You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2012/05/11 16:07:32 UTC
svn commit: r1337169 - in /cxf/branches/2.4.x-fixes:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/
systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/
systests/ws-security/src/test/java/org/apache/cxf/systest/w...
Author: coheigea
Date: Fri May 11 14:07:31 2012
New Revision: 1337169
URL: http://svn.apache.org/viewvc?rev=1337169&view=rev
Log:
Improving WS-SecurityPolicy 1.1 test coverage
Modified:
cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SupportingTokensBuilder.java
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/server.xml
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509Signature.wsdl
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client/client.xml
cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server/server.xml
Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SupportingTokensBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SupportingTokensBuilder.java?rev=1337169&r1=1337168&r2=1337169&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SupportingTokensBuilder.java (original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/SupportingTokensBuilder.java Fri May 11 14:07:31 2012
@@ -28,6 +28,7 @@ import org.w3c.dom.Element;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.ws.policy.PolicyBuilder;
import org.apache.cxf.ws.security.policy.SP11Constants;
+import org.apache.cxf.ws.security.policy.SPConstants;
import org.apache.cxf.ws.security.policy.SPConstants.SupportTokenType;
import org.apache.cxf.ws.security.policy.model.AlgorithmSuite;
import org.apache.cxf.ws.security.policy.model.SignedEncryptedElements;
@@ -97,20 +98,21 @@ public class SupportingTokensBuilder imp
Assertion primitive = (Assertion)iterator.next();
QName qname = primitive.getName();
-
- if (SP11Constants.ALGORITHM_SUITE.equals(qname)) {
+ String localName = qname.getLocalPart();
+
+ if (SPConstants.ALGO_SUITE.equals(localName)) {
supportingToken.setAlgorithmSuite((AlgorithmSuite)primitive);
- } else if (SP11Constants.SIGNED_PARTS.equals(qname)) {
+ } else if (SPConstants.SIGNED_PARTS.equals(localName)) {
supportingToken.setSignedParts((SignedEncryptedParts)primitive);
- } else if (SP11Constants.SIGNED_ELEMENTS.equals(qname)) {
+ } else if (SPConstants.SIGNED_ELEMENTS.equals(localName)) {
supportingToken.setSignedElements((SignedEncryptedElements)primitive);
- } else if (SP11Constants.ENCRYPTED_PARTS.equals(qname)) {
+ } else if (SPConstants.ENCRYPTED_PARTS.equals(localName)) {
supportingToken.setEncryptedParts((SignedEncryptedParts)primitive);
- } else if (SP11Constants.ENCRYPTED_ELEMENTS.equals(qname)) {
+ } else if (SPConstants.ENCRYPTED_ELEMENTS.equals(localName)) {
supportingToken.setEncryptedElements((SignedEncryptedElements)primitive);
} else if (primitive instanceof Token) {
Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java?rev=1337169&r1=1337168&r2=1337169&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java (original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java Fri May 11 14:07:31 2012
@@ -266,6 +266,32 @@ public class SamlTokenTest extends Abstr
}
@org.junit.Test
+ public void testSaml1SelfSignedOverTransportSP11() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = SamlTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItSaml1SelfSignedTransportSP11Port");
+ DoubleItPortType saml1Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(saml1Port, PORT2);
+
+ ((BindingProvider)saml1Port).getRequestContext().put(
+ "ws-security.saml-callback-handler", new SamlCallbackHandler(false)
+ );
+ int result = saml1Port.doubleIt(25);
+ assertTrue(result == 50);
+
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
public void testAsymmetricSamlInitiator() throws Exception {
if (!unrestrictedPoliciesInstalled) {
@@ -347,6 +373,35 @@ public class SamlTokenTest extends Abstr
int result = saml2Port.doubleIt(25);
assertTrue(result == 50);
}
+
+ @org.junit.Test
+ public void testSaml2EndorsingOverTransportSP11() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = SamlTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = SamlTokenTest.class.getResource("DoubleItSaml.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItSaml2EndorsingTransportSP11Port");
+ DoubleItPortType saml2Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(saml2Port, PORT2);
+
+ SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+ callbackHandler.setConfirmationMethod(SAML2Constants.CONF_HOLDER_KEY);
+ ((BindingProvider)saml2Port).getRequestContext().put(
+ "ws-security.saml-callback-handler", callbackHandler
+ );
+
+ int result = saml2Port.doubleIt(25);
+ assertTrue(result == 50);
+
+ bus.shutdown(true);
+ }
@org.junit.Test
public void testSaml2OverAsymmetricSignedEncrypted() throws Exception {
Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java?rev=1337169&r1=1337168&r2=1337169&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java (original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/X509TokenTest.java Fri May 11 14:07:31 2012
@@ -238,6 +238,30 @@ public class X509TokenTest extends Abstr
}
@org.junit.Test
+ public void testTransportEndorsingSP11() throws Exception {
+ if (!unrestrictedPoliciesInstalled) {
+ return;
+ }
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = X509TokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = X509TokenTest.class.getResource("DoubleItX509.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItTransportEndorsingSP11Port");
+ DoubleItPortType x509Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(x509Port, PORT2);
+ x509Port.doubleIt(25);
+
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
public void testTransportSignedEndorsing() throws Exception {
if (!unrestrictedPoliciesInstalled) {
return;
@@ -326,6 +350,30 @@ public class X509TokenTest extends Abstr
}
@org.junit.Test
+ public void testAsymmetricSignatureSP11() throws Exception {
+ if (!unrestrictedPoliciesInstalled) {
+ return;
+ }
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = X509TokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = X509TokenTest.class.getResource("DoubleItX509Signature.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricSignatureSP11Port");
+ DoubleItPortType x509Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(x509Port, PORT);
+ x509Port.doubleIt(25);
+
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
public void testAsymmetricEncryption() throws Exception {
if (!unrestrictedPoliciesInstalled) {
return;
Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl?rev=1337169&r1=1337168&r2=1337169&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl (original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl Fri May 11 14:07:31 2012
@@ -68,6 +68,25 @@
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
+ <wsdl:binding name="DoubleItSaml1SelfSignedTransportSP11Binding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItSaml1SelfSignedTransportSP11Policy" />
+ <soap:binding style="document"
+ transport="http://schemas.xmlsoap.org/soap/http" />
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction="" />
+ <wsdl:input>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault" />
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
<wsdl:binding name="DoubleItSaml2EndorsingTransportBinding" type="tns:DoubleItPortType">
<wsp:PolicyReference URI="#DoubleItSaml2EndorsingTransportPolicy" />
<soap:binding style="document"
@@ -87,6 +106,25 @@
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
+ <wsdl:binding name="DoubleItSaml2EndorsingTransportSP11Binding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItSaml2EndorsingTransportSP11Policy" />
+ <soap:binding style="document"
+ transport="http://schemas.xmlsoap.org/soap/http" />
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction="" />
+ <wsdl:input>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault" />
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
<wsdl:binding name="DoubleItSaml2SymmetricBinding" type="tns:DoubleItPortType">
<wsp:PolicyReference URI="#DoubleItSaml2SymmetricPolicy" />
<soap:binding style="document"
@@ -274,10 +312,18 @@
binding="tns:DoubleItSaml1SelfSignedTransportBinding">
<soap:address location="https://localhost:9009/DoubleItSaml1SelfSignedTransport" />
</wsdl:port>
+ <wsdl:port name="DoubleItSaml1SelfSignedTransportSP11Port"
+ binding="tns:DoubleItSaml1SelfSignedTransportSP11Binding">
+ <soap:address location="https://localhost:9009/DoubleItSaml1SelfSignedTransportSP11" />
+ </wsdl:port>
<wsdl:port name="DoubleItSaml2EndorsingTransportPort"
binding="tns:DoubleItSaml2EndorsingTransportBinding">
<soap:address location="https://localhost:9009/DoubleItSaml2EndorsingTransport" />
</wsdl:port>
+ <wsdl:port name="DoubleItSaml2EndorsingTransportSP11Port"
+ binding="tns:DoubleItSaml2EndorsingTransportSP11Binding">
+ <soap:address location="https://localhost:9009/DoubleItSaml2EndorsingTransportSP11" />
+ </wsdl:port>
<wsdl:port name="DoubleItAsymmetricSamlInitiatorPort"
binding="tns:DoubleItAsymmetricSamlInitiatorBinding">
<soap:address location="http://localhost:9001/DoubleItAsymmetricSamlInitiator" />
@@ -379,6 +425,44 @@
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItSaml1SelfSignedTransportSP11Policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken>
+ <wsp:Policy/>
+ </sp:HttpsToken>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:SamlToken
+ sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssSamlV11Token11/>
+ </wsp:Policy>
+ </sp:SamlToken>
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
<wsp:Policy wsu:Id="DoubleItSaml2EndorsingTransportPolicy">
<wsp:ExactlyOne>
<wsp:All>
@@ -417,6 +501,44 @@
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItSaml2EndorsingTransportSP11Policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken>
+ <wsp:Policy/>
+ </sp:HttpsToken>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:EndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:SamlToken
+ sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssSamlV20Token11/>
+ </wsp:Policy>
+ </sp:SamlToken>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
<wsp:Policy wsu:Id="DoubleItSaml2SymmetricPolicy">
<wsp:ExactlyOne>
<wsp:All>
Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml?rev=1337169&r1=1337168&r2=1337169&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml (original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml Fri May 11 14:07:31 2012
@@ -96,6 +96,18 @@
</jaxws:properties>
</jaxws:client>
+ <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSaml1SelfSignedTransportSP11Port"
+ createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.signature.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ <entry key="ws-security.self-sign-saml-assertion" value="true"/>
+ </jaxws:properties>
+ </jaxws:client>
+
<jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSaml2EndorsingTransportPort"
createdFromAPI="true">
<jaxws:properties>
@@ -107,6 +119,18 @@
<entry key="ws-security.self-sign-saml-assertion" value="true"/>
</jaxws:properties>
</jaxws:client>
+
+ <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSaml2EndorsingTransportSP11Port"
+ createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.signature.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ <entry key="ws-security.self-sign-saml-assertion" value="true"/>
+ </jaxws:properties>
+ </jaxws:client>
<jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItAsymmetricSamlInitiatorPort"
createdFromAPI="true">
Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/server.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/server.xml?rev=1337169&r1=1337168&r2=1337169&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/server.xml (original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/server/server.xml Fri May 11 14:07:31 2012
@@ -147,6 +147,24 @@
</jaxws:endpoint>
<jaxws:endpoint
+ id="Saml1SelfSignedTokenOverTransportSP11"
+ address="https://localhost:${testutil.ports.Server.2}/DoubleItSaml1SelfSignedTransportSP11"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItSaml1SelfSignedTransportSP11Port"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
id="Saml2EndorsingOverTransport"
address="https://localhost:${testutil.ports.Server.2}/DoubleItSaml2EndorsingTransport"
serviceName="s:DoubleItService"
@@ -164,7 +182,25 @@
</jaxws:endpoint>
- <jaxws:endpoint
+ <jaxws:endpoint
+ id="Saml2EndorsingOverTransportSP11"
+ address="https://localhost:${testutil.ports.Server.2}/DoubleItSaml2EndorsingTransportSP11"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItSaml2EndorsingTransportSP11Port"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItPortTypeImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/saml/DoubleItSaml.wsdl">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ <entry key="ws-security.encryption.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
id="AsymmetricSamlInitiatorPort"
address="http://localhost:${testutil.ports.Server}/DoubleItAsymmetricSamlInitiator"
serviceName="s:DoubleItService"
Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl?rev=1337169&r1=1337168&r2=1337169&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl (original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl Fri May 11 14:07:31 2012
@@ -182,6 +182,25 @@
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
+ <wsdl:binding name="DoubleItTransportEndorsingSP11Binding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItTransportEndorsingSP11Policy" />
+ <soap:binding style="document"
+ transport="http://schemas.xmlsoap.org/soap/http" />
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction="" />
+ <wsdl:input>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault" />
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
<wsdl:binding name="DoubleItTransportSignedEndorsingBinding" type="tns:DoubleItPortType">
<wsp:PolicyReference URI="#DoubleItTransportSignedEndorsingPolicy" />
<soap:binding style="document"
@@ -270,6 +289,10 @@
binding="tns:DoubleItTransportEndorsingBinding">
<soap:address location="https://localhost:9002/DoubleItX509TransportEndorsing" />
</wsdl:port>
+ <wsdl:port name="DoubleItTransportEndorsingSP11Port"
+ binding="tns:DoubleItTransportEndorsingSP11Binding">
+ <soap:address location="https://localhost:9002/DoubleItX509TransportEndorsingSP11" />
+ </wsdl:port>
<wsdl:port name="DoubleItTransportSignedEndorsingPort"
binding="tns:DoubleItTransportSignedEndorsingBinding">
<soap:address location="https://localhost:9002/DoubleItX509TransportSignedEndorsing" />
@@ -596,6 +619,48 @@
</wsp:ExactlyOne>
</wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItTransportEndorsingSP11Policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken>
+ <wsp:Policy/>
+ </sp:HttpsToken>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:EndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:X509Token
+ sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10 />
+ </wsp:Policy>
+ </sp:X509Token>
+ <sp:SignedParts>
+ <sp:Body/>
+ </sp:SignedParts>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
<wsp:Policy wsu:Id="DoubleItTransportSignedEndorsingPolicy">
<wsp:ExactlyOne>
<wsp:All>
Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509Signature.wsdl
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509Signature.wsdl?rev=1337169&r1=1337168&r2=1337169&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509Signature.wsdl (original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509Signature.wsdl Fri May 11 14:07:31 2012
@@ -50,6 +50,26 @@
</wsdl:operation>
</wsdl:binding>
+ <wsdl:binding name="DoubleItAsymmetricSignatureSP11Binding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItAsymmetricSignatureSP11Policy" />
+ <soap:binding style="document"
+ transport="http://schemas.xmlsoap.org/soap/http" />
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction="" />
+ <wsdl:input>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault" />
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
+
<wsdl:binding name="DoubleItAsymmetricEncryptionBinding" type="tns:DoubleItPortType">
<wsp:PolicyReference URI="#DoubleItAsymmetricEncryptionPolicy" />
<soap:binding style="document"
@@ -75,6 +95,10 @@
binding="tns:DoubleItAsymmetricSignatureBinding">
<soap:address location="http://localhost:9001/DoubleItX509AsymmetricSignature" />
</wsdl:port>
+ <wsdl:port name="DoubleItAsymmetricSignatureSP11Port"
+ binding="tns:DoubleItAsymmetricSignatureSP11Binding">
+ <soap:address location="http://localhost:9001/DoubleItX509AsymmetricSignatureSP11" />
+ </wsdl:port>
<wsdl:port name="DoubleItAsymmetricEncryptionPort"
binding="tns:DoubleItAsymmetricEncryptionBinding">
<soap:address location="http://localhost:9001/DoubleItX509AsymmetricEncryption" />
@@ -125,6 +149,50 @@
</wsp:ExactlyOne>
</wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItAsymmetricSignatureSP11Policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:InitiatorSignatureToken>
+ <wsp:Policy>
+ <sp:X509Token
+ sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10 />
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorSignatureToken>
+ <sp:RecipientSignatureToken>
+ <wsp:Policy>
+ <sp:X509Token
+ sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10 />
+ <sp:RequireIssuerSerialReference />
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientSignatureToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
<wsp:Policy wsu:Id="DoubleItAsymmetricEncryptionPolicy">
<wsp:ExactlyOne>
<wsp:All>
Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client/client.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client/client.xml?rev=1337169&r1=1337168&r2=1337169&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client/client.xml (original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/client/client.xml Fri May 11 14:07:31 2012
@@ -107,6 +107,19 @@
</jaxws:properties>
</jaxws:client>
+ <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItAsymmetricSignatureSP11Port"
+ createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.encryption.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/bob.properties"/>
+ <entry key="ws-security.signature.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ </jaxws:properties>
+ </jaxws:client>
+
<jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItAsymmetricEncryptionPort"
createdFromAPI="true">
<jaxws:properties>
@@ -154,6 +167,17 @@
</jaxws:properties>
</jaxws:client>
+ <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItTransportEndorsingSP11Port"
+ createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.signature.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ <entry key="ws-security.signature.username" value="alice"/>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ </jaxws:properties>
+ </jaxws:client>
+
<jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItTransportSignedEndorsingPort"
createdFromAPI="true">
<jaxws:properties>
Modified: cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server/server.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server/server.xml?rev=1337169&r1=1337168&r2=1337169&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server/server.xml (original)
+++ cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/server/server.xml Fri May 11 14:07:31 2012
@@ -184,6 +184,26 @@
</jaxws:endpoint>
<jaxws:endpoint
+ id="AsymmetricSignatureSP11"
+ address="http://localhost:${testutil.ports.Server}/DoubleItX509AsymmetricSignatureSP11"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItAsymmetricSignatureSP11Port"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/x509/DoubleItX509Signature.wsdl">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+ <entry key="ws-security.signature.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/bob.properties"/>
+ <entry key="ws-security.encryption.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
id="AsymmetricEncryption"
address="http://localhost:${testutil.ports.Server}/DoubleItX509AsymmetricEncryption"
serviceName="s:DoubleItService"
@@ -261,6 +281,23 @@
</jaxws:endpoint>
<jaxws:endpoint
+ id="TransportEndorsingSP11"
+ address="https://localhost:${testutil.ports.Server.2}/DoubleItX509TransportEndorsingSP11"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItTransportEndorsingSP11Port"
+ xmlns:s="http://www.example.org/contract/DoubleIt"
+ implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+ wsdlLocation="org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.encryption.properties"
+ value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
id="TransportSignedEndorsing"
address="https://localhost:${testutil.ports.Server.2}/DoubleItX509TransportSignedEndorsing"
serviceName="s:DoubleItService"