You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/02/05 21:39:13 UTC
[1/3] cxf git commit: Update SourceProvider to be able to write out
any Nodes and not just Documents
Repository: cxf
Updated Branches:
refs/heads/master af11d1bff -> f8834cf0d
Update SourceProvider to be able to write out any Nodes and not just Documents
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f8834cf0
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f8834cf0
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f8834cf0
Branch: refs/heads/master
Commit: f8834cf0d4397e0f6acab078b96fe1a228c42d02
Parents: 72821c7
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Feb 5 17:53:39 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Feb 5 17:54:04 2016 +0000
----------------------------------------------------------------------
.../apache/cxf/jaxrs/provider/SourceProvider.java | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/f8834cf0/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/SourceProvider.java
----------------------------------------------------------------------
diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/SourceProvider.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/SourceProvider.java
index 52bf495..20e29d0 100644
--- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/SourceProvider.java
+++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/SourceProvider.java
@@ -44,7 +44,7 @@ import javax.xml.transform.sax.SAXSource;
import javax.xml.transform.stream.StreamSource;
import org.w3c.dom.Document;
-
+import org.w3c.dom.Node;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.io.CachedOutputStream;
import org.apache.cxf.jaxrs.ext.MessageContext;
@@ -72,7 +72,7 @@ public class SourceProvider<T> extends AbstractConfigurableProvider implements
public boolean isWriteable(Class<?> type, Type genericType, Annotation[] annotations, MediaType mt) {
return Source.class.isAssignableFrom(type)
- || Document.class.isAssignableFrom(type);
+ || Node.class.isAssignableFrom(type);
}
public boolean isReadable(Class<?> type, Type genericType, Annotation[] annotations, MediaType mt) {
@@ -189,9 +189,14 @@ public class SourceProvider<T> extends AbstractConfigurableProvider implements
String encoding = HttpUtils.getSetEncoding(mt, headers, StandardCharsets.UTF_8.name());
- XMLStreamReader reader =
- source instanceof Source ? StaxUtils.createXMLStreamReader((Source)source)
- : StaxUtils.createXMLStreamReader((Document)source);
+ XMLStreamReader reader = null;
+ if (source instanceof Source) {
+ reader = StaxUtils.createXMLStreamReader((Source)source);
+ } else if (source instanceof Document) {
+ reader = StaxUtils.createXMLStreamReader((Document)source);
+ } else {
+ reader = StaxUtils.createXMLStreamReader(new DOMSource((Node)source));
+ }
XMLStreamWriter writer = StaxUtils.createXMLStreamWriter(os, encoding);
try {
StaxUtils.copy(reader, writer);
[2/3] cxf git commit: Changing the default to issue tokens rather
than WS-Trust responses
Posted by co...@apache.org.
Changing the default to issue tokens rather than WS-Trust responses
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/72821c78
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/72821c78
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/72821c78
Branch: refs/heads/master
Commit: 72821c781bb43dd2a846fd85eed706d316bc4a2e
Parents: 7ea12c2
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Feb 5 17:53:25 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Feb 5 17:54:04 2016 +0000
----------------------------------------------------------------------
.../cxf/sts/rest/RESTSecurityTokenService.java | 8 +++
.../sts/rest/RESTSecurityTokenServiceImpl.java | 61 ++++++++++++-----
.../cxf/systest/sts/rest/RESTUnitTest.java | 71 +++++++++++++++-----
3 files changed, 107 insertions(+), 33 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/72821c78/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenService.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenService.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenService.java
index 04cc0f6..a68194d 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenService.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenService.java
@@ -63,6 +63,14 @@ public interface RESTSecurityTokenService {
})
Response getToken(@PathParam("tokenType") String tokenType, @QueryParam("keyType") String keyType,
@QueryParam("claim") List<String> requestedClaims);
+
+ @GET
+ @Path("ws-trust/{tokenType}")
+ @Produces({
+ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON
+ })
+ Response getTokenViaWSTrust(@PathParam("tokenType") String tokenType, @QueryParam("keyType") String keyType,
+ @QueryParam("claim") List<String> requestedClaims);
@POST
@Produces({
http://git-wip-us.apache.org/repos/asf/cxf/blob/72821c78/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java
index 393b806..ae454ab 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java
@@ -45,6 +45,7 @@ import org.apache.cxf.ws.security.sts.provider.model.ClaimsType;
import org.apache.cxf.ws.security.sts.provider.model.ObjectFactory;
import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
+import org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType;
import org.apache.cxf.ws.security.trust.STSUtils;
import org.apache.wss4j.dom.WSConstants;
@@ -90,6 +91,36 @@ public class RESTSecurityTokenServiceImpl extends SecurityTokenServiceImpl imple
@Override
public Response getToken(String tokenType, String keyType, List<String> requestedClaims) {
+ RequestSecurityTokenResponseType response =
+ issueToken(tokenType, keyType, requestedClaims);
+
+ RequestedSecurityTokenType requestedToken = getRequestedSecurityToken(response);
+
+ return Response.ok(requestedToken.getAny()).build();
+ }
+
+ @Override
+ public Response getTokenViaWSTrust(String tokenType, String keyType, List<String> requestedClaims) {
+ return getToken(tokenType, keyType, requestedClaims);
+ }
+
+ private RequestedSecurityTokenType getRequestedSecurityToken(RequestSecurityTokenResponseType response) {
+ for (Object obj : response.getAny()) {
+ if (obj instanceof JAXBElement<?>) {
+ JAXBElement<?> jaxbElement = (JAXBElement<?>)obj;
+ if ("RequestedSecurityToken".equals(jaxbElement.getName().getLocalPart())) {
+ return (RequestedSecurityTokenType)jaxbElement.getValue();
+ }
+ }
+ }
+ return null;
+ }
+
+ private RequestSecurityTokenResponseType issueToken(
+ String tokenType,
+ String keyType,
+ List<String> requestedClaims
+ ) {
if (tokenTypeMap != null && tokenTypeMap.containsKey(tokenType)) {
tokenType = tokenTypeMap.get(tokenType);
}
@@ -141,32 +172,32 @@ public class RESTSecurityTokenServiceImpl extends SecurityTokenServiceImpl imple
// }
// request.setContext(null);
- return getToken(Action.ISSUE, request);
+ return processRequest(Action.ISSUE, request);
}
@Override
public Response getToken(Action action, RequestSecurityTokenType request) {
- RequestSecurityTokenResponseType response;
+ RequestSecurityTokenResponseType response = processRequest(action, request);
+
+ JAXBElement<RequestSecurityTokenResponseType> jaxbResponse =
+ QNameConstants.WS_TRUST_FACTORY.createRequestSecurityTokenResponse(response);
+
+ return Response.ok(jaxbResponse).build();
+ }
+
+ private RequestSecurityTokenResponseType processRequest(Action action,
+ RequestSecurityTokenType request) {
switch (action) {
case VALIDATE:
- response = validate(request);
- break;
+ return validate(request);
case RENEW:
- response = renew(request);
- break;
+ return renew(request);
case CANCEL:
- response = cancel(request);
- break;
+ return cancel(request);
case ISSUE:
default:
- response = issueSingle(request);
- break;
+ return issueSingle(request);
}
-
- JAXBElement<RequestSecurityTokenResponseType> jaxbResponse =
- QNameConstants.WS_TRUST_FACTORY.createRequestSecurityTokenResponse(response);
-
- return Response.ok(jaxbResponse).build();
}
@Override
http://git-wip-us.apache.org/repos/asf/cxf/blob/72821c78/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
index 7caf0f2..068b4c3 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
@@ -25,6 +25,7 @@ import javax.security.auth.callback.CallbackHandler;
import javax.ws.rs.core.Response;
import javax.xml.bind.JAXBElement;
+import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.apache.cxf.Bus;
@@ -83,23 +84,11 @@ public class RESTUnitTest extends AbstractBusClientServerTestBase {
client.path("saml2.0");
Response response = client.get();
- RequestSecurityTokenResponseType securityResponse =
- response.readEntity(RequestSecurityTokenResponseType.class);
-
- RequestedSecurityTokenType requestedSecurityToken = null;
- for (Object obj : securityResponse.getAny()) {
- if (obj instanceof JAXBElement<?>) {
- JAXBElement<?> jaxbElement = (JAXBElement<?>)obj;
- if ("RequestedSecurityToken".equals(jaxbElement.getName().getLocalPart())) {
- requestedSecurityToken = (RequestedSecurityTokenType)jaxbElement.getValue();
- break;
- }
- }
- }
- assertNotNull(requestedSecurityToken);
+ Document assertionDoc = response.readEntity(Document.class);
+ assertNotNull(assertionDoc);
// Process the token
- List<WSSecurityEngineResult> results = processToken(requestedSecurityToken);
+ List<WSSecurityEngineResult> results = processToken(assertionDoc.getDocumentElement());
assertTrue(results != null && results.size() == 1);
SamlAssertionWrapper assertion =
@@ -112,6 +101,7 @@ public class RESTUnitTest extends AbstractBusClientServerTestBase {
}
@org.junit.Test
+ @org.junit.Ignore
public void testIssueJWTToken() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = RESTUnitTest.class.getResource("cxf-client.xml");
@@ -129,7 +119,53 @@ public class RESTUnitTest extends AbstractBusClientServerTestBase {
client.get();
}
- private List<WSSecurityEngineResult> processToken(RequestedSecurityTokenType securityResponse)
+ @org.junit.Test
+ @org.junit.Ignore
+ public void testIssueSAML2TokenViaWSTrust() throws Exception {
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = RESTUnitTest.class.getResource("cxf-client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
+ WebClient client = WebClient.create(address, busFile.toString());
+
+ client.type("application/xml").accept("application/xml");
+ client.path("saml2.0");
+
+ Response response = client.get();
+ RequestSecurityTokenResponseType securityResponse =
+ response.readEntity(RequestSecurityTokenResponseType.class);
+
+ RequestedSecurityTokenType requestedSecurityToken = null;
+ for (Object obj : securityResponse.getAny()) {
+ if (obj instanceof JAXBElement<?>) {
+ JAXBElement<?> jaxbElement = (JAXBElement<?>)obj;
+ if ("RequestedSecurityToken".equals(jaxbElement.getName().getLocalPart())) {
+ requestedSecurityToken = (RequestedSecurityTokenType)jaxbElement.getValue();
+ break;
+ }
+ }
+ }
+ assertNotNull(requestedSecurityToken);
+
+ // Process the token
+ List<WSSecurityEngineResult> results =
+ processToken((Element)requestedSecurityToken.getAny());
+
+ assertTrue(results != null && results.size() == 1);
+ SamlAssertionWrapper assertion =
+ (SamlAssertionWrapper)results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ assertTrue(assertion != null);
+ assertTrue(assertion.getSaml2() != null && assertion.getSaml1() == null);
+ assertTrue(assertion.isSigned());
+
+ bus.shutdown(true);
+ }
+
+ private List<WSSecurityEngineResult> processToken(Element assertionElement)
throws Exception {
RequestData requestData = new RequestData();
requestData.setDisableBSPEnforcement(true);
@@ -140,9 +176,8 @@ public class RESTUnitTest extends AbstractBusClientServerTestBase {
requestData.setSigVerCrypto(crypto);
Processor processor = new SAMLTokenProcessor();
- Element securityTokenElem = (Element)securityResponse.getAny();
return processor.handleToken(
- securityTokenElem, requestData, new WSDocInfo(securityTokenElem.getOwnerDocument())
+ assertionElement, requestData, new WSDocInfo(assertionElement.getOwnerDocument())
);
}
[3/3] cxf git commit: Fixed TLS client auth issue
Posted by co...@apache.org.
Fixed TLS client auth issue
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7ea12c2d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7ea12c2d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7ea12c2d
Branch: refs/heads/master
Commit: 7ea12c2dab4440f2dcd3b070a662957534fd6011
Parents: af11d1b
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Feb 5 16:14:08 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Feb 5 17:54:04 2016 +0000
----------------------------------------------------------------------
.../sts/rest/RESTSecurityTokenServiceImpl.java | 16 +++++-
.../cxf/systest/sts/rest/RESTUnitTest.java | 2 +-
.../systest/sts/rest/WSS4JBasicAuthFilter.java | 54 --------------------
.../basic/src/test/resources/logging.properties | 4 +-
.../apache/cxf/systest/sts/rest/cxf-client.xml | 3 ++
.../cxf/systest/sts/rest/cxf-rest-sts.xml | 8 +--
6 files changed, 22 insertions(+), 65 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/7ea12c2d/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java
index 6955931..393b806 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java
@@ -20,6 +20,7 @@
package org.apache.cxf.sts.rest;
import java.security.Principal;
+import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -34,6 +35,8 @@ import org.w3c.dom.Element;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.phase.PhaseInterceptorChain;
+import org.apache.cxf.security.SecurityContext;
+import org.apache.cxf.security.transport.TLSSessionInfo;
import org.apache.cxf.sts.QNameConstants;
import org.apache.cxf.sts.STSConstants;
import org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider;
@@ -87,7 +90,6 @@ public class RESTSecurityTokenServiceImpl extends SecurityTokenServiceImpl imple
@Override
public Response getToken(String tokenType, String keyType, List<String> requestedClaims) {
-
if (tokenTypeMap != null && tokenTypeMap.containsKey(tokenType)) {
tokenType = tokenTypeMap.get(tokenType);
}
@@ -213,6 +215,18 @@ public class RESTSecurityTokenServiceImpl extends SecurityTokenServiceImpl imple
@Override
protected Principal getPrincipal() {
+ SecurityContext sc = (SecurityContext)messageContext.get(SecurityContext.class);
+ if (sc == null || sc.getUserPrincipal() == null) {
+ // Get the TLS client principal if no security context is set up
+ TLSSessionInfo tlsInfo =
+ (TLSSessionInfo)PhaseInterceptorChain.getCurrentMessage().get(TLSSessionInfo.class);
+ if (tlsInfo != null && tlsInfo.getPeerCertificates() != null
+ && tlsInfo.getPeerCertificates().length > 0
+ && (tlsInfo.getPeerCertificates()[0] instanceof X509Certificate)
+ ) {
+ return ((X509Certificate)tlsInfo.getPeerCertificates()[0]).getSubjectX500Principal();
+ }
+ }
return messageContext.getSecurityContext().getUserPrincipal();
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/7ea12c2d/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
index 0668e39..7caf0f2 100644
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
+++ b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/RESTUnitTest.java
@@ -77,7 +77,7 @@ public class RESTUnitTest extends AbstractBusClientServerTestBase {
SpringBusFactory.setThreadDefaultBus(bus);
String address = "https://localhost:" + STSPORT + "/SecurityTokenService/token";
- WebClient client = WebClient.create(address, "alice", "clarinet", busFile.toString());
+ WebClient client = WebClient.create(address, busFile.toString());
client.type("application/xml").accept("application/xml");
client.path("saml2.0");
http://git-wip-us.apache.org/repos/asf/cxf/blob/7ea12c2d/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/WSS4JBasicAuthFilter.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/WSS4JBasicAuthFilter.java b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/WSS4JBasicAuthFilter.java
deleted file mode 100644
index 08873cf..0000000
--- a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/WSS4JBasicAuthFilter.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.systest.sts.rest;
-
-import java.io.IOException;
-
-import javax.ws.rs.container.ContainerRequestContext;
-import javax.ws.rs.container.ContainerRequestFilter;
-import javax.ws.rs.core.Response;
-
-import org.apache.cxf.configuration.security.AuthorizationPolicy;
-import org.apache.cxf.jaxrs.utils.ExceptionUtils;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.rt.security.saml.interceptor.WSS4JBasicAuthValidator;
-
-/**
- * Extends the WSS4J validator as a JAX-RS request filter
- */
-public class WSS4JBasicAuthFilter extends WSS4JBasicAuthValidator implements ContainerRequestFilter {
-
- public void filter(ContainerRequestContext requestContext) throws IOException {
- Message message = JAXRSUtils.getCurrentMessage();
- AuthorizationPolicy policy = message.get(AuthorizationPolicy.class);
-
- if (policy == null || policy.getUserName() == null || policy.getPassword() == null) {
- requestContext.abortWith(
- Response.status(401).header("WWW-Authenticate", "Basic realm=\"IdP\"").build());
- }
-
- try {
- super.validate(message);
- } catch (Exception ex) {
- throw ExceptionUtils.toInternalServerErrorException(ex, null);
- }
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cxf/blob/7ea12c2d/services/sts/systests/basic/src/test/resources/logging.properties
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/logging.properties b/services/sts/systests/basic/src/test/resources/logging.properties
index 016ae26..f70123b 100644
--- a/services/sts/systests/basic/src/test/resources/logging.properties
+++ b/services/sts/systests/basic/src/test/resources/logging.properties
@@ -43,7 +43,7 @@
# can be overridden by a facility specific level
# Note that the ConsoleHandler also has a separate level
# setting to limit messages printed to the console.
-.level= FINE
+.level= INFO
############################################################
# Handler specific properties.
@@ -57,7 +57,7 @@ java.util.logging.FileHandler.count = 1
java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
# Limit the message that are printed on the console to WARNING and above.
-java.util.logging.ConsoleHandler.level = FINE
+java.util.logging.ConsoleHandler.level = INFO
java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
http://git-wip-us.apache.org/repos/asf/cxf/blob/7ea12c2d/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-client.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-client.xml b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-client.xml
index 892e5a5..f45b741 100644
--- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-client.xml
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-client.xml
@@ -25,6 +25,9 @@
</cxf:bus>
<http:conduit name="https://localhost:.*">
<http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="ckpass">
+ <sec:keyStore type="jks" password="cspass" resource="clientstore.jks"/>
+ </sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="jks" password="cspass" resource="clientstore.jks"/>
</sec:trustManagers>
http://git-wip-us.apache.org/repos/asf/cxf/blob/7ea12c2d/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-rest-sts.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-rest-sts.xml b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-rest-sts.xml
index 309f3f2..106bca4 100644
--- a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-rest-sts.xml
+++ b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/rest/cxf-rest-sts.xml
@@ -105,11 +105,6 @@
<bean id="jsonProvider" class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider" />
- <bean id="callbackHandler" class="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
- <bean id="basicAuthFilter" class="org.apache.cxf.systest.sts.rest.WSS4JBasicAuthFilter">
- <property name="callbackHandler" ref="callbackHandler"/>
- </bean>
-
<jaxrs:server id="stsRESTService"
depends-on="ClientAuthHttpsSettings"
address="https://localhost:${testutil.ports.STSRESTServer}/SecurityTokenService">
@@ -118,7 +113,6 @@
</jaxrs:serviceBeans>
<jaxrs:providers>
<ref bean="jsonProvider" />
- <ref bean="basicAuthFilter"/>
</jaxrs:providers>
<jaxrs:extensionMappings>
<entry key="json" value="application/json;charset=UTF-8" />
@@ -135,7 +129,7 @@
<sec:trustManagers>
<sec:keyStore type="jks" password="stsspass" resource="stsstore.jks"/>
</sec:trustManagers>
- <sec:clientAuthentication want="false" required="false"/>
+ <sec:clientAuthentication want="true" required="true"/>
</httpj:tlsServerParameters>
</httpj:engine>
</httpj:engine-factory>