapping>urn:returnError</actionMapping>
>> >> + </operation>
>> >> +
>> >> + <wsp:Policy wsu:Id="SigEncr"
>> >> +
>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>> >> +
>> >> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>> >> + <wsp:ExactlyOne>
>> >> + <wsp:All>
>> >> + <sp:AsymmetricBinding
>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> >> + <wsp:Policy>
>> >> + <sp:InitiatorToken>
>> >> + <wsp:Policy>
>> >> + <sp:X509Token
>> >> +
>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
>> >> + <wsp:Policy>
>> >> +
>> >> <sp:RequireThumbprintReference/>
>> >> + <sp:WssX509V3Token10/>
>> >> + </wsp:Policy>
>> >> + </sp:X509Token>
>> >> + </wsp:Policy>
>> >> + </sp:InitiatorToken>
>> >> + <sp:RecipientToken>
>> >> + <wsp:Policy>
>> >> + <sp:X509Token
>> >> +
>> >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>> >> + <wsp:Policy>
>> >> +
>> >> <sp:RequireThumbprintReference/>
>> >> + <sp:WssX509V3Token10/>
>> >> + </wsp:Policy>
>> >> + </sp:X509Token>
>> >> + </wsp:Policy>
>> >> + </sp:RecipientToken>
>> >> + <sp:AlgorithmSuite>
>> >> + <wsp:Policy>
>> >> + <sp:TripleDesRsa15/>
>> >> + </wsp:Policy>
>> >> + </sp:AlgorithmSuite>
>> >> + <sp:Layout>
>> >> + <wsp:Policy>
>> >> + <sp:Strict/>
>> >> + </wsp:Policy>
>> >> + </sp:Layout>
>> >> + <sp:IncludeTimestamp/>
>> >> + <sp:OnlySignEntireHeadersAndBody/>
>> >> + </wsp:Policy>
>> >> + </sp:AsymmetricBinding>
>> >> + <sp:Wss10
>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> >> + <wsp:Policy>
>> >> + <sp:MustSupportRefKeyIdentifier/>
>> >> + <sp:MustSupportRefIssuerSerial/>
>> >> + </wsp:Policy>
>> >> + </sp:Wss10>
>> >> + <sp:SignedParts
>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> >> + <sp:Body/>
>> >> + </sp:SignedParts>
>> >> + <sp:EncryptedParts
>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> >> + <sp:Body/>
>> >> + </sp:EncryptedParts>
>> >> +
>> >> + <ramp:RampartConfig
>> >> xmlns:ramp="http://ws.apache.org/rampart/policy">
>> >> + <ramp:user>alice</ramp:user>
>> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>> >> +
>> >> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>> >> + </ramp:passwordCallbackClass>
>> >> +
>> >> + <ramp:signatureCrypto>
>> >> + <ramp:crypto
>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>> >> + <ramp:property
>> >> +
>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>> >> + </ramp:property>
>> >> + <ramp:property
>> >> name="org.apache.ws.security.crypto.merlin.file">
>> >> + rampart/store.jks
>> >> + </ramp:property>
>> >> + <ramp:property
>> >> +
>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>> >> + password
>> >> + </ramp:property>
>> >> + </ramp:crypto>
>> >> + </ramp:signatureCrypto>
>> >> + <ramp:encryptionCypto>
>> >> + <ramp:crypto
>> >> provider="org.apache.ws.security.components.crypto.Merlin">
>> >> + <ramp:property
>> >> +
>> >> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>> >> + </ramp:property>
>> >> + <ramp:property
>> >> name="org.apache.ws.security.crypto.merlin.file">
>> >> + rampart/store.jks
>> >> + </ramp:property>
>> >> + <ramp:property
>> >> +
>> >> name="org.apache.ws.security.crypto.merlin.keystore.password">
>> >> + password
>> >> + </ramp:property>
>> >> + </ramp:crypto>
>> >> + </ramp:encryptionCypto>
>> >> + </ramp:RampartConfig>
>> >> + </wsp:All>
>> >> + </wsp:ExactlyOne>
>> >> + </wsp:Policy>
>> >> +
>> >> +</service>
>> >>
>> >>
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>> > For additional commands, e-mail: java-dev-help@axis.apache.org
>> >
>>
>>
>>
>> --
>> Mobile : +94773330538
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>> For additional commands, e-mail: java-dev-help@axis.apache.org
>>
>
>
>
> --
> Sagara Gunathunga
>
> Blog - http://ssagara.blogspot.com
> Web - http://people.apache.org/~sagara/
> LinkedIn - http://www.linkedin.com/in/ssagara
--
Mobile : +94773330538
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org
Re: svn commit: r1228870 - in /axis/axis2/java/rampart/trunk/modules:
rampart-core/src/main/java/org/apache/rampart/ rampart-integration/
rampart-integration/src/test/java/org/apache/rampart/ rampart-integration/src/test/resources/rampart/
rampart-in
Posted by Sagara Gunathunga <sa...@gmail.com>.
I just build latest trunk on my local machine successfully seems like issue
with build server.
Thanks !
On Mon, Jan 9, 2012 at 5:27 PM, Amila Jayasekara <am...@wso2.com> wrote:
> Hi Andreas,
>
> In my local machine, all tests are passing. I am currently
> investigating the cause for the test failure.
>
> Thanks
> AmilaJ
>
> On Mon, Jan 9, 2012 at 1:46 PM, Andreas Veithen
> <an...@gmail.com> wrote:
> > That change causes a builds failure (see the mails from Jenkins). Can
> > you please fix that?
> >
> > Andreas
> >
> > On Sun, Jan 8, 2012 at 16:34, <am...@apache.org> wrote:
> >> Author: amilaj
> >> Date: Sun Jan 8 15:34:56 2012
> >> New Revision: 1228870
> >>
> >> URL: http://svn.apache.org/viewvc?rev=1228870&view=rev
> >> Log:
> >> Fixing issue RAMPART-269. Also added an integration test case
> >>
> >> Added:
> >>
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
> >>
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
> >> Modified:
> >>
> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
> >>
> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
> >> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
> >>
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
> >>
> >> Modified:
> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
> >> URL:
> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1228870&r1=1228869&r2=1228870&view=diff
> >>
> ==============================================================================
> >> ---
> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
> (original)
> >> +++
> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
> Sun Jan 8 15:34:56 2012
> >> @@ -311,6 +311,16 @@ public class RampartEngine {
> >> }
> >> } else if (WSConstants.SIGN == actInt.intValue()) {
> >> X509Certificate cert = (X509Certificate)
> wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
> >> +
> >> + if (rpd.isAsymmetricBinding() && cert == null &&
> rpd.getInitiatorToken() != null
> >> + && !rpd.getInitiatorToken().isDerivedKeys()) {
> >> +
> >> + // If symmetric binding is used, the certificate
> should be null.
> >> + // If certificate is not null then probably
> initiator and
> >> + // recipient are using 2 different bindings.
> >> + throw new RampartException("invalidSignatureAlgo");
> >> + }
> >> +
> >> msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
> >> }
> >>
> >>
> >> Modified:
> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
> >> URL:
> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1228870&r1=1228869&r2=1228870&view=diff
> >>
> ==============================================================================
> >> ---
> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
> (original)
> >> +++
> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
> Sun Jan 8 15:34:56 2012
> >> @@ -99,4 +99,5 @@ invalidTransport = Expected transport is
> >> requiredElementsMissing = Required Elements not found in the incoming
> message : {0}
> >> repeatingNonceValue = Nonce value : {0}, already seen before for user
> name : {1}. Possibly this could be a replay attack.
> >> invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart
> configuration file.
> >> -invalidIssuerAddress = Invalid value for Issuer
> >> \ No newline at end of file
> >> +invalidIssuerAddress = Invalid value for Issuer
> >> +invalidSignatureAlgo=Invalid signature algorithm for Asymmetric binding
> >> \ No newline at end of file
> >>
> >> Modified:
> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
> >> URL:
> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml?rev=1228870&r1=1228869&r2=1228870&view=diff
> >>
> ==============================================================================
> >> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
> (original)
> >> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
> Sun Jan 8 15:34:56 2012
> >> @@ -273,6 +273,11 @@
> >> <copy overwrite="yes"
> file="src/test/resources/rampart/services-33.xml"
> tofile="target/temp-ramp/META-INF/services.xml" />
> >> <jar
> jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar"
> basedir="target/temp-ramp" />
> >>
> >> + <!-- Service 34 -->
> >> + <copy overwrite="yes"
> file="src/test/resources/rampart/services-34.xml"
> tofile="target/temp-ramp/META-INF/services.xml" />
> >> + <jar
> jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar"
> basedir="target/temp-ramp" />
> >> +
> >> +
> >> <!-- Service SC-1 -->
> >> <copy overwrite="yes"
> file="src/test/resources/rampart/issuer.properties"
> tofile="target/temp-ramp/issuer.properties" />
> >> <copy overwrite="yes"
> file="src/test/resources/rampart/services-sc-1.xml"
> tofile="target/temp-ramp/META-INF/services.xml" />
> >>
> >> Modified:
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
> >> URL:
> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=1228870&r1=1228869&r2=1228870&view=diff
> >>
> ==============================================================================
> >> ---
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
> (original)
> >> +++
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
> Sun Jan 8 15:34:56 2012
> >> @@ -36,11 +36,24 @@ import org.apache.axis2.integration.Util
> >> import org.apache.neethi.Policy;
> >> import org.apache.neethi.PolicyEngine;
> >>
> >> +import java.util.MissingResourceException;
> >> +import java.util.ResourceBundle;
> >> +
> >>
> >> public class RampartTest extends TestCase {
> >>
> >> public final static int PORT = UtilServer.TESTING_PORT;
> >>
> >> + private static ResourceBundle resources;
> >> +
> >> + static {
> >> + try {
> >> + resources =
> ResourceBundle.getBundle("org.apache.rampart.errors");
> >> + } catch (MissingResourceException e) {
> >> + throw new RuntimeException(e.getMessage());
> >> + }
> >> + }
> >> +
> >> public RampartTest(String name) {
> >> super(name);
> >> }
> >> @@ -83,7 +96,7 @@ public class RampartTest extends TestCas
> >> "Unlimited Strength Jurisdiction Policy !!!");
> >> }
> >>
> >> - for (int i = 1; i <= 33; i++) { //<-The number of tests we
> have
> >> + for (int i = 1; i <= 34; i++) { //<-The number of tests we
> have
> >> if(!basic256Supported && (i == 3 || i == 4 || i == 5)) {
> >> //Skip the Basic256 tests
> >> continue;
> >> @@ -122,18 +135,32 @@ public class RampartTest extends TestCas
> >> serviceClient.addHeader(header);
> >> }
> >>
> >> - // Invoking the serive in the TestCase-28 should fail.
> So handling it differently..
> >> - if (i == 28) {
> >> + // Invoking the service in the TestCase-28 should
> fail. So handling it differently..
> >> + if (i == 28 || i == 34) {
> >> try {
> >> +
> >> //Blocking invocation
> >> serviceClient.sendReceive(getOMElement());
> >> - fail("Service Should throw an error..");
> >> +
> >> + String message = "";
> >> +
> >> + if (i == 34) {
> >> + message = "Test case 34 should fail. We
> are running the service in symmetric binding mode " +
> >> + "and client in asymmetric
> binding mode. Therefore test case 34 should fail.";
> >> + }
> >> +
> >> + fail("Service Should throw an error - " +
> message);
> >>
> >> } catch (AxisFault axisFault) {
> >> - assertEquals("Expected encrypted part
> missing", axisFault.getMessage());
> >> +
> >> + if (i == 28) {
> >> +
> assertEquals(resources.getString("encryptionMissing"),
> axisFault.getMessage());
> >> + } else if (i == 34) {
> >> +
> assertEquals(resources.getString("invalidSignatureAlgo"),
> axisFault.getMessage());
> >> + }
> >> +
> >> }
> >> }
> >> -
> >> else{
> >> //Blocking invocation
> >> serviceClient.sendReceive(getEchoElement());
> >>
> >> Added:
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
> >> URL:
> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml?rev=1228870&view=auto
> >>
> ==============================================================================
> >> ---
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
> (added)
> >> +++
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
> Sun Jan 8 15:34:56 2012
> >> @@ -0,0 +1,102 @@
> >> +<?xml version="1.0" encoding="UTF-8"?>
> >> +<!--
> >> + !
> >> + ! Copyright 2006 The Apache Software Foundation.
> >> + !
> >> + ! Licensed under the Apache License, Version 2.0 (the "License");
> >> + ! you may not use this file except in compliance with the License.
> >> + ! You may obtain a copy of the License at
> >> + !
> >> + ! http://www.apache.org/licenses/LICENSE-2.0
> >> + !
> >> + ! Unless required by applicable law or agreed to in writing, software
> >> + ! distributed under the License is distributed on an "AS IS" BASIS,
> >> + ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
> implied.
> >> + ! See the License for the specific language governing permissions and
> >> + ! limitations under the License.
> >> + !-->
> >> +
> >> +<wsp:Policy wsu:Id="SigEncr"
> >> + xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> >> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> >> + xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> >> + <wsp:ExactlyOne>
> >> + <wsp:All>
> >> + <sp:SymmetricBinding>
> >> + <wsp:Policy>
> >> + <sp:ProtectionToken>
> >> + <wsp:Policy>
> >> + <sp:X509Token
> sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> >> +
> <wsp:Policy>
> >> +
> <sp:RequireThumbprintReference/>
> >> +
> <sp:WssX509V3Token10/>
> >> +
> </wsp:Policy>
> >> + </sp:X509Token>
> >> + </wsp:Policy>
> >> + </sp:ProtectionToken>
> >> + <sp:AlgorithmSuite>
> >> + <wsp:Policy>
> >> + <sp:Basic256/>
> >> + </wsp:Policy>
> >> + </sp:AlgorithmSuite>
> >> + <sp:Layout>
> >> + <wsp:Policy>
> >> + <sp:Lax/>
> >> + </wsp:Policy>
> >> + </sp:Layout>
> >> + <sp:IncludeTimestamp/>
> >> +
> <sp:OnlySignEntireHeadersAndBody/>
> >> + </wsp:Policy>
> >> + </sp:SymmetricBinding>
> >> + <sp:Wss10 xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> >> + <wsp:Policy>
> >> + <sp:MustSupportRefKeyIdentifier/>
> >> + <sp:MustSupportRefIssuerSerial/>
> >> + </wsp:Policy>
> >> + </sp:Wss10>
> >> + <sp:SignedParts xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> >> + <sp:Body/>
> >> + </sp:SignedParts>
> >> + <sp:EncryptedParts xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> >> + <sp:Body/>
> >> + </sp:EncryptedParts>
> >> +
> >> + <ramp:RampartConfig xmlns:ramp="
> http://ws.apache.org/rampart/policy">
> >> + <ramp:user>alice</ramp:user>
> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
> >> +
> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
> >> + </ramp:passwordCallbackClass>
> >> +
> >> + <ramp:signatureCrypto>
> >> + <ramp:crypto
> provider="org.apache.ws.security.components.crypto.Merlin">
> >> + <ramp:property
> >> +
> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
> >> + </ramp:property>
> >> + <ramp:property
> name="org.apache.ws.security.crypto.merlin.file">
> >> + rampart/store.jks
> >> + </ramp:property>
> >> + <ramp:property
> >> +
> name="org.apache.ws.security.crypto.merlin.keystore.password">
> >> + password
> >> + </ramp:property>
> >> + </ramp:crypto>
> >> + </ramp:signatureCrypto>
> >> + <ramp:encryptionCypto>
> >> + <ramp:crypto
> provider="org.apache.ws.security.components.crypto.Merlin">
> >> + <ramp:property
> >> +
> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
> >> + </ramp:property>
> >> + <ramp:property
> name="org.apache.ws.security.crypto.merlin.file">
> >> + rampart/store.jks
> >> + </ramp:property>
> >> + <ramp:property
> >> +
> name="org.apache.ws.security.crypto.merlin.keystore.password">
> >> + password
> >> + </ramp:property>
> >> + </ramp:crypto>
> >> + </ramp:encryptionCypto>
> >> + </ramp:RampartConfig>
> >> +
> >> + </wsp:All>
> >> + </wsp:ExactlyOne>
> >> +</wsp:Policy>
> >> \ No newline at end of file
> >>
> >> Added:
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
> >> URL:
> http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml?rev=1228870&view=auto
> >>
> ==============================================================================
> >> ---
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
> (added)
> >> +++
> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
> Sun Jan 8 15:34:56 2012
> >> @@ -0,0 +1,113 @@
> >> +<service name="SecureService34">
> >> +
> >> + <module ref="addressing"/>
> >> + <module ref="rampart"/>
> >> +
> >> + <parameter locked="false"
> name="ServiceClass">org.apache.rampart.Service</parameter>
> >> +
> >> + <operation name="echo">
> >> + <messageReceiver
> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
> >> + <actionMapping>urn:echo</actionMapping>
> >> + </operation>
> >> +
> >> + <operation name="returnError">
> >> + <messageReceiver
> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
> >> + <actionMapping>urn:returnError</actionMapping>
> >> + </operation>
> >> +
> >> + <wsp:Policy wsu:Id="SigEncr"
> >> + xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> >> + xmlns:wsp="
> http://schemas.xmlsoap.org/ws/2004/09/policy">
> >> + <wsp:ExactlyOne>
> >> + <wsp:All>
> >> + <sp:AsymmetricBinding xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> >> + <wsp:Policy>
> >> + <sp:InitiatorToken>
> >> + <wsp:Policy>
> >> + <sp:X509Token
> >> + sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient
> ">
> >> + <wsp:Policy>
> >> +
> <sp:RequireThumbprintReference/>
> >> + <sp:WssX509V3Token10/>
> >> + </wsp:Policy>
> >> + </sp:X509Token>
> >> + </wsp:Policy>
> >> + </sp:InitiatorToken>
> >> + <sp:RecipientToken>
> >> + <wsp:Policy>
> >> + <sp:X509Token
> >> + sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> >> + <wsp:Policy>
> >> +
> <sp:RequireThumbprintReference/>
> >> + <sp:WssX509V3Token10/>
> >> + </wsp:Policy>
> >> + </sp:X509Token>
> >> + </wsp:Policy>
> >> + </sp:RecipientToken>
> >> + <sp:AlgorithmSuite>
> >> + <wsp:Policy>
> >> + <sp:TripleDesRsa15/>
> >> + </wsp:Policy>
> >> + </sp:AlgorithmSuite>
> >> + <sp:Layout>
> >> + <wsp:Policy>
> >> + <sp:Strict/>
> >> + </wsp:Policy>
> >> + </sp:Layout>
> >> + <sp:IncludeTimestamp/>
> >> + <sp:OnlySignEntireHeadersAndBody/>
> >> + </wsp:Policy>
> >> + </sp:AsymmetricBinding>
> >> + <sp:Wss10 xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> >> + <wsp:Policy>
> >> + <sp:MustSupportRefKeyIdentifier/>
> >> + <sp:MustSupportRefIssuerSerial/>
> >> + </wsp:Policy>
> >> + </sp:Wss10>
> >> + <sp:SignedParts xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> >> + <sp:Body/>
> >> + </sp:SignedParts>
> >> + <sp:EncryptedParts xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> >> + <sp:Body/>
> >> + </sp:EncryptedParts>
> >> +
> >> + <ramp:RampartConfig xmlns:ramp="
> http://ws.apache.org/rampart/policy">
> >> + <ramp:user>alice</ramp:user>
> >> + <ramp:encryptionUser>bob</ramp:encryptionUser>
> >> +
> <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
> >> + </ramp:passwordCallbackClass>
> >> +
> >> + <ramp:signatureCrypto>
> >> + <ramp:crypto
> provider="org.apache.ws.security.components.crypto.Merlin">
> >> + <ramp:property
> >> +
> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
> >> + </ramp:property>
> >> + <ramp:property
> name="org.apache.ws.security.crypto.merlin.file">
> >> + rampart/store.jks
> >> + </ramp:property>
> >> + <ramp:property
> >> +
> name="org.apache.ws.security.crypto.merlin.keystore.password">
> >> + password
> >> + </ramp:property>
> >> + </ramp:crypto>
> >> + </ramp:signatureCrypto>
> >> + <ramp:encryptionCypto>
> >> + <ramp:crypto
> provider="org.apache.ws.security.components.crypto.Merlin">
> >> + <ramp:property
> >> +
> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
> >> + </ramp:property>
> >> + <ramp:property
> name="org.apache.ws.security.crypto.merlin.file">
> >> + rampart/store.jks
> >> + </ramp:property>
> >> + <ramp:property
> >> +
> name="org.apache.ws.security.crypto.merlin.keystore.password">
> >> + password
> >> + </ramp:property>
> >> + </ramp:crypto>
> >> + </ramp:encryptionCypto>
> >> + </ramp:RampartConfig>
> >> + </wsp:All>
> >> + </wsp:ExactlyOne>
> >> + </wsp:Policy>
> >> +
> >> +</service>
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
> > For additional commands, e-mail: java-dev-help@axis.apache.org
> >
>
>
>
> --
> Mobile : +94773330538
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-dev-help@axis.apache.org
>
>
--
Sagara Gunathunga
Blog - http://ssagara.blogspot.com
Web - http://people.apache.org/~sagara/
LinkedIn - http://www.linkedin.com/in/ssagara
Re: svn commit: r1228870 - in /axis/axis2/java/rampart/trunk/modules:
rampart-core/src/main/java/org/apache/rampart/ rampart-integration/
rampart-integration/src/test/java/org/apache/rampart/ rampart-integration/src/test/resources/rampart/
rampart-in
Posted by Amila Jayasekara <am...@wso2.com>.
Hi Andreas,
In my local machine, all tests are passing. I am currently
investigating the cause for the test failure.
Thanks
AmilaJ
On Mon, Jan 9, 2012 at 1:46 PM, Andreas Veithen
<an...@gmail.com> wrote:
> That change causes a builds failure (see the mails from Jenkins). Can
> you please fix that?
>
> Andreas
>
> On Sun, Jan 8, 2012 at 16:34, <am...@apache.org> wrote:
>> Author: amilaj
>> Date: Sun Jan 8 15:34:56 2012
>> New Revision: 1228870
>>
>> URL: http://svn.apache.org/viewvc?rev=1228870&view=rev
>> Log:
>> Fixing issue RAMPART-269. Also added an integration test case
>>
>> Added:
>> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>> Modified:
>> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>> axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>> axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>> axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>>
>> Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
>> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>> ==============================================================================
>> --- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java (original)
>> +++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java Sun Jan 8 15:34:56 2012
>> @@ -311,6 +311,16 @@ public class RampartEngine {
>> }
>> } else if (WSConstants.SIGN == actInt.intValue()) {
>> X509Certificate cert = (X509Certificate) wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
>> +
>> + if (rpd.isAsymmetricBinding() && cert == null && rpd.getInitiatorToken() != null
>> + && !rpd.getInitiatorToken().isDerivedKeys()) {
>> +
>> + // If symmetric binding is used, the certificate should be null.
>> + // If certificate is not null then probably initiator and
>> + // recipient are using 2 different bindings.
>> + throw new RampartException("invalidSignatureAlgo");
>> + }
>> +
>> msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
>> }
>>
>>
>> Modified: axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
>> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1228870&r1=1228869&r2=1228870&view=diff
>> ==============================================================================
>> --- axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties (original)
>> +++ axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties Sun Jan 8 15:34:56 2012
>> @@ -99,4 +99,5 @@ invalidTransport = Expected transport is
>> requiredElementsMissing = Required Elements not found in the incoming message : {0}
>> repeatingNonceValue = Nonce value : {0}, already seen before for user name : {1}. Possibly this could be a replay attack.
>> invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart configuration file.
>> -invalidIssuerAddress = Invalid value for Issuer
>> \ No newline at end of file
>> +invalidIssuerAddress = Invalid value for Issuer
>> +invalidSignatureAlgo=Invalid signature algorithm for Asymmetric binding
>> \ No newline at end of file
>>
>> Modified: axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml
>> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml?rev=1228870&r1=1228869&r2=1228870&view=diff
>> ==============================================================================
>> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml (original)
>> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/pom.xml Sun Jan 8 15:34:56 2012
>> @@ -273,6 +273,11 @@
>> <copy overwrite="yes" file="src/test/resources/rampart/services-33.xml" tofile="target/temp-ramp/META-INF/services.xml" />
>> <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar" basedir="target/temp-ramp" />
>>
>> + <!-- Service 34 -->
>> + <copy overwrite="yes" file="src/test/resources/rampart/services-34.xml" tofile="target/temp-ramp/META-INF/services.xml" />
>> + <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar" basedir="target/temp-ramp" />
>> +
>> +
>> <!-- Service SC-1 -->
>> <copy overwrite="yes" file="src/test/resources/rampart/issuer.properties" tofile="target/temp-ramp/issuer.properties" />
>> <copy overwrite="yes" file="src/test/resources/rampart/services-sc-1.xml" tofile="target/temp-ramp/META-INF/services.xml" />
>>
>> Modified: axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
>> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=1228870&r1=1228869&r2=1228870&view=diff
>> ==============================================================================
>> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java (original)
>> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java Sun Jan 8 15:34:56 2012
>> @@ -36,11 +36,24 @@ import org.apache.axis2.integration.Util
>> import org.apache.neethi.Policy;
>> import org.apache.neethi.PolicyEngine;
>>
>> +import java.util.MissingResourceException;
>> +import java.util.ResourceBundle;
>> +
>>
>> public class RampartTest extends TestCase {
>>
>> public final static int PORT = UtilServer.TESTING_PORT;
>>
>> + private static ResourceBundle resources;
>> +
>> + static {
>> + try {
>> + resources = ResourceBundle.getBundle("org.apache.rampart.errors");
>> + } catch (MissingResourceException e) {
>> + throw new RuntimeException(e.getMessage());
>> + }
>> + }
>> +
>> public RampartTest(String name) {
>> super(name);
>> }
>> @@ -83,7 +96,7 @@ public class RampartTest extends TestCas
>> "Unlimited Strength Jurisdiction Policy !!!");
>> }
>>
>> - for (int i = 1; i <= 33; i++) { //<-The number of tests we have
>> + for (int i = 1; i <= 34; i++) { //<-The number of tests we have
>> if(!basic256Supported && (i == 3 || i == 4 || i == 5)) {
>> //Skip the Basic256 tests
>> continue;
>> @@ -122,18 +135,32 @@ public class RampartTest extends TestCas
>> serviceClient.addHeader(header);
>> }
>>
>> - // Invoking the serive in the TestCase-28 should fail. So handling it differently..
>> - if (i == 28) {
>> + // Invoking the service in the TestCase-28 should fail. So handling it differently..
>> + if (i == 28 || i == 34) {
>> try {
>> +
>> //Blocking invocation
>> serviceClient.sendReceive(getOMElement());
>> - fail("Service Should throw an error..");
>> +
>> + String message = "";
>> +
>> + if (i == 34) {
>> + message = "Test case 34 should fail. We are running the service in symmetric binding mode " +
>> + "and client in asymmetric binding mode. Therefore test case 34 should fail.";
>> + }
>> +
>> + fail("Service Should throw an error - " + message);
>>
>> } catch (AxisFault axisFault) {
>> - assertEquals("Expected encrypted part missing", axisFault.getMessage());
>> +
>> + if (i == 28) {
>> + assertEquals(resources.getString("encryptionMissing"), axisFault.getMessage());
>> + } else if (i == 34) {
>> + assertEquals(resources.getString("invalidSignatureAlgo"), axisFault.getMessage());
>> + }
>> +
>> }
>> }
>> -
>> else{
>> //Blocking invocation
>> serviceClient.sendReceive(getEchoElement());
>>
>> Added: axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
>> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml?rev=1228870&view=auto
>> ==============================================================================
>> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml (added)
>> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/policy/34.xml Sun Jan 8 15:34:56 2012
>> @@ -0,0 +1,102 @@
>> +<?xml version="1.0" encoding="UTF-8"?>
>> +<!--
>> + !
>> + ! Copyright 2006 The Apache Software Foundation.
>> + !
>> + ! Licensed under the Apache License, Version 2.0 (the "License");
>> + ! you may not use this file except in compliance with the License.
>> + ! You may obtain a copy of the License at
>> + !
>> + ! http://www.apache.org/licenses/LICENSE-2.0
>> + !
>> + ! Unless required by applicable law or agreed to in writing, software
>> + ! distributed under the License is distributed on an "AS IS" BASIS,
>> + ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
>> + ! See the License for the specific language governing permissions and
>> + ! limitations under the License.
>> + !-->
>> +
>> +<wsp:Policy wsu:Id="SigEncr"
>> + xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>> + xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> + <wsp:ExactlyOne>
>> + <wsp:All>
>> + <sp:SymmetricBinding>
>> + <wsp:Policy>
>> + <sp:ProtectionToken>
>> + <wsp:Policy>
>> + <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>> + <wsp:Policy>
>> + <sp:RequireThumbprintReference/>
>> + <sp:WssX509V3Token10/>
>> + </wsp:Policy>
>> + </sp:X509Token>
>> + </wsp:Policy>
>> + </sp:ProtectionToken>
>> + <sp:AlgorithmSuite>
>> + <wsp:Policy>
>> + <sp:Basic256/>
>> + </wsp:Policy>
>> + </sp:AlgorithmSuite>
>> + <sp:Layout>
>> + <wsp:Policy>
>> + <sp:Lax/>
>> + </wsp:Policy>
>> + </sp:Layout>
>> + <sp:IncludeTimestamp/>
>> + <sp:OnlySignEntireHeadersAndBody/>
>> + </wsp:Policy>
>> + </sp:SymmetricBinding>
>> + <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> + <wsp:Policy>
>> + <sp:MustSupportRefKeyIdentifier/>
>> + <sp:MustSupportRefIssuerSerial/>
>> + </wsp:Policy>
>> + </sp:Wss10>
>> + <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> + <sp:Body/>
>> + </sp:SignedParts>
>> + <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> + <sp:Body/>
>> + </sp:EncryptedParts>
>> +
>> + <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
>> + <ramp:user>alice</ramp:user>
>> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>> + <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>> + </ramp:passwordCallbackClass>
>> +
>> + <ramp:signatureCrypto>
>> + <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
>> + <ramp:property
>> + name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>> + </ramp:property>
>> + <ramp:property name="org.apache.ws.security.crypto.merlin.file">
>> + rampart/store.jks
>> + </ramp:property>
>> + <ramp:property
>> + name="org.apache.ws.security.crypto.merlin.keystore.password">
>> + password
>> + </ramp:property>
>> + </ramp:crypto>
>> + </ramp:signatureCrypto>
>> + <ramp:encryptionCypto>
>> + <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
>> + <ramp:property
>> + name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>> + </ramp:property>
>> + <ramp:property name="org.apache.ws.security.crypto.merlin.file">
>> + rampart/store.jks
>> + </ramp:property>
>> + <ramp:property
>> + name="org.apache.ws.security.crypto.merlin.keystore.password">
>> + password
>> + </ramp:property>
>> + </ramp:crypto>
>> + </ramp:encryptionCypto>
>> + </ramp:RampartConfig>
>> +
>> + </wsp:All>
>> + </wsp:ExactlyOne>
>> +</wsp:Policy>
>> \ No newline at end of file
>>
>> Added: axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml
>> URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml?rev=1228870&view=auto
>> ==============================================================================
>> --- axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml (added)
>> +++ axis/axis2/java/rampart/trunk/modules/rampart-integration/src/test/resources/rampart/services-34.xml Sun Jan 8 15:34:56 2012
>> @@ -0,0 +1,113 @@
>> +<service name="SecureService34">
>> +
>> + <module ref="addressing"/>
>> + <module ref="rampart"/>
>> +
>> + <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
>> +
>> + <operation name="echo">
>> + <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>> + <actionMapping>urn:echo</actionMapping>
>> + </operation>
>> +
>> + <operation name="returnError">
>> + <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>> + <actionMapping>urn:returnError</actionMapping>
>> + </operation>
>> +
>> + <wsp:Policy wsu:Id="SigEncr"
>> + xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>> + xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>> + <wsp:ExactlyOne>
>> + <wsp:All>
>> + <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> + <wsp:Policy>
>> + <sp:InitiatorToken>
>> + <wsp:Policy>
>> + <sp:X509Token
>> + sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
>> + <wsp:Policy>
>> + <sp:RequireThumbprintReference/>
>> + <sp:WssX509V3Token10/>
>> + </wsp:Policy>
>> + </sp:X509Token>
>> + </wsp:Policy>
>> + </sp:InitiatorToken>
>> + <sp:RecipientToken>
>> + <wsp:Policy>
>> + <sp:X509Token
>> + sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
>> + <wsp:Policy>
>> + <sp:RequireThumbprintReference/>
>> + <sp:WssX509V3Token10/>
>> + </wsp:Policy>
>> + </sp:X509Token>
>> + </wsp:Policy>
>> + </sp:RecipientToken>
>> + <sp:AlgorithmSuite>
>> + <wsp:Policy>
>> + <sp:TripleDesRsa15/>
>> + </wsp:Policy>
>> + </sp:AlgorithmSuite>
>> + <sp:Layout>
>> + <wsp:Policy>
>> + <sp:Strict/>
>> + </wsp:Policy>
>> + </sp:Layout>
>> + <sp:IncludeTimestamp/>
>> + <sp:OnlySignEntireHeadersAndBody/>
>> + </wsp:Policy>
>> + </sp:AsymmetricBinding>
>> + <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> + <wsp:Policy>
>> + <sp:MustSupportRefKeyIdentifier/>
>> + <sp:MustSupportRefIssuerSerial/>
>> + </wsp:Policy>
>> + </sp:Wss10>
>> + <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> + <sp:Body/>
>> + </sp:SignedParts>
>> + <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>> + <sp:Body/>
>> + </sp:EncryptedParts>
>> +
>> + <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
>> + <ramp:user>alice</ramp:user>
>> + <ramp:encryptionUser>bob</ramp:encryptionUser>
>> + <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
>> + </ramp:passwordCallbackClass>
>> +
>> + <ramp:signatureCrypto>
>> + <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
>> + <ramp:property
>> + name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>> + </ramp:property>
>> + <ramp:property name="org.apache.ws.security.crypto.merlin.file">
>> + rampart/store.jks
>> + </ramp:property>
>> + <ramp:property
>> + name="org.apache.ws.security.crypto.merlin.keystore.password">
>> + password
>> + </ramp:property>
>> + </ramp:crypto>
>> + </ramp:signatureCrypto>
>> + <ramp:encryptionCypto>
>> + <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
>> + <ramp:property
>> + name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
>> + </ramp:property>
>> + <ramp:property name="org.apache.ws.security.crypto.merlin.file">
>> + rampart/store.jks
>> + </ramp:property>
>> + <ramp:property
>> + name="org.apache.ws.security.crypto.merlin.keystore.password">
>> + password
>> + </ramp:property>
>> + </ramp:crypto>
>> + </ramp:encryptionCypto>
>> + </ramp:RampartConfig>
>> + </wsp:All>
>> + </wsp:ExactlyOne>
>> + </wsp:Policy>
>> +
>> +</service>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-dev-help@axis.apache.org
>
--
Mobile : +94773330538
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org