You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2009/12/04 20:28:19 UTC
svn commit: r887328 [1/2] - in
/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy: ./
bin/ certs/ certs/demoCA/ certs/demoCA/newcerts/ src/ src/demo/
src/demo/wssec/ src/demo/wssec/client/ src/demo/wssec/resources/
src/demo/wssec/se...
Author: dkulp
Date: Fri Dec 4 19:28:17 2009
New Revision: 887328
URL: http://svn.apache.org/viewvc?rev=887328&view=rev
Log:
[CXF-2553] Add WS-SecPolicy based UsernameToken sample.
Contribution from Oliver Wulff
Added:
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ca.crl
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cacert.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/caprivkey.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry-ra-cert.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.chain
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.jks
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrcherry.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrra.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrwibble.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr.old
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.old
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1345.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1346.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1347.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial.old
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/exts
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ra-ca-cert.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/raprivkey.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/truststore.jks
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble-ra-cert.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.chain
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.jks
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/abigcompany_ca.pem
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/celtix.p12
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/celtixp12.truststore
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/server/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/server/GreeterImpl.java (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/server/Server.java (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/server/UTPasswordCallback.java (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/server/wssec.xml (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/wsdl/
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/wsdl/hello_world.wsdl (with props)
cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/wsdl/hello_world_no_policy.wsdl (with props)
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt Fri Dec 4 19:28:17 2009
@@ -0,0 +1,148 @@
+WS-Security Demo (UsernameToken and Timestamp)
+=================
+
+This demo shows how WS-Security support in Apache CXF may be enabled.
+
+WS-Security can be configured to the Client and Server endpoints by adding
+WS-SecurityPolicies into the WSDL.
+
+The logging feature is used to log the inbound and outbound
+SOAP messages and display these to the console.
+
+In all other respects this demo is based on the basic hello_world sample.
+
+Please review the README in the samples directory before continuing.
+
+
+Prerequisite
+------------
+
+If your environment already includes cxf-manifest.jar on the CLASSPATH,
+and the JDK and ant bin directories on the PATH, it is not necessary to
+run the environment script described in the samples directory README.
+If your environment is not properly configured, or if you are planning
+on using wsdl2java, javac, and java to build and run the demos, you must
+set the environment by running the script.
+
+
+*** Requirements ***
+
+The samples in this directory use STRONG encryption. The default encryption algorithms
+included in a JRE is not adequate for these samples. The Java Cryptography Extension
+(JCE) Unlimited Strength Jurisdiction Policy Files available on Sun's JDK download
+page[3] *must* be installed for the examples to work. If you get errors about invalid
+key lengths, the Unlimited Strength files are not installed.
+
+[3] http://java.sun.com/javase/downloads/index.jsp
+
+
+Building and running the demo using Ant
+---------------------------------------
+
+From the base directory of this sample (i.e., where this README file is
+located), the Ant build.xml file can be used to build and run the demo.
+The server and client targets automatically build the demo.
+
+Using either UNIX or Windows:
+
+ ant server (from one command line window)
+ ant client (from a second command line window)
+
+On startup, the client makes one invocation.
+
+You can use the target client.unauthenticated to show that the policy UsernameToken is enforced by the server.
+
+To remove the code generated from the WSDL file and the .class
+files, run "ant clean".
+
+
+Building and running the demo using Maven
+---------------------------------------
+
+From the base directory of this sample (i.e., where this README file is
+located), the maven pom.xml file can be used to build and run the demo.
+
+
+Using either UNIX or Windows:
+
+ mvn install (builds the demo)
+ mvn -Pserver (from one command line window)
+ Mvn -Pclient (from a second command line window)
+
+On startup, the client makes one invocation.
+
+You can use the profile client.unauthenticated to show that the policy UsernameToken is enforced by the server.
+
+To remove the code generated from the WSDL file and the .class
+files, run "mvn clean".
+
+
+
+Building the demo using wsdl2java and javac
+-------------------------------------------
+
+From the base directory of this sample (i.e., where this README file is
+located) first create the target directory build/classes and then
+generate code from the WSDL file.
+
+
+For UNIX:
+ mkdir -p build/classes
+
+ wsdl2java -d build/classes -compile ./wsdl/hello_world_wssec.wsdl
+
+For Windows:
+ mkdir build\classes
+ Must use back slashes.
+
+ wsdl2java -d build\classes -compile .\wsdl\hello_world_wssec.wsdl
+ May use either forward or back slashes.
+
+Now compile the provided client and server applications with the commands:
+
+For UNIX:
+
+ export CLASSPATH=$CLASSPATH:$CXF_HOME/lib/cxf-manifest.jar:./build/classes
+ javac -d build/classes src/demo/wssec/common/*.java
+ javac -d build/classes src/demo/wssec/client/*.java
+ javac -d build/classes src/demo/wssec/server/*.java
+
+For Windows:
+ set classpath=%classpath%;%CXF_HOME%\lib\cxf-manifest.jar;.\build\classes
+ javac -d build\classes src\demo\wssec\common\*.java
+ javac -d build\classes src\demo\wssec\client\*.java
+ javac -d build\classes src\demo\wssec\server\*.java
+
+
+Running the demo using java
+---------------------------
+
+From the base directory of this sample (i.e., where this README file is
+located) run the commands, entered on a single command line:
+
+For UNIX (must use forward slashes):
+ java -Djava.util.logging.config.file=./logging.properties
+ demo.wssec.server.Server &
+
+ java -Djava.util.logging.config.file=./logging.properties
+ demo.wssec.client.Client ./wsdl/hello_world_wssec.wsdl
+
+The server process starts in the background.
+
+For Windows (may use either forward or back slashes):
+ start
+ java -Djava.util.logging.config.file=.\logging.properties
+ demo.wssec.server.Server
+
+ java -Djava.util.logging.config.file=.\logging.properties
+ demo.wssec.client.Client .\wsdl\hello_world_wssec.wsdl
+
+The server process starts in a new command window.
+
+After running the client, terminate the server process.
+
+To remove the code generated from the WSDL file and the .class
+files, either delete the build directory and its contents or run:
+
+ ant clean
+
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh Fri Dec 4 19:28:17 2009
@@ -0,0 +1,163 @@
+#!/bin/sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+#
+#
+# This file uses openssl and keytool to generate 2 chains of 3 certificates
+# CN=Wibble CN=Cherry
+# CN=TheRA
+# CN=TheCA
+# and generates a CRL to revoke the "CN=TheRA" certificate.
+#
+# This file also serves as a specification on what needs to be done to
+# get the underlying CXF to work correctly.
+# For the most part, you need to use only JKS (Java Key Store) formatted
+# keystores and truststores.
+
+
+# Initialize the default openssl DataBase.
+# According to a default /usr/lib/ssl/openssl.cnf file it is ./demoCA
+# Depending on the Openssl version, comment out "crlnumber" in config file.
+# We echo 1345 to start the certificate serial number counter.
+
+ rm -rf demoCA
+ mkdir -p demoCA/newcerts
+ cp /dev/null demoCA/index.txt
+ echo "1345" > demoCA/serial
+
+# This file makes sure that the certificate for CN=TheRA can be a Certificate
+# Authority, i.e. can sign the user certificates, e.g. "CN=Wibble".
+
+cat <<EOF > exts
+[x509_extensions]
+basicConstraints=CA:TRUE
+EOF
+
+# Create the CA's keypair and self-signed certificate
+# -x509 means create self-sign cert
+# -keyout means generate keypair
+# -nodes means do not encrypt private key.
+# -set_serial sets the serial number of the certificate
+
+ openssl req -verbose -x509 -new -nodes -set_serial 1234 \
+ -subj "/CN=TheCA/OU=NOT FOR PRODUCTION/O=Apache/ST=NY/C=US" \
+ -days 7300 -out cacert.pem -keyout caprivkey.pem
+
+# Create the RA's keypair and Certificate Request
+# without -x509, we generate an x509 cert request.
+# -keyout means generate keypair
+# -nodes means do not encrypt private key.
+
+ openssl req -verbose -new -nodes \
+ -subj "/CN=TheRA/OU=NOT FOR PRODUCTION/O=Apache/ST=NY/C=US" \
+ -days 7300 -out csrra.pem -keyout raprivkey.pem
+
+# Have the CN=TheCA issue a certificate for the CN=TheRA
+# We need -extfile exts -extenstions x509_extensions to make sure
+# CN=TheRA can be a Certificate Authority.
+
+ openssl ca -batch -days 7300 -cert cacert.pem -keyfile caprivkey.pem \
+ -in csrra.pem -out ra-ca-cert.pem -extfile exts -extensions x509_extensions
+
+# Create keypairs and Cert Request for a certificate for CN=Wibble and CN=Cherry
+# This procedure must be done in JKS, because we need to use a JKS keystore.
+# The current version of CXF using PCKS12 will not work for a number of
+# internal CXF reasons.
+
+ rm -f wibble.jks
+
+ keytool -genkey \
+ -dname "CN=Wibble, OU=NOT FOR PRODUCTION, O=Apache, ST=NY, C=US" \
+ -keystore wibble.jks -storetype jks -storepass password -keypass password
+
+ keytool -certreq -keystore wibble.jks -storetype jks -storepass password \
+ -keypass password -file csrwibble.pem
+
+
+ rm -f cherry.jks
+
+ keytool -genkey \
+ -dname "CN=Cherry, OU=NOT FOR PRODUCTION, O=Apache, ST=NY, C=US" \
+ -keystore cherry.jks -storetype jks -storepass password -keypass password
+
+ keytool -certreq -keystore cherry.jks -storetype jks -storepass password \
+ -keypass password -file csrcherry.pem
+
+
+# Have the CN=TheRA issue a certificate for CN=Wibble and CN=Cherry via
+# their Certificate Requests.
+
+ openssl ca -batch -days 7300 -cert ra-ca-cert.pem -keyfile raprivkey.pem \
+ -in csrwibble.pem -out wibble-ra-cert.pem
+
+ openssl ca -batch -days 7300 -cert ra-ca-cert.pem -keyfile raprivkey.pem \
+ -in csrcherry.pem -out cherry-ra-cert.pem
+
+
+# Rewrite the certificates in PEM only format. This allows us to concatenate
+# them into chains.
+
+ openssl x509 -in cacert.pem -out cacert.pem -outform PEM
+ openssl x509 -in ra-ca-cert.pem -out ra-ca-cert.pem -outform PEM
+ openssl x509 -in wibble-ra-cert.pem -out wibble-ra-cert.pem -outform PEM
+ openssl x509 -in cherry-ra-cert.pem -out cherry-ra-cert.pem -outform PEM
+
+# Create a chain readable by CertificateFactory.getCertificates.
+
+ cat wibble-ra-cert.pem ra-ca-cert.pem cacert.pem > wibble.chain
+ cat cherry-ra-cert.pem ra-ca-cert.pem cacert.pem > cherry.chain
+
+# Replace the certificate in the Wibble keystore with their respective
+# full chains.
+
+ keytool -import -file wibble.chain -keystore wibble.jks -storetype jks \
+ -storepass password -keypass password -noprompt
+
+ keytool -import -file cherry.chain -keystore cherry.jks -storetype jks \
+ -storepass password -keypass password -noprompt
+
+# Revoke the CN=TheRA certificate (happens in the Openssl DB)
+
+ openssl ca -verbose -cert cacert.pem -keyfile caprivkey.pem \
+ -revoke ra-ca-cert.pem -crl_reason keyCompromise
+
+# Create the CRL from that revocation (from the Openssl DB)
+
+ openssl ca -verbose -gencrl -out ca.crl -cert cacert.pem \
+ -keyfile caprivkey.pem
+
+# Create the Truststore file containing the CA cert.
+
+ rm -f truststore.jks
+
+ keytool -import -file cacert.pem -alias TheCA -keystore truststore.jks \
+ -storepass password -noprompt
+
+# Uncomment to see what's in the Keystores and CRL
+
+ keytool -v -list -keystore wibble.jks -storepass password
+
+ keytool -v -list -keystore cherry.jks -storepass password
+
+ keytool -v -list -keystore truststore.jks -storepass password
+
+ openssl crl -in ca.crl -text -noout
+
+# Get rid of everything but wibble.chain and ra.crl
+#rm -rf *.pem exts demoCA *pk12
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh
------------------------------------------------------------------------------
svn:eol-style = native
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml Fri Dec 4 19:28:17 2009
@@ -0,0 +1,45 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<project name="Secure hello world demo" default="build" basedir=".">
+
+ <import file="../../common_build.xml"/>
+
+ <target name="unauthenticated.client" description="run demo insecure client" depends="build">
+ <property name="param" value=""/>
+ <cxfrun classname="demo.wssec.client.Client"
+ param1="${basedir}/wsdl/hello_world.wsdl"/>
+ </target>
+
+ <target name="client" description="run demo secure client" depends="build">
+ <property name="param" value=""/>
+ <cxfrun classname="demo.wssec.client.Client"
+ param1="${basedir}/wsdl/hello_world.wsdl"/>
+ </target>
+
+ <target name="server" description="run demo server" depends="build">
+ <cxfrun classname="demo.wssec.server.Server" logging-properties-file="${basedir}/logging.properties"/>
+ </target>
+
+ <target name="generate.code">
+ <echo level="info" message="Generating code using wsdl2java..."/>
+ <wsdl2java file="hello_world.wsdl"/>
+ </target>
+
+</project>
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml
------------------------------------------------------------------------------
svn:mime-type = text/xml
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ca.crl
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ca.crl?rev=887328&view=auto
==============================================================================
(empty)
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cacert.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cacert.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cacert.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cacert.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC3DCCAkWgAwIBAgICBNIwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQ
+Uk9EVUNUSU9OMQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQG
+EwJVUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3st0/lxVtgRQMbMWvuQz
+MHFv64qXPIm6sTvK3ff6ILGiOnx6wd98oQoJ+X1MuSVBv0ncf7qwZkxZ+imaf1zl
+MwOw6Rha8yl0Uw2YbVYWFCldSXK/9+0KRTm3El5uzzGKT2dKJ2840Wh7LuYKGoEw
+95xXfWb13K1SL13Ewn8Er1cCAwEAAaOBtDCBsTAdBgNVHQ4EFgQUj0/bfQrFQIB6
+6jnKNpqmcGUjy7cwgYEGA1UdIwR6MHiAFI9P230KxUCAeuo5yjaapnBlI8u3oVyk
+WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9O
+MQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQGEwJVU4ICBNIw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBnLYUUrajPw+Ku9Jr8oDte
+KEe+zGDcEEa0uI8ld0XqLjcVcX1SGGYh13ophJCqn3kBwcXtgH1oxj9/M4fWr6pL
+ml4oJMzrYGRi1M2bMgzWFhX5lhTTy/WCDRW05K9LDvTv94yRJV07uk1ztbYgpiyn
+zjX4WJceNv6/6wzWTT7+Ow==
+-----END CERTIFICATE-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/caprivkey.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/caprivkey.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/caprivkey.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/caprivkey.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDey3T+XFW2BFAxsxa+5DMwcW/ripc8ibqxO8rd9/ogsaI6fHrB
+33yhCgn5fUy5JUG/Sdx/urBmTFn6KZp/XOUzA7DpGFrzKXRTDZhtVhYUKV1Jcr/3
+7QpFObcSXm7PMYpPZ0onbzjRaHsu5goagTD3nFd9ZvXcrVIvXcTCfwSvVwIDAQAB
+AoGAUCoK7Z8RpA2HQWq8C3GWzZ5zc+AJLNot16m5BAc+89aWlc7GaM3eTR+MmT2x
+hojWUFrmQPtOj3B3i6C+m4c0XGuU8B9lFaKSdjz4NytWAsykQPxx+KsVfyNxt2mk
+np8hoTQU0qoTG6XAZmvYaSOkqSC7s5gUCwEzK/J+mWbyYcECQQD9UqIhMLOrbFfT
+1T/VNcAp7WkvW0Dqio1G/o11Yas1ZKhTfwxczA84Lpu5aSoUoKJwSRjEsfSHrqrV
+GobsS813AkEA4SY62Krv4zW7PtEElJbUhzF0+Yc/SXmVFuq7C9sfiV9ko/lpAn2L
+lWFzEeRE+3+o+khL5+PW5NYQBJUhHxslIQJABwfzHg62/ewM6AFEO0u5oLBJOhpD
+S/86epz4Gijy0pGPpnmhQzYaugl5IwVLOLVYrNsqh9MUoWt0rGOHGSnlcwJAHYm8
+cqyKaE6mUClv5mabX1k3tXzu6p7O1oDZJUcMLiObun+ALVl3NJPiWtiNzEkFTECr
+5LJZgRAsbc162O/gwQJAJ0n+Sd2qJz5n0/iu9LYH+DH8Bjd88thq+PVYz9r5lYvl
+ksRCCYECTkW8Q7pT8SlLEBePRBvVmENTnPlAENTwwQ==
+-----END RSA PRIVATE KEY-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry-ra-cert.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry-ra-cert.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry-ra-cert.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry-ra-cert.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECjCCA3OgAwIBAgICE0cwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZD
+aGVycnkwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAACgYBi7WDT5ifoKr+6CYNM4bgp
+boGIDcm4gAzvN87riAREspwE1e/n7248yu3HUSO11IeO9Nry3yANg2yU93478ZKY
+iMO4Vsf3otK3HX+RVRF7el2hcIxidpCwDn7+BRwaYEVJ+FICtzJJir7v9kVm+rc+
+hkjllDDvS99Lv6OOiejBOqOByDCBxTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf
+Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU75GNmqmw
+1Y0VOsXjb3lTww8M4I4wawYDVR0jBGQwYqFcpFowWDEOMAwGA1UEAxMFVGhlQ0Ex
+GzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hlMQsw
+CQYDVQQIEwJOWTELMAkGA1UEBhMCVVOCAhNFMA0GCSqGSIb3DQEBBQUAA4GBAEyD
+BUFePKRHtTlWIW8VH1gTfWm8vLDONxS8Xsk+rcXTG1PZCnVlgYBGRPmmxWApDJJT
+bmp4A7ZnQL/jCP8rQCFlqRCGEHFOqxzqQy1H7klJ6NrzhgzpqqIwfkjk7UBWbaMR
+lXEvynvUC0h0JieUdm6qHAaRuSs5ZQv5+sndW/g3
+-----END CERTIFICATE-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.chain
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.chain?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.chain (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.chain Fri Dec 4 19:28:17 2009
@@ -0,0 +1,56 @@
+-----BEGIN CERTIFICATE-----
+MIIECjCCA3OgAwIBAgICE0cwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZD
+aGVycnkwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAACgYBi7WDT5ifoKr+6CYNM4bgp
+boGIDcm4gAzvN87riAREspwE1e/n7248yu3HUSO11IeO9Nry3yANg2yU93478ZKY
+iMO4Vsf3otK3HX+RVRF7el2hcIxidpCwDn7+BRwaYEVJ+FICtzJJir7v9kVm+rc+
+hkjllDDvS99Lv6OOiejBOqOByDCBxTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf
+Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU75GNmqmw
+1Y0VOsXjb3lTww8M4I4wawYDVR0jBGQwYqFcpFowWDEOMAwGA1UEAxMFVGhlQ0Ex
+GzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hlMQsw
+CQYDVQQIEwJOWTELMAkGA1UEBhMCVVOCAhNFMA0GCSqGSIb3DQEBBQUAA4GBAEyD
+BUFePKRHtTlWIW8VH1gTfWm8vLDONxS8Xsk+rcXTG1PZCnVlgYBGRPmmxWApDJJT
+bmp4A7ZnQL/jCP8rQCFlqRCGEHFOqxzqQy1H7klJ6NrzhgzpqqIwfkjk7UBWbaMR
+lXEvynvUC0h0JieUdm6qHAaRuSs5ZQv5+sndW/g3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgICE0UwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ4wDAYDVQQDEwVU
+aGVSQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArUsKksqHsbd7Ncxapwvq
+i8FAV+Ea6ZwfbiFs46ZXDcVEnvwbFWB8PkYrq1vEJGrBCLKS+QNpYh3QG06etm2A
+frUwIGOJkJgGObQ9lFyHBbg27hmct+wYymx0Z3IGe6w1wD5EkK7nzF0Yg0Ph2xfd
+rHaqNEbVL+RemqaABcNbltcCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG
+9w0BAQUFAAOBgQC14vN7a3bbfmqR2mAWDfS5z2+nO0i6M/z3Y7vAVZqyBuiHcUzW
+RYyE4kKzMrxDHBES3zwTOXmW3NSbwMMKd61RRSF0W2cR4MF42etFoUUr0/NjRwIW
+g9IYN2wGBwKYPrSCUSwCGMhxhOEaoqvAeg0sd1v5OezuZjCGQ9UR2myMvA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC3DCCAkWgAwIBAgICBNIwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQ
+Uk9EVUNUSU9OMQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQG
+EwJVUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3st0/lxVtgRQMbMWvuQz
+MHFv64qXPIm6sTvK3ff6ILGiOnx6wd98oQoJ+X1MuSVBv0ncf7qwZkxZ+imaf1zl
+MwOw6Rha8yl0Uw2YbVYWFCldSXK/9+0KRTm3El5uzzGKT2dKJ2840Wh7LuYKGoEw
+95xXfWb13K1SL13Ewn8Er1cCAwEAAaOBtDCBsTAdBgNVHQ4EFgQUj0/bfQrFQIB6
+6jnKNpqmcGUjy7cwgYEGA1UdIwR6MHiAFI9P230KxUCAeuo5yjaapnBlI8u3oVyk
+WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9O
+MQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQGEwJVU4ICBNIw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBnLYUUrajPw+Ku9Jr8oDte
+KEe+zGDcEEa0uI8ld0XqLjcVcX1SGGYh13ophJCqn3kBwcXtgH1oxj9/M4fWr6pL
+ml4oJMzrYGRi1M2bMgzWFhX5lhTTy/WCDRW05K9LDvTv94yRJV07uk1ztbYgpiyn
+zjX4WJceNv6/6wzWTT7+Ow==
+-----END CERTIFICATE-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.jks
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.jks?rev=887328&view=auto
==============================================================================
Files cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.jks (added) and cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.jks Fri Dec 4 19:28:17 2009 differ
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrcherry.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrcherry.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrcherry.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrcherry.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,13 @@
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIICXjCCAhsCAQAwWTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUx
+GzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEAxMGQ2hlcnJ5MIIBtzCCASwGByqG
+SM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/
+xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208Ue
+wwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+Gg
+hdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwky
+jMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6A
+e1UlZAFMO/7PSSoDgYQAAoGAYu1g0+Yn6Cq/ugmDTOG4KW6BiA3JuIAM7zfO64gERLKcBNXv5+9u
+PMrtx1EjtdSHjvTa8t8gDYNslPd+O/GSmIjDuFbH96LStx1/kVURe3pdoXCMYnaQsA5+/gUcGmBF
+SfhSArcySYq+7/ZFZvq3PoZI5ZQw70vfS7+jjonowTqgADALBgcqhkjOOAQDBQADMAAwLQIUL/Kb
+evVCJJJYu/t6x1a4hsqrjEACFQCVsCt5XBVEnBOMISaGVWJOfa0OoA==
+-----END NEW CERTIFICATE REQUEST-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrra.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrra.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrra.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrra.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBmDCCAQECAQAwWDEOMAwGA1UEAxMFVGhlUkExGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hlMQswCQYDVQQIEwJOWTELMAkGA1UE
+BhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK1LCpLKh7G3ezXMWqcL
+6ovBQFfhGumcH24hbOOmVw3FRJ78GxVgfD5GK6tbxCRqwQiykvkDaWId0BtOnrZt
+gH61MCBjiZCYBjm0PZRchwW4Nu4ZnLfsGMpsdGdyBnusNcA+RJCu58xdGIND4dsX
+3ax2qjRG1S/kXpqmgAXDW5bXAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQCoR9+A
+4a2uIYk4wJyKwV4ghskSrG/O7pR0wY+tkJN66YOci3C3x+nefdlUK73+SOqbdqL4
+x5io/1fT5BLdFXfcwkWgpzoRzYAZVKj1zQAM7pqEotuxLVy3Bo/Bkij81RgRBtq1
+pDEnDgzGOt3Ly/XVPzK4S4atQe6/fjmfCsfnVw==
+-----END CERTIFICATE REQUEST-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrwibble.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrwibble.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrwibble.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrwibble.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,13 @@
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIICXjCCAhwCAQAwWTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUx
+GzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEAxMGV2liYmxlMIIBuDCCASwGByqG
+SM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/
+xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208Ue
+wwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+Gg
+hdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwky
+jMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6A
+e1UlZAFMO/7PSSoDgYUAAoGBAOVw/LSWWM/t6EdzPEKo9T/gHMbknoGwkfq+3wRhhHOtr45dVyPL
+agrEmkKllHFoCCZc5Rw5PSXeTRGT2Zwt9YDPH/n97ju8OH8NIo1moyyL7F0iHOlUCnrFv3ok2SYA
+WnVxW0giyjGWIEgtnrxLb1Hj84biGRx8IIDp//CJ6/8qoAAwCwYHKoZIzjgEAwUAAy8AMCwCFH2/
+V9FvF0zHa3lUIL8NU7lbuX/yAhQxHI/8jJMJprrAhaQDSiys9sRfNA==
+-----END NEW CERTIFICATE REQUEST-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt Fri Dec 4 19:28:17 2009
@@ -0,0 +1,3 @@
+R 290617153708Z 090622153711Z,keyCompromise 1345 unknown /C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=TheRA
+V 290617153710Z 1346 unknown /C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=Wibble
+V 290617153710Z 1347 unknown /C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=Cherry
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr Fri Dec 4 19:28:17 2009
@@ -0,0 +1 @@
+unique_subject = yes
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr.old
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr.old?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr.old (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr.old Fri Dec 4 19:28:17 2009
@@ -0,0 +1 @@
+unique_subject = yes
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.old
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.old?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.old (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.old Fri Dec 4 19:28:17 2009
@@ -0,0 +1,3 @@
+V 290617153708Z 1345 unknown /C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=TheRA
+V 290617153710Z 1346 unknown /C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=Wibble
+V 290617153710Z 1347 unknown /C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=Cherry
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1345.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1345.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1345.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1345.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,50 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 4933 (0x1345)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: CN=TheCA, OU=NOT FOR PRODUCTION, O=Apache, ST=NY, C=US
+ Validity
+ Not Before: Jun 22 15:37:08 2009 GMT
+ Not After : Jun 17 15:37:08 2029 GMT
+ Subject: C=US, ST=NY, O=Apache, OU=NOT FOR PRODUCTION, CN=TheRA
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ad:4b:0a:92:ca:87:b1:b7:7b:35:cc:5a:a7:0b:
+ ea:8b:c1:40:57:e1:1a:e9:9c:1f:6e:21:6c:e3:a6:
+ 57:0d:c5:44:9e:fc:1b:15:60:7c:3e:46:2b:ab:5b:
+ c4:24:6a:c1:08:b2:92:f9:03:69:62:1d:d0:1b:4e:
+ 9e:b6:6d:80:7e:b5:30:20:63:89:90:98:06:39:b4:
+ 3d:94:5c:87:05:b8:36:ee:19:9c:b7:ec:18:ca:6c:
+ 74:67:72:06:7b:ac:35:c0:3e:44:90:ae:e7:cc:5d:
+ 18:83:43:e1:db:17:dd:ac:76:aa:34:46:d5:2f:e4:
+ 5e:9a:a6:80:05:c3:5b:96:d7
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ b5:e2:f3:7b:6b:76:db:7e:6a:91:da:60:16:0d:f4:b9:cf:6f:
+ a7:3b:48:ba:33:fc:f7:63:bb:c0:55:9a:b2:06:e8:87:71:4c:
+ d6:45:8c:84:e2:42:b3:32:bc:43:1c:11:12:df:3c:13:39:79:
+ 96:dc:d4:9b:c0:c3:0a:77:ad:51:45:21:74:5b:67:11:e0:c1:
+ 78:d9:eb:45:a1:45:2b:d3:f3:63:47:02:16:83:d2:18:37:6c:
+ 06:07:02:98:3e:b4:82:51:2c:02:18:c8:71:84:e1:1a:a2:ab:
+ c0:7a:0d:2c:77:5b:f9:39:ec:ee:66:30:86:43:d5:11:da:6c:
+ 8c:bc
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgICE0UwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ4wDAYDVQQDEwVU
+aGVSQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArUsKksqHsbd7Ncxapwvq
+i8FAV+Ea6ZwfbiFs46ZXDcVEnvwbFWB8PkYrq1vEJGrBCLKS+QNpYh3QG06etm2A
+frUwIGOJkJgGObQ9lFyHBbg27hmct+wYymx0Z3IGe6w1wD5EkK7nzF0Yg0Ph2xfd
+rHaqNEbVL+RemqaABcNbltcCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG
+9w0BAQUFAAOBgQC14vN7a3bbfmqR2mAWDfS5z2+nO0i6M/z3Y7vAVZqyBuiHcUzW
+RYyE4kKzMrxDHBES3zwTOXmW3NSbwMMKd61RRSF0W2cR4MF42etFoUUr0/NjRwIW
+g9IYN2wGBwKYPrSCUSwCGMhxhOEaoqvAeg0sd1v5OezuZjCGQ9UR2myMvA==
+-----END CERTIFICATE-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1346.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1346.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1346.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1346.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,90 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 4934 (0x1346)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=NY, O=Apache, OU=NOT FOR PRODUCTION, CN=TheRA
+ Validity
+ Not Before: Jun 22 15:37:10 2009 GMT
+ Not After : Jun 17 15:37:10 2029 GMT
+ Subject: C=US, ST=NY, O=Apache, OU=NOT FOR PRODUCTION, CN=Wibble
+ Subject Public Key Info:
+ Public Key Algorithm: dsaEncryption
+ DSA Public Key:
+ pub:
+ 00:e5:70:fc:b4:96:58:cf:ed:e8:47:73:3c:42:a8:
+ f5:3f:e0:1c:c6:e4:9e:81:b0:91:fa:be:df:04:61:
+ 84:73:ad:af:8e:5d:57:23:cb:6a:0a:c4:9a:42:a5:
+ 94:71:68:08:26:5c:e5:1c:39:3d:25:de:4d:11:93:
+ d9:9c:2d:f5:80:cf:1f:f9:fd:ee:3b:bc:38:7f:0d:
+ 22:8d:66:a3:2c:8b:ec:5d:22:1c:e9:54:0a:7a:c5:
+ bf:7a:24:d9:26:00:5a:75:71:5b:48:22:ca:31:96:
+ 20:48:2d:9e:bc:4b:6f:51:e3:f3:86:e2:19:1c:7c:
+ 20:80:e9:ff:f0:89:eb:ff:2a
+ P:
+ 00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:
+ e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:
+ 51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:
+ c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:
+ 6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:
+ 10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:
+ c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:
+ 54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:
+ f2:22:03:19:9d:d1:48:01:c7
+ Q:
+ 00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:
+ 84:0b:f0:58:1c:f5
+ G:
+ 00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:
+ 57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:
+ 07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:
+ 81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:
+ 32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:
+ ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:
+ f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:
+ a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:
+ 25:64:01:4c:3b:fe:cf:49:2a
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ 91:4C:0A:EC:6C:E5:92:06:AE:3A:F8:96:32:EC:92:50:8C:CB:83:E7
+ X509v3 Authority Key Identifier:
+ DirName:/CN=TheCA/OU=NOT FOR PRODUCTION/O=Apache/ST=NY/C=US
+ serial:13:45
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 2e:14:ab:c9:48:9c:b5:b6:16:af:d2:59:3b:2c:bd:79:e9:f6:
+ 2c:e9:0b:ac:58:ab:82:e5:87:4a:6b:b4:ea:d4:d5:d8:5c:86:
+ cf:96:33:ec:f1:c2:60:7d:6b:64:05:6f:8b:37:64:4d:71:f0:
+ c6:75:82:f6:ba:8a:31:16:1e:5a:fa:93:35:ed:ee:a3:6f:98:
+ e9:06:09:12:dd:e7:c0:df:9c:a1:9b:9e:db:3a:43:35:ac:c4:
+ dd:e9:4d:6e:ba:88:b9:d5:c5:05:ea:7f:72:24:64:51:7c:b3:
+ 8d:24:bf:dd:9a:76:46:5a:c6:22:b4:bb:cd:c0:9c:96:3a:5c:
+ 6e:35
+-----BEGIN CERTIFICATE-----
+MIIECzCCA3SgAwIBAgICE0YwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZX
+aWJibGUwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhQACgYEA5XD8tJZYz+3oR3M8Qqj1
+P+AcxuSegbCR+r7fBGGEc62vjl1XI8tqCsSaQqWUcWgIJlzlHDk9Jd5NEZPZnC31
+gM8f+f3uO7w4fw0ijWajLIvsXSIc6VQKesW/eiTZJgBadXFbSCLKMZYgSC2evEtv
+UePzhuIZHHwggOn/8Inr/yqjgcgwgcUwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0E
+HxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJFMCuxs
+5ZIGrjr4ljLsklCMy4PnMGsGA1UdIwRkMGKhXKRaMFgxDjAMBgNVBAMTBVRoZUNB
+MRswGQYDVQQLExJOT1QgRk9SIFBST0RVQ1RJT04xDzANBgNVBAoTBkFwYWNoZTEL
+MAkGA1UECBMCTlkxCzAJBgNVBAYTAlVTggITRTANBgkqhkiG9w0BAQUFAAOBgQAu
+FKvJSJy1thav0lk7LL156fYs6QusWKuC5YdKa7Tq1NXYXIbPljPs8cJgfWtkBW+L
+N2RNcfDGdYL2uooxFh5a+pM17e6jb5jpBgkS3efA35yhm57bOkM1rMTd6U1uuoi5
+1cUF6n9yJGRRfLONJL/dmnZGWsYitLvNwJyWOlxuNQ==
+-----END CERTIFICATE-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1347.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1347.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1347.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1347.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,90 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 4935 (0x1347)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=NY, O=Apache, OU=NOT FOR PRODUCTION, CN=TheRA
+ Validity
+ Not Before: Jun 22 15:37:10 2009 GMT
+ Not After : Jun 17 15:37:10 2029 GMT
+ Subject: C=US, ST=NY, O=Apache, OU=NOT FOR PRODUCTION, CN=Cherry
+ Subject Public Key Info:
+ Public Key Algorithm: dsaEncryption
+ DSA Public Key:
+ pub:
+ 62:ed:60:d3:e6:27:e8:2a:bf:ba:09:83:4c:e1:b8:
+ 29:6e:81:88:0d:c9:b8:80:0c:ef:37:ce:eb:88:04:
+ 44:b2:9c:04:d5:ef:e7:ef:6e:3c:ca:ed:c7:51:23:
+ b5:d4:87:8e:f4:da:f2:df:20:0d:83:6c:94:f7:7e:
+ 3b:f1:92:98:88:c3:b8:56:c7:f7:a2:d2:b7:1d:7f:
+ 91:55:11:7b:7a:5d:a1:70:8c:62:76:90:b0:0e:7e:
+ fe:05:1c:1a:60:45:49:f8:52:02:b7:32:49:8a:be:
+ ef:f6:45:66:fa:b7:3e:86:48:e5:94:30:ef:4b:df:
+ 4b:bf:a3:8e:89:e8:c1:3a
+ P:
+ 00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:
+ e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:
+ 51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:
+ c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:
+ 6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:
+ 10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:
+ c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:
+ 54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:
+ f2:22:03:19:9d:d1:48:01:c7
+ Q:
+ 00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:
+ 84:0b:f0:58:1c:f5
+ G:
+ 00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:
+ 57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:
+ 07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:
+ 81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:
+ 32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:
+ ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:
+ f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:
+ a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:
+ 25:64:01:4c:3b:fe:cf:49:2a
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ EF:91:8D:9A:A9:B0:D5:8D:15:3A:C5:E3:6F:79:53:C3:0F:0C:E0:8E
+ X509v3 Authority Key Identifier:
+ DirName:/CN=TheCA/OU=NOT FOR PRODUCTION/O=Apache/ST=NY/C=US
+ serial:13:45
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 4c:83:05:41:5e:3c:a4:47:b5:39:56:21:6f:15:1f:58:13:7d:
+ 69:bc:bc:b0:ce:37:14:bc:5e:c9:3e:ad:c5:d3:1b:53:d9:0a:
+ 75:65:81:80:46:44:f9:a6:c5:60:29:0c:92:53:6e:6a:78:03:
+ b6:67:40:bf:e3:08:ff:2b:40:21:65:a9:10:86:10:71:4e:ab:
+ 1c:ea:43:2d:47:ee:49:49:e8:da:f3:86:0c:e9:aa:a2:30:7e:
+ 48:e4:ed:40:56:6d:a3:11:95:71:2f:ca:7b:d4:0b:48:74:26:
+ 27:94:76:6e:aa:1c:06:91:b9:2b:39:65:0b:f9:fa:c9:dd:5b:
+ f8:37
+-----BEGIN CERTIFICATE-----
+MIIECjCCA3OgAwIBAgICE0cwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZD
+aGVycnkwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAACgYBi7WDT5ifoKr+6CYNM4bgp
+boGIDcm4gAzvN87riAREspwE1e/n7248yu3HUSO11IeO9Nry3yANg2yU93478ZKY
+iMO4Vsf3otK3HX+RVRF7el2hcIxidpCwDn7+BRwaYEVJ+FICtzJJir7v9kVm+rc+
+hkjllDDvS99Lv6OOiejBOqOByDCBxTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf
+Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU75GNmqmw
+1Y0VOsXjb3lTww8M4I4wawYDVR0jBGQwYqFcpFowWDEOMAwGA1UEAxMFVGhlQ0Ex
+GzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hlMQsw
+CQYDVQQIEwJOWTELMAkGA1UEBhMCVVOCAhNFMA0GCSqGSIb3DQEBBQUAA4GBAEyD
+BUFePKRHtTlWIW8VH1gTfWm8vLDONxS8Xsk+rcXTG1PZCnVlgYBGRPmmxWApDJJT
+bmp4A7ZnQL/jCP8rQCFlqRCGEHFOqxzqQy1H7klJ6NrzhgzpqqIwfkjk7UBWbaMR
+lXEvynvUC0h0JieUdm6qHAaRuSs5ZQv5+sndW/g3
+-----END CERTIFICATE-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial Fri Dec 4 19:28:17 2009
@@ -0,0 +1 @@
+1348
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial.old
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial.old?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial.old (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial.old Fri Dec 4 19:28:17 2009
@@ -0,0 +1 @@
+1347
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/exts
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/exts?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/exts (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/exts Fri Dec 4 19:28:17 2009
@@ -0,0 +1,2 @@
+[x509_extensions]
+basicConstraints=CA:TRUE
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ra-ca-cert.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ra-ca-cert.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ra-ca-cert.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ra-ca-cert.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgICE0UwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ4wDAYDVQQDEwVU
+aGVSQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArUsKksqHsbd7Ncxapwvq
+i8FAV+Ea6ZwfbiFs46ZXDcVEnvwbFWB8PkYrq1vEJGrBCLKS+QNpYh3QG06etm2A
+frUwIGOJkJgGObQ9lFyHBbg27hmct+wYymx0Z3IGe6w1wD5EkK7nzF0Yg0Ph2xfd
+rHaqNEbVL+RemqaABcNbltcCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG
+9w0BAQUFAAOBgQC14vN7a3bbfmqR2mAWDfS5z2+nO0i6M/z3Y7vAVZqyBuiHcUzW
+RYyE4kKzMrxDHBES3zwTOXmW3NSbwMMKd61RRSF0W2cR4MF42etFoUUr0/NjRwIW
+g9IYN2wGBwKYPrSCUSwCGMhxhOEaoqvAeg0sd1v5OezuZjCGQ9UR2myMvA==
+-----END CERTIFICATE-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/raprivkey.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/raprivkey.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/raprivkey.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/raprivkey.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCtSwqSyoext3s1zFqnC+qLwUBX4RrpnB9uIWzjplcNxUSe/BsV
+YHw+RiurW8QkasEIspL5A2liHdAbTp62bYB+tTAgY4mQmAY5tD2UXIcFuDbuGZy3
+7BjKbHRncgZ7rDXAPkSQrufMXRiDQ+HbF92sdqo0RtUv5F6apoAFw1uW1wIDAQAB
+AoGAWcNEH9MuxJxxAuXukxa2EFwy0xJ0GUvYb/h6adUwxJ5JND0MXl9THALG/gUT
+rXVqtfGh9cCRptQghvSLe51u79giGhDUJVntPv24XaHGRjP4a9WbRbHCf+wQtoiN
+LwAyPz7epjmsLUzd/xboxHIw6b0yoDUHAKkXWhvJsQ6gQvkCQQDmR1th4beChxWR
+UFW567G51Rf3TNEG7IQ8VHfAar7T2VYukmpyMCKiPkGtJLLNu9y/tXZhKtdm39a0
+aoW8tu8lAkEAwKY5jFYMLq/rBRdYJ0d6YFow8c54eimN4KqNs61Aa6sUlr5w1PxT
+VoPda5MHnTASf5fzxCxrBpQTQziNeC47SwJBAKgIfcgo+s2GYNiOdF+cey2NL1XH
+eefBgqS7Rj7kJadUuix1rrLwKPWW1DnRw5+Ya/aAJYe1yURKJdO0vy37lvkCQDI8
+ppEj9zVNhpnjRoenqg/qNQ05bE1e/LJzh1Qtf7kT+eB9dOr1ib3r0Re2Vav11z0S
+oOytMJOclZFX8/w9AhUCQE9KNcvzylzJnnFkwm6F0cetxMLcAnPnbVrTjMLKEvV2
+8QrzjD2oQtCXtbImtplvK7SwSqMu2FxH/5glziWCJf8=
+-----END RSA PRIVATE KEY-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/truststore.jks
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/truststore.jks?rev=887328&view=auto
==============================================================================
Files cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/truststore.jks (added) and cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/truststore.jks Fri Dec 4 19:28:17 2009 differ
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble-ra-cert.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble-ra-cert.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble-ra-cert.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble-ra-cert.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECzCCA3SgAwIBAgICE0YwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZX
+aWJibGUwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhQACgYEA5XD8tJZYz+3oR3M8Qqj1
+P+AcxuSegbCR+r7fBGGEc62vjl1XI8tqCsSaQqWUcWgIJlzlHDk9Jd5NEZPZnC31
+gM8f+f3uO7w4fw0ijWajLIvsXSIc6VQKesW/eiTZJgBadXFbSCLKMZYgSC2evEtv
+UePzhuIZHHwggOn/8Inr/yqjgcgwgcUwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0E
+HxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJFMCuxs
+5ZIGrjr4ljLsklCMy4PnMGsGA1UdIwRkMGKhXKRaMFgxDjAMBgNVBAMTBVRoZUNB
+MRswGQYDVQQLExJOT1QgRk9SIFBST0RVQ1RJT04xDzANBgNVBAoTBkFwYWNoZTEL
+MAkGA1UECBMCTlkxCzAJBgNVBAYTAlVTggITRTANBgkqhkiG9w0BAQUFAAOBgQAu
+FKvJSJy1thav0lk7LL156fYs6QusWKuC5YdKa7Tq1NXYXIbPljPs8cJgfWtkBW+L
+N2RNcfDGdYL2uooxFh5a+pM17e6jb5jpBgkS3efA35yhm57bOkM1rMTd6U1uuoi5
+1cUF6n9yJGRRfLONJL/dmnZGWsYitLvNwJyWOlxuNQ==
+-----END CERTIFICATE-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.chain
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.chain?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.chain (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.chain Fri Dec 4 19:28:17 2009
@@ -0,0 +1,56 @@
+-----BEGIN CERTIFICATE-----
+MIIECzCCA3SgAwIBAgICE0YwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZX
+aWJibGUwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhQACgYEA5XD8tJZYz+3oR3M8Qqj1
+P+AcxuSegbCR+r7fBGGEc62vjl1XI8tqCsSaQqWUcWgIJlzlHDk9Jd5NEZPZnC31
+gM8f+f3uO7w4fw0ijWajLIvsXSIc6VQKesW/eiTZJgBadXFbSCLKMZYgSC2evEtv
+UePzhuIZHHwggOn/8Inr/yqjgcgwgcUwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0E
+HxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJFMCuxs
+5ZIGrjr4ljLsklCMy4PnMGsGA1UdIwRkMGKhXKRaMFgxDjAMBgNVBAMTBVRoZUNB
+MRswGQYDVQQLExJOT1QgRk9SIFBST0RVQ1RJT04xDzANBgNVBAoTBkFwYWNoZTEL
+MAkGA1UECBMCTlkxCzAJBgNVBAYTAlVTggITRTANBgkqhkiG9w0BAQUFAAOBgQAu
+FKvJSJy1thav0lk7LL156fYs6QusWKuC5YdKa7Tq1NXYXIbPljPs8cJgfWtkBW+L
+N2RNcfDGdYL2uooxFh5a+pM17e6jb5jpBgkS3efA35yhm57bOkM1rMTd6U1uuoi5
+1cUF6n9yJGRRfLONJL/dmnZGWsYitLvNwJyWOlxuNQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgICE0UwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ4wDAYDVQQDEwVU
+aGVSQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArUsKksqHsbd7Ncxapwvq
+i8FAV+Ea6ZwfbiFs46ZXDcVEnvwbFWB8PkYrq1vEJGrBCLKS+QNpYh3QG06etm2A
+frUwIGOJkJgGObQ9lFyHBbg27hmct+wYymx0Z3IGe6w1wD5EkK7nzF0Yg0Ph2xfd
+rHaqNEbVL+RemqaABcNbltcCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG
+9w0BAQUFAAOBgQC14vN7a3bbfmqR2mAWDfS5z2+nO0i6M/z3Y7vAVZqyBuiHcUzW
+RYyE4kKzMrxDHBES3zwTOXmW3NSbwMMKd61RRSF0W2cR4MF42etFoUUr0/NjRwIW
+g9IYN2wGBwKYPrSCUSwCGMhxhOEaoqvAeg0sd1v5OezuZjCGQ9UR2myMvA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC3DCCAkWgAwIBAgICBNIwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQ
+Uk9EVUNUSU9OMQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQG
+EwJVUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3st0/lxVtgRQMbMWvuQz
+MHFv64qXPIm6sTvK3ff6ILGiOnx6wd98oQoJ+X1MuSVBv0ncf7qwZkxZ+imaf1zl
+MwOw6Rha8yl0Uw2YbVYWFCldSXK/9+0KRTm3El5uzzGKT2dKJ2840Wh7LuYKGoEw
+95xXfWb13K1SL13Ewn8Er1cCAwEAAaOBtDCBsTAdBgNVHQ4EFgQUj0/bfQrFQIB6
+6jnKNpqmcGUjy7cwgYEGA1UdIwR6MHiAFI9P230KxUCAeuo5yjaapnBlI8u3oVyk
+WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9O
+MQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQGEwJVU4ICBNIw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBnLYUUrajPw+Ku9Jr8oDte
+KEe+zGDcEEa0uI8ld0XqLjcVcX1SGGYh13ophJCqn3kBwcXtgH1oxj9/M4fWr6pL
+ml4oJMzrYGRi1M2bMgzWFhX5lhTTy/WCDRW05K9LDvTv94yRJV07uk1ztbYgpiyn
+zjX4WJceNv6/6wzWTT7+Ow==
+-----END CERTIFICATE-----
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.jks
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.jks?rev=887328&view=auto
==============================================================================
Files cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.jks (added) and cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.jks Fri Dec 4 19:28:17 2009 differ
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml Fri Dec 4 19:28:17 2009
@@ -0,0 +1,221 @@
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.apache.cxf.samples</groupId>
+ <artifactId>wssec</artifactId>
+ <version>1.0</version>
+ <name>WS-Security Demo</name>
+ <properties>
+ <cxf.version>[2,)</cxf.version>
+ </properties>
+ <build>
+ <sourceDirectory>src</sourceDirectory>
+ <plugins>
+ <plugin>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.5</source>
+ <target>1.5</target>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-codegen-plugin</artifactId>
+ <version>LATEST</version>
+ <executions>
+ <execution>
+ <id>generate-sources</id>
+ <phase>generate-sources</phase>
+ <configuration>
+ <wsdlOptions>
+ <wsdlOption>
+ <wsdl>${basedir}/wsdl/hello_world.wsdl</wsdl>
+ </wsdlOption>
+ </wsdlOptions>
+ </configuration>
+ <goals>
+ <goal>wsdl2java</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <artifactId>maven-antrun-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>copyxmlfiles</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>run</goal>
+ </goals>
+ <configuration>
+ <tasks>
+ <copy file="${basedir}/src/demo/wssec/server/wssec.xml" todir="${basedir}/target/classes/demo/wssec/server"/>
+ <copy file="${basedir}/src/demo/wssec/client/wssec.xml" todir="${basedir}/target/classes/demo/wssec/client"/>
+ <copy todir="${basedir}/target/classes/certs">
+ <fileset dir="${basedir}/certs"/>
+ </copy>
+ </tasks>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ <profiles>
+ <profile>
+ <id>server</id>
+ <build>
+ <defaultGoal>test</defaultGoal>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>exec-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <phase>test</phase>
+ <goals>
+ <goal>exec</goal>
+ </goals>
+ <configuration>
+ <executable>java</executable>
+ <arguments>
+ <argument>-classpath</argument>
+ <classpath/>
+ <argument>demo.wssec.server.Server</argument>
+ </arguments>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ <profile>
+ <id>client</id>
+ <build>
+ <defaultGoal>test</defaultGoal>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>exec-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <phase>test</phase>
+ <goals>
+ <goal>java</goal>
+ </goals>
+ <configuration>
+ <mainClass>demo.wssec.client.Client</mainClass>
+ <arguments>
+ <argument>${basedir}/wsdl/hello_world.wsdl</argument>
+ <argument>secure</argument>
+ </arguments>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ <profile>
+ <id>client.unauthenticated</id>
+ <build>
+ <defaultGoal>test</defaultGoal>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>exec-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <phase>test</phase>
+ <goals>
+ <goal>java</goal>
+ </goals>
+ <configuration>
+ <mainClass>demo.wssec.client.Client</mainClass>
+ <arguments>
+ <argument>${basedir}/wsdl/hello_world_no_policy.wsdl</argument>
+ <argument>secure</argument>
+ </arguments>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+ <repositories>
+ <repository>
+ <id>apache-snapshots</id>
+ <name>Apache Snapshot Repository</name>
+ <url>http://repository.apache.org/content/groups/snapshots-group/</url>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
+ </repository>
+ </repositories>
+ <pluginRepositories>
+ <pluginRepository>
+ <id>apache-plugin-snapshots</id>
+ <name>Apache Maven Plugin Snapshots</name>
+ <url>http://repository.apache.org/content/groups/snapshots-group/</url>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
+ </pluginRepository>
+ </pluginRepositories>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-frontend-jaxws</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-transports-http</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-transports-http-jetty</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-ws-security</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-ws-policy</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+
+ </dependencies>
+</project>
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml
------------------------------------------------------------------------------
svn:mime-type = text/xml
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java Fri Dec 4 19:28:17 2009
@@ -0,0 +1,81 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package demo.wssec.client;
+
+import java.io.File;
+import java.net.URL;
+import javax.xml.namespace.QName;
+import org.apache.cxf.Bus;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.hello_world_soap_http.Greeter;
+import org.apache.hello_world_soap_http.SOAPService;
+
+public final class Client {
+
+ private static final QName SERVICE_NAME
+ = new QName("http://apache.org/hello_world_soap_http", "SOAPService");
+
+ private static final QName PORT_NAME =
+ new QName("http://apache.org/hello_world_soap_http", "SoapPort");
+
+
+ private Client() {
+ }
+
+ public static void main(String args[]) throws Exception {
+
+ if (args.length == 0) {
+ System.out.println("please specify wsdl");
+ System.exit(1);
+ }
+
+ URL wsdlURL;
+ File wsdlFile = new File(args[0]);
+ if (wsdlFile.exists()) {
+ wsdlURL = wsdlFile.toURL();
+ } else {
+ wsdlURL = new URL(args[0]);
+ }
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = Client.class.getResource("wssec.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ bf.setDefaultBus(bus);
+
+ System.out.println(wsdlURL);
+ SOAPService ss = new SOAPService(wsdlURL, SERVICE_NAME);
+ Greeter port = ss.getPort(PORT_NAME, Greeter.class);
+
+ System.out.println("Invoking greetMe...");
+ try {
+ String resp = port.greetMe(System.getProperty("user.name"));
+ System.out.println("Server responded with: " + resp);
+ System.out.println();
+
+ } catch (Exception e) {
+ System.out.println("Invocation failed with the following: " + e.getCause());
+ System.out.println();
+ }
+
+ System.exit(0);
+ }
+
+}
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java Fri Dec 4 19:28:17 2009
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package demo.wssec.client;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.apache.ws.security.WSPasswordCallback;
+
+/**
+ */
+
+public class UTPasswordCallback implements CallbackHandler {
+
+ private Map<String, String> passwords =
+ new HashMap<String, String>();
+
+ public UTPasswordCallback() {
+ passwords.put("Alice", "ecilA");
+ passwords.put("abcd", "dcba");
+ }
+
+ /**
+ * Here, we attempt to get the password from the private
+ * alias/passwords map.
+ */
+ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
+
+ String pass = passwords.get(pc.getIdentifier());
+ if (pass != null) {
+ pc.setPassword(pass);
+ return;
+ }
+ }
+
+ //
+ // Password not found
+ //
+ throw new IOException();
+ }
+
+ /**
+ * Add an alias/password pair to the callback mechanism.
+ */
+ public void setAliasPassword(String alias, String password) {
+ passwords.put(alias, password);
+ }
+}
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml Fri Dec 4 19:28:17 2009
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<!--
+ ** This file configures the Wibble Client
+ -->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:jaxws="http://cxf.apache.org/jaxws"
+ xsi:schemaLocation="
+ http://cxf.apache.org/core
+ http://cxf.apache.org/schemas/core.xsd
+ http://cxf.apache.org/configuration/security
+ http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/jaxws
+ http://cxf.apache.org/schemas/jaxws.xsd
+ http://cxf.apache.org/transports/http/configuration
+ http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <cxf:bus>
+ <cxf:features>
+ <cxf:logging/>
+ </cxf:features>
+ </cxf:bus>
+
+ <http:conduit name="{http://apache.org/hello_world_soap_http}SoapPort.http-conduit">
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password"
+ file="certs/truststore.jks"/>
+ </sec:trustManagers>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password"
+ file="certs/wibble.jks"/>
+ </sec:keyManagers>
+ <sec:cipherSuitesFilter>
+ <!-- these filters ensure that a ciphersuite with
+ export-suitable or null encryption is used,
+ but exclude anonymous Diffie-Hellman key change as
+ this is vulnerable to man-in-the-middle attacks -->
+ <sec:include>.*_EXPORT_.*</sec:include>
+ <sec:include>.*_EXPORT1024_.*</sec:include>
+ <sec:include>.*_WITH_DES_.*</sec:include>
+ <sec:include>.*_WITH_NULL_.*</sec:include>
+ <sec:exclude>.*_DH_anon_.*</sec:exclude>
+ </sec:cipherSuitesFilter>
+ </http:tlsClientParameters>
+ </http:conduit>
+
+
+ <jaxws:client name="{http://apache.org/hello_world_soap_http}SoapPort" createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice" />
+ <entry key="ws-security.callback-handler" value="demo.wssec.client.UTPasswordCallback" />
+ </jaxws:properties>
+
+ </jaxws:client>
+
+
+
+</beans>
+
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml
------------------------------------------------------------------------------
svn:mime-type = text/xml
Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/abigcompany_ca.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/abigcompany_ca.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/abigcompany_ca.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/abigcompany_ca.pem Fri Dec 4 19:28:17 2009
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDlTCCAv6gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlDELMAkGA1UEBhMCSUUx
+DTALBgNVBAgTBExlaW4xDzANBgNVBAcTBkR1YmxpbjEaMBgGA1UEChMRTGFyZ2Ug
+V2lkZ2V0cyBJbmMxFDASBgNVBAsTC0VuZ2luZWVyaW5nMRIwEAYDVQQDEwlsb2Nh
+bGhvc3QxHzAdBgkqhkiG9w0BCQEWEGluZm9AbHdpZGdldHMuaWUwHhcNMDYwNDA2
+MTMzMTU1WhcNMTYwNDAzMTMzMTU1WjCBlDELMAkGA1UEBhMCSUUxDTALBgNVBAgT
+BExlaW4xDzANBgNVBAcTBkR1YmxpbjEaMBgGA1UEChMRTGFyZ2UgV2lkZ2V0cyBJ
+bmMxFDASBgNVBAsTC0VuZ2luZWVyaW5nMRIwEAYDVQQDEwlsb2NhbGhvc3QxHzAd
+BgkqhkiG9w0BCQEWEGluZm9AbHdpZGdldHMuaWUwgZ8wDQYJKoZIhvcNAQEBBQAD
+gY0AMIGJAoGBAKXQaKoeGRuv9Mt/j8oAlDjL29Rf0XKA0ylHTt9thQ9O6GPiUAzd
+0djHAt0NbIV5f6DmlRfl+KQzri9d+BfywoCTSNoaclp1x5jM/dEjyaCXDPcNzr0l
+7oT1e5V5nLVDJG6qMjxveiQ73kX+IV3EoY8dwiFJALzp4y+1Cslkn08pAgMBAAGj
+gfQwgfEwHQYDVR0OBBYEFNvk101Zxkp0RlKVsvJpCvkcS99kMIHBBgNVHSMEgbkw
+gbaAFNvk101Zxkp0RlKVsvJpCvkcS99koYGapIGXMIGUMQswCQYDVQQGEwJJRTEN
+MAsGA1UECBMETGVpbjEPMA0GA1UEBxMGRHVibGluMRowGAYDVQQKExFMYXJnZSBX
+aWRnZXRzIEluYzEUMBIGA1UECxMLRW5naW5lZXJpbmcxEjAQBgNVBAMTCWxvY2Fs
+aG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0Bsd2lkZ2V0cy5pZYIBADAMBgNVHRME
+BTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAHEPllN7pvzOwvCZWUMsnPihjnMibTnk
+26U1OTOxmKrLNUJ0FTqeygZk68SZjBsxyReW1LwXflAAWqBGhm9FlZIxEhceGQe+
+Wxi/9yDfMi0yG6+pC+Tb++nwDaJwU88N8HxNM3ZLDiV4td1AM3dIzHLyVs5Bb+G2
+jSrwuQwUi2F2
+-----END CERTIFICATE-----