You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/05/17 14:08:18 UTC
svn commit: r1104182 - in /cxf/trunk:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/
rt/ws/s...
Author: coheigea
Date: Tue May 17 12:08:17 2011
New Revision: 1104182
URL: http://svn.apache.org/viewvc?rev=1104182&view=rev
Log:
Some work on wsse UsernameTokens
- Added support for SP13 Nonce and Created policy elements
- Added a Policy Validator for UsernameTokens
- Added a systest.
Added:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP13Constants.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/DoubleItImpl.java
cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/Server.java
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/client.xml
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/
cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/server.xml
cxf/trunk/systests/ws-security/src/test/resources/wsdl_systest_wssec/ut/
cxf/trunk/systests/ws-security/src/test/resources/wsdl_systest_wssec/ut/DoubleItUt.wsdl
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/UsernameToken.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
cxf/trunk/systests/ws-security/pom.xml
Added: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP13Constants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP13Constants.java?rev=1104182&view=auto
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP13Constants.java (added)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP13Constants.java Tue May 17 12:08:17 2011
@@ -0,0 +1,37 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.ws.security.policy;
+
+import javax.xml.namespace.QName;
+
+public final class SP13Constants {
+
+ public static final String SP_NS = "http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802";
+
+ public static final String SP_PREFIX = "sp13";
+
+ public static final QName USERNAME_TOKEN_CREATED = new QName(SP_NS, "Created", SP_PREFIX);
+
+ public static final QName USERNAME_TOKEN_NONCE = new QName(SP_NS, "Nonce", SP_PREFIX);
+
+ private SP13Constants() {
+ //
+ }
+
+}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java?rev=1104182&r1=1104181&r2=1104182&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/UsernameTokenBuilder.java Tue May 17 12:08:17 2011
@@ -29,6 +29,7 @@ import org.apache.cxf.ws.policy.PolicyBu
import org.apache.cxf.ws.policy.PolicyConstants;
import org.apache.cxf.ws.security.policy.SP11Constants;
import org.apache.cxf.ws.security.policy.SP12Constants;
+import org.apache.cxf.ws.security.policy.SP13Constants;
import org.apache.cxf.ws.security.policy.SPConstants;
import org.apache.cxf.ws.security.policy.model.UsernameToken;
import org.apache.neethi.Assertion;
@@ -82,6 +83,10 @@ public class UsernameTokenBuilder implem
usernameToken.setExplicitDerivedKeys(true);
} else if (SP12Constants.REQUIRE_IMPLIED_DERIVED_KEYS.equals(qname)) {
usernameToken.setImpliedDerivedKeys(true);
+ } else if (SP13Constants.USERNAME_TOKEN_CREATED.equals(qname)) {
+ usernameToken.setRequireCreated(true);
+ } else if (SP13Constants.USERNAME_TOKEN_NONCE.equals(qname)) {
+ usernameToken.setRequireNonce(true);
}
}
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/UsernameToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/UsernameToken.java?rev=1104182&r1=1104181&r2=1104182&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/UsernameToken.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/UsernameToken.java Tue May 17 12:08:17 2011
@@ -30,6 +30,8 @@ public class UsernameToken extends Token
private boolean useUTProfile11;
private boolean noPassword;
private boolean hashPassword;
+ private boolean requireCreated;
+ private boolean requireNonce;
public UsernameToken(SPConstants version) {
super(version);
@@ -56,6 +58,22 @@ public class UsernameToken extends Token
public void setNoPassword(boolean noPassword) {
this.noPassword = noPassword;
}
+
+ public boolean isRequireCreated() {
+ return requireCreated;
+ }
+
+ public void setRequireCreated(boolean requireCreated) {
+ this.requireCreated = requireCreated;
+ }
+
+ public boolean isRequireNonce() {
+ return requireNonce;
+ }
+
+ public void setRequireNonce(boolean requireNonce) {
+ this.requireNonce = requireNonce;
+ }
public boolean isHashPassword() {
return hashPassword;
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=1104182&r1=1104181&r2=1104182&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java Tue May 17 12:08:17 2011
@@ -69,19 +69,18 @@ import org.apache.cxf.ws.security.policy
import org.apache.cxf.ws.security.policy.model.Token;
import org.apache.cxf.ws.security.policy.model.TransportBinding;
import org.apache.cxf.ws.security.policy.model.TransportToken;
-import org.apache.cxf.ws.security.policy.model.UsernameToken;
import org.apache.cxf.ws.security.policy.model.Wss11;
import org.apache.cxf.ws.security.policy.model.X509Token;
import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope;
import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageType;
import org.apache.cxf.ws.security.wss4j.policyvalidators.EndorsingTokenPolicyValidator;
import org.apache.cxf.ws.security.wss4j.policyvalidators.SamlTokenPolicyValidator;
+import org.apache.cxf.ws.security.wss4j.policyvalidators.UsernameTokenPolicyValidator;
import org.apache.neethi.Assertion;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSDataRef;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
-import org.apache.ws.security.WSUsernameTokenPrincipal;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.util.WSSecurityUtil;
@@ -563,20 +562,16 @@ public class PolicyBasedWSS4JInIntercept
}
break;
case WSConstants.UT:
- Collection<AssertionInfo> ais = aim.get(SP12Constants.USERNAME_TOKEN);
- if (ais != null) {
- for (AssertionInfo ai : ais) {
- ai.setAsserted(true);
- }
-
- if (utWithCallbacks) {
- WSUsernameTokenPrincipal princ
- = (WSUsernameTokenPrincipal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
+ case WSConstants.UT_NOPASSWORD:
+ if (utWithCallbacks) {
+ UsernameTokenPolicyValidator utValidator =
+ new UsernameTokenPolicyValidator(msg);
+ utValidator.validatePolicy(aim, wser);
+ } else {
+ Collection<AssertionInfo> ais = aim.get(SP12Constants.USERNAME_TOKEN);
+ if (ais != null) {
for (AssertionInfo ai : ais) {
- UsernameToken tok = (UsernameToken)ai.getAssertion();
- if (tok.isHashPassword() != princ.isPasswordDigest()) {
- ai.setNotAsserted("Password hashing policy not enforced");
- }
+ ai.setAsserted(true);
}
}
}
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1104182&r1=1104181&r2=1104182&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java Tue May 17 12:08:17 2011
@@ -705,39 +705,44 @@ public abstract class AbstractBindingBui
String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME);
if (!StringUtils.isEmpty(userName)) {
+ WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
// If NoPassword property is set we don't need to set the password
if (token.isNoPassword()) {
- WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
utBuilder.setUserInfo(userName, null);
utBuilder.setPasswordType(null);
- info.setAsserted(true);
- return utBuilder;
- }
-
- String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
- if (StringUtils.isEmpty(password)) {
- password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
- }
+ } else {
+ String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD);
+ if (StringUtils.isEmpty(password)) {
+ password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN);
+ }
- if (!StringUtils.isEmpty(password)) {
- //If the password is available then build the token
- WSSecUsernameToken utBuilder = new WSSecUsernameToken(wssConfig);
- if (token.isHashPassword()) {
- utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
+ if (!StringUtils.isEmpty(password)) {
+ // If the password is available then build the token
+ if (token.isHashPassword()) {
+ utBuilder.setPasswordType(WSConstants.PASSWORD_DIGEST);
+ } else {
+ utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
+ }
+ utBuilder.setUserInfo(userName, password);
} else {
- utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
+ policyNotAsserted(token, "No password available");
+ return null;
}
-
- utBuilder.setUserInfo(userName, password);
- info.setAsserted(true);
- return utBuilder;
- } else {
- policyNotAsserted(token, "No username available");
}
+
+ if (token.isRequireCreated() && !token.isHashPassword()) {
+ utBuilder.addCreated();
+ }
+ if (token.isRequireNonce() && !token.isHashPassword()) {
+ utBuilder.addNonce();
+ }
+
+ info.setAsserted(true);
+ return utBuilder;
} else {
policyNotAsserted(token, "No username available");
+ return null;
}
- return null;
}
protected AssertionWrapper addSamlToken(SamlToken token) throws WSSecurityException {
Added: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java?rev=1104182&view=auto
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java (added)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java Tue May 17 12:08:17 2011
@@ -0,0 +1,94 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.ws.security.wss4j.policyvalidators;
+
+import java.util.Collection;
+
+import org.apache.cxf.message.Message;
+import org.apache.cxf.ws.policy.AssertionInfo;
+import org.apache.cxf.ws.policy.AssertionInfoMap;
+import org.apache.cxf.ws.security.policy.SP12Constants;
+import org.apache.ws.security.WSSecurityEngineResult;
+import org.apache.ws.security.message.token.UsernameToken;
+
+/**
+ * Validate a WSSecurityEngineResult corresponding to the processing of a UsernameToken
+ * against the appropriate policy.
+ */
+public class UsernameTokenPolicyValidator extends AbstractTokenPolicyValidator {
+
+ private Message message;
+
+ public UsernameTokenPolicyValidator(
+ Message message
+ ) {
+ this.message = message;
+ }
+
+ public boolean validatePolicy(
+ AssertionInfoMap aim,
+ WSSecurityEngineResult wser
+ ) {
+ Collection<AssertionInfo> utAis = aim.get(SP12Constants.USERNAME_TOKEN);
+ if (utAis != null && !utAis.isEmpty()) {
+ for (AssertionInfo ai : utAis) {
+ UsernameToken usernameToken =
+ (UsernameToken)wser.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);
+ org.apache.cxf.ws.security.policy.model.UsernameToken usernameTokenPolicy =
+ (org.apache.cxf.ws.security.policy.model.UsernameToken)ai.getAssertion();
+ ai.setAsserted(true);
+
+ boolean tokenRequired = isTokenRequired(usernameTokenPolicy, message);
+ if ((tokenRequired && usernameToken == null)
+ || (!tokenRequired && usernameToken != null)) {
+ ai.setNotAsserted(
+ "The received token does not match the token inclusion requirement"
+ );
+ return false;
+ }
+ if (!tokenRequired) {
+ continue;
+ }
+
+ if (usernameTokenPolicy.isHashPassword() != usernameToken.isHashed()) {
+ ai.setNotAsserted("Password hashing policy not enforced");
+ return false;
+ }
+ if (usernameTokenPolicy.isNoPassword() && usernameToken.getPassword() != null) {
+ ai.setNotAsserted("Username Token NoPassword policy not enforced");
+ return false;
+ }
+ if (usernameTokenPolicy.isRequireCreated()
+ && (usernameToken.getCreated() == null || usernameToken.isHashed())) {
+ ai.setNotAsserted("Username Token Created policy not enforced");
+ return false;
+ }
+ if (usernameTokenPolicy.isRequireNonce()
+ && (usernameToken.getNonce() == null || usernameToken.isHashed())) {
+ ai.setNotAsserted("Username Token Nonce policy not enforced");
+ return false;
+ }
+
+ }
+ }
+ return true;
+ }
+
+}
Modified: cxf/trunk/systests/ws-security/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/pom.xml?rev=1104182&r1=1104181&r2=1104182&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/pom.xml (original)
+++ cxf/trunk/systests/ws-security/pom.xml Tue May 17 12:08:17 2011
@@ -57,6 +57,9 @@
<wsdlOption>
<wsdl>${basedir}/src/test/resources/wsdl_systest_wssec/saml/DoubleItSaml.wsdl</wsdl>
</wsdlOption>
+ <wsdlOption>
+ <wsdl>${basedir}/src/test/resources/wsdl_systest_wssec/ut/DoubleItUt.wsdl</wsdl>
+ </wsdlOption>
</wsdlOptions>
</configuration>
<goals>
Added: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java?rev=1104182&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java (added)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java Tue May 17 12:08:17 2011
@@ -0,0 +1,118 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.ws.ut;
+
+import java.math.BigInteger;
+import java.net.URL;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.systest.ws.ut.server.Server;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+
+import org.junit.BeforeClass;
+
+import wssec.ut.DoubleItPortType;
+import wssec.ut.DoubleItService;
+
+/**
+ * A set of tests for Username Tokens over the Transport Binding.
+ */
+public class UsernameTokenTest extends AbstractBusClientServerTestBase {
+
+ @BeforeClass
+ public static void startServers() throws Exception {
+ assertTrue(
+ "Server failed to launch",
+ // run the server in the same process
+ // set this to false to fork
+ launchServer(Server.class, true)
+ );
+ }
+
+ @org.junit.Test
+ public void testPlaintext() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = UsernameTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ DoubleItService service = new DoubleItService();
+
+ DoubleItPortType utPort = service.getDoubleItPlaintextPort();
+
+ utPort.doubleIt(BigInteger.valueOf(25));
+ }
+
+ @org.junit.Test
+ public void testPlaintextCreated() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = UsernameTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ DoubleItService service = new DoubleItService();
+
+ DoubleItPortType utPort = service.getDoubleItPlaintextCreatedPort();
+
+ utPort.doubleIt(BigInteger.valueOf(25));
+ }
+
+ @org.junit.Test
+ public void testPasswordHashed() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = UsernameTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ DoubleItService service = new DoubleItService();
+
+ DoubleItPortType utPort = service.getDoubleItHashedPort();
+
+ utPort.doubleIt(BigInteger.valueOf(25));
+ }
+
+ @org.junit.Test
+ public void testNoPassword() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = UsernameTokenTest.class.getResource("client/client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ DoubleItService service = new DoubleItService();
+
+ DoubleItPortType utPort = service.getDoubleItNoPasswordPort();
+
+ utPort.doubleIt(BigInteger.valueOf(25));
+ }
+
+}
Added: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/DoubleItImpl.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/DoubleItImpl.java?rev=1104182&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/DoubleItImpl.java (added)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/DoubleItImpl.java Tue May 17 12:08:17 2011
@@ -0,0 +1,38 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.ws.ut.server;
+
+import java.math.BigInteger;
+
+import javax.jws.WebService;
+import org.apache.cxf.feature.Features;
+import wssec.saml.DoubleItPortType;
+
+@WebService(targetNamespace = "http://WSSec/ut",
+ serviceName = "DoubleItService",
+ endpointInterface = "wssec.saml.DoubleItPortType")
+@Features(features = "org.apache.cxf.feature.LoggingFeature")
+public class DoubleItImpl implements DoubleItPortType {
+
+ public java.math.BigInteger doubleIt(java.math.BigInteger numberToDouble) {
+ return numberToDouble.multiply(BigInteger.valueOf(2));
+ }
+
+}
Added: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/Server.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/Server.java?rev=1104182&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/Server.java (added)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/server/Server.java Tue May 17 12:08:17 2011
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.ws.ut.server;
+
+import java.net.URL;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+public class Server extends AbstractBusTestServerBase {
+
+ public Server() {
+
+ }
+
+ protected void run() {
+ URL busFile = Server.class.getResource("server.xml");
+ Bus busLocal = new SpringBusFactory().createBus(busFile);
+ BusFactory.setDefaultBus(busLocal);
+ setBus(busLocal);
+
+ try {
+ new Server();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+}
Added: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/client.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/client.xml?rev=1104182&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/client.xml (added)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/client/client.xml Tue May 17 12:08:17 2011
@@ -0,0 +1,89 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:jaxws="http://cxf.apache.org/jaxws"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:p="http://cxf.apache.org/policy"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd"
+>
+ <cxf:bus>
+ <cxf:features>
+ <p:policies/>
+ <cxf:logging/>
+ </cxf:features>
+ </cxf:bus>
+
+ <http:conduit name="https://localhost:9009/.*">
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="jks" password="password" resource="org/apache/cxf/systest/ws/security/Morpit.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="jks" password="password" resource="org/apache/cxf/systest/ws/security/Truststore.jks"/>
+ </sec:trustManagers>
+ </http:tlsClientParameters>
+ </http:conduit>
+
+ <jaxws:client name="{http://WSSec/ut}DoubleItPlaintextPort"
+ createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ </jaxws:properties>
+ </jaxws:client>
+
+ <jaxws:client name="{http://WSSec/ut}DoubleItPlaintextCreatedPort"
+ createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ </jaxws:properties>
+ </jaxws:client>
+
+ <jaxws:client name="{http://WSSec/ut}DoubleItHashedPort"
+ createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ </jaxws:properties>
+ </jaxws:client>
+
+ <jaxws:client name="{http://WSSec/ut}DoubleItNoPasswordPort"
+ createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="Alice"/>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ </jaxws:properties>
+ </jaxws:client>
+
+</beans>
Added: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/server.xml?rev=1104182&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/server.xml (added)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server/server.xml Tue May 17 12:08:17 2011
@@ -0,0 +1,142 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:jaxws="http://cxf.apache.org/jaxws"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:security="http://schemas.iona.com/soa/security-config"
+ xmlns:interop="http://WSSec/wssec10"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:p="http://cxf.apache.org/policy"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd
+ http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
+ http://schemas.iona.com/soa/security-config http://schemas.iona.com/soa/security-config.xsd
+ ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <cxf:bus>
+ <cxf:features>
+ <p:policies/>
+ <cxf:logging/>
+ </cxf:features>
+ </cxf:bus>
+
+ <!-- -->
+ <!-- Any services listening on port 9009 must use the following -->
+ <!-- Transport Layer Security (TLS) settings -->
+ <!-- -->
+ <httpj:engine-factory id="tls-settings">
+ <httpj:engine port="9009">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="jks" password="password" resource="org/apache/cxf/systest/ws/security/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="jks" password="password" resource="org/apache/cxf/systest/ws/security/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:cipherSuitesFilter>
+ <sec:include>.*_EXPORT_.*</sec:include>
+ <sec:include>.*_EXPORT1024_.*</sec:include>
+ <sec:include>.*_WITH_DES_.*</sec:include>
+ <sec:include>.*_WITH_NULL_.*</sec:include>
+ <sec:exclude>.*_DH_anon_.*</sec:exclude>
+ </sec:cipherSuitesFilter>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <jaxws:endpoint
+ id="Plaintext"
+ address="https://localhost:9009/DoubleItUTPlaintext"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItPlaintextPort"
+ xmlns:s="http://WSSec/ut"
+ implementor="org.apache.cxf.systest.ws.saml.server.DoubleItImpl"
+ wsdlLocation="wsdl_systest_wssec/ut/DoubleItUt.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="PlaintextCreated"
+ address="https://localhost:9009/DoubleItUTPlaintextCreated"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItPlaintextCreatedPort"
+ xmlns:s="http://WSSec/ut"
+ implementor="org.apache.cxf.systest.ws.saml.server.DoubleItImpl"
+ wsdlLocation="wsdl_systest_wssec/ut/DoubleItUt.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="Hashed"
+ address="https://localhost:9009/DoubleItUTHashed"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItHashedPort"
+ xmlns:s="http://WSSec/ut"
+ implementor="org.apache.cxf.systest.ws.saml.server.DoubleItImpl"
+ wsdlLocation="wsdl_systest_wssec/ut/DoubleItUt.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+ <jaxws:endpoint
+ id="NoPassword"
+ address="https://localhost:9009/DoubleItUTNoPassword"
+ serviceName="s:DoubleItService"
+ endpointName="s:DoubleItNoPasswordPort"
+ xmlns:s="http://WSSec/ut"
+ implementor="org.apache.cxf.systest.ws.saml.server.DoubleItImpl"
+ wsdlLocation="wsdl_systest_wssec/ut/DoubleItUt.wsdl"
+ depends-on="tls-settings">
+
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
+ value="org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"/>
+ </jaxws:properties>
+
+ </jaxws:endpoint>
+
+</beans>
Added: cxf/trunk/systests/ws-security/src/test/resources/wsdl_systest_wssec/ut/DoubleItUt.wsdl
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/wsdl_systest_wssec/ut/DoubleItUt.wsdl?rev=1104182&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/wsdl_systest_wssec/ut/DoubleItUt.wsdl (added)
+++ cxf/trunk/systests/ws-security/src/test/resources/wsdl_systest_wssec/ut/DoubleItUt.wsdl Tue May 17 12:08:17 2011
@@ -0,0 +1,344 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<wsdl:definitions name="DoubleIt"
+ xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
+ xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://WSSec/ut"
+ targetNamespace="http://WSSec/ut"
+ xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
+ xmlns:wsaws="http://www.w3.org/2005/08/addressing"
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
+ xmlns:sp13="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802">
+ <wsdl:types>
+ <xsd:schema targetNamespace="http://WSSec/ut">
+ <xsd:element name="DoubleIt">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="numberToDouble">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:integer">
+ <xsd:minInclusive value="0"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="DoubleItResponse">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="doubledNumber" type="xsd:integer" />
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="DoubleItFault">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="reason" type="xsd:string" />
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:schema>
+ </wsdl:types>
+ <wsdl:message name="DoubleItRequest">
+ <wsdl:part element="tns:DoubleIt" name="parameters" />
+ </wsdl:message>
+ <wsdl:message name="DoubleItResponse">
+ <wsdl:part element="tns:DoubleItResponse" name="parameters" />
+ </wsdl:message>
+ <wsdl:message name="DoubleItFault">
+ <wsdl:part element="tns:DoubleItFault" name="fault" />
+ </wsdl:message>
+ <wsdl:portType name="DoubleItPortType">
+ <wsdl:operation name="DoubleIt">
+ <wsdl:input message="tns:DoubleItRequest" />
+ <wsdl:output message="tns:DoubleItResponse" />
+ <wsdl:fault name="DoubleItFault" message="tns:DoubleItFault" />
+ </wsdl:operation>
+ </wsdl:portType>
+ <wsdl:binding name="DoubleItPlaintextBinding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItPlaintextPolicy" />
+ <soap:binding style="document"
+ transport="http://schemas.xmlsoap.org/soap/http" />
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction="" />
+ <wsdl:input>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault" />
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:binding name="DoubleItPlaintextCreatedBinding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItPlaintextCreatedPolicy" />
+ <soap:binding style="document"
+ transport="http://schemas.xmlsoap.org/soap/http" />
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction="" />
+ <wsdl:input>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault" />
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:binding name="DoubleItHashedBinding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItHashedPolicy" />
+ <soap:binding style="document"
+ transport="http://schemas.xmlsoap.org/soap/http" />
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction="" />
+ <wsdl:input>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault" />
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:binding name="DoubleItNoPasswordBinding" type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItNoPasswordPolicy" />
+ <soap:binding style="document"
+ transport="http://schemas.xmlsoap.org/soap/http" />
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction="" />
+ <wsdl:input>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal" />
+ <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ <wsdl:fault name="DoubleItFault">
+ <soap:body use="literal" name="DoubleItFault" />
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:service name="DoubleItService">
+ <wsdl:port name="DoubleItPlaintextPort" binding="tns:DoubleItPlaintextBinding">
+ <soap:address location="https://localhost:9009/DoubleItUTPlaintext" />
+ </wsdl:port>
+ <wsdl:port name="DoubleItPlaintextCreatedPort" binding="tns:DoubleItPlaintextCreatedBinding">
+ <soap:address location="https://localhost:9009/DoubleItUTPlaintextCreated" />
+ </wsdl:port>
+ <wsdl:port name="DoubleItHashedPort" binding="tns:DoubleItHashedBinding">
+ <soap:address location="https://localhost:9009/DoubleItUTHashed" />
+ </wsdl:port>
+ <wsdl:port name="DoubleItNoPasswordPort" binding="tns:DoubleItNoPasswordBinding">
+ <soap:address location="https://localhost:9009/DoubleItUTNoPassword" />
+ </wsdl:port>
+ </wsdl:service>
+
+ <wsp:Policy wsu:Id="DoubleItPlaintextPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding>
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false" />
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SupportingTokens>
+ <wsp:Policy>
+ <sp:UsernameToken
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssUsernameToken10/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+ <wsp:Policy wsu:Id="DoubleItPlaintextCreatedPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding>
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false" />
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SupportingTokens>
+ <wsp:Policy>
+ <sp:UsernameToken
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssUsernameToken10/>
+ <sp13:Created/>
+ <sp13:Nonce/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+ <wsp:Policy wsu:Id="DoubleItHashedPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding>
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false" />
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SupportingTokens>
+ <wsp:Policy>
+ <sp:UsernameToken
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssUsernameToken10/>
+ <sp:HashPassword/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+ <wsp:Policy wsu:Id="DoubleItNoPasswordPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding>
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false" />
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SupportingTokens>
+ <wsp:Policy>
+ <sp:UsernameToken
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssUsernameToken10/>
+ <sp:NoPassword/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+ <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Input_Policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:EncryptedParts>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:SignedParts>
+ <sp:Body/>
+ </sp:SignedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Output_Policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:EncryptedParts>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:SignedParts>
+ <sp:Body/>
+ </sp:SignedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+</wsdl:definitions>