You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by bi...@apache.org on 2020/04/15 16:08:25 UTC
[axis-axis2-java-rampart] 07/10: Merge changes up to r1240267 from
trunk.
This is an automated email from the ASF dual-hosted git repository.
billblough pushed a commit to branch RAMPART-289
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git
commit ef0ad8793587903045b0cb5f72c2a31cceb08d00
Author: Andreas Veithen <ve...@apache.org>
AuthorDate: Mon Jan 30 17:29:58 2017 +0000
Merge changes up to r1240267 from trunk.
---
build.xml | 21 +
legal/bcprov-LICENSE.txt | 19 +
legal/commons-lang-LICENSE.txt | 202 +++++
...f4j-jdk14-LICENSE.txt => slf4j-jcl-LICENSE.txt} | 0
modules/distribution/bin.xml | 7 +-
modules/distribution/pom.xml | 93 ++-
modules/distribution/src.xml | 11 +-
modules/documentation/pom.xml | 31 +-
.../1.5 => resources/download/1.1}/download.cgi | 0
.../1.5.1 => resources/download/1.2}/download.cgi | 0
.../1.4 => resources/download/1.3}/download.cgi | 0
.../1.3 => resources/download/1.4}/download.cgi | 0
.../1.2 => resources/download/1.5.1}/download.cgi | 0
.../1.1 => resources/download/1.5.2}/download.cgi | 0
.../{xdoc => resources}/download/1.5/download.cgi | 0
.../1.5 => resources/download/1.6.0}/download.cgi | 0
.../1.5 => resources/download/1.6.1}/download.cgi | 0
.../src/site/xdoc/developer-guide.xml | 4 +-
modules/documentation/src/site/xdoc/download.xml | 35 +-
.../src/site/xdoc/download/1.5.1/download.xml | 51 +-
.../xdoc/download/{1.5.1 => 1.5.2}/download.xml | 55 +-
.../xdoc/download/{1.5.1 => 1.6.0}/download.xml | 55 +-
.../xdoc/download/{1.5.1 => 1.6.1}/download.xml | 55 +-
modules/documentation/src/site/xdoc/index.xml | 54 +-
.../src/site/xdoc/rampartconfig-guide.xml | 14 +
modules/documentation/src/site/xdoc/svn.xml | 2 +-
modules/rampart-core/pom.xml | 39 +-
.../java/org/apache/rampart/MessageBuilder.java | 14 +-
.../rampart/PolicyBasedResultsValidator.java | 8 +-
.../java/org/apache/rampart/RampartConstants.java | 3 +-
.../java/org/apache/rampart/RampartEngine.java | 160 ++--
.../java/org/apache/rampart/RampartException.java | 2 +-
.../org/apache/rampart/RampartMessageData.java | 168 ++--
.../org/apache/rampart/TokenCallbackHandler.java | 22 +-
.../rampart/builder/AsymmetricBindingBuilder.java | 33 +-
.../org/apache/rampart/builder/BindingBuilder.java | 78 +-
.../rampart/builder/SymmetricBindingBuilder.java | 82 +-
.../rampart/builder/TransportBindingBuilder.java | 38 +-
.../main/java/org/apache/rampart/errors.properties | 4 +-
.../handler/PostDispatchVerificationHandler.java | 1 -
.../org/apache/rampart/handler/RampartSender.java | 17 +-
.../rampart/handler/WSSHandlerConstants.java | 2 +
.../rampart/policy/RampartPolicyBuilder.java | 31 +-
.../apache/rampart/policy/RampartPolicyData.java | 15 +-
.../policy/builders/CryptoConfigBuilder.java | 8 +-
.../policy/builders/OptimizePartsBuilder.java | 2 +-
.../policy/builders/RampartConfigBuilder.java | 2 +-
.../rampart/policy/builders/SSLConfigBuilder.java | 2 +-
.../apache/rampart/policy/model/CryptoConfig.java | 27 +-
.../rampart/policy/model/OptimizePartsConfig.java | 4 +-
.../apache/rampart/policy/model/RampartConfig.java | 3 +
.../org/apache/rampart/policy/model/SSLConfig.java | 3 +
.../apache/rampart/saml/SAML1AssertionHandler.java | 84 ++
.../apache/rampart/saml/SAML2AssertionHandler.java | 111 +++
.../apache/rampart/saml/SAMLAssertionHandler.java | 92 +++
.../rampart/saml/SAMLAssertionHandlerFactory.java | 37 +
.../java/org/apache/rampart/util/Axis2Util.java | 66 +-
.../java/org/apache/rampart/util/RampartUtil.java | 272 +++---
modules/rampart-integration/pom.xml | 918 +++++++++------------
.../rahas/RahasSAML2TokenCertForHoKTest.java | 1 -
.../java/org/apache/rahas/RahasSAML2TokenTest.java | 1 -
...st.java => RahasSAML2TokenUTForBearerTest.java} | 82 +-
.../apache/rahas/RahasSAMLTokenAttributeTest.java | 4 +-
.../apache/rahas/RahasSAMLTokenCertForHoKTest.java | 6 +-
.../rahas/RahasSAMLTokenCertForHoKV1205Test.java | 4 +-
.../java/org/apache/rahas/RahasSAMLTokenTest.java | 5 +-
.../rahas/RahasSAMLTokenUTForBearerTest.java | 59 +-
.../rahas/RahasSAMLTokenUTForBearerV1205Test.java | 4 +-
.../apache/rahas/RahasSAMLTokenUTForHoKTest.java | 4 +-
.../rahas/RahasSAMLTokenUTForHoKV1205Test.java | 4 +-
.../org/apache/rahas/RahasSAMLTokenV1205Test.java | 5 +-
.../java/org/apache/rahas/SAMLDataProvider.java | 36 +-
.../test/java/org/apache/rampart/RampartTest.java | 99 ++-
.../log4j.properties} | 55 +-
.../src/test/resources/rampart/policy/16.xml | 4 +-
.../src/test/resources/rampart/policy/3.xml | 2 +-
.../src/test/resources/rampart/policy/30.xml | 4 +-
.../resources/rampart/policy/{3.xml => 31.xml} | 148 ++--
.../resources/rampart/policy/{30.xml => 32.xml} | 63 +-
.../src/test/resources/rampart/policy/33.xml | 103 +++
.../src/test/resources/rampart/policy/34.xml | 102 +++
.../src/test/resources/rampart/policy/sc-4.xml | 123 +++
.../src/test/resources/rampart/policy/sc-5.xml | 131 +++
.../src/test/resources/rampart/policy/sc-6.xml | 98 +++
.../src/test/resources/rampart/services-16.xml | 4 +-
.../src/test/resources/rampart/services-3.xml | 2 +-
.../src/test/resources/rampart/services-30.xml | 4 +-
.../rampart/{policy/3.xml => services-31.xml} | 184 +++--
.../src/test/resources/rampart/services-32.xml | 128 +++
.../src/test/resources/rampart/services-33.xml | 140 ++++
.../rampart/{services-30.xml => services-34.xml} | 79 +-
.../src/test/resources/rampart/services-sc-4.xml | 177 ++++
.../src/test/resources/rampart/services-sc-5.xml | 186 +++++
.../src/test/resources/rampart/services-sc-6.xml | 154 ++++
modules/rampart-mar/module.xml | 6 +
modules/rampart-mar/pom.xml | 242 +++---
modules/rampart-policy/pom.xml | 31 +-
.../org.apache.neethi.builders.AssertionBuilder | 3 +-
.../java/org/apache/ws/secpolicy/SPConstants.java | 6 +
.../secpolicy/model/AbstractSecurityAssertion.java | 50 +-
.../apache/ws/secpolicy/model/AlgorithmSuite.java | 40 +-
.../ws/secpolicy/model/AsymmetricBinding.java | 44 +-
.../secpolicy/model/ContentEncryptedElements.java | 25 +-
.../apache/ws/secpolicy/model/EncryptionToken.java | 42 +-
.../org/apache/ws/secpolicy/model/HttpsToken.java | 20 +-
.../apache/ws/secpolicy/model/InitiatorToken.java | 20 +-
.../org/apache/ws/secpolicy/model/IssuedToken.java | 50 +-
.../java/org/apache/ws/secpolicy/model/Layout.java | 23 +-
.../apache/ws/secpolicy/model/ProtectionToken.java | 42 +-
.../apache/ws/secpolicy/model/RecipientToken.java | 20 +-
.../ws/secpolicy/model/RequiredElements.java | 25 +-
.../apache/ws/secpolicy/model/RequiredParts.java | 15 +-
.../secpolicy/model/SecureConversationToken.java | 52 +-
.../apache/ws/secpolicy/model/SignatureToken.java | 44 +-
.../secpolicy/model/SignedEncryptedElements.java | 17 +-
.../ws/secpolicy/model/SignedEncryptedParts.java | 21 +-
.../apache/ws/secpolicy/model/SupportingToken.java | 23 +-
.../ws/secpolicy/model/SymmetricBinding.java | 40 +-
.../ws/secpolicy/model/TransportBinding.java | 25 +-
.../apache/ws/secpolicy/model/TransportToken.java | 22 +-
.../org/apache/ws/secpolicy/model/Trust10.java | 34 +-
.../org/apache/ws/secpolicy/model/Trust13.java | 41 +-
.../apache/ws/secpolicy/model/UsernameToken.java | 42 +-
.../java/org/apache/ws/secpolicy/model/Wss10.java | 33 +-
.../java/org/apache/ws/secpolicy/model/Wss11.java | 40 +-
.../org/apache/ws/secpolicy/model/X509Token.java | 39 +-
.../builders/AlgorithmSuiteBuilder.java | 2 +-
.../builders/AsymmetricBindingBuilder.java | 2 +-
.../builders/EncryptedElementsBuilder.java | 4 +-
.../builders/EncryptedPartsBuilder.java | 2 +-
.../builders/InitiatorTokenBuilder.java | 2 +-
.../secpolicy11/builders/IssuedTokenBuilder.java | 2 +-
.../ws/secpolicy11/builders/LayoutBuilder.java | 2 +-
.../builders/ProtectionTokenBuilder.java | 2 +-
.../builders/RecipientTokenBuilder.java | 2 +-
.../builders/RequiredElementsBuilder.java | 4 +-
.../builders/SecureConversationTokenBuilder.java | 2 +-
.../builders/SecurityContextTokenBuilder.java | 2 +-
.../builders/SignedElementsBuilder.java | 4 +-
.../secpolicy11/builders/SignedPartsBuilder.java | 2 +-
.../builders/SupportingTokensBuilder.java | 2 +-
.../builders/SymmetricBindingBuilder.java | 2 +-
.../builders/TransportBindingBuilder.java | 2 +-
.../builders/TransportTokenBuilder.java | 10 +-
.../ws/secpolicy11/builders/Trust10Builder.java | 2 +-
.../secpolicy11/builders/UsernameTokenBuilder.java | 2 +-
.../ws/secpolicy11/builders/WSS10Builder.java | 2 +-
.../ws/secpolicy11/builders/WSS11Builder.java | 2 +-
.../ws/secpolicy11/builders/X509TokenBuilder.java | 2 +-
.../builders/AlgorithmSuiteBuilder.java | 2 +-
.../builders/AsymmetricBindingBuilder.java | 2 +-
.../builders/ContentEncryptedElementsBuilder.java | 4 +-
.../builders/EncryptedElementsBuilder.java | 4 +-
.../builders/EncryptedPartsBuilder.java | 2 +-
.../ws/secpolicy12/builders/HttpsTokenBuilder.java | 34 +-
.../builders/InitiatorTokenBuilder.java | 2 +-
.../secpolicy12/builders/IssuedTokenBuilder.java | 2 +-
.../ws/secpolicy12/builders/LayoutBuilder.java | 2 +-
.../builders/ProtectionTokenBuilder.java | 2 +-
.../builders/RecipientTokenBuilder.java | 2 +-
.../builders/RequiredElementsBuilder.java | 4 +-
.../secpolicy12/builders/RequiredPartsBuilder.java | 2 +-
.../builders/SecureConversationTokenBuilder.java | 2 +-
.../builders/SecurityContextTokenBuilder.java | 2 +-
.../builders/SignedElementsBuilder.java | 4 +-
.../secpolicy12/builders/SignedPartsBuilder.java | 2 +-
.../builders/SupportingTokensBuilder.java | 2 +-
.../builders/SymmetricBindingBuilder.java | 2 +-
.../builders/TransportBindingBuilder.java | 2 +-
.../builders/TransportTokenBuilder.java | 52 +-
.../ws/secpolicy12/builders/Trust13Builder.java | 2 +-
.../secpolicy12/builders/UsernameTokenBuilder.java | 2 +-
.../ws/secpolicy12/builders/WSS10Builder.java | 2 +-
.../ws/secpolicy12/builders/WSS11Builder.java | 2 +-
.../ws/secpolicy12/builders/X509TokenBuilder.java | 2 +-
modules/rampart-samples/basic/build.xml | 40 +-
modules/rampart-samples/policy/build.xml | 62 +-
modules/rampart-tests/pom.xml | 45 +-
.../rahas/TokenRequestDispatcherConfigTest.java | 28 +-
.../rampart/AsymmetricBindingBuilderTest.java | 357 ++++----
.../org/apache/rampart/MessageBuilderTestBase.java | 14 +-
.../rampart/SymmetricBindingBuilderTest.java | 233 +++---
.../rampart/TransportBindingBuilderTest.java | 132 ++-
.../rampart/policy/model/RampartPolicyTest.java | 89 +-
.../ws/secpolicy/model/SecpolicyModelTest.java | 82 +-
.../test-resources/log4j.properties} | 55 +-
modules/rampart-trust-mar/module.xml | 17 +-
modules/rampart-trust-mar/pom.xml | 108 +--
modules/rampart-trust/pom.xml | 51 +-
.../java/org/apache/rahas/EncryptedKeyToken.java | 48 +-
.../src/main/java/org/apache/rahas/Rahas.java | 61 ++
.../main/java/org/apache/rahas/RahasConstants.java | 15 +-
.../src/main/java/org/apache/rahas/RahasData.java | 40 +-
.../org/apache/rahas/RampartSAMLBootstrap.java | 102 +++
.../java/org/apache/rahas/STSMessageReceiver.java | 2 +-
.../java/org/apache/rahas/SimpleTokenStore.java | 15 +-
.../src/main/java/org/apache/rahas/Token.java | 54 +-
.../org/apache/rahas/TokenRequestDispatcher.java | 37 +-
.../main/java/org/apache/rahas/TokenStorage.java | 8 +-
.../src/main/java/org/apache/rahas/TrustUtil.java | 145 ++--
.../java/org/apache/rahas/client/STSClient.java | 103 ++-
.../main/java/org/apache/rahas/errors.properties | 12 +-
.../org/apache/rahas/impl/SAML2TokenIssuer.java | 141 ++--
.../org/apache/rahas/impl/SAMLTokenIssuer.java | 774 ++++++++---------
.../apache/rahas/impl/SAMLTokenIssuerConfig.java | 123 ++-
.../org/apache/rahas/impl/SAMLTokenRenewer.java | 192 ++---
.../org/apache/rahas/impl/SAMLTokenValidator.java | 292 ++++---
.../main/java/org/apache/rahas/impl/SCTIssuer.java | 23 +-
.../org/apache/rahas/impl/TokenCancelerConfig.java | 14 +-
.../apache/rahas/impl/util/AxiomParserPool.java | 52 ++
.../org/apache/rahas/impl/util/CommonUtil.java | 48 ++
.../org/apache/rahas/impl/util/SAML2Utils.java | 24 +-
.../rahas/impl/util/SAMLAttributeCallback.java | 77 +-
.../org/apache/rahas/impl/util/SAMLCallback.java | 32 +-
.../rahas/impl/util/SAMLCallbackHandler.java | 28 +-
.../impl/util/SAMLNameIdentifierCallback.java | 58 +-
.../java/org/apache/rahas/impl/util/SAMLUtils.java | 768 ++++++++++++++++-
.../org/apache/rahas/impl/util/SignKeyHolder.java | 2 +-
.../org/apache/rahas/impl/util/SAMLUtilsTest.java | 375 +++++++++
.../rampart-trust/src/test/resources/crypto.config | 5 +
.../rampart-trust/src/test/resources/keystore.jks | Bin 0 -> 2191 bytes
pom.xml | 336 ++++----
release-docs/ChangeLog.txt | 21 +
release-docs/README.txt | 48 +-
release-docs/release-notes.html | 18 +-
225 files changed, 7655 insertions(+), 4392 deletions(-)
diff --git a/build.xml b/build.xml
index 84a7528..e599718 100644
--- a/build.xml
+++ b/build.xml
@@ -1,3 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
<project name="Apache Rampart release build" default="dist">
<property name="rampart.version" value="SNAPSHOT"/>
diff --git a/legal/bcprov-LICENSE.txt b/legal/bcprov-LICENSE.txt
new file mode 100644
index 0000000..70d5de2
--- /dev/null
+++ b/legal/bcprov-LICENSE.txt
@@ -0,0 +1,19 @@
+Copyright (c) 2000-2011 The Legion Of The Bouncy Castle (http://www.bouncycastle.org)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software
+and associated documentation files (the "Software"), to deal in the Software without restriction,
+including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial
+portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
+
+
diff --git a/legal/commons-lang-LICENSE.txt b/legal/commons-lang-LICENSE.txt
new file mode 100644
index 0000000..57bc88a
--- /dev/null
+++ b/legal/commons-lang-LICENSE.txt
@@ -0,0 +1,202 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/legal/slf4j-jdk14-LICENSE.txt b/legal/slf4j-jcl-LICENSE.txt
similarity index 100%
rename from legal/slf4j-jdk14-LICENSE.txt
rename to legal/slf4j-jcl-LICENSE.txt
diff --git a/modules/distribution/bin.xml b/modules/distribution/bin.xml
index 6e197ae..b606fdb 100644
--- a/modules/distribution/bin.xml
+++ b/modules/distribution/bin.xml
@@ -22,15 +22,19 @@
<include>org.apache.rampart:rampart-core:jar</include>
<include>org.apache.rampart:rampart-policy:jar</include>
<include>org.apache.rampart:rampart-trust:jar</include>
+ <include>org.opensaml:opensaml1:jar</include>
<include>org.opensaml:opensaml:jar</include>
<include>org.opensaml:xmltooling:jar</include>
<include>joda-time:joda-time:jar</include>
<include>org.slf4j:slf4j-api:jar</include>
- <include>org.slf4j:slf4j-jdk14:jar</include>
+ <include>org.slf4j:slf4j-jcl:jar</include>
<include>velocity:velocity:jar</include>
<include>commons-collections:commons-collections:jar</include>
<include>org.opensaml:openws:jar</include>
<include>commons-lang:commons-lang:jar</include>
+ <include>org.apache.xerces:xercesImpl:jar</include>
+ <include>org.apache.xerces:resolver:jar</include>
+ <include>org.apache.xerces:serializer:jar</include>
</includes>
</dependencySet>
</dependencySets>
@@ -58,6 +62,7 @@
<source>../../release-docs/README.txt</source>
<outputDirectory>${dist.dir}</outputDirectory>
<destName>README</destName>
+ <filtered>true</filtered>
</file>
<file>
<source>../../release-docs/LICENSE.txt</source>
diff --git a/modules/distribution/pom.xml b/modules/distribution/pom.xml
index 55d80c9..c4120ab 100644
--- a/modules/distribution/pom.xml
+++ b/modules/distribution/pom.xml
@@ -1,11 +1,31 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-project</artifactId>
- <version>SNAPSHOT</version>
+ <version>1.7.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -25,25 +45,19 @@
<phase>package</phase>
<configuration>
<tasks>
- <javadoc packagenames="org.apache.rampart.*,org.apache.rahas.*"
- destdir="target/apidocs"
- author="true"
- breakiterator="true"
- version="true"
- use="true"
- windowtitle="Apache Rampart API">
+ <javadoc packagenames="org.apache.rampart.*,org.apache.rahas.*" destdir="target/apidocs" author="true" breakiterator="true" version="true" use="true" windowtitle="Apache Rampart API">
<sourcepath>
<dirset dir="../..">
- <include name="**/rampart-core/src/main/java"/>
- <include name="**/rampart-policy/src/main/java"/>
- <include name="**/rampart-trust/src/main/java"/>
+ <include name="**/rampart-core/src/main/java" />
+ <include name="**/rampart-policy/src/main/java" />
+ <include name="**/rampart-trust/src/main/java" />
</dirset>
</sourcepath>
- <classpath refid="maven.dependency.classpath"/>
- <classpath refid="maven.compile.classpath"/>
- <classpath refid="maven.runtime.classpath"/>
+ <classpath refid="maven.dependency.classpath" />
+ <classpath refid="maven.compile.classpath" />
+ <classpath refid="maven.runtime.classpath" />
</javadoc>
</tasks>
@@ -55,15 +69,35 @@
</executions>
</plugin>
<plugin>
+ <groupId>org.codehaus.gmaven</groupId>
+ <artifactId>gmaven-plugin</artifactId>
+ <version>1.2</version>
+ <executions>
+ <execution>
+ <id>generate-timestamp</id>
+ <phase>prepare-package</phase>
+ <goals>
+ <goal>execute</goal>
+ </goals>
+ <configuration>
+ <source>
+ import java.util.Date
+ import java.text.MessageFormat
+ project.properties['buildTimestamp'] = MessageFormat.format("{0,date,MMM dd, yyyy}", new Date())
+ </source>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
- <version>2.2-beta-1</version>
<executions>
<execution>
<id>distribution-package</id>
<phase>package</phase>
<goals>
- <goal>attached</goal>
+ <goal>single</goal>
</goals>
<configuration>
<descriptors>
@@ -81,40 +115,39 @@
<dependency>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart</artifactId>
- <version>${rampart.mar.version}</version>
+ <version>${project.version}</version>
<type>mar</type>
</dependency>
<dependency>
<groupId>org.apache.rampart</groupId>
<artifactId>rahas</artifactId>
- <version>${rahas.mar.version}</version>
+ <version>${project.version}</version>
<type>mar</type>
</dependency>
<dependency>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-core</artifactId>
- <version>${pom.version}</version>
+ <version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-policy</artifactId>
- <version>${pom.version}</version>
+ <version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-trust</artifactId>
- <version>${pom.version}</version>
- </dependency>
- <dependency>
- <groupId>bouncycastle</groupId>
- <artifactId>bcprov-jdk14</artifactId>
- <version>${bcprov.jdk14.version}</version>
+ <version>${project.version}</version>
</dependency>
<dependency>
<groupId>bouncycastle</groupId>
<artifactId>bcprov-jdk15</artifactId>
<version>${bcprov.jdk15.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-jcl</artifactId>
+ </dependency>
</dependencies>
-</project>
\ No newline at end of file
+</project>
diff --git a/modules/distribution/src.xml b/modules/distribution/src.xml
index 4b7737b..9c3575c 100644
--- a/modules/distribution/src.xml
+++ b/modules/distribution/src.xml
@@ -8,7 +8,7 @@
<fileSets>
<fileSet>
<directory>../..</directory>
- <outputDirectory>rampart-src-${rampart.version}</outputDirectory>
+ <outputDirectory>rampart-src-${project.version}</outputDirectory>
<includes>
<include>**/modules/**/*</include>
<include>**/pom.xml</include>
@@ -28,7 +28,16 @@
<exclude>**/.settings</exclude>
<exclude>**/.settings/**/*</exclude>
<exclude>**/.svn/**</exclude>
+ <exclude>release-docs/README.txt</exclude>
</excludes>
</fileSet>
+ <fileSet>
+ <directory>../..</directory>
+ <outputDirectory>rampart-src-${project.version}</outputDirectory>
+ <filtered>true</filtered>
+ <includes>
+ <include>release-docs/README.txt</include>
+ </includes>
+ </fileSet>
</fileSets>
</assembly>
diff --git a/modules/documentation/pom.xml b/modules/documentation/pom.xml
index 08a8ea2..dba341c 100644
--- a/modules/documentation/pom.xml
+++ b/modules/documentation/pom.xml
@@ -1,15 +1,34 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-project</artifactId>
- <version>SNAPSHOT</version>
+ <version>1.7.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
- <artifactId>rampart-documentaion</artifactId>
+ <artifactId>rampart-documentation</artifactId>
<packaging>pom</packaging>
<name>Rampart - Documentation</name>
<build>
@@ -30,4 +49,4 @@
</plugin>
</plugins>
</build>
-</project>
\ No newline at end of file
+</project>
diff --git a/modules/documentation/src/site/xdoc/download/1.5/download.cgi b/modules/documentation/src/site/resources/download/1.1/download.cgi
similarity index 100%
copy from modules/documentation/src/site/xdoc/download/1.5/download.cgi
copy to modules/documentation/src/site/resources/download/1.1/download.cgi
diff --git a/modules/documentation/src/site/xdoc/download/1.5.1/download.cgi b/modules/documentation/src/site/resources/download/1.2/download.cgi
similarity index 100%
rename from modules/documentation/src/site/xdoc/download/1.5.1/download.cgi
rename to modules/documentation/src/site/resources/download/1.2/download.cgi
diff --git a/modules/documentation/src/site/xdoc/download/1.4/download.cgi b/modules/documentation/src/site/resources/download/1.3/download.cgi
similarity index 100%
rename from modules/documentation/src/site/xdoc/download/1.4/download.cgi
rename to modules/documentation/src/site/resources/download/1.3/download.cgi
diff --git a/modules/documentation/src/site/xdoc/download/1.3/download.cgi b/modules/documentation/src/site/resources/download/1.4/download.cgi
similarity index 100%
rename from modules/documentation/src/site/xdoc/download/1.3/download.cgi
rename to modules/documentation/src/site/resources/download/1.4/download.cgi
diff --git a/modules/documentation/src/site/xdoc/download/1.2/download.cgi b/modules/documentation/src/site/resources/download/1.5.1/download.cgi
similarity index 100%
rename from modules/documentation/src/site/xdoc/download/1.2/download.cgi
rename to modules/documentation/src/site/resources/download/1.5.1/download.cgi
diff --git a/modules/documentation/src/site/xdoc/download/1.1/download.cgi b/modules/documentation/src/site/resources/download/1.5.2/download.cgi
similarity index 100%
rename from modules/documentation/src/site/xdoc/download/1.1/download.cgi
rename to modules/documentation/src/site/resources/download/1.5.2/download.cgi
diff --git a/modules/documentation/src/site/xdoc/download/1.5/download.cgi b/modules/documentation/src/site/resources/download/1.5/download.cgi
similarity index 100%
copy from modules/documentation/src/site/xdoc/download/1.5/download.cgi
copy to modules/documentation/src/site/resources/download/1.5/download.cgi
diff --git a/modules/documentation/src/site/xdoc/download/1.5/download.cgi b/modules/documentation/src/site/resources/download/1.6.0/download.cgi
similarity index 100%
copy from modules/documentation/src/site/xdoc/download/1.5/download.cgi
copy to modules/documentation/src/site/resources/download/1.6.0/download.cgi
diff --git a/modules/documentation/src/site/xdoc/download/1.5/download.cgi b/modules/documentation/src/site/resources/download/1.6.1/download.cgi
similarity index 100%
rename from modules/documentation/src/site/xdoc/download/1.5/download.cgi
rename to modules/documentation/src/site/resources/download/1.6.1/download.cgi
diff --git a/modules/documentation/src/site/xdoc/developer-guide.xml b/modules/documentation/src/site/xdoc/developer-guide.xml
index d7471f1..5400dcf 100644
--- a/modules/documentation/src/site/xdoc/developer-guide.xml
+++ b/modules/documentation/src/site/xdoc/developer-guide.xml
@@ -36,9 +36,9 @@ Stack</em></strong></p>
<li>Download the source code.
<ul>
<li>Anon Checkout <a
- href="http://svn.apache.org/repos/asf/webservices/rampart/trunk/java/">http://svn.apache.org/repos/asf/webservices/rampart/trunk/java/</a></li>
+ href="http://svn.apache.org/repos/asf/axis/axis2/java/rampart/trunk/">http://svn.apache.org/repos/asf/axis/axis2/java/rampart/trunk/</a></li>
<li>Committers <a
- href="https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/">https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/</a></li>
+ href="https://svn.apache.org/repos/asf/axis/axis2/java/rampart/trunk/">https://svn.apache.org/repos/asf/axis/axis2/java/rampart/trunk/</a></li>
</ul>
</li>
<li>The Rampart project has 8 modules under it. They are:
diff --git a/modules/documentation/src/site/xdoc/download.xml b/modules/documentation/src/site/xdoc/download.xml
index 3ed1a48..bbc4259 100644
--- a/modules/documentation/src/site/xdoc/download.xml
+++ b/modules/documentation/src/site/xdoc/download.xml
@@ -32,12 +32,39 @@
</tr>
<tr>
<td>
+ <a href="download/1.6.1/download.cgi">
+ <strong>1.6.1</strong>
+ </a>
+ </td>
+ <td>24 Sep 2011</td>
+ <td>1.6.1 Release (Mirrored)</td>
+ </tr>
+ <tr>
+ <td>
+ <a href="download/1.5.2/download.cgi">
+ <strong>1.5.2</strong>
+ </a>
+ </td>
+ <td>24 Sep 2011</td>
+ <td>1.5.2 Release (Mirrored)</td>
+ </tr>
+ <tr>
+ <td>
+ <a href="download/1.6.0/download.cgi">
+ <strong>1.6.0</strong>
+ </a>
+ </td>
+ <td>06 Jun 2011</td>
+ <td>1.6.0 Release (Archived)</td>
+ </tr>
+ <tr>
+ <td>
<a href="download/1.5.1/download.cgi">
<strong>1.5.1</strong>
</a>
</td>
- <td></td>
- <td>1.5.1 Release (Mirrored)</td>
+ <td>10 Jan 2011</td>
+ <td>1.5.1 Release (Archived)</td>
</tr>
<tr>
<td>
@@ -87,11 +114,11 @@
</tbody>
</table>
<p>
- <strong>Apache Rampart Distributions : <a href="http://people.apache.org/~ruchithf/rampart/SNAPSHOT">Nightly builds</a>
+ <strong>Apache Rampart Distributions : <a href="https://hudson.apache.org/hudson/job/Rampart/lastStableBuild/org.apache.rampart$rampart-dist/">Nightly builds</a>
</strong>
</p>
<p>
- <strong>Maven Repository: <a href="http://people.apache.org/repo/m2-ibiblio-rsync-repository/">Released Apache Rampart jars</a> | <a href="http://people.apache.org/repo/m2-snapshot-repository/">Nightly SNAPSHOT</a>
+ <strong>Maven Repository: <a href="http://people.apache.org/repo/m2-ibiblio-rsync-repository/">Released Apache Rampart jars</a> | <a href="http://repository.apache.org/snapshots/">Nightly SNAPSHOT</a>
<a href=""></a>
</strong>
</p>
diff --git a/modules/documentation/src/site/xdoc/download/1.5.1/download.xml b/modules/documentation/src/site/xdoc/download/1.5.1/download.xml
index aae2539..a55e387 100644
--- a/modules/documentation/src/site/xdoc/download/1.5.1/download.xml
+++ b/modules/documentation/src/site/xdoc/download/1.5.1/download.xml
@@ -51,29 +51,29 @@ urchinTracker();
Distribution</strong></td>
<td>This is the complete version of Apache Rampart and will contain samples
as well.</td>
-<td><a href="[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip" title=
- "[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip" onClick=
-"javascript:urchinTracker ('/downloads/rampart-1.5.1.zip');">zip</a>
-<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.md5"
- title="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.md5">MD5</a>
-<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.asc"
- title="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.asc">PGP</a></td>
+<td><a href="http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-bin.zip" title=
+ "http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-bin.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-dist-1.5.1-bin.zip');">zip</a>
+<a href="http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-bin.zip.md5"
+ title="http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-bin.zip.md5">MD5</a>
+<a href="http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-bin.zip.asc"
+ title="http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-bin.zip.asc">PGP</a></td>
</tr>
<tr>
<td><a name="src" id="src"></a> <strong>Source
Distribution</strong></td>
<td>This will contain the sources of Apache Rampart distribution.</td>
-<td><a href="[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip" title=
- "[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip" onClick=
-"javascript:urchinTracker ('/downloads/rampart-1.5.1-src.zip');">zip</a>
+<td><a href="http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-src.zip" title=
+ "http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-src.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-dist-1.5.1-src.zip');">zip</a>
<a href=
- "http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.md5"
+ "http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-src.zip.md5"
title=
-"http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.md5">MD5</a>
+"http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-src.zip.md5">MD5</a>
<a href=
- "http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.asc"
+ "http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-src.zip.asc"
title=
-"http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.asc">PGP</a></td>
+"http://archive.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-dist-1.5.1-src.zip.asc">PGP</a></td>
</tr>
</tbody>
</table>
@@ -85,14 +85,19 @@ border="0" /></a>[end] The currently selected mirror is
please select another mirror. If all mirrors are failing, there are
<i>backup</i> mirrors (at the end of the mirrors list) that should
be available.</p>
-<form action="[location]" method="get" id="SelectMirror" name=
-"SelectMirror">Other mirrors: <select name="Preferred">
-<option value="[http]" selected="selected">[http]</option>
-<option value="[ftp]">[ftp]</option>
-<option value="[backup]">[backup] (backup)</option>
-</select> <input type="submit" value="Change" /></form>
-<p>You may also consult the <a href=
-"http://www.apache.org/mirrors/">complete list of mirrors</a>.</p>
+<form action="[location]" method="get" id="SelectMirror" name="SelectMirror">
+Other mirrors: <select name="Preferred">
+[if-any http]
+ [for http]<option value="[http]">[http]</option>[end]
+[end]
+[if-any ftp]
+ [for ftp]<option value="[ftp]">[ftp]</option>[end]
+[end]
+[if-any backup]
+ [for backup]<option value="[backup]">[backup] (backup)</option>[end]
+[end]
+</select><input type="submit" value="Change"/></form><p>You may also consult the <a class="externalLink" href="http://www.apache.org/mirrors/">complete list of mirrors</a>
+.</p>
<p><strong>Note:</strong> when downloading from a mirror please
check the <a href=
"http://www.apache.org/dev/release-signing#md5">md5sum</a> and
@@ -100,7 +105,7 @@ verify the <a href=
"http://www.apache.org/dev/release-signing#openpgp">OpenPGP</a>
compatible signature from the main Apache site. These can be
downloaded by following the links above. This <a href=
-"http://www.apache.org/dist/ws/axis2/KEYS">KEYS</a> file contains
+"http://www.apache.org/dist/axis/axis2/java/rampart/KEYS">KEYS</a> file contains
the public keys that can be used for verifying signatures. It is
recommended that (when possible)a <a href=
"http://www.apache.org/dev/release-signing#web-of-trust">Web of
diff --git a/modules/documentation/src/site/xdoc/download/1.5.1/download.xml b/modules/documentation/src/site/xdoc/download/1.5.2/download.xml
similarity index 62%
copy from modules/documentation/src/site/xdoc/download/1.5.1/download.xml
copy to modules/documentation/src/site/xdoc/download/1.5.2/download.xml
index aae2539..0ef5c7d 100644
--- a/modules/documentation/src/site/xdoc/download/1.5.1/download.xml
+++ b/modules/documentation/src/site/xdoc/download/1.5.2/download.xml
@@ -23,7 +23,7 @@
<meta name="generator" content=
"HTML Tidy for Windows (vers 14 June 2007), see www.w3.org" />
<meta http-equiv="content-type" content="" />
-<title>Apache Rampart 1.5.1 Release</title>
+<title>Apache Rampart 1.5.2 Release</title>
</head>
<body>
<!--Google Anayitcs tracking code-->
@@ -36,7 +36,7 @@ urchinTracker();
//]]>
</script>
<!--End of Google Anayitcs tracking code-->
-<h2>Apache Rampart 1.5.1 Release</h2>
+<h2>Apache Rampart 1.5.2 Release</h2>
<div>
<table border="1" cellpadding="1">
<tbody>
@@ -51,29 +51,29 @@ urchinTracker();
Distribution</strong></td>
<td>This is the complete version of Apache Rampart and will contain samples
as well.</td>
-<td><a href="[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip" title=
- "[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip" onClick=
-"javascript:urchinTracker ('/downloads/rampart-1.5.1.zip');">zip</a>
-<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.md5"
- title="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.md5">MD5</a>
-<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.asc"
- title="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.asc">PGP</a></td>
+<td><a href="[preferred]/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-bin.zip" title=
+ "[preferred]/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-bin.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-dist-1.5.2-bin.zip');">zip</a>
+<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-bin.zip.md5"
+ title="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-bin.zip.md5">MD5</a>
+<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-bin.zip.asc"
+ title="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-bin.zip.asc">PGP</a></td>
</tr>
<tr>
<td><a name="src" id="src"></a> <strong>Source
Distribution</strong></td>
<td>This will contain the sources of Apache Rampart distribution.</td>
-<td><a href="[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip" title=
- "[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip" onClick=
-"javascript:urchinTracker ('/downloads/rampart-1.5.1-src.zip');">zip</a>
+<td><a href="[preferred]/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-src.zip" title=
+ "[preferred]/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-src.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-dist-1.5.2-src.zip');">zip</a>
<a href=
- "http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.md5"
+ "http://www.apache.org/dist/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-src.zip.md5"
title=
-"http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.md5">MD5</a>
+"http://www.apache.org/dist/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-src.zip.md5">MD5</a>
<a href=
- "http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.asc"
+ "http://www.apache.org/dist/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-src.zip.asc"
title=
-"http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.asc">PGP</a></td>
+"http://www.apache.org/dist/axis/axis2/java/rampart/1.5.2/rampart-dist-1.5.2-src.zip.asc">PGP</a></td>
</tr>
</tbody>
</table>
@@ -85,14 +85,19 @@ border="0" /></a>[end] The currently selected mirror is
please select another mirror. If all mirrors are failing, there are
<i>backup</i> mirrors (at the end of the mirrors list) that should
be available.</p>
-<form action="[location]" method="get" id="SelectMirror" name=
-"SelectMirror">Other mirrors: <select name="Preferred">
-<option value="[http]" selected="selected">[http]</option>
-<option value="[ftp]">[ftp]</option>
-<option value="[backup]">[backup] (backup)</option>
-</select> <input type="submit" value="Change" /></form>
-<p>You may also consult the <a href=
-"http://www.apache.org/mirrors/">complete list of mirrors</a>.</p>
+<form action="[location]" method="get" id="SelectMirror" name="SelectMirror">
+Other mirrors: <select name="Preferred">
+[if-any http]
+ [for http]<option value="[http]">[http]</option>[end]
+[end]
+[if-any ftp]
+ [for ftp]<option value="[ftp]">[ftp]</option>[end]
+[end]
+[if-any backup]
+ [for backup]<option value="[backup]">[backup] (backup)</option>[end]
+[end]
+</select><input type="submit" value="Change"/></form><p>You may also consult the <a class="externalLink" href="http://www.apache.org/mirrors/">complete list of mirrors</a>
+.</p>
<p><strong>Note:</strong> when downloading from a mirror please
check the <a href=
"http://www.apache.org/dev/release-signing#md5">md5sum</a> and
@@ -100,7 +105,7 @@ verify the <a href=
"http://www.apache.org/dev/release-signing#openpgp">OpenPGP</a>
compatible signature from the main Apache site. These can be
downloaded by following the links above. This <a href=
-"http://www.apache.org/dist/ws/axis2/KEYS">KEYS</a> file contains
+"http://www.apache.org/dist/axis/axis2/java/rampart/KEYS">KEYS</a> file contains
the public keys that can be used for verifying signatures. It is
recommended that (when possible)a <a href=
"http://www.apache.org/dev/release-signing#web-of-trust">Web of
diff --git a/modules/documentation/src/site/xdoc/download/1.5.1/download.xml b/modules/documentation/src/site/xdoc/download/1.6.0/download.xml
similarity index 58%
copy from modules/documentation/src/site/xdoc/download/1.5.1/download.xml
copy to modules/documentation/src/site/xdoc/download/1.6.0/download.xml
index aae2539..1a15f8b 100644
--- a/modules/documentation/src/site/xdoc/download/1.5.1/download.xml
+++ b/modules/documentation/src/site/xdoc/download/1.6.0/download.xml
@@ -23,7 +23,7 @@
<meta name="generator" content=
"HTML Tidy for Windows (vers 14 June 2007), see www.w3.org" />
<meta http-equiv="content-type" content="" />
-<title>Apache Rampart 1.5.1 Release</title>
+<title>Apache Rampart 1.6.0 Release</title>
</head>
<body>
<!--Google Anayitcs tracking code-->
@@ -36,7 +36,7 @@ urchinTracker();
//]]>
</script>
<!--End of Google Anayitcs tracking code-->
-<h2>Apache Rampart 1.5.1 Release</h2>
+<h2>Apache Rampart 1.6.0 Release</h2>
<div>
<table border="1" cellpadding="1">
<tbody>
@@ -51,29 +51,29 @@ urchinTracker();
Distribution</strong></td>
<td>This is the complete version of Apache Rampart and will contain samples
as well.</td>
-<td><a href="[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip" title=
- "[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip" onClick=
-"javascript:urchinTracker ('/downloads/rampart-1.5.1.zip');">zip</a>
-<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.md5"
- title="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.md5">MD5</a>
-<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.asc"
- title="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.asc">PGP</a></td>
+<td><a href="http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-bin.zip" title=
+ "http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-bin.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-dist-1.6.0-bin.zip');">zip</a>
+<a href="http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-bin.zip.md5"
+ title="http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-bin.zip.md5">MD5</a>
+<a href="http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-bin.zip.asc"
+ title="http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-bin.zip.asc">PGP</a></td>
</tr>
<tr>
<td><a name="src" id="src"></a> <strong>Source
Distribution</strong></td>
<td>This will contain the sources of Apache Rampart distribution.</td>
-<td><a href="[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip" title=
- "[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip" onClick=
-"javascript:urchinTracker ('/downloads/rampart-1.5.1-src.zip');">zip</a>
+<td><a href="http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-src.zip" title=
+ "http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-src.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-dist-1.6.0-src.zip');">zip</a>
<a href=
- "http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.md5"
+ "http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-src.zip.md5"
title=
-"http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.md5">MD5</a>
+"http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-src.zip.md5">MD5</a>
<a href=
- "http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.asc"
+ "http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-src.zip.asc"
title=
-"http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.asc">PGP</a></td>
+"http://archive.apache.org/dist/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-src.zip.asc">PGP</a></td>
</tr>
</tbody>
</table>
@@ -85,14 +85,19 @@ border="0" /></a>[end] The currently selected mirror is
please select another mirror. If all mirrors are failing, there are
<i>backup</i> mirrors (at the end of the mirrors list) that should
be available.</p>
-<form action="[location]" method="get" id="SelectMirror" name=
-"SelectMirror">Other mirrors: <select name="Preferred">
-<option value="[http]" selected="selected">[http]</option>
-<option value="[ftp]">[ftp]</option>
-<option value="[backup]">[backup] (backup)</option>
-</select> <input type="submit" value="Change" /></form>
-<p>You may also consult the <a href=
-"http://www.apache.org/mirrors/">complete list of mirrors</a>.</p>
+<form action="[location]" method="get" id="SelectMirror" name="SelectMirror">
+Other mirrors: <select name="Preferred">
+[if-any http]
+ [for http]<option value="[http]">[http]</option>[end]
+[end]
+[if-any ftp]
+ [for ftp]<option value="[ftp]">[ftp]</option>[end]
+[end]
+[if-any backup]
+ [for backup]<option value="[backup]">[backup] (backup)</option>[end]
+[end]
+</select><input type="submit" value="Change"/></form><p>You may also consult the <a class="externalLink" href="http://www.apache.org/mirrors/">complete list of mirrors</a>
+.</p>
<p><strong>Note:</strong> when downloading from a mirror please
check the <a href=
"http://www.apache.org/dev/release-signing#md5">md5sum</a> and
@@ -100,7 +105,7 @@ verify the <a href=
"http://www.apache.org/dev/release-signing#openpgp">OpenPGP</a>
compatible signature from the main Apache site. These can be
downloaded by following the links above. This <a href=
-"http://www.apache.org/dist/ws/axis2/KEYS">KEYS</a> file contains
+"http://www.apache.org/dist/axis/axis2/java/rampart/KEYS">KEYS</a> file contains
the public keys that can be used for verifying signatures. It is
recommended that (when possible)a <a href=
"http://www.apache.org/dev/release-signing#web-of-trust">Web of
diff --git a/modules/documentation/src/site/xdoc/download/1.5.1/download.xml b/modules/documentation/src/site/xdoc/download/1.6.1/download.xml
similarity index 59%
copy from modules/documentation/src/site/xdoc/download/1.5.1/download.xml
copy to modules/documentation/src/site/xdoc/download/1.6.1/download.xml
index aae2539..877ebdc 100644
--- a/modules/documentation/src/site/xdoc/download/1.5.1/download.xml
+++ b/modules/documentation/src/site/xdoc/download/1.6.1/download.xml
@@ -23,7 +23,7 @@
<meta name="generator" content=
"HTML Tidy for Windows (vers 14 June 2007), see www.w3.org" />
<meta http-equiv="content-type" content="" />
-<title>Apache Rampart 1.5.1 Release</title>
+<title>Apache Rampart 1.6.1 Release</title>
</head>
<body>
<!--Google Anayitcs tracking code-->
@@ -36,7 +36,7 @@ urchinTracker();
//]]>
</script>
<!--End of Google Anayitcs tracking code-->
-<h2>Apache Rampart 1.5.1 Release</h2>
+<h2>Apache Rampart 1.6.1 Release</h2>
<div>
<table border="1" cellpadding="1">
<tbody>
@@ -51,29 +51,29 @@ urchinTracker();
Distribution</strong></td>
<td>This is the complete version of Apache Rampart and will contain samples
as well.</td>
-<td><a href="[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip" title=
- "[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip" onClick=
-"javascript:urchinTracker ('/downloads/rampart-1.5.1.zip');">zip</a>
-<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.md5"
- title="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.md5">MD5</a>
-<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.asc"
- title="http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1.zip.asc">PGP</a></td>
+<td><a href="[preferred]/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-bin.zip" title=
+ "[preferred]/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-bin.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-dist-1.6.1-bin.zip');">zip</a>
+<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-bin.zip.md5"
+ title="http://www.apache.org/dist/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-bin.zip.md5">MD5</a>
+<a href="http://www.apache.org/dist/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-bin.zip.asc"
+ title="http://www.apache.org/dist/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-bin.zip.asc">PGP</a></td>
</tr>
<tr>
<td><a name="src" id="src"></a> <strong>Source
Distribution</strong></td>
<td>This will contain the sources of Apache Rampart distribution.</td>
-<td><a href="[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip" title=
- "[preferred]/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip" onClick=
-"javascript:urchinTracker ('/downloads/rampart-1.5.1-src.zip');">zip</a>
+<td><a href="[preferred]/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-src.zip" title=
+ "[preferred]/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-src.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-dist-1.6.1-src.zip');">zip</a>
<a href=
- "http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.md5"
+ "http://www.apache.org/dist/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-src.zip.md5"
title=
-"http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.md5">MD5</a>
+"http://www.apache.org/dist/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-src.zip.md5">MD5</a>
<a href=
- "http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.asc"
+ "http://www.apache.org/dist/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-src.zip.asc"
title=
-"http://www.apache.org/dist/axis/axis2/java/rampart/1.5.1/rampart-1.5.1-src.zip.asc">PGP</a></td>
+"http://www.apache.org/dist/axis/axis2/java/rampart/1.6.1/rampart-dist-1.6.1-src.zip.asc">PGP</a></td>
</tr>
</tbody>
</table>
@@ -85,14 +85,19 @@ border="0" /></a>[end] The currently selected mirror is
please select another mirror. If all mirrors are failing, there are
<i>backup</i> mirrors (at the end of the mirrors list) that should
be available.</p>
-<form action="[location]" method="get" id="SelectMirror" name=
-"SelectMirror">Other mirrors: <select name="Preferred">
-<option value="[http]" selected="selected">[http]</option>
-<option value="[ftp]">[ftp]</option>
-<option value="[backup]">[backup] (backup)</option>
-</select> <input type="submit" value="Change" /></form>
-<p>You may also consult the <a href=
-"http://www.apache.org/mirrors/">complete list of mirrors</a>.</p>
+<form action="[location]" method="get" id="SelectMirror" name="SelectMirror">
+Other mirrors: <select name="Preferred">
+[if-any http]
+ [for http]<option value="[http]">[http]</option>[end]
+[end]
+[if-any ftp]
+ [for ftp]<option value="[ftp]">[ftp]</option>[end]
+[end]
+[if-any backup]
+ [for backup]<option value="[backup]">[backup] (backup)</option>[end]
+[end]
+</select><input type="submit" value="Change"/></form><p>You may also consult the <a class="externalLink" href="http://www.apache.org/mirrors/">complete list of mirrors</a>
+.</p>
<p><strong>Note:</strong> when downloading from a mirror please
check the <a href=
"http://www.apache.org/dev/release-signing#md5">md5sum</a> and
@@ -100,7 +105,7 @@ verify the <a href=
"http://www.apache.org/dev/release-signing#openpgp">OpenPGP</a>
compatible signature from the main Apache site. These can be
downloaded by following the links above. This <a href=
-"http://www.apache.org/dist/ws/axis2/KEYS">KEYS</a> file contains
+"http://www.apache.org/dist/axis/axis2/java/rampart/KEYS">KEYS</a> file contains
the public keys that can be used for verifying signatures. It is
recommended that (when possible)a <a href=
"http://www.apache.org/dev/release-signing#web-of-trust">Web of
diff --git a/modules/documentation/src/site/xdoc/index.xml b/modules/documentation/src/site/xdoc/index.xml
index 9cbcb06..4240ad2 100644
--- a/modules/documentation/src/site/xdoc/index.xml
+++ b/modules/documentation/src/site/xdoc/index.xml
@@ -18,7 +18,9 @@
~ under the License.
-->
-<document>
+<document xmlns="http://maven.apache.org/XDOC/2.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/XDOC/2.0 http://maven.apache.org/xsd/xdoc-2.0.xsd">
<properties>
@@ -32,22 +34,45 @@ according to specifications in the WS-Security stack. Rampart implements the
following specifications:</p>
</section>
- <h2>Features of Rampart Latest Version</h2>
+ <section name="Features of Rampart Latest Version">
<ul>
- <li>WS - Security 1.0</li>
- <li>WS - Security 1.1</li>
- <li>WS - Secure Conversation - February 2005</li>
- <li>WS - Security Policy - 1.1 - July 2005</li>
- <li>WS - Security Policy - 1.2 </li>
- <li>WS - Trust - February 2005</li>
- <li>WS - Trust - WS-SX spec - EXPERIMENTAL</li>
+ <li><p>WS - Security 1.0</p></li>
+ <li><p>WS - Security 1.1</p></li>
+ <li><p>WS - Secure Conversation - February 2005</p></li>
+ <li><p>WS - Security Policy - 1.1 - July 2005</p></li>
+ <li><p>WS - Security Policy - 1.2</p></li>
+ <li><p>WS - Trust - February 2005</p></li>
+ <li><p>WS - Trust - WS-SX spec - EXPERIMENTAL</p></li>
+ </ul>
+ </section>
+
+ <section name="Apache Rampart News">
+ <h3>Sep 24, 2011 : Apache Rampart 1.5.2 and 1.6.1 released</h3>
+ <p>Both releases update WSS4J to version 1.5.12 and ensure compatibility with the latest
+ Axis2 releases from the corresponding branches. Rampart 1.5.2 is supported with Axis2 1.5.6
+ and Rampart 1.6.1 is supported with Axis2 1.6.1. Please note that Rampart 1.6.1 will not
+ work with Axis2 1.6.0 and that users of Axis2 1.6.1 are required to update to Rampart 1.6.1,
+ i.e. Rampart 1.6.0 doesn't work with Axis2 1.6.1.</p>
+
+ <h3>Jun 06, 2011 : Apache Rampart 1.6.0 released</h3>
+ <p>Apache Rampart 1.6.0 was released with lots of bug fixes.</p>
+
+ <h3>Jan 10, 2011 : Apache Rampart 1.5.1 released</h3>
+ <p>Apache Rampart 1.5.1 was released with lots of bug fixes.</p>
+
+ <h3>Feb 01, 2010 : Apache Rampart 1.5 released</h3>
+ <p>Apache Rampart 1.5 was released with lots of bug fixes and new features.</p>
+ <p>New features include</p>
+ <ul>
+ <li>SAML 2.0 support - Issuance </li>
+ <li>Key store caching</li>
+ <li>Signing / Encrypting with multiple keys</li>
+ <li>Tests for negative scenarios</li>
</ul>
-
- <h2>Apache Rampart News</h2>
<h3>Jun 12, 2008 : Apache Rampart 1.4 released</h3>
- <p>Apache Rampart 1.4 was released with lots of bug fixes and new features.<br></br>
- New features include</p>
+ <p>Apache Rampart 1.4 was released with lots of bug fixes and new features.</p>
+ <p>New features include</p>
<ul>
<li>WS Security 1.1</li>
<ul>
@@ -67,7 +92,8 @@ following specifications:</p>
<li>Ability turn off mili second precision</li>
</ul>
<li>Ability to secure messages faults </li>
- <li>Increased interoparability with WCF 3.5 </li>
+ <li>Increased interoperability with WCF 3.5 </li>
</ul>
+ </section>
</body>
</document>
diff --git a/modules/documentation/src/site/xdoc/rampartconfig-guide.xml b/modules/documentation/src/site/xdoc/rampartconfig-guide.xml
index 1536bae..92c5fb5 100644
--- a/modules/documentation/src/site/xdoc/rampartconfig-guide.xml
+++ b/modules/documentation/src/site/xdoc/rampartconfig-guide.xml
@@ -125,6 +125,20 @@ configuration properties used by the implementation class
</ramp:encryptionCypto>
</ramp:RampartConfig>
</pre>
+ <p>Crypto caching is enabled by default when Merlin is used as the crypto provider. So Rampart will cache the crypto objects
+ with an infinite cache refresh interval. This crypto refresh interval can be overridden by setting the cacheRefreshInterval parameter
+ as described above. If it is required to disable crypto caching when Merlin is used, set the 'enableCryptoCaching' parameter
+ value to 'false'. Please refer to the following example.
+ </p>
+ <pre xmlns="http://www.w3.org/1999/xhtml" xml:space="preserve">
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin" enableCryptoCaching="false">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">servicePW</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ </pre>
<br></br>
<h3>References</h3>1.
<a href="http://ws.apache.org/wss4j">Apache WSS4J -Home</a>
diff --git a/modules/documentation/src/site/xdoc/svn.xml b/modules/documentation/src/site/xdoc/svn.xml
index 7e0d679..02f0d2f 100644
--- a/modules/documentation/src/site/xdoc/svn.xml
+++ b/modules/documentation/src/site/xdoc/svn.xml
@@ -71,7 +71,7 @@ information, please read the ASF <a href=
<p>Once you have successfully installed Subversion, you can check
out Rampart trunk by following these steps:</p>
<ol type="1">
-<li>Run <strong>svn co <repository URL> axis2</strong> where
+<li>Run <strong>svn co <repository URL> rampart</strong> where
the repository URL is one of the URLs from the previous list.</li>
<li>This step will check out the latest version of the Rampart Java
codebase to a directory named "rampart". The second parameter to the
diff --git a/modules/rampart-core/pom.xml b/modules/rampart-core/pom.xml
index 29041ae..2fecb74 100644
--- a/modules/rampart-core/pom.xml
+++ b/modules/rampart-core/pom.xml
@@ -1,11 +1,31 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-project</artifactId>
- <version>SNAPSHOT</version>
+ <version>1.7.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
@@ -40,12 +60,16 @@
<dependency>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-policy</artifactId>
- <version>${pom.version}</version>
+ <version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-trust</artifactId>
- <version>${pom.version}</version>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.ws.commons.axiom</groupId>
+ <artifactId>axiom-dom</artifactId>
</dependency>
</dependencies>
@@ -54,9 +78,10 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-site-plugin</artifactId>
+ <version>2.0-beta-5</version>
<configuration>
<templateDirectory>${basedir}</templateDirectory>
- <menu ref="parent"/>
+ <menu ref="parent" />
</configuration>
</plugin>
</plugins>
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java
index 40f9563..a410bc8 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java
@@ -52,7 +52,7 @@ import javax.xml.namespace.QName;
public class MessageBuilder {
private static Log log = LogFactory.getLog(MessageBuilder.class);
-
+
public void build(MessageContext msgCtx) throws WSSPolicyException,
RampartException, WSSecurityException, AxisFault {
@@ -135,13 +135,13 @@ public class MessageBuilder {
}
if(rpd.isTransportBinding()) {
- log.debug("Building transport binding");
- TransportBindingBuilder building = new TransportBindingBuilder();
- building.build(rmd);
+ log.debug("Building transport binding");
+ TransportBindingBuilder building = new TransportBindingBuilder();
+ building.build(rmd);
} else if(rpd.isSymmetricBinding()) {
- log.debug("Building SymmetricBinding");
- SymmetricBindingBuilder builder = new SymmetricBindingBuilder();
- builder.build(rmd);
+ log.debug("Building SymmetricBinding");
+ SymmetricBindingBuilder builder = new SymmetricBindingBuilder();
+ builder.build(rmd);
} else {
AsymmetricBindingBuilder builder = new AsymmetricBindingBuilder();
builder.build(rmd);
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java b/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
index 9684b3c..0bb2863 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
@@ -830,11 +830,13 @@ public class PolicyBasedResultsValidator implements PolicyValidatorCallbackHandl
}
// If certificates have been found, the certificates must be compared
- // to ensure againgst phony DNs (compare encoded form including signature)
+ // to ensure against phony DNs (compare encoded form including signature)
if (certs != null && certs.length > 0 && cert.equals(certs[0])) {
if (doDebug) {
log.debug("Direct trust for certificate with " + subjectString);
}
+ // Set the alias of the cert used for the msg. sig. as a msg. cxt. property
+ rmd.getMsgContext().setProperty(RampartMessageData.SIGNATURE_CERT_ALIAS, alias);
return true;
}
} else {
@@ -916,7 +918,9 @@ public class PolicyBasedResultsValidator implements PolicyValidatorCallbackHandl
}
}
- log.debug("WSHandler: Certificate path could not be verified for certificate with subject " + subjectString);
+ if (doDebug) {
+ log.debug("WSHandler: Certificate path could not be verified for certificate with subject " + subjectString);
+ }
return false;
}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/RampartConstants.java b/modules/rampart-core/src/main/java/org/apache/rampart/RampartConstants.java
index a21c048..6824d09 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/RampartConstants.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/RampartConstants.java
@@ -5,5 +5,6 @@ public class RampartConstants {
public static final String TIME_LOG = "org.apache.rampart.TIME";
public static final String MESSAGE_LOG = "org.apache.rampart.MESSAGE";
public static final String SEC_FAULT = "SECURITY_VALIDATION_FAILURE";
-
+ public static final String MERLIN_CRYPTO_IMPL = "org.apache.ws.security.components.crypto.Merlin";
+ public static final String MERLIN_CRYPTO_IMPL_CACHE_KEY = "org.apache.ws.security.crypto.merlin.file";
}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java b/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
index 3d20bba..22a689e 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
@@ -16,37 +16,37 @@
package org.apache.rampart;
-import org.apache.axiom.om.OMElement;
-import org.apache.axiom.soap.*;
import org.apache.axiom.soap.SOAP11Constants;
import org.apache.axiom.soap.SOAP12Constants;
+import org.apache.axiom.soap.SOAPEnvelope;
+import org.apache.axiom.soap.SOAPFault;
+import org.apache.axiom.soap.SOAPFaultCode;
+import org.apache.axiom.soap.SOAPFaultSubCode;
+import org.apache.axiom.soap.SOAPFaultValue;
+import org.apache.axiom.soap.SOAPHeader;
+import org.apache.axiom.soap.SOAPHeaderBlock;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.Token;
import org.apache.rahas.TokenStorage;
-import org.apache.rahas.impl.util.SAML2KeyInfo;
-import org.apache.rahas.impl.util.SAML2Utils;
import org.apache.rampart.policy.RampartPolicyData;
+import org.apache.rampart.saml.SAMLAssertionHandler;
+import org.apache.rampart.saml.SAMLAssertionHandlerFactory;
import org.apache.rampart.util.Axis2Util;
import org.apache.rampart.util.RampartUtil;
import org.apache.ws.secpolicy.WSSPolicyException;
-import org.apache.ws.security.*;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSecurityEngine;
+import org.apache.ws.security.WSSecurityEngineResult;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.WSUsernameTokenPrincipal;
import org.apache.ws.security.components.crypto.Crypto;
-import org.apache.ws.security.saml.SAMLKeyInfo;
-import org.apache.ws.security.saml.SAMLUtil;
-import org.opensaml.SAMLAssertion;
-import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.core.Subject;
-import org.opensaml.saml2.core.SubjectConfirmationData;
-import org.opensaml.saml2.core.Conditions;
import javax.xml.namespace.QName;
-import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
-import java.util.Date;
import java.util.Iterator;
import java.util.Vector;
@@ -59,12 +59,9 @@ public class RampartEngine {
public Vector process(MessageContext msgCtx) throws WSSPolicyException,
RampartException, WSSecurityException, AxisFault {
- boolean doDebug = log.isDebugEnabled();
boolean dotDebug = tlog.isDebugEnabled();
- if(doDebug){
- log.debug("Enter process(MessageContext msgCtx)");
- }
+ log.debug("Enter process(MessageContext msgCtx)");
RampartMessageData rmd = new RampartMessageData(msgCtx, false);
@@ -89,14 +86,12 @@ public class RampartEngine {
//Convert back to llom since the inflow cannot use llom
msgCtx.setEnvelope(env);
Axis2Util.useDOOM(false);
- if(doDebug){
- log.debug("Return process MessageContext msgCtx)");
- }
- return null;
+ log.debug("Return process MessageContext msgCtx)");
+ return null;
}
- Vector results = null;
+ Vector results;
WSSecurityEngine engine = new WSSecurityEngine();
@@ -139,19 +134,23 @@ public class RampartEngine {
if(rpd.isSymmetricBinding()) {
//Here we have to create the CB handler to get the tokens from the
//token storage
- if(doDebug){
- log.debug("Processing security header using SymetricBinding");
- }
- results = engine.processSecurityHeader(rmd.getDocument(),
+ log.debug("Processing security header using SymetricBinding");
+ results = engine.processSecurityHeader(rmd.getDocument(),
actorValue,
tokenCallbackHandler,
signatureCrypto,
RampartUtil.getEncryptionCrypto(rpd.getRampartConfig(),
msgCtx.getAxisService().getClassLoader()));
+
+ // Remove encryption tokens if this is the initiator and if initiator is receiving a message
+
+ if (rmd.isInitiator() && (msgCtx.getFLOW() == MessageContext.IN_FLOW ||
+ msgCtx.getFLOW() == MessageContext.IN_FAULT_FLOW)) {
+ tokenCallbackHandler.removeEncryptedToken();
+ }
+
} else {
- if(doDebug){
- log.debug("Processing security header in normal path");
- }
+ log.debug("Processing security header in normal path");
results = engine.processSecurityHeader(rmd.getDocument(),
actorValue,
tokenCallbackHandler,
@@ -177,77 +176,30 @@ public class RampartEngine {
(Integer) wser.get(WSSecurityEngineResult.TAG_ACTION);
if (WSConstants.ST_UNSIGNED == actInt.intValue()) {
- // If this is a SAML2.0 assertion
- if (wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION) instanceof Assertion) {
-
- final Assertion assertion = (Assertion) wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- String id = assertion.getID();
- Subject subject = assertion.getSubject();
-
- Date dateOfCreation = null;
- Date dateOfExpiration = null;
-
- //Read the validity period from the 'Conditions' element, else read it from SC Data
- if (assertion.getConditions() != null) {
- Conditions conditions = assertion.getConditions();
- if (conditions.getNotBefore() != null) {
- dateOfCreation = conditions.getNotBefore().toDate();
- }
- if (conditions.getNotOnOrAfter() != null) {
- dateOfExpiration = conditions.getNotOnOrAfter().toDate();
- }
- } else {
- SubjectConfirmationData scData = subject.getSubjectConfirmations()
- .get(0).getSubjectConfirmationData();
- if (scData.getNotBefore() != null) {
- dateOfCreation = scData.getNotBefore().toDate();
- }
- if (scData.getNotOnOrAfter() != null) {
- dateOfExpiration = scData.getNotOnOrAfter().toDate();
- }
- }
+ Object samlAssertion = wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- // TODO : SAML2KeyInfo element needs to be moved to WSS4J.
- SAML2KeyInfo saml2KeyInfo = SAML2Utils.
- getSAML2KeyInfo(assertion, signatureCrypto, tokenCallbackHandler);
-
- //Store the token
- try {
- TokenStorage store = rmd.getTokenStorage();
- if (store.getToken(id) == null) {
- Token token = new Token(id, (OMElement) SAML2Utils.getElementFromAssertion(assertion), dateOfCreation, dateOfExpiration);
- token.setSecret(saml2KeyInfo.getSecret());
- store.add(token);
- }
- } catch (Exception e) {
- throw new RampartException(
- "errorInAddingTokenIntoStore", e);
- }
+ SAMLAssertionHandler samlAssertionHandler
+ = SAMLAssertionHandlerFactory.createAssertionHandler(samlAssertion);
+ if (samlAssertionHandler.isBearerAssertion()) {
+ break;
}
- //if this is a SAML1.1 assertion
- else {
- final SAMLAssertion assertion =
-
- ((SAMLAssertion) wser
- .get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
- String id = assertion.getId();
- Date created = assertion.getNotBefore();
- Date expires = assertion.getNotOnOrAfter();
- SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion,
- signatureCrypto, tokenCallbackHandler);
- try {
- TokenStorage store = rmd.getTokenStorage();
- if (store.getToken(id) == null) {
- Token token = new Token(id, (OMElement) assertion.toDOM(), created, expires);
- token.setSecret(samlKi.getSecret());
- store.add(token);
- }
- } catch (Exception e) {
- throw new RampartException(
- "errorInAddingTokenIntoStore", e);
+ //Store the token
+ try {
+ TokenStorage store = rmd.getTokenStorage();
+ if (store.getToken(samlAssertionHandler.getAssertionId()) == null) {
+ Token token = new Token(samlAssertionHandler.getAssertionId(),
+ samlAssertionHandler.getAssertionElement(),
+ samlAssertionHandler.getDateNotBefore(),
+ samlAssertionHandler.getDateNotOnOrAfter());
+
+ token.setSecret(samlAssertionHandler.
+ getAssertionKeyInfoSecret(signatureCrypto, tokenCallbackHandler));
+ store.add(token);
}
-
+ } catch (Exception e) {
+ throw new RampartException(
+ "errorInAddingTokenIntoStore", e);
}
} else if (WSConstants.UT == actInt.intValue()) {
@@ -288,6 +240,16 @@ public class RampartEngine {
}
} else if (WSConstants.SIGN == actInt.intValue()) {
X509Certificate cert = (X509Certificate) wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
+
+ if (rpd.isAsymmetricBinding() && cert == null && rpd.getInitiatorToken() != null
+ && !rpd.getInitiatorToken().isDerivedKeys()) {
+
+ // If symmetric binding is used, the certificate should be null.
+ // If certificate is not null then probably initiator and
+ // recipient are using 2 different bindings.
+ throw new RampartException("invalidSignatureAlgo");
+ }
+
msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
}
@@ -314,9 +276,7 @@ public class RampartEngine {
", PolicyBasedResultsValidattor took " + (t3 - t2));
}
- if(doDebug){
- log.debug("Return process(MessageContext msgCtx)");
- }
+ log.debug("Return process(MessageContext msgCtx)");
return results;
}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/RampartException.java b/modules/rampart-core/src/main/java/org/apache/rampart/RampartException.java
index f76de9c..c95929f 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/RampartException.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/RampartException.java
@@ -45,7 +45,7 @@ public class RampartException extends Exception {
/**
* Construct the fault properly code for the standard faults
- * @param faultCode2
+ * @param code code as definfed in property file under
* @return
*/
private String getFaultCode(String code) {
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java b/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
index 1a1c4be..ea22d49 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
@@ -19,27 +19,29 @@ package org.apache.rampart;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axis2.AxisFault;
-import org.apache.axis2.util.PolicyUtil;
-import org.apache.axis2.engine.AxisConfiguration;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.context.OperationContext;
import org.apache.axis2.description.AxisService;
import org.apache.axis2.description.Parameter;
+import org.apache.axis2.engine.AxisConfiguration;
+import org.apache.axis2.util.PolicyUtil;
import org.apache.axis2.wsdl.WSDLConstants;
import org.apache.neethi.Policy;
-import org.apache.neethi.PolicyEngine;
import org.apache.neethi.PolicyComponent;
+import org.apache.neethi.PolicyEngine;
import org.apache.rahas.RahasConstants;
import org.apache.rahas.SimpleTokenStore;
import org.apache.rahas.TokenStorage;
-import org.apache.rahas.TrustException;
-import org.apache.rahas.TrustUtil;
import org.apache.rampart.handler.WSSHandlerConstants;
import org.apache.rampart.policy.RampartPolicyBuilder;
import org.apache.rampart.policy.RampartPolicyData;
import org.apache.rampart.policy.model.RampartConfig;
+import org.apache.rampart.saml.SAMLAssertionHandler;
+import org.apache.rampart.saml.SAMLAssertionHandlerFactory;
import org.apache.rampart.util.Axis2Util;
import org.apache.rampart.util.RampartUtil;
+import org.apache.ws.secpolicy.SP11Constants;
+import org.apache.ws.secpolicy.SP12Constants;
import org.apache.ws.secpolicy.WSSPolicyException;
import org.apache.ws.security.SOAPConstants;
import org.apache.ws.security.WSConstants;
@@ -53,13 +55,11 @@ import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.token.SecurityContextToken;
import org.apache.ws.security.util.Loader;
import org.apache.ws.security.util.WSSecurityUtil;
-import org.opensaml.SAMLAssertion;
import org.w3c.dom.Document;
-import java.util.Date;
+import java.util.ArrayList;
import java.util.List;
import java.util.Vector;
-import java.util.ArrayList;
public class RampartMessageData {
@@ -88,7 +88,12 @@ public class RampartMessageData {
* Key to hold username which was used to authenticate
*/
public final static String USERNAME = "username";
-
+
+ /**
+ *
+ */
+ public final static String SIGNATURE_CERT_ALIAS = "signatureCertAlias";
+
/**
* Key to hold the WS-Trust version
*/
@@ -135,9 +140,9 @@ public class RampartMessageData {
* RahasConstants.VERSION_05_12
*/
- private int wstVersion = RahasConstants.VERSION_05_02;
+ private int wstVersion = RahasConstants.VERSION_05_12;
- private int secConvVersion = ConversationConstants.DEFAULT_VERSION;
+ private int secConvVersion = ConversationConstants.VERSION_05_12;
/*
* IssuedTokens or SecurityContextTokens can be used
@@ -166,16 +171,6 @@ public class RampartMessageData {
this.msgContext = msgCtx;
try {
-
- //Extract known properties from the msgCtx
-
- if(msgCtx.getProperty(KEY_WST_VERSION) != null) {
- this.wstVersion = TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WST_VERSION));
- }
-
- if(msgCtx.getProperty(KEY_WSSC_VERSION) != null) {
- this.secConvVersion = TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WSSC_VERSION));
- }
// First obtain the axis service as we have to do a null check, there can be situations
// where Axis Service is null
@@ -193,12 +188,12 @@ public class RampartMessageData {
msgCtx.getAxisService().addParameter(clientSideParam);
}
}
-
+
if(msgCtx.getProperty(KEY_RAMPART_POLICY) != null) {
this.servicePolicy = (Policy)msgCtx.getProperty(KEY_RAMPART_POLICY);
}
-
-
+
+
// Checking which flow we are in
int flow = msgCtx.getFLOW();
@@ -262,8 +257,11 @@ public class RampartMessageData {
//Process policy and build policy data
this.policyData = RampartPolicyBuilder.build(it);
+
+ //Set the version
+ setWSSecurityVersions(this.policyData.getWebServiceSecurityPolicyNS());
}
-
+
if(this.policyData != null) {
@@ -274,7 +272,7 @@ public class RampartMessageData {
msgCtx.setEnvelope((SOAPEnvelope)this.document.getDocumentElement());
this.soapConstants = WSSecurityUtil.getSOAPConstants(this.document.getDocumentElement());
-
+
// Update the Rampart Config if RampartConfigCallbackHandler is present in the
// RampartConfig
@@ -284,36 +282,31 @@ public class RampartMessageData {
if (rampartConfigCallbackHandler != null) {
rampartConfigCallbackHandler.update(policyData.getRampartConfig());
}
+
+ // Update TTL and max skew time
+ RampartConfig policyDataRampartConfig = policyData.getRampartConfig();
+ if (policyDataRampartConfig != null) {
+ String timeToLiveString = policyDataRampartConfig.getTimestampTTL();
+ if (timeToLiveString != null && !timeToLiveString.equals("")) {
+ this.setTimeToLive(Integer.parseInt(timeToLiveString));
+ }
+
+ String maxSkewString = policyDataRampartConfig.getTimestampMaxSkew();
+ if (maxSkewString != null && !maxSkewString.equals("")) {
+ this.setTimestampMaxSkew(Integer.parseInt(maxSkewString));
+ }
+ }
//Check for RST and RSTR for an SCT
- if((WSSHandlerConstants.RST_ACTON_SCT.equals(msgContext.getWSAAction())
- || WSSHandlerConstants.RSTR_ACTON_SCT.equals(msgContext.getWSAAction())) &&
- this.policyData.getIssuerPolicy() != null) {
-
- this.servicePolicy = this.policyData.getIssuerPolicy();
-
- RampartConfig rampartConfig = policyData.getRampartConfig();
- if(rampartConfig != null) {
- /*
- * Copy crypto info into the new issuer policy
- */
- RampartConfig rc = new RampartConfig();
- rc.setEncrCryptoConfig(rampartConfig.getEncrCryptoConfig());
- rc.setSigCryptoConfig(rampartConfig.getSigCryptoConfig());
- rc.setDecCryptoConfig(rampartConfig.getDecCryptoConfig());
- rc.setUser(rampartConfig.getUser());
- rc.setUserCertAlias(rc.getUserCertAlias());
- rc.setEncryptionUser(rampartConfig.getEncryptionUser());
- rc.setPwCbClass(rampartConfig.getPwCbClass());
- rc.setSSLConfig(rampartConfig.getSSLConfig());
-
- this.servicePolicy.addAssertion(rc);
- }
-
- List it = (List)this.servicePolicy.getAlternatives().next();
-
- //Process policy and build policy data
- this.policyData = RampartPolicyBuilder.build(it);
+ String wsaAction = msgContext.getWSAAction();
+ if(WSSHandlerConstants.RST_ACTON_SCT.equals(wsaAction)
+ || WSSHandlerConstants.RSTR_ACTON_SCT.equals(wsaAction)) {
+ //submissive version
+ setTrustParameters();
+ }else if(WSSHandlerConstants.RST_ACTON_SCT_STANDARD.equals(wsaAction)
+ || WSSHandlerConstants.RSTR_ACTON_SCT_STANDARD.equals(wsaAction)) {
+ //standard policy spec 1.2
+ setTrustParameters();
}
}
@@ -379,8 +372,6 @@ public class RampartMessageData {
secHeader.insertSecurityHeader(this.document);
}
- } catch (TrustException e) {
- throw new RampartException("errorInExtractingMsgProps", e);
} catch (AxisFault e) {
throw new RampartException("errorInExtractingMsgProps", e);
} catch (WSSPolicyException e) {
@@ -391,6 +382,61 @@ public class RampartMessageData {
}
+ private void setWSSecurityVersions(String namespace) throws RampartException {
+
+ if (namespace == null || namespace.equals("")) {
+ throw new RampartException("Security policy namespace cannot be null.");
+ }
+
+ if (SP11Constants.SP_NS.equals(namespace)) {
+ this.wstVersion = RahasConstants.VERSION_05_02;
+ this.secConvVersion = ConversationConstants.VERSION_05_02;
+ } else if (SP12Constants.SP_NS.equals(namespace)) {
+ this.wstVersion = RahasConstants.VERSION_05_12;
+ this.secConvVersion = ConversationConstants.VERSION_05_12;
+ } else {
+ throw new RampartException("Invalid namespace received, " + namespace);
+ }
+
+ }
+
+ private void setTrustParameters() throws RampartException {
+
+ if (this.policyData.getIssuerPolicy() == null) {
+ return;
+ }
+
+ this.servicePolicy = this.policyData.getIssuerPolicy();
+
+ RampartConfig rampartConfig = policyData.getRampartConfig();
+ if (rampartConfig != null) {
+ /*
+ * Copy crypto info into the new issuer policy
+ */
+ RampartConfig rc = new RampartConfig();
+ rc.setEncrCryptoConfig(rampartConfig.getEncrCryptoConfig());
+ rc.setSigCryptoConfig(rampartConfig.getSigCryptoConfig());
+ rc.setDecCryptoConfig(rampartConfig.getDecCryptoConfig());
+ rc.setUser(rampartConfig.getUser());
+ rc.setUserCertAlias(rc.getUserCertAlias());
+ rc.setEncryptionUser(rampartConfig.getEncryptionUser());
+ rc.setPwCbClass(rampartConfig.getPwCbClass());
+ rc.setSSLConfig(rampartConfig.getSSLConfig());
+
+ this.servicePolicy.addAssertion(rc);
+ }
+
+ List it = (List) this.servicePolicy.getAlternatives().next();
+
+ //Process policy and build policy data
+ try {
+ this.policyData = RampartPolicyBuilder.build(it);
+ } catch (WSSPolicyException e) {
+ throw new RampartException("errorInExtractingMsgProps", e);
+ }
+
+ }
+
/**
* @return Returns the document.
*/
@@ -543,10 +589,12 @@ public class RampartMessageData {
final Integer actInt =
(Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
if(WSConstants.ST_UNSIGNED == actInt.intValue()) {
- final SAMLAssertion assertion =
- ((SAMLAssertion) wser
- .get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
- return assertion.getId();
+ final Object assertion =
+ wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ SAMLAssertionHandler samlAssertionHandler
+ = SAMLAssertionHandlerFactory.createAssertionHandler(assertion);
+
+ return samlAssertionHandler.getAssertionId();
}
}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java b/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
index d54fd42..c74d1b5 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
@@ -34,15 +34,19 @@ public class TokenCallbackHandler implements CallbackHandler {
private TokenStorage store;
private CallbackHandler handler;
-
+ private String tokenIdentifier;
+
public TokenCallbackHandler(TokenStorage store, CallbackHandler handler) {
this.store = store;
this.handler = handler;
+ this.tokenIdentifier = null;
}
+
+
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException {
-
+
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
@@ -67,8 +71,10 @@ public class TokenCallbackHandler implements CallbackHandler {
}
} else if (pc.getUsage() == WSPasswordCallback.ENCRYPTED_KEY_TOKEN){
try {
- String[] tokenIdentifiers = this.store.getTokenIdentifiers();
+
+ String[] tokenIdentifiers = this.store.getTokenIdentifiers();
Token tok;
+
for (int j = 0 ; j < tokenIdentifiers.length ; j++) {
tok = this.store.getToken(tokenIdentifiers[j]);
@@ -77,6 +83,8 @@ public class TokenCallbackHandler implements CallbackHandler {
((EncryptedKeyToken)tok).getSHA1().equals(id)){
pc.setKey(tok.getSecret());
pc.setCustomToken((Element)tok.getToken());
+
+ tokenIdentifier = tokenIdentifiers[j];
}
}
@@ -97,6 +105,14 @@ public class TokenCallbackHandler implements CallbackHandler {
}
}
}
+
+ public void removeEncryptedToken() {
+
+ if (tokenIdentifier != null) {
+ this.store.removeToken(tokenIdentifier);
+ }
+
+ }
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
index 6c0caeb..8cc87df 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
@@ -53,8 +53,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
private static Log log = LogFactory.getLog(AsymmetricBindingBuilder.class);
private static Log tlog = LogFactory.getLog(RampartConstants.TIME_LOG);
- private boolean dotDebug = false;
-
+
private Token sigToken;
private WSSecSignature sig;
@@ -77,10 +76,6 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
private Element signatureElement;
- public AsymmetricBindingBuilder(){
- dotDebug = tlog.isDebugEnabled();
- }
-
public void build(RampartMessageData rmd) throws RampartException {
log.debug("AsymmetricBindingBuilder build invoked");
@@ -102,7 +97,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
throws RampartException {
long t0 = 0, t1 = 0, t2 = 0;
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t0 = System.currentTimeMillis();
}
RampartPolicyData rpd = rmd.getPolicyData();
@@ -197,7 +192,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
RampartUtil.appendChildToSecHeader(rmd, refList);
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t1 = System.currentTimeMillis();
}
@@ -281,7 +276,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
}
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t2 = System.currentTimeMillis();
tlog.debug("Encryption took :" + (t1 - t0)
+", Signature tool :" + (t2 - t1) );
@@ -290,7 +285,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
// Check for signature protection
if (rpd.isSignatureProtection() && this.mainSigId != null) {
long t3 = 0, t4 = 0;
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t3 = System.currentTimeMillis();
}
Vector secondEncrParts = new Vector();
@@ -333,7 +328,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
throw new RampartException("errorInEncryption", e);
}
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t4 = System.currentTimeMillis();
tlog.debug("Signature protection took :" + (t4 - t3));
}
@@ -369,7 +364,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
this.setInsertionLocation(null);
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t0 = System.currentTimeMillis();
}
@@ -459,7 +454,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
}
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t1 = System.currentTimeMillis();
}
@@ -591,7 +586,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
}
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t2 = System.currentTimeMillis();
tlog.debug("Signature took :" + (t1 - t0)
+", Encryption took :" + (t2 - t1) );
@@ -607,7 +602,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
Element supportingSignatureElement;
long t0 = 0, t1 = 0;
- if (dotDebug) {
+ if (tlog.isDebugEnabled()) {
t0 = System.currentTimeMillis();
}
@@ -629,6 +624,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
}
try {
+ supportingSig.setDigestAlgo(rmd.getPolicyData().getAlgorithmSuite().getDigest());
supportingSig.addReferencesToSign(supportingSigParts, rmd.getSecHeader());
supportingSig.computeSignature();
@@ -643,7 +639,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
signatureValues.add(supportingSig.getSignatureValue());
- if (dotDebug) {
+ if (tlog.isDebugEnabled()) {
t1 = System.currentTimeMillis();
tlog.debug("Signature took :" + (t1 - t0));
}
@@ -656,7 +652,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
Document doc = rmd.getDocument();
long t0 = 0, t1 = 0;
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t0 = System.currentTimeMillis();
}
if(rmd.isInitiator()) {
@@ -733,6 +729,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
}
try {
+ sig.setDigestAlgo(rpd.getAlgorithmSuite().getDigest());
sig.addReferencesToSign(sigParts, rmd.getSecHeader());
sig.computeSignature();
@@ -748,7 +745,7 @@ public class AsymmetricBindingBuilder extends BindingBuilder {
signatureValues.add(sig.getSignatureValue());
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t1 = System.currentTimeMillis();
tlog.debug("Signature took :" + (t1 - t0));
}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
index deba60b..88c98fa 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
@@ -27,9 +27,11 @@ import org.apache.rampart.RampartException;
import org.apache.rampart.RampartMessageData;
import org.apache.rampart.policy.RampartPolicyData;
import org.apache.rampart.policy.SupportingPolicyData;
+import org.apache.rampart.policy.model.RampartConfig;
import org.apache.rampart.util.RampartUtil;
import org.apache.ws.secpolicy.Constants;
import org.apache.ws.secpolicy.SPConstants;
+import org.apache.ws.secpolicy.model.AlgorithmSuite;
import org.apache.ws.secpolicy.model.IssuedToken;
import org.apache.ws.secpolicy.model.SecureConversationToken;
import org.apache.ws.secpolicy.model.SupportingToken;
@@ -70,7 +72,7 @@ import java.util.Map.Entry;
public abstract class BindingBuilder {
private static Log log = LogFactory.getLog(BindingBuilder.class);
-
+
private Element insertionLocation;
protected String mainSigId = null;
@@ -87,7 +89,7 @@ public abstract class BindingBuilder {
*/
protected void addTimestamp(RampartMessageData rmd) {
log.debug("Adding timestamp");
-
+
WSSecTimestamp timestampBuilder = new WSSecTimestamp();
timestampBuilder.setWsConfig(rmd.getConfig());
@@ -97,9 +99,10 @@ public abstract class BindingBuilder {
timestampBuilder.build(rmd.getDocument(), rmd
.getSecHeader());
-
- log.debug("Timestamp id: " + timestampBuilder.getId());
+ if (log.isDebugEnabled()) {
+ log.debug("Timestamp id: " + timestampBuilder.getId());
+ }
rmd.setTimestampId(timestampBuilder.getId());
this.timestampElement = timestampBuilder.getElement();
@@ -113,9 +116,9 @@ public abstract class BindingBuilder {
* @throws RampartException
*/
protected WSSecUsernameToken addUsernameToken(RampartMessageData rmd, UsernameToken token) throws RampartException {
-
+
log.debug("Adding a UsernameToken");
-
+
RampartPolicyData rpd = rmd.getPolicyData();
//Get the user
@@ -130,8 +133,10 @@ public abstract class BindingBuilder {
}
if(user != null && !"".equals(user)) {
- log.debug("User : " + user);
-
+ if (log.isDebugEnabled()) {
+ log.debug("User : " + user);
+ }
+
// If NoPassword property is set we don't need to set the password
if (token.isNoPassword()) {
WSSecUsernameToken utBuilder = new WSSecUsernameToken();
@@ -170,9 +175,7 @@ public abstract class BindingBuilder {
//get the password
password = cb[0].getPassword();
}
-
- log.debug("Password : " + password);
-
+
if(password != null && !"".equals(password)) {
//If the password is available then build the token
@@ -258,9 +261,11 @@ public abstract class BindingBuilder {
WSSecSignature sig = new WSSecSignature();
checkForX509PkiPath(sig, token);
sig.setWsConfig(rmd.getConfig());
-
- log.debug("Token inclusion: " + token.getInclusion());
-
+
+ if (log.isDebugEnabled()) {
+ log.debug("Token inclusion: " + token.getInclusion());
+ }
+
RampartUtil.setKeyIdentifierType(rmd, sig, token);
String user = null;
@@ -270,21 +275,28 @@ public abstract class BindingBuilder {
}
// Get the user - First check whether userCertAlias present
- if (user == null) {
- user = rpd.getRampartConfig().getUserCertAlias();
+ RampartConfig rampartConfig = rpd.getRampartConfig();
+ if(rampartConfig == null) {
+ throw new RampartException("rampartConfigMissing");
+ }
+
+ if (user == null) {
+ user = rampartConfig.getUserCertAlias();
}
// If userCertAlias is not present, use user property as Alias
if (user == null) {
- user = rpd.getRampartConfig().getUser();
+ user = rampartConfig.getUser();
}
String password = null;
if(user != null && !"".equals(user)) {
- log.debug("User : " + user);
-
+ if (log.isDebugEnabled()) {
+ log.debug("User : " + user);
+ }
+
//Get the password
CallbackHandler handler = RampartUtil.getPasswordCB(rmd);
@@ -300,7 +312,9 @@ public abstract class BindingBuilder {
handler.handle(cb);
if(cb[0].getPassword() != null && !"".equals(cb[0].getPassword())) {
password = cb[0].getPassword();
- log.debug("Password : " + password);
+ if (log.isDebugEnabled()) {
+ log.debug("Password : " + password);
+ }
} else {
//If there's no password then throw an exception
throw new RampartException("noPasswordForUser",
@@ -320,12 +334,13 @@ public abstract class BindingBuilder {
}
sig.setUserInfo(user, password);
- sig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getAsymmetricSignature());
- sig.setSigCanonicalization(rpd.getAlgorithmSuite().getInclusiveC14n());
+ AlgorithmSuite algorithmSuite = rpd.getAlgorithmSuite();
+ sig.setSignatureAlgorithm(algorithmSuite.getAsymmetricSignature());
+ sig.setSigCanonicalization(algorithmSuite.getInclusiveC14n());
+ sig.setDigestAlgo(algorithmSuite.getDigest());
try {
- sig.prepare(rmd.getDocument(), RampartUtil.getSignatureCrypto(rpd
- .getRampartConfig(), rmd.getCustomClassLoader()),
+ sig.prepare(rmd.getDocument(), RampartUtil.getSignatureCrypto(rampartConfig, rmd.getCustomClassLoader()),
rmd.getSecHeader());
} catch (WSSecurityException e) {
throw new RampartException("errorInSignatureWithX509Token", e);
@@ -348,7 +363,7 @@ public abstract class BindingBuilder {
if(suppTokens != null && suppTokens.getTokens() != null &&
suppTokens.getTokens().size() > 0) {
log.debug("Processing supporting tokens");
-
+
ArrayList tokens = suppTokens.getTokens();
for (Iterator iter = tokens.iterator(); iter.hasNext();) {
Token token = (Token) iter.next();
@@ -531,7 +546,8 @@ public abstract class BindingBuilder {
RampartPolicyData rpd = rmd.getPolicyData();
- if(policyToken.isDerivedKeys()) {
+ AlgorithmSuite algorithmSuite = rpd.getAlgorithmSuite();
+ if(policyToken.isDerivedKeys()) {
try {
WSSecDKSign dkSign = new WSSecDKSign();
@@ -577,8 +593,9 @@ public abstract class BindingBuilder {
}
//Set the algo info
- dkSign.setSignatureAlgorithm(rpd.getAlgorithmSuite().getSymmetricSignature());
- dkSign.setDerivedKeyLength(rpd.getAlgorithmSuite().getSignatureDerivedKeyLength()/8);
+ dkSign.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
+ dkSign.setDerivedKeyLength(algorithmSuite.getSignatureDerivedKeyLength()/8);
+// dkSign.setDigestAlgorithm(algorithmSuite.getDigest()); //uncomment when wss4j version is updated
if(tok instanceof EncryptedKeyToken) {
//Set the value type of the reference
dkSign.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
@@ -691,8 +708,9 @@ public abstract class BindingBuilder {
sig.setCustomTokenId(sigTokId);
sig.setSecretKey(tok.getSecret());
- sig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getAsymmetricSignature());
- sig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getSymmetricSignature());
+ sig.setSignatureAlgorithm(algorithmSuite.getAsymmetricSignature());
+ sig.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
+ sig.setDigestAlgo(algorithmSuite.getDigest());
sig.prepare(rmd.getDocument(), RampartUtil.getSignatureCrypto(rpd
.getRampartConfig(), rmd.getCustomClassLoader()),
rmd.getSecHeader());
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
index abc7e27..26ab866 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
@@ -63,17 +63,11 @@ public class SymmetricBindingBuilder extends BindingBuilder {
private static Log log = LogFactory.getLog(SymmetricBindingBuilder.class);
private static Log tlog = LogFactory.getLog(RampartConstants.TIME_LOG);
- private boolean dotDebug = false;
-
-
- public SymmetricBindingBuilder(){
- dotDebug = tlog.isDebugEnabled();
- }
-
+
public void build(RampartMessageData rmd) throws RampartException {
-
+
log.debug("SymmetricBindingBuilder build invoked");
-
+
RampartPolicyData rpd = rmd.getPolicyData();
if(rpd.isIncludeTimestamp()) {
this.addTimestamp(rmd);
@@ -91,9 +85,8 @@ public class SymmetricBindingBuilder extends BindingBuilder {
this.doSignBeforeEncrypt(rmd);
}
-
log.debug("SymmetricBindingBuilder build invoked : DONE");
-
+
}
private void doEncryptBeforeSig(RampartMessageData rmd) throws RampartException {
@@ -104,7 +97,7 @@ public class SymmetricBindingBuilder extends BindingBuilder {
Vector signatureValues = new Vector();
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t0 = System.currentTimeMillis();
}
@@ -125,10 +118,14 @@ public class SymmetricBindingBuilder extends BindingBuilder {
if(encryptionToken instanceof IssuedToken) {
tokenId = rmd.getIssuedEncryptionTokenId();
- log.debug("Issued EncryptionToken Id : " + tokenId);
+ if (log.isDebugEnabled()) {
+ log.debug("Issued EncryptionToken Id : " + tokenId);
+ }
} else if(encryptionToken instanceof SecureConversationToken) {
tokenId = rmd.getSecConvTokenId();
- log.debug("SCT Id : " + tokenId);
+ if (log.isDebugEnabled()) {
+ log.debug("SCT Id : " + tokenId);
+ }
} else if (encryptionToken instanceof X509Token) {
if (rmd.isInitiator()) {
tokenId = setupEncryptedKey(rmd, encryptionToken);
@@ -177,7 +174,7 @@ public class SymmetricBindingBuilder extends BindingBuilder {
AlgorithmSuite algorithmSuite = rpd.getAlgorithmSuite();
if(encryptionToken.isDerivedKeys()) {
log.debug("Use drived keys");
-
+
dkEncr = new WSSecDKEncrypt();
if(attached && tok.getAttachedReference() != null) {
@@ -238,7 +235,7 @@ public class SymmetricBindingBuilder extends BindingBuilder {
this.mainRefListElement = RampartUtil.appendChildToSecHeader(rmd, refList);
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t1 = System.currentTimeMillis();
}
@@ -328,7 +325,7 @@ public class SymmetricBindingBuilder extends BindingBuilder {
}
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t2 = System.currentTimeMillis();
tlog.debug("Encryption took :" + (t1 - t0)
+", Signature tool :" + (t2 - t1) );
@@ -338,10 +335,10 @@ public class SymmetricBindingBuilder extends BindingBuilder {
if(rpd.isSignatureProtection() && this.mainSigId != null ||
encryptedTokensIdList.size() > 0 && rmd.isInitiator()) {
long t3 = 0, t4 = 0;
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t3 = System.currentTimeMillis();
}
- log.debug("Signature protection");
+ log.debug("Signature protection");
Vector secondEncrParts = new Vector();
//Now encrypt the signature using the above token
@@ -381,7 +378,7 @@ public class SymmetricBindingBuilder extends BindingBuilder {
throw new RampartException("errorInEncryption", e);
}
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t4 = System.currentTimeMillis();
tlog.debug("Signature protection took :" + (t4 - t3));
}
@@ -400,7 +397,7 @@ public class SymmetricBindingBuilder extends BindingBuilder {
RampartPolicyData rpd = rmd.getPolicyData();
Document doc = rmd.getDocument();
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t0 = System.currentTimeMillis();
}
Token sigToken = rpd.getSignatureToken();
@@ -532,7 +529,7 @@ public class SymmetricBindingBuilder extends BindingBuilder {
}
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t1 = System.currentTimeMillis();
}
@@ -687,7 +684,7 @@ public class SymmetricBindingBuilder extends BindingBuilder {
}
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t2 = System.currentTimeMillis();
tlog.debug("Signature took :" + (t1 - t0)
+", Encryption took :" + (t2 - t1) );
@@ -809,7 +806,6 @@ public class SymmetricBindingBuilder extends BindingBuilder {
/**
* Setup the required tokens
* @param rmd
- * @param rpd
* @throws RampartException
*/
private void initializeTokens(RampartMessageData rmd) throws RampartException {
@@ -818,19 +814,19 @@ public class SymmetricBindingBuilder extends BindingBuilder {
MessageContext msgContext = rmd.getMsgContext();
if(rpd.isSymmetricBinding() && !msgContext.isServerSide()) {
- log.debug("Processing symmetric binding: " +
- "Setting up encryption token and signature token");
+ if (log.isDebugEnabled()) {
+ log.debug("Processing symmetric binding: " +
+ "Setting up encryption token and signature token");
+ }
//Setting up encryption token and signature token
Token sigTok = rpd.getSignatureToken();
Token encrTok = rpd.getEncryptionToken();
if(sigTok instanceof IssuedToken) {
-
log.debug("SignatureToken is an IssuedToken");
-
if(rmd.getIssuedSignatureTokenId() == null) {
log.debug("No Issuedtoken found, requesting a new token");
-
+
IssuedToken issuedToken = (IssuedToken)sigTok;
String id = RampartUtil.getIssuedToken(rmd,
@@ -840,9 +836,9 @@ public class SymmetricBindingBuilder extends BindingBuilder {
}
} else if(sigTok instanceof SecureConversationToken) {
-
+
log.debug("SignatureToken is a SecureConversationToken");
-
+
//TODO check for an existing token and use it
String secConvTokenId = rmd.getSecConvTokenId();
@@ -867,14 +863,13 @@ public class SymmetricBindingBuilder extends BindingBuilder {
throw new RampartException("errorExtractingToken");
}
}
-
+
if (secConvTokenId == null
- || (secConvTokenId != null &&
- (!RampartUtil.isTokenValid(rmd, secConvTokenId) && !cancelReqResp))) {
-
- log.debug("No SecureConversationToken found, " +
- "requesting a new token");
-
+ || (secConvTokenId != null &&
+ (!RampartUtil.isTokenValid(rmd, secConvTokenId) && !cancelReqResp))) {
+
+ log.debug("No SecureConversationToken found, requesting a new token");
+
SecureConversationToken secConvTok =
(SecureConversationToken) sigTok;
@@ -892,20 +887,21 @@ public class SymmetricBindingBuilder extends BindingBuilder {
//If it was the ProtectionToken assertion then sigTok is the
//same as encrTok
if(sigTok.equals(encrTok) && sigTok instanceof IssuedToken) {
-
+
log.debug("Symmetric binding uses a ProtectionToken, both" +
- " SignatureToken and EncryptionToken are the same");
-
+ " SignatureToken and EncryptionToken are the same");
+
rmd.setIssuedEncryptionTokenId(rmd.getIssuedEncryptionTokenId());
} else {
//Now we'll have to obtain the encryption token as well :-)
//ASSUMPTION: SecureConversationToken is used as a
//ProtectionToken therefore we only have to process a issued
//token here
-
+
log.debug("Obtaining the Encryption Token");
+
if(rmd.getIssuedEncryptionTokenId() != null) {
-
+
log.debug("EncrytionToken not alredy set");
IssuedToken issuedToken = (IssuedToken)encrTok;
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
index 2bbfa6e..244436b 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
@@ -16,10 +16,6 @@
package org.apache.rampart.builder;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.Vector;
-
import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axis2.context.MessageContext;
@@ -54,22 +50,21 @@ import org.apache.ws.security.message.WSSecUsernameToken;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.Vector;
+
public class TransportBindingBuilder extends BindingBuilder {
private static Log log = LogFactory.getLog(TransportBindingBuilder.class);
private static Log tlog = LogFactory.getLog(RampartConstants.TIME_LOG);
- private boolean dotDebug = false;
-
- public TransportBindingBuilder(){
- dotDebug = tlog.isDebugEnabled();
- }
-
+
public void build(RampartMessageData rmd) throws RampartException {
-
+
log.debug("TransportBindingBuilder build invoked");
-
+
long t0 = 0, t1 = 0;
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t1 = System.currentTimeMillis();
}
@@ -89,9 +84,9 @@ public class TransportBindingBuilder extends BindingBuilder {
if(sgndSuppTokens != null && sgndSuppTokens.getTokens() != null &&
sgndSuppTokens.getTokens().size() > 0) {
-
+
log.debug("Processing signed supporting tokens");
-
+
ArrayList tokens = sgndSuppTokens.getTokens();
for (Iterator iter = tokens.iterator(); iter.hasNext();) {
@@ -115,9 +110,9 @@ public class TransportBindingBuilder extends BindingBuilder {
SupportingToken sgndEndSuppTokens = rpd.getSignedEndorsingSupportingTokens();
if(sgndEndSuppTokens != null && sgndEndSuppTokens.getTokens() != null &&
sgndEndSuppTokens.getTokens().size() > 0) {
-
+
log.debug("Processing endorsing signed supporting tokens");
-
+
ArrayList tokens = sgndEndSuppTokens.getTokens();
SignedEncryptedParts signdParts = sgndEndSuppTokens.getSignedParts();
for (Iterator iter = tokens.iterator(); iter.hasNext();) {
@@ -162,7 +157,7 @@ public class TransportBindingBuilder extends BindingBuilder {
addSignatureConfirmation(rmd, null);
}
- if(dotDebug){
+ if(tlog.isDebugEnabled()){
t1 = System.currentTimeMillis();
tlog.debug("Transport binding build took "+ (t1 - t0));
}
@@ -614,10 +609,9 @@ public class TransportBindingBuilder extends BindingBuilder {
if (secConvTokenId == null
|| (secConvTokenId != null &&
(!RampartUtil.isTokenValid(rmd, secConvTokenId) && !cancelReqResp))) {
-
- log.debug("No SecureConversationToken found, " +
- "requesting a new token");
-
+
+ log.debug("No SecureConversationToken found, requesting a new token");
+
try {
secConvTokenId = RampartUtil.getSecConvToken(rmd, secConvTok);
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties b/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
index 3c4cda5..cdbbc4a 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
@@ -28,6 +28,7 @@ cannotCreatePolicyValidatorCallbackInstance = Cannot create custom policy valida
cannotLoadRampartConfigCallbackClass = Cannot load rampart config callback class : \"{0}\"
cannotCreateRampartConfigCallbackInstance = Cannot create rampart config callback class instance : \"{0}\"
missingEncryptionUser=Encryption user not specified (The context is created by the initiating party)
+rampartConfigMissing = Rampart policy configuration missing
missingSignatureCrypto=Signature crypto information not available
missingEncryptionCrypto=Encryption crypto information not available
@@ -98,4 +99,5 @@ invalidTransport = Expected transport is "https" but incoming transport found :
requiredElementsMissing = Required Elements not found in the incoming message : {0}
repeatingNonceValue = Nonce value : {0}, already seen before for user name : {1}. Possibly this could be a replay attack.
invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart configuration file.
-invalidIssuerAddress = Invalid value for Issuer
\ No newline at end of file
+invalidIssuerAddress = Invalid value for Issuer
+invalidSignatureAlgo=Invalid signature algorithm for Asymmetric binding
\ No newline at end of file
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java b/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
index 2b6d4d4..e4e83dd 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java
@@ -20,7 +20,6 @@ import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMException;
import org.apache.axiom.soap.SOAPHeader;
import org.apache.axiom.soap.SOAPHeaderBlock;
-import org.apache.axiom.soap.impl.dom.soap11.SOAP11HeaderBlockImpl;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.HandlerDescription;
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartSender.java b/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartSender.java
index cdc0cc5..6ead40a 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartSender.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartSender.java
@@ -36,7 +36,7 @@ import org.apache.ws.security.WSSecurityException;
public class RampartSender implements Handler {
private static Log mlog = LogFactory.getLog(RampartConstants.MESSAGE_LOG);
-
+
private static HandlerDescription EMPTY_HANDLER_METADATA =
new HandlerDescription("default Handler");
@@ -54,10 +54,11 @@ public class RampartSender implements Handler {
}
public InvocationResponse invoke(MessageContext msgContext) throws AxisFault {
-
+
if (!msgContext.isEngaged(WSSHandlerConstants.SECURITY_MODULE_NAME)) {
- return InvocationResponse.CONTINUE;
- }
+ return InvocationResponse.CONTINUE;
+ }
+
MessageBuilder builder = new MessageBuilder();
try {
@@ -67,7 +68,13 @@ public class RampartSender implements Handler {
} catch (WSSPolicyException e) {
throw new AxisFault(e.getMessage(), e);
} catch (RampartException e) {
- throw new AxisFault(e.getMessage(), e);
+ // If a framework exception is occurred while processing a security fault
+ // send the original fault to the client.
+ if (msgContext.isProcessingFault()) {
+ return InvocationResponse.CONTINUE;
+ } else {
+ throw new AxisFault(e.getMessage(), e);
+ }
}
if(mlog.isDebugEnabled()){
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSSHandlerConstants.java b/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSSHandlerConstants.java
index c693fc9..3960f63 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSSHandlerConstants.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/handler/WSSHandlerConstants.java
@@ -143,6 +143,8 @@ public class WSSHandlerConstants {
//TODO: Get these constants from the WS-Trust impl's constants
public final static String RST_ACTON_SCT = "http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT";
public final static String RSTR_ACTON_SCT = "http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT";
+ public final static String RST_ACTON_SCT_STANDARD = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT";
+ public final static String RSTR_ACTON_SCT_STANDARD = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT";
public final static String RSTR_ACTON_ISSUE = "http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue";
public final static String TOK_TYPE_SCT = "http://schemas.xmlsoap.org/ws/2005/02/sc/sct";
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyBuilder.java
index d0d061b..fe7412f 100755
--- a/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyBuilder.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyBuilder.java
@@ -49,7 +49,7 @@ import java.util.List;
public class RampartPolicyBuilder {
private static Log log = LogFactory.getLog(RampartPolicyBuilder.class);
-
+
/**
* Compile the parsed security data into one Policy data block.
*
@@ -76,6 +76,9 @@ public class RampartPolicyBuilder {
for (Iterator iter = topLevelAssertions.iterator(); iter.hasNext();) {
Assertion assertion = (Assertion) iter.next();
if (assertion instanceof Binding) {
+
+ setWebServiceSecurityPolicyNS(assertion, rpd);
+
if (assertion instanceof SymmetricBinding) {
processSymmetricPolicyBinding((SymmetricBinding) assertion, rpd);
} else if(assertion instanceof AsymmetricBinding) {
@@ -102,6 +105,10 @@ public class RampartPolicyBuilder {
} else if (assertion instanceof ContentEncryptedElements) {
processContentEncryptedElements((ContentEncryptedElements) assertion, rpd);
}else if (assertion instanceof SupportingToken) {
+
+ //Set policy version. Cos a supporting token can appear along without a binding
+ setWebServiceSecurityPolicyNS(assertion, rpd);
+
processSupportingTokens((SupportingToken) assertion, rpd);
} else if (assertion instanceof Trust10) {
processTrust10((Trust10)assertion, rpd);
@@ -110,14 +117,28 @@ public class RampartPolicyBuilder {
} else if (assertion instanceof MTOMAssertion){
processMTOMSerialization((MTOMAssertion)assertion, rpd);
} else {
- log.debug("Unknown top level PED found: "
- + assertion.getClass().getName());
+ if (log.isDebugEnabled()) {
+ log.debug("Unknown top level PED found: "
+ + assertion.getClass().getName());
+ }
}
}
return rpd;
}
+ /**
+ * Sets web service security policy version. The policy version is extracted from an assertion.
+ * But if namespace is already set this method will just return.
+ * @param assertion The assertion to get policy namespace.
+ */
+ private static void setWebServiceSecurityPolicyNS(Assertion assertion, RampartPolicyData policyData) {
+
+ if (policyData.getWebServiceSecurityPolicyNS() == null) {
+ policyData.setWebServiceSecurityPolicyNS(assertion.getName().getNamespaceURI());
+ }
+ }
+
/**
@@ -155,7 +176,7 @@ public class RampartPolicyBuilder {
/**
* Evaluate the symmetric policy binding data.
*
- * @param binding
+ * @param symmBinding
* The binding data
* @param rpd
* The WSS4J data to initialize
@@ -200,7 +221,7 @@ public class RampartPolicyBuilder {
/**
* Populate elements to sign and/or encrypt with the message tokens.
*
- * @param sep
+ * @param see
* The data describing the elements (XPath)
* @param rpd
* The WSS4J data to initialize
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java b/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java
index 48bc1f2..890d644 100755
--- a/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java
@@ -62,6 +62,9 @@ public class RampartPolicyData {
private boolean signatureConfirmation;
+ //Policy namespace
+ private String webServiceSecurityPolicyNS = null;
+
/*
* Message tokens for symmetrical binding
*/
@@ -163,7 +166,17 @@ public class RampartPolicyData {
private Vector supportingPolicyData = new Vector();
private Vector supportingTokens = new Vector();
-
+
+
+
+ public String getWebServiceSecurityPolicyNS() {
+ return webServiceSecurityPolicyNS;
+ }
+
+ public void setWebServiceSecurityPolicyNS(String webServiceSecurityPolicyNS) {
+ this.webServiceSecurityPolicyNS = webServiceSecurityPolicyNS;
+ }
+
public Vector getSupportingPolicyData() {
return supportingPolicyData;
}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/CryptoConfigBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/CryptoConfigBuilder.java
index 82337d6..6ac7f75 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/CryptoConfigBuilder.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/CryptoConfigBuilder.java
@@ -28,7 +28,7 @@ import javax.xml.namespace.QName;
import java.util.Iterator;
import java.util.Properties;
-public class CryptoConfigBuilder implements AssertionBuilder {
+public class CryptoConfigBuilder implements AssertionBuilder<OMElement> {
public Assertion build(OMElement element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
@@ -47,6 +47,12 @@ public class CryptoConfigBuilder implements AssertionBuilder {
if(cacheRefreshIntAttr != null){
cryptoCofig.setCacheRefreshInterval(cacheRefreshIntAttr.getAttributeValue().trim());
}
+
+ OMAttribute enableCryptoCacheAttr = element.getAttribute(new QName(CryptoConfig.CACHE_ENABLED));
+ if(enableCryptoCacheAttr != null){
+ cryptoCofig.setCacheEnabled(Boolean.parseBoolean(enableCryptoCacheAttr.
+ getAttributeValue().trim().toLowerCase()));
+ }
Properties properties = new Properties();
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/OptimizePartsBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/OptimizePartsBuilder.java
index 240a261..d8ffb6d 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/OptimizePartsBuilder.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/OptimizePartsBuilder.java
@@ -45,7 +45,7 @@ import org.apache.rampart.policy.model.RampartConfig;
</pre>
* @see OptimizePartsConfig
*/
-public class OptimizePartsBuilder implements AssertionBuilder{
+public class OptimizePartsBuilder implements AssertionBuilder<OMElement> {
public Assertion build(OMElement element, AssertionBuilderFactory factory) throws IllegalArgumentException {
OptimizePartsConfig assertion = new OptimizePartsConfig();
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/RampartConfigBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/RampartConfigBuilder.java
index 6d226c2..d7644d9 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/RampartConfigBuilder.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/RampartConfigBuilder.java
@@ -26,7 +26,7 @@ import org.apache.rampart.policy.model.OptimizePartsConfig;
import org.apache.rampart.policy.model.RampartConfig;
import org.apache.rampart.policy.model.SSLConfig;
-public class RampartConfigBuilder implements AssertionBuilder {
+public class RampartConfigBuilder implements AssertionBuilder<OMElement> {
public Assertion build(OMElement element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/SSLConfigBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/SSLConfigBuilder.java
index d124b7d..0f10302 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/SSLConfigBuilder.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/SSLConfigBuilder.java
@@ -28,7 +28,7 @@ import javax.xml.namespace.QName;
import java.util.Iterator;
import java.util.Properties;
-public class SSLConfigBuilder implements AssertionBuilder {
+public class SSLConfigBuilder implements AssertionBuilder<OMElement> {
public Assertion build(OMElement element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/CryptoConfig.java b/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/CryptoConfig.java
index f40694a..fe81fa8 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/CryptoConfig.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/CryptoConfig.java
@@ -47,6 +47,11 @@ public class CryptoConfig implements Assertion {
public final static String PROPERTY_NAME_ATTR = "name";
public final static String CRYPTO_KEY_ATTR = "cryptoKey";
public final static String CACHE_REFRESH_INTVL = "cacheRefreshInterval";
+ public static final String CACHE_ENABLED = "enableCryptoCaching";
+
+ private Properties prop;
+
+ private boolean cacheEnabled = true;
private String provider;
private String cryptoKey;
@@ -68,17 +73,18 @@ public class CryptoConfig implements Assertion {
this.cacheRefreshInterval = cacheRefreshInterval;
}
- private Properties prop;
-
public Properties getProp() {
return prop;
}
+
public void setProp(Properties prop) {
this.prop = prop;
}
+
public String getProvider() {
return provider;
}
+
public void setProvider(String provider) {
this.provider = provider;
}
@@ -91,12 +97,25 @@ public class CryptoConfig implements Assertion {
// TODO TODO
throw new UnsupportedOperationException("TODO");
}
+
+ public boolean isIgnorable() {
+ // TODO TODO
+ throw new UnsupportedOperationException("TODO");
+ }
public PolicyComponent normalize() {
// TODO TODO
throw new UnsupportedOperationException("TODO");
}
+ public boolean isCacheEnabled() {
+ return cacheEnabled;
+ }
+
+ public void setCacheEnabled(boolean cacheEnabled) {
+ this.cacheEnabled = cacheEnabled;
+ }
+
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
String prefix = writer.getPrefix(RampartConfig.NS);
@@ -119,7 +138,9 @@ public class CryptoConfig implements Assertion {
writer.writeAttribute(CACHE_REFRESH_INTVL, getCacheRefreshInterval());
}
-
+ if(!isCacheEnabled()){
+ writer.writeAttribute(CACHE_ENABLED, Boolean.toString(isCacheEnabled()));
+ }
String key;
String value;
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/OptimizePartsConfig.java b/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/OptimizePartsConfig.java
index d3d19b9..98ef8af 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/OptimizePartsConfig.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/OptimizePartsConfig.java
@@ -118,7 +118,9 @@ public class OptimizePartsConfig implements Assertion{
public boolean isOptional() {
throw new UnsupportedOperationException("Not relevant");
}
-
+ public boolean isIgnorable() {
+ throw new UnsupportedOperationException("Not relevant");
+ }
public boolean equal(PolicyComponent arg0) {
throw new UnsupportedOperationException("Not relevant");
}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/RampartConfig.java b/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/RampartConfig.java
index 45228b9..ca21fcb 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/RampartConfig.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/RampartConfig.java
@@ -267,6 +267,9 @@ public class RampartConfig implements Assertion {
// TODO TODO
throw new UnsupportedOperationException("TODO");
}
+ public boolean isIgnorable() {
+ throw new UnsupportedOperationException("TODO");
+ }
public PolicyComponent normalize() {
// TODO TODO
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/SSLConfig.java b/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/SSLConfig.java
index c293c5c..58e4a66 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/SSLConfig.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/SSLConfig.java
@@ -38,6 +38,9 @@ public class SSLConfig implements Assertion{
// TODO TODO
throw new UnsupportedOperationException("TODO");
}
+ public boolean isIgnorable() {
+ throw new UnsupportedOperationException("TODO");
+ }
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
String prefix = writer.getPrefix(RampartConfig.NS);
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAML1AssertionHandler.java b/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAML1AssertionHandler.java
new file mode 100644
index 0000000..1c3943d
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAML1AssertionHandler.java
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart.saml;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.rahas.RahasConstants;
+import org.apache.rahas.TrustException;
+import org.apache.rahas.impl.util.SAMLUtils;
+import org.apache.rampart.TokenCallbackHandler;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.saml.SAMLKeyInfo;
+import org.apache.ws.security.saml.SAMLUtil;
+import org.opensaml.saml1.core.Assertion;
+import org.opensaml.saml1.core.Conditions;
+
+/**
+ * This class handles SAML1 assertions.Processes SAML1 assertion and will extract SAML1 attributes
+ * such as assertion id, start date, end date etc ...
+ */
+public class SAML1AssertionHandler extends SAMLAssertionHandler{
+
+ private Assertion assertion;
+
+ public SAML1AssertionHandler(Assertion saml1Assertion) {
+ this.assertion = saml1Assertion;
+ this.processSAMLAssertion();
+ }
+
+ @Override
+ public boolean isBearerAssertion() {
+ return RahasConstants.SAML11_SUBJECT_CONFIRMATION_BEARER.equals(
+ SAMLUtils.getSAML11SubjectConfirmationMethod(assertion));
+ }
+
+ @Override
+ protected void processSAMLAssertion() {
+
+ this.setAssertionId(assertion.getID());
+
+ //Read the validity period from the 'Conditions' element, else read it from SC Data
+ if (assertion.getConditions() != null) {
+ Conditions conditions = assertion.getConditions();
+ if (conditions.getNotBefore() != null) {
+ this.setDateNotBefore(conditions.getNotBefore().toDate());
+ }
+ if (conditions.getNotOnOrAfter() != null) {
+ this.setDateNotOnOrAfter(conditions.getNotOnOrAfter().toDate());
+ }
+ }
+ }
+
+ @Override
+ public byte[] getAssertionKeyInfoSecret(Crypto signatureCrypto, TokenCallbackHandler tokenCallbackHandler)
+ throws WSSecurityException {
+
+ // TODO change this to use SAMLAssertion parameter once wss4j conversion is done ....
+ SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion.getDOM(),
+ signatureCrypto, tokenCallbackHandler);
+ return samlKi.getSecret();
+ }
+
+
+ @Override
+ public OMElement getAssertionElement() throws TrustException {
+ return (OMElement)this.assertion.getDOM();
+ }
+
+
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAML2AssertionHandler.java b/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAML2AssertionHandler.java
new file mode 100644
index 0000000..a7dcae7
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAML2AssertionHandler.java
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart.saml;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.RahasConstants;
+import org.apache.rahas.TrustException;
+import org.apache.rahas.impl.util.SAML2KeyInfo;
+import org.apache.rahas.impl.util.SAML2Utils;
+import org.apache.rampart.TokenCallbackHandler;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.Conditions;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.core.SubjectConfirmationData;
+
+
+/**
+ * This class handles SAML2 assertions.Processes SAML2 assertion and will extract SAML2 attributes
+ * such as assertion id, start date, end date etc ...
+ */
+public class SAML2AssertionHandler extends SAMLAssertionHandler{
+
+ private static final Log log = LogFactory.getLog(SAML2AssertionHandler.class);
+
+ private Assertion assertion;
+
+
+ public SAML2AssertionHandler(Assertion samlAssertion) {
+ this.assertion = samlAssertion;
+ this.processSAMLAssertion();
+ }
+
+ /**
+ * Checks whether SAML assertion is bearer - urn:oasis:names:tc:SAML:2.0:cm:bearer
+ *
+ * @return true if assertion is bearer else false.
+ */
+ public boolean isBearerAssertion() {
+
+ // if the subject confirmation method is Bearer, do not try to get the KeyInfo
+ return SAML2Utils.getSAML2SubjectConfirmationMethod(assertion).equals(
+ RahasConstants.SAML20_SUBJECT_CONFIRMATION_BEARER);
+ }
+
+ protected void processSAMLAssertion() {
+
+ this.setAssertionId(assertion.getID());
+
+ Subject subject = assertion.getSubject();
+
+ //Read the validity period from the 'Conditions' element, else read it from SC Data
+ if (assertion.getConditions() != null) {
+ Conditions conditions = assertion.getConditions();
+ if (conditions.getNotBefore() != null) {
+ this.setDateNotBefore(conditions.getNotBefore().toDate());
+ }
+ if (conditions.getNotOnOrAfter() != null) {
+ this.setDateNotOnOrAfter(conditions.getNotOnOrAfter().toDate());
+ }
+ } else {
+ SubjectConfirmationData scData = subject.getSubjectConfirmations()
+ .get(0).getSubjectConfirmationData();
+ if (scData.getNotBefore() != null) {
+ this.setDateNotBefore(scData.getNotBefore().toDate());
+ }
+ if (scData.getNotOnOrAfter() != null) {
+ this.setDateNotOnOrAfter(scData.getNotOnOrAfter().toDate());
+ }
+ }
+
+ }
+
+ public byte[] getAssertionKeyInfoSecret(Crypto signatureCrypto, TokenCallbackHandler tokenCallbackHandler)
+ throws WSSecurityException {
+ // TODO : SAML2KeyInfo element needs to be moved to WSS4J.
+ SAML2KeyInfo saml2KeyInfo = SAML2Utils.
+ getSAML2KeyInfo(assertion, signatureCrypto, tokenCallbackHandler);
+
+ return saml2KeyInfo.getSecret();
+ }
+
+ public OMElement getAssertionElement() throws TrustException{
+ try {
+ return (OMElement) SAML2Utils.getElementFromAssertion(assertion);
+ } catch (TrustException e) {
+ log.error("Error getting Axiom representation of SAML2 assertion.", e);
+ throw e;
+ }
+ }
+
+
+
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAMLAssertionHandler.java b/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAMLAssertionHandler.java
new file mode 100644
index 0000000..4c1f569
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAMLAssertionHandler.java
@@ -0,0 +1,92 @@
+/*
+ * Copyright (c) The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart.saml;
+
+
+import org.apache.axiom.om.OMElement;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.TrustException;
+import org.apache.rampart.TokenCallbackHandler;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+
+import java.util.Date;
+
+/**
+ * A class to handle attributes to common SAML1 and SAML2 assertions.
+ */
+public abstract class SAMLAssertionHandler {
+
+
+ private String assertionId;
+
+ private Date dateNotBefore;
+
+ private Date dateNotOnOrAfter;
+
+ public String getAssertionId() {
+ return assertionId;
+ }
+
+ protected void setAssertionId(String assertionId) {
+ this.assertionId = assertionId;
+ }
+
+ public Date getDateNotBefore() {
+ return dateNotBefore;
+ }
+
+ protected void setDateNotBefore(Date dateNotBefore) {
+ this.dateNotBefore = dateNotBefore;
+ }
+
+ public Date getDateNotOnOrAfter() {
+ return dateNotOnOrAfter;
+ }
+
+ protected void setDateNotOnOrAfter(Date dateNotOnOrAfter) {
+ this.dateNotOnOrAfter = dateNotOnOrAfter;
+ }
+
+ /**
+ * Checks whether SAML assertion is bearer - urn:oasis:names:tc:SAML:2.0:cm:bearer
+ *
+ * @return true if assertion is bearer else false.
+ */
+ public abstract boolean isBearerAssertion();
+
+ protected abstract void processSAMLAssertion();
+
+
+ /**
+ * Gets the secret in assertion.
+ * @param signatureCrypto Signature crypto info, private,public keys.
+ * @param tokenCallbackHandler The token callback class. TODO Why ?
+ * @return Secret as a byte array
+ * @throws WSSecurityException If an error occurred while validating the signature.
+ */
+ public abstract byte[] getAssertionKeyInfoSecret(Crypto signatureCrypto, TokenCallbackHandler tokenCallbackHandler)
+ throws WSSecurityException;
+
+ /**
+ * Gets the assertion element as an Axiom OMElement.
+ * @return OMElement representation of assertion.
+ * @throws TrustException if an error occurred while converting Assertion to an OMElement.
+ */
+ public abstract OMElement getAssertionElement() throws TrustException;
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAMLAssertionHandlerFactory.java b/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAMLAssertionHandlerFactory.java
new file mode 100644
index 0000000..d771f03
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/saml/SAMLAssertionHandlerFactory.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart.saml;
+
+/**
+ * Creates SAML assertion handlers based on assertion type.
+ */
+public class SAMLAssertionHandlerFactory {
+
+ public static SAMLAssertionHandler createAssertionHandler(Object samlAssertion) {
+
+ if (samlAssertion instanceof org.opensaml.saml2.core.Assertion) {
+ SAMLAssertionHandler saml2AssertionHandler
+ = new SAML2AssertionHandler((org.opensaml.saml2.core.Assertion) samlAssertion);
+
+ return saml2AssertionHandler;
+ } else {
+ SAML1AssertionHandler saml1AssertionHandler
+ = new SAML1AssertionHandler((org.opensaml.saml1.core.Assertion) samlAssertion);
+ return saml1AssertionHandler;
+ }
+ }
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java b/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
index 0db238a..df8313d 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
@@ -16,32 +16,33 @@
package org.apache.rampart.util;
+import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMAttribute;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
+import org.apache.axiom.om.OMMetaFactory;
import org.apache.axiom.om.OMNamespace;
import org.apache.axiom.om.OMNode;
+import org.apache.axiom.om.OMXMLBuilderFactory;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
-import org.apache.axiom.om.impl.dom.DOOMAbstractFactory;
import org.apache.axiom.soap.SOAP11Constants;
import org.apache.axiom.soap.SOAP12Constants;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPFactory;
import org.apache.axiom.soap.SOAPHeader;
import org.apache.axiom.soap.SOAPHeaderBlock;
+import org.apache.axiom.soap.SOAPModelBuilder;
import org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder;
-import org.apache.axiom.soap.impl.dom.SOAPHeaderBlockImpl;
-import org.apache.axiom.soap.impl.dom.factory.DOMSOAPFactory;
import org.apache.rampart.handler.WSSHandlerConstants;
import org.apache.ws.security.WSSecurityException;
import org.apache.xml.security.utils.XMLUtils;
+import org.w3c.dom.DOMConfiguration;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.stream.FactoryConfigurationError;
-import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLStreamReader;
import java.io.ByteArrayInputStream;
@@ -89,7 +90,35 @@ public class Axis2Util {
throws WSSecurityException {
try {
if(env instanceof Element) {
- return ((Element)env).getOwnerDocument();
+ Element element = (Element)env;
+ Document document = element.getOwnerDocument();
+ // For outgoing messages, Axis2 only creates the SOAPEnvelope, but no document. If
+ // the Axiom implementation also supports DOM, then the envelope (seen as a DOM
+ // element) will have an owner document, but the document and the envelope have no
+ // parent-child relationship. On the other hand, the input expected by WSS4J is
+ // a document with the envelope as document element. Therefore we need to set the
+ // envelope as document element on the owner document.
+ if (element.getParentNode() != document) {
+ document.appendChild(element);
+ }
+ // If the Axiom implementation supports DOM, then it is possible/likely that the
+ // DOM API was used to create the object model (or parts of it). In this case, the
+ // object model is not necessarily well formed with respect to namespaces because
+ // DOM doesn't generate namespace declarations automatically. This is an issue
+ // because WSS4J/Santuario expects that all namespace declarations are present.
+ // If this is not the case, then signature values or encryptions will be incorrect.
+ // To avoid this, we normalize the document. Note that if we disable the other
+ // normalizations supported by DOM, this is generally not a heavy operation.
+ // In particular, the Axiom implementation is not required to expand the object
+ // model (including OMSourcedElements) because the Axiom builder is required to
+ // perform namespace repairing, so that no modifications to unexpanded parts of
+ // the message are required.
+ DOMConfiguration domConfig = document.getDomConfig();
+ domConfig.setParameter("split-cdata-sections", Boolean.FALSE);
+ domConfig.setParameter("well-formed", Boolean.FALSE);
+ domConfig.setParameter("namespaces", Boolean.TRUE);
+ document.normalizeDocument();
+ return document;
}
if (useDoom) {
@@ -117,21 +146,22 @@ public class Axis2Util {
// Check the namespace and find SOAP version and factory
String nsURI = null;
+ OMMetaFactory metaFactory = OMAbstractFactory.getMetaFactory(OMAbstractFactory.FEATURE_DOM);
SOAPFactory factory;
if (env.getNamespace().getNamespaceURI().equals(
SOAP11Constants.SOAP_ENVELOPE_NAMESPACE_URI)) {
nsURI = SOAP11Constants.SOAP_ENVELOPE_NAMESPACE_URI;
- factory = DOOMAbstractFactory.getSOAP11Factory();
+ factory = metaFactory.getSOAP11Factory();
} else {
nsURI = SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI;
- factory = DOOMAbstractFactory.getSOAP12Factory();
+ factory = metaFactory.getSOAP12Factory();
}
StAXSOAPModelBuilder stAXSOAPModelBuilder = new StAXSOAPModelBuilder(
env.getXMLStreamReader(), factory, nsURI);
SOAPEnvelope envelope = (stAXSOAPModelBuilder)
.getSOAPEnvelope();
- ((OMNode) envelope.getParent()).build();
+ envelope.getParent().build();
//Set the processed flag of the processed headers
SOAPHeader header = envelope.getHeader();
@@ -173,6 +203,18 @@ public class Axis2Util {
public static SOAPEnvelope getSOAPEnvelopeFromDOMDocument(Document doc, boolean useDoom)
throws WSSecurityException {
+ Element documentElement = doc.getDocumentElement();
+ if (documentElement instanceof SOAPEnvelope) {
+ SOAPEnvelope env = (SOAPEnvelope)documentElement;
+ // If the DOM tree already implements the Axiom API and the corresponding
+ // Axiom implementation is also used as default implementation, then just return
+ // the SOAPEnvelope directly. Note that this will never be the case for DOOM,
+ // but may be the case for a non standard Axiom implementation.
+ if (env.getOMFactory().getMetaFactory() == OMAbstractFactory.getMetaFactory()) {
+ return env;
+ }
+ }
+
if(useDoom) {
try {
//Get processed headers
@@ -210,7 +252,7 @@ public class Axis2Util {
Iterator children = element.getChildren();
while (children.hasNext()) {
OMNode child = (OMNode)children.next();
- child.detach();
+ children.remove();
header.addChild(child);
}
@@ -230,8 +272,8 @@ public class Axis2Util {
}
XMLStreamReader reader = ((OMElement) doc.getDocumentElement())
.getXMLStreamReader();
- StAXSOAPModelBuilder stAXSOAPModelBuilder = new StAXSOAPModelBuilder(
- reader, null);
+ SOAPModelBuilder stAXSOAPModelBuilder = OMXMLBuilderFactory.createStAXSOAPModelBuilder(
+ reader);
SOAPEnvelope envelope = stAXSOAPModelBuilder.getSOAPEnvelope();
//Set the processed flag of the processed headers
@@ -258,7 +300,7 @@ public class Axis2Util {
XMLUtils.outputDOM(doc.getDocumentElement(), os, true);
ByteArrayInputStream bais = new ByteArrayInputStream(os.toByteArray());
- StAXSOAPModelBuilder stAXSOAPModelBuilder = new StAXSOAPModelBuilder(XMLInputFactory.newInstance().createXMLStreamReader(bais), null);
+ SOAPModelBuilder stAXSOAPModelBuilder = OMXMLBuilderFactory.createSOAPModelBuilder(bais, null);
return stAXSOAPModelBuilder.getSOAPEnvelope();
} catch (Exception e) {
throw new WSSecurityException(e.getMessage());
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java b/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
index 6ce74fe..bff27cf 100644
--- a/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
@@ -49,6 +49,7 @@ import org.apache.rahas.client.STSClient;
import org.apache.rampart.PolicyBasedResultsValidator;
import org.apache.rampart.PolicyValidatorCallbackHandler;
import org.apache.rampart.RampartConfigCallbackHandler;
+import org.apache.rampart.RampartConstants;
import org.apache.rampart.RampartException;
import org.apache.rampart.RampartMessageData;
import org.apache.rampart.policy.RampartPolicyData;
@@ -90,13 +91,14 @@ import javax.servlet.http.HttpServletRequest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.*;
+import java.util.concurrent.ConcurrentHashMap;
public class RampartUtil {
private static final String CRYPTO_PROVIDER = "org.apache.ws.security.crypto.provider";
private static Log log = LogFactory.getLog(RampartUtil.class);
- private static Map cryptoStore = new Hashtable();
+ private static Map<String, CachedCrypto> cryptoStore = new ConcurrentHashMap<String, CachedCrypto>();
private static class CachedCrypto {
private Crypto crypto;
@@ -130,9 +132,11 @@ public class RampartUtil {
String cbHandlerClass = rpd.getRampartConfig().getPwCbClass();
ClassLoader classLoader = msgContext.getAxisService().getClassLoader();
-
- log.debug("loading class : " + cbHandlerClass);
-
+
+ if (log.isDebugEnabled()) {
+ log.debug("loading class : " + cbHandlerClass);
+ }
+
Class cbClass;
try {
cbClass = Loader.loadClass(classLoader, cbHandlerClass);
@@ -177,9 +181,11 @@ public class RampartUtil {
String cbHandlerClass = rpd.getRampartConfig().getPolicyValidatorCbClass();
ClassLoader classLoader = msgContext.getAxisService().getClassLoader();
-
- log.debug("loading class : " + cbHandlerClass);
-
+
+ if (log.isDebugEnabled()) {
+ log.debug("loading class : " + cbHandlerClass);
+ }
+
Class cbClass;
try {
cbClass = Loader.loadClass(classLoader, cbHandlerClass);
@@ -210,9 +216,11 @@ public class RampartUtil {
String cbHandlerClass = rpd.getRampartConfig().getRampartConfigCbClass();
ClassLoader classLoader = msgContext.getAxisService().getClassLoader();
-
- log.debug("loading class : " + cbHandlerClass);
-
+
+ if (log.isDebugEnabled()) {
+ log.debug("loading class : " + cbHandlerClass);
+ }
+
Class cbClass;
try {
cbClass = Loader.loadClass(classLoader, cbHandlerClass);
@@ -289,76 +297,51 @@ public class RampartUtil {
*/
public static Crypto getEncryptionCrypto(RampartConfig config, ClassLoader loader)
throws RampartException {
+
log.debug("Loading encryption crypto");
-
+
+ Crypto crypto = null;
+
if (config != null && config.getEncrCryptoConfig() != null) {
- CryptoConfig cryptoConfig = config.getEncrCryptoConfig();
- String provider = cryptoConfig.getProvider();
- log.debug("Usig provider: " + provider);
- Properties prop = cryptoConfig.getProp();
- prop.put(CRYPTO_PROVIDER, provider);
-
- String cryptoKey = null;
- String interval = null;
- if (cryptoConfig.getCryptoKey() != null) {
- cryptoKey = prop.getProperty(cryptoConfig.getCryptoKey());
- interval = cryptoConfig.getCacheRefreshInterval();
- }
-
- Crypto crypto = null;
-
- if (cryptoKey != null) {
- // cache enabled
- crypto = retrieveCrytpoFromCache(cryptoKey.trim() + "#" + provider.trim(), interval);
- }
-
- if (crypto == null) {
- // cache miss
- crypto = CryptoFactory.getInstance(prop, loader);
- if (cryptoKey != null) {
- // cache enabled - let's cache
- cacheCrypto(cryptoKey.trim() + "#" + provider.trim(), crypto);
- }
- }
- return crypto;
-
- } else {
- log.debug("Trying the signature crypto info");
-
- // Try using signature crypto information
- if (config != null && config.getSigCryptoConfig() != null) {
- CryptoConfig cryptoConfig = config.getSigCryptoConfig();
- String provider = cryptoConfig.getProvider();
- log.debug("Usig provider: " + provider);
- Properties prop = cryptoConfig.getProp();
- prop.put(CRYPTO_PROVIDER, provider);
- String cryptoKey = null;
- String interval = null;
- if (cryptoConfig.getCryptoKey() != null) {
- cryptoKey = prop.getProperty(cryptoConfig.getCryptoKey());
- interval = cryptoConfig.getCacheRefreshInterval();
- }
-
- Crypto crypto = null;
- if (cryptoKey != null) {
- // cache enabled
- crypto = retrieveCrytpoFromCache(cryptoKey.trim() + "#" + provider.trim(),
- interval);
- }
-
- if (crypto == null) {
- // cache miss
- crypto = CryptoFactory.getInstance(prop, loader);
- if (cryptoKey != null) {
- // cache enabled - let's cache
- cacheCrypto(cryptoKey.trim() + "#" + provider.trim(), crypto);
- }
- }
- return crypto;
- } else {
- return null;
- }
- }
+ CryptoConfig cryptoConfig = config.getEncrCryptoConfig();
+ String provider = cryptoConfig.getProvider();
+ if (log.isDebugEnabled()) {
+ log.debug("Using provider: " + provider);
+ }
+ Properties prop = cryptoConfig.getProp();
+ prop.put(CRYPTO_PROVIDER, provider);
+
+ String cryptoKey = null;
+ String interval = null;
+ if (cryptoConfig.isCacheEnabled()) {
+ if (cryptoConfig.getCryptoKey() != null) {
+ cryptoKey = prop.getProperty(cryptoConfig.getCryptoKey());
+ interval = cryptoConfig.getCacheRefreshInterval();
+ }
+ else if(provider.equals(RampartConstants.MERLIN_CRYPTO_IMPL)){
+ cryptoKey = cryptoConfig.getProp().getProperty(RampartConstants.MERLIN_CRYPTO_IMPL_CACHE_KEY);
+ }
+ }
+
+
+ if (cryptoKey != null) {
+ // Crypto caching is enabled
+ crypto = retrieveCryptoFromCache(cryptoKey.trim() + "#" + provider.trim(), interval);
+ }
+
+ if (crypto == null) {
+ // cache miss
+ crypto = CryptoFactory.getInstance(prop, loader);
+ if (cryptoKey != null) {
+ // Crypto caching is enabled - cache the Crypto object
+ cacheCrypto(cryptoKey.trim() + "#" + provider.trim(), crypto);
+ }
+ }
+ } else {
+ log.debug("Trying the signature crypto info");
+ crypto = getSignatureCrypto(config, loader);
+ }
+ return crypto;
}
/**
@@ -371,42 +354,47 @@ public class RampartUtil {
*/
public static Crypto getSignatureCrypto(RampartConfig config, ClassLoader loader)
throws RampartException {
+
log.debug("Loading Signature crypto");
-
- if (config != null && config.getSigCryptoConfig() != null) {
- CryptoConfig cryptoConfig = config.getSigCryptoConfig();
- String provider = cryptoConfig.getProvider();
- log.debug("Usig provider: " + provider);
- Properties prop = cryptoConfig.getProp();
- prop.put(CRYPTO_PROVIDER, provider);
- String cryptoKey = null;
- String interval = null;
- if (cryptoConfig.getCryptoKey() != null) {
- cryptoKey = prop.getProperty(cryptoConfig.getCryptoKey());
- interval = cryptoConfig.getCacheRefreshInterval();
- }
-
- Crypto crypto = null;
-
- if (cryptoKey != null) {
- // cache enabled
- crypto = retrieveCrytpoFromCache(cryptoKey.trim() + "#" + provider.trim(), interval);
- }
-
- if (crypto == null) {
- // cache miss
- crypto = CryptoFactory.getInstance(prop, loader);
- if (cryptoKey != null) {
- // cache enabled - let's cache
- cacheCrypto(cryptoKey.trim() + "#" + provider.trim(), crypto);
- }
- }
-
- return crypto;
-
- } else {
- return null;
- }
+
+ Crypto crypto = null;
+
+ if (config != null && config.getSigCryptoConfig() != null) {
+ CryptoConfig cryptoConfig = config.getSigCryptoConfig();
+ String provider = cryptoConfig.getProvider();
+ if (log.isDebugEnabled()) {
+ log.debug("Using provider: " + provider);
+ }
+ Properties prop = cryptoConfig.getProp();
+ prop.put(CRYPTO_PROVIDER, provider);
+ String cryptoKey = null;
+ String interval = null;
+
+ if (cryptoConfig.isCacheEnabled()) {
+ if (cryptoConfig.getCryptoKey() != null) {
+ cryptoKey = prop.getProperty(cryptoConfig.getCryptoKey());
+ interval = cryptoConfig.getCacheRefreshInterval();
+ }
+ else if(provider.equals(RampartConstants.MERLIN_CRYPTO_IMPL)){
+ cryptoKey = cryptoConfig.getProp().getProperty(RampartConstants.MERLIN_CRYPTO_IMPL_CACHE_KEY);
+ }
+ }
+
+ if (cryptoKey != null) {
+ // cache enabled
+ crypto = retrieveCryptoFromCache(cryptoKey.trim() + "#" + provider.trim(), interval);
+ }
+
+ if (crypto == null) {
+ // cache miss
+ crypto = CryptoFactory.getInstance(prop, loader);
+ if (cryptoKey != null) {
+ // cache enabled - let's cache
+ cacheCrypto(cryptoKey.trim() + "#" + provider.trim(), crypto);
+ }
+ }
+ }
+ return crypto;
}
@@ -630,7 +618,7 @@ public class RampartUtil {
if(bsPol != null) {
log.debug("BootstrapPolicy found");
- bsPol.addAssertion(rmd.getPolicyData().getRampartConfig());
+ bsPol.addAssertion(rmd.getPolicyData().getRampartConfig());
//copy the <wsoma:OptimizedMimeSerialization/> to BootstrapPolicy
if (rmd.getPolicyData().getMTOMAssertion() != null) {
bsPol.addAssertion(rmd.getPolicyData().getMTOMAssertion());
@@ -644,8 +632,10 @@ public class RampartUtil {
String id = getToken(rmd, rstTemplate,
issuerEprAddress, action, stsPolicy);
-
- log.debug("SecureConversationToken obtained: id=" + id);
+
+ if (log.isDebugEnabled()) {
+ log.debug("SecureConversationToken obtained: id=" + id);
+ }
return id;
}
@@ -685,7 +675,9 @@ public class RampartUtil {
String id = getToken(rmd, rstTemplate, issuerEprAddress, action,
stsPolicy);
- log.debug("Issued token obtained: id=" + id);
+ if (log.isDebugEnabled()) {
+ log.debug("Issued token obtained: id=" + id);
+ }
return id;
} catch (TrustException e) {
throw new RampartException("errorInObtainingToken", e);
@@ -816,6 +808,25 @@ public class RampartUtil {
return id;
}
+ /**
+ * Change the owner document of the given node. The method first attempts to move the node using
+ * {@link Document#adoptNode(Node)}. If that fails, it will import the node into the target
+ * document using {@link Document#importNode(Node, boolean)}.
+ *
+ * @param targetDocument
+ * the target document
+ * @param node
+ * the node to adopt or import
+ * @return the adopted or imported node
+ */
+ public static Node adoptNode(Document targetDocument, Node node) {
+ Node result = targetDocument.adoptNode(node);
+ if (result == null) {
+ result = targetDocument.importNode(node, true);
+ }
+ return result;
+ }
+
public static Element appendChildToSecHeader(RampartMessageData rmd,
OMElement elem) {
return appendChildToSecHeader(rmd, (Element)elem);
@@ -824,8 +835,7 @@ public class RampartUtil {
public static Element appendChildToSecHeader(RampartMessageData rmd,
Element elem) {
Element secHeaderElem = rmd.getSecHeader().getSecurityHeader();
- Node node = secHeaderElem.getOwnerDocument().importNode(
- elem, true);
+ Node node = adoptNode(secHeaderElem.getOwnerDocument(), elem);
return (Element)secHeaderElem.appendChild(node);
}
@@ -1730,35 +1740,27 @@ public class RampartUtil {
}
}
- private static Crypto retrieveCrytpoFromCache(String cryptoKey, String refreshInterval) {
+ private static Crypto retrieveCryptoFromCache(String cryptoKey, String refreshInterval) {
// cache hit
if (cryptoStore.containsKey(cryptoKey)) {
- CachedCrypto cachedCrypto = (CachedCrypto) cryptoStore.get(cryptoKey);
+ CachedCrypto cachedCrypto = cryptoStore.get(cryptoKey);
if (refreshInterval != null) {
if (cachedCrypto.creationTime + new Long(refreshInterval).longValue() > Calendar
.getInstance().getTimeInMillis()) {
- if (log.isDebugEnabled()) {
- log.info("Cache Hit : Crypto Object was found in cache.");
- }
+ log.debug("Cache Hit : Crypto Object was found in cache.");
return cachedCrypto.crypto;
} else {
- if (log.isDebugEnabled()) {
- log.info("Cache Miss : Crypto Object found in cache is expired.");
- }
+ log.debug("Cache Miss : Crypto Object found in cache is expired.");
return null;
}
} else {
- if (log.isDebugEnabled()) {
- log.info("Cache Hit : Crypto Object was found in cache.");
- }
+ log.debug("Cache Hit : Crypto Object was found in cache.");
return cachedCrypto.crypto;
}
}
// cache miss
else {
- if (log.isDebugEnabled()) {
- log.info("Cache Miss : Crypto Object was not found in cache.");
- }
+ log.debug("Cache Miss : Crypto Object was not found in cache.");
return null;
}
}
@@ -1766,9 +1768,7 @@ public class RampartUtil {
private static void cacheCrypto(String cryptoKey, Crypto crypto) {
cryptoStore.put(cryptoKey, new CachedCrypto(crypto, Calendar.getInstance()
.getTimeInMillis()));
- if (log.isDebugEnabled()) {
- log.info("Crypto object is inserted into the Cache.");
- }
+ log.debug("Crypto object is inserted into the Cache.");
}
diff --git a/modules/rampart-integration/pom.xml b/modules/rampart-integration/pom.xml
index 2978090..4a0af24 100644
--- a/modules/rampart-integration/pom.xml
+++ b/modules/rampart-integration/pom.xml
@@ -1,18 +1,37 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-project</artifactId>
- <version>SNAPSHOT</version>
+ <version>1.7.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>rampart-integration</artifactId>
<packaging>jar</packaging>
- <version>SNAPSHOT</version>
<name>Rampart - Integration</name>
<build>
@@ -32,7 +51,7 @@
<artifactItem>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart</artifactId>
- <version>${rampart.mar.version}</version>
+ <version>${project.version}</version>
<type>mar</type>
<overWrite>true</overWrite>
<outputDirectory>target/artifacts</outputDirectory>
@@ -40,7 +59,7 @@
<artifactItem>
<groupId>org.apache.rampart</groupId>
<artifactId>rahas</artifactId>
- <version>${rahas.mar.version}</version>
+ <version>${project.version}</version>
<type>mar</type>
<overWrite>true</overWrite>
<outputDirectory>target/artifacts</outputDirectory>
@@ -56,6 +75,18 @@
</artifactItems>
</configuration>
</execution>
+ <execution>
+ <id>copy-endorsed</id>
+ <phase>process-resources</phase>
+ <goals>
+ <goal>copy-dependencies</goal>
+ </goals>
+ <configuration>
+ <includeGroupIds>org.apache.xerces,org.apache.xalan</includeGroupIds>
+ <outputDirectory>${project.build.directory}/endorsed</outputDirectory>
+ <stripVersion>true</stripVersion>
+ </configuration>
+ </execution>
</executions>
</plugin>
<plugin>
@@ -80,35 +111,29 @@
<configuration>
<tasks>
<java classname="org.apache.axis2.wsdl.WSDL2Java" fork="true">
- <arg line="-uri src/main/resources/ping/ping.wsdl -ss -o target/generated-code -p org.apache.axis2.oasis.ping -d xmlbeans -g"/>
- <classpath refid="maven.dependency.classpath"/>
- <classpath refid="maven.compile.classpath"/>
- <classpath refid="maven.runtime.classpath"/>
+ <arg line="-uri src/main/resources/ping/ping.wsdl -ss -o target/generated-code -p org.apache.axis2.oasis.ping -d xmlbeans -g" />
+ <classpath refid="maven.dependency.classpath" />
+ <classpath refid="maven.compile.classpath" />
+ <classpath refid="maven.runtime.classpath" />
</java>
<!-- copy the service impl -->
- <copy file="src/main/resources/ping/src/org/apache/axis2/oasis/ping/PingPortSkeleton.java"
- tofile="target/generated-code/src/org/apache/axis2/oasis/ping/PingPortSkeleton.java"
- overwrite="yes"/>
+ <copy file="src/main/resources/ping/src/org/apache/axis2/oasis/ping/PingPortSkeleton.java" tofile="target/generated-code/src/org/apache/axis2/oasis/ping/PingPortSkeleton.java" overwrite="yes" />
<!-- Password callback class for the interop service -->
- <copy file="src/main/resources/ping/src/org/apache/axis2/security/PWCallback.java"
- tofile="target/generated-code/src/org/apache/axis2/security/PWCallback.java"
- overwrite="yes"/>
+ <copy file="src/main/resources/ping/src/org/apache/axis2/security/PWCallback.java" tofile="target/generated-code/src/org/apache/axis2/security/PWCallback.java" overwrite="yes" />
<!-- Interop client -->
- <copy file="src/main/resources/ping/src/org/apache/axis2/security/InteropScenarioClient.java"
- tofile="target/generated-code/src/org/apache/axis2/security/InteropScenarioClient.java"
- overwrite="yes"/>
+ <copy file="src/main/resources/ping/src/org/apache/axis2/security/InteropScenarioClient.java" tofile="target/generated-code/src/org/apache/axis2/security/InteropScenarioClient.java" overwrite="yes" />
<copy todir="target/test-classes">
<fileset dir="target/generated-code/resources">
- <include name="**/*"/>
+ <include name="**/*" />
</fileset>
</copy>
<javac srcdir="target/generated-code" destdir="target/classes" fork="true">
- <classpath refid="maven.dependency.classpath"/>
- <classpath refid="maven.compile.classpath"/>
- <classpath refid="maven.runtime.classpath"/>
+ <classpath refid="maven.dependency.classpath" />
+ <classpath refid="maven.compile.classpath" />
+ <classpath refid="maven.runtime.classpath" />
</javac>
</tasks>
@@ -119,606 +144,413 @@
<phase>process-test-resources</phase>
<configuration>
<tasks>
- <property name="addressing.mar" value="addressing-${axis2.version}.mar"/>
- <copy file="target/artifacts/addressing-${axis2.version}.mar"
- tofile="target/test-classes/modules/addressing-${axis2.version}.mar"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-classes/modules/rampart-${rampart.mar.version}.mar"/>
-
- <mkdir dir="target/temp-ramp"/>
- <mkdir dir="target/temp-ramp/META-INF"/>
-
- <copy overwrite="yes"
- file="target/classes/org/apache/rampart/Service.class"
- tofile="target/temp-ramp/org/apache/rampart/Service.class"/>
- <copy overwrite="yes"
- file="target/classes/org/apache/rampart/PWCallback.class"
- tofile="target/temp-ramp/org/apache/rampart/PWCallback.class"/>
- <copy overwrite="yes" file="src/test/resources/rampart/store.jks"
- tofile="target/temp-ramp/store.jks"/>
+ <property name="addressing.mar" value="addressing-${axis2.version}.mar" />
+ <copy file="target/artifacts/addressing-${axis2.version}.mar" tofile="target/test-classes/modules/addressing-${axis2.version}.mar" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-classes/modules/rampart-${project.version}.mar" />
+
+ <mkdir dir="target/temp-ramp" />
+ <mkdir dir="target/temp-ramp/META-INF" />
+
+ <copy overwrite="yes" file="target/classes/org/apache/rampart/Service.class" tofile="target/temp-ramp/org/apache/rampart/Service.class" />
+ <copy overwrite="yes" file="target/classes/org/apache/rampart/PWCallback.class" tofile="target/temp-ramp/org/apache/rampart/PWCallback.class" />
+ <copy overwrite="yes" file="src/test/resources/rampart/store.jks" tofile="target/temp-ramp/store.jks" />
<!--path id="ramp.client.props" location="test-resources/rampart"/-->
<!--maven:addPath id="maven.dependency.classpath" refid="ramp.client.props" -->
- <mkdir dir="target/test-resources/rampart_client_repo"/>
- <mkdir dir="target/test-resources/rampart_client_repo/conf"/>
- <mkdir dir="target/test-resources/rampart_client_repo/modules"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/rampart_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="target/artifacts/rahas-${rahas.mar.version}.mar"
- tofile="target/test-resources/rampart_client_repo/modules/rahas-${rahas.mar.version}.mar"/>
- <copy file="target/artifacts/addressing-${axis2.version}.mar"
- tofile="target/test-resources/rampart_client_repo/modules/addressing-${axis2.version}.mar"/>
- <mkdir dir="target/test-resources/rampart_service_repo"/>
- <mkdir dir="target/test-resources/rampart_service_repo/conf"/>
- <mkdir dir="target/test-resources/rampart_service_repo/services"/>
- <mkdir dir="target/test-resources/rampart_service_repo/modules"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/rampart_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="target/artifacts/rahas-${rahas.mar.version}.mar"
- tofile="target/test-resources/rampart_service_repo/modules/rahas-${rahas.mar.version}.mar"/>
- <copy file="target/artifacts/addressing-${axis2.version}.mar"
- tofile="target/test-resources/rampart_service_repo/modules/addressing-${axis2.version}.mar"/>
+ <mkdir dir="target/test-resources/rampart_client_repo" />
+ <mkdir dir="target/test-resources/rampart_client_repo/conf" />
+ <mkdir dir="target/test-resources/rampart_client_repo/modules" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/rampart_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="target/artifacts/rahas-${project.version}.mar" tofile="target/test-resources/rampart_client_repo/modules/rahas-${project.version}.mar" />
+ <copy file="target/artifacts/addressing-${axis2.version}.mar" tofile="target/test-resources/rampart_client_repo/modules/addressing-${axis2.version}.mar" />
+ <mkdir dir="target/test-resources/rampart_service_repo" />
+ <mkdir dir="target/test-resources/rampart_service_repo/conf" />
+ <mkdir dir="target/test-resources/rampart_service_repo/services" />
+ <mkdir dir="target/test-resources/rampart_service_repo/modules" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/rampart_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="target/artifacts/rahas-${project.version}.mar" tofile="target/test-resources/rampart_service_repo/modules/rahas-${project.version}.mar" />
+ <copy file="target/artifacts/addressing-${axis2.version}.mar" tofile="target/test-resources/rampart_service_repo/modules/addressing-${axis2.version}.mar" />
<!-- Service 1 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-1.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService1.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-1.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService1.aar" basedir="target/temp-ramp" />
<!-- Service 2 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-2.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService2.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-2.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService2.aar" basedir="target/temp-ramp" />
<!-- Service 3 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-3.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService3.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-3.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService3.aar" basedir="target/temp-ramp" />
<!-- Service 4 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-4.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService4.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-4.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService4.aar" basedir="target/temp-ramp" />
<!-- Service 5 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-5.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService5.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-5.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService5.aar" basedir="target/temp-ramp" />
<!-- Service 6 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-6.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService6.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-6.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService6.aar" basedir="target/temp-ramp" />
<!-- Service 7 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-7.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService7.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-7.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService7.aar" basedir="target/temp-ramp" />
<!-- Service 8 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-8.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService8.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-8.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService8.aar" basedir="target/temp-ramp" />
<!-- Service 9 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-9.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService9.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-9.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService9.aar" basedir="target/temp-ramp" />
<!-- Service 10 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-10.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService10.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-10.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService10.aar" basedir="target/temp-ramp" />
<!-- Service 11 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-11.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService11.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-11.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService11.aar" basedir="target/temp-ramp" />
<!-- Service 12 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-12.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService12.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-12.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService12.aar" basedir="target/temp-ramp" />
<!-- Service 13 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-13.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService13.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-13.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService13.aar" basedir="target/temp-ramp" />
<!-- Service 14 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-14.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService14.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-14.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService14.aar" basedir="target/temp-ramp" />
<!-- Service 15 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-15.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService15.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-15.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService15.aar" basedir="target/temp-ramp" />
<!-- Service 16 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-16.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService16.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-16.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService16.aar" basedir="target/temp-ramp" />
<!-- Service 17 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-17.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService17.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-17.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService17.aar" basedir="target/temp-ramp" />
<!-- Service 18 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-18.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService18.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-18.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService18.aar" basedir="target/temp-ramp" />
<!-- Service 19 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-19.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService19.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-19.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService19.aar" basedir="target/temp-ramp" />
<!-- Service 20 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-20.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService20.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-20.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService20.aar" basedir="target/temp-ramp" />
<!-- Service 21 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-21.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService21.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-21.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService21.aar" basedir="target/temp-ramp" />
<!-- Service 22 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-22.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService22.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-22.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService22.aar" basedir="target/temp-ramp" />
<!-- Service 23 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-23.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService23.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-23.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService23.aar" basedir="target/temp-ramp" />
<!-- Service 24 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-24.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService24.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-24.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService24.aar" basedir="target/temp-ramp" />
<!-- Service 25 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-25.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService25.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-25.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService25.aar" basedir="target/temp-ramp" />
<!-- Service 26 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-26.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService26.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-26.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService26.aar" basedir="target/temp-ramp" />
<!-- Service 27 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-27.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService27.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-27.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService27.aar" basedir="target/temp-ramp" />
<!-- Service 28 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-28.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService28.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-28.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService28.aar" basedir="target/temp-ramp" />
<!-- Service 29 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-29.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService29.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-29.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService29.aar" basedir="target/temp-ramp" />
<!-- Service 30 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-30.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService30.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-30.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService30.aar" basedir="target/temp-ramp" />
+
+ <!-- Service 31 -->
+ <copy overwrite="yes" file="src/test/resources/rampart/services-31.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService31.aar" basedir="target/temp-ramp" />
+
+ <!-- Service 32 -->
+ <copy overwrite="yes" file="src/test/resources/rampart/services-32.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService32.aar" basedir="target/temp-ramp" />
+
+ <!-- Service 33 -->
+ <copy overwrite="yes" file="src/test/resources/rampart/services-33.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService33.aar" basedir="target/temp-ramp" />
+
+ <!-- Service 34 -->
+ <copy overwrite="yes" file="src/test/resources/rampart/services-34.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureService34.aar" basedir="target/temp-ramp" />
<!-- Service SC-1 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/issuer.properties"
- tofile="target/temp-ramp/issuer.properties"/>
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-sc-1.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC1.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/issuer.properties" tofile="target/temp-ramp/issuer.properties" />
+ <copy overwrite="yes" file="src/test/resources/rampart/services-sc-1.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC1.aar" basedir="target/temp-ramp" />
<!-- Service SC-2 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/issuer.properties"
- tofile="target/temp-ramp/issuer.properties"/>
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-sc-2.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC2.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/issuer.properties" tofile="target/temp-ramp/issuer.properties" />
+ <copy overwrite="yes" file="src/test/resources/rampart/services-sc-2.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC2.aar" basedir="target/temp-ramp" />
<!-- Service SC-3 -->
- <copy overwrite="yes"
- file="src/test/resources/rampart/issuer.properties"
- tofile="target/temp-ramp/issuer.properties"/>
- <copy overwrite="yes"
- file="src/test/resources/rampart/services-sc-3.xml"
- tofile="target/temp-ramp/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC3.aar"
- basedir="target/temp-ramp"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/issuer.properties" tofile="target/temp-ramp/issuer.properties" />
+ <copy overwrite="yes" file="src/test/resources/rampart/services-sc-3.xml" tofile="target/temp-ramp/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC3.aar" basedir="target/temp-ramp" />
+
+ <!-- Service SC-4 This is with standard secure conversation specification -->
+ <copy overwrite="yes" file="src/test/resources/rampart/issuer.properties" tofile="target/temp-ramp/issuer.properties"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-sc-4.xml" tofile="target/temp-ramp/META-INF/services.xml"/>
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC4.aar" basedir="target/temp-ramp"/>
+
+ <!-- Service SC-5 This is with standard secure conversation specification -->
+ <copy overwrite="yes" file="src/test/resources/rampart/issuer.properties" tofile="target/temp-ramp/issuer.properties"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-sc-5.xml" tofile="target/temp-ramp/META-INF/services.xml"/>
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC5.aar" basedir="target/temp-ramp"/>
+
+ <!-- Service SC-6 This is with standard secure conversation specification -->
+ <copy overwrite="yes" file="src/test/resources/rampart/issuer.properties" tofile="target/temp-ramp/issuer.properties"/>
+ <copy overwrite="yes" file="src/test/resources/rampart/services-sc-6.xml" tofile="target/temp-ramp/META-INF/services.xml"/>
+ <jar jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC6.aar" basedir="target/temp-ramp"/>
<!--
Set up the infra for rahas tests and the rahas client repo
-->
- <mkdir dir="target/temp-rahas"/>
- <mkdir dir="target/temp-rahas/META-INF"/>
- <copy overwrite="yes"
- file="target/classes/org/apache/rahas/Service.class"
- tofile="target/temp-rahas/org/apache/rahas/Service.class"/>
- <copy overwrite="yes"
- file="target/classes/org/apache/rahas/PWCallback.class"
- tofile="target/temp-rahas/org/apache/rahas/PWCallback.class"/>
+ <mkdir dir="target/temp-rahas" />
+ <mkdir dir="target/temp-rahas/META-INF" />
+ <copy overwrite="yes" file="target/classes/org/apache/rahas/Service.class" tofile="target/temp-rahas/org/apache/rahas/Service.class" />
+ <copy overwrite="yes" file="target/classes/org/apache/rahas/PWCallback.class" tofile="target/temp-rahas/org/apache/rahas/PWCallback.class" />
<copy overwrite="yes" todir="target/temp-rahas">
<fileset dir="src/test/resources/rahas">
- <include name="issuer.properties"/>
- <include name="rahas-sts.jks"/>
+ <include name="issuer.properties" />
+ <include name="rahas-sts.jks" />
</fileset>
</copy>
<!--path id="rahas.client.props" location="test-resources/rahas" -->
<!--addPath id="maven.dependency.classpath" refid="rahas.client.props"-->
- <mkdir dir="target/test-resources/rahas_client_repo"/>
- <mkdir dir="target/test-resources/rahas_client_repo/conf"/>
- <mkdir dir="target/test-resources/rahas_client_repo/modules"/>
- <copy file="target/artifacts/addressing-${axis2.version}.mar"
- tofile="target/test-resources/rahas_client_repo/modules/addressing-${axis2.version}.mar"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/rahas_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
+ <mkdir dir="target/test-resources/rahas_client_repo" />
+ <mkdir dir="target/test-resources/rahas_client_repo/conf" />
+ <mkdir dir="target/test-resources/rahas_client_repo/modules" />
+ <copy file="target/artifacts/addressing-${axis2.version}.mar" tofile="target/test-resources/rahas_client_repo/modules/addressing-${axis2.version}.mar" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/rahas_client_repo/modules/rampart-${project.version}.mar" />
<!-- Rahas Test1: SAML Token test -->
- <mkdir dir="target/test-resources/rahas_service_repo_1"/>
- <mkdir dir="target/test-resources/rahas_service_repo_1/conf"/>
- <mkdir dir="target/test-resources/rahas_service_repo_1/services"/>
- <mkdir dir="target/test-resources/rahas_service_repo_1/modules"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/rahas_service_repo_1/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="target/artifacts/rahas-${rahas.mar.version}.mar"
- tofile="target/test-resources/rahas_service_repo_1/modules/rahas-${rahas.mar.version}.mar"/>
- <copy file="target/artifacts/addressing-${axis2.version}.mar"
- tofile="target/test-resources/rahas_service_repo_1/modules/addressing-${axis2.version}.mar"/>
+ <mkdir dir="target/test-resources/rahas_service_repo_1" />
+ <mkdir dir="target/test-resources/rahas_service_repo_1/conf" />
+ <mkdir dir="target/test-resources/rahas_service_repo_1/services" />
+ <mkdir dir="target/test-resources/rahas_service_repo_1/modules" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/rahas_service_repo_1/modules/rampart-${project.version}.mar" />
+ <copy file="target/artifacts/rahas-${project.version}.mar" tofile="target/test-resources/rahas_service_repo_1/modules/rahas-${project.version}.mar" />
+ <copy file="target/artifacts/addressing-${axis2.version}.mar" tofile="target/test-resources/rahas_service_repo_1/modules/addressing-${axis2.version}.mar" />
<!-- copy the services.xml and create the aar -->
- <copy overwrite="yes"
- file="src/test/resources/rahas/s1-services.xml"
- tofile="target/temp-rahas/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rahas_service_repo_1/services/SecureService.aar"
- basedir="target/temp-rahas"/>
+ <copy overwrite="yes" file="src/test/resources/rahas/s1-services.xml" tofile="target/temp-rahas/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rahas_service_repo_1/services/SecureService.aar" basedir="target/temp-rahas" />
<!-- Rahas Test1: SAML Token test : END -->
<!--
Rahas Test 3 & 4: RahasSAMLTokenUTForHoKTest and RahasSAMLTokenUTForHoKV1205Test
-->
- <mkdir dir="target/test-resources/rahas_service_repo_3"/>
- <mkdir dir="target/test-resources/rahas_service_repo_3/conf"/>
- <mkdir dir="target/test-resources/rahas_service_repo_3/services"/>
- <mkdir dir="target/test-resources/rahas_service_repo_3/modules"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/rahas_service_repo_3/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="target/artifacts/rahas-${rahas.mar.version}.mar"
- tofile="target/test-resources/rahas_service_repo_3/modules/rahas-${rahas.mar.version}.mar"/>
- <copy file="target/artifacts/addressing-${axis2.version}.mar"
- tofile="target/test-resources/rahas_service_repo_3/modules/addressing-${axis2.version}.mar"/>
+ <mkdir dir="target/test-resources/rahas_service_repo_3" />
+ <mkdir dir="target/test-resources/rahas_service_repo_3/conf" />
+ <mkdir dir="target/test-resources/rahas_service_repo_3/services" />
+ <mkdir dir="target/test-resources/rahas_service_repo_3/modules" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/rahas_service_repo_3/modules/rampart-${project.version}.mar" />
+ <copy file="target/artifacts/rahas-${project.version}.mar" tofile="target/test-resources/rahas_service_repo_3/modules/rahas-${project.version}.mar" />
+ <copy file="target/artifacts/addressing-${axis2.version}.mar" tofile="target/test-resources/rahas_service_repo_3/modules/addressing-${axis2.version}.mar" />
<!-- copy the services.xml and create the aar -->
- <copy overwrite="yes"
- file="src/test/resources/rahas/s3-services.xml"
- tofile="target/temp-rahas/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rahas_service_repo_3/services/SecureService.aar"
- basedir="target/temp-rahas"/>
+ <copy overwrite="yes" file="src/test/resources/rahas/s3-services.xml" tofile="target/temp-rahas/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rahas_service_repo_3/services/SecureService.aar" basedir="target/temp-rahas" />
<!--
Rahas Test 3 & 4: RahasSAMLTokenUTForHoKTest and RahasSAMLTokenUTForHoKV1205Test : END
-->
- <mkdir dir="target/test-resources/default_security_client_repo"/>
- <mkdir dir="target/test-resources/default_security_client_repo/conf"/>
- <mkdir dir="target/test-resources/default_security_client_repo/modules"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/default_security_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="target/artifacts/addressing-${axis2.version}.mar"
- tofile="target/test-resources/default_security_client_repo/modules/addressing-${axis2.version}.mar"/>
- <copy file="src/test/resources/conf/axis2.xml"
- tofile="target/test-resources/default_security_client_repo/conf/axis2.xml"/>
+ <mkdir dir="target/test-resources/default_security_client_repo" />
+ <mkdir dir="target/test-resources/default_security_client_repo/conf" />
+ <mkdir dir="target/test-resources/default_security_client_repo/modules" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/default_security_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="target/artifacts/addressing-${axis2.version}.mar" tofile="target/test-resources/default_security_client_repo/modules/addressing-${axis2.version}.mar" />
+ <copy file="src/test/resources/conf/axis2.xml" tofile="target/test-resources/default_security_client_repo/conf/axis2.xml" />
<!--
RahasSAMLTokenAttributeTest
-->
- <mkdir dir="target/test-resources/rahas_service_repo_5"/>
- <mkdir dir="target/test-resources/rahas_service_repo_5/conf"/>
- <mkdir dir="target/test-resources/rahas_service_repo_5/services"/>
- <mkdir dir="target/test-resources/rahas_service_repo_5/modules"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/rahas_service_repo_5/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="target/artifacts/rahas-${rahas.mar.version}.mar"
- tofile="target/test-resources/rahas_service_repo_5/modules/rahas-${rahas.mar.version}.mar"/>
- <copy file="target/artifacts/addressing-${axis2.version}.mar"
- tofile="target/test-resources/rahas_service_repo_5/modules/addressing-${axis2.version}.mar"/>
+ <mkdir dir="target/test-resources/rahas_service_repo_5" />
+ <mkdir dir="target/test-resources/rahas_service_repo_5/conf" />
+ <mkdir dir="target/test-resources/rahas_service_repo_5/services" />
+ <mkdir dir="target/test-resources/rahas_service_repo_5/modules" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/rahas_service_repo_5/modules/rampart-${project.version}.mar" />
+ <copy file="target/artifacts/rahas-${project.version}.mar" tofile="target/test-resources/rahas_service_repo_5/modules/rahas-${project.version}.mar" />
+ <copy file="target/artifacts/addressing-${axis2.version}.mar" tofile="target/test-resources/rahas_service_repo_5/modules/addressing-${axis2.version}.mar" />
<!-- copy the services.xml and create the aar -->
- <copy overwrite="yes"
- file="src/test/resources/rahas/s5-services.xml"
- tofile="target/temp-rahas/META-INF/services.xml"/>
- <jar jarfile="target/test-resources/rahas_service_repo_5/services/SecureService.aar"
- basedir="target/temp-rahas"/>
+ <copy overwrite="yes" file="src/test/resources/rahas/s5-services.xml" tofile="target/temp-rahas/META-INF/services.xml" />
+ <jar jarfile="target/test-resources/rahas_service_repo_5/services/SecureService.aar" basedir="target/temp-rahas" />
<!--RahasAttributeTest END-->
<!-- Scenario 1 -->
- <mkdir dir="target/test-resources/scenario1_client_repo"/>
- <mkdir dir="target/test-resources/scenario1_client_repo/conf"/>
- <mkdir dir="target/test-resources/scenario1_client_repo/modules"/>
- <mkdir dir="target/test-resources/scenario1_client_repo/services"/>
- <mkdir dir="target/test-resources/scenario1_service_repo"/>
- <mkdir dir="target/test-resources/scenario1_service_repo/conf"/>
- <mkdir dir="target/test-resources/scenario1_service_repo/services"/>
- <mkdir dir="target/test-resources/scenario1_service_repo/modules"/>
+ <mkdir dir="target/test-resources/scenario1_client_repo" />
+ <mkdir dir="target/test-resources/scenario1_client_repo/conf" />
+ <mkdir dir="target/test-resources/scenario1_client_repo/modules" />
+ <mkdir dir="target/test-resources/scenario1_client_repo/services" />
+ <mkdir dir="target/test-resources/scenario1_service_repo" />
+ <mkdir dir="target/test-resources/scenario1_service_repo/conf" />
+ <mkdir dir="target/test-resources/scenario1_service_repo/services" />
+ <mkdir dir="target/test-resources/scenario1_service_repo/modules" />
<!-- setup scenario 1 client repository-->
- <copy file="src/test/resources/security/s1.client.axis2.xml"
- tofile="target/test-resources/scenario1_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario1_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
+ <copy file="src/test/resources/security/s1.client.axis2.xml" tofile="target/test-resources/scenario1_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario1_client_repo/modules/rampart-${project.version}.mar" />
<!-- setup scenario 1 service repository-->
- <copy file="src/test/resources/security/s1.service.axis2.xml"
- tofile="target/test-resources/scenario1_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario1_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
+ <copy file="src/test/resources/security/s1.service.axis2.xml" tofile="target/test-resources/scenario1_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario1_service_repo/modules/rampart-${project.version}.mar" />
- <mkdir dir="target/temp-interop/META-INF"/>
+ <mkdir dir="target/temp-interop/META-INF" />
<!-- Create the .aar file -->
- <copy file="src/test/resources/security/s1.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
- <jar jarfile="target/test-resources/scenario1_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <copy file="src/test/resources/security/s1.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
+ <jar jarfile="target/test-resources/scenario1_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
<!-- Scenario 2 - Setup the client and service repos -->
- <mkdir dir="target/test-resources/scenario2_client_repo"/>
- <mkdir dir="target/test-resources/scenario2_client_repo/conf"/>
- <mkdir dir="target/test-resources/scenario2_client_repo/modules"/>
- <mkdir dir="target/test-resources/scenario2_service_repo"/>
- <mkdir dir="target/test-resources/scenario2_service_repo/ conf"/>
- <mkdir dir="target/test-resources/scenario2_service_repo/services"/>
- <mkdir dir="target/test-resources/scenario2_service_repo/modules"/>
- <copy file="src/test/resources/security/s2.client.axis2.xml"
- tofile="target/test-resources/scenario2_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario2_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s2.service.axis2.xml"
- tofile="target/test-resources/scenario2_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario2_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s2.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
- <jar jarfile="target/test-resources/scenario2_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <mkdir dir="target/test-resources/scenario2_client_repo" />
+ <mkdir dir="target/test-resources/scenario2_client_repo/conf" />
+ <mkdir dir="target/test-resources/scenario2_client_repo/modules" />
+ <mkdir dir="target/test-resources/scenario2_service_repo" />
+ <mkdir dir="target/test-resources/scenario2_service_repo/ conf" />
+ <mkdir dir="target/test-resources/scenario2_service_repo/services" />
+ <mkdir dir="target/test-resources/scenario2_service_repo/modules" />
+ <copy file="src/test/resources/security/s2.client.axis2.xml" tofile="target/test-resources/scenario2_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario2_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s2.service.axis2.xml" tofile="target/test-resources/scenario2_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario2_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s2.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
+ <jar jarfile="target/test-resources/scenario2_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
<!-- Scenario 2a - set up repos -->
- <mkdir dir="target/test-resources/scenario2a_client_repo"/>
- <mkdir dir="target/test-resources/scenario2a_client_repo/conf"/>
- <mkdir dir="target/test-resources/scenario2a_client_repo/modules"/>
- <mkdir dir="target/test-resources/scenario2a_service_repo"/>
- <mkdir dir="target/test-resources/scenario2a_service_repo/conf"/>
- <mkdir dir="target/test-resources/scenario2a_service_repo/services"/>
- <mkdir dir="target/test-resources/scenario2a_service_repo/modules"/>
- <copy file="src/test/resources/security/s2a.client.axis2.xml"
- tofile="target/test-resources/scenario2a_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario2a_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s2a.service.axis2.xml"
- tofile="target/test-resources/scenario2a_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario2a_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s2a.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
- <jar jarfile="target/test-resources/scenario2a_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <mkdir dir="target/test-resources/scenario2a_client_repo" />
+ <mkdir dir="target/test-resources/scenario2a_client_repo/conf" />
+ <mkdir dir="target/test-resources/scenario2a_client_repo/modules" />
+ <mkdir dir="target/test-resources/scenario2a_service_repo" />
+ <mkdir dir="target/test-resources/scenario2a_service_repo/conf" />
+ <mkdir dir="target/test-resources/scenario2a_service_repo/services" />
+ <mkdir dir="target/test-resources/scenario2a_service_repo/modules" />
+ <copy file="src/test/resources/security/s2a.client.axis2.xml" tofile="target/test-resources/scenario2a_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario2a_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s2a.service.axis2.xml" tofile="target/test-resources/scenario2a_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario2a_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s2a.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
+ <jar jarfile="target/test-resources/scenario2a_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
<!-- Scenario 3 -->
- <mkdir dir="target/test-resources/scenario3_client_repo"/>
- <mkdir dir="target/test-resources/scenario3_client_repo/conf"/>
- <mkdir dir="target/test-resources/scenario3_client_repo/modules"/>
- <mkdir dir="target/test-resources/scenario3_service_repo"/>
- <mkdir dir="target/test-resources/scenario3_service_repo/conf"/>
- <mkdir dir="target/test-resources/scenario3_service_repo/services"/>
- <mkdir dir="target/test-resources/scenario3_service_repo/modules"/>
- <copy file="src/test/resources/security/s3.client.axis2.xml"
- tofile="target/test-resources/scenario3_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario3_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s3.service.axis2.xml"
- tofile="target/test-resources/scenario3_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario3_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s3.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
- <jar jarfile="target/test-resources/scenario3_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <mkdir dir="target/test-resources/scenario3_client_repo" />
+ <mkdir dir="target/test-resources/scenario3_client_repo/conf" />
+ <mkdir dir="target/test-resources/scenario3_client_repo/modules" />
+ <mkdir dir="target/test-resources/scenario3_service_repo" />
+ <mkdir dir="target/test-resources/scenario3_service_repo/conf" />
+ <mkdir dir="target/test-resources/scenario3_service_repo/services" />
+ <mkdir dir="target/test-resources/scenario3_service_repo/modules" />
+ <copy file="src/test/resources/security/s3.client.axis2.xml" tofile="target/test-resources/scenario3_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario3_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s3.service.axis2.xml" tofile="target/test-resources/scenario3_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario3_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s3.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
+ <jar jarfile="target/test-resources/scenario3_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
<!-- Scenario 4 -->
- <mkdir dir="target/test-resources/scenario4_client_repo"/>
- <mkdir dir="target/test-resources/scenario4_client_repo/conf"/>
- <mkdir dir="target/test-resources/scenario4_client_repo/modules"/>
- <mkdir dir="target/test-resources/scenario4_service_repo"/>
- <mkdir dir="target/test-resources/scenario4_service_repo/conf"/>
- <mkdir dir="target/test-resources/scenario4_service_repo/services"/>
- <mkdir dir="target/test-resources/scenario4_service_repo/modules"/>
- <copy file="src/test/resources/security/s4.client.axis2.xml"
- tofile="target/test-resources/scenario4_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario4_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s4.service.axis2.xml"
- tofile="target/test-resources/scenario4_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario4_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s4.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
- <jar jarfile="target/test-resources/scenario4_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <mkdir dir="target/test-resources/scenario4_client_repo" />
+ <mkdir dir="target/test-resources/scenario4_client_repo/conf" />
+ <mkdir dir="target/test-resources/scenario4_client_repo/modules" />
+ <mkdir dir="target/test-resources/scenario4_service_repo" />
+ <mkdir dir="target/test-resources/scenario4_service_repo/conf" />
+ <mkdir dir="target/test-resources/scenario4_service_repo/services" />
+ <mkdir dir="target/test-resources/scenario4_service_repo/modules" />
+ <copy file="src/test/resources/security/s4.client.axis2.xml" tofile="target/test-resources/scenario4_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario4_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s4.service.axis2.xml" tofile="target/test-resources/scenario4_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario4_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s4.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
+ <jar jarfile="target/test-resources/scenario4_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
<!-- Scenario 5 -->
- <mkdir dir="target/test-resources/scenario5_client_repo"/>
- <mkdir dir="target/test-resources/scenario5_client_repo/conf"/>
- <mkdir dir="target/test-resources/scenario5_client_repo/modules"/>
- <mkdir dir="target/test-resources/scenario5_service_repo"/>
- <mkdir dir="target/test-resources/scenario5_service_repo/conf"/>
- <mkdir dir="target/test-resources/scenario5_service_repo/services"/>
- <mkdir dir="target/test-resources/scenario5_service_repo/modules"/>
- <copy file="src/test/resources/security/s5.client.axis2.xml"
- tofile="target/test-resources/scenario5_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario5_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s5.service.axis2.xml"
- tofile="target/test-resources/scenario5_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario5_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s5.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
- <jar jarfile="target/test-resources/scenario5_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <mkdir dir="target/test-resources/scenario5_client_repo" />
+ <mkdir dir="target/test-resources/scenario5_client_repo/conf" />
+ <mkdir dir="target/test-resources/scenario5_client_repo/modules" />
+ <mkdir dir="target/test-resources/scenario5_service_repo" />
+ <mkdir dir="target/test-resources/scenario5_service_repo/conf" />
+ <mkdir dir="target/test-resources/scenario5_service_repo/services" />
+ <mkdir dir="target/test-resources/scenario5_service_repo/modules" />
+ <copy file="src/test/resources/security/s5.client.axis2.xml" tofile="target/test-resources/scenario5_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario5_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s5.service.axis2.xml" tofile="target/test-resources/scenario5_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario5_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s5.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
+ <jar jarfile="target/test-resources/scenario5_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
<!-- Scenario 6 -->
- <mkdir dir="target/test-resources/scenario6_client_repo"/>
- <mkdir dir="target/test-resources/scenario6_client_repo/conf"/>
- <mkdir dir="target/test-resources/scenario6_client_repo/modules"/>
- <mkdir dir="target/test-resources/scenario6_service_repo"/>
- <mkdir dir="target/test-resources/scenario6_service_repo/conf"/>
- <mkdir dir="target/test-resources/scenario6_service_repo/services"/>
- <mkdir dir="target/test-resources/scenario6_service_repo/modules"/>
- <copy file="src/test/resources/security/s6.client.axis2.xml"
- tofile="target/test-resources/scenario6_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario6_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s6.service.axis2.xml"
- tofile="target/test-resources/scenario6_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario6_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s6.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
- <jar jarfile="target/test-resources/scenario6_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <mkdir dir="target/test-resources/scenario6_client_repo" />
+ <mkdir dir="target/test-resources/scenario6_client_repo/conf" />
+ <mkdir dir="target/test-resources/scenario6_client_repo/modules" />
+ <mkdir dir="target/test-resources/scenario6_service_repo" />
+ <mkdir dir="target/test-resources/scenario6_service_repo/conf" />
+ <mkdir dir="target/test-resources/scenario6_service_repo/services" />
+ <mkdir dir="target/test-resources/scenario6_service_repo/modules" />
+ <copy file="src/test/resources/security/s6.client.axis2.xml" tofile="target/test-resources/scenario6_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario6_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s6.service.axis2.xml" tofile="target/test-resources/scenario6_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario6_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s6.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
+ <jar jarfile="target/test-resources/scenario6_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
<!-- Scenario 7 -->
- <mkdir dir="target/test-resources/scenario7_client_repo"/>
- <mkdir dir="target/test-resources/scenario7_client_repo/conf"/>
- <mkdir dir="target/test-resources/scenario7_client_repo/modules"/>
- <mkdir dir="target/test-resources/scenario7_service_repo"/>
- <mkdir dir="target/test-resources/scenario7_service_repo/conf"/>
- <mkdir dir="target/test-resources/scenario7_service_repo/services"/>
- <mkdir dir="target/test-resources/scenario7_service_repo/modules"/>
- <copy file="src/test/resources/security/s7.client.axis2.xml"
- tofile="target/test-resources/scenario7_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario7_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s7.service.axis2.xml"
- tofile="target/test-resources/scenario7_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenario7_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/s7.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
- <jar jarfile="target/test-resources/scenario7_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <mkdir dir="target/test-resources/scenario7_client_repo" />
+ <mkdir dir="target/test-resources/scenario7_client_repo/conf" />
+ <mkdir dir="target/test-resources/scenario7_client_repo/modules" />
+ <mkdir dir="target/test-resources/scenario7_service_repo" />
+ <mkdir dir="target/test-resources/scenario7_service_repo/conf" />
+ <mkdir dir="target/test-resources/scenario7_service_repo/services" />
+ <mkdir dir="target/test-resources/scenario7_service_repo/modules" />
+ <copy file="src/test/resources/security/s7.client.axis2.xml" tofile="target/test-resources/scenario7_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario7_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s7.service.axis2.xml" tofile="target/test-resources/scenario7_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenario7_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/s7.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
+ <jar jarfile="target/test-resources/scenario7_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
<!-- Scenario ST1 -->
- <mkdir dir="target/test-resources/scenarioST1_client_repo"/>
- <mkdir dir="target/test-resources/scenarioST1_client_repo/conf"/>
- <mkdir dir="target/test-resources/scenarioST1_client_repo/modules"/>
- <mkdir dir="target/test-resources/scenarioST1_service_repo"/>
- <mkdir dir="target/test-resources/scenarioST1_service_repo/conf"/>
- <mkdir dir="target/test-resources/scenarioST1_service_repo/services"/>
- <mkdir dir="target/test-resources/scenarioST1_service_repo/modules"/>
- <copy file="src/test/resources/security/sST1.client.axis2.xml"
- tofile="target/test-resources/scenarioST1_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenarioST1_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/sST1.service.axis2.xml"
- tofile="target/test-resources/scenarioST1_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/scenarioST1_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/sST1.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
- <jar jarfile="target/test-resources/scenarioST1_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <mkdir dir="target/test-resources/scenarioST1_client_repo" />
+ <mkdir dir="target/test-resources/scenarioST1_client_repo/conf" />
+ <mkdir dir="target/test-resources/scenarioST1_client_repo/modules" />
+ <mkdir dir="target/test-resources/scenarioST1_service_repo" />
+ <mkdir dir="target/test-resources/scenarioST1_service_repo/conf" />
+ <mkdir dir="target/test-resources/scenarioST1_service_repo/services" />
+ <mkdir dir="target/test-resources/scenarioST1_service_repo/modules" />
+ <copy file="src/test/resources/security/sST1.client.axis2.xml" tofile="target/test-resources/scenarioST1_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenarioST1_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/sST1.service.axis2.xml" tofile="target/test-resources/scenarioST1_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/scenarioST1_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/sST1.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
+ <jar jarfile="target/test-resources/scenarioST1_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
<!-- MTOM Optimized Security Test -->
- <mkdir dir="target/test-resources/mtom_sec_client_repo"/>
- <mkdir dir="target/test-resources/mtom_sec_client_repo/conf"/>
- <mkdir dir="target/test-resources/mtom_sec_client_repo/modules"/>
- <mkdir dir="target/test-resources/mtom_sec_service_repo"/>
- <mkdir dir="target/test-resources/mtom_sec_service_repo/conf"/>
- <mkdir dir="target/test-resources/mtom_sec_service_repo/services"/>
- <mkdir dir="target/test-resources/mtom_sec_service_repo/modules"/>
- <copy file="src/test/resources/security/secMtom.client.axis2.xml"
- tofile="target/test-resources/mtom_sec_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/mtom_sec_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/secMtom.service.axis2.xml"
- tofile="target/test-resources/mtom_sec_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/mtom_sec_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="src/test/resources/security/secMtom.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
- <jar jarfile="target/test-resources/mtom_sec_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <mkdir dir="target/test-resources/mtom_sec_client_repo" />
+ <mkdir dir="target/test-resources/mtom_sec_client_repo/conf" />
+ <mkdir dir="target/test-resources/mtom_sec_client_repo/modules" />
+ <mkdir dir="target/test-resources/mtom_sec_service_repo" />
+ <mkdir dir="target/test-resources/mtom_sec_service_repo/conf" />
+ <mkdir dir="target/test-resources/mtom_sec_service_repo/services" />
+ <mkdir dir="target/test-resources/mtom_sec_service_repo/modules" />
+ <copy file="src/test/resources/security/secMtom.client.axis2.xml" tofile="target/test-resources/mtom_sec_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/mtom_sec_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/secMtom.service.axis2.xml" tofile="target/test-resources/mtom_sec_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/mtom_sec_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="src/test/resources/security/secMtom.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
+ <jar jarfile="target/test-resources/mtom_sec_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
<!-- Test with addressing and MTOM -->
- <mkdir dir="target/test-resources/complete_client_repo"/>
- <mkdir dir="target/test-resources/complete_client_repo/conf"/>
- <mkdir dir="target/test-resources/complete_client_repo/modules"/>
- <mkdir dir="target/test-resources/complete_service_repo"/>
- <mkdir dir="target/test-resources/complete_service_repo/conf"/>
- <mkdir dir="target/test-resources/complete_service_repo/services"/>
- <mkdir dir="target/test-resources/complete_service_repo/modules"/>
+ <mkdir dir="target/test-resources/complete_client_repo" />
+ <mkdir dir="target/test-resources/complete_client_repo/conf" />
+ <mkdir dir="target/test-resources/complete_client_repo/modules" />
+ <mkdir dir="target/test-resources/complete_service_repo" />
+ <mkdir dir="target/test-resources/complete_service_repo/conf" />
+ <mkdir dir="target/test-resources/complete_service_repo/services" />
+ <mkdir dir="target/test-resources/complete_service_repo/modules" />
<!-- Test with addressing and MTOM client repository-->
- <copy file="src/test/resources/security/complete.client.axis2.xml"
- tofile="target/test-resources/complete_client_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/complete_client_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="target/artifacts/addressing-${axis2.version}.mar"
- tofile="target/test-resources/complete_client_repo/modules/addressing-${axis2.version}.mar"/>
+ <copy file="src/test/resources/security/complete.client.axis2.xml" tofile="target/test-resources/complete_client_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/complete_client_repo/modules/rampart-${project.version}.mar" />
+ <copy file="target/artifacts/addressing-${axis2.version}.mar" tofile="target/test-resources/complete_client_repo/modules/addressing-${axis2.version}.mar" />
<!-- Test with addressing and MTOMservice repository-->
- <copy file="src/test/resources/security/complete.service.axis2.xml"
- tofile="target/test-resources/complete_service_repo/conf/axis2.xml"/>
- <copy file="target/artifacts/rampart-${rampart.mar.version}.mar"
- tofile="target/test-resources/complete_service_repo/modules/rampart-${rampart.mar.version}.mar"/>
- <copy file="target/artifacts/addressing-${axis2.version}.mar"
- tofile="target/test-resources/complete_service_repo/modules/addressing-${axis2.version}.mar"/>
- <copy file="src/test/resources/security/complete.service.xml"
- tofile="target/temp-interop/META-INF/services.xml"
- overwrite="true"/>
+ <copy file="src/test/resources/security/complete.service.axis2.xml" tofile="target/test-resources/complete_service_repo/conf/axis2.xml" />
+ <copy file="target/artifacts/rampart-${project.version}.mar" tofile="target/test-resources/complete_service_repo/modules/rampart-${project.version}.mar" />
+ <copy file="target/artifacts/addressing-${axis2.version}.mar" tofile="target/test-resources/complete_service_repo/modules/addressing-${axis2.version}.mar" />
+ <copy file="src/test/resources/security/complete.service.xml" tofile="target/temp-interop/META-INF/services.xml" overwrite="true" />
<!-- Create the .aar file -->
- <jar jarfile="target/test-resources/complete_service_repo/services/PingPort.aar"
- basedir="target/temp-interop"/>
+ <jar jarfile="target/test-resources/complete_service_repo/services/PingPort.aar" basedir="target/temp-interop" />
</tasks>
</configuration>
<goals>
@@ -745,6 +577,13 @@
</execution>
</executions>
</plugin-->
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <!-- Add the Xerces/Xalan versions expected by OpenSAML to the boot classpath so that the build succeeds on older 1.5 JDKs -->
+ <argLine>-Xbootclasspath/p:${project.build.directory}/endorsed/xml-apis.jar${path.separator}${project.build.directory}/endorsed/xercesImpl.jar${path.separator}${project.build.directory}/endorsed/resolver.jar${path.separator}${project.build.directory}/endorsed/serializer.jar${path.separator}${project.build.directory}/endorsed/xalan.jar</argLine>
+ </configuration>
+ </plugin>
</plugins>
</build>
@@ -752,17 +591,17 @@
<dependency>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-policy</artifactId>
- <version>${pom.version}</version>
+ <version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-trust</artifactId>
- <version>${pom.version}</version>
+ <version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-core</artifactId>
- <version>${pom.version}</version>
+ <version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.axis2</groupId>
@@ -795,6 +634,14 @@
<version>${junit.version}</version>
<scope>compile</scope>
</dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </dependency>
</dependencies>
<reporting>
@@ -802,9 +649,10 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-site-plugin</artifactId>
+ <version>2.0-beta-5</version>
<configuration>
<templateDirectory>${basedir}</templateDirectory>
- <menu ref="parent"/>
+ <menu ref="parent" />
</configuration>
</plugin>
</plugins>
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenCertForHoKTest.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenCertForHoKTest.java
index a6478e2..1adfb5c 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenCertForHoKTest.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenCertForHoKTest.java
@@ -7,7 +7,6 @@ import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.neethi.Policy;
import org.apache.ws.secpolicy.SP11Constants;
-import org.opensaml.XML;
import javax.xml.namespace.QName;/*
* Copyright 2004,2005 The Apache Software Foundation.
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenTest.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenTest.java
index 8bd0334..cdf406d 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenTest.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenTest.java
@@ -23,7 +23,6 @@ import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.neethi.Policy;
import org.apache.ws.secpolicy.SP11Constants;
-import org.opensaml.XML;
import javax.xml.namespace.QName;
public class RahasSAML2TokenTest extends TestClient{
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenUTForBearerTest.java
similarity index 57%
copy from modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java
copy to modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenUTForBearerTest.java
index e9b9bcc..80a2989 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAML2TokenUTForBearerTest.java
@@ -23,18 +23,28 @@ import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.opensaml.XML;
+import org.opensaml.Configuration;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.core.SubjectConfirmation;
+import org.opensaml.xml.io.Unmarshaller;
+import org.opensaml.xml.io.UnmarshallerFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
import javax.xml.namespace.QName;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import java.io.ByteArrayInputStream;
+import java.util.List;
/**
*
* @author Ruchith Fernando (ruchith.fernando@gmail.com)
*/
-public class RahasSAMLTokenUTForBearerTest extends TestClient {
+public class RahasSAML2TokenUTForBearerTest extends TestClient {
- public RahasSAMLTokenUTForBearerTest(String name) {
+ public RahasSAML2TokenUTForBearerTest(String name) {
super(name);
}
@@ -43,15 +53,15 @@ public class RahasSAMLTokenUTForBearerTest extends TestClient {
OMElement rstElem = TrustUtil.createRequestSecurityTokenElement(RahasConstants.VERSION_05_02);
TrustUtil.createRequestTypeElement(RahasConstants.VERSION_05_02, rstElem, RahasConstants.REQ_TYPE_ISSUE);
OMElement tokenTypeElem = TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, rstElem);
- tokenTypeElem.setText(RahasConstants.TOK_TYPE_SAML_10);
-
+ tokenTypeElem.setText(RahasConstants.TOK_TYPE_SAML_20);
+
TrustUtil.createAppliesToElement(rstElem, "http://localhost:5555/axis2/services/SecureService", this.getWSANamespace());
TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02,
rstElem, RahasConstants.KEY_TYPE_BEARER);
TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, rstElem, 256);
-
+
return rstElem;
-
+
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -70,7 +80,7 @@ public class RahasSAMLTokenUTForBearerTest extends TestClient {
InflowConfiguration ifc = new InflowConfiguration();
ifc.setActionItems("Timestamp");
-
+
return ifc;
}
@@ -87,8 +97,21 @@ public class RahasSAMLTokenUTForBearerTest extends TestClient {
RahasConstants.IssuanceBindingLocalNames.
REQUESTED_SECURITY_TOKEN));
assertNotNull("RequestedSecurityToken missing", rst);
- OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
- assertNotNull("Missing SAML Assertoin", elem);
+
+ OMElement elem = rst.getFirstChildWithName(new QName(
+ "urn:oasis:names:tc:SAML:2.0:assertion", "Assertion"));
+ assertNotNull("Missing SAML Assertion", elem);
+
+ Assertion assertion = getAssertionObjectFromOMElement(elem);
+ Subject subject = assertion.getSubject();
+ assertNotNull("SAML Subject of the assertion cannot be null", subject);
+
+ List<SubjectConfirmation> subjectConfirmations = subject.getSubjectConfirmations();
+ assertNotNull("At least one Subject Confirmation should be present in the SAML Subject",
+ subjectConfirmations.get(0));
+ assertEquals("Subject Confirmation should be BEARER : urn:oasis:names:tc:SAML:2.0:cm:bearer",
+ RahasConstants.SAML20_SUBJECT_CONFIRMATION_BEARER,
+ subjectConfirmations.get(0).getMethod());
}
/* (non-Javadoc)
@@ -111,14 +134,41 @@ public class RahasSAMLTokenUTForBearerTest extends TestClient {
public OMElement getRSTTemplate() throws TrustException {
OMFactory factory = OMAbstractFactory.getOMFactory();
OMElement elem = factory.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
-
- TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, elem).setText(RahasConstants.TOK_TYPE_SAML_10);
- TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem, RahasConstants.KEY_TYPE_BEARER);
-
+
+ TrustUtil.createTokenTypeElement(
+ RahasConstants.VERSION_05_02, elem).setText(RahasConstants.TOK_TYPE_SAML_20);
+ TrustUtil.createKeyTypeElement(
+ RahasConstants.VERSION_05_02, elem, RahasConstants.KEY_TYPE_BEARER);
+
return elem;
}
-
+
public int getTrstVersion() {
return RahasConstants.VERSION_05_02;
}
+
+ /**
+ * Build the SAML Assertion object from the OMElement for the ease of processing
+ * @param omElement OMElement containing the SAML Assertion
+ * @return Assertion object
+ */
+ private Assertion getAssertionObjectFromOMElement(OMElement omElement){
+ Assertion assertion = null;
+ try {
+ DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
+ documentBuilderFactory.setNamespaceAware(true);
+ DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();
+ Document document = docBuilder.parse(new ByteArrayInputStream(omElement.toString().getBytes()));
+ Element element = document.getDocumentElement();
+ UnmarshallerFactory unmarshallerFactory = Configuration
+ .getUnmarshallerFactory();
+ Unmarshaller unmarshaller = unmarshallerFactory
+ .getUnmarshaller(element);
+ assertion = (org.opensaml.saml2.core.Assertion) unmarshaller
+ .unmarshall(element);
+ } catch (Exception e){
+ e.printStackTrace();
+ }
+ return assertion;
+ }
}
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenAttributeTest.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenAttributeTest.java
index 6e87267..7579887 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenAttributeTest.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenAttributeTest.java
@@ -9,8 +9,6 @@ import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.opensaml.XML;
public class RahasSAMLTokenAttributeTest extends TestClient{
@@ -67,7 +65,7 @@ public class RahasSAMLTokenAttributeTest extends TestClient{
RahasConstants.IssuanceBindingLocalNames.
REQUESTED_SECURITY_TOKEN));
assertNotNull("RequestedSecurityToken missing", rst);
- OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
+ OMElement elem = rst.getFirstChildWithName(new QName(RahasConstants.SAML_NS, "Assertion"));
assertNotNull("Missing SAML Assertoin", elem);
}
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java
index 5fed698..45946e5 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenCertForHoKTest.java
@@ -19,13 +19,10 @@ package org.apache.rahas;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
-import org.apache.rahas.PWCallback;
import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -94,7 +91,7 @@ public class RahasSAMLTokenCertForHoKTest extends TestClient {
RahasConstants.IssuanceBindingLocalNames.
REQUESTED_SECURITY_TOKEN));
assertNotNull("RequestedSecurityToken missing", rst);
- OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
+ OMElement elem = rst.getFirstChildWithName(new QName(RahasConstants.SAML_NS, "Assertion"));
assertNotNull("Missing SAML Assertoin", elem);
}
@@ -135,5 +132,4 @@ public class RahasSAMLTokenCertForHoKTest extends TestClient {
return RahasConstants.VERSION_05_02;
}
-
}
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java
index d5b2596..f01ffc4 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenCertForHoKV1205Test.java
@@ -24,9 +24,7 @@ import org.apache.rampart.handler.WSSHandlerConstants;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
import org.apache.xml.security.encryption.XMLCipher;
-import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -114,7 +112,7 @@ public class RahasSAMLTokenCertForHoKV1205Test extends TestClient {
RahasConstants.IssuanceBindingLocalNames.
REQUESTED_SECURITY_TOKEN));
assertNotNull("RequestedSecurityToken missing", rst);
- OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
+ OMElement elem = rst.getFirstChildWithName(new QName(RahasConstants.SAML_NS, "Assertion"));
assertNotNull("Missing SAML Assertoin", elem);
}
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenTest.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenTest.java
index 9d20d41..efd1f83 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenTest.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenTest.java
@@ -19,13 +19,10 @@ package org.apache.rahas;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
-import org.apache.rahas.PWCallback;
import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -88,7 +85,7 @@ public class RahasSAMLTokenTest extends TestClient {
RahasConstants.IssuanceBindingLocalNames.
REQUESTED_SECURITY_TOKEN));
assertNotNull("RequestedSecurityToken missing", rst);
- OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
+ OMElement elem = rst.getFirstChildWithName(new QName(RahasConstants.SAML_NS, "Assertion"));
assertNotNull("Missing SAML Assertoin", elem);
}
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java
index e9b9bcc..df2433c 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerTest.java
@@ -23,10 +23,21 @@ import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.opensaml.XML;
+import org.opensaml.Configuration;
+import org.opensaml.saml1.core.Assertion;
+import org.opensaml.saml1.core.AuthenticationStatement;
+import org.opensaml.saml1.core.ConfirmationMethod;
+import org.opensaml.saml1.core.SubjectStatement;
+import org.opensaml.xml.io.Unmarshaller;
+import org.opensaml.xml.io.UnmarshallerFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
import javax.xml.namespace.QName;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import java.io.ByteArrayInputStream;
+import java.util.List;
/**
*
@@ -87,8 +98,23 @@ public class RahasSAMLTokenUTForBearerTest extends TestClient {
RahasConstants.IssuanceBindingLocalNames.
REQUESTED_SECURITY_TOKEN));
assertNotNull("RequestedSecurityToken missing", rst);
- OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
- assertNotNull("Missing SAML Assertoin", elem);
+
+ OMElement elem = rst.getFirstChildWithName(new QName(RahasConstants.SAML_NS, "Assertion"));
+ assertNotNull("Missing SAML Assertion", elem);
+
+ Assertion assertion = getAssertionObjectFromOMElement(elem);
+ List<AuthenticationStatement> authStmts = assertion.getAuthenticationStatements();
+ assertNotNull("At least one Authentication Statement should be present in the assertion",
+ authStmts.get(0));
+
+ SubjectStatement authStmt = authStmts.get(0);
+ List<ConfirmationMethod> subConfirmationMethods = authStmt.getSubject().
+ getSubjectConfirmation().getConfirmationMethods();
+ assertNotNull("At least one Subject Confirmation method should be present in the SAML Subject",
+ subConfirmationMethods.get(0));
+ assertEquals("Subject Confirmation should be BEARER : urn:oasis:names:tc:SAML:1.0:cm:bearer",
+ RahasConstants.SAML11_SUBJECT_CONFIRMATION_BEARER,
+ subConfirmationMethods.get(0).getConfirmationMethod());
}
/* (non-Javadoc)
@@ -121,4 +147,29 @@ public class RahasSAMLTokenUTForBearerTest extends TestClient {
public int getTrstVersion() {
return RahasConstants.VERSION_05_02;
}
+
+ /**
+ * Build the SAML Assertion object from the OMElement for the ease of processing
+ * @param omElement OMElement containing the SAML Assertion
+ * @return Assertion object
+ */
+ private Assertion getAssertionObjectFromOMElement(OMElement omElement){
+ Assertion assertion = null;
+ try {
+ DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
+ documentBuilderFactory.setNamespaceAware(true);
+ DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();
+ Document document = docBuilder.parse(new ByteArrayInputStream(omElement.toString().getBytes()));
+ Element element = document.getDocumentElement();
+ UnmarshallerFactory unmarshallerFactory = Configuration
+ .getUnmarshallerFactory();
+ Unmarshaller unmarshaller = unmarshallerFactory
+ .getUnmarshaller(element);
+ assertion = (org.opensaml.saml1.core.Assertion) unmarshaller
+ .unmarshall(element);
+ } catch (Exception e){
+ e.printStackTrace();
+ }
+ return assertion;
+ }
}
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java
index 68aa800..9a93afc 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java
@@ -23,8 +23,6 @@ import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -90,7 +88,7 @@ public class RahasSAMLTokenUTForBearerV1205Test extends TestClient {
RahasConstants.IssuanceBindingLocalNames.
REQUESTED_SECURITY_TOKEN));
assertNotNull("RequestedSecurityToken missing", rst);
- OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
+ OMElement elem = rst.getFirstChildWithName(new QName(RahasConstants.SAML_NS, "Assertion"));
assertNotNull("Missing SAML Assertoin", elem);
}
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java
index e3fa9cc..677c10e 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForHoKTest.java
@@ -23,8 +23,6 @@ import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.ws.secpolicy.SP11Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -83,7 +81,7 @@ public class RahasSAMLTokenUTForHoKTest extends TestClient {
RahasConstants.IssuanceBindingLocalNames.
REQUESTED_SECURITY_TOKEN));
assertNotNull("RequestedSecurityToken missing", rst);
- OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
+ OMElement elem = rst.getFirstChildWithName(new QName(RahasConstants.SAML_NS, "Assertion"));
assertNotNull("Missing SAML Assertoin", elem);
}
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java
index 5decbeb..9af8b92 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForHoKV1205Test.java
@@ -26,10 +26,8 @@ import org.apache.neethi.Policy;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.util.WSSecurityUtil;
-import org.opensaml.XML;
public class RahasSAMLTokenUTForHoKV1205Test extends TestClient {
@@ -105,7 +103,7 @@ public class RahasSAMLTokenUTForHoKV1205Test extends TestClient {
REQUESTED_SECURITY_TOKEN));
assertNotNull("RequestedSecurityToken missing", rst);
- OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
+ OMElement elem = rst.getFirstChildWithName(new QName(RahasConstants.SAML_NS, "Assertion"));
assertNotNull("Missing SAML Assertoin", elem);
//Uncomment for inteorp - START
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenV1205Test.java b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenV1205Test.java
index 4c704d3..9a3a9a7 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenV1205Test.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenV1205Test.java
@@ -20,12 +20,9 @@ import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.neethi.Policy;
-import org.apache.rahas.PWCallback;
import org.apache.rampart.handler.config.InflowConfiguration;
import org.apache.rampart.handler.config.OutflowConfiguration;
import org.apache.ws.secpolicy.SP12Constants;
-import org.apache.ws.secpolicy.SPConstants;
-import org.opensaml.XML;
import javax.xml.namespace.QName;
@@ -92,7 +89,7 @@ public class RahasSAMLTokenV1205Test extends TestClient {
RahasConstants.IssuanceBindingLocalNames.
REQUESTED_SECURITY_TOKEN));
assertNotNull("RequestedSecurityToken missing", rst);
- OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion"));
+ OMElement elem = rst.getFirstChildWithName(new QName(RahasConstants.SAML_NS, "Assertion"));
assertNotNull("Missing SAML Assertoin", elem);
}
diff --git a/modules/rampart-integration/src/test/java/org/apache/rahas/SAMLDataProvider.java b/modules/rampart-integration/src/test/java/org/apache/rahas/SAMLDataProvider.java
index afedce4..bd987e7 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rahas/SAMLDataProvider.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rahas/SAMLDataProvider.java
@@ -1,30 +1,32 @@
package org.apache.rahas;
-import java.util.Arrays;
-
-import org.apache.rahas.impl.util.SAMLAttributeCallback;
-import org.apache.rahas.impl.util.SAMLCallback;
-import org.apache.rahas.impl.util.SAMLCallbackHandler;
-import org.apache.rahas.impl.util.SAMLNameIdentifierCallback;
-import org.opensaml.SAMLAttribute;
-import org.opensaml.SAMLException;
-import org.opensaml.SAMLNameIdentifier;
+import org.apache.rahas.impl.util.*;
+import org.opensaml.common.SAMLException;
+import org.opensaml.saml1.core.Attribute;
+import org.opensaml.saml1.core.NameIdentifier;
public class SAMLDataProvider implements SAMLCallbackHandler{
- public void handle(SAMLCallback callback) throws SAMLException{
+ public void handle(SAMLCallback callback) throws SAMLException {
if(callback.getCallbackType() == SAMLCallback.ATTR_CALLBACK){
SAMLAttributeCallback cb = (SAMLAttributeCallback)callback;
- SAMLAttribute attribute = new SAMLAttribute("Name",
- "https://rahas.apache.org/saml/attrns", null, -1, Arrays
- .asList(new String[] { "Custom/Rahas" }));
- cb.addAttributes(attribute);
+
+ try {
+ Attribute attribute = SAMLUtils.createAttribute("Name", "https://rahas.apache.org/saml/attrns", "Custom/Rahas");
+ cb.addAttributes(attribute);
+ } catch (TrustException e) {
+ throw new SAMLException("Error creating attribute", e);
+ }
+
}else if(callback.getCallbackType() == SAMLCallback.NAME_IDENTIFIER_CALLBACK){
SAMLNameIdentifierCallback cb = (SAMLNameIdentifierCallback)callback;
- SAMLNameIdentifier nameId = new SAMLNameIdentifier(
- "David", null, SAMLNameIdentifier.FORMAT_EMAIL);
- cb.setNameId(nameId);
+ try {
+ NameIdentifier nameId = SAMLUtils.createNamedIdentifier("David", NameIdentifier.EMAIL);
+ cb.setNameId(nameId);
+ } catch (TrustException e) {
+ throw new SAMLException("Error creating name identifier", e);
+ }
}
}
diff --git a/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java b/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
index 8b0b84f..bd8e5bc 100644
--- a/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
+++ b/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
@@ -16,32 +16,44 @@
package org.apache.rampart;
+import junit.framework.TestCase;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
-import org.apache.axis2.Constants;
+import org.apache.axiom.om.util.AXIOMUtil;
+import org.apache.axiom.soap.SOAPHeaderBlock;
import org.apache.axis2.AxisFault;
+import org.apache.axis2.Constants;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.context.ServiceContext;
-import org.apache.axis2.context.MessageContext;
import org.apache.axis2.integration.UtilServer;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
-import org.apache.ws.security.handler.WSHandlerConstants;
-import junit.framework.TestCase;
+import java.util.MissingResourceException;
+import java.util.ResourceBundle;
public class RampartTest extends TestCase {
public final static int PORT = UtilServer.TESTING_PORT;
+ private static ResourceBundle resources;
+
+ static {
+ try {
+ resources = ResourceBundle.getBundle("org.apache.rampart.errors");
+ } catch (MissingResourceException e) {
+ throw new RuntimeException(e.getMessage());
+ }
+ }
+
public RampartTest(String name) {
super(name);
}
@@ -55,29 +67,36 @@ public class RampartTest extends TestCase {
UtilServer.stop();
}
-
+ private ServiceClient getServiceClientInstance() throws AxisFault {
+
+ String repository = Constants.TESTING_PATH + "rampart_client_repo";
+
+ ConfigurationContext configContext = ConfigurationContextFactory.
+ createConfigurationContextFromFileSystem(repository, null);
+ ServiceClient serviceClient = new ServiceClient(configContext, null);
+
+
+ serviceClient.engageModule("addressing");
+ serviceClient.engageModule("rampart");
+
+ return serviceClient;
+
+ }
+
public void testWithPolicy() {
try {
- String repo = Constants.TESTING_PATH + "rampart_client_repo";
-
- ConfigurationContext configContext = ConfigurationContextFactory.
- createConfigurationContextFromFileSystem(repo, null);
- ServiceClient serviceClient = new ServiceClient(configContext, null);
-
-
- serviceClient.engageModule("addressing");
- serviceClient.engageModule("rampart");
+ ServiceClient serviceClient = getServiceClientInstance();
//TODO : figure this out !!
- boolean basic256Supported = true;
+ boolean basic256Supported = false;
if(basic256Supported) {
System.out.println("\nWARNING: We are using key sizes from JCE " +
"Unlimited Strength Jurisdiction Policy !!!");
}
- for (int i = 1; i <= 30; i++) { //<-The number of tests we have
+ for (int i = 1; i <= 34; i++) { //<-The number of tests we have
if(!basic256Supported && (i == 3 || i == 4 || i == 5)) {
//Skip the Basic256 tests
continue;
@@ -106,19 +125,45 @@ public class RampartTest extends TestCase {
context.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy("/rampart/policy/" + i + ".xml"));
serviceClient.setOptions(options);
-
- // Invoking the serive in the TestCase-28 should fail. So handling it differently..
- if (i == 28) {
+
+ if (i == 31) {
+ OMNamespace omNamespace = OMAbstractFactory.getOMFactory().createOMNamespace(
+ "http://sample.com", "myNs");
+ SOAPHeaderBlock header = OMAbstractFactory.getSOAP12Factory()
+ .createSOAPHeaderBlock("VitalHeader", omNamespace);
+ header.addChild(AXIOMUtil.stringToOM("<foo>This is a sample Header</foo>"));
+ serviceClient.addHeader(header);
+ }
+
+ // Invoking the service in the TestCase-28 should fail. So handling it differently..
+ if (i == 28 || i == 34) {
try {
+
//Blocking invocation
serviceClient.sendReceive(getOMElement());
- fail("Service Should throw an error..");
+
+ String message = "";
+
+ if (i == 34) {
+ message = "Test case 34 should fail. We are running the service in symmetric binding mode " +
+ "and client in asymmetric binding mode. Therefore test case 34 should fail.";
+ }
+
+ fail("Service Should throw an error - " + message);
} catch (AxisFault axisFault) {
- assertEquals("Expected encrypted part missing", axisFault.getMessage());
+
+ if (i == 28) {
+ assertEquals(resources.getString("encryptionMissing"), axisFault.getMessage());
+ } else if (i == 34) {
+ // TODO this is failing in build server
+ // Need to find the exact cause
+ //assertEquals(resources.getString("invalidSignatureAlgo"), axisFault.getMessage());
+ System.out.println(axisFault.getMessage());
+ }
+
}
}
-
else{
//Blocking invocation
serviceClient.sendReceive(getEchoElement());
@@ -160,9 +205,9 @@ public class RampartTest extends TestCase {
}
- for (int i = 1; i <= 3; i++) { //<-The number of tests we have
+ for (int i = 1; i <= 6; i++) { //<-The number of tests we have
- if (i == 2 || i == 3) {
+ if (i == 3 || i == 6) {
continue; // Can't test Transport binding scenarios with Simple HTTP Server
}
@@ -170,6 +215,10 @@ public class RampartTest extends TestCase {
System.out.println("Testing WS-SecConv: custom scenario " + i);
options.setAction("urn:echo");
options.setTo(new EndpointReference("http://127.0.0.1:" + PORT + "/axis2/services/SecureServiceSC" + i));
+
+ //Create a new service client instance for each secure conversation scenario
+ serviceClient = getServiceClientInstance();
+
serviceClient.getServiceContext().setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy("/rampart/policy/sc-" + i + ".xml"));
serviceClient.setOptions(options);
@@ -185,6 +234,8 @@ public class RampartTest extends TestCase {
serviceClient.sendReceive(getEchoElement());
options.setProperty(RampartMessageData.CANCEL_REQUEST, Constants.VALUE_TRUE);
serviceClient.sendReceive(getEchoElement());
+ serviceClient.cleanupTransport();
+
}
} catch (Exception e) {
diff --git a/modules/rampart-integration/src/test/java/commons-logging.properties b/modules/rampart-integration/src/test/resources/log4j.properties
old mode 100755
new mode 100644
similarity index 57%
rename from modules/rampart-integration/src/test/java/commons-logging.properties
rename to modules/rampart-integration/src/test/resources/log4j.properties
index 1e570d6..8a80313
--- a/modules/rampart-integration/src/test/java/commons-logging.properties
+++ b/modules/rampart-integration/src/test/resources/log4j.properties
@@ -1,30 +1,25 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
-# This is the logging properties that goes to the war, there are two logging conf kept at the
-# svn, one for developement (one at src/test-resources) and other for producation
-
-# Uncomment the next line to disable all logging.
-#org.apache.commons.logging.Log=org.apache.commons.logging.impl.NoOpLog
-
-# Uncomment the next line to enable the simple log based logging
-#org.apache.commons.logging.Log=org.apache.commons.logging.impl.SimpleLog
-
-# Uncomment the next line to enable log4j based logging
-org.apache.commons.logging.Log=org.apache.commons.logging.impl.Log4JLogger
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+log4j.rootCategory=ERROR, CONSOLE
+
+log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
+log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
+log4j.appender.CONSOLE.layout.ConversionPattern=%d %-5p %c - %m%n
+
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/16.xml b/modules/rampart-integration/src/test/resources/rampart/policy/16.xml
index 4e1a484..9c4fd9d 100644
--- a/modules/rampart-integration/src/test/resources/rampart/policy/16.xml
+++ b/modules/rampart-integration/src/test/resources/rampart/policy/16.xml
@@ -37,10 +37,10 @@
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Policy>
+ <wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
- </sp:Policy>
+ </wsp:Policy>
</sp:Wss10>
<sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy/>
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/3.xml b/modules/rampart-integration/src/test/resources/rampart/policy/3.xml
index 897b4bc..cf7fa6f 100644
--- a/modules/rampart-integration/src/test/resources/rampart/policy/3.xml
+++ b/modules/rampart-integration/src/test/resources/rampart/policy/3.xml
@@ -23,7 +23,7 @@
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
- <sp:Basic128/>
+ <sp:Basic256Sha256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/30.xml b/modules/rampart-integration/src/test/resources/rampart/policy/30.xml
index be544e6..507b92e 100644
--- a/modules/rampart-integration/src/test/resources/rampart/policy/30.xml
+++ b/modules/rampart-integration/src/test/resources/rampart/policy/30.xml
@@ -40,10 +40,10 @@
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10>
- <sp:Policy>
+ <wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
- </sp:Policy>
+ </wsp:Policy>
</sp:Wss10>
<sp:EncryptedElements>
<sp:XPath xmlns:example1="http://example1.org/example1">//example1:Text</sp:XPath>
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/3.xml b/modules/rampart-integration/src/test/resources/rampart/policy/31.xml
similarity index 88%
copy from modules/rampart-integration/src/test/resources/rampart/policy/3.xml
copy to modules/rampart-integration/src/test/resources/rampart/policy/31.xml
index 897b4bc..180a1c7 100644
--- a/modules/rampart-integration/src/test/resources/rampart/policy/3.xml
+++ b/modules/rampart-integration/src/test/resources/rampart/policy/31.xml
@@ -1,73 +1,75 @@
-<wsp:Policy wsu:Id="SigEncr" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:InitiatorToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:InitiatorToken>
- <sp:RecipientToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
- <wsp:Policy>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:RecipientToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:Basic128/>
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Strict/>
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp/>
- <sp:OnlySignEntireHeadersAndBody/>
- </wsp:Policy>
- </sp:AsymmetricBinding>
- <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier/>
- <sp:MustSupportRefIssuerSerial/>
- </wsp:Policy>
- </sp:Wss10>
- <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Body/>
- </sp:SignedParts>
- <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Body/>
- </sp:EncryptedParts>
- <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
- <ramp:user>alice</ramp:user>
- <ramp:encryptionUser>bob</ramp:encryptionUser>
- <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
-
- <ramp:signatureCrypto>
- <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
- </ramp:crypto>
- </ramp:signatureCrypto>
- <ramp:encryptionCypto>
- <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
- </ramp:crypto>
- </ramp:encryptionCypto>
- </ramp:RampartConfig>
- </wsp:All>
- </wsp:ExactlyOne>
-</wsp:Policy>
-
+<wsp:Policy wsu:Id="EncrSigHeader" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptBeforeSigning />
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ <sp:Header Name="VitalHeader" Namespace="http://sample.com"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ <sp:Header Name="VitalHeader" Namespace="http://sample.com"/>
+ </sp:EncryptedParts>
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/30.xml b/modules/rampart-integration/src/test/resources/rampart/policy/32.xml
similarity index 56%
copy from modules/rampart-integration/src/test/resources/rampart/policy/30.xml
copy to modules/rampart-integration/src/test/resources/rampart/policy/32.xml
index be544e6..66e613a 100644
--- a/modules/rampart-integration/src/test/resources/rampart/policy/30.xml
+++ b/modules/rampart-integration/src/test/resources/rampart/policy/32.xml
@@ -1,18 +1,17 @@
-<wsp:Policy wsu:Id="RAMPART-218"
+<wsp:Policy wsu:Id="EncrSigHeader"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
- xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
- xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
- xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:ExactlyOne>
<wsp:All>
- <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:AsymmetricBinding
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
- sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
- <sp:WssX509PkiPathV1Token10/>
+ <sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
@@ -20,16 +19,16 @@
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
- sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
- <sp:WssX509PkiPathV1Token10/>
+ <sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
- <sp:TripleDesRsa15/>
+ <sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
@@ -37,41 +36,55 @@
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptBeforeSigning/>
+ <sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
- <sp:Wss10>
- <sp:Policy>
+ <sp:Wss10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
- </sp:Policy>
+ </wsp:Policy>
</sp:Wss10>
- <sp:EncryptedElements>
- <sp:XPath xmlns:example1="http://example1.org/example1">//example1:Text</sp:XPath>
- </sp:EncryptedElements>
+ <sp:ContentEncryptedElements
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
+ xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
+ xmlns:example1="http://example1.org/example1">
+ <sp:XPath>soapenv:Body/example1:echo/example1:Text</sp:XPath>
+ </sp:ContentEncryptedElements>
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
<ramp:user>alice</ramp:user>
<ramp:encryptionUser>bob</ramp:encryptionUser>
- <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
-
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
+ </ramp:passwordCallbackClass>
<ramp:signatureCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
+ </ramp:property>
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
<ramp:encryptionCypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
+ </ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
</ramp:property>
</ramp:crypto>
</ramp:encryptionCypto>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
-</wsp:Policy>
\ No newline at end of file
+</wsp:Policy>
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/33.xml b/modules/rampart-integration/src/test/resources/rampart/policy/33.xml
new file mode 100644
index 0000000..f5c7da8
--- /dev/null
+++ b/modules/rampart-integration/src/test/resources/rampart/policy/33.xml
@@ -0,0 +1,103 @@
+<wsp:Policy wsu:Id="SignEncryptXPath"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+
+ <sp:AsymmetricBinding
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token
+ sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token
+ sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+
+ <sp:EncryptedElements xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
+ xmlns:ser="http://example1.org/example1"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:XPath>/soapenv:Envelope/soapenv:Body/ser:example1</sp:XPath>
+ </sp:EncryptedElements>
+ <sp:SignedElements xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
+ xmlns:test="http://example1.org/example1"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:XPath>/soapenv:Envelope/soapenv:Body/test:example1</sp:XPath>
+ </sp:SignedElements>
+
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
+ </ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
+ </ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
+ </ramp:property>
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
+ </ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
+ </ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
+ </ramp:property>
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
+ </ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/34.xml b/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
new file mode 100644
index 0000000..8b30615
--- /dev/null
+++ b/modules/rampart-integration/src/test/resources/rampart/policy/34.xml
@@ -0,0 +1,102 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+
+<wsp:Policy wsu:Id="SigEncr"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:EncryptedParts>
+
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
+ </ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
+ </ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
+ </ramp:property>
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
+ </ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
+ </ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
+ </ramp:property>
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
+ </ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ </ramp:RampartConfig>
+
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/sc-4.xml b/modules/rampart-integration/src/test/resources/rampart/policy/sc-4.xml
new file mode 100644
index 0000000..09d2b9c
--- /dev/null
+++ b/modules/rampart-integration/src/test/resources/rampart/policy/sc-4.xml
@@ -0,0 +1,123 @@
+<wsp:Policy wsu:Id="SecConvPolicy4" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:SecureConversationToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:BootstrapPolicy>
+ <wsp:Policy wsu:Id="SigEncrTripleDesRSA15" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ </sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust13 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/sc-5.xml b/modules/rampart-integration/src/test/resources/rampart/policy/sc-5.xml
new file mode 100644
index 0000000..9aa9952
--- /dev/null
+++ b/modules/rampart-integration/src/test/resources/rampart/policy/sc-5.xml
@@ -0,0 +1,131 @@
+<wsp:Policy wsu:Id="SecConvPolicy5" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:SecureConversationToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:BootstrapPolicy>
+ <wsp:Policy>
+ <sp:EncryptedParts>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128Rsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:EndorsingSupportingTokens>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ </wsp:Policy>
+ </sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128Rsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust13 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/sc-6.xml b/modules/rampart-integration/src/test/resources/rampart/policy/sc-6.xml
new file mode 100644
index 0000000..2455256
--- /dev/null
+++ b/modules/rampart-integration/src/test/resources/rampart/policy/sc-6.xml
@@ -0,0 +1,98 @@
+<wsp:Policy wsu:Id="SecConvPolicy6" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:SecureConversationToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:BootstrapPolicy>
+ <wsp:Policy>
+ <sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken/>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient" />
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ </wsp:Policy>
+ </sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust13 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
diff --git a/modules/rampart-integration/src/test/resources/rampart/services-16.xml b/modules/rampart-integration/src/test/resources/rampart/services-16.xml
index a245fa1..13a429b 100644
--- a/modules/rampart-integration/src/test/resources/rampart/services-16.xml
+++ b/modules/rampart-integration/src/test/resources/rampart/services-16.xml
@@ -54,10 +54,10 @@
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Policy>
+ <wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
- </sp:Policy>
+ </wsp:Policy>
</sp:Wss10>
<sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy/>
diff --git a/modules/rampart-integration/src/test/resources/rampart/services-3.xml b/modules/rampart-integration/src/test/resources/rampart/services-3.xml
index daeebce..753bc0c 100644
--- a/modules/rampart-integration/src/test/resources/rampart/services-3.xml
+++ b/modules/rampart-integration/src/test/resources/rampart/services-3.xml
@@ -40,7 +40,7 @@
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
- <sp:Basic128/>
+ <sp:Basic256Sha256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
diff --git a/modules/rampart-integration/src/test/resources/rampart/services-30.xml b/modules/rampart-integration/src/test/resources/rampart/services-30.xml
index ab9eb3a..c34dc76 100644
--- a/modules/rampart-integration/src/test/resources/rampart/services-30.xml
+++ b/modules/rampart-integration/src/test/resources/rampart/services-30.xml
@@ -52,10 +52,10 @@
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10>
- <sp:Policy>
+ <wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
- </sp:Policy>
+ </wsp:Policy>
</sp:Wss10>
<sp:EncryptedElements>
<sp:XPath xmlns:example1="http://example1.org/example1">//example1:Text</sp:XPath>
diff --git a/modules/rampart-integration/src/test/resources/rampart/policy/3.xml b/modules/rampart-integration/src/test/resources/rampart/services-31.xml
similarity index 62%
copy from modules/rampart-integration/src/test/resources/rampart/policy/3.xml
copy to modules/rampart-integration/src/test/resources/rampart/services-31.xml
index 897b4bc..d740300 100644
--- a/modules/rampart-integration/src/test/resources/rampart/policy/3.xml
+++ b/modules/rampart-integration/src/test/resources/rampart/services-31.xml
@@ -1,73 +1,111 @@
-<wsp:Policy wsu:Id="SigEncr" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:InitiatorToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:InitiatorToken>
- <sp:RecipientToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
- <wsp:Policy>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:RecipientToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:Basic128/>
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Strict/>
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp/>
- <sp:OnlySignEntireHeadersAndBody/>
- </wsp:Policy>
- </sp:AsymmetricBinding>
- <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier/>
- <sp:MustSupportRefIssuerSerial/>
- </wsp:Policy>
- </sp:Wss10>
- <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Body/>
- </sp:SignedParts>
- <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Body/>
- </sp:EncryptedParts>
- <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
- <ramp:user>alice</ramp:user>
- <ramp:encryptionUser>bob</ramp:encryptionUser>
- <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
-
- <ramp:signatureCrypto>
- <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
- </ramp:crypto>
- </ramp:signatureCrypto>
- <ramp:encryptionCypto>
- <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
- </ramp:crypto>
- </ramp:encryptionCypto>
- </ramp:RampartConfig>
- </wsp:All>
- </wsp:ExactlyOne>
-</wsp:Policy>
-
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+<service name="SecureService31">
+
+ <module ref="addressing"/>
+ <module ref="rampart"/>
+
+ <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
+
+ <operation name="echo">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:echo</actionMapping>
+ </operation>
+
+ <operation name="returnError">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:returnError</actionMapping>
+ </operation>
+
+ <wsp:Policy wsu:Id="EncrSigHeader" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptBeforeSigning />
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ <sp:Header Name="VitalHeader" Namespace="http://sample.com"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ <sp:Header Name="VitalHeader" Namespace="http://sample.com"/>
+ </sp:EncryptedParts>
+
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+</service>
diff --git a/modules/rampart-integration/src/test/resources/rampart/services-32.xml b/modules/rampart-integration/src/test/resources/rampart/services-32.xml
new file mode 100644
index 0000000..9d724ff
--- /dev/null
+++ b/modules/rampart-integration/src/test/resources/rampart/services-32.xml
@@ -0,0 +1,128 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+<service name="SecureService32">
+
+ <module ref="addressing"/>
+ <module ref="rampart"/>
+
+ <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
+
+ <operation name="echo">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:echo</actionMapping>
+ </operation>
+
+ <operation name="returnError">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:returnError</actionMapping>
+ </operation>
+
+ <wsp:Policy wsu:Id="EncrSigHeader"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptBeforeSigning/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:ContentEncryptedElements
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
+ xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
+ xmlns:example1="http://example1.org/example1">
+ <sp:XPath>soapenv:Body/example1:echo/example1:Text</sp:XPath>
+ </sp:ContentEncryptedElements>
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
+ </ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
+ </ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
+ </ramp:property>
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
+ </ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
+ </ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
+ </ramp:property>
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
+ </ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+</service>
diff --git a/modules/rampart-integration/src/test/resources/rampart/services-33.xml b/modules/rampart-integration/src/test/resources/rampart/services-33.xml
new file mode 100644
index 0000000..fecafe4
--- /dev/null
+++ b/modules/rampart-integration/src/test/resources/rampart/services-33.xml
@@ -0,0 +1,140 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+<service name="SecureService33">
+
+ <module ref="addressing"/>
+ <module ref="rampart"/>
+
+ <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
+
+ <operation name="echo">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:echo</actionMapping>
+ </operation>
+
+ <operation name="returnError">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:returnError</actionMapping>
+ </operation>
+
+ <wsp:Policy wsu:Id="EncryptOnly"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+
+ <sp:AsymmetricBinding
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token
+ sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token
+ sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+
+ <sp:EncryptedElements xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
+ xmlns:ser="http://example1.org/example1"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:XPath>/soapenv:Envelope/soapenv:Body/ser:example1</sp:XPath>
+ </sp:EncryptedElements>
+ <sp:SignedElements xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
+ xmlns:test="http://example1.org/example1"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:XPath>/soapenv:Envelope/soapenv:Body/test:example1</sp:XPath>
+ </sp:SignedElements>
+
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
+ </ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
+ </ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
+ </ramp:property>
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
+ </ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
+ </ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
+ </ramp:property>
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
+ </ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+
+</service>
diff --git a/modules/rampart-integration/src/test/resources/rampart/services-30.xml b/modules/rampart-integration/src/test/resources/rampart/services-34.xml
similarity index 56%
copy from modules/rampart-integration/src/test/resources/rampart/services-30.xml
copy to modules/rampart-integration/src/test/resources/rampart/services-34.xml
index ab9eb3a..556478e 100644
--- a/modules/rampart-integration/src/test/resources/rampart/services-30.xml
+++ b/modules/rampart-integration/src/test/resources/rampart/services-34.xml
@@ -1,20 +1,23 @@
-<service name="SecureService30">
+<service name="SecureService34">
- <module ref="addressing"/>
- <module ref="rampart"/>
+ <module ref="addressing"/>
+ <module ref="rampart"/>
- <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
+ <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
- <operation name="echo">
+ <operation name="echo">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:echo</actionMapping>
+ </operation>
+
+ <operation name="returnError">
<messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
- <actionMapping>urn:echo</actionMapping>
+ <actionMapping>urn:returnError</actionMapping>
</operation>
- <wsp:Policy wsu:Id="RAMPART-218"
+ <wsp:Policy wsu:Id="SigEncr"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
- xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
- xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
- xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
@@ -24,7 +27,8 @@
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
- <sp:WssX509PkiPathV1Token10/>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
@@ -34,7 +38,8 @@
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
- <sp:WssX509PkiPathV1Token10/>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
@@ -49,37 +54,54 @@
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
- <sp:Wss10>
- <sp:Policy>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
- </sp:Policy>
+ </wsp:Policy>
</sp:Wss10>
- <sp:EncryptedElements>
- <sp:XPath xmlns:example1="http://example1.org/example1">//example1:Text</sp:XPath>
- </sp:EncryptedElements>
+ <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:EncryptedParts>
+
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
- <ramp:user>bob</ramp:user>
- <ramp:encryptionUser>alice</ramp:encryptionUser>
- <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback
+ </ramp:passwordCallbackClass>
<ramp:signatureCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
+ </ramp:property>
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
<ramp:encryptionCypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
+ </ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">
+ rampart/store.jks
</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password
+ <ramp:property
+ name="org.apache.ws.security.crypto.merlin.keystore.password">
+ password
</ramp:property>
</ramp:crypto>
</ramp:encryptionCypto>
@@ -87,4 +109,5 @@
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
-</service>
\ No newline at end of file
+
+</service>
diff --git a/modules/rampart-integration/src/test/resources/rampart/services-sc-4.xml b/modules/rampart-integration/src/test/resources/rampart/services-sc-4.xml
new file mode 100644
index 0000000..e6cd462
--- /dev/null
+++ b/modules/rampart-integration/src/test/resources/rampart/services-sc-4.xml
@@ -0,0 +1,177 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<service name="SecureServiceSC4">
+
+ <module ref="addressing"/>
+ <module ref="rampart"/>
+ <module ref="rahas"/>
+
+ <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
+
+ <operation name="echo">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:echo</actionMapping>
+ </operation>
+
+ <wsp:Policy wsu:Id="SecConvPolicy4" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:SecureConversationToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:BootstrapPolicy>
+ <wsp:Policy wsu:Id="SigEncrTripleDesRSA15" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ </sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust13 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+ <parameter name="sct-issuer-config">
+ <sct-issuer-config>
+ <cryptoProperties>
+ <crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
+ <property name="org.apache.ws.security.crypto.merlin.file">rampart/sts.jks</property>
+ <property name="org.apache.ws.security.crypto.merlin.keystore.password">password</property>
+ </crypto>
+ </cryptoProperties>
+ <addRequestedAttachedRef />
+ <addRequestedUnattachedRef />
+
+ <!--
+ Key computation mechanism
+ 1 - Use Request Entropy
+ 2 - Provide Entropy
+ 3 - Use Own Key
+ -->
+ <keyComputation>3</keyComputation>
+
+ <!--
+ proofKeyType element is valid only if the keyComputation is set to 3
+ i.e. Use Own Key
+
+ Valid values are: EncryptedKey & BinarySecret
+ -->
+ <proofKeyType>BinarySecret</proofKeyType>
+ </sct-issuer-config>
+ </parameter>
+
+ <parameter name="token-canceler-config">
+ <token-canceler-config>
+ <!--<proofToken>EncryptedKey</proofToken>-->
+ <!--<cryptoProperties>sctIssuer.properties</cryptoProperties>-->
+ <!--<addRequestedAttachedRef />-->
+ </token-canceler-config>
+ </parameter>
+
+
+</service>
diff --git a/modules/rampart-integration/src/test/resources/rampart/services-sc-5.xml b/modules/rampart-integration/src/test/resources/rampart/services-sc-5.xml
new file mode 100644
index 0000000..8ea316a
--- /dev/null
+++ b/modules/rampart-integration/src/test/resources/rampart/services-sc-5.xml
@@ -0,0 +1,186 @@
+<service name="SecureServiceSC5">
+
+ <module ref="addressing"/>
+ <module ref="rampart"/>
+ <module ref="rahas"/>
+
+ <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
+
+ <operation name="echo">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:echo</actionMapping>
+ </operation>
+
+ <wsp:Policy wsu:Id="SecConvPolicy5" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:SecureConversationToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:BootstrapPolicy>
+ <wsp:Policy>
+ <sp:EncryptedParts>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128Rsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:EndorsingSupportingTokens>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ </wsp:Policy>
+ </sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128Rsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust13 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>bob</ramp:user>
+ <ramp:encryptionUser>alice</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+ <parameter name="sct-issuer-config">
+ <sct-issuer-config>
+ <cryptoProperties>
+ <crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
+ <property name="org.apache.ws.security.crypto.merlin.file">rampart/sts.jks</property>
+ <property name="org.apache.ws.security.crypto.merlin.keystore.password">password</property>
+ </crypto>
+ </cryptoProperties>
+ <addRequestedAttachedRef />
+ <addRequestedUnattachedRef />
+
+ <!--
+ Key computation mechanism
+ 1 - Use Request Entropy
+ 2 - Provide Entropy
+ 3 - Use Own Key
+ -->
+ <keyComputation>3</keyComputation>
+
+ <!--
+ proofKeyType element is valid only if the keyComputation is set to 3
+ i.e. Use Own Key
+
+ Valid values are: EncryptedKey & BinarySecret
+ -->
+ <proofKeyType>BinarySecret</proofKeyType>
+ </sct-issuer-config>
+ </parameter>
+
+ <parameter name="token-canceler-config">
+ <token-canceler-config>
+ <!--<proofToken>EncryptedKey</proofToken>-->
+ <!--<cryptoProperties>sctIssuer.properties</cryptoProperties>-->
+ <!--<addRequestedAttachedRef />-->
+ </token-canceler-config>
+ </parameter>
+
+
+</service>
diff --git a/modules/rampart-integration/src/test/resources/rampart/services-sc-6.xml b/modules/rampart-integration/src/test/resources/rampart/services-sc-6.xml
new file mode 100644
index 0000000..e0e1f0e
--- /dev/null
+++ b/modules/rampart-integration/src/test/resources/rampart/services-sc-6.xml
@@ -0,0 +1,154 @@
+<service name="SecureServiceSC6">
+
+ <module ref="addressing"/>
+ <module ref="rampart"/>
+ <module ref="rahas"/>
+
+ <parameter locked="false" name="ServiceClass">org.apache.rampart.Service</parameter>
+
+ <operation name="echo">
+ <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:echo</actionMapping>
+ </operation>
+
+ <wsp:Policy wsu:Id="SecConvPolicy6" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:SecureConversationToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:BootstrapPolicy>
+ <wsp:Policy>
+ <sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken/>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient" />
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ </wsp:Policy>
+ </sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128Rsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust13 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>bob</ramp:user>
+ <ramp:encryptionUser>alice</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+ <parameter name="sct-issuer-config">
+ <sct-issuer-config>
+ <cryptoProperties>
+ <crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
+ <property name="org.apache.ws.security.crypto.merlin.file">rampart/sts.jks</property>
+ <property name="org.apache.ws.security.crypto.merlin.keystore.password">password</property>
+ </crypto>
+ </cryptoProperties>
+ <addRequestedAttachedRef />
+ <addRequestedUnattachedRef />
+
+ <!--
+ Key computation mechanism
+ 1 - Use Request Entropy
+ 2 - Provide Entropy
+ 3 - Use Own Key
+ -->
+ <keyComputation>3</keyComputation>
+
+ <!--
+ proofKeyType element is valid only if the keyComputation is set to 3
+ i.e. Use Own Key
+
+ Valid values are: EncryptedKey & BinarySecret
+ -->
+ <proofKeyType>BinarySecret</proofKeyType>
+ </sct-issuer-config>
+ </parameter>
+
+ <parameter name="token-canceler-config">
+ <token-canceler-config>
+ <!--<proofToken>EncryptedKey</proofToken>-->
+ <!--<cryptoProperties>sctIssuer.properties</cryptoProperties>-->
+ <!--<addRequestedAttachedRef />-->
+ </token-canceler-config>
+ </parameter>
+
+
+</service>
diff --git a/modules/rampart-mar/module.xml b/modules/rampart-mar/module.xml
index 59ec0e7..31a7f44 100644
--- a/modules/rampart-mar/module.xml
+++ b/modules/rampart-mar/module.xml
@@ -28,6 +28,9 @@
</OutFlow>
<OutFaultFlow>
+ <handler name="SecurityOutHandler" class="org.apache.rampart.handler.WSDoAllSender">
+ <order phase="Security"/>
+ </handler>
<handler name="PolicyBasedSecurityOutHandler" class="org.apache.rampart.handler.RampartSender">
<order phase="Security" phaseLast="true"/>
</handler>
@@ -37,6 +40,9 @@
<handler name="PolicyBasedSecurityInHandler" class="org.apache.rampart.handler.RampartReceiver">
<order phase="Security" phaseFirst="true"/>
</handler>
+ <handler name="SecurityInHandler" class="org.apache.rampart.handler.WSDoAllReceiver">
+ <order phase="Security"/>
+ </handler>
</InFaultFlow>
<supported-policy-namespaces namespaces="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/>
diff --git a/modules/rampart-mar/pom.xml b/modules/rampart-mar/pom.xml
index d0f0763..66d7c3a 100644
--- a/modules/rampart-mar/pom.xml
+++ b/modules/rampart-mar/pom.xml
@@ -1,134 +1,108 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <parent>
- <groupId>org.apache.rampart</groupId>
- <artifactId>rampart-project</artifactId>
- <version>SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <modelVersion>4.0.0</modelVersion>
- <groupId>org.apache.rampart</groupId>
- <artifactId>rampart</artifactId>
- <packaging>mar</packaging>
- <version>${rampart.mar.version}</version>
- <!-- TODO need to remove this-->
- <name>Rampart - Mar</name>
-
- <scm>
- <connection>scm:svn:https://svn.apache.org/repos/asf/webservices/rampart/trunk/java</connection>
- <developerConnection>
- scm:svn:https://svn.apache.org/repos/asf/webservices/rampart/trunk/java
- </developerConnection>
- <url>https://svn.apache.org/repos/asf/webservices/rampart/trunk/java</url>
- </scm>
-
- <build>
- <sourceDirectory>src/main/java</sourceDirectory>
- <resources>
- <resource>
- <directory>src/main/java</directory>
- </resource>
- </resources>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <configuration>
- <source>1.5</source>
- <target>1.5</target>
- </configuration>
- </plugin>
- <plugin>
- <groupId>org.apache.axis2</groupId>
- <artifactId>axis2-mar-maven-plugin</artifactId>
- <version>1.2</version>
- <extensions>true</extensions>
- <configuration>
- <includeDependencies>false</includeDependencies>
- <moduleXmlFile>module.xml</moduleXmlFile>
- </configuration>
- </plugin>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>build-helper-maven-plugin</artifactId>
- <version>1.0</version>
- <executions>
- <execution>
- <id>aar</id>
- <phase>package</phase>
- <goals>
- <goal>attach-artifact</goal>
- </goals>
- <configuration>
- <artifacts>
- <artifact>
- <file>target/${pom.artifactId}-${pom.version}.mar</file>
- <type>jar</type>
- </artifact>
- </artifacts>
- </configuration>
- </execution>
- </executions>
- </plugin>
- </plugins>
- </build>
-
- <dependencies>
- <dependency>
- <groupId>org.apache.rampart</groupId>
- <artifactId>rampart-policy</artifactId>
- <version>${pom.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.rampart</groupId>
- <artifactId>rampart-trust</artifactId>
- <version>${pom.version}</version>
- </dependency>
- </dependencies>
-
- <pluginRepositories>
- <pluginRepository>
- <id>apache-m2</id>
- <name>Apache M2 Repository</name>
- <url>http://people.apache.org/repo/m2-ibiblio-rsync-repository</url>
- <layout>default</layout>
- <snapshots>
- <enabled>false</enabled>
- <updatePolicy>daily</updatePolicy>
- <checksumPolicy>ignore</checksumPolicy>
- </snapshots>
- <releases>
- <enabled>true</enabled>
- </releases>
- </pluginRepository>
- <pluginRepository>
- <id>apache-snapshots</id>
- <name>Apache Snapshots Repository</name>
- <url>http://people.apache.org/repo/m2-snapshot-repository</url>
- <layout>default</layout>
- <snapshots>
- <enabled>true</enabled>
- <updatePolicy>daily</updatePolicy>
- <checksumPolicy>ignore</checksumPolicy>
- </snapshots>
- <releases>
- <enabled>false</enabled>
- </releases>
- </pluginRepository>
- </pluginRepositories>
- <distributionManagement>
- <repository>
- <id>apache-repo</id>
- <name>Maven Central Repository</name>
- <url>scpexe://people.apache.org//www/people.apache.org/repo/m2-ibiblio-rsync-repository</url>
- </repository>
- <snapshotRepository>
- <id>apache-snapshots</id>
- <name>Apache Development Repository</name>
- <url>scpexe://people.apache.org//www/people.apache.org/repo/m2-snapshot-repository</url>
- <uniqueVersion>false</uniqueVersion>
- </snapshotRepository>
- </distributionManagement>
-</project>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-project</artifactId>
+ <version>1.7.0-SNAPSHOT</version>
+ <relativePath>../../pom.xml</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart</artifactId>
+ <packaging>mar</packaging>
+ <name>Rampart - Mar</name>
+
+ <scm>
+ <connection>scm:svn:http://svn.apache.org/repos/asf/axis/axis2/java/rampart/trunk</connection>
+ <developerConnection>
+ scm:svn:https://svn.apache.org/repos/asf/axis/axis2/java/rampart/trunk
+ </developerConnection>
+ <url>http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk</url>
+ </scm>
+
+ <build>
+ <sourceDirectory>src/main/java</sourceDirectory>
+ <resources>
+ <resource>
+ <directory>src/main/java</directory>
+ </resource>
+ </resources>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.5</source>
+ <target>1.5</target>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.axis2</groupId>
+ <artifactId>axis2-mar-maven-plugin</artifactId>
+ <extensions>true</extensions>
+ <configuration>
+ <includeDependencies>false</includeDependencies>
+ <moduleXmlFile>module.xml</moduleXmlFile>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>build-helper-maven-plugin</artifactId>
+ <version>1.0</version>
+ <executions>
+ <execution>
+ <id>aar</id>
+ <phase>package</phase>
+ <goals>
+ <goal>attach-artifact</goal>
+ </goals>
+ <configuration>
+ <artifacts>
+ <artifact>
+ <file>target/${project.artifactId}-${project.version}.mar</file>
+ <type>jar</type>
+ </artifact>
+ </artifacts>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-policy</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-trust</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+
+</project>
diff --git a/modules/rampart-policy/pom.xml b/modules/rampart-policy/pom.xml
index b969498..5ba4c78 100644
--- a/modules/rampart-policy/pom.xml
+++ b/modules/rampart-policy/pom.xml
@@ -1,11 +1,31 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<groupId>org.apache.rampart</groupId>
<artifactId>rampart-project</artifactId>
- <version>SNAPSHOT</version>
+ <version>1.7.0-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
@@ -41,9 +61,10 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-site-plugin</artifactId>
+ <version>2.0-beta-5</version>
<configuration>
<templateDirectory>${basedir}</templateDirectory>
- <menu ref="parent"/>
+ <menu ref="parent" />
</configuration>
</plugin>
</plugins>
diff --git a/modules/rampart-policy/src/main/java/META-INF/services/org.apache.neethi.builders.AssertionBuilder b/modules/rampart-policy/src/main/java/META-INF/services/org.apache.neethi.builders.AssertionBuilder
index aecbee6..a384ca6 100644
--- a/modules/rampart-policy/src/main/java/META-INF/services/org.apache.neethi.builders.AssertionBuilder
+++ b/modules/rampart-policy/src/main/java/META-INF/services/org.apache.neethi.builders.AssertionBuilder
@@ -44,4 +44,5 @@ org.apache.ws.secpolicy12.builders.SecureConversationTokenBuilder
org.apache.ws.secpolicy12.builders.SymmetricBindingBuilder
org.apache.ws.secpolicy12.builders.IssuedTokenBuilder
org.apache.ws.secpolicy12.builders.RequiredElementsBuilder
-org.apache.ws.secpolicy12.builders.ContentEncryptedElementsBuilder
\ No newline at end of file
+org.apache.ws.secpolicy12.builders.ContentEncryptedElementsBuilder
+org.apache.ws.secpolicy12.builders.HttpsTokenBuilder
\ No newline at end of file
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SPConstants.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SPConstants.java
index 27c780d..dd834e7 100755
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SPConstants.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SPConstants.java
@@ -240,6 +240,12 @@ public class SPConstants {
public final static String HMAC_SHA1 = "http://www.w3.org/2000/09/xmldsig#hmac-sha1";
public final static String RSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
+
+ public final static String RSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
+
+ public final static String RSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
+
+ public final static String RSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
public final static String SHA1 = "http://www.w3.org/2000/09/xmldsig#sha1";
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSecurityAssertion.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSecurityAssertion.java
index 9ee66b2..8b207fb 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSecurityAssertion.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSecurityAssertion.java
@@ -15,6 +15,10 @@
*/
package org.apache.ws.secpolicy.model;
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
import org.apache.neethi.Assertion;
import org.apache.neethi.PolicyComponent;
import org.apache.ws.secpolicy.SP12Constants;
@@ -24,6 +28,7 @@ import org.apache.ws.secpolicy.SP12Constants;
public abstract class AbstractSecurityAssertion implements Assertion {
private boolean isOptional;
+ private boolean isIgnorable;
private boolean normalized = true;
@@ -36,6 +41,13 @@ public abstract class AbstractSecurityAssertion implements Assertion {
public void setOptional(boolean isOptional) {
this.isOptional = isOptional;
}
+ public boolean isIgnorable() {
+ return isIgnorable;
+ }
+
+ public void setIgnorable(boolean isIgnorable) {
+ this.isIgnorable = isIgnorable;
+ }
public short getType() {
return org.apache.neethi.Constants.TYPE_ASSERTION;
@@ -69,5 +81,41 @@ public abstract class AbstractSecurityAssertion implements Assertion {
return version;
}
-
+ protected static void writeStartElement(XMLStreamWriter writer, String defaultPrefix, String localPart, String uri) throws XMLStreamException {
+ String prefix = writer.getPrefix(uri);
+ if (prefix != null) {
+ writer.writeStartElement(prefix, localPart, uri);
+ } else {
+ prefix = defaultPrefix;
+ writer.writeStartElement(prefix, localPart, uri);
+ writer.writeNamespace(prefix, uri);
+ writer.setPrefix(prefix, uri);
+ }
+ }
+
+ protected static void writeStartElement(XMLStreamWriter writer, QName name) throws XMLStreamException {
+ writeStartElement(writer, name.getPrefix(), name.getLocalPart(), name.getNamespaceURI());
+ }
+
+ protected static void writeEmptyElement(XMLStreamWriter writer, String defaultPrefix, String localPart, String uri) throws XMLStreamException {
+ String prefix = writer.getPrefix(uri);
+ if (prefix != null) {
+ writer.writeEmptyElement(prefix, localPart, uri);
+ } else {
+ prefix = defaultPrefix;
+ writer.writeStartElement(prefix, localPart, uri);
+ writer.writeNamespace(prefix, uri);
+ writer.writeEndElement();
+ }
+ }
+
+ protected static void writeAttribute(XMLStreamWriter writer, String defaultPrefix, String uri, String localPart, String value) throws XMLStreamException {
+ String prefix = writer.getPrefix(uri);
+ if (prefix == null) {
+ prefix = defaultPrefix;
+ writer.writeNamespace(prefix, uri);
+ writer.setPrefix(prefix, uri);
+ }
+ writer.writeAttribute(prefix, uri, localPart, value);
+ }
}
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java
index 6eacac8..0b1be94 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java
@@ -289,6 +289,11 @@ public class AlgorithmSuite extends AbstractConfigurableSecurityAssertion {
* @return Returns the asymmetricSignature.
*/
public String getAsymmetricSignature() {
+ if(this.digest == SPConstants.SHA256) {
+ return SPConstants.RSA_SHA256;
+ } else if(this.digest == SPConstants.SHA512) {
+ return SPConstants.RSA_SHA512;
+ }
return asymmetricSignature;
}
@@ -452,53 +457,36 @@ public class AlgorithmSuite extends AbstractConfigurableSecurityAssertion {
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localName = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
- writer.writeStartElement(prefix, localName, namespaceURI);
- writer.writeNamespace(prefix, namespaceURI);
+ writeStartElement(writer, prefix, localName, namespaceURI);
// <wsp:Policy>
- writer.writeStartElement(SPConstants.POLICY.getPrefix(), SPConstants.POLICY
- .getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
//
- writer.writeStartElement(prefix, getAlgoSuiteString(), namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, getAlgoSuiteString(), namespaceURI);
if (SPConstants.C14N.equals(getInclusiveC14n())) {
- writer.writeStartElement(prefix, SPConstants.INCLUSIVE_C14N, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.INCLUSIVE_C14N, namespaceURI);
}
if (SPConstants.SNT.equals(getSoapNormalization())) {
- writer.writeStartElement(prefix, SPConstants.SOAP_NORMALIZATION_10,
- namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.SOAP_NORMALIZATION_10, namespaceURI);
}
if (SPConstants.STRT10.equals(getStrTransform())) {
- writer.writeStartElement(prefix, SPConstants.STR_TRANSFORM_10,
- namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.STR_TRANSFORM_10, namespaceURI);
}
if (SPConstants.XPATH.equals(getXPath())) {
- writer.writeStartElement(prefix, SPConstants.XPATH10, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.XPATH10, namespaceURI);
}
if (SPConstants.XPATH20.equals(getXPath())) {
- writer.writeStartElement(prefix, SPConstants.XPATH_FILTER20,
- namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.XPATH_FILTER20, namespaceURI);
}
// </wsp:Policy>
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AsymmetricBinding.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AsymmetricBinding.java
index 78c8dbc..4feeaf7 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AsymmetricBinding.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AsymmetricBinding.java
@@ -123,29 +123,15 @@ public class AsymmetricBinding extends SymmetricAsymmetricBindingBase {
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:AsymmetricBinding>
- writer.writeStartElement(prefix, localname, namespaceURI);
- writer.writeNamespace(prefix, namespaceURI);
-
- String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (pPrefix == null) {
- pPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(pPrefix, SPConstants.POLICY.getNamespaceURI());
- }
+ writeStartElement(writer, prefix, localname, namespaceURI);
// <wsp:Policy>
- writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(),
- SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
if (initiatorToken == null) {
throw new RuntimeException("InitiatorToken is not set");
@@ -180,40 +166,30 @@ public class AsymmetricBinding extends SymmetricAsymmetricBindingBase {
}
if (isIncludeTimestamp()) {
- // <sp:IncludeTimestamp>
- writer.writeStartElement(prefix, SPConstants.INCLUDE_TIMESTAMP,
- namespaceURI);
- writer.writeEndElement();
- // </sp:IncludeTimestamp>
+ // <sp:IncludeTimestamp />
+ writeEmptyElement(writer, prefix, SPConstants.INCLUDE_TIMESTAMP, namespaceURI);
}
if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(getProtectionOrder())) {
// <sp:EncryptBeforeSign />
- writer.writeStartElement(prefix, SPConstants.ENCRYPT_BEFORE_SIGNING,
- namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.ENCRYPT_BEFORE_SIGNING, namespaceURI);
}
if (isSignatureProtection()) {
// <sp:EncryptSignature />
// FIXME move the String constants to a QName
- writer.writeStartElement(prefix, SPConstants.ENCRYPT_SIGNATURE,
- namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.ENCRYPT_SIGNATURE, namespaceURI);
}
if (isTokenProtection()) {
// <sp:ProtectTokens />
- writer.writeStartElement(prefix, SPConstants.PROTECT_TOKENS,
- namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.PROTECT_TOKENS, namespaceURI);
}
if (isEntireHeadersAndBodySignatures()) {
// <sp:OnlySignEntireHeaderAndBody />
- writer.writeStartElement(prefix,
- SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.ONLY_SIGN_ENTIRE_HEADERS_AND_BODY,
+ namespaceURI);
}
// </wsp:Policy>
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/ContentEncryptedElements.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/ContentEncryptedElements.java
index def1b53..0c441d8 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/ContentEncryptedElements.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/ContentEncryptedElements.java
@@ -77,32 +77,15 @@ public class ContentEncryptedElements extends AbstractSecurityAssertion {
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localName = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix;
- String writerPrefix = writer.getPrefix(namespaceURI);
-
- if (writerPrefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- } else {
- prefix = writerPrefix;
- }
-
// <sp:ContentEncryptedElements>
- writer.writeStartElement(prefix, localName, namespaceURI);
+ writeStartElement(writer, prefix, localName, namespaceURI);
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- if (writerPrefix == null) {
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
- }
-
if (xPathVersion != null) {
- writer.writeAttribute(prefix, namespaceURI, SPConstants.XPATH_VERSION, xPathVersion);
+ writeAttribute(writer, prefix, namespaceURI, SPConstants.XPATH_VERSION, xPathVersion);
}
String xpathExpression;
@@ -111,7 +94,7 @@ public class ContentEncryptedElements extends AbstractSecurityAssertion {
.hasNext();) {
xpathExpression = (String) iterator.next();
// <sp:XPath ..>
- writer.writeStartElement(prefix, SPConstants.XPATH_EXPR, namespaceURI);
+ writeStartElement(writer, prefix, SPConstants.XPATH_EXPR, namespaceURI);
writer.writeCharacters(xpathExpression);
writer.writeEndElement();
}
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/EncryptionToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/EncryptionToken.java
index bd55bd0..cdc2414 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/EncryptionToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/EncryptionToken.java
@@ -60,49 +60,11 @@ public class EncryptionToken extends AbstractSecurityAssertion implements TokenW
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
- String localname = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
- String prefix;
-
- String writerPrefix = writer.getPrefix(namespaceURI);
-
- if (writerPrefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- } else {
- prefix = writerPrefix;
- }
-
// <sp:EncryptionToken>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- if (writerPrefix == null) {
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
- }
-
-
- String wspNamespaceURI = SPConstants.POLICY.getNamespaceURI();
-
- String wspPrefix;
-
- String wspWriterPrefix = writer.getPrefix(wspNamespaceURI);
-
- if (wspWriterPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, wspNamespaceURI);
-
- } else {
- wspPrefix = wspWriterPrefix;
- }
+ writeStartElement(writer, getName());
// <wsp:Policy>
- writer.writeStartElement(wspPrefix, SPConstants.POLICY.getLocalPart(), wspNamespaceURI);
-
- if (wspWriterPrefix == null) {
- // xmlns:wsp=".."
- writer.writeNamespace(wspPrefix, wspNamespaceURI);
- }
+ writeStartElement(writer, SPConstants.POLICY);
if (encryptionToken == null) {
throw new RuntimeException("EncryptionToken is not set");
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/HttpsToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/HttpsToken.java
index feb987d..13e3040 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/HttpsToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/HttpsToken.java
@@ -93,17 +93,12 @@ public class HttpsToken extends Token {
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:HttpsToken
- writer.writeStartElement(prefix, localname, namespaceURI);
+ writeStartElement(writer, prefix, localname, namespaceURI);
if (version == SPConstants.SP_V12) {
@@ -112,7 +107,7 @@ public class HttpsToken extends Token {
isHttpBasicAuthentication() ||
isHttpDigestAuthentication()) {
// <wsp:Policy>
- writer.writeStartElement(SPConstants.POLICY.getPrefix(), SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
/*
* The ws policy 1.2 specification states that only one of those should be present, although
@@ -120,14 +115,11 @@ public class HttpsToken extends Token {
* a http user/pwd authentication. Nevertheless stick to the specification.
*/
if(isHttpBasicAuthentication()) {
- writer.writeStartElement(prefix, SPConstants.HTTP_BASIC_AUTHENTICATION.getLocalPart(), namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.HTTP_BASIC_AUTHENTICATION.getLocalPart(), namespaceURI);
} else if(isHttpDigestAuthentication()) {
- writer.writeStartElement(prefix, SPConstants.HTTP_DIGEST_AUTHENTICATION.getLocalPart(), namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.HTTP_DIGEST_AUTHENTICATION.getLocalPart(), namespaceURI);
} else if(isRequireClientCertificate()) {
- writer.writeStartElement(prefix, SPConstants.REQUIRE_CLIENT_CERTIFICATE.getLocalPart(), namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_CLIENT_CERTIFICATE.getLocalPart(), namespaceURI);
}
// </wsp:Policy>
writer.writeEndElement();
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/InitiatorToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/InitiatorToken.java
index 0b91962..85fd0a9 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/InitiatorToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/InitiatorToken.java
@@ -65,27 +65,11 @@ public class InitiatorToken extends AbstractSecurityAssertion implements TokenWr
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
- String localName = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:InitiatorToken>
- writer.writeStartElement(prefix, localName, namespaceURI);
-
- String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (pPrefix == null) {
- pPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(pPrefix, SPConstants.POLICY.getNamespaceURI());
- }
+ writeStartElement(writer, getName());
// <wsp:Policy>
- writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
Token token = getInitiatorToken();
if (token == null) {
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/IssuedToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/IssuedToken.java
index 46674d6..5fd056b 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/IssuedToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/IssuedToken.java
@@ -113,26 +113,12 @@ public class IssuedToken extends Token {
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix;
- String writerPrefix = writer.getPrefix(namespaceURI);
-
- if (writerPrefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
-
- } else {
- prefix = writerPrefix;
- }
-
// <sp:IssuedToken>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- if (writerPrefix == null) {
- writer.writeNamespace(prefix, namespaceURI);
- }
+ writeStartElement(writer, prefix, localname, namespaceURI);
String inclusion;
@@ -143,12 +129,12 @@ public class IssuedToken extends Token {
}
if (inclusion != null) {
- writer.writeAttribute(prefix, namespaceURI,
+ writeAttribute(writer, prefix, namespaceURI,
SPConstants.ATTR_INCLUDE_TOKEN, inclusion);
}
if (issuerEpr != null) {
- writer.writeStartElement(prefix, SPConstants.ISSUER,
+ writeStartElement(writer, prefix, SPConstants.ISSUER,
namespaceURI);
issuerEpr.serialize(writer);
writer.writeEndElement();
@@ -160,47 +146,27 @@ public class IssuedToken extends Token {
}
- String policyLocalName = SPConstants.POLICY.getLocalPart();
- String policyNamespaceURI = SPConstants.POLICY.getNamespaceURI();
-
- String wspPrefix;
-
- String wspWriterPrefix = writer.getPrefix(policyNamespaceURI);
-
- if (wspWriterPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, policyNamespaceURI);
- } else {
- wspPrefix = wspWriterPrefix;
- }
-
if (isRequireExternalReference() || isRequireInternalReference() ||
this.isDerivedKeys()) {
// <wsp:Policy>
- writer.writeStartElement(wspPrefix, policyLocalName,
- policyNamespaceURI);
-
- if (wspWriterPrefix == null) {
- // xmlns:wsp=".."
- writer.writeNamespace(wspPrefix, policyNamespaceURI);
- }
+ writeStartElement(writer, SPConstants.POLICY);
if (isRequireExternalReference()) {
// <sp:RequireExternalReference />
- writer.writeEmptyElement(prefix, SPConstants.REQUIRE_EXTERNAL_REFERNCE,
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_EXTERNAL_REFERNCE,
namespaceURI);
}
if (isRequireInternalReference()) {
// <sp:RequireInternalReference />
- writer.writeEmptyElement(prefix, SPConstants.REQUIRE_INTERNAL_REFERNCE,
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_INTERNAL_REFERNCE,
namespaceURI);
}
if (this.isDerivedKeys()) {
// <sp:RequireDerivedKeys />
- writer.writeEmptyElement(prefix, SPConstants.REQUIRE_DERIVED_KEYS,
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_DERIVED_KEYS,
namespaceURI);
}
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Layout.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Layout.java
index a1ff7f8..dc0a7b2 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Layout.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Layout.java
@@ -70,39 +70,30 @@ public class Layout extends AbstractSecurityAssertion {
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localName = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:Layout>
- writer.writeStartElement(prefix, localName, namespaceURI);
+ writeStartElement(writer, prefix, localName, namespaceURI);
// <wsp:Policy>
- writer.writeStartElement(SPConstants.POLICY.getPrefix(), SPConstants.POLICY
- .getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
// .. <sp:Strict /> | <sp:Lax /> | <sp:LaxTsFirst /> | <sp:LaxTsLast /> ..
if (SPConstants.LAYOUT_STRICT.equals(value)) {
- writer.writeStartElement(prefix, SPConstants.LAYOUT_STRICT, namespaceURI);
+ writeEmptyElement(writer, prefix, SPConstants.LAYOUT_STRICT, namespaceURI);
} else if (SPConstants.LAYOUT_LAX.equals(value)) {
- writer.writeStartElement(prefix, SPConstants.LAYOUT_LAX, namespaceURI);
+ writeEmptyElement(writer, prefix, SPConstants.LAYOUT_LAX, namespaceURI);
} else if (SPConstants.LAYOUT_LAX_TIMESTAMP_FIRST.equals(value)) {
- writer.writeStartElement(prefix, SPConstants.LAYOUT_LAX_TIMESTAMP_FIRST, namespaceURI);
+ writeEmptyElement(writer, prefix, SPConstants.LAYOUT_LAX_TIMESTAMP_FIRST, namespaceURI);
} else if (SPConstants.LAYOUT_LAX_TIMESTAMP_LAST.equals(value)) {
- writer.writeStartElement(prefix, SPConstants.LAYOUT_LAX_TIMESTAMP_LAST, namespaceURI);
+ writeEmptyElement(writer, prefix, SPConstants.LAYOUT_LAX_TIMESTAMP_LAST, namespaceURI);
}
- writer.writeEndElement();
-
// </wsp:Policy>
writer.writeEndElement();
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/ProtectionToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/ProtectionToken.java
index 4e64d08..0809953 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/ProtectionToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/ProtectionToken.java
@@ -68,49 +68,11 @@ public class ProtectionToken extends AbstractSecurityAssertion implements TokenW
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
- String localname = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix;
-
- String writerPrefix = writer.getPrefix(namespaceURI);
- if (writerPrefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
-
- } else {
- prefix = writerPrefix;
- }
-
// <sp:ProtectionToken>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- if (writerPrefix == null) {
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
- }
-
- String policyLocalName = SPConstants.POLICY.getLocalPart();
- String policyNamespaceURI = SPConstants.POLICY.getNamespaceURI();
-
- String wspPrefix;
-
- String wspWriterPrefix = writer.getPrefix(policyNamespaceURI);
-
- if (wspWriterPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, policyNamespaceURI);
- } else {
- wspPrefix = wspWriterPrefix;
- }
+ writeStartElement(writer, getName());
// <wsp:Policy>
- writer.writeStartElement(wspPrefix, policyLocalName, policyNamespaceURI);
-
- if (wspWriterPrefix == null) {
- // xmlns:wsp=".."
- writer.writeNamespace(wspPrefix, policyNamespaceURI);
- }
+ writeStartElement(writer, SPConstants.POLICY);
if (protectionToken == null) {
throw new RuntimeException("ProtectionToken is not set");
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RecipientToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RecipientToken.java
index 2e0cc2d..6f09bf9 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RecipientToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RecipientToken.java
@@ -67,27 +67,11 @@ public class RecipientToken extends AbstractSecurityAssertion implements TokenWr
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
- String localName = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:RecipientToken>
- writer.writeStartElement(prefix, localName, namespaceURI);
-
- String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (pPrefix == null) {
- pPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(pPrefix, SPConstants.POLICY.getNamespaceURI());
- }
+ writeStartElement(writer, getName());
// <wsp:Policy>
- writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
Token token = getReceipientToken();
if (token == null) {
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RequiredElements.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RequiredElements.java
index e2d5666..e940d43 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RequiredElements.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RequiredElements.java
@@ -77,32 +77,15 @@ public class RequiredElements extends AbstractSecurityAssertion {
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localName = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix;
- String writerPrefix = writer.getPrefix(namespaceURI);
-
- if (writerPrefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- } else {
- prefix = writerPrefix;
- }
-
// <sp:RequiredElements>
- writer.writeStartElement(prefix, localName, namespaceURI);
+ writeStartElement(writer, prefix, localName, namespaceURI);
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- if (writerPrefix == null) {
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
- }
-
if (xPathVersion != null) {
- writer.writeAttribute(prefix, namespaceURI, SPConstants.XPATH_VERSION, xPathVersion);
+ writeAttribute(writer, prefix, namespaceURI, SPConstants.XPATH_VERSION, xPathVersion);
}
String xpathExpression;
@@ -111,7 +94,7 @@ public class RequiredElements extends AbstractSecurityAssertion {
.hasNext();) {
xpathExpression = (String) iterator.next();
// <sp:XPath ..>
- writer.writeStartElement(prefix, SPConstants.XPATH_EXPR, namespaceURI);
+ writeStartElement(writer, prefix, SPConstants.XPATH_EXPR, namespaceURI);
writer.writeCharacters(xpathExpression);
writer.writeEndElement();
}
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RequiredParts.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RequiredParts.java
index 3542bb4..3ccd530 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RequiredParts.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RequiredParts.java
@@ -60,27 +60,18 @@ public class RequiredParts extends AbstractSecurityAssertion {
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localName = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:RequiredParts>
- writer.writeStartElement(prefix, localName, namespaceURI);
-
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
+ writeStartElement(writer, prefix, localName, namespaceURI);
Header header;
for (Iterator iterator = headers.iterator(); iterator.hasNext();) {
header = (Header) iterator.next();
// <sp:Header Name=".." Namespace=".." />
- writer.writeStartElement(prefix, SPConstants.HEADER, namespaceURI);
+ writeStartElement(writer, prefix, SPConstants.HEADER, namespaceURI);
// Name attribute is optional
if (header.getName() != null) {
writer.writeAttribute("Name", header.getName());
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecureConversationToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecureConversationToken.java
index 54f1b24..4796cf0 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecureConversationToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecureConversationToken.java
@@ -69,26 +69,12 @@ public class SecureConversationToken extends SecurityContextToken {
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix;
-
- String writerPrefix = writer.getPrefix(namespaceURI);
-
- if (writerPrefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- } else {
- prefix = writerPrefix;
- }
// <sp:SecureConversationToken>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- if (writerPrefix == null) {
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
- }
+ writeStartElement(writer, prefix, localname, namespaceURI);
String inclusion;
@@ -99,12 +85,12 @@ public class SecureConversationToken extends SecurityContextToken {
}
if (inclusion != null) {
- writer.writeAttribute(prefix, namespaceURI, SPConstants.ATTR_INCLUDE_TOKEN, inclusion);
+ writeAttribute(writer, prefix, namespaceURI, SPConstants.ATTR_INCLUDE_TOKEN, inclusion);
}
if (issuerEpr != null) {
// <sp:Issuer>
- writer.writeStartElement(prefix, SPConstants.ISSUER , namespaceURI);
+ writeStartElement(writer, prefix, SPConstants.ISSUER , namespaceURI);
issuerEpr.serialize(writer);
@@ -114,47 +100,27 @@ public class SecureConversationToken extends SecurityContextToken {
if (isDerivedKeys() || isRequireExternalUriRef()
|| isSc10SecurityContextToken() || (bootstrapPolicy != null)) {
- String wspNamespaceURI = SPConstants.POLICY.getNamespaceURI();
-
- String wspPrefix;
-
- String wspWriterPrefix = writer.getPrefix(wspNamespaceURI);
-
- if (wspWriterPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, wspNamespaceURI);
-
- } else {
- wspPrefix = wspWriterPrefix;
- }
-
// <wsp:Policy>
- writer.writeStartElement(wspPrefix,
- SPConstants.POLICY.getLocalPart(), wspNamespaceURI);
+ writeStartElement(writer, SPConstants.POLICY);
- if (wspWriterPrefix == null) {
- // xmlns:wsp=".."
- writer.writeNamespace(wspPrefix, wspNamespaceURI);
- }
-
if (isDerivedKeys()) {
// <sp:RequireDerivedKeys />
- writer.writeEmptyElement(prefix, SPConstants.REQUIRE_DERIVED_KEYS, namespaceURI);
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_DERIVED_KEYS, namespaceURI);
}
if (isRequireExternalUriRef()) {
// <sp:RequireExternalUriReference />
- writer.writeEmptyElement(prefix, SPConstants.REQUIRE_EXTERNAL_URI_REFERNCE, namespaceURI);
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_EXTERNAL_URI_REFERNCE, namespaceURI);
}
if (isSc10SecurityContextToken()) {
// <sp:SC10SecurityContextToken />
- writer.writeEmptyElement(prefix, SPConstants.SC10_SECURITY_CONTEXT_TOKEN, namespaceURI);
+ writeEmptyElement(writer, prefix, SPConstants.SC10_SECURITY_CONTEXT_TOKEN, namespaceURI);
}
if (bootstrapPolicy != null) {
// <sp:BootstrapPolicy ..>
- writer.writeStartElement(prefix, SPConstants.BOOTSTRAP_POLICY, namespaceURI);
+ writeStartElement(writer, prefix, SPConstants.BOOTSTRAP_POLICY, namespaceURI);
bootstrapPolicy.serialize(writer);
writer.writeEndElement();
}
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignatureToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignatureToken.java
index eff9548..c8ba854 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignatureToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignatureToken.java
@@ -59,51 +59,11 @@ public class SignatureToken extends AbstractSecurityAssertion implements TokenWr
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
-
- String localname = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix;
- String writerPrefix = writer.getPrefix(namespaceURI);
-
- if (writerPrefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
-
- } else {
- prefix = writerPrefix;
- }
-
// <sp:SignatureToken>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- if (writerPrefix == null) {
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
- }
-
-
- String wspNamespaceURI = SPConstants.POLICY.getNamespaceURI();
-
- String wspPrefix;
-
- String wspWriterPrefix = writer.getPrefix(wspNamespaceURI);
-
- if (wspWriterPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, wspNamespaceURI);
-
- } else {
- wspPrefix = wspWriterPrefix;
- }
+ writeStartElement(writer, getName());
// <wsp:Policy>
- writer.writeStartElement(wspPrefix, SPConstants.POLICY.getLocalPart(), wspNamespaceURI);
-
- if (wspWriterPrefix == null) {
- // xmlns:wsp=".."
- writer.writeNamespace(wspPrefix, wspNamespaceURI);
- }
+ writeStartElement(writer, SPConstants.POLICY);
if (signatureToken == null) {
throw new RuntimeException("EncryptionToken is not set");
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java
index 062ddcc..915f2f1 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java
@@ -91,24 +91,15 @@ public class SignedEncryptedElements extends AbstractSecurityAssertion {
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localName = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:SignedElements> | <sp:EncryptedElements>
- writer.writeStartElement(prefix, localName, namespaceURI);
+ writeStartElement(writer, prefix, localName, namespaceURI);
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
if (xPathVersion != null) {
- writer.writeAttribute(prefix, namespaceURI, SPConstants.XPATH_VERSION, xPathVersion);
+ writeAttribute(writer, prefix, namespaceURI, SPConstants.XPATH_VERSION, xPathVersion);
}
String xpathExpression;
@@ -117,7 +108,7 @@ public class SignedEncryptedElements extends AbstractSecurityAssertion {
.hasNext();) {
xpathExpression = (String) iterator.next();
// <sp:XPath ..>
- writer.writeStartElement(prefix, SPConstants.XPATH_EXPR, namespaceURI);
+ writeStartElement(writer, prefix, SPConstants.XPATH_EXPR, namespaceURI);
Iterator<String> namespaces = declaredNamespaces.keySet().iterator();
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java
index fc47d27..cdf3576 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java
@@ -124,33 +124,23 @@ public class SignedEncryptedParts extends AbstractSecurityAssertion {
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localName = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
-
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
// <sp:SignedParts> | <sp:EncryptedParts>
- writer.writeStartElement(prefix, localName, namespaceURI);
-
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
+ writeStartElement(writer, prefix, localName, namespaceURI);
if (isBody()) {
// <sp:Body />
- writer.writeStartElement(prefix, SPConstants.BODY, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.BODY, namespaceURI);
}
Header header;
for (Iterator iterator = headers.iterator(); iterator.hasNext();) {
header = (Header) iterator.next();
// <sp:Header Name=".." Namespace=".." />
- writer.writeStartElement(prefix, SPConstants.HEADER, namespaceURI);
+ writeStartElement(writer, prefix, SPConstants.HEADER, namespaceURI);
// Name attribute is optional
if (header.getName() != null) {
writer.writeAttribute("Name", header.getName());
@@ -162,8 +152,7 @@ public class SignedEncryptedParts extends AbstractSecurityAssertion {
if (isAttachments() && version == SPConstants.SP_V12) {
// <sp:Attachments />
- writer.writeStartElement(prefix, SPConstants.ATTACHMENTS, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.ATTACHMENTS, namespaceURI);
}
// </sp:SignedParts> | </sp:EncryptedParts>
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingToken.java
index a1ae7d2..9a0a7b5 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingToken.java
@@ -282,30 +282,11 @@ public class SupportingToken extends AbstractSecurityAssertion implements
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix = writer.getPrefix(namespaceURI);
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
- String localname = getName().getLocalPart();
-
// <sp:SupportingToken>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
+ writeStartElement(writer, getName());
- String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (pPrefix == null) {
- pPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(pPrefix, SPConstants.POLICY.getNamespaceURI());
- }
// <wsp:Policy>
- writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(),
- SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
Token token;
for (Iterator iterator = getTokens().iterator(); iterator.hasNext();) {
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricBinding.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricBinding.java
index bc068e7..b4c04f9 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricBinding.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricBinding.java
@@ -151,40 +151,15 @@ public class SymmetricBinding extends SymmetricAsymmetricBindingBase {
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix;
- String writerPrefix = writer.getPrefix(namespaceURI);
-
- if (writerPrefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- } else {
- prefix = writerPrefix;
- }
-
// <sp:SymmetricBinding>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- String policyLocalName = SPConstants.POLICY.getLocalPart();
- String policyNamespaceURI = SPConstants.POLICY.getNamespaceURI();
+ writeStartElement(writer, prefix, localname, namespaceURI);
- String wspPrefix;
-
- String wspWriterPrefix = writer.getPrefix(policyNamespaceURI);
- if (wspWriterPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, policyNamespaceURI);
-
- } else {
- wspPrefix = wspWriterPrefix;
- }
// <wsp:Policy>
- writer.writeStartElement(wspPrefix, policyLocalName, policyNamespaceURI);
+ writeStartElement(writer, SPConstants.POLICY);
if (encryptionToken != null) {
encryptionToken.serialize(writer);
@@ -212,20 +187,17 @@ public class SymmetricBinding extends SymmetricAsymmetricBindingBase {
if (isIncludeTimestamp()) {
// <sp:IncludeTimestamp />
- writer.writeStartElement(prefix, SPConstants.INCLUDE_TIMESTAMP, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.INCLUDE_TIMESTAMP, namespaceURI);
}
if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(getProtectionOrder())) {
// <sp:EncryptBeforeSigning />
- writer.writeStartElement(prefix, SPConstants.ENCRYPT_BEFORE_SIGNING, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.ENCRYPT_BEFORE_SIGNING, namespaceURI);
}
if (isSignatureProtection()) {
// <sp:EncryptSignature />
- writer.writeStartElement(prefix, SPConstants.ENCRYPT_SIGNATURE , namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.ENCRYPT_SIGNATURE , namespaceURI);
}
if(isEntireHeadersAndBodySignatures()) {
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TransportBinding.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TransportBinding.java
index 123be97..e9472cd 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TransportBinding.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TransportBinding.java
@@ -142,28 +142,15 @@ public class TransportBinding extends Binding {
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localName = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:TransportBinding>
- writer.writeStartElement(prefix, localName, namespaceURI);
- writer.writeNamespace(prefix, namespaceURI);
-
- String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (pPrefix == null) {
- pPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(pPrefix, SPConstants.POLICY.getNamespaceURI());
- }
+ writeStartElement(writer, prefix, localName, namespaceURI);
// <wsp:Policy>
- writer.writeStartElement(pPrefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
if (transportToken == null) {
@@ -192,10 +179,8 @@ public class TransportBinding extends Binding {
}
if (isIncludeTimestamp()) {
- // <sp:IncludeTimestamp>
- writer.writeStartElement(prefix, SPConstants.INCLUDE_TIMESTAMP, namespaceURI);
- writer.writeEndElement();
- // </sp:IncludeTimestamp>
+ // <sp:IncludeTimestamp />
+ writeEmptyElement(writer, prefix, SPConstants.INCLUDE_TIMESTAMP, namespaceURI);
}
// </wsp:Policy>
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TransportToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TransportToken.java
index 8d9963b..d477d52 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TransportToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TransportToken.java
@@ -62,29 +62,11 @@ public class TransportToken extends AbstractSecurityAssertion implements TokenWr
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
-
- String localName = getName().getLocalPart();
- String namespaceURI = getName().getNamespaceURI();
-
- String prefix = writer.getPrefix(namespaceURI);
-
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:TransportToken>
-
- writer.writeStartElement(prefix, localName, namespaceURI);
-
- String wspPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (wspPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, SPConstants.POLICY.getNamespaceURI());
- }
+ writeStartElement(writer, getName());
// <wsp:Policy>
- writer.writeStartElement(SPConstants.POLICY.getPrefix(), SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
// serialization of the token ..
if (transportToken != null) {
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Trust10.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Trust10.java
index 264a7b5..9ad5b3d 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Trust10.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Trust10.java
@@ -131,58 +131,40 @@ public class Trust10 extends AbstractSecurityAssertion {
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:Trust10>
- writer.writeStartElement(prefix, localname, namespaceURI);
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- String wspPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (wspPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, SPConstants.POLICY.getNamespaceURI());
- }
+ writeStartElement(writer, prefix, localname, namespaceURI);
// <wsp:Policy>
- writer.writeStartElement(SPConstants.POLICY.getPrefix(), SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
if (isMustSupportClientChallenge()) {
// <sp:MustSupportClientChallenge />
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_CLIENT_CHALLENGE, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.MUST_SUPPORT_CLIENT_CHALLENGE, namespaceURI);
}
if (isMustSupportServerChallenge()) {
// <sp:MustSupportServerChallenge />
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_SERVER_CHALLENGE, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.MUST_SUPPORT_SERVER_CHALLENGE, namespaceURI);
}
if (isRequireClientEntropy()) {
// <sp:RequireClientEntropy />
- writer.writeStartElement(prefix, SPConstants.REQUIRE_CLIENT_ENTROPY, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_CLIENT_ENTROPY, namespaceURI);
}
if (isRequireServerEntropy()) {
// <sp:RequireServerEntropy />
- writer.writeStartElement(prefix, SPConstants.REQUIRE_SERVER_ENTROPY, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_SERVER_ENTROPY, namespaceURI);
}
if (isMustSupportIssuedTokens()) {
// <sp:MustSupportIssuedTokens />
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_ISSUED_TOKENS, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.MUST_SUPPORT_ISSUED_TOKENS, namespaceURI);
}
// </wsp:Policy>
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Trust13.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Trust13.java
index 13e4088..56e14b2 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Trust13.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Trust13.java
@@ -161,71 +161,50 @@ public class Trust13 extends AbstractSecurityAssertion {
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:Trust13>
- writer.writeStartElement(prefix, localname, namespaceURI);
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- String wspPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
-
- if (wspPrefix == null) {
- wspPrefix = SPConstants.POLICY.getPrefix();
- writer.setPrefix(wspPrefix, SPConstants.POLICY.getNamespaceURI());
- }
+ writeStartElement(writer, prefix, localname, namespaceURI);
// <wsp:Policy>
- writer.writeStartElement(SPConstants.POLICY.getPrefix(), SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
if (isMustSupportClientChallenge()) {
// <sp:MustSupportClientChallenge />
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_CLIENT_CHALLENGE, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.MUST_SUPPORT_CLIENT_CHALLENGE, namespaceURI);
}
if (isMustSupportServerChallenge()) {
// <sp:MustSupportServerChallenge />
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_SERVER_CHALLENGE, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.MUST_SUPPORT_SERVER_CHALLENGE, namespaceURI);
}
if (isRequireClientEntropy()) {
// <sp:RequireClientEntropy />
- writer.writeStartElement(prefix, SPConstants.REQUIRE_CLIENT_ENTROPY, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_CLIENT_ENTROPY, namespaceURI);
}
if (isRequireServerEntropy()) {
// <sp:RequireServerEntropy />
- writer.writeStartElement(prefix, SPConstants.REQUIRE_SERVER_ENTROPY, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_SERVER_ENTROPY, namespaceURI);
}
if (isMustSupportIssuedTokens()) {
// <sp:MustSupportIssuedTokens />
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_ISSUED_TOKENS, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.MUST_SUPPORT_ISSUED_TOKENS, namespaceURI);
}
if (isRequireRequestSecurityTokenCollection()) {
// <sp:RequireRequestSecurityTokenCollection />
- writer.writeStartElement(prefix, SPConstants.REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION, namespaceURI);
}
if (isRequireAppliesTo()) {
// <sp:RequireAppliesTo />
- writer.writeStartElement(prefix, SPConstants.REQUIRE_APPLIES_TO, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_APPLIES_TO, namespaceURI);
}
// </wsp:Policy>
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/UsernameToken.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/UsernameToken.java
index 1432dcb..2d99399 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/UsernameToken.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/UsernameToken.java
@@ -91,19 +91,12 @@ public class UsernameToken extends Token {
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:UsernameToken
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- writer.writeNamespace(prefix, namespaceURI);
+ writeStartElement(writer, prefix, localname, namespaceURI);
String inclusion;
@@ -114,49 +107,36 @@ public class UsernameToken extends Token {
}
if (inclusion != null) {
- writer.writeAttribute(prefix, namespaceURI, SPConstants.ATTR_INCLUDE_TOKEN, inclusion);
+ writeAttribute(writer, prefix, namespaceURI, SPConstants.ATTR_INCLUDE_TOKEN, inclusion);
}
if (isUseUTProfile10() || isUseUTProfile11()) {
- String pPrefix = writer.getPrefix(SPConstants.POLICY
- .getNamespaceURI());
- if (pPrefix == null) {
- writer.setPrefix(SPConstants.POLICY.getPrefix(), SPConstants.POLICY
- .getNamespaceURI());
- }
-
// <wsp:Policy>
- writer.writeStartElement(prefix, SPConstants.POLICY.getLocalPart(),
- SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
// CHECKME
if (isUseUTProfile10()) {
// <sp:WssUsernameToken10 />
- writer.writeStartElement(prefix, SPConstants.USERNAME_TOKEN10 , namespaceURI);
+ writeStartElement(writer, prefix, SPConstants.USERNAME_TOKEN10 , namespaceURI);
} else {
// <sp:WssUsernameToken11 />
- writer.writeStartElement(prefix, SPConstants.USERNAME_TOKEN11 , namespaceURI);
+ writeStartElement(writer, prefix, SPConstants.USERNAME_TOKEN11 , namespaceURI);
}
if (version == SPConstants.SP_V12) {
if (isNoPassword()) {
- writer.writeStartElement(prefix, SPConstants.NO_PASSWORD, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.NO_PASSWORD, namespaceURI);
} else if (isHashPassword()){
- writer.writeStartElement(prefix, SPConstants.HASH_PASSWORD, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.HASH_PASSWORD, namespaceURI);
}
if (isDerivedKeys()) {
- writer.writeStartElement(prefix, SPConstants.REQUIRE_DERIVED_KEYS, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_DERIVED_KEYS, namespaceURI);
} else if (isExplicitDerivedKeys()) {
- writer.writeStartElement(prefix, SPConstants.REQUIRE_EXPLICIT_DERIVED_KEYS, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_EXPLICIT_DERIVED_KEYS, namespaceURI);
} else if (isImpliedDerivedKeys()) {
- writer.writeStartElement(prefix, SPConstants.REQUIRE_IMPLIED_DERIVED_KEYS, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.REQUIRE_IMPLIED_DERIVED_KEYS, namespaceURI);
}
}
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Wss10.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Wss10.java
index 7e46655..7eaf475 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Wss10.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Wss10.java
@@ -98,53 +98,34 @@ public class Wss10 extends AbstractSecurityAssertion {
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:Wss10>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (pPrefix == null) {
- writer.setPrefix(SPConstants.POLICY.getPrefix(), SPConstants.POLICY.getNamespaceURI());
- }
+ writeStartElement(writer, prefix, localname, namespaceURI);
// <wsp:Policy>
- writer.writeStartElement(prefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
if (isMustSupportRefKeyIdentifier()) {
// <sp:MustSupportRefKeyIdentifier />
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_REF_KEY_IDENTIFIER, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.MUST_SUPPORT_REF_KEY_IDENTIFIER, namespaceURI);
}
if (isMustSupportRefIssuerSerial()) {
// <sp:MustSupportRefIssuerSerial />
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_REF_ISSUER_SERIAL, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.MUST_SUPPORT_REF_ISSUER_SERIAL, namespaceURI);
}
if (isMustSupportRefExternalURI()) {
// <sp:MustSupportRefExternalURI />
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_REF_EXTERNAL_URI, namespaceURI);
- writer.writeEndElement();
+ writeEmptyElement(writer, prefix, SPConstants.MUST_SUPPORT_REF_EXTERNAL_URI, namespaceURI);
}
if (isMustSupportRefEmbeddedToken()) {
// <sp:MustSupportRefEmbeddedToken />
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_REF_EMBEDDED_TOKEN, namespaceURI);
- writer.writeEndElement();
-
-
+ writeEmptyElement(writer, prefix, SPConstants.MUST_SUPPORT_REF_EMBEDDED_TOKEN, namespaceURI);
}
// </wsp:Policy>
diff --git a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Wss11.java b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Wss11.java
index 04037d9..57f435b 100644
--- a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Wss11.java
+++ b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Wss11.java
@@ -80,69 +80,49 @@ public class Wss11 extends Wss10 {
}
public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ String prefix = getName().getPrefix();
String localname = getName().getLocalPart();
String namespaceURI = getName().getNamespaceURI();
- String prefix = writer.getPrefix(namespaceURI);
- if (prefix == null) {
- prefix = getName().getPrefix();
- writer.setPrefix(prefix, namespaceURI);
- }
-
// <sp:Wss11>
- writer.writeStartElement(prefix, localname, namespaceURI);
-
- // xmlns:sp=".."
- writer.writeNamespace(prefix, namespaceURI);
-
- String pPrefix = writer.getPrefix(SPConstants.POLICY.getNamespaceURI());
- if (pPrefix == null) {
- writer.setPrefix(SPConstants.POLICY.getPrefix(), SPConstants.POLICY.getNamespaceURI());
- }
+ writeStartElement(writer, prefix, localname, namespaceURI);
// <wsp:Policy>
- writer.writeStartElement(prefix, SPConstants.POLICY.getLocalPart(), SPConstants.POLICY.getNamespaceURI());
+ writeStartElement(writer, SPConstants.POLICY);
// <sp:MustSupportRefKeyIndentifier />
if (isMustSupportRefKeyIdentifier()) {
- writer.writeStartElement(prefix, SPConstants.MUST_SUPPORT_REF_KEY_IDENTIFIER , namespaceURI);
... 8186 lines suppressed ...