You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/03/28 14:38:14 UTC
[2/6] cxf git commit: Adding signature negative tests for WS-Security,
client + server side
Adding signature negative tests for WS-Security, client + server side
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8b13c36c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8b13c36c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8b13c36c
Branch: refs/heads/3.0.x-fixes
Commit: 8b13c36c0978164dc24c80cd7c2f046cba2ea4a2
Parents: 657541e
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Mar 28 12:18:54 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Mar 28 14:35:05 2017 +0100
----------------------------------------------------------------------
.../cxf/systest/ws/action/ActionTest.java | 112 +++++++++++++++++++
.../ws/common/KeystorePasswordCallback.java | 2 +
.../src/test/resources/bethal.properties | 24 ++++
.../cxf/systest/ws/action/DoubleItAction.wsdl | 12 ++
.../org/apache/cxf/systest/ws/action/client.xml | 104 +++++++++++++++++
.../org/apache/cxf/systest/ws/action/server.xml | 104 +++++++++++++++++
.../src/test/resources/truststore.properties | 23 ++++
7 files changed, 381 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/8b13c36c/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
index 2a67c22..9d86f62 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
@@ -291,4 +291,116 @@ public class ActionTest extends AbstractBusClientServerTestBase {
((java.io.Closeable)port).close();
bus.shutdown(true);
}
+
+ @org.junit.Test
+ public void testSignatureNegativeClient() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = ActionTest.class.getResource("client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeClientPort");
+ DoubleItPortType port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(port, PORT);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected as the client doesn't trust the cert of the service");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ }
+
+ ((java.io.Closeable)port).close();
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
+ public void testSignatureNegativeClientStreaming() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = ActionTest.class.getResource("client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeClientPort2");
+ DoubleItPortType port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(port, PORT);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected as the client doesn't trust the cert of the service");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ }
+
+ ((java.io.Closeable)port).close();
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
+ public void testSignatureNegativeServer() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = ActionTest.class.getResource("client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeServerPort");
+ DoubleItPortType port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(port, PORT);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected as the service doesn't trust the client cert");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ }
+
+ ((java.io.Closeable)port).close();
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
+ public void testSignatureNegativeServerStreaming() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = ActionTest.class.getResource("client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeServerPort2");
+ DoubleItPortType port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(port, PORT);
+
+ try {
+ port.doubleIt(25);
+ fail("Failure expected as the service doesn't trust the client cert");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ }
+
+ ((java.io.Closeable)port).close();
+ bus.shutdown(true);
+ }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/8b13c36c/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/common/KeystorePasswordCallback.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/common/KeystorePasswordCallback.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/common/KeystorePasswordCallback.java
index 511155a..e680dce 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/common/KeystorePasswordCallback.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/common/KeystorePasswordCallback.java
@@ -46,6 +46,8 @@ public class KeystorePasswordCallback implements CallbackHandler {
passwords.put("6e0e88f36ebb8744d470f62f604d03ea4ebe5094", "password");
passwords.put("wss40rev", "security");
passwords.put("morpit", "password");
+ passwords.put("myclientkey", "ckpass");
+ passwords.put("myservicekey", "skpass");
}
/**
http://git-wip-us.apache.org/repos/asf/cxf/blob/8b13c36c/systests/ws-security/src/test/resources/bethal.properties
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/bethal.properties b/systests/ws-security/src/test/resources/bethal.properties
new file mode 100644
index 0000000..7356fc5
--- /dev/null
+++ b/systests/ws-security/src/test/resources/bethal.properties
@@ -0,0 +1,24 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+org.apache.wss4j.crypto.provider=org.apache.wss4j.common.crypto.Merlin
+org.apache.wss4j.crypto.merlin.keystore.type=jks
+org.apache.wss4j.crypto.merlin.keystore.password=password
+org.apache.wss4j.crypto.merlin.keystore.alias=bethal
+org.apache.wss4j.crypto.merlin.keystore.file=keys/Bethal.jks
+
http://git-wip-us.apache.org/repos/asf/cxf/blob/8b13c36c/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl
index dcb40d4..eca0182 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl
@@ -66,6 +66,18 @@
<wsdl:port name="DoubleItEncryptionPort" binding="tns:DoubleItNoSecurityBinding">
<soap:address location="http://localhost:9001/DoubleItEncryption"/>
</wsdl:port>
+ <wsdl:port name="DoubleItSignatureNegativeClientPort" binding="tns:DoubleItNoSecurityBinding">
+ <soap:address location="http://localhost:9001/DoubleItSignatureNegativeClient"/>
+ </wsdl:port>
+ <wsdl:port name="DoubleItSignatureNegativeClientPort2" binding="tns:DoubleItNoSecurityBinding">
+ <soap:address location="http://localhost:9001/DoubleItSignatureNegativeClient2"/>
+ </wsdl:port>
+ <wsdl:port name="DoubleItSignatureNegativeServerPort" binding="tns:DoubleItNoSecurityBinding">
+ <soap:address location="http://localhost:9001/DoubleItSignatureNegativeServer"/>
+ </wsdl:port>
+ <wsdl:port name="DoubleItSignatureNegativeServerPort2" binding="tns:DoubleItNoSecurityBinding">
+ <soap:address location="http://localhost:9001/DoubleItSignatureNegativeServer2"/>
+ </wsdl:port>
</wsdl:service>
</wsdl:definitions>
http://git-wip-us.apache.org/repos/asf/cxf/blob/8b13c36c/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml
index 298048e..0cb52c1 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml
@@ -229,4 +229,108 @@
</jaxws:inInterceptors>
</jaxws:client>
+ <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignatureNegativeClientPort" createdFromAPI="true">
+ <jaxws:outInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureUser" value="bethal"/>
+ <entry key="signaturePropFile" value="bethal.properties"/>
+ <entry key="signatureKeyIdentifier" value="DirectReference"/>
+ <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:outInterceptors>
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureVerificationPropFile" value="bethal.properties"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:inInterceptors>
+ </jaxws:client>
+
+ <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignatureNegativeClientPort2" createdFromAPI="true">
+ <jaxws:outInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureUser" value="bethal"/>
+ <entry key="signaturePropFile" value="bethal.properties"/>
+ <entry key="signatureKeyIdentifier" value="DirectReference"/>
+ <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:outInterceptors>
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureVerificationPropFile" value="bethal.properties"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:inInterceptors>
+ </jaxws:client>
+
+ <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignatureNegativeServerPort" createdFromAPI="true">
+ <jaxws:outInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureUser" value="bethal"/>
+ <entry key="signaturePropFile" value="bethal.properties"/>
+ <entry key="signatureKeyIdentifier" value="DirectReference"/>
+ <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:outInterceptors>
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureVerificationPropFile" value="truststore.properties"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:inInterceptors>
+ </jaxws:client>
+
+ <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignatureNegativeServerPort2" createdFromAPI="true">
+ <jaxws:outInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureUser" value="bethal"/>
+ <entry key="signaturePropFile" value="bethal.properties"/>
+ <entry key="signatureKeyIdentifier" value="DirectReference"/>
+ <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:outInterceptors>
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureVerificationPropFile" value="truststore.properties"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:inInterceptors>
+ </jaxws:client>
+
</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/8b13c36c/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml
index 1d45840..cb11d47 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml
@@ -169,4 +169,108 @@
</jaxws:inInterceptors>
</jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignatureNegativeClient" address="http://localhost:${testutil.ports.action.Server}/DoubleItSignatureNegativeClient" serviceName="s:DoubleItService" endpointName="s:DoubleItSignatureNegativeClientPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/action/DoubleItAction.wsdl">
+ <jaxws:outInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureUser" value="morpit"/>
+ <entry key="signaturePropFile" value="morpit.properties"/>
+ <entry key="signatureKeyIdentifier" value="DirectReference"/>
+ <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:outInterceptors>
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureVerificationPropFile" value="truststore.properties"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:inInterceptors>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignatureNegativeClient2" address="http://localhost:${testutil.ports.action.Server}/DoubleItSignatureNegativeClient2" serviceName="s:DoubleItService" endpointName="s:DoubleItSignatureNegativeClientPort2" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/action/DoubleItAction.wsdl">
+ <jaxws:outInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureUser" value="morpit"/>
+ <entry key="signaturePropFile" value="morpit.properties"/>
+ <entry key="signatureKeyIdentifier" value="DirectReference"/>
+ <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:outInterceptors>
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureVerificationPropFile" value="truststore.properties"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:inInterceptors>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignatureNegativeServer" address="http://localhost:${testutil.ports.action.Server}/DoubleItSignatureNegativeServer" serviceName="s:DoubleItService" endpointName="s:DoubleItSignatureNegativeServerPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/action/DoubleItAction.wsdl">
+ <jaxws:outInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureUser" value="morpit"/>
+ <entry key="signaturePropFile" value="morpit.properties"/>
+ <entry key="signatureKeyIdentifier" value="DirectReference"/>
+ <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:outInterceptors>
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureVerificationPropFile" value="morpit.properties"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:inInterceptors>
+ </jaxws:endpoint>
+
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignatureNegativeServer2" address="http://localhost:${testutil.ports.action.Server}/DoubleItSignatureNegativeServer2" serviceName="s:DoubleItService" endpointName="s:DoubleItSignatureNegativeServerPort2" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/action/DoubleItAction.wsdl">
+ <jaxws:outInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureUser" value="morpit"/>
+ <entry key="signaturePropFile" value="morpit.properties"/>
+ <entry key="signatureKeyIdentifier" value="DirectReference"/>
+ <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:outInterceptors>
+ <jaxws:inInterceptors>
+ <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Signature"/>
+ <entry key="signatureVerificationPropFile" value="morpit.properties"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ </jaxws:inInterceptors>
+ </jaxws:endpoint>
+
</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/8b13c36c/systests/ws-security/src/test/resources/truststore.properties
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/truststore.properties b/systests/ws-security/src/test/resources/truststore.properties
new file mode 100644
index 0000000..170389a
--- /dev/null
+++ b/systests/ws-security/src/test/resources/truststore.properties
@@ -0,0 +1,23 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+org.apache.wss4j.crypto.provider=org.apache.wss4j.common.crypto.Merlin
+org.apache.wss4j.crypto.merlin.keystore.type=jks
+org.apache.wss4j.crypto.merlin.keystore.password=password
+org.apache.wss4j.crypto.merlin.keystore.file=keys/Truststore.jks
+