You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/07/08 13:30:47 UTC
svn commit: r1500667 - in /cxf/trunk:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/
systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/
systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_ch...
Author: coheigea
Date: Mon Jul 8 11:30:47 2013
New Revision: 1500667
URL: http://svn.apache.org/r1500667
Log:
Fixed a bug in the streaming code + added more system tests
Added:
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/StaxCryptoCoverageCheckerTest.java
- copied, changed from r1500513, cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/server/StaxServer.java
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/coverage_checker/server/stax-server.xml
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java?rev=1500667&r1=1500666&r2=1500667&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java Mon Jul 8 11:30:47 2013
@@ -122,22 +122,6 @@ public class WSS4JStaxInInterceptor exte
configureProperties(soapMessage);
configureCallbackHandler(soapMessage);
- if (getSecurityProperties() != null) {
- TokenStoreCallbackHandler callbackHandler =
- new TokenStoreCallbackHandler(
- getSecurityProperties().getCallbackHandler(), getTokenStore(soapMessage)
- );
- getSecurityProperties().setCallbackHandler(callbackHandler);
- } else {
- Map<String, Object> config = getProperties();
- TokenStoreCallbackHandler callbackHandler =
- new TokenStoreCallbackHandler(
- (CallbackHandler)config.get(ConfigurationConstants.PW_CALLBACK_REF),
- getTokenStore(soapMessage)
- );
- config.put(ConfigurationConstants.PW_CALLBACK_REF, callbackHandler);
- }
-
InboundWSSec inboundWSSec = null;
WSSSecurityProperties secProps = null;
if (getSecurityProperties() != null) {
@@ -146,6 +130,12 @@ public class WSS4JStaxInInterceptor exte
secProps = ConfigurationConverter.convert(getProperties());
}
+ TokenStoreCallbackHandler callbackHandler =
+ new TokenStoreCallbackHandler(
+ secProps.getCallbackHandler(), getTokenStore(soapMessage)
+ );
+ secProps.setCallbackHandler(callbackHandler);
+
setTokenValidators(secProps, soapMessage);
SecurityEventListener securityEventListener =
@@ -253,6 +243,15 @@ public class WSS4JStaxInInterceptor exte
ConfigurationConstants.SIG_VER_PROP_FILE,
ConfigurationConstants.SIG_VER_PROP_REF_ID
);
+ if (sigVerCrypto == null) {
+ // Fall back to using the Signature properties for verification
+ sigVerCrypto =
+ loadCrypto(
+ msg,
+ ConfigurationConstants.SIG_PROP_FILE,
+ ConfigurationConstants.SIG_PROP_REF_ID
+ );
+ }
if (sigVerCrypto != null) {
config.put(ConfigurationConstants.SIG_VER_PROP_REF_ID, "RefId-" + sigVerCrypto.hashCode());
config.put("RefId-" + sigVerCrypto.hashCode(), sigVerCrypto);
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java?rev=1500667&r1=1500666&r2=1500667&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java Mon Jul 8 11:30:47 2013
@@ -32,6 +32,7 @@ import org.apache.cxf.systest.ws.common.
import org.apache.cxf.systest.ws.coverage_checker.server.Server;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
+import org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor;
import org.example.contract.doubleit.DoubleItPortType;
import org.junit.BeforeClass;
@@ -89,8 +90,15 @@ public class DefaultCryptoCoverageChecke
+ "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+ port.doubleIt(25);
+ bus.getOutInterceptors().remove(outInterceptor);
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
port.doubleIt(25);
((java.io.Closeable)port).close();
@@ -123,7 +131,21 @@ public class DefaultCryptoCoverageChecke
outProps.put("signatureParts",
"{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not signing the Timestamp");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -163,7 +185,21 @@ public class DefaultCryptoCoverageChecke
"{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not signing the Timestamp");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -204,8 +240,15 @@ public class DefaultCryptoCoverageChecke
+ "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+ port.doubleIt(25);
+ bus.getOutInterceptors().remove(outInterceptor);
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
port.doubleIt(25);
((java.io.Closeable)port).close();
@@ -238,7 +281,21 @@ public class DefaultCryptoCoverageChecke
outProps.put("signatureParts",
"{}{http://www.w3.org/2003/05/soap-envelope}Body;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not signing the Timestamp");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -278,7 +335,21 @@ public class DefaultCryptoCoverageChecke
"{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not signing the Timestamp");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -321,9 +392,16 @@ public class DefaultCryptoCoverageChecke
"{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
outProps.put("encryptionParts",
"{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+ port.doubleIt(25);
+ bus.getOutInterceptors().remove(outInterceptor);
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
-
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
port.doubleIt(25);
((java.io.Closeable)port).close();
@@ -362,7 +440,21 @@ public class DefaultCryptoCoverageChecke
"{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not encrypting the SOAP Body");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -402,9 +494,22 @@ public class DefaultCryptoCoverageChecke
"{}{http://schemas.xmlsoap.org/soap/envelope/}Body;"
+ "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
+
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not signing the WS-Addressing headers");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
- WSS4JOutInterceptor wss4jOutInterceptor = new WSS4JOutInterceptor(outProps);
- bus.getOutInterceptors().add(wss4jOutInterceptor);
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -412,18 +517,25 @@ public class DefaultCryptoCoverageChecke
} catch (Exception ex) {
// expected
}
+ bus.getOutInterceptors().remove(staxOutInterceptor);
// Now sign the WS-Addressing headers
- bus.getOutInterceptors().remove(wss4jOutInterceptor);
-
outProps.put("signatureParts",
"{}{http://schemas.xmlsoap.org/soap/envelope/}Body;"
+ "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;"
+ "{}{http://www.w3.org/2005/08/addressing}ReplyTo;");
- wss4jOutInterceptor = new WSS4JOutInterceptor(outProps);
- bus.getOutInterceptors().add(wss4jOutInterceptor);
+ // DOM
+ outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ port.doubleIt(25);
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
port.doubleIt(25);
Copied: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/StaxCryptoCoverageCheckerTest.java (from r1500513, cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/StaxCryptoCoverageCheckerTest.java?p2=cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/StaxCryptoCoverageCheckerTest.java&p1=cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java&r1=1500513&r2=1500667&rev=1500667&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/StaxCryptoCoverageCheckerTest.java Mon Jul 8 11:30:47 2013
@@ -29,18 +29,19 @@ import javax.xml.ws.Service;
import org.apache.cxf.Bus;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.systest.ws.common.SecurityTestUtil;
-import org.apache.cxf.systest.ws.coverage_checker.server.Server;
+import org.apache.cxf.systest.ws.coverage_checker.server.StaxServer;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
+import org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor;
import org.example.contract.doubleit.DoubleItPortType;
import org.junit.BeforeClass;
/**
- * A set of tests for the DefaultCryptoCoverageChecker. It tests both DOM + StAX
- * clients against the DOM server.
+ * A set of tests for the StaxCryptoCoverageChecker. It tests both DOM + StAX
+ * clients against the StAX server.
*/
-public class DefaultCryptoCoverageCheckerTest extends AbstractBusClientServerTestBase {
- public static final String PORT = allocatePort(Server.class);
+public class StaxCryptoCoverageCheckerTest extends AbstractBusClientServerTestBase {
+ public static final String PORT = allocatePort(StaxServer.class);
private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
@@ -51,7 +52,7 @@ public class DefaultCryptoCoverageChecke
"Server failed to launch",
// run the server in the same process
// set this to false to fork
- launchServer(Server.class, true)
+ launchServer(StaxServer.class, true)
);
}
@@ -64,13 +65,13 @@ public class DefaultCryptoCoverageChecke
@org.junit.Test
public void testSignedBodyTimestamp() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+ URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+ URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampPort");
DoubleItPortType port =
@@ -89,8 +90,15 @@ public class DefaultCryptoCoverageChecke
+ "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+ port.doubleIt(25);
+ bus.getOutInterceptors().remove(outInterceptor);
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
port.doubleIt(25);
((java.io.Closeable)port).close();
@@ -100,13 +108,13 @@ public class DefaultCryptoCoverageChecke
@org.junit.Test
public void testSignedBodyOnly() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+ URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+ URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampPort");
DoubleItPortType port =
@@ -123,7 +131,21 @@ public class DefaultCryptoCoverageChecke
outProps.put("signatureParts",
"{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not signing the Timestamp");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -139,13 +161,13 @@ public class DefaultCryptoCoverageChecke
@org.junit.Test
public void testSignedTimestampOnly() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+ URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+ URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampPort");
DoubleItPortType port =
@@ -163,7 +185,21 @@ public class DefaultCryptoCoverageChecke
"{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not signing the Timestamp");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -179,13 +215,13 @@ public class DefaultCryptoCoverageChecke
@org.junit.Test
public void testSignedBodyTimestampSoap12() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+ URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+ URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampSoap12Port");
DoubleItPortType port =
@@ -204,8 +240,15 @@ public class DefaultCryptoCoverageChecke
+ "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+ port.doubleIt(25);
+ bus.getOutInterceptors().remove(outInterceptor);
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
port.doubleIt(25);
((java.io.Closeable)port).close();
@@ -215,13 +258,13 @@ public class DefaultCryptoCoverageChecke
@org.junit.Test
public void testSignedBodyOnlySoap12() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+ URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+ URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampSoap12Port");
DoubleItPortType port =
@@ -238,7 +281,21 @@ public class DefaultCryptoCoverageChecke
outProps.put("signatureParts",
"{}{http://www.w3.org/2003/05/soap-envelope}Body;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not signing the Timestamp");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -254,13 +311,13 @@ public class DefaultCryptoCoverageChecke
@org.junit.Test
public void testSignedTimestampOnlySoap12() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+ URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+ URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampSoap12Port");
DoubleItPortType port =
@@ -278,7 +335,21 @@ public class DefaultCryptoCoverageChecke
"{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not signing the Timestamp");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -294,13 +365,13 @@ public class DefaultCryptoCoverageChecke
@org.junit.Test
public void testSignedEncryptedBody() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+ URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+ URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSignedEncryptedBodyPort");
DoubleItPortType port =
@@ -321,9 +392,16 @@ public class DefaultCryptoCoverageChecke
"{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
outProps.put("encryptionParts",
"{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+ port.doubleIt(25);
+ bus.getOutInterceptors().remove(outInterceptor);
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
-
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
port.doubleIt(25);
((java.io.Closeable)port).close();
@@ -333,13 +411,13 @@ public class DefaultCryptoCoverageChecke
@org.junit.Test
public void testSignedNotEncryptedBody() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+ URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+ URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItSignedEncryptedBodyPort");
DoubleItPortType port =
@@ -362,7 +440,21 @@ public class DefaultCryptoCoverageChecke
"{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
- bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not encrypting the SOAP Body");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -378,13 +470,13 @@ public class DefaultCryptoCoverageChecke
@org.junit.Test
public void testWSAddressing() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+ URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+ URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
Service service = Service.create(wsdl, SERVICE_QNAME);
QName portQName = new QName(NAMESPACE, "DoubleItWSAPort");
DoubleItPortType port =
@@ -402,9 +494,22 @@ public class DefaultCryptoCoverageChecke
"{}{http://schemas.xmlsoap.org/soap/envelope/}Body;"
+ "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
+
+ // DOM
+ WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
- WSS4JOutInterceptor wss4jOutInterceptor = new WSS4JOutInterceptor(outProps);
- bus.getOutInterceptors().add(wss4jOutInterceptor);
+ try {
+ port.doubleIt(25);
+ fail("Failure expected on not signing the WS-Addressing headers");
+ } catch (Exception ex) {
+ // expected
+ }
+ bus.getOutInterceptors().remove(outInterceptor);
+
+ // Streaming
+ WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
try {
port.doubleIt(25);
@@ -412,86 +517,28 @@ public class DefaultCryptoCoverageChecke
} catch (Exception ex) {
// expected
}
+ bus.getOutInterceptors().remove(staxOutInterceptor);
// Now sign the WS-Addressing headers
- bus.getOutInterceptors().remove(wss4jOutInterceptor);
-
outProps.put("signatureParts",
"{}{http://schemas.xmlsoap.org/soap/envelope/}Body;"
+ "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
+ "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;"
+ "{}{http://www.w3.org/2005/08/addressing}ReplyTo;");
- wss4jOutInterceptor = new WSS4JOutInterceptor(outProps);
- bus.getOutInterceptors().add(wss4jOutInterceptor);
+ // DOM
+ outInterceptor = new WSS4JOutInterceptor(outProps);
+ bus.getOutInterceptors().add(outInterceptor);
port.doubleIt(25);
+ bus.getOutInterceptors().remove(outInterceptor);
- ((java.io.Closeable)port).close();
- bus.shutdown(true);
- }
-
- // Here the service is sending an secured message back to the client. For a server Fault
- // message it returns the original fault, as the CryptoCoverageChecker is configured not
- // to check a fault (see CXF-4954)
- @org.junit.Test
- public void testClientChecker() throws Exception {
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItClientCheckerPort");
- DoubleItPortType port =
- service.getPort(portQName, DoubleItPortType.class);
- updateAddressPort(port, PORT);
+ // Streaming
+ staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+ bus.getOutInterceptors().add(staxOutInterceptor);
port.doubleIt(25);
- // Now try with a message that will create a Fault in the SEI
- try {
- port.doubleIt(0);
- fail("Failure expected on trying to double 0");
- } catch (Exception ex) {
- assertTrue(ex.getMessage().contains("0 can't be doubled"));
- }
-
- ((java.io.Closeable)port).close();
- bus.shutdown(true);
- }
-
- // Here the service is sending an secured message back to the client. For a server Fault
- // message it should return a secured Fault message as well
- @org.junit.Test
- public void testClientChecker2() throws Exception {
- SpringBusFactory bf = new SpringBusFactory();
- URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
-
- Bus bus = bf.createBus(busFile.toString());
- SpringBusFactory.setDefaultBus(bus);
- SpringBusFactory.setThreadDefaultBus(bus);
-
- URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
- Service service = Service.create(wsdl, SERVICE_QNAME);
- QName portQName = new QName(NAMESPACE, "DoubleItClientCheckerPort2");
- DoubleItPortType port =
- service.getPort(portQName, DoubleItPortType.class);
- updateAddressPort(port, PORT);
-
- port.doubleIt(25);
-
- // Now try with a message that will create a Fault in the SEI
- try {
- port.doubleIt(0);
- fail("Failure expected on trying to double 0");
- } catch (Exception ex) {
- assertTrue(ex.getMessage().contains("0 can't be doubled"));
- }
-
((java.io.Closeable)port).close();
bus.shutdown(true);
}
Added: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/server/StaxServer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/server/StaxServer.java?rev=1500667&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/server/StaxServer.java (added)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/server/StaxServer.java Mon Jul 8 11:30:47 2013
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.ws.coverage_checker.server;
+
+import java.net.URL;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+public class StaxServer extends AbstractBusTestServerBase {
+
+ public StaxServer() {
+
+ }
+
+ protected void run() {
+ URL busFile = StaxServer.class.getResource("stax-server.xml");
+ Bus busLocal = new SpringBusFactory().createBus(busFile);
+ BusFactory.setDefaultBus(busLocal);
+ setBus(busLocal);
+ }
+}
Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java?rev=1500667&r1=1500666&r2=1500667&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java Mon Jul 8 11:30:47 2013
@@ -36,7 +36,8 @@ import org.junit.BeforeClass;
/**
* This is a test for policy alternatives. The endpoint requires either a UsernameToken (insecured) OR
- * a message signature using the Asymmetric binding.
+ * a message signature using the Asymmetric binding. It tests both DOM + StAX clients against the
+ * DOM server
*/
public class PolicyAlternativeTest extends AbstractBusClientServerTestBase {
static final String PORT = allocatePort(Server.class);
@@ -81,6 +82,11 @@ public class PolicyAlternativeTest exten
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
+ utPort.doubleIt(25);
+
+ // Streaming
+ SecurityTestUtil.enableStreaming(utPort);
utPort.doubleIt(25);
((java.io.Closeable)utPort).close();
@@ -107,6 +113,7 @@ public class PolicyAlternativeTest exten
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
try {
utPort.doubleIt(25);
fail("Failure expected on no Security");
@@ -114,6 +121,15 @@ public class PolicyAlternativeTest exten
// expected
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(utPort);
+ utPort.doubleIt(25);
+ fail("Failure expected on no Security");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ }
+
((java.io.Closeable)utPort).close();
bus.shutdown(true);
}
@@ -138,8 +154,13 @@ public class PolicyAlternativeTest exten
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT);
+ // DOM
utPort.doubleIt(25);
+ // TODO See WSS-458 Streaming
+ // SecurityTestUtil.enableStreaming(utPort);
+ // utPort.doubleIt(25);
+
((java.io.Closeable)utPort).close();
bus.shutdown(true);
}
@@ -165,6 +186,7 @@ public class PolicyAlternativeTest exten
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(utPort, PORT2);
+ // DOM
try {
utPort.doubleIt(25);
fail("Failure expected because no client certificate");
@@ -172,6 +194,15 @@ public class PolicyAlternativeTest exten
assertTrue(ex.getMessage().contains("HttpsToken"));
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(utPort);
+ utPort.doubleIt(25);
+ fail("Failure expected because no client certificate");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // assertTrue(ex.getMessage().contains("HttpsToken"));
+ }
+
((java.io.Closeable)utPort).close();
bus.shutdown(true);
}
@@ -197,6 +228,7 @@ public class PolicyAlternativeTest exten
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(transportPort, PORT2);
+ // DOM
try {
transportPort.doubleIt(25);
fail("Failure expected on not signing a wsa header");
@@ -204,6 +236,15 @@ public class PolicyAlternativeTest exten
// expected
}
+ // Streaming
+ try {
+ SecurityTestUtil.enableStreaming(transportPort);
+ transportPort.doubleIt(25);
+ fail("Failure expected because no client certificate");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // assertTrue(ex.getMessage().contains("HttpsToken"));
+ }
+
((java.io.Closeable)transportPort).close();
bus.shutdown(true);
}
@@ -230,7 +271,17 @@ public class PolicyAlternativeTest exten
service.getPort(portQName, DoubleItPortType.class);
updateAddressPort(transportPort, PORT2);
+ // DOM
+ try {
+ transportPort.doubleIt(25);
+ fail("Failure expected on not signing a wsa header");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ }
+
+ // Streaming
try {
+ SecurityTestUtil.enableStreaming(transportPort);
transportPort.doubleIt(25);
fail("Failure expected on not signing a wsa header");
} catch (javax.xml.ws.soap.SOAPFaultException ex) {
Added: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/coverage_checker/server/stax-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/coverage_checker/server/stax-server.xml?rev=1500667&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/coverage_checker/server/stax-server.xml (added)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/coverage_checker/server/stax-server.xml Mon Jul 8 11:30:47 2013
@@ -0,0 +1,153 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:jaxws="http://cxf.apache.org/jaxws"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:p="http://cxf.apache.org/policy"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
+ ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <cxf:bus>
+ <cxf:features>
+ <p:policies/>
+ <cxf:logging/>
+ </cxf:features>
+ </cxf:bus>
+
+ <jaxws:endpoint
+ id="BodyTimestamp"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItBodyTimestamp"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItBodyTimestampPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/coverage_checker/DoubleItCoverageChecker.wsdl">
+
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature Timestamp"/>
+ <entry key="signaturePropFile" value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ <entry key="passwordCallbackClass"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ <bean class="org.apache.cxf.ws.security.wss4j.StaxCryptoCoverageChecker"/>
+ </jaxws:inInterceptors>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="BodyTimestampSoap12"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItBodyTimestampSoap12"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItBodyTimestampSoap12Port"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/coverage_checker/DoubleItCoverageChecker.wsdl">
+
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature Timestamp"/>
+ <entry key="signaturePropFile" value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ <entry key="passwordCallbackClass"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ <bean class="org.apache.cxf.ws.security.wss4j.StaxCryptoCoverageChecker">
+ <property name="signBody" value="true"/>
+ <property name="signTimestamp" value="true"/>
+ </bean>
+ </jaxws:inInterceptors>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="SignedEncryptedBody"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItSignedEncrypted"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItSignedEncryptedBodyPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/coverage_checker/DoubleItCoverageChecker.wsdl">
+
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Encrypt Signature Timestamp"/>
+ <entry key="signaturePropFile" value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ <entry key="decryptionPropFile" value="org/apache/cxf/systest/ws/wssec10/client/bob.properties"/>
+ <entry key="passwordCallbackClass"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ <bean class="org.apache.cxf.ws.security.wss4j.StaxCryptoCoverageChecker">
+ <property name="signBody" value="true"/>
+ <property name="signTimestamp" value="false"/>
+ <property name="encryptBody" value="true"/>
+ </bean>
+ </jaxws:inInterceptors>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="WSA"
+ address="http://localhost:${testutil.ports.StaxServer}/DoubleItWSA"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItWSAPort"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/coverage_checker/DoubleItCoverageChecker.wsdl">
+
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature Timestamp"/>
+ <entry key="signaturePropFile" value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ <entry key="passwordCallbackClass"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ <bean class="org.apache.cxf.ws.security.wss4j.StaxCryptoCoverageChecker"/>
+ </jaxws:inInterceptors>
+ <jaxws:features>
+ <wsa:addressing xmlns:wsa="http://cxf.apache.org/ws/addressing"/>
+ </jaxws:features>
+ </jaxws:endpoint>
+
+</beans>