You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/12/11 13:02:07 UTC
[1/6] cxf git commit: Moved https specific tests into a new directory
Repository: cxf
Updated Branches:
refs/heads/3.0.x-fixes 3c07e4ad8 -> 207d64cb3
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/Morpit.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Morpit.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Morpit.cxf
new file mode 100644
index 0000000..e6db5ff
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Morpit.cxf
@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<!--
+ ** This file configures the Morpit Server. It is just an
+ ** Https server with a name that will kick in the HostnameVerifier.
+ -->
+
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
+ xsi:schemaLocation="
+ http://cxf.apache.org/configuration/security
+ http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/transports/http/configuration
+ http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration
+ http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <http:destination name="{http://apache.org/hello_world}GreeterImplPort.http-destination">
+ </http:destination>
+
+ <httpj:engine-factory bus="cxf">
+ <httpj:engine port="${testutil.ports.BusServer.5}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password"
+ resource="keys/Morpit.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password"
+ resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/Poltim.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Poltim.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Poltim.cxf
new file mode 100644
index 0000000..090418d
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Poltim.cxf
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<!--
+ ** This file configures the Poltim Server.
+ ** It is an https server that redirects to Mortimer.
+ -->
+
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
+ xsi:schemaLocation="
+ http://cxf.apache.org/configuration/security
+ http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/transports/http/configuration
+ http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration
+ http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <http:destination name="{http://apache.org/hello_world}Poltim.http-destination">
+ <http:server RedirectURL="http://localhost:${testutil.ports.BusServer.0}/Mortimer"/>
+ </http:destination>
+
+ <httpj:engine-factory bus="cxf">
+ <httpj:engine port="${testutil.ports.BusServer.2}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password"
+ resource="keys/Poltim.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password"
+ resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/Tarpin.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Tarpin.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Tarpin.cxf
new file mode 100644
index 0000000..00d5c20
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Tarpin.cxf
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<!--
+ ** This file configures the Tarpin Server.
+ ** It is an https server that redirects to Gordy.
+ -->
+
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
+ xsi:schemaLocation="
+ http://cxf.apache.org/configuration/security
+ http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/transports/http/configuration
+ http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration
+ http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <http:destination name="{http://apache.org/hello_world}Tarpin.http-destination">
+ <http:server RedirectURL="https://localhost:${testutil.ports.BusServer.3}/Gordy"/>
+ </http:destination>
+
+ <httpj:engine-factory bus="cxf">
+ <httpj:engine port="${testutil.ports.BusServer.1}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password"
+ file="src/test/resources/keys/Tarpin.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password"
+ file="src/test/resources/keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish-callback.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish-callback.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish-callback.xml
new file mode 100644
index 0000000..8228d10
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish-callback.xml
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <!-- -->
+ <!-- This Spring config file is designed to represent a minimal -->
+ <!-- configuration for spring-loading a CXF servant, where the -->
+ <!-- servant listens using HTTP/S as the transport protocol. -->
+ <!-- -->
+ <!-- Note that the service endpoint is spring-loaded. In the -->
+ <!-- scenario in which this config is designed to run, the -->
+ <!-- server application merely instantiates a Bus, and does not -->
+ <!-- publish any services programmatically -->
+ <!-- -->
+ <!-- -->
+ <!-- Spring-load an HTTPS servant -->
+ <!-- -->
+ <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" implementor="org.apache.cxf.systest.http.GreeterImpl" address="https://localhost:${testutil.ports.BusServer.1}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9001-tls-config"/>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9001 -->
+ <!-- -->
+ <httpj:engine-factory id="port-9001-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.1}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPasswordCallbackHandler="org.apache.cxf.systest.https.KeyPasswordCallbackHandler">
+ <sec:keyStore type="JKS" password="password" file="src/test/resources/keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" file="src/test/resources/keys/Truststore.jks"/>
+ </sec:trustManagers>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- HTTP/S configuration for clients -->
+ <!-- -->
+ <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPasswordCallbackHandler="org.apache.cxf.systest.https.KeyPasswordCallbackHandler">
+ <sec:keyStore type="JKS" password="password" file="src/test/resources/keys/Morpit.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" file="src/test/resources/keys/Truststore.jks"/>
+ </sec:trustManagers>
+ </http:tlsClientParameters>
+ </http:conduit>
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish.xml
new file mode 100644
index 0000000..1d8190d
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish.xml
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <!-- -->
+ <!-- This Spring config file is designed to represent a minimal -->
+ <!-- configuration for spring-loading a CXF servant, where the -->
+ <!-- servant listens using HTTP/S as the transport protocol. -->
+ <!-- -->
+ <!-- Note that the service endpoint is spring-loaded. In the -->
+ <!-- scenario in which this config is designed to run, the -->
+ <!-- server application merely instantiates a Bus, and does not -->
+ <!-- publish any services programmatically -->
+ <!-- -->
+ <!-- -->
+ <!-- Spring-load an HTTPS servant -->
+ <!-- -->
+ <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" implementor="org.apache.cxf.systest.http.GreeterImpl" address="https://localhost:${testutil.ports.BusServer.1}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9001-tls-config"/>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9001 -->
+ <!-- -->
+ <httpj:engine-factory id="port-9001-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.1}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- HTTP/S configuration for clients -->
+ <!-- -->
+ <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Morpit.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ </http:tlsClientParameters>
+ </http:conduit>
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-server-constraints.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-server-constraints.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-server-constraints.xml
new file mode 100644
index 0000000..753e0a4
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-server-constraints.xml
@@ -0,0 +1,255 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <!-- -->
+ <!-- This Spring config file is designed to represent a minimal -->
+ <!-- configuration for spring-loading a CXF servant, where the -->
+ <!-- servant listens using HTTP/S as the transport protocol. -->
+ <!-- -->
+ <!-- Note that the service endpoint is spring-loaded. In the -->
+ <!-- scenario in which this config is designed to run, the -->
+ <!-- server application merely instantiates a Bus, and does not -->
+ <!-- publish any services programmatically -->
+ <!-- -->
+ <!-- -->
+ <!-- Spring-load an HTTPS servant -->
+ <!-- -->
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-0" address="https://localhost:${testutil.ports.BusServer.0}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.0-tls-config">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-1" address="https://localhost:${testutil.ports.BusServer.1}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.1-tls-config">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-2" address="https://localhost:${testutil.ports.BusServer.2}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.2-tls-config">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-3" address="https://localhost:${testutil.ports.BusServer.3}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.3-tls-config">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-4" address="https://localhost:${testutil.ports.BusServer.4}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.4-tls-config">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-5" address="https://localhost:${testutil.ports.BusServer.5}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.5-tls-config">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-6" address="https://localhost:${testutil.ports.BusServer.6}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.6-tls-config">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-7" address="https://localhost:${testutil.ports.BusServer.7}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.7-tls-config">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9000 -->
+ <!-- -->
+ <httpj:engine-factory id="port-testutil.ports.BusServer.0-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.0}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:certConstraints>
+ <sec:SubjectDNConstraints>
+ <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
+ <sec:RegularExpression>.*OU=Morpit.*</sec:RegularExpression>
+ </sec:SubjectDNConstraints>
+ </sec:certConstraints>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9007 -->
+ <!-- -->
+ <httpj:engine-factory id="port-testutil.ports.BusServer.1-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.1}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:certConstraints>
+ <sec:SubjectDNConstraints>
+ <sec:RegularExpression>.*O=BadApacheTest.*</sec:RegularExpression>
+ </sec:SubjectDNConstraints>
+ </sec:certConstraints>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9008 -->
+ <!-- -->
+ <httpj:engine-factory id="port-testutil.ports.BusServer.2-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.2}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:certConstraints>
+ <sec:SubjectDNConstraints>
+ <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
+ <sec:RegularExpression>.*O=BadApacheTest.*</sec:RegularExpression>
+ </sec:SubjectDNConstraints>
+ </sec:certConstraints>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9009 -->
+ <!-- -->
+ <httpj:engine-factory id="port-testutil.ports.BusServer.3-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.3}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:certConstraints>
+ <sec:SubjectDNConstraints combinator="ANY">
+ <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
+ <sec:RegularExpression>.*O=BadApacheTest.*</sec:RegularExpression>
+ </sec:SubjectDNConstraints>
+ </sec:certConstraints>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9010 -->
+ <!-- -->
+ <httpj:engine-factory id="port-testutil.ports.BusServer.4-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.4}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:certConstraints>
+ <sec:IssuerDNConstraints combinator="ALL">
+ <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
+ <sec:RegularExpression>.*O=BadApacheTest.*</sec:RegularExpression>
+ </sec:IssuerDNConstraints>
+ </sec:certConstraints>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9011 -->
+ <!-- -->
+ <httpj:engine-factory id="port-testutil.ports.BusServer.5-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.5}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:certConstraints>
+ <sec:IssuerDNConstraints combinator="ANY">
+ <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
+ <sec:RegularExpression>.*O=BadApacheTest.*</sec:RegularExpression>
+ </sec:IssuerDNConstraints>
+ </sec:certConstraints>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9012 -->
+ <!-- -->
+ <httpj:engine-factory id="port-testutil.ports.BusServer.6-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.6}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Morpit.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9013 -->
+ <!-- -->
+ <httpj:engine-factory id="port-testutil.ports.BusServer.7-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.7}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Gordy.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- HTTP/S configuration for clients -->
+ <!-- -->
+ <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Morpit.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:certConstraints>
+ <sec:SubjectDNConstraints>
+ <sec:RegularExpression>.*CN=(Bethal|Gordy).*</sec:RegularExpression>
+ <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
+ </sec:SubjectDNConstraints>
+ <sec:IssuerDNConstraints combinator="ANY">
+ <sec:RegularExpression>.*CN=Bethal.*</sec:RegularExpression>
+ <sec:RegularExpression>.*OU=Morpit.*</sec:RegularExpression>
+ </sec:IssuerDNConstraints>
+ </sec:certConstraints>
+ </http:tlsClientParameters>
+ </http:conduit>
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-server.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-server.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-server.xml
new file mode 100644
index 0000000..2ded663
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-server.xml
@@ -0,0 +1,77 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <!-- -->
+ <!-- This Spring config file is designed to represent a minimal -->
+ <!-- configuration for spring-loading a CXF servant, where the -->
+ <!-- servant listens using HTTP/S as the transport protocol. -->
+ <!-- -->
+ <!-- Note that the service endpoint is spring-loaded. In the -->
+ <!-- scenario in which this config is designed to run, the -->
+ <!-- server application merely instantiates a Bus, and does not -->
+ <!-- publish any services programmatically -->
+ <!-- -->
+ <!-- -->
+ <!-- Spring-load an HTTPS servant -->
+ <!-- -->
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" address="https://localhost:${testutil.ports.BusServer.2}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9002-tls-config">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <!-- Non http endpoint -->
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpEndpoint" address="http://localhost:${testutil.ports.BusServer.3}/SoapContext/HttpPort" serviceName="s:SOAPService" endpointName="e:HttpsPort">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9002 -->
+ <!-- -->
+ <httpj:engine-factory id="port-9002-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.2}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ <sec:certAlias>bethal</sec:certAlias>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- HTTP/S configuration for clients -->
+ <!-- -->
+ <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Morpit.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:certAlias>morpit</sec:certAlias>
+ </http:tlsClientParameters>
+ </http:conduit>
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-tlsrefs-publish.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-tlsrefs-publish.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-tlsrefs-publish.xml
new file mode 100644
index 0000000..a9a73fd
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-tlsrefs-publish.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <!-- -->
+ <!-- This Spring config file is designed to represent a minimal -->
+ <!-- configuration for spring-loading a CXF servant, where the -->
+ <!-- servant listens using HTTP/S as the transport protocol. -->
+ <!-- -->
+ <!-- Note that the service endpoint is spring-loaded. In the -->
+ <!-- scenario in which this config is designed to run, the -->
+ <!-- server application merely instantiates a Bus, and does not -->
+ <!-- publish any services programmatically -->
+ <!-- -->
+ <!-- -->
+ <!-- Spring-load an HTTPS servant -->
+ <!-- -->
+ <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" implementor="org.apache.cxf.systest.http.GreeterImpl" address="https://localhost:${testutil.ports.BusServer.1}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9001-tls-config"/>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9001 -->
+ <!-- -->
+ <bean id="serverKeyManagers" class="org.apache.cxf.systest.https.HTTPSClientTest$ServerManagersFactory" factory-method="getKeyManagers"/>
+ <bean id="serverTrustManagers" class="org.apache.cxf.systest.https.HTTPSClientTest$ServerManagersFactory" factory-method="getTrustManagers"/>
+ <httpj:engine-factory id="port-9001-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.1}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers ref="serverKeyManagers"/>
+ <sec:trustManagers ref="serverTrustManagers"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- HTTP/S configuration for clients -->
+ <!-- -->
+ <bean id="clientKeyManagers" class="org.apache.cxf.systest.https.HTTPSClientTest$ClientManagersFactory" factory-method="getKeyManagers"/>
+ <bean id="clientTrustManagers" class="org.apache.cxf.systest.https.HTTPSClientTest$ClientManagersFactory" factory-method="getTrustManagers"/>
+ <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers ref="clientKeyManagers"/>
+ <sec:trustManagers ref="clientTrustManagers"/>
+ </http:tlsClientParameters>
+ </http:conduit>
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/pkcs12.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/pkcs12.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/pkcs12.xml
new file mode 100644
index 0000000..d01a2a0
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/pkcs12.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <!-- -->
+ <!-- This Spring config file is designed to represent a minimal -->
+ <!-- configuration for spring-loading a CXF servant, where the -->
+ <!-- servant listens using HTTP/S as the transport protocol. -->
+ <!-- -->
+ <!-- Note that the service endpoint is spring-loaded. In the -->
+ <!-- scenario in which this config is designed to run, the -->
+ <!-- server application merely instantiates a Bus, and does not -->
+ <!-- publish any services programmatically -->
+ <!-- -->
+ <!-- This test ensures we can use PKCS12 keystores and PEM truststores -->
+ <!-- -->
+ <!-- -->
+ <!-- Spring-load an HTTPS servant -->
+ <!-- -->
+ <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" address="https://localhost:${testutil.ports.BusServer.6}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9006-tls-config">
+ <jaxws:serviceBean>
+ <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+ </jaxws:serviceBean>
+ </jaxws:server>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9006 -->
+ <!-- -->
+ <httpj:engine-factory id="port-9006-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.6}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="pkcs12" password="password" resource="keys/Bethal.p12"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:certStore resource="keys/Truststore.pem"/>
+ </sec:trustManagers>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- HTTP/S configuration for clients -->
+ <!-- -->
+ <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="pkcs12" password="password" resource="keys/Morpit.p12"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:certStore resource="keys/Truststore.pem"/>
+ </sec:trustManagers>
+ </http:tlsClientParameters>
+ </http:conduit>
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/resource-key-spec-url.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/resource-key-spec-url.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/resource-key-spec-url.xml
new file mode 100644
index 0000000..0e70d13
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/resource-key-spec-url.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apach
e.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <!-- -->
+ <!-- This Spring config file is designed to represent a minimal -->
+ <!-- configuration for spring-loading a CXF servant, where the -->
+ <!-- servant listens using HTTP/S as the transport protocol. -->
+ <!-- -->
+ <!-- Note that the service endpoint is spring-loaded. In the -->
+ <!-- scenario in which this config is designed to run, the -->
+ <!-- server application merely instantiates a Bus, and does not -->
+ <!-- publish any services programmatically -->
+ <!-- -->
+ <!-- -->
+ <!-- Spring-load an HTTPS servant -->
+ <!-- -->
+ <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" implementor="org.apache.cxf.systest.http.GreeterImpl" address="https://localhost:${testutil.ports.BusServer.5}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" wsdlLocation="/wsdl/hello_world_services.wsdl" depends-on="port-9005-tls-config">
+ <jaxws:features>
+ <cxf:logging/>
+ </jaxws:features>
+ </jaxws:endpoint>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9005 -->
+ <!-- -->
+ <!-- This test exercises the resource attribute in a keyStore element -->
+ <!-- -->
+ <httpj:engine-factory id="port-9005-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.5}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- HTTP/S configuration for clients -->
+ <!-- -->
+ <!-- This test exercises the resource attribute in a keyStore and certStore element -->
+ <!-- -->
+ <http:conduit name="https://localhost:.*/SoapContext/HttpsPort">
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="pkcs12" password="password" resource="keys/Morpit.p12"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:certStore resource="keys/Truststore.pem"/>
+ </sec:trustManagers>
+ </http:tlsClientParameters>
+ </http:conduit>
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/resource-key-spec.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/resource-key-spec.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/resource-key-spec.xml
new file mode 100644
index 0000000..a1f9bba
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/resource-key-spec.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <!-- -->
+ <!-- This Spring config file is designed to represent a minimal -->
+ <!-- configuration for spring-loading a CXF servant, where the -->
+ <!-- servant listens using HTTP/S as the transport protocol. -->
+ <!-- -->
+ <!-- Note that the service endpoint is spring-loaded. In the -->
+ <!-- scenario in which this config is designed to run, the -->
+ <!-- server application merely instantiates a Bus, and does not -->
+ <!-- publish any services programmatically -->
+ <!-- -->
+ <!-- -->
+ <!-- Spring-load an HTTPS servant -->
+ <!-- -->
+ <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" implementor="org.apache.cxf.systest.http.GreeterImpl" address="https://localhost:${testutil.ports.BusServer.4}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9004-tls-config"/>
+ <!-- -->
+ <!-- TLS Port configuration parameters for port 9004 -->
+ <!-- -->
+ <!-- This test exercises the resource attribute in a keyStore element -->
+ <!-- -->
+ <httpj:engine-factory id="port-9004-tls-config">
+ <httpj:engine port="${testutil.ports.BusServer.4}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+ <!-- -->
+ <!-- HTTP/S configuration for clients -->
+ <!-- -->
+ <!-- This test exercises the resource attribute in a keyStore and certStore element -->
+ <!-- -->
+ <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="pkcs12" password="password" resource="keys/Morpit.p12"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:certStore resource="keys/Truststore.pem"/>
+ </sec:trustManagers>
+ </http:tlsClientParameters>
+ </http:conduit>
+</beans>
[4/6] cxf git commit: Missing files from last commit
Posted by co...@apache.org.
Missing files from last commit
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c1a0be87
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c1a0be87
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c1a0be87
Branch: refs/heads/3.0.x-fixes
Commit: c1a0be87baed889788ed2066fbbc0723ccf31e95
Parents: 1b7c93c
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Dec 11 11:58:52 2014 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Dec 11 11:59:27 2014 +0000
----------------------------------------------------------------------
.../org/apache/cxf/systest/https/BusServer.java | 73 ++
.../cxf/systest/https/HTTPSConduitTest.java | 755 +++++++++++++++++++
.../https/HTTPSProxyAuthConduitTest.java | 111 +++
.../systest/https/HTTPSProxyConduitTest.java | 100 +++
.../org/apache/cxf/systest/https/Server.java | 100 +++
.../org/apache/cxf/systest/https/Mortimer.cxf | 47 ++
.../org/apache/cxf/systest/https/greeting.wsdl | 166 ++++
7 files changed, 1352 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/c1a0be87/systests/transports/src/test/java/org/apache/cxf/systest/https/BusServer.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/BusServer.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/BusServer.java
new file mode 100644
index 0000000..09df754
--- /dev/null
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/BusServer.java
@@ -0,0 +1,73 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.https;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+import org.apache.cxf.testutil.common.TestUtil;
+
+/**
+ * This server just instantiates a Bus, full stop.
+ * Everything else is designed to be spring-loaded.
+ */
+public class BusServer extends AbstractBusTestServerBase {
+ public static final Map<String, String> PORTMAP = new HashMap<String, String>();
+ public static void resetPortMap() {
+ PORTMAP.clear();
+ for (int x = 0; x < 9; x++) {
+ PORTMAP.put("PORT" + x, TestUtil.getNewPortNumber(BusServer.class, x));
+ }
+ }
+ public static String getPort(int x) {
+ if (PORTMAP.isEmpty()) {
+ for (int y = 0; y < 9; y++) {
+ PORTMAP.put("PORT" + y, TestUtil.getPortNumber(BusServer.class, y));
+ }
+ }
+ return PORTMAP.get("PORT" + x);
+ }
+
+
+ protected void run() {
+ //
+ // Just instantiate the Bus; services will be instantiated
+ // and published automatically through Spring
+ //
+ final BusFactory factory = BusFactory.newInstance();
+ Bus bus = factory.createBus();
+ setBus(bus);
+ BusFactory.setDefaultBus(bus);
+ BusFactory.setThreadDefaultBus(bus);
+ }
+
+ public static void main(String[] args) {
+ try {
+ BusServer s = new BusServer();
+ s.start();
+ } catch (Exception ex) {
+ ex.printStackTrace();
+ System.exit(-1);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/c1a0be87/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSConduitTest.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSConduitTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSConduitTest.java
new file mode 100644
index 0000000..c375e7e
--- /dev/null
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSConduitTest.java
@@ -0,0 +1,755 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.https;
+
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.net.URI;
+import java.net.URL;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.TreeMap;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.xml.namespace.QName;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.BusApplicationContext;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.configuration.jsse.TLSClientParameters;
+import org.apache.cxf.configuration.security.AuthorizationPolicy;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transport.http.MessageTrustDecider;
+import org.apache.cxf.transport.http.URLConnectionInfo;
+import org.apache.cxf.transport.http.UntrustedURLConnectionIOException;
+import org.apache.cxf.transport.http.auth.HttpAuthHeader;
+import org.apache.cxf.transport.http.auth.HttpAuthSupplier;
+import org.apache.cxf.transport.https.HttpsURLConnectionInfo;
+import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
+import org.apache.hello_world.Greeter;
+import org.apache.hello_world.services.SOAPService;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.springframework.context.ApplicationContext;
+
+/**
+ * This class tests several issues and Conduit policies based
+ * on a set up of redirecting servers.
+ * <pre>
+ *
+ * Http Redirection:
+ *
+ * Poltim(https:9005) ----> Mortimer (http:9000)
+ *
+ * HttpS redirection/Trust:
+ *
+ * Tarpin(https:9003) ----> Gordy(https:9001) ----> Bethal(https:9002)
+ *
+ * Hostname Verifier Test
+ *
+ * Morpit (https:9008)
+ *
+ * </pre>HTTPConduitTest
+ * The Bethal server issues 401 with differing realms depending on the
+ * User name given in the authorization header.
+ * <p>
+ * The Morpit has a CN that is not equal to "localhost" to kick in
+ * the Hostname Verifier.
+ */
+public class HTTPSConduitTest extends AbstractBusClientServerTestBase {
+ private static final boolean IN_PROCESS = true;
+
+ private static TLSClientParameters tlsClientParameters = new TLSClientParameters();
+ private static List<String> servers = new ArrayList<String>();
+
+ private static Map<String, String> addrMap = new TreeMap<String, String>();
+
+ static {
+ try {
+ //System.setProperty("javax.net.debug", "all");
+ URL key = Server.class.getResource("../../../../../keys/Morpit.jks");
+ String keystore = new File(key.toURI()).getAbsolutePath();
+ //System.out.println("Keystore: " + keystore);
+ KeyManager[] kmgrs = getKeyManagers(getKeyStore("JKS", keystore, "password"), "password");
+
+ key = Server.class.getResource("../../../../../keys/Truststore.jks");
+
+ String truststore = new File(key.toURI()).getAbsolutePath();
+ //System.out.println("Truststore: " + truststore);
+ TrustManager[] tmgrs = getTrustManagers(getKeyStore("JKS", truststore, "password"));
+
+ tlsClientParameters.setKeyManagers(kmgrs);
+ tlsClientParameters.setTrustManagers(tmgrs);
+ } catch (Exception e) {
+ throw new RuntimeException("Static initialization failed", e);
+ }
+ }
+
+ private final QName serviceName =
+ new QName("http://apache.org/hello_world", "SOAPService");
+ private final QName bethalQ =
+ new QName("http://apache.org/hello_world", "Bethal");
+ private final QName gordyQ =
+ new QName("http://apache.org/hello_world", "Gordy");
+ private final QName tarpinQ =
+ new QName("http://apache.org/hello_world", "Tarpin");
+ private final QName poltimQ =
+ new QName("http://apache.org/hello_world", "Poltim");
+
+ public HTTPSConduitTest() {
+ }
+
+
+ public static String getPort(String s) {
+ return BusServer.PORTMAP.get(s);
+ }
+
+ @BeforeClass
+ public static void allocatePorts() {
+ BusServer.resetPortMap();
+ addrMap.clear();
+ addrMap.put("Mortimer", "http://localhost:" + getPort("PORT0") + "/");
+ addrMap.put("Tarpin", "https://localhost:" + getPort("PORT1") + "/");
+ addrMap.put("Poltim", "https://localhost:" + getPort("PORT2") + "/");
+ addrMap.put("Gordy", "https://localhost:" + getPort("PORT3") + "/");
+ addrMap.put("Bethal", "https://localhost:" + getPort("PORT4") + "/");
+ addrMap.put("Morpit", "https://localhost:" + getPort("PORT5") + "/");
+ tlsClientParameters.setDisableCNCheck(true);
+ servers.clear();
+ }
+
+
+ /**
+ * This function is used to start up a server. It only "starts" a
+ * server if it hasn't been started before, hence its static nature.
+ * <p>
+ * This approach is used to start the needed servers for a particular test
+ * instead of starting them all in "startServers". This single needed
+ * server approach allieviates the pain in starting them all just to run
+ * a particular test in the debugger.
+ */
+ public synchronized boolean startServer(String name) {
+ if (servers.contains(name)) {
+ return true;
+ }
+ Bus bus = BusFactory.getThreadDefaultBus(false);
+ URL serverC =
+ Server.class.getResource(name + ".cxf");
+ BusFactory.setDefaultBus(null);
+ BusFactory.setThreadDefaultBus(null);
+ boolean server = launchServer(Server.class, null,
+ new String[] {
+ name,
+ addrMap.get(name),
+ serverC.toString() },
+ IN_PROCESS);
+ if (server) {
+ servers.add(name);
+ }
+ BusFactory.setDefaultBus(null);
+ BusFactory.setThreadDefaultBus(bus);
+ return server;
+ }
+
+ @AfterClass
+ public static void cleanUp() {
+ Bus b = BusFactory.getDefaultBus(false);
+ if (b != null) {
+ b.shutdown(true);
+ }
+ b = BusFactory.getThreadDefaultBus(false);
+ if (b != null) {
+ b.shutdown(true);
+ }
+ }
+
+ public static KeyStore getKeyStore(String ksType, String file, String ksPassword)
+ throws GeneralSecurityException,
+ IOException {
+
+ String type = ksType != null
+ ? ksType
+ : KeyStore.getDefaultType();
+
+ char[] password = ksPassword != null
+ ? ksPassword.toCharArray()
+ : null;
+
+ // We just use the default Keystore provider
+ KeyStore keyStore = KeyStore.getInstance(type);
+
+ keyStore.load(new FileInputStream(file), password);
+
+ return keyStore;
+ }
+
+ public static KeyManager[] getKeyManagers(KeyStore keyStore, String keyPassword)
+ throws GeneralSecurityException,
+ IOException {
+ // For tests, we just use the default algorithm
+ String alg = KeyManagerFactory.getDefaultAlgorithm();
+
+ char[] keyPass = keyPassword != null
+ ? keyPassword.toCharArray()
+ : null;
+
+ // For tests, we just use the default provider.
+ KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
+
+ fac.init(keyStore, keyPass);
+
+ return fac.getKeyManagers();
+ }
+
+ public static TrustManager[] getTrustManagers(KeyStore keyStore)
+ throws GeneralSecurityException,
+ IOException {
+ // For tests, we just use the default algorithm
+ String alg = TrustManagerFactory.getDefaultAlgorithm();
+
+ // For tests, we just use the default provider.
+ TrustManagerFactory fac = TrustManagerFactory.getInstance(alg);
+
+ fac.init(keyStore);
+
+ return fac.getTrustManagers();
+ }
+
+ //methods that a subclass can override to inject a Proxy into the flow
+ //and assert the proxy was appropriately called
+ public void configureProxy(Client c) {
+ }
+ public void resetProxyCount() {
+ }
+ public void assertProxyRequestCount(int i) {
+ }
+
+ /**
+ * We use this class to reset the default bus.
+ * Note: This may not always work in the future.
+ * I was lucky in that "defaultBus" is actually a
+ * protected static.
+ */
+ class DefaultBusFactory extends SpringBusFactory {
+ public Bus createBus(URL config) {
+ Bus bus = super.createBus(config, true);
+ BusFactory.setDefaultBus(bus);
+ BusFactory.setThreadDefaultBus(bus);
+ return bus;
+ }
+ }
+
+ /**
+ * This methods tests a basic https connection to Bethal.
+ * It supplies an authorization policy with preemptive user/pass
+ * to avoid the 401.
+ */
+ @Test
+ public void testHttpsBasicConnectionWithConfig() throws Exception {
+ startServer("Bethal");
+
+ URL config = getClass().getResource("BethalClientConfig.cxf");
+
+ // We go through the back door, setting the default bus.
+ new DefaultBusFactory().createBus(config);
+ URL wsdl = getClass().getResource("greeting.wsdl");
+ assertNotNull("WSDL is null", wsdl);
+
+ SOAPService service = new SOAPService(wsdl, serviceName);
+ assertNotNull("Service is null", service);
+
+ Greeter bethal = service.getPort(bethalQ, Greeter.class);
+
+ assertNotNull("Port is null", bethal);
+ updateAddressPort(bethal, getPort("PORT4"));
+ verifyBethalClient(bethal);
+ }
+
+ @Test
+ public void testGetClientFromSpringContext() throws Exception {
+ startServer("Bethal");
+
+ BusFactory.setDefaultBus(null);
+ // The client bean configuration file
+ URL beans = getClass().getResource("BethalClientBeans.xml");
+ // We go through the back door, setting the default bus.
+ Bus bus = new DefaultBusFactory().createBus(beans);
+
+ ApplicationContext context = bus.getExtension(BusApplicationContext.class);
+ Greeter bethal = (Greeter)context.getBean("Bethal");
+ updateAddressPort(bethal, getPort("PORT4"));
+ // verify the client side's setting
+ verifyBethalClient(bethal);
+ }
+
+ // we just verify the configurations are loaded successfully
+ private void verifyBethalClient(Greeter bethal) {
+ Client client = ClientProxy.getClient(bethal);
+
+ HTTPConduit http =
+ (HTTPConduit) client.getConduit();
+
+ HTTPClientPolicy httpClientPolicy = http.getClient();
+ assertEquals("the httpClientPolicy's autoRedirect should be true",
+ true, httpClientPolicy.isAutoRedirect());
+ TLSClientParameters tlsParameters = http.getTlsClientParameters();
+ assertNotNull("the http conduit's tlsParameters should not be null", tlsParameters);
+
+
+ // If we set any name, but Edward, Mary, or George,
+ // and a password of "password" we will get through
+ // Bethal.
+ AuthorizationPolicy authPolicy = http.getAuthorization();
+ assertEquals("Set the wrong user name from the configuration",
+ "Betty", authPolicy.getUserName());
+ assertEquals("Set the wrong pass word form the configuration",
+ "password", authPolicy.getPassword());
+
+ configureProxy(ClientProxy.getClient(bethal));
+
+ String answer = bethal.sayHi();
+ answer = bethal.sayHi();
+ answer = bethal.sayHi();
+ answer = bethal.sayHi();
+ answer = bethal.sayHi();
+ assertTrue("Unexpected answer: " + answer,
+ "Bonjour from Bethal".equals(answer));
+
+ //With HTTPS, it will just be a CONNECT to the proxy and all the
+ //data is encrypted. Thus, the proxy cannot distinquish the requests
+ assertProxyRequestCount(0);
+ }
+
+ /**
+ * This methods tests a basic https connection to Bethal.
+ * It supplies an authorization policy with premetive user/pass
+ * to avoid the 401.
+ */
+ @Test
+ public void testHttpsBasicConnection() throws Exception {
+ startServer("Bethal");
+
+ URL wsdl = getClass().getResource("greeting.wsdl");
+ assertNotNull("WSDL is null", wsdl);
+
+ SOAPService service = new SOAPService(wsdl, serviceName);
+ assertNotNull("Service is null", service);
+
+ Greeter bethal = service.getPort(bethalQ, Greeter.class);
+ assertNotNull("Port is null", bethal);
+ updateAddressPort(bethal, getPort("PORT4"));
+
+ // Okay, I'm sick of configuration files.
+ // This also tests dynamic configuration of the conduit.
+ Client client = ClientProxy.getClient(bethal);
+ HTTPConduit http =
+ (HTTPConduit) client.getConduit();
+
+ HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
+
+ httpClientPolicy.setAutoRedirect(false);
+ // If we set any name, but Edward, Mary, or George,
+ // and a password of "password" we will get through
+ // Bethal.
+ AuthorizationPolicy authPolicy = new AuthorizationPolicy();
+ authPolicy.setUserName("Betty");
+ authPolicy.setPassword("password");
+
+ http.setClient(httpClientPolicy);
+ http.setTlsClientParameters(tlsClientParameters);
+ http.setAuthorization(authPolicy);
+
+ configureProxy(client);
+ String answer = bethal.sayHi();
+ assertTrue("Unexpected answer: " + answer,
+ "Bonjour from Bethal".equals(answer));
+ assertProxyRequestCount(0);
+ }
+
+
+ @Test
+ public void testHttpsRedirectToHttpFail() throws Exception {
+ startServer("Mortimer");
+ startServer("Poltim");
+
+ URL wsdl = getClass().getResource("greeting.wsdl");
+ assertNotNull("WSDL is null", wsdl);
+
+ SOAPService service = new SOAPService(wsdl, serviceName);
+ assertNotNull("Service is null", service);
+
+ Greeter poltim = service.getPort(poltimQ, Greeter.class);
+ assertNotNull("Port is null", poltim);
+ updateAddressPort(poltim, getPort("PORT2"));
+
+ // Okay, I'm sick of configuration files.
+ // This also tests dynamic configuration of the conduit.
+ Client client = ClientProxy.getClient(poltim);
+ HTTPConduit http =
+ (HTTPConduit) client.getConduit();
+
+ HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
+
+ httpClientPolicy.setAutoRedirect(true);
+
+ http.setClient(httpClientPolicy);
+ http.setTlsClientParameters(tlsClientParameters);
+ configureProxy(client);
+ poltim.sayHi();
+ //client -> poltim is https and thus not recorded but then redirected to mortimer
+ //client -> mortimer is http and recoreded
+ assertProxyRequestCount(1);
+ }
+
+ class MyHttpsTrustDecider extends MessageTrustDecider {
+
+ private String[] trustName;
+ private int called;
+
+ MyHttpsTrustDecider(String name) {
+ trustName = new String[] {name};
+ }
+
+ MyHttpsTrustDecider(String[] name) {
+ trustName = name;
+ }
+
+ public int wasCalled() {
+ return called;
+ }
+
+ public void establishTrust(
+ String conduitName,
+ URLConnectionInfo cinfo,
+ Message message
+ ) throws UntrustedURLConnectionIOException {
+
+ called++;
+
+ HttpsURLConnectionInfo ci = (HttpsURLConnectionInfo) cinfo;
+ boolean trusted = false;
+ for (int i = 0; i < trustName.length; i++) {
+ trusted = trusted
+ || ci.getPeerPrincipal()
+ .toString().contains("OU=" + trustName[i]);
+ }
+ if (!trusted) {
+ throw new UntrustedURLConnectionIOException(
+ "Peer Principal \""
+ + ci.getPeerPrincipal()
+ + "\" does not contain "
+ + getTrustNames());
+ }
+ }
+
+ private String getTrustNames() {
+ StringBuffer sb = new StringBuffer();
+ for (int i = 0; i < trustName.length; i++) {
+ sb.append("\"OU=");
+ sb.append(trustName[i]);
+ sb.append("\"");
+ if (i < trustName.length - 1) {
+ sb.append(", ");
+ }
+ }
+ return sb.toString();
+ }
+ }
+
+ @Test
+ public void testHttpsTrust() throws Exception {
+ startServer("Bethal");
+
+ URL wsdl = getClass().getResource("greeting.wsdl");
+ assertNotNull("WSDL is null", wsdl);
+
+ SOAPService service = new SOAPService(wsdl, serviceName);
+ assertNotNull("Service is null", service);
+
+ Greeter bethal = service.getPort(bethalQ, Greeter.class);
+ assertNotNull("Port is null", bethal);
+ updateAddressPort(bethal, getPort("PORT4"));
+
+ // Okay, I'm sick of configuration files.
+ // This also tests dynamic configuration of the conduit.
+ Client client = ClientProxy.getClient(bethal);
+ HTTPConduit http =
+ (HTTPConduit) client.getConduit();
+
+ HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
+
+ httpClientPolicy.setAutoRedirect(false);
+ // If we set any name, but Edward, Mary, or George,
+ // and a password of "password" we will get through
+ // Bethal.
+ AuthorizationPolicy authPolicy = new AuthorizationPolicy();
+ authPolicy.setUserName("Betty");
+ authPolicy.setPassword("password");
+
+ http.setClient(httpClientPolicy);
+ http.setTlsClientParameters(tlsClientParameters);
+ http.setAuthorization(authPolicy);
+
+ // Our expected server should be OU=Bethal
+ http.setTrustDecider(new MyHttpsTrustDecider("Bethal"));
+
+ configureProxy(client);
+ String answer = bethal.sayHi();
+ assertTrue("Unexpected answer: " + answer,
+ "Bonjour from Bethal".equals(answer));
+ assertProxyRequestCount(0);
+
+
+ // Nobody will not equal OU=Bethal
+ MyHttpsTrustDecider trustDecider =
+ new MyHttpsTrustDecider("Nobody");
+ http.setTrustDecider(trustDecider);
+ try {
+ answer = bethal.sayHi();
+ fail("Unexpected answer from Bethal: " + answer);
+ } catch (Exception e) {
+ //e.printStackTrace();
+ //assertTrue("Trust Decider was not called",
+ // 0 > trustDecider.wasCalled());
+ }
+ assertProxyRequestCount(0);
+ }
+
+ @Test
+ public void testHttpsTrustRedirect() throws Exception {
+ startServer("Tarpin");
+ startServer("Gordy");
+ startServer("Bethal");
+
+ URL wsdl = getClass().getResource("greeting.wsdl");
+ assertNotNull("WSDL is null", wsdl);
+
+ SOAPService service = new SOAPService(wsdl, serviceName);
+ assertNotNull("Service is null", service);
+
+ Greeter tarpin = service.getPort(tarpinQ, Greeter.class);
+ assertNotNull("Port is null", tarpin);
+ updateAddressPort(tarpin, getPort("PORT1"));
+
+ // Okay, I'm sick of configuration files.
+ // This also tests dynamic configuration of the conduit.
+ Client client = ClientProxy.getClient(tarpin);
+ HTTPConduit http =
+ (HTTPConduit) client.getConduit();
+
+ HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
+
+ httpClientPolicy.setAutoRedirect(true);
+ // If we set any name, but Edward, Mary, or George,
+ // and a password of "password" we will get through
+ // Bethal.
+ AuthorizationPolicy authPolicy = new AuthorizationPolicy();
+ authPolicy.setUserName("Betty");
+ authPolicy.setPassword("password");
+
+ http.setClient(httpClientPolicy);
+ http.setTlsClientParameters(tlsClientParameters);
+ http.setAuthorization(authPolicy);
+
+ // We get redirected from Tarpin, to Gordy, to Bethal.
+ MyHttpsTrustDecider trustDecider =
+ new MyHttpsTrustDecider(
+ new String[] {"Tarpin", "Gordy", "Bethal"});
+ http.setTrustDecider(trustDecider);
+
+ // We actually get our answer from Bethal at the end of the
+ // redirects.
+ configureProxy(ClientProxy.getClient(tarpin));
+ String answer = tarpin.sayHi();
+ assertProxyRequestCount(0);
+
+ assertTrue("Trust Decider wasn't called correctly",
+ 3 == trustDecider.wasCalled());
+ assertTrue("Unexpected answer: " + answer,
+ "Bonjour from Bethal".equals(answer));
+
+ // Limit the redirects to 1, since there are two, this should fail.
+ http.getClient().setMaxRetransmits(1);
+
+ try {
+ answer = tarpin.sayHi();
+ fail("Unexpected answer from Tarpin: " + answer);
+ } catch (Exception e) {
+ //e.printStackTrace();
+ }
+ assertProxyRequestCount(0);
+
+ // Set back to unlimited.
+ http.getClient().setMaxRetransmits(-1);
+
+ // Effectively we will not trust Gordy in the middle.
+ trustDecider =
+ new MyHttpsTrustDecider(
+ new String[] {"Tarpin", "Bethal"});
+ http.setTrustDecider(trustDecider);
+
+ try {
+ answer = tarpin.sayHi();
+ fail("Unexpected answer from Tarpin: " + answer);
+ } catch (Exception e) {
+ //e.printStackTrace();
+ assertTrue("Trust Decider wasn't called correctly",
+ 2 == trustDecider.wasCalled());
+ }
+ assertProxyRequestCount(0);
+ }
+
+ public class MyBasicAuthSupplier implements HttpAuthSupplier {
+
+ String realm;
+ String user;
+ String pass;
+
+ /**
+ * This will loop from Cronus, to Andromeda, to Zorantius
+ */
+ MyBasicAuthSupplier() {
+ }
+
+ MyBasicAuthSupplier(String r, String u, String p) {
+ realm = r;
+ user = u;
+ pass = p;
+ }
+
+ /**
+ * If we don't have the realm set, then we loop
+ * through the realms.
+ */
+ public String getAuthorization(
+ AuthorizationPolicy authPolicy,
+ URI currentURI,
+ Message message,
+ String fullHeader
+ ) {
+ String reqestedRealm = new HttpAuthHeader(fullHeader).getRealm();
+ if (realm != null && realm.equals(reqestedRealm)) {
+ return createUserPass(user, pass);
+ }
+ if ("Andromeda".equals(reqestedRealm)) {
+ // This will get us another 401 to Zorantius
+ return createUserPass("Edward", "password");
+ }
+ if ("Zorantius".equals(reqestedRealm)) {
+ // George will get us another 401 to Cronus
+ return createUserPass("George", "password");
+ }
+ if ("Cronus".equals(reqestedRealm)) {
+ // Mary will get us another 401 to Andromeda
+ return createUserPass("Mary", "password");
+ }
+ return null;
+ }
+
+ private String createUserPass(String usr, String pwd) {
+ String userpass = usr + ":" + pwd;
+ String token = Base64Utility.encode(userpass.getBytes());
+ return "Basic " + token;
+ }
+
+ public boolean requiresRequestCaching() {
+ return false;
+ }
+
+ }
+
+ /**
+ * This tests redirects through Gordy to Bethal. Bethal will
+ * supply a series of 401s. See PushBack401.
+ */
+ @Test
+ public void testHttpsRedirect401Response() throws Exception {
+ startServer("Gordy");
+ startServer("Bethal");
+
+ URL wsdl = getClass().getResource("greeting.wsdl");
+ assertNotNull("WSDL is null", wsdl);
+
+ SOAPService service = new SOAPService(wsdl, serviceName);
+ assertNotNull("Service is null", service);
+
+ Greeter gordy = service.getPort(gordyQ, Greeter.class);
+ assertNotNull("Port is null", gordy);
+ updateAddressPort(gordy, getPort("PORT3"));
+
+ // Okay, I'm sick of configuration files.
+ // This also tests dynamic configuration of the conduit.
+ Client client = ClientProxy.getClient(gordy);
+ HTTPConduit http =
+ (HTTPConduit) client.getConduit();
+
+ HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
+
+ httpClientPolicy.setAutoRedirect(true);
+ http.setClient(httpClientPolicy);
+ http.setTlsClientParameters(tlsClientParameters);
+
+ // We get redirected from Gordy, to Bethal.
+ http.setTrustDecider(
+ new MyHttpsTrustDecider(
+ new String[] {"Gordy", "Bethal"}));
+
+ // Without preemptive user/pass Bethal returns a
+ // 401 for realm Cronus. If we supply any name other
+ // than Edward, George, or Mary, with the pass of "password"
+ // we should succeed.
+ http.setAuthSupplier(
+ new MyBasicAuthSupplier("Cronus", "Betty", "password"));
+
+ // We actually get our answer from Bethal at the end of the
+ // redirects.
+ String answer = gordy.sayHi();
+ assertTrue("Unexpected answer: " + answer,
+ "Bonjour from Bethal".equals(answer));
+
+ // The loop auth supplier,
+ // We should die with looping realms.
+ http.setAuthSupplier(new MyBasicAuthSupplier());
+
+ try {
+ answer = gordy.sayHi();
+ fail("Unexpected answer from Gordy: " + answer);
+ } catch (Exception e) {
+ //e.printStackTrace();
+ }
+ }
+
+}
+
http://git-wip-us.apache.org/repos/asf/cxf/blob/c1a0be87/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSProxyAuthConduitTest.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSProxyAuthConduitTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSProxyAuthConduitTest.java
new file mode 100644
index 0000000..2750f21
--- /dev/null
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSProxyAuthConduitTest.java
@@ -0,0 +1,111 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.https;
+
+import java.util.HashMap;
+import java.util.concurrent.atomic.AtomicInteger;
+
+import org.apache.cxf.configuration.security.ProxyAuthorizationPolicy;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
+
+import org.jboss.netty.handler.codec.http.HttpRequest;
+
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+
+import org.littleshoot.proxy.DefaultHttpProxyServer;
+import org.littleshoot.proxy.HttpFilter;
+import org.littleshoot.proxy.HttpRequestFilter;
+import org.littleshoot.proxy.ProxyAuthorizationHandler;
+
+
+/**
+ *
+ */
+public class HTTPSProxyAuthConduitTest extends HTTPSConduitTest {
+ static final int PROXY_PORT = Integer.parseInt(allocatePort(HTTPSProxyAuthConduitTest.class));
+ static DefaultHttpProxyServer proxy;
+ static CountingFilter requestFilter = new CountingFilter();
+
+ static class CountingFilter implements HttpRequestFilter {
+ AtomicInteger count = new AtomicInteger();
+ public void filter(HttpRequest httpRequest) {
+ count.incrementAndGet();
+ }
+
+ public void reset() {
+ count.set(0);
+ }
+ public int getCount() {
+ return count.get();
+ }
+ }
+
+ public HTTPSProxyAuthConduitTest() {
+ }
+
+
+ @AfterClass
+ public static void stopProxy() {
+ proxy.stop();
+ proxy = null;
+ }
+
+ @BeforeClass
+ public static void startProxy() {
+ proxy = new DefaultHttpProxyServer(PROXY_PORT, requestFilter, new HashMap<String, HttpFilter>());
+ proxy.addProxyAuthenticationHandler(new ProxyAuthorizationHandler() {
+ public boolean authenticate(String userName, String password) {
+ return "password".equals(password) && "CXF".equals(userName);
+ }
+ });
+ proxy.start();
+ }
+ @Before
+ public void resetCount() {
+ requestFilter.reset();
+ }
+
+ public void configureProxy(Client client) {
+ HTTPConduit cond = (HTTPConduit)client.getConduit();
+ HTTPClientPolicy pol = cond.getClient();
+ if (pol == null) {
+ pol = new HTTPClientPolicy();
+ cond.setClient(pol);
+ }
+ pol.setProxyServer("localhost");
+ pol.setProxyServerPort(PROXY_PORT);
+ ProxyAuthorizationPolicy auth = new ProxyAuthorizationPolicy();
+ auth.setUserName("CXF");
+ auth.setPassword("password");
+ cond.setProxyAuthorization(auth);
+ }
+
+ public void resetProxyCount() {
+ requestFilter.reset();
+ }
+ public void assertProxyRequestCount(int i) {
+ assertEquals("Unexpected request count", i, requestFilter.getCount());
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/c1a0be87/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSProxyConduitTest.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSProxyConduitTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSProxyConduitTest.java
new file mode 100644
index 0000000..8171576
--- /dev/null
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSProxyConduitTest.java
@@ -0,0 +1,100 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.https;
+
+import java.util.HashMap;
+import java.util.concurrent.atomic.AtomicInteger;
+
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
+
+import org.jboss.netty.handler.codec.http.HttpRequest;
+
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+
+import org.littleshoot.proxy.DefaultHttpProxyServer;
+import org.littleshoot.proxy.HttpFilter;
+import org.littleshoot.proxy.HttpRequestFilter;
+
+
+/**
+ *
+ */
+public class HTTPSProxyConduitTest extends HTTPSConduitTest {
+ static final int PROXY_PORT = Integer.parseInt(allocatePort(HTTPSProxyConduitTest.class));
+ static DefaultHttpProxyServer proxy;
+ static CountingFilter requestFilter = new CountingFilter();
+
+ static class CountingFilter implements HttpRequestFilter {
+ AtomicInteger count = new AtomicInteger();
+ public void filter(HttpRequest httpRequest) {
+ count.incrementAndGet();
+ }
+
+ public void reset() {
+ count.set(0);
+ }
+ public int getCount() {
+ return count.get();
+ }
+ }
+
+ public HTTPSProxyConduitTest() {
+ }
+
+
+ @AfterClass
+ public static void stopProxy() {
+ proxy.stop();
+ proxy = null;
+ }
+
+ @BeforeClass
+ public static void startProxy() {
+ proxy = new DefaultHttpProxyServer(PROXY_PORT, requestFilter, new HashMap<String, HttpFilter>());
+ proxy.start();
+ }
+ @Before
+ public void resetCount() {
+ requestFilter.reset();
+ }
+
+ public void configureProxy(Client client) {
+ HTTPConduit cond = (HTTPConduit)client.getConduit();
+ HTTPClientPolicy pol = cond.getClient();
+ if (pol == null) {
+ pol = new HTTPClientPolicy();
+ cond.setClient(pol);
+ }
+ pol.setProxyServer("localhost");
+ pol.setProxyServerPort(PROXY_PORT);
+ }
+
+ public void resetProxyCount() {
+ requestFilter.reset();
+ }
+ public void assertProxyRequestCount(int i) {
+ assertEquals("Unexpected request count", i, requestFilter.getCount());
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/c1a0be87/systests/transports/src/test/java/org/apache/cxf/systest/https/Server.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/Server.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/Server.java
new file mode 100644
index 0000000..12f3bbd
--- /dev/null
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/Server.java
@@ -0,0 +1,100 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.https;
+
+import java.net.URL;
+
+import javax.xml.namespace.QName;
+
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.jaxws.EndpointImpl;
+import org.apache.cxf.systest.http.GreeterImpl;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+public class Server extends AbstractBusTestServerBase {
+ public static final String PORT = allocatePort(Server.class);
+
+ private String name;
+ private String address;
+ private URL configFileURL;
+ private EndpointImpl ep;
+
+ public Server(String[] args) throws Exception {
+ this(args[0], args[1], args[2]);
+ }
+
+ public Server(String n, String addr, String conf) throws Exception {
+ name = n;
+ address = addr;
+ configFileURL = new URL(conf);
+ //System.out.println("Starting " + name
+ // + " Server at " + address
+ // + " with config " + configFileURL);
+
+ }
+ public void tearDown() throws Exception {
+ if (ep != null) {
+ ep.stop();
+ ep = null;
+ }
+ }
+
+ protected void run() {
+ // We use a null binding id in the call to EndpointImpl
+ // constructor. Why?
+ final String nullBindingID = null;
+
+ // We need to specify to use defaults on constructing the
+ // bus, because our configuration file doesn't have
+ // everything needed.
+ final boolean useDefaults = true;
+
+ // We configure a new bus for this server.
+ setBus(new SpringBusFactory().createBus(configFileURL, useDefaults));
+
+ // This impl class must have the appropriate annotations
+ // to match the WSDL file that we are using.
+ Object implementor = new GreeterImpl(name);
+
+ // I don't know why this works.
+ ep =
+ new EndpointImpl(
+ getBus(),
+ implementor,
+ nullBindingID,
+ this.getClass().getResource("greeting.wsdl").toString());
+ // How the hell do I know what the name of the
+ // http-destination is from using this call?
+ ep.setEndpointName(new QName("http://apache.org/hello_world", name));
+ ep.publish(address);
+ }
+
+
+ public static void main(String[] args) {
+ try {
+ Server s = new Server(args);
+ s.start();
+ } catch (Exception ex) {
+ ex.printStackTrace();
+ System.exit(-1);
+ }
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/cxf/blob/c1a0be87/systests/transports/src/test/resources/org/apache/cxf/systest/https/Mortimer.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Mortimer.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Mortimer.cxf
new file mode 100644
index 0000000..4a26c85
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Mortimer.cxf
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<!--
+ ** This file configures the Mortimer Server.
+ ** It is an http server.
+ -->
+
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
+ xsi:schemaLocation="
+ http://cxf.apache.org/configuration/security
+ http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/transports/http/configuration
+ http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration
+ http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <http:destination name="{http://apache.org/hello_world}Mortimer.http-destination">
+ <!-- Nothing to Configure here for Mortimer -->
+ </http:destination>
+
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/c1a0be87/systests/transports/src/test/resources/org/apache/cxf/systest/https/greeting.wsdl
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/greeting.wsdl b/systests/transports/src/test/resources/org/apache/cxf/systest/https/greeting.wsdl
new file mode 100644
index 0000000..c12bdfe
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/greeting.wsdl
@@ -0,0 +1,166 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<wsdl:definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://apache.org/hello_world" xmlns:x1="http://apache.org/hello_world/types" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="HelloWorld" targetNamespace="http://apache.org/hello_world">
+ <wsdl:types>
+ <schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://apache.org/hello_world/types" targetNamespace="http://apache.org/hello_world/types" elementFormDefault="qualified">
+ <simpleType name="MyStringType">
+ <restriction base="string">
+ <maxLength value="30"/>
+ </restriction>
+ </simpleType>
+ <element name="sayHi">
+ <complexType/>
+ </element>
+ <element name="sayHiResponse">
+ <complexType>
+ <sequence>
+ <element name="responseType" type="string"/>
+ </sequence>
+ </complexType>
+ </element>
+ <element name="greetMe">
+ <complexType>
+ <sequence>
+ <element name="requestType" type="tns:MyStringType"/>
+ </sequence>
+ </complexType>
+ </element>
+ <element name="greetMeResponse">
+ <complexType>
+ <sequence>
+ <element name="responseType" type="string"/>
+ </sequence>
+ </complexType>
+ </element>
+ <element name="pingMe">
+ <complexType/>
+ </element>
+ <element name="pingMeResponse">
+ <complexType/>
+ </element>
+ <element name="faultDetail">
+ <complexType>
+ <sequence>
+ <element name="minor" type="short"/>
+ <element name="major" type="short"/>
+ </sequence>
+ </complexType>
+ </element>
+ </schema>
+ </wsdl:types>
+ <wsdl:message name="sayHiRequest">
+ <wsdl:part element="x1:sayHi" name="in"/>
+ </wsdl:message>
+ <wsdl:message name="sayHiResponse">
+ <wsdl:part element="x1:sayHiResponse" name="out"/>
+ </wsdl:message>
+ <wsdl:message name="greetMeRequest">
+ <wsdl:part element="x1:greetMe" name="in"/>
+ </wsdl:message>
+ <wsdl:message name="greetMeResponse">
+ <wsdl:part element="x1:greetMeResponse" name="out"/>
+ </wsdl:message>
+ <wsdl:message name="pingMeRequest">
+ <wsdl:part name="in" element="x1:pingMe"/>
+ </wsdl:message>
+ <wsdl:message name="pingMeResponse">
+ <wsdl:part name="out" element="x1:pingMeResponse"/>
+ </wsdl:message>
+ <wsdl:message name="pingMeFault">
+ <wsdl:part name="faultDetail" element="x1:faultDetail"/>
+ </wsdl:message>
+ <wsdl:portType name="Greeter">
+ <wsdl:operation name="sayHi">
+ <wsdl:input message="tns:sayHiRequest" name="sayHiRequest"/>
+ <wsdl:output message="tns:sayHiResponse" name="sayHiResponse"/>
+ </wsdl:operation>
+ <wsdl:operation name="greetMe">
+ <wsdl:input message="tns:greetMeRequest" name="greetMeRequest"/>
+ <wsdl:output message="tns:greetMeResponse" name="greetMeResponse"/>
+ </wsdl:operation>
+ <wsdl:operation name="pingMe">
+ <wsdl:input name="pingMeRequest" message="tns:pingMeRequest"/>
+ <wsdl:output name="pingMeResponse" message="tns:pingMeResponse"/>
+ <wsdl:fault name="pingMeFault" message="tns:pingMeFault"/>
+ </wsdl:operation>
+ </wsdl:portType>
+ <wsdl:binding name="Greeter_SOAPBinding" type="tns:Greeter">
+ <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
+ <wsdl:operation name="sayHi">
+ <soap:operation soapAction="" style="document"/>
+ <wsdl:input name="sayHiRequest">
+ <soap:body use="literal"/>
+ </wsdl:input>
+ <wsdl:output name="sayHiResponse">
+ <soap:body use="literal"/>
+ </wsdl:output>
+ </wsdl:operation>
+ <wsdl:operation name="greetMe">
+ <soap:operation soapAction="" style="document"/>
+ <wsdl:input name="greetMeRequest">
+ <soap:body use="literal"/>
+ </wsdl:input>
+ <wsdl:output name="greetMeResponse">
+ <soap:body use="literal"/>
+ </wsdl:output>
+ </wsdl:operation>
+ <wsdl:operation name="pingMe">
+ <soap:operation style="document"/>
+ <wsdl:input>
+ <soap:body use="literal"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal"/>
+ </wsdl:output>
+ <wsdl:fault name="pingMeFault">
+ <soap:fault name="pingMeFault" use="literal"/>
+ </wsdl:fault>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:service name="SOAPService">
+ <wsdl:port binding="tns:Greeter_SOAPBinding" name="Mortimer">
+ <soap:address location="http://localhost:9000/Mortimer"/>
+ </wsdl:port>
+ <wsdl:port binding="tns:Greeter_SOAPBinding" name="Tarpin">
+ <soap:address location="https://localhost:9003/Tarpin"/>
+ </wsdl:port>
+ <wsdl:port binding="tns:Greeter_SOAPBinding" name="Rethwel">
+ <soap:address location="http://localhost:9004/Rethwel"/>
+ </wsdl:port>
+ <wsdl:port binding="tns:Greeter_SOAPBinding" name="Gordy">
+ <soap:address location="https://localhost:9001/Gordy"/>
+ </wsdl:port>
+ <wsdl:port binding="tns:Greeter_SOAPBinding" name="Bethal">
+ <soap:address location="https://localhost:9002/Bethal"/>
+ </wsdl:port>
+ <wsdl:port binding="tns:Greeter_SOAPBinding" name="Hurlon">
+ <soap:address location="http://localhost:9006/Hurlon"/>
+ </wsdl:port>
+ <wsdl:port binding="tns:Greeter_SOAPBinding" name="Poltim">
+ <soap:address location="https://localhost:9005/Poltim"/>
+ </wsdl:port>
+ <wsdl:port binding="tns:Greeter_SOAPBinding" name="Abost">
+ <soap:address location="https://localhost:9007/Abost"/>
+ </wsdl:port>
+ <wsdl:port binding="tns:Greeter_SOAPBinding" name="Morpit">
+ <soap:address location="https://localhost:9008/Morpit"/>
+ </wsdl:port>
+ </wsdl:service>
+</wsdl:definitions>
[6/6] cxf git commit: Fixing build
Posted by co...@apache.org.
Fixing build
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/207d64cb
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/207d64cb
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/207d64cb
Branch: refs/heads/3.0.x-fixes
Commit: 207d64cb377e47b535a7a2ffe04ffddabdc796e6
Parents: 0a305e1
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Dec 11 12:01:57 2014 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Dec 11 12:01:57 2014 +0000
----------------------------------------------------------------------
.../https/KeyPasswordCallbackHandler.java | 39 ------------
.../systest/https/jaxws-publish-callback.xml | 64 --------------------
2 files changed, 103 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/207d64cb/systests/transports/src/test/java/org/apache/cxf/systest/https/KeyPasswordCallbackHandler.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/KeyPasswordCallbackHandler.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/KeyPasswordCallbackHandler.java
deleted file mode 100644
index 6af2961..0000000
--- a/systests/transports/src/test/java/org/apache/cxf/systest/https/KeyPasswordCallbackHandler.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.systest.https;
-
-import java.io.IOException;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.PasswordCallback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-public class KeyPasswordCallbackHandler implements CallbackHandler {
-
- @Override
- public void handle(Callback[] callbacks) throws IOException,
- UnsupportedCallbackException {
- for (int i = 0; i < callbacks.length; i++) {
- PasswordCallback pc = (PasswordCallback)callbacks[i];
- pc.setPassword("password".toCharArray());
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/207d64cb/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish-callback.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish-callback.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish-callback.xml
deleted file mode 100644
index 8228d10..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish-callback.xml
+++ /dev/null
@@ -1,64 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <!-- -->
- <!-- This Spring config file is designed to represent a minimal -->
- <!-- configuration for spring-loading a CXF servant, where the -->
- <!-- servant listens using HTTP/S as the transport protocol. -->
- <!-- -->
- <!-- Note that the service endpoint is spring-loaded. In the -->
- <!-- scenario in which this config is designed to run, the -->
- <!-- server application merely instantiates a Bus, and does not -->
- <!-- publish any services programmatically -->
- <!-- -->
- <!-- -->
- <!-- Spring-load an HTTPS servant -->
- <!-- -->
- <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" implementor="org.apache.cxf.systest.http.GreeterImpl" address="https://localhost:${testutil.ports.BusServer.1}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9001-tls-config"/>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9001 -->
- <!-- -->
- <httpj:engine-factory id="port-9001-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.1}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPasswordCallbackHandler="org.apache.cxf.systest.https.KeyPasswordCallbackHandler">
- <sec:keyStore type="JKS" password="password" file="src/test/resources/keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" file="src/test/resources/keys/Truststore.jks"/>
- </sec:trustManagers>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- HTTP/S configuration for clients -->
- <!-- -->
- <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
- <http:tlsClientParameters disableCNCheck="true">
- <sec:keyManagers keyPasswordCallbackHandler="org.apache.cxf.systest.https.KeyPasswordCallbackHandler">
- <sec:keyStore type="JKS" password="password" file="src/test/resources/keys/Morpit.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" file="src/test/resources/keys/Truststore.jks"/>
- </sec:trustManagers>
- </http:tlsClientParameters>
- </http:conduit>
-</beans>
[2/6] cxf git commit: Moved https specific tests into a new directory
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/Bethal.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Bethal.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/http/Bethal.cxf
deleted file mode 100644
index d41cf7a..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Bethal.cxf
+++ /dev/null
@@ -1,84 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-
-<!--
- ** This file configures the Bethal Server.
- ** It is an https server that conditionally responds
- ** with 401s.
- -->
-
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:cxf="http://cxf.apache.org/core"
- xmlns:sec="http://cxf.apache.org/configuration/security"
- xmlns:http="http://cxf.apache.org/transports/http/configuration"
- xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
- xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
- xsi:schemaLocation="
- http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
- http://cxf.apache.org/configuration/security
- http://cxf.apache.org/schemas/configuration/security.xsd
- http://cxf.apache.org/transports/http/configuration
- http://cxf.apache.org/schemas/configuration/http-conf.xsd
- http://cxf.apache.org/transports/http-jetty/configuration
- http://cxf.apache.org/schemas/configuration/http-jetty.xsd
- http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans.xsd">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
-
- <http:destination
- name="{http://apache.org/hello_world}Bethal.http-destination">
- </http:destination>
-
- <httpj:engine-factory bus="cxf">
- <httpj:engine port="${testutil.ports.BusServer.2}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v">
- <sec:keyStore type="JKS" password="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v"
- resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v"
- resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:cipherSuitesFilter>
- <!-- these filters ensure that a ciphersuite with
- export-suitable or null encryption is used,
- but exclude anonymous Diffie-Hellman key change as
- this is vulnerable to man-in-the-middle attacks -->
- <sec:include>.*_EXPORT_.*</sec:include>
- <sec:include>.*_EXPORT1024_.*</sec:include>
- <sec:include>.*_WITH_DES_.*</sec:include>
- <sec:include>.*_WITH_AES_.*</sec:include>
- <sec:include>.*_WITH_NULL_.*</sec:include>
- <sec:exclude>.*_DH_anon_.*</sec:exclude>
- </sec:cipherSuitesFilter>
- <sec:clientAuthentication want="true" required="true"/>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
-
- <cxf:bus>
- <cxf:inInterceptors>
- <bean class="org.apache.cxf.systest.http.PushBack401"/>
- </cxf:inInterceptors>
- </cxf:bus>
-
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/BethalClientBeans.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/BethalClientBeans.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/http/BethalClientBeans.xml
deleted file mode 100644
index 9ed185f..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/BethalClientBeans.xml
+++ /dev/null
@@ -1,24 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xs
d">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <import resource="classpath:org/apache/cxf/systest/http/BethalClientConfig.cxf"/>
- <jaxws:client xmlns:s="http://apache.org/hello_world" id="Bethal" serviceClass="org.apache.hello_world.Greeter" serviceName="s:SOAPService" endpointName="s:Bethal" address="https://localhost:${testutil.ports.BusServer.2}/Bethal"/>
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/BethalClientConfig.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/BethalClientConfig.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/http/BethalClientConfig.cxf
deleted file mode 100644
index a3d65e2..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/BethalClientConfig.cxf
+++ /dev/null
@@ -1,69 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:sec="http://cxf.apache.org/configuration/security"
- xmlns:http="http://cxf.apache.org/transports/http/configuration"
- xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
- xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
- xsi:schemaLocation="
- http://cxf.apache.org/configuration/security
- http://cxf.apache.org/schemas/configuration/security.xsd
- http://cxf.apache.org/transports/http/configuration
- http://cxf.apache.org/schemas/configuration/http-conf.xsd
- http://cxf.apache.org/transports/http-jetty/configuration
- http://cxf.apache.org/schemas/configuration/http-jetty.xsd
- http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans.xsd">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
-
- <http:conduit name="{http://apache.org/hello_world}Bethal.http-conduit">
-
- <http:tlsClientParameters disableCNCheck="true">
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password"
- resource="keys/Morpit.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password"
- resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:cipherSuitesFilter>
- <!-- these filters ensure that a ciphersuite with
- export-suitable or null encryption is used,
- but exclude anonymous Diffie-Hellman key change as
- this is vulnerable to man-in-the-middle attacks -->
- <sec:include>.*_EXPORT_.*</sec:include>
- <sec:include>.*_EXPORT1024_.*</sec:include>
- <sec:include>.*_WITH_DES_.*</sec:include>
- <sec:include>.*_WITH_AES_.*</sec:include>
- <sec:include>.*_WITH_NULL_.*</sec:include>
- <sec:exclude>.*_DH_anon_.*</sec:exclude>
- </sec:cipherSuitesFilter>
- </http:tlsClientParameters>
- <http:authorization>
- <sec:UserName>Betty</sec:UserName>
- <sec:Password>password</sec:Password>
- </http:authorization>
- <http:client AutoRedirect="true" Connection="Keep-Alive"/>
-
- </http:conduit>
-
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/Gordy.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Gordy.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/http/Gordy.cxf
deleted file mode 100644
index aada724..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Gordy.cxf
+++ /dev/null
@@ -1,77 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-
-<!--
- ** This file configures the Gordy Server.
- ** It is an https server that redirects to Bethal.
- -->
-
-
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:sec="http://cxf.apache.org/configuration/security"
- xmlns:http="http://cxf.apache.org/transports/http/configuration"
- xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
- xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
- xsi:schemaLocation="
- http://cxf.apache.org/configuration/security
- http://cxf.apache.org/schemas/configuration/security.xsd
- http://cxf.apache.org/transports/http/configuration
- http://cxf.apache.org/schemas/configuration/http-conf.xsd
- http://cxf.apache.org/transports/http-jetty/configuration
- http://cxf.apache.org/schemas/configuration/http-jetty.xsd
- http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans.xsd">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
-
- <http:destination
- name="{http://apache.org/hello_world}Gordy.http-destination">
- <http:server RedirectURL="https://localhost:${testutil.ports.BusServer.2}/Bethal"/>
- </http:destination>
-
- <httpj:engine-factory bus="cxf">
- <httpj:engine port="${testutil.ports.BusServer.1}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password"
- resource="keys/Gordy.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password"
- resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:cipherSuitesFilter>
- <!-- these filters ensure that a ciphersuite with
- export-suitable or null encryption is used,
- but exclude anonymous Diffie-Hellman key change as
- this is vulnerable to man-in-the-middle attacks -->
- <sec:include>.*_EXPORT_.*</sec:include>
- <sec:include>.*_EXPORT1024_.*</sec:include>
- <sec:include>.*_WITH_DES_.*</sec:include>
- <sec:include>.*_WITH_AES_.*</sec:include>
- <sec:include>.*_WITH_NULL_.*</sec:include>
- <sec:exclude>.*_DH_anon_.*</sec:exclude>
- </sec:cipherSuitesFilter>
- <sec:clientAuthentication want="true" required="true"/>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
-
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/Hurlon.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Hurlon.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/http/Hurlon.cxf
index 9fe2240..3114e0d 100644
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Hurlon.cxf
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/http/Hurlon.cxf
@@ -42,7 +42,7 @@
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
<http:destination name="{http://apache.org/hello_world}Hurlon.http-destination">
- <http:server RedirectURL="http://localhost:${testutil.ports.BusServer.7}/Abost"/>
+ <http:server RedirectURL="http://localhost:${testutil.ports.BusServer.2}/Abost"/>
</http:destination>
</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/Morpit.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Morpit.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/http/Morpit.cxf
deleted file mode 100644
index 4c830e7..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Morpit.cxf
+++ /dev/null
@@ -1,75 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-
-<!--
- ** This file configures the Morpit Server. It is just an
- ** Https server with a name that will kick in the HostnameVerifier.
- -->
-
-
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:sec="http://cxf.apache.org/configuration/security"
- xmlns:http="http://cxf.apache.org/transports/http/configuration"
- xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
- xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
- xsi:schemaLocation="
- http://cxf.apache.org/configuration/security
- http://cxf.apache.org/schemas/configuration/security.xsd
- http://cxf.apache.org/transports/http/configuration
- http://cxf.apache.org/schemas/configuration/http-conf.xsd
- http://cxf.apache.org/transports/http-jetty/configuration
- http://cxf.apache.org/schemas/configuration/http-jetty.xsd
- http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans.xsd">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
-
- <http:destination name="{http://apache.org/hello_world}GreeterImplPort.http-destination">
- </http:destination>
-
- <httpj:engine-factory bus="cxf">
- <httpj:engine port="${testutil.ports.BusServer.8}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password"
- resource="keys/Morpit.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password"
- resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:cipherSuitesFilter>
- <!-- these filters ensure that a ciphersuite with
- export-suitable or null encryption is used,
- but exclude anonymous Diffie-Hellman key change as
- this is vulnerable to man-in-the-middle attacks -->
- <sec:include>.*_EXPORT_.*</sec:include>
- <sec:include>.*_EXPORT1024_.*</sec:include>
- <sec:include>.*_WITH_DES_.*</sec:include>
- <sec:include>.*_WITH_AES_.*</sec:include>
- <sec:include>.*_WITH_NULL_.*</sec:include>
- <sec:exclude>.*_DH_anon_.*</sec:exclude>
- </sec:cipherSuitesFilter>
- <sec:clientAuthentication want="true" required="true"/>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
-
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/Poltim.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Poltim.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/http/Poltim.cxf
deleted file mode 100644
index b383889..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Poltim.cxf
+++ /dev/null
@@ -1,77 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-
-<!--
- ** This file configures the Poltim Server.
- ** It is an https server that redirects to Mortimer.
- -->
-
-
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:sec="http://cxf.apache.org/configuration/security"
- xmlns:http="http://cxf.apache.org/transports/http/configuration"
- xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
- xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
- xsi:schemaLocation="
- http://cxf.apache.org/configuration/security
- http://cxf.apache.org/schemas/configuration/security.xsd
- http://cxf.apache.org/transports/http/configuration
- http://cxf.apache.org/schemas/configuration/http-conf.xsd
- http://cxf.apache.org/transports/http-jetty/configuration
- http://cxf.apache.org/schemas/configuration/http-jetty.xsd
- http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans.xsd">
-
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
-
- <http:destination name="{http://apache.org/hello_world}Poltim.http-destination">
- <http:server RedirectURL="http://localhost:${testutil.ports.BusServer.0}/Mortimer"/>
- </http:destination>
-
- <httpj:engine-factory bus="cxf">
- <httpj:engine port="${testutil.ports.BusServer.5}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password"
- resource="keys/Poltim.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password"
- resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:cipherSuitesFilter>
- <!-- these filters ensure that a ciphersuite with
- export-suitable or null encryption is used,
- but exclude anonymous Diffie-Hellman key change as
- this is vulnerable to man-in-the-middle attacks -->
- <sec:include>.*_EXPORT_.*</sec:include>
- <sec:include>.*_EXPORT1024_.*</sec:include>
- <sec:include>.*_WITH_DES_.*</sec:include>
- <sec:include>.*_WITH_AES_.*</sec:include>
- <sec:include>.*_WITH_NULL_.*</sec:include>
- <sec:exclude>.*_DH_anon_.*</sec:exclude>
- </sec:cipherSuitesFilter>
- <sec:clientAuthentication want="true" required="true"/>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
-
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/Tarpin.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Tarpin.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/http/Tarpin.cxf
deleted file mode 100644
index bbe6d72..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Tarpin.cxf
+++ /dev/null
@@ -1,77 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-
-<!--
- ** This file configures the Tarpin Server.
- ** It is an https server that redirects to Gordy.
- -->
-
-
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:sec="http://cxf.apache.org/configuration/security"
- xmlns:http="http://cxf.apache.org/transports/http/configuration"
- xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
- xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
- xsi:schemaLocation="
- http://cxf.apache.org/configuration/security
- http://cxf.apache.org/schemas/configuration/security.xsd
- http://cxf.apache.org/transports/http/configuration
- http://cxf.apache.org/schemas/configuration/http-conf.xsd
- http://cxf.apache.org/transports/http-jetty/configuration
- http://cxf.apache.org/schemas/configuration/http-jetty.xsd
- http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans.xsd">
-
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
-
- <http:destination name="{http://apache.org/hello_world}Tarpin.http-destination">
- <http:server RedirectURL="https://localhost:${testutil.ports.BusServer.1}/Gordy"/>
- </http:destination>
-
- <httpj:engine-factory bus="cxf">
- <httpj:engine port="${testutil.ports.BusServer.3}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password"
- file="src/test/resources/keys/Tarpin.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password"
- file="src/test/resources/keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:cipherSuitesFilter>
- <!-- these filters ensure that a ciphersuite with
- export-suitable or null encryption is used,
- but exclude anonymous Diffie-Hellman key change as
- this is vulnerable to man-in-the-middle attacks -->
- <sec:include>.*_EXPORT_.*</sec:include>
- <sec:include>.*_EXPORT1024_.*</sec:include>
- <sec:include>.*_WITH_DES_.*</sec:include>
- <sec:include>.*_WITH_AES_.*</sec:include>
- <sec:include>.*_WITH_NULL_.*</sec:include>
- <sec:exclude>.*_DH_anon_.*</sec:exclude>
- </sec:cipherSuitesFilter>
- <sec:clientAuthentication want="true" required="true"/>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
-
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-publish.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-publish.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-publish.xml
deleted file mode 100644
index 1d8190d..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-publish.xml
+++ /dev/null
@@ -1,64 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <!-- -->
- <!-- This Spring config file is designed to represent a minimal -->
- <!-- configuration for spring-loading a CXF servant, where the -->
- <!-- servant listens using HTTP/S as the transport protocol. -->
- <!-- -->
- <!-- Note that the service endpoint is spring-loaded. In the -->
- <!-- scenario in which this config is designed to run, the -->
- <!-- server application merely instantiates a Bus, and does not -->
- <!-- publish any services programmatically -->
- <!-- -->
- <!-- -->
- <!-- Spring-load an HTTPS servant -->
- <!-- -->
- <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" implementor="org.apache.cxf.systest.http.GreeterImpl" address="https://localhost:${testutil.ports.BusServer.1}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9001-tls-config"/>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9001 -->
- <!-- -->
- <httpj:engine-factory id="port-9001-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.1}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- HTTP/S configuration for clients -->
- <!-- -->
- <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
- <http:tlsClientParameters disableCNCheck="true">
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Morpit.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- </http:tlsClientParameters>
- </http:conduit>
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-server-constraints.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-server-constraints.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-server-constraints.xml
deleted file mode 100644
index 753e0a4..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-server-constraints.xml
+++ /dev/null
@@ -1,255 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <!-- -->
- <!-- This Spring config file is designed to represent a minimal -->
- <!-- configuration for spring-loading a CXF servant, where the -->
- <!-- servant listens using HTTP/S as the transport protocol. -->
- <!-- -->
- <!-- Note that the service endpoint is spring-loaded. In the -->
- <!-- scenario in which this config is designed to run, the -->
- <!-- server application merely instantiates a Bus, and does not -->
- <!-- publish any services programmatically -->
- <!-- -->
- <!-- -->
- <!-- Spring-load an HTTPS servant -->
- <!-- -->
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-0" address="https://localhost:${testutil.ports.BusServer.0}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.0-tls-config">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-1" address="https://localhost:${testutil.ports.BusServer.1}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.1-tls-config">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-2" address="https://localhost:${testutil.ports.BusServer.2}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.2-tls-config">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-3" address="https://localhost:${testutil.ports.BusServer.3}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.3-tls-config">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-4" address="https://localhost:${testutil.ports.BusServer.4}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.4-tls-config">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-5" address="https://localhost:${testutil.ports.BusServer.5}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.5-tls-config">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-6" address="https://localhost:${testutil.ports.BusServer.6}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.6-tls-config">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint-testutil-ports-BusServer-7" address="https://localhost:${testutil.ports.BusServer.7}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-testutil.ports.BusServer.7-tls-config">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9000 -->
- <!-- -->
- <httpj:engine-factory id="port-testutil.ports.BusServer.0-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.0}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:certConstraints>
- <sec:SubjectDNConstraints>
- <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
- <sec:RegularExpression>.*OU=Morpit.*</sec:RegularExpression>
- </sec:SubjectDNConstraints>
- </sec:certConstraints>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9007 -->
- <!-- -->
- <httpj:engine-factory id="port-testutil.ports.BusServer.1-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.1}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:certConstraints>
- <sec:SubjectDNConstraints>
- <sec:RegularExpression>.*O=BadApacheTest.*</sec:RegularExpression>
- </sec:SubjectDNConstraints>
- </sec:certConstraints>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9008 -->
- <!-- -->
- <httpj:engine-factory id="port-testutil.ports.BusServer.2-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.2}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:certConstraints>
- <sec:SubjectDNConstraints>
- <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
- <sec:RegularExpression>.*O=BadApacheTest.*</sec:RegularExpression>
- </sec:SubjectDNConstraints>
- </sec:certConstraints>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9009 -->
- <!-- -->
- <httpj:engine-factory id="port-testutil.ports.BusServer.3-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.3}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:certConstraints>
- <sec:SubjectDNConstraints combinator="ANY">
- <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
- <sec:RegularExpression>.*O=BadApacheTest.*</sec:RegularExpression>
- </sec:SubjectDNConstraints>
- </sec:certConstraints>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9010 -->
- <!-- -->
- <httpj:engine-factory id="port-testutil.ports.BusServer.4-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.4}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:certConstraints>
- <sec:IssuerDNConstraints combinator="ALL">
- <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
- <sec:RegularExpression>.*O=BadApacheTest.*</sec:RegularExpression>
- </sec:IssuerDNConstraints>
- </sec:certConstraints>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9011 -->
- <!-- -->
- <httpj:engine-factory id="port-testutil.ports.BusServer.5-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.5}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:certConstraints>
- <sec:IssuerDNConstraints combinator="ANY">
- <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
- <sec:RegularExpression>.*O=BadApacheTest.*</sec:RegularExpression>
- </sec:IssuerDNConstraints>
- </sec:certConstraints>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9012 -->
- <!-- -->
- <httpj:engine-factory id="port-testutil.ports.BusServer.6-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.6}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Morpit.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:clientAuthentication required="true"/>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9013 -->
- <!-- -->
- <httpj:engine-factory id="port-testutil.ports.BusServer.7-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.7}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Gordy.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:clientAuthentication required="true"/>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- HTTP/S configuration for clients -->
- <!-- -->
- <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
- <http:tlsClientParameters disableCNCheck="true">
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Morpit.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:certConstraints>
- <sec:SubjectDNConstraints>
- <sec:RegularExpression>.*CN=(Bethal|Gordy).*</sec:RegularExpression>
- <sec:RegularExpression>.*O=ApacheTest.*</sec:RegularExpression>
- </sec:SubjectDNConstraints>
- <sec:IssuerDNConstraints combinator="ANY">
- <sec:RegularExpression>.*CN=Bethal.*</sec:RegularExpression>
- <sec:RegularExpression>.*OU=Morpit.*</sec:RegularExpression>
- </sec:IssuerDNConstraints>
- </sec:certConstraints>
- </http:tlsClientParameters>
- </http:conduit>
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-server.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-server.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-server.xml
deleted file mode 100644
index 2ded663..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-server.xml
+++ /dev/null
@@ -1,77 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <!-- -->
- <!-- This Spring config file is designed to represent a minimal -->
- <!-- configuration for spring-loading a CXF servant, where the -->
- <!-- servant listens using HTTP/S as the transport protocol. -->
- <!-- -->
- <!-- Note that the service endpoint is spring-loaded. In the -->
- <!-- scenario in which this config is designed to run, the -->
- <!-- server application merely instantiates a Bus, and does not -->
- <!-- publish any services programmatically -->
- <!-- -->
- <!-- -->
- <!-- Spring-load an HTTPS servant -->
- <!-- -->
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" address="https://localhost:${testutil.ports.BusServer.2}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9002-tls-config">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <!-- Non http endpoint -->
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpEndpoint" address="http://localhost:${testutil.ports.BusServer.3}/SoapContext/HttpPort" serviceName="s:SOAPService" endpointName="e:HttpsPort">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9002 -->
- <!-- -->
- <httpj:engine-factory id="port-9002-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.2}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:clientAuthentication want="true" required="true"/>
- <sec:certAlias>bethal</sec:certAlias>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- HTTP/S configuration for clients -->
- <!-- -->
- <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
- <http:tlsClientParameters disableCNCheck="true">
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Morpit.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- <sec:certAlias>morpit</sec:certAlias>
- </http:tlsClientParameters>
- </http:conduit>
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-tlsrefs-publish.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-tlsrefs-publish.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-tlsrefs-publish.xml
deleted file mode 100644
index 18c2bc8..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/jaxws-tlsrefs-publish.xml
+++ /dev/null
@@ -1,60 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <!-- -->
- <!-- This Spring config file is designed to represent a minimal -->
- <!-- configuration for spring-loading a CXF servant, where the -->
- <!-- servant listens using HTTP/S as the transport protocol. -->
- <!-- -->
- <!-- Note that the service endpoint is spring-loaded. In the -->
- <!-- scenario in which this config is designed to run, the -->
- <!-- server application merely instantiates a Bus, and does not -->
- <!-- publish any services programmatically -->
- <!-- -->
- <!-- -->
- <!-- Spring-load an HTTPS servant -->
- <!-- -->
- <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" implementor="org.apache.cxf.systest.http.GreeterImpl" address="https://localhost:${testutil.ports.BusServer.1}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9001-tls-config"/>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9001 -->
- <!-- -->
- <bean id="serverKeyManagers" class="org.apache.cxf.systest.http.HTTPSClientTest$ServerManagersFactory" factory-method="getKeyManagers"/>
- <bean id="serverTrustManagers" class="org.apache.cxf.systest.http.HTTPSClientTest$ServerManagersFactory" factory-method="getTrustManagers"/>
- <httpj:engine-factory id="port-9001-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.1}">
- <httpj:tlsServerParameters>
- <sec:keyManagers ref="serverKeyManagers"/>
- <sec:trustManagers ref="serverTrustManagers"/>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- HTTP/S configuration for clients -->
- <!-- -->
- <bean id="clientKeyManagers" class="org.apache.cxf.systest.http.HTTPSClientTest$ClientManagersFactory" factory-method="getKeyManagers"/>
- <bean id="clientTrustManagers" class="org.apache.cxf.systest.http.HTTPSClientTest$ClientManagersFactory" factory-method="getTrustManagers"/>
- <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
- <http:tlsClientParameters disableCNCheck="true">
- <sec:keyManagers ref="clientKeyManagers"/>
- <sec:trustManagers ref="clientTrustManagers"/>
- </http:tlsClientParameters>
- </http:conduit>
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/pkcs12.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/pkcs12.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/http/pkcs12.xml
deleted file mode 100644
index d01a2a0..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/pkcs12.xml
+++ /dev/null
@@ -1,70 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <!-- -->
- <!-- This Spring config file is designed to represent a minimal -->
- <!-- configuration for spring-loading a CXF servant, where the -->
- <!-- servant listens using HTTP/S as the transport protocol. -->
- <!-- -->
- <!-- Note that the service endpoint is spring-loaded. In the -->
- <!-- scenario in which this config is designed to run, the -->
- <!-- server application merely instantiates a Bus, and does not -->
- <!-- publish any services programmatically -->
- <!-- -->
- <!-- This test ensures we can use PKCS12 keystores and PEM truststores -->
- <!-- -->
- <!-- -->
- <!-- Spring-load an HTTPS servant -->
- <!-- -->
- <jaxws:server xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" address="https://localhost:${testutil.ports.BusServer.6}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9006-tls-config">
- <jaxws:serviceBean>
- <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
- </jaxws:serviceBean>
- </jaxws:server>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9006 -->
- <!-- -->
- <httpj:engine-factory id="port-9006-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.6}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="pkcs12" password="password" resource="keys/Bethal.p12"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:certStore resource="keys/Truststore.pem"/>
- </sec:trustManagers>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- HTTP/S configuration for clients -->
- <!-- -->
- <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
- <http:tlsClientParameters disableCNCheck="true">
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="pkcs12" password="password" resource="keys/Morpit.p12"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:certStore resource="keys/Truststore.pem"/>
- </sec:trustManagers>
- </http:tlsClientParameters>
- </http:conduit>
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/resource-key-spec-url.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/resource-key-spec-url.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/http/resource-key-spec-url.xml
deleted file mode 100644
index 0e70d13..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/resource-key-spec-url.xml
+++ /dev/null
@@ -1,72 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apach
e.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <!-- -->
- <!-- This Spring config file is designed to represent a minimal -->
- <!-- configuration for spring-loading a CXF servant, where the -->
- <!-- servant listens using HTTP/S as the transport protocol. -->
- <!-- -->
- <!-- Note that the service endpoint is spring-loaded. In the -->
- <!-- scenario in which this config is designed to run, the -->
- <!-- server application merely instantiates a Bus, and does not -->
- <!-- publish any services programmatically -->
- <!-- -->
- <!-- -->
- <!-- Spring-load an HTTPS servant -->
- <!-- -->
- <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" implementor="org.apache.cxf.systest.http.GreeterImpl" address="https://localhost:${testutil.ports.BusServer.5}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" wsdlLocation="/wsdl/hello_world_services.wsdl" depends-on="port-9005-tls-config">
- <jaxws:features>
- <cxf:logging/>
- </jaxws:features>
- </jaxws:endpoint>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9005 -->
- <!-- -->
- <!-- This test exercises the resource attribute in a keyStore element -->
- <!-- -->
- <httpj:engine-factory id="port-9005-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.5}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- HTTP/S configuration for clients -->
- <!-- -->
- <!-- This test exercises the resource attribute in a keyStore and certStore element -->
- <!-- -->
- <http:conduit name="https://localhost:.*/SoapContext/HttpsPort">
- <http:tlsClientParameters disableCNCheck="true">
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="pkcs12" password="password" resource="keys/Morpit.p12"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:certStore resource="keys/Truststore.pem"/>
- </sec:trustManagers>
- </http:tlsClientParameters>
- </http:conduit>
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/resource-key-spec.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/resource-key-spec.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/http/resource-key-spec.xml
deleted file mode 100644
index a1f9bba..0000000
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/resource-key-spec.xml
+++ /dev/null
@@ -1,68 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd ">
- <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
- <!-- -->
- <!-- This Spring config file is designed to represent a minimal -->
- <!-- configuration for spring-loading a CXF servant, where the -->
- <!-- servant listens using HTTP/S as the transport protocol. -->
- <!-- -->
- <!-- Note that the service endpoint is spring-loaded. In the -->
- <!-- scenario in which this config is designed to run, the -->
- <!-- server application merely instantiates a Bus, and does not -->
- <!-- publish any services programmatically -->
- <!-- -->
- <!-- -->
- <!-- Spring-load an HTTPS servant -->
- <!-- -->
- <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" xmlns:s="http://apache.org/hello_world/services" id="JaxwsHttpsEndpoint" implementor="org.apache.cxf.systest.http.GreeterImpl" address="https://localhost:${testutil.ports.BusServer.4}/SoapContext/HttpsPort" serviceName="s:SOAPService" endpointName="e:HttpsPort" depends-on="port-9004-tls-config"/>
- <!-- -->
- <!-- TLS Port configuration parameters for port 9004 -->
- <!-- -->
- <!-- This test exercises the resource attribute in a keyStore element -->
- <!-- -->
- <httpj:engine-factory id="port-9004-tls-config">
- <httpj:engine port="${testutil.ports.BusServer.4}">
- <httpj:tlsServerParameters>
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="JKS" password="password" resource="keys/Bethal.jks"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:keyStore type="JKS" password="password" resource="keys/Truststore.jks"/>
- </sec:trustManagers>
- </httpj:tlsServerParameters>
- </httpj:engine>
- </httpj:engine-factory>
- <!-- -->
- <!-- HTTP/S configuration for clients -->
- <!-- -->
- <!-- This test exercises the resource attribute in a keyStore and certStore element -->
- <!-- -->
- <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
- <http:tlsClientParameters disableCNCheck="true">
- <sec:keyManagers keyPassword="password">
- <sec:keyStore type="pkcs12" password="password" resource="keys/Morpit.p12"/>
- </sec:keyManagers>
- <sec:trustManagers>
- <sec:certStore resource="keys/Truststore.pem"/>
- </sec:trustManagers>
- </http:tlsClientParameters>
- </http:conduit>
-</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/Bethal.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Bethal.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Bethal.cxf
new file mode 100644
index 0000000..2700d2a
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Bethal.cxf
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<!--
+ ** This file configures the Bethal Server.
+ ** It is an https server that conditionally responds
+ ** with 401s.
+ -->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
+ xsi:schemaLocation="
+ http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+ http://cxf.apache.org/configuration/security
+ http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/transports/http/configuration
+ http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration
+ http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <http:destination
+ name="{http://apache.org/hello_world}Bethal.http-destination">
+ </http:destination>
+
+ <httpj:engine-factory bus="cxf">
+ <httpj:engine port="${testutil.ports.BusServer.4}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v">
+ <sec:keyStore type="JKS" password="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v"
+ resource="keys/Bethal.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v"
+ resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <cxf:bus>
+ <cxf:inInterceptors>
+ <bean class="org.apache.cxf.systest.https.PushBack401"/>
+ </cxf:inInterceptors>
+ </cxf:bus>
+
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientBeans.xml
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientBeans.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientBeans.xml
new file mode 100644
index 0000000..a012a45
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientBeans.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xs
d">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <import resource="classpath:org/apache/cxf/systest/https/BethalClientConfig.cxf"/>
+ <jaxws:client xmlns:s="http://apache.org/hello_world" id="Bethal" serviceClass="org.apache.hello_world.Greeter" serviceName="s:SOAPService" endpointName="s:Bethal" address="https://localhost:${testutil.ports.BusServer.4}/Bethal"/>
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientConfig.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientConfig.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientConfig.cxf
new file mode 100644
index 0000000..47e7dfe
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientConfig.cxf
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
+ xsi:schemaLocation="
+ http://cxf.apache.org/configuration/security
+ http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/transports/http/configuration
+ http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration
+ http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <http:conduit name="{http://apache.org/hello_world}Bethal.http-conduit">
+
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password"
+ resource="keys/Morpit.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password"
+ resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ </http:tlsClientParameters>
+ <http:authorization>
+ <sec:UserName>Betty</sec:UserName>
+ <sec:Password>password</sec:Password>
+ </http:authorization>
+ <http:client AutoRedirect="true" Connection="Keep-Alive"/>
+
+ </http:conduit>
+
+</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/https/Gordy.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Gordy.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Gordy.cxf
new file mode 100644
index 0000000..61a59dd
--- /dev/null
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Gordy.cxf
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<!--
+ ** This file configures the Gordy Server.
+ ** It is an https server that redirects to Bethal.
+ -->
+
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:http="http://cxf.apache.org/transports/http/configuration"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
+ xsi:schemaLocation="
+ http://cxf.apache.org/configuration/security
+ http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/transports/http/configuration
+ http://cxf.apache.org/schemas/configuration/http-conf.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration
+ http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <http:destination
+ name="{http://apache.org/hello_world}Gordy.http-destination">
+ <http:server RedirectURL="https://localhost:${testutil.ports.BusServer.4}/Bethal"/>
+ </http:destination>
+
+ <httpj:engine-factory bus="cxf">
+ <httpj:engine port="${testutil.ports.BusServer.3}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="password">
+ <sec:keyStore type="JKS" password="password"
+ resource="keys/Gordy.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="JKS" password="password"
+ resource="keys/Truststore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+</beans>
[5/6] cxf git commit: Recording .gitmergeinfo Changes
Posted by co...@apache.org.
Recording .gitmergeinfo Changes
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0a305e19
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0a305e19
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0a305e19
Branch: refs/heads/3.0.x-fixes
Commit: 0a305e19c77d3749b0fc61b42aae3eb667fa8bcc
Parents: c1a0be8
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Dec 11 11:59:28 2014 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Dec 11 11:59:28 2014 +0000
----------------------------------------------------------------------
.gitmergeinfo | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/0a305e19/.gitmergeinfo
----------------------------------------------------------------------
diff --git a/.gitmergeinfo b/.gitmergeinfo
index 991c567..070e05b 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -158,6 +158,7 @@ M 816e1a5ef4c0992a7d084a0529e42d9ad6a4a3c6
M 865eb64d44fd4e904f166cb03b0d15ca8b5f0ba5
M 89b87071f3dedd2cd5ed874e56f69ab7dcf7953d
M 8bcb5133c602b1cbe642cfd5fbb46099a28b3016
+M 94585ae070e62d08f0e064df8176fbdbdf1bb37b
M 98a578dbf4b7e19c4555bd2011f24c650d0f54c0
M 98f65f2911e063e70e864e7614b062cc124a0f9d
M 990f4b1d594c8f1446d42a516eaef82020df2747
[3/6] cxf git commit: Moved https specific tests into a new directory
Posted by co...@apache.org.
Moved https specific tests into a new directory
Conflicts:
systests/transports/src/test/java/org/apache/cxf/systest/https/KeyPasswordCallbackHandler.java
systests/transports/src/test/resources/org/apache/cxf/systest/https/jaxws-publish-callback.xml
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1b7c93cc
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1b7c93cc
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1b7c93cc
Branch: refs/heads/3.0.x-fixes
Commit: 1b7c93cc8c89cfe4647c29805e921800aebf52c6
Parents: 3c07e4a
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Dec 11 11:57:11 2014 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Dec 11 11:59:26 2014 +0000
----------------------------------------------------------------------
.../cxf/systest/http/CertConstraintsTest.java | 163 -----
.../cxf/systest/http/HTTPConduitTest.java | 651 +------------------
.../cxf/systest/http/HTTPSClientTest.java | 245 -------
.../apache/cxf/systest/http/PushBack401.java | 223 -------
.../apache/cxf/systest/http/TrustHandler.java | 58 --
.../cxf/systest/https/CertConstraintsTest.java | 162 +++++
.../cxf/systest/https/HTTPSClientTest.java | 244 +++++++
.../https/KeyPasswordCallbackHandler.java | 39 ++
.../apache/cxf/systest/https/PushBack401.java | 223 +++++++
.../org/apache/cxf/systest/http/Abost.cxf | 2 +-
.../org/apache/cxf/systest/http/Bethal.cxf | 84 ---
.../cxf/systest/http/BethalClientBeans.xml | 24 -
.../cxf/systest/http/BethalClientConfig.cxf | 69 --
.../org/apache/cxf/systest/http/Gordy.cxf | 77 ---
.../org/apache/cxf/systest/http/Hurlon.cxf | 2 +-
.../org/apache/cxf/systest/http/Morpit.cxf | 75 ---
.../org/apache/cxf/systest/http/Poltim.cxf | 77 ---
.../org/apache/cxf/systest/http/Tarpin.cxf | 77 ---
.../apache/cxf/systest/http/jaxws-publish.xml | 64 --
.../systest/http/jaxws-server-constraints.xml | 255 --------
.../apache/cxf/systest/http/jaxws-server.xml | 77 ---
.../cxf/systest/http/jaxws-tlsrefs-publish.xml | 60 --
.../org/apache/cxf/systest/http/pkcs12.xml | 70 --
.../cxf/systest/http/resource-key-spec-url.xml | 72 --
.../cxf/systest/http/resource-key-spec.xml | 68 --
.../org/apache/cxf/systest/https/Bethal.cxf | 72 ++
.../cxf/systest/https/BethalClientBeans.xml | 24 +
.../cxf/systest/https/BethalClientConfig.cxf | 57 ++
.../org/apache/cxf/systest/https/Gordy.cxf | 65 ++
.../org/apache/cxf/systest/https/Morpit.cxf | 63 ++
.../org/apache/cxf/systest/https/Poltim.cxf | 65 ++
.../org/apache/cxf/systest/https/Tarpin.cxf | 65 ++
.../systest/https/jaxws-publish-callback.xml | 64 ++
.../apache/cxf/systest/https/jaxws-publish.xml | 64 ++
.../systest/https/jaxws-server-constraints.xml | 255 ++++++++
.../apache/cxf/systest/https/jaxws-server.xml | 77 +++
.../cxf/systest/https/jaxws-tlsrefs-publish.xml | 60 ++
.../org/apache/cxf/systest/https/pkcs12.xml | 70 ++
.../cxf/systest/https/resource-key-spec-url.xml | 72 ++
.../cxf/systest/https/resource-key-spec.xml | 68 ++
40 files changed, 1820 insertions(+), 2482 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/java/org/apache/cxf/systest/http/CertConstraintsTest.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/http/CertConstraintsTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/http/CertConstraintsTest.java
deleted file mode 100644
index 5beb2c0..0000000
--- a/systests/transports/src/test/java/org/apache/cxf/systest/http/CertConstraintsTest.java
+++ /dev/null
@@ -1,163 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.http;
-
-import java.net.URL;
-
-import javax.xml.ws.BindingProvider;
-
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.configuration.Configurer;
-import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-import org.apache.hello_world.Greeter;
-import org.apache.hello_world.services.SOAPService;
-
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-/**
- * This test is meant to run against a spring-loaded HTTP/S service. It tests the certificate
- * constraints logic.
- */
-public class CertConstraintsTest extends AbstractBusClientServerTestBase {
- //
- // data
- //
-
- @BeforeClass
- public static void allocatePorts() {
- BusServer.resetPortMap();
- }
-
- /**
- * the package path used to locate resources specific to this test
- */
- private void setTheConfiguration(String config) {
- //System.setProperty("javax.net.debug", "all");
- try {
- System.setProperty(
- Configurer.USER_CFG_FILE_PROPERTY_URL,
- CertConstraintsTest.class.getResource(config).toString()
- );
- } catch (final Exception e) {
- e.printStackTrace();
- }
- }
-
- public void startServers() throws Exception {
- assertTrue(
- "Server failed to launch",
- // run the server in the same process
- // set this to false to fork a new process
- launchServer(BusServer.class, true)
- );
- }
-
-
- public void stopServers() throws Exception {
- stopAllServers();
- System.clearProperty(Configurer.USER_CFG_FILE_PROPERTY_URL);
- BusFactory.setDefaultBus(null);
- BusFactory.setThreadDefaultBus(null);
- }
-
-
- //
- // tests
- //
- public final void testSuccessfulCall(String address) throws Exception {
- URL url = SOAPService.WSDL_LOCATION;
- SOAPService service = new SOAPService(url, SOAPService.SERVICE);
- assertNotNull("Service is null", service);
- final Greeter port = service.getHttpsPort();
- assertNotNull("Port is null", port);
-
- BindingProvider provider = (BindingProvider)port;
- provider.getRequestContext().put(
- BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
- address);
-
- assertEquals(port.greetMe("Kitty"), "Hello Kitty");
- }
-
- public final void testFailedCall(String address) throws Exception {
- URL url = SOAPService.WSDL_LOCATION;
- SOAPService service = new SOAPService(url, SOAPService.SERVICE);
- assertNotNull("Service is null", service);
- final Greeter port = service.getHttpsPort();
- assertNotNull("Port is null", port);
-
- BindingProvider provider = (BindingProvider)port;
- provider.getRequestContext().put(
- BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
- address);
-
- try {
- assertEquals(port.greetMe("Kitty"), "Hello Kitty");
- fail("Failure expected");
- } catch (javax.xml.ws.soap.SOAPFaultException ex) {
- // expected
- } catch (javax.xml.ws.WebServiceException ex) {
- // expected
- }
- }
-
- @Test
- public final void testCertConstraints() throws Exception {
- setTheConfiguration("jaxws-server-constraints.xml");
- startServers();
-
- //
- // Good Subject DN
- //
- testSuccessfulCall("https://localhost:" + BusServer.getPort(0) + "/SoapContext/HttpsPort");
- //
- // Bad Subject DN
- //
- testFailedCall("https://localhost:" + BusServer.getPort(1) + "/SoapContext/HttpsPort");
- //
- // Mixed Subject DN (ALL)
- //
- testFailedCall("https://localhost:" + BusServer.getPort(2) + "/SoapContext/HttpsPort");
- //
- // Mixed Subject DN (ANY)
- //
- testSuccessfulCall("https://localhost:" + BusServer.getPort(3) + "/SoapContext/HttpsPort");
- //
- // Mixed Issuer DN (ALL)
- //
- testFailedCall("https://localhost:" + BusServer.getPort(4) + "/SoapContext/HttpsPort");
- //
- // Mixed Issuer DN (ANY)
- //
- testSuccessfulCall("https://localhost:" + BusServer.getPort(5) + "/SoapContext/HttpsPort");
- //
- // Bad server Subject DN
- //
- testFailedCall("https://localhost:" + BusServer.getPort(6) + "/SoapContext/HttpsPort");
- //
- // Bad server Issuer DN
- //
- testFailedCall("https://localhost:" + BusServer.getPort(7) + "/SoapContext/HttpsPort");
-
- stopServers();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPConduitTest.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPConduitTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPConduitTest.java
index a193aae..bd35ade 100644
--- a/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPConduitTest.java
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPConduitTest.java
@@ -20,14 +20,8 @@
package org.apache.cxf.systest.http;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
import java.net.MalformedURLException;
-import java.net.URI;
import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -36,46 +30,20 @@ import java.util.logging.Level;
import java.util.logging.LogManager;
import java.util.logging.Logger;
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
import javax.xml.namespace.QName;
-
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.BusApplicationContext;
import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.common.util.Base64Utility;
-import org.apache.cxf.configuration.jsse.TLSClientParameters;
-import org.apache.cxf.configuration.security.AuthorizationPolicy;
-import org.apache.cxf.configuration.security.FiltersType;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
-import org.apache.cxf.message.Message;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-
-import org.apache.cxf.transport.http.HTTPConduit;
-import org.apache.cxf.transport.http.MessageTrustDecider;
-import org.apache.cxf.transport.http.URLConnectionInfo;
-import org.apache.cxf.transport.http.UntrustedURLConnectionIOException;
-import org.apache.cxf.transport.http.auth.HttpAuthHeader;
-import org.apache.cxf.transport.http.auth.HttpAuthSupplier;
-
-import org.apache.cxf.transport.https.HttpsURLConnectionInfo;
-
-import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
-
import org.apache.hello_world.Greeter;
import org.apache.hello_world.services.SOAPService;
-
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;
-import org.springframework.context.ApplicationContext;
-
/**
* This class tests several issues and Conduit policies based
* on a set up of redirecting servers.
@@ -83,88 +51,30 @@ import org.springframework.context.ApplicationContext;
*
* Http Redirection:
*
- * Rethwel(http:9004) ------\
- * ----> Mortimer (http:9000)
- * Poltim(https:9005) ------/
- *
- * HttpS redirection/Trust:
- *
- * Tarpin(https:9003) ----> Gordy(https:9001) ----> Bethal(https:9002)
+ * Rethwel(http:9004) ----> Mortimer (http:9000)
*
* Redirect Loop:
*
* Hurlon (http:9006) ----> Abost(http:9007) ----\
* ^ |
* |-------------------------------------------/
- *
- * Hostname Verifier Test
- *
- * Morpit (https:9008)
- *
- * </pre>
- * The Bethal server issues 401 with differing realms depending on the
- * User name given in the authorization header.
- * <p>
- * The Morpit has a CN that is not equal to "localhost" to kick in
- * the Hostname Verifier.
*/
public class HTTPConduitTest extends AbstractBusClientServerTestBase {
private static final boolean IN_PROCESS = true;
- private static TLSClientParameters tlsClientParameters = new TLSClientParameters();
private static List<String> servers = new ArrayList<String>();
private static Map<String, String> addrMap = new TreeMap<String, String>();
- static {
- try {
- //System.setProperty("javax.net.debug", "all");
- URL key = Server.class.getResource("../../../../../keys/Morpit.jks");
- String keystore = new File(key.toURI()).getAbsolutePath();
- //System.out.println("Keystore: " + keystore);
- KeyManager[] kmgrs = getKeyManagers(getKeyStore("JKS", keystore, "password"), "password");
-
- key = Server.class.getResource("../../../../../keys/Truststore.jks");
-
- String truststore = new File(key.toURI()).getAbsolutePath();
- //System.out.println("Truststore: " + truststore);
- TrustManager[] tmgrs = getTrustManagers(getKeyStore("JKS", truststore, "password"));
-
- tlsClientParameters.setKeyManagers(kmgrs);
- tlsClientParameters.setTrustManagers(tmgrs);
- FiltersType filters = new FiltersType();
- filters.getInclude().add(".*_EXPORT_.*");
- filters.getInclude().add(".*_EXPORT1024_.*");
- filters.getInclude().add(".*_WITH_DES_.*");
- filters.getInclude().add(".*_WITH_AES_.*");
- filters.getInclude().add(".*_WITH_NULL_.*");
- filters.getInclude().add(".*_DH_anon_.*");
- tlsClientParameters.setCipherSuitesFilter(filters);
- } catch (Exception e) {
- throw new RuntimeException("Static initialization failed", e);
- }
- }
-
private final QName serviceName =
new QName("http://apache.org/hello_world", "SOAPService");
- private final QName bethalQ =
- new QName("http://apache.org/hello_world", "Bethal");
- private final QName gordyQ =
- new QName("http://apache.org/hello_world", "Gordy");
- private final QName tarpinQ =
- new QName("http://apache.org/hello_world", "Tarpin");
private final QName rethwelQ =
new QName("http://apache.org/hello_world", "Rethwel");
private final QName mortimerQ =
new QName("http://apache.org/hello_world", "Mortimer");
- private final QName poltimQ =
- new QName("http://apache.org/hello_world", "Poltim");
private final QName hurlonQ =
new QName("http://apache.org/hello_world", "Hurlon");
- // PMD Violation because it is not used, but
- // it is here for completeness.
- //private final QName abostQ =
- //new QName("http://apache.org/hello_world", "Abost");
+
public HTTPConduitTest() {
}
@@ -178,15 +88,9 @@ public class HTTPConduitTest extends AbstractBusClientServerTestBase {
BusServer.resetPortMap();
addrMap.clear();
addrMap.put("Mortimer", "http://localhost:" + getPort("PORT0") + "/");
- addrMap.put("Tarpin", "https://localhost:" + getPort("PORT3") + "/");
- addrMap.put("Rethwel", "http://localhost:" + getPort("PORT4") + "/");
- addrMap.put("Poltim", "https://localhost:" + getPort("PORT5") + "/");
- addrMap.put("Gordy", "https://localhost:" + getPort("PORT1") + "/");
- addrMap.put("Bethal", "https://localhost:" + getPort("PORT2") + "/");
- addrMap.put("Abost", "http://localhost:" + getPort("PORT7") + "/");
- addrMap.put("Hurlon", "http://localhost:" + getPort("PORT6") + "/");
- addrMap.put("Morpit", "https://localhost:" + getPort("PORT8") + "/");
- tlsClientParameters.setDisableCNCheck(true);
+ addrMap.put("Rethwel", "http://localhost:" + getPort("PORT1") + "/");
+ addrMap.put("Abost", "http://localhost:" + getPort("PORT2") + "/");
+ addrMap.put("Hurlon", "http://localhost:" + getPort("PORT3") + "/");
servers.clear();
}
@@ -235,58 +139,6 @@ public class HTTPConduitTest extends AbstractBusClientServerTestBase {
}
}
- public static KeyStore getKeyStore(String ksType, String file, String ksPassword)
- throws GeneralSecurityException,
- IOException {
-
- String type = ksType != null
- ? ksType
- : KeyStore.getDefaultType();
-
- char[] password = ksPassword != null
- ? ksPassword.toCharArray()
- : null;
-
- // We just use the default Keystore provider
- KeyStore keyStore = KeyStore.getInstance(type);
-
- keyStore.load(new FileInputStream(file), password);
-
- return keyStore;
- }
-
- public static KeyManager[] getKeyManagers(KeyStore keyStore, String keyPassword)
- throws GeneralSecurityException,
- IOException {
- // For tests, we just use the default algorithm
- String alg = KeyManagerFactory.getDefaultAlgorithm();
-
- char[] keyPass = keyPassword != null
- ? keyPassword.toCharArray()
- : null;
-
- // For tests, we just use the default provider.
- KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
-
- fac.init(keyStore, keyPass);
-
- return fac.getKeyManagers();
- }
-
- public static TrustManager[] getTrustManagers(KeyStore keyStore)
- throws GeneralSecurityException,
- IOException {
- // For tests, we just use the default algorithm
- String alg = TrustManagerFactory.getDefaultAlgorithm();
-
- // For tests, we just use the default provider.
- TrustManagerFactory fac = TrustManagerFactory.getInstance(alg);
-
- fac.init(keyStore);
-
- return fac.getTrustManagers();
- }
-
//methods that a subclass can override to inject a Proxy into the flow
//and assert the proxy was appropriately called
public void configureProxy(Client c) {
@@ -349,7 +201,6 @@ public class HTTPConduitTest extends AbstractBusClientServerTestBase {
*
* Note: Unfortunately, the invocation will
* "fail" for any number of other reasons.
- *
*/
@Test
public void testHttp2HttpRedirectFail() throws Exception {
@@ -364,7 +215,7 @@ public class HTTPConduitTest extends AbstractBusClientServerTestBase {
Greeter rethwel = service.getPort(rethwelQ, Greeter.class);
assertNotNull("Port is null", rethwel);
- updateAddressPort(rethwel, getPort("PORT4"));
+ updateAddressPort(rethwel, getPort("PORT1"));
configureProxy(ClientProxy.getClient(rethwel));
String answer = null;
@@ -414,7 +265,7 @@ public class HTTPConduitTest extends AbstractBusClientServerTestBase {
assertNotNull("Service is null", service);
Greeter rethwel = service.getPort(rethwelQ, Greeter.class);
- updateAddressPort(rethwel, getPort("PORT4"));
+ updateAddressPort(rethwel, getPort("PORT1"));
assertNotNull("Port is null", rethwel);
configureProxy(ClientProxy.getClient(rethwel));
@@ -436,8 +287,7 @@ public class HTTPConduitTest extends AbstractBusClientServerTestBase {
startServer("Abost");
startServer("Hurlon");
- URL config = getClass().getResource(
- "Http2HttpLoopRedirectFail.cxf");
+ URL config = getClass().getResource("Http2HttpLoopRedirectFail.cxf");
// We go through the back door, setting the default bus.
new DefaultBusFactory().createBus(config);
@@ -450,7 +300,7 @@ public class HTTPConduitTest extends AbstractBusClientServerTestBase {
Greeter hurlon = service.getPort(hurlonQ, Greeter.class);
assertNotNull("Port is null", hurlon);
- updateAddressPort(hurlon, getPort("PORT6"));
+ updateAddressPort(hurlon, getPort("PORT3"));
configureProxy(ClientProxy.getClient(hurlon));
String answer = null;
@@ -464,489 +314,6 @@ public class HTTPConduitTest extends AbstractBusClientServerTestBase {
}
assertProxyRequestCount(2);
}
- /**
- * This methods tests a basic https connection to Bethal.
- * It supplies an authorization policy with premetive user/pass
- * to avoid the 401.
- */
- @Test
- public void testHttpsBasicConnectionWithConfig() throws Exception {
- startServer("Bethal");
-
- URL config = getClass().getResource(
- "BethalClientConfig.cxf");
-
- // We go through the back door, setting the default bus.
- new DefaultBusFactory().createBus(config);
- URL wsdl = getClass().getResource("greeting.wsdl");
- assertNotNull("WSDL is null", wsdl);
-
- SOAPService service = new SOAPService(wsdl, serviceName);
- assertNotNull("Service is null", service);
-
- Greeter bethal = service.getPort(bethalQ, Greeter.class);
-
- assertNotNull("Port is null", bethal);
- updateAddressPort(bethal, getPort("PORT2"));
- verifyBethalClient(bethal);
- }
-
- @Test
- public void testGetClientFromSpringContext() throws Exception {
- startServer("Bethal");
-
- BusFactory.setDefaultBus(null);
- // The client bean configuration file
- URL beans = getClass().getResource("BethalClientBeans.xml");
- // We go through the back door, setting the default bus.
- Bus bus = new DefaultBusFactory().createBus(beans);
-
- ApplicationContext context = bus.getExtension(BusApplicationContext.class);
- Greeter bethal = (Greeter)context.getBean("Bethal");
- updateAddressPort(bethal, getPort("PORT2"));
- // verify the client side's setting
- verifyBethalClient(bethal);
- }
-
-
-
- // we just verify the configurations are loaded successfully
- private void verifyBethalClient(Greeter bethal) {
- Client client = ClientProxy.getClient(bethal);
-
- HTTPConduit http =
- (HTTPConduit) client.getConduit();
-
- HTTPClientPolicy httpClientPolicy = http.getClient();
- assertEquals("the httpClientPolicy's autoRedirect should be true",
- true, httpClientPolicy.isAutoRedirect());
- TLSClientParameters tlsParameters = http.getTlsClientParameters();
- assertNotNull("the http conduit's tlsParameters should not be null", tlsParameters);
-
-
- // If we set any name, but Edward, Mary, or George,
- // and a password of "password" we will get through
- // Bethal.
- AuthorizationPolicy authPolicy = http.getAuthorization();
- assertEquals("Set the wrong user name from the configuration",
- "Betty", authPolicy.getUserName());
- assertEquals("Set the wrong pass word form the configuration",
- "password", authPolicy.getPassword());
-
- configureProxy(ClientProxy.getClient(bethal));
-
- String answer = bethal.sayHi();
- answer = bethal.sayHi();
- answer = bethal.sayHi();
- answer = bethal.sayHi();
- answer = bethal.sayHi();
- assertTrue("Unexpected answer: " + answer,
- "Bonjour from Bethal".equals(answer));
-
- //With HTTPS, it will just be a CONNECT to the proxy and all the
- //data is encrypted. Thus, the proxy cannot distinquish the requests
- assertProxyRequestCount(0);
- }
-
- /**
- * This methods tests a basic https connection to Bethal.
- * It supplies an authorization policy with premetive user/pass
- * to avoid the 401.
- */
- @Test
- public void testHttpsBasicConnection() throws Exception {
- startServer("Bethal");
-
- URL wsdl = getClass().getResource("greeting.wsdl");
- assertNotNull("WSDL is null", wsdl);
-
- SOAPService service = new SOAPService(wsdl, serviceName);
- assertNotNull("Service is null", service);
-
- Greeter bethal = service.getPort(bethalQ, Greeter.class);
- assertNotNull("Port is null", bethal);
- updateAddressPort(bethal, getPort("PORT2"));
-
- // Okay, I'm sick of configuration files.
- // This also tests dynamic configuration of the conduit.
- Client client = ClientProxy.getClient(bethal);
- HTTPConduit http =
- (HTTPConduit) client.getConduit();
-
- HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
-
- httpClientPolicy.setAutoRedirect(false);
- // If we set any name, but Edward, Mary, or George,
- // and a password of "password" we will get through
- // Bethal.
- AuthorizationPolicy authPolicy = new AuthorizationPolicy();
- authPolicy.setUserName("Betty");
- authPolicy.setPassword("password");
-
- http.setClient(httpClientPolicy);
- http.setTlsClientParameters(tlsClientParameters);
- http.setAuthorization(authPolicy);
-
- configureProxy(client);
- String answer = bethal.sayHi();
- assertTrue("Unexpected answer: " + answer,
- "Bonjour from Bethal".equals(answer));
- assertProxyRequestCount(0);
- }
-
-
- @Test
- public void testHttpsRedirectToHttpFail() throws Exception {
- startServer("Mortimer");
- startServer("Poltim");
-
- URL wsdl = getClass().getResource("greeting.wsdl");
- assertNotNull("WSDL is null", wsdl);
-
- SOAPService service = new SOAPService(wsdl, serviceName);
- assertNotNull("Service is null", service);
-
- Greeter poltim = service.getPort(poltimQ, Greeter.class);
- assertNotNull("Port is null", poltim);
- updateAddressPort(poltim, getPort("PORT5"));
-
- // Okay, I'm sick of configuration files.
- // This also tests dynamic configuration of the conduit.
- Client client = ClientProxy.getClient(poltim);
- HTTPConduit http =
- (HTTPConduit) client.getConduit();
-
- HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
-
- httpClientPolicy.setAutoRedirect(true);
-
- http.setClient(httpClientPolicy);
- http.setTlsClientParameters(tlsClientParameters);
- configureProxy(client);
- poltim.sayHi();
- //client -> poltim is https and thus not recorded but then redirected to mortimer
- //client -> mortimer is http and recoreded
- assertProxyRequestCount(1);
- }
-
- class MyHttpsTrustDecider extends MessageTrustDecider {
-
- private String[] trustName;
- private int called;
-
- MyHttpsTrustDecider(String name) {
- trustName = new String[] {name};
- }
-
- MyHttpsTrustDecider(String[] name) {
- trustName = name;
- }
-
- public int wasCalled() {
- return called;
- }
-
- public void establishTrust(
- String conduitName,
- URLConnectionInfo cinfo,
- Message message
- ) throws UntrustedURLConnectionIOException {
-
- called++;
-
- HttpsURLConnectionInfo ci = (HttpsURLConnectionInfo) cinfo;
- boolean trusted = false;
- for (int i = 0; i < trustName.length; i++) {
- trusted = trusted
- || ci.getPeerPrincipal()
- .toString().contains("OU=" + trustName[i]);
- }
- if (!trusted) {
- throw new UntrustedURLConnectionIOException(
- "Peer Principal \""
- + ci.getPeerPrincipal()
- + "\" does not contain "
- + getTrustNames());
- }
- }
-
- private String getTrustNames() {
- StringBuffer sb = new StringBuffer();
- for (int i = 0; i < trustName.length; i++) {
- sb.append("\"OU=");
- sb.append(trustName[i]);
- sb.append("\"");
- if (i < trustName.length - 1) {
- sb.append(", ");
- }
- }
- return sb.toString();
- }
- }
-
-
- @Test
- public void testHttpsTrust() throws Exception {
- startServer("Bethal");
-
- URL wsdl = getClass().getResource("greeting.wsdl");
- assertNotNull("WSDL is null", wsdl);
-
- SOAPService service = new SOAPService(wsdl, serviceName);
- assertNotNull("Service is null", service);
-
- Greeter bethal = service.getPort(bethalQ, Greeter.class);
- assertNotNull("Port is null", bethal);
- updateAddressPort(bethal, getPort("PORT2"));
-
- // Okay, I'm sick of configuration files.
- // This also tests dynamic configuration of the conduit.
- Client client = ClientProxy.getClient(bethal);
- HTTPConduit http =
- (HTTPConduit) client.getConduit();
-
- HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
-
- httpClientPolicy.setAutoRedirect(false);
- // If we set any name, but Edward, Mary, or George,
- // and a password of "password" we will get through
- // Bethal.
- AuthorizationPolicy authPolicy = new AuthorizationPolicy();
- authPolicy.setUserName("Betty");
- authPolicy.setPassword("password");
-
- http.setClient(httpClientPolicy);
- http.setTlsClientParameters(tlsClientParameters);
- http.setAuthorization(authPolicy);
-
- // Our expected server should be OU=Bethal
- http.setTrustDecider(new MyHttpsTrustDecider("Bethal"));
-
- configureProxy(client);
- String answer = bethal.sayHi();
- assertTrue("Unexpected answer: " + answer,
- "Bonjour from Bethal".equals(answer));
- assertProxyRequestCount(0);
-
-
- // Nobody will not equal OU=Bethal
- MyHttpsTrustDecider trustDecider =
- new MyHttpsTrustDecider("Nobody");
- http.setTrustDecider(trustDecider);
- try {
- answer = bethal.sayHi();
- fail("Unexpected answer from Bethal: " + answer);
- } catch (Exception e) {
- //e.printStackTrace();
- //assertTrue("Trust Decider was not called",
- // 0 > trustDecider.wasCalled());
- }
- assertProxyRequestCount(0);
- }
-
- @Test
- public void testHttpsTrustRedirect() throws Exception {
- startServer("Tarpin");
- startServer("Gordy");
- startServer("Bethal");
-
- URL wsdl = getClass().getResource("greeting.wsdl");
- assertNotNull("WSDL is null", wsdl);
-
- SOAPService service = new SOAPService(wsdl, serviceName);
- assertNotNull("Service is null", service);
-
- Greeter tarpin = service.getPort(tarpinQ, Greeter.class);
- assertNotNull("Port is null", tarpin);
- updateAddressPort(tarpin, getPort("PORT3"));
-
- // Okay, I'm sick of configuration files.
- // This also tests dynamic configuration of the conduit.
- Client client = ClientProxy.getClient(tarpin);
- HTTPConduit http =
- (HTTPConduit) client.getConduit();
-
- HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
-
- httpClientPolicy.setAutoRedirect(true);
- // If we set any name, but Edward, Mary, or George,
- // and a password of "password" we will get through
- // Bethal.
- AuthorizationPolicy authPolicy = new AuthorizationPolicy();
- authPolicy.setUserName("Betty");
- authPolicy.setPassword("password");
-
- http.setClient(httpClientPolicy);
- http.setTlsClientParameters(tlsClientParameters);
- http.setAuthorization(authPolicy);
-
- // We get redirected from Tarpin, to Gordy, to Bethal.
- MyHttpsTrustDecider trustDecider =
- new MyHttpsTrustDecider(
- new String[] {"Tarpin", "Gordy", "Bethal"});
- http.setTrustDecider(trustDecider);
-
- // We actually get our answer from Bethal at the end of the
- // redirects.
- configureProxy(ClientProxy.getClient(tarpin));
- String answer = tarpin.sayHi();
- assertProxyRequestCount(0);
-
- assertTrue("Trust Decider wasn't called correctly",
- 3 == trustDecider.wasCalled());
- assertTrue("Unexpected answer: " + answer,
- "Bonjour from Bethal".equals(answer));
-
- // Limit the redirects to 1, since there are two, this should fail.
- http.getClient().setMaxRetransmits(1);
-
- try {
- answer = tarpin.sayHi();
- fail("Unexpected answer from Tarpin: " + answer);
- } catch (Exception e) {
- //e.printStackTrace();
- }
- assertProxyRequestCount(0);
-
- // Set back to unlimited.
- http.getClient().setMaxRetransmits(-1);
-
- // Effectively we will not trust Gordy in the middle.
- trustDecider =
- new MyHttpsTrustDecider(
- new String[] {"Tarpin", "Bethal"});
- http.setTrustDecider(trustDecider);
-
- try {
- answer = tarpin.sayHi();
- fail("Unexpected answer from Tarpin: " + answer);
- } catch (Exception e) {
- //e.printStackTrace();
- assertTrue("Trust Decider wasn't called correctly",
- 2 == trustDecider.wasCalled());
- }
- assertProxyRequestCount(0);
- }
-
- public class MyBasicAuthSupplier implements HttpAuthSupplier {
-
- String realm;
- String user;
- String pass;
-
- /**
- * This will loop from Cronus, to Andromeda, to Zorantius
- */
- MyBasicAuthSupplier() {
- }
-
- MyBasicAuthSupplier(String r, String u, String p) {
- realm = r;
- user = u;
- pass = p;
- }
-
- /**
- * If we don't have the realm set, then we loop
- * through the realms.
- */
- public String getAuthorization(
- AuthorizationPolicy authPolicy,
- URI currentURI,
- Message message,
- String fullHeader
- ) {
- String reqestedRealm = new HttpAuthHeader(fullHeader).getRealm();
- if (realm != null && realm.equals(reqestedRealm)) {
- return createUserPass(user, pass);
- }
- if ("Andromeda".equals(reqestedRealm)) {
- // This will get us another 401 to Zorantius
- return createUserPass("Edward", "password");
- }
- if ("Zorantius".equals(reqestedRealm)) {
- // George will get us another 401 to Cronus
- return createUserPass("George", "password");
- }
- if ("Cronus".equals(reqestedRealm)) {
- // Mary will get us another 401 to Andromeda
- return createUserPass("Mary", "password");
- }
- return null;
- }
-
- private String createUserPass(String usr, String pwd) {
- String userpass = usr + ":" + pwd;
- String token = Base64Utility.encode(userpass.getBytes());
- return "Basic " + token;
- }
-
- public boolean requiresRequestCaching() {
- return false;
- }
-
- }
-
- /**
- * This tests redirects through Gordy to Bethal. Bethal will
- * supply a series of 401s. See PushBack401.
- */
- @Test
- public void testHttpsRedirect401Response() throws Exception {
- startServer("Gordy");
- startServer("Bethal");
-
- URL wsdl = getClass().getResource("greeting.wsdl");
- assertNotNull("WSDL is null", wsdl);
-
- SOAPService service = new SOAPService(wsdl, serviceName);
- assertNotNull("Service is null", service);
-
- Greeter gordy = service.getPort(gordyQ, Greeter.class);
- assertNotNull("Port is null", gordy);
- updateAddressPort(gordy, getPort("PORT1"));
-
- // Okay, I'm sick of configuration files.
- // This also tests dynamic configuration of the conduit.
- Client client = ClientProxy.getClient(gordy);
- HTTPConduit http =
- (HTTPConduit) client.getConduit();
-
- HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
-
- httpClientPolicy.setAutoRedirect(true);
- http.setClient(httpClientPolicy);
- http.setTlsClientParameters(tlsClientParameters);
-
- // We get redirected from Gordy, to Bethal.
- http.setTrustDecider(
- new MyHttpsTrustDecider(
- new String[] {"Gordy", "Bethal"}));
-
- // Without preemptive user/pass Bethal returns a
- // 401 for realm Cronus. If we supply any name other
- // than Edward, George, or Mary, with the pass of "password"
- // we should succeed.
- http.setAuthSupplier(
- new MyBasicAuthSupplier("Cronus", "Betty", "password"));
-
- // We actually get our answer from Bethal at the end of the
- // redirects.
- String answer = gordy.sayHi();
- assertTrue("Unexpected answer: " + answer,
- "Bonjour from Bethal".equals(answer));
-
- // The loop auth supplier,
- // We should die with looping realms.
- http.setAuthSupplier(new MyBasicAuthSupplier());
-
- try {
- answer = gordy.sayHi();
- fail("Unexpected answer from Gordy: " + answer);
- } catch (Exception e) {
- //e.printStackTrace();
- }
- }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPSClientTest.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPSClientTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPSClientTest.java
deleted file mode 100644
index 8e5ed3d..0000000
--- a/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPSClientTest.java
+++ /dev/null
@@ -1,245 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.http;
-
-import java.net.URL;
-
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.TrustManager;
-import javax.xml.ws.BindingProvider;
-
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.configuration.Configurer;
-import org.apache.cxf.configuration.jsse.TLSParameterJaxBUtils;
-import org.apache.cxf.configuration.security.KeyManagersType;
-import org.apache.cxf.configuration.security.KeyStoreType;
-import org.apache.cxf.configuration.security.TrustManagersType;
-import org.apache.cxf.jaxws.endpoint.dynamic.JaxWsDynamicClientFactory;
-import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-import org.apache.hello_world.Greeter;
-import org.apache.hello_world.services.SOAPService;
-
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-/**
- * This test is meant to run against a spring-loaded
- * HTTP/S service.
- */
-public class HTTPSClientTest extends AbstractBusClientServerTestBase {
- //
- // data
- //
-
- /**
- * the package path used to locate resources specific to this test
- */
- private void setTheConfiguration(String config) {
- //System.setProperty("javax.net.debug", "all");
- try {
- System.setProperty(
- Configurer.USER_CFG_FILE_PROPERTY_URL,
- HTTPSClientTest.class.getResource(config).toString()
- );
- } catch (final Exception e) {
- e.printStackTrace();
- }
- }
-
- @BeforeClass
- public static void setupPorts() {
- BusServer.resetPortMap();
- }
-
- public void startServers() throws Exception {
- assertTrue(
- "Server failed to launch",
- // run the server in the same process
- // set this to false to fork a new process
- launchServer(BusServer.class, true)
- );
- }
-
-
- public void stopServers() throws Exception {
- stopAllServers();
- System.clearProperty(Configurer.USER_CFG_FILE_PROPERTY_URL);
- BusFactory.setDefaultBus(null);
- BusFactory.setThreadDefaultBus(null);
- }
-
-
- //
- // tests
- //
- public final void testSuccessfulCall(String configuration,
- String address) throws Exception {
- testSuccessfulCall(configuration, address, null);
- }
- public final void testSuccessfulCall(String configuration,
- String address,
- URL url) throws Exception {
- testSuccessfulCall(configuration, address, url, false);
- }
- public final void testSuccessfulCall(String configuration,
- String address,
- URL url,
- boolean dynamicClient) throws Exception {
- setTheConfiguration(configuration);
- startServers();
- if (url == null) {
- url = SOAPService.WSDL_LOCATION;
- }
-
- //CXF-4037 - dynamic client isn't using the conduit settings to resolve schemas
- if (dynamicClient) {
- ClassLoader loader = Thread.currentThread().getContextClassLoader();
- JaxWsDynamicClientFactory.newInstance(BusFactory.getDefaultBus())
- .createClient(url.toExternalForm());
- Thread.currentThread().setContextClassLoader(loader);
- }
-
-
-
- SOAPService service = new SOAPService(url, SOAPService.SERVICE);
- assertNotNull("Service is null", service);
- final Greeter port = service.getHttpsPort();
- assertNotNull("Port is null", port);
-
- BindingProvider provider = (BindingProvider)port;
- provider.getRequestContext().put(
- BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
- address);
-
- //provider.getRequestContext().put("use.async.http.conduit", Boolean.TRUE);
- //for (int x = 0; x < 100000; x++) {
- assertEquals(port.greetMe("Kitty"), "Hello Kitty");
- //}
-
-
- stopServers();
- }
-
- @Test
- public final void testJaxwsServer() throws Exception {
- testSuccessfulCall("jaxws-server.xml",
- "https://localhost:" + BusServer.getPort(2) + "/SoapContext/HttpsPort");
- }
- @Test
- public final void testJaxwsServerChangeHttpsToHttp() throws Exception {
- testSuccessfulCall("jaxws-server.xml",
- "http://localhost:" + BusServer.getPort(3) + "/SoapContext/HttpPort");
- }
- @Test
- public final void testJaxwsEndpoint() throws Exception {
- testSuccessfulCall("jaxws-publish.xml",
- "https://localhost:" + BusServer.getPort(1) + "/SoapContext/HttpsPort");
- }
- @Test
- public final void testJaxwsTLSRefsEndpoint() throws Exception {
- testSuccessfulCall("jaxws-tlsrefs-publish.xml",
- "https://localhost:" + BusServer.getPort(1) + "/SoapContext/HttpsPort");
- }
- @Test
- public final void testPKCS12Endpoint() throws Exception {
- testSuccessfulCall("pkcs12.xml",
- "https://localhost:" + BusServer.getPort(6) + "/SoapContext/HttpsPort");
- }
-
- @Test
- public final void testResourceKeySpecEndpoint() throws Exception {
- testSuccessfulCall("resource-key-spec.xml",
- "https://localhost:" + BusServer.getPort(4) + "/SoapContext/HttpsPort");
- }
- @Test
- public final void testResourceKeySpecEndpointURL() throws Exception {
- testSuccessfulCall("resource-key-spec-url.xml",
- "https://localhost:" + BusServer.getPort(5) + "/SoapContext/HttpsPort",
- new URL("https://localhost:" + BusServer.getPort(5) + "/SoapContext/HttpsPort?wsdl"),
- true);
-
- }
-
- public static class ServerManagersFactory {
- public static KeyManager[] getKeyManagers() {
- KeyManagersType kmt = new KeyManagersType();
- KeyStoreType kst = new KeyStoreType();
- kst.setFile("src/test/resources/keys/Bethal.jks");
- kst.setPassword("password");
- kst.setType("JKS");
-
- kmt.setKeyStore(kst);
- kmt.setKeyPassword("password");
- try {
- return TLSParameterJaxBUtils.getKeyManagers(kmt);
- } catch (Exception e) {
- throw new RuntimeException("failed to retrieve key managers", e);
- }
- }
-
- public static TrustManager[] getTrustManagers() {
- TrustManagersType tmt = new TrustManagersType();
- KeyStoreType kst = new KeyStoreType();
- kst.setFile("src/test/resources/keys/Truststore.jks");
- kst.setPassword("password");
- kst.setType("JKS");
-
- tmt.setKeyStore(kst);
- try {
- return TLSParameterJaxBUtils.getTrustManagers(tmt);
- } catch (Exception e) {
- throw new RuntimeException("failed to retrieve trust managers", e);
- }
- }
- }
-
- public static class ClientManagersFactory {
- public static KeyManager[] getKeyManagers() {
- KeyManagersType kmt = new KeyManagersType();
- KeyStoreType kst = new KeyStoreType();
- kst.setFile("src/test/resources/keys/Morpit.jks");
- kst.setPassword("password");
- kst.setType("JKS");
-
- kmt.setKeyStore(kst);
- kmt.setKeyPassword("password");
- try {
- return TLSParameterJaxBUtils.getKeyManagers(kmt);
- } catch (Exception e) {
- throw new RuntimeException("failed to retrieve key managers", e);
- }
- }
-
- public static TrustManager[] getTrustManagers() {
- TrustManagersType tmt = new TrustManagersType();
- KeyStoreType kst = new KeyStoreType();
- kst.setFile("src/test/resources/keys/Truststore.jks");
- kst.setPassword("password");
- kst.setType("JKS");
-
- tmt.setKeyStore(kst);
- try {
- return TLSParameterJaxBUtils.getTrustManagers(tmt);
- } catch (Exception e) {
- throw new RuntimeException("failed to retrieve trust managers", e);
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/java/org/apache/cxf/systest/http/PushBack401.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/http/PushBack401.java b/systests/transports/src/test/java/org/apache/cxf/systest/http/PushBack401.java
deleted file mode 100644
index f812a3d..0000000
--- a/systests/transports/src/test/java/org/apache/cxf/systest/http/PushBack401.java
+++ /dev/null
@@ -1,223 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.http;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.net.HttpURLConnection;
-import java.util.Arrays;
-import java.util.List;
-import java.util.Map;
-
-import org.apache.cxf.common.util.Base64Utility;
-import org.apache.cxf.endpoint.Endpoint;
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.interceptor.Fault;
-import org.apache.cxf.message.Exchange;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.message.MessageImpl;
-import org.apache.cxf.phase.AbstractPhaseInterceptor;
-import org.apache.cxf.phase.Phase;
-import org.apache.cxf.transport.Conduit;
-import org.apache.cxf.transport.http.Headers;
-
-/*
- * This interceptor will issue 401s
- * No Authorization Header --> 401 Realm=Cronus
- * Username Mary --> 401 Realm=Andromeda
- * Username Edward --> 401 Realm=Zorantius
- * Username George --> 401 Realm=Cronus
- * If the password is not "password" a 401 is issued without
- * realm.
- */
-public class PushBack401 extends AbstractPhaseInterceptor<Message> {
-
- PushBack401() {
- super(Phase.RECEIVE);
- }
-
- /**
- * This function extracts the user:pass token from
- * the Authorization:Basic header. It returns a two element
- * String array, the first being the userid, the second
- * being the password. It returns null, if it cannot parse.
- */
- private String[] extractUserPass(String token) {
- try {
- byte[] userpass = Base64Utility.decode(token);
- String up = IOUtils.newStringFromBytes(userpass);
- String user = up.substring(0, up.indexOf(':'));
- String pass = up.substring(up.indexOf(':') + 1);
- return new String[] {user, pass};
- } catch (Exception e) {
- return null;
- }
-
- }
-
- /**
- * This function returns the realm which depends on
- * the user name, as follows:
- * <pre>
- * Username Mary --> Andromeda
- * Username Edward --> Zorantius
- * Username George --> Cronus
- * </pre>
- * However, if the password is not "password" this function
- * throws an exception, regardless.
- */
- private String checkUserPass(
- String user,
- String pass
- ) throws Exception {
- //System.out.println("Got user: " + user + " pass: " + pass);
- if (!"password".equals(pass)) {
- throw new Exception("bad password");
- }
- if ("Mary".equals(user)) {
- return "Andromeda";
- }
- if ("Edward".equals(user)) {
- return "Zorantius";
- }
- if ("George".equals(user)) {
- return "Cronus";
- }
- return null;
- }
-
- @SuppressWarnings("unchecked")
- public void handleMessage(Message message) throws Fault {
-
- Map<String, List<String>> headers =
- (Map<String, List<String>>)
- message.get(Message.PROTOCOL_HEADERS);
-
- List<String> auth = headers.get("Authorization");
- if (auth == null) {
- // No Auth Header, respond with 401 Realm=Cronus
- replyUnauthorized(message, "Cronus");
- return;
- } else {
- for (String a : auth) {
- if (a.startsWith("Basic ")) {
- String[] userpass =
- extractUserPass(a.substring("Basic ".length()));
- if (userpass != null) {
- try {
- String realm =
- checkUserPass(userpass[0], userpass[1]);
- if (realm != null) {
- replyUnauthorized(message, realm);
- return;
- } else {
- // Password is good and no realm
- // We just return for successful fall thru.
- return;
- }
- } catch (Exception e) {
- // Bad Password
- replyUnauthorized(message, null);
- return;
- }
- }
- }
- }
- // No Authorization: Basic
- replyUnauthorized(message, null);
- return;
- }
- }
-
- /**
- * This function issues a 401 response back down the conduit.
- * If the realm is not null, a WWW-Authenticate: Basic realm=
- * header is sent. The interceptor chain is aborted stopping
- * the Message from going to the servant.
- */
- private void replyUnauthorized(Message message, String realm) {
- Message outMessage = getOutMessage(message);
- outMessage.put(Message.RESPONSE_CODE,
- HttpURLConnection.HTTP_UNAUTHORIZED);
-
- if (realm != null) {
- setHeader(outMessage,
- "WWW-Authenticate", "Basic realm=" + realm);
- }
- message.getInterceptorChain().abort();
- try {
- getConduit(message).prepare(outMessage);
- close(outMessage);
- } catch (IOException e) {
- //System.out.println("Prepare of message not working." + e);
- e.printStackTrace();
- }
- }
-
- /**
- * Retrieves/creates the corresponding Outbound Message.
- */
- private Message getOutMessage(Message message) {
- Exchange exchange = message.getExchange();
- Message outMessage = exchange.getOutMessage();
- if (outMessage == null) {
- Endpoint endpoint = exchange.get(Endpoint.class);
- outMessage = new MessageImpl();
- outMessage.putAll(message);
- outMessage.remove(Message.PROTOCOL_HEADERS);
- outMessage.setExchange(exchange);
- outMessage = endpoint.getBinding().createMessage(outMessage);
- exchange.setOutMessage(outMessage);
- }
- return outMessage;
- }
-
- /**
- * This function sets the header in the PROTOCO_HEADERS of
- * the message.
- */
- private void setHeader(Message message, String key, String value) {
- Map<String, List<String>> responseHeaders = Headers.getSetProtocolHeaders(message);
- responseHeaders.put(key, Arrays.asList(new String[] {value}));
- }
-
- /**
- * This method retrieves/creates the conduit for the response
- * message.
- */
- private Conduit getConduit(Message message) throws IOException {
- Exchange exchange = message.getExchange();
- Conduit conduit =
- exchange.getDestination().getBackChannel(message);
- exchange.setConduit(conduit);
- return conduit;
- }
-
- /**
- * This method closes the output stream associated with the
- * message.
- */
- private void close(Message message) throws IOException {
- OutputStream os = message.getContent(OutputStream.class);
- os.flush();
- os.close();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/java/org/apache/cxf/systest/http/TrustHandler.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/http/TrustHandler.java b/systests/transports/src/test/java/org/apache/cxf/systest/http/TrustHandler.java
deleted file mode 100644
index 01b60af..0000000
--- a/systests/transports/src/test/java/org/apache/cxf/systest/http/TrustHandler.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.http;
-
-import org.apache.cxf.message.Message;
-import org.apache.cxf.transport.http.MessageTrustDecider;
-import org.apache.cxf.transport.http.URLConnectionInfo;
-import org.apache.cxf.transport.http.UntrustedURLConnectionIOException;
-
-public class TrustHandler
- extends MessageTrustDecider {
-
- public TrustHandler() {
- // Set the logical name.
- super("The System Test Trust Decider");
- }
-
- public void establishTrust(
- String conduitName,
- URLConnectionInfo connectionInfo,
- Message message
- ) throws UntrustedURLConnectionIOException {
- System.out.println("Trust decision for conduit: "
- + conduitName + " and "
- + connectionInfo.getURI());
- /*if (connectionInfo instanceof HttpURLConnectionInfo) {
- HttpURLConnectionInfo c = (HttpURLConnectionInfo) connectionInfo;
- System.out.println("Http method: "
- + c.getHttpRequestMethod() + " on " + c.getURI());
- }
- if (connectionInfo instanceof HttpsURLConnectionInfo) {
- HttpsURLConnectionInfo c = (HttpsURLConnectionInfo) connectionInfo;
- System.out.println("TLS Connection to: " + c.getURI());
- System.out.println("Enabled Cipher: " + c.getEnabledCipherSuite());
- System.out.println("Local Principal: " + c.getLocalPrincipal());
- System.out.println("Peer Principal: " + c.getPeerPrincipal());
- }
- */
- //throw new UntrustedURLConnectionIOException("No Way Jose");
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/java/org/apache/cxf/systest/https/CertConstraintsTest.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/CertConstraintsTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/CertConstraintsTest.java
new file mode 100644
index 0000000..5b0856d
--- /dev/null
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/CertConstraintsTest.java
@@ -0,0 +1,162 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.https;
+
+import java.net.URL;
+
+import javax.xml.ws.BindingProvider;
+
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.configuration.Configurer;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.hello_world.Greeter;
+import org.apache.hello_world.services.SOAPService;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+/**
+ * This test is meant to run against a spring-loaded HTTP/S service. It tests the certificate
+ * constraints logic.
+ */
+public class CertConstraintsTest extends AbstractBusClientServerTestBase {
+ //
+ // data
+ //
+
+ @BeforeClass
+ public static void allocatePorts() {
+ BusServer.resetPortMap();
+ }
+
+ /**
+ * the package path used to locate resources specific to this test
+ */
+ private void setTheConfiguration(String config) {
+ //System.setProperty("javax.net.debug", "all");
+ try {
+ System.setProperty(
+ Configurer.USER_CFG_FILE_PROPERTY_URL,
+ CertConstraintsTest.class.getResource(config).toString()
+ );
+ } catch (final Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ public void startServers() throws Exception {
+ assertTrue(
+ "Server failed to launch",
+ // run the server in the same process
+ // set this to false to fork a new process
+ launchServer(BusServer.class, true)
+ );
+ }
+
+
+ public void stopServers() throws Exception {
+ stopAllServers();
+ System.clearProperty(Configurer.USER_CFG_FILE_PROPERTY_URL);
+ BusFactory.setDefaultBus(null);
+ BusFactory.setThreadDefaultBus(null);
+ }
+
+
+ //
+ // tests
+ //
+ public final void testSuccessfulCall(String address) throws Exception {
+ URL url = SOAPService.WSDL_LOCATION;
+ SOAPService service = new SOAPService(url, SOAPService.SERVICE);
+ assertNotNull("Service is null", service);
+ final Greeter port = service.getHttpsPort();
+ assertNotNull("Port is null", port);
+
+ BindingProvider provider = (BindingProvider)port;
+ provider.getRequestContext().put(
+ BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
+ address);
+
+ assertEquals(port.greetMe("Kitty"), "Hello Kitty");
+ }
+
+ public final void testFailedCall(String address) throws Exception {
+ URL url = SOAPService.WSDL_LOCATION;
+ SOAPService service = new SOAPService(url, SOAPService.SERVICE);
+ assertNotNull("Service is null", service);
+ final Greeter port = service.getHttpsPort();
+ assertNotNull("Port is null", port);
+
+ BindingProvider provider = (BindingProvider)port;
+ provider.getRequestContext().put(
+ BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
+ address);
+
+ try {
+ assertEquals(port.greetMe("Kitty"), "Hello Kitty");
+ fail("Failure expected");
+ } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+ // expected
+ } catch (javax.xml.ws.WebServiceException ex) {
+ // expected
+ }
+ }
+
+ @Test
+ public final void testCertConstraints() throws Exception {
+ setTheConfiguration("jaxws-server-constraints.xml");
+ startServers();
+
+ //
+ // Good Subject DN
+ //
+ testSuccessfulCall("https://localhost:" + BusServer.getPort(0) + "/SoapContext/HttpsPort");
+ //
+ // Bad Subject DN
+ //
+ testFailedCall("https://localhost:" + BusServer.getPort(1) + "/SoapContext/HttpsPort");
+ //
+ // Mixed Subject DN (ALL)
+ //
+ testFailedCall("https://localhost:" + BusServer.getPort(2) + "/SoapContext/HttpsPort");
+ //
+ // Mixed Subject DN (ANY)
+ //
+ testSuccessfulCall("https://localhost:" + BusServer.getPort(3) + "/SoapContext/HttpsPort");
+ //
+ // Mixed Issuer DN (ALL)
+ //
+ testFailedCall("https://localhost:" + BusServer.getPort(4) + "/SoapContext/HttpsPort");
+ //
+ // Mixed Issuer DN (ANY)
+ //
+ testSuccessfulCall("https://localhost:" + BusServer.getPort(5) + "/SoapContext/HttpsPort");
+ //
+ // Bad server Subject DN
+ //
+ testFailedCall("https://localhost:" + BusServer.getPort(6) + "/SoapContext/HttpsPort");
+ //
+ // Bad server Issuer DN
+ //
+ testFailedCall("https://localhost:" + BusServer.getPort(7) + "/SoapContext/HttpsPort");
+
+ stopServers();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSClientTest.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSClientTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSClientTest.java
new file mode 100644
index 0000000..2ace9f8
--- /dev/null
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/HTTPSClientTest.java
@@ -0,0 +1,244 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.https;
+
+import java.net.URL;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.TrustManager;
+import javax.xml.ws.BindingProvider;
+
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.configuration.Configurer;
+import org.apache.cxf.configuration.jsse.TLSParameterJaxBUtils;
+import org.apache.cxf.configuration.security.KeyManagersType;
+import org.apache.cxf.configuration.security.KeyStoreType;
+import org.apache.cxf.configuration.security.TrustManagersType;
+import org.apache.cxf.jaxws.endpoint.dynamic.JaxWsDynamicClientFactory;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.hello_world.Greeter;
+import org.apache.hello_world.services.SOAPService;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+/**
+ * This test is meant to run against a spring-loaded
+ * HTTP/S service.
+ */
+public class HTTPSClientTest extends AbstractBusClientServerTestBase {
+ //
+ // data
+ //
+
+ /**
+ * the package path used to locate resources specific to this test
+ */
+ private void setTheConfiguration(String config) {
+ //System.setProperty("javax.net.debug", "all");
+ try {
+ System.setProperty(
+ Configurer.USER_CFG_FILE_PROPERTY_URL,
+ HTTPSClientTest.class.getResource(config).toString()
+ );
+ } catch (final Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ @BeforeClass
+ public static void setupPorts() {
+ BusServer.resetPortMap();
+ }
+
+ public void startServers() throws Exception {
+ assertTrue(
+ "Server failed to launch",
+ // run the server in the same process
+ // set this to false to fork a new process
+ launchServer(BusServer.class, true)
+ );
+ }
+
+
+ public void stopServers() throws Exception {
+ stopAllServers();
+ System.clearProperty(Configurer.USER_CFG_FILE_PROPERTY_URL);
+ BusFactory.setDefaultBus(null);
+ BusFactory.setThreadDefaultBus(null);
+ }
+
+
+ //
+ // tests
+ //
+ public final void testSuccessfulCall(String configuration,
+ String address) throws Exception {
+ testSuccessfulCall(configuration, address, null);
+ }
+ public final void testSuccessfulCall(String configuration,
+ String address,
+ URL url) throws Exception {
+ testSuccessfulCall(configuration, address, url, false);
+ }
+ public final void testSuccessfulCall(String configuration,
+ String address,
+ URL url,
+ boolean dynamicClient) throws Exception {
+ setTheConfiguration(configuration);
+ startServers();
+ if (url == null) {
+ url = SOAPService.WSDL_LOCATION;
+ }
+
+ //CXF-4037 - dynamic client isn't using the conduit settings to resolve schemas
+ if (dynamicClient) {
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ JaxWsDynamicClientFactory.newInstance(BusFactory.getDefaultBus())
+ .createClient(url.toExternalForm());
+ Thread.currentThread().setContextClassLoader(loader);
+ }
+
+
+
+ SOAPService service = new SOAPService(url, SOAPService.SERVICE);
+ assertNotNull("Service is null", service);
+ final Greeter port = service.getHttpsPort();
+ assertNotNull("Port is null", port);
+
+ BindingProvider provider = (BindingProvider)port;
+ provider.getRequestContext().put(
+ BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
+ address);
+
+ //provider.getRequestContext().put("use.async.http.conduit", Boolean.TRUE);
+ //for (int x = 0; x < 100000; x++) {
+ assertEquals(port.greetMe("Kitty"), "Hello Kitty");
+ //}
+
+
+ stopServers();
+ }
+
+ @Test
+ public final void testJaxwsServer() throws Exception {
+ testSuccessfulCall("jaxws-server.xml",
+ "https://localhost:" + BusServer.getPort(2) + "/SoapContext/HttpsPort");
+ }
+ @Test
+ public final void testJaxwsServerChangeHttpsToHttp() throws Exception {
+ testSuccessfulCall("jaxws-server.xml",
+ "http://localhost:" + BusServer.getPort(3) + "/SoapContext/HttpPort");
+ }
+ @Test
+ public final void testJaxwsEndpoint() throws Exception {
+ testSuccessfulCall("jaxws-publish.xml",
+ "https://localhost:" + BusServer.getPort(1) + "/SoapContext/HttpsPort");
+ }
+ @Test
+ public final void testJaxwsTLSRefsEndpoint() throws Exception {
+ testSuccessfulCall("jaxws-tlsrefs-publish.xml",
+ "https://localhost:" + BusServer.getPort(1) + "/SoapContext/HttpsPort");
+ }
+ @Test
+ public final void testPKCS12Endpoint() throws Exception {
+ testSuccessfulCall("pkcs12.xml",
+ "https://localhost:" + BusServer.getPort(6) + "/SoapContext/HttpsPort");
+ }
+
+ @Test
+ public final void testResourceKeySpecEndpoint() throws Exception {
+ testSuccessfulCall("resource-key-spec.xml",
+ "https://localhost:" + BusServer.getPort(4) + "/SoapContext/HttpsPort");
+ }
+ @Test
+ public final void testResourceKeySpecEndpointURL() throws Exception {
+ testSuccessfulCall("resource-key-spec-url.xml",
+ "https://localhost:" + BusServer.getPort(5) + "/SoapContext/HttpsPort",
+ new URL("https://localhost:" + BusServer.getPort(5) + "/SoapContext/HttpsPort?wsdl"),
+ true);
+
+ }
+
+ public static class ServerManagersFactory {
+ public static KeyManager[] getKeyManagers() {
+ KeyManagersType kmt = new KeyManagersType();
+ KeyStoreType kst = new KeyStoreType();
+ kst.setFile("src/test/resources/keys/Bethal.jks");
+ kst.setPassword("password");
+ kst.setType("JKS");
+
+ kmt.setKeyStore(kst);
+ kmt.setKeyPassword("password");
+ try {
+ return TLSParameterJaxBUtils.getKeyManagers(kmt);
+ } catch (Exception e) {
+ throw new RuntimeException("failed to retrieve key managers", e);
+ }
+ }
+
+ public static TrustManager[] getTrustManagers() {
+ TrustManagersType tmt = new TrustManagersType();
+ KeyStoreType kst = new KeyStoreType();
+ kst.setFile("src/test/resources/keys/Truststore.jks");
+ kst.setPassword("password");
+ kst.setType("JKS");
+
+ tmt.setKeyStore(kst);
+ try {
+ return TLSParameterJaxBUtils.getTrustManagers(tmt);
+ } catch (Exception e) {
+ throw new RuntimeException("failed to retrieve trust managers", e);
+ }
+ }
+ }
+
+ public static class ClientManagersFactory {
+ public static KeyManager[] getKeyManagers() {
+ KeyManagersType kmt = new KeyManagersType();
+ KeyStoreType kst = new KeyStoreType();
+ kst.setFile("src/test/resources/keys/Morpit.jks");
+ kst.setPassword("password");
+ kst.setType("JKS");
+
+ kmt.setKeyStore(kst);
+ kmt.setKeyPassword("password");
+ try {
+ return TLSParameterJaxBUtils.getKeyManagers(kmt);
+ } catch (Exception e) {
+ throw new RuntimeException("failed to retrieve key managers", e);
+ }
+ }
+
+ public static TrustManager[] getTrustManagers() {
+ TrustManagersType tmt = new TrustManagersType();
+ KeyStoreType kst = new KeyStoreType();
+ kst.setFile("src/test/resources/keys/Truststore.jks");
+ kst.setPassword("password");
+ kst.setType("JKS");
+
+ tmt.setKeyStore(kst);
+ try {
+ return TLSParameterJaxBUtils.getTrustManagers(tmt);
+ } catch (Exception e) {
+ throw new RuntimeException("failed to retrieve trust managers", e);
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/java/org/apache/cxf/systest/https/KeyPasswordCallbackHandler.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/KeyPasswordCallbackHandler.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/KeyPasswordCallbackHandler.java
new file mode 100644
index 0000000..6af2961
--- /dev/null
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/KeyPasswordCallbackHandler.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.https;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+public class KeyPasswordCallbackHandler implements CallbackHandler {
+
+ @Override
+ public void handle(Callback[] callbacks) throws IOException,
+ UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ PasswordCallback pc = (PasswordCallback)callbacks[i];
+ pc.setPassword("password".toCharArray());
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/java/org/apache/cxf/systest/https/PushBack401.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/PushBack401.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/PushBack401.java
new file mode 100644
index 0000000..d0fcac9
--- /dev/null
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/PushBack401.java
@@ -0,0 +1,223 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.https;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.net.HttpURLConnection;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.helpers.IOUtils;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.Exchange;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.cxf.transport.Conduit;
+import org.apache.cxf.transport.http.Headers;
+
+/*
+ * This interceptor will issue 401s
+ * No Authorization Header --> 401 Realm=Cronus
+ * Username Mary --> 401 Realm=Andromeda
+ * Username Edward --> 401 Realm=Zorantius
+ * Username George --> 401 Realm=Cronus
+ * If the password is not "password" a 401 is issued without
+ * realm.
+ */
+public class PushBack401 extends AbstractPhaseInterceptor<Message> {
+
+ PushBack401() {
+ super(Phase.RECEIVE);
+ }
+
+ /**
+ * This function extracts the user:pass token from
+ * the Authorization:Basic header. It returns a two element
+ * String array, the first being the userid, the second
+ * being the password. It returns null, if it cannot parse.
+ */
+ private String[] extractUserPass(String token) {
+ try {
+ byte[] userpass = Base64Utility.decode(token);
+ String up = IOUtils.newStringFromBytes(userpass);
+ String user = up.substring(0, up.indexOf(':'));
+ String pass = up.substring(up.indexOf(':') + 1);
+ return new String[] {user, pass};
+ } catch (Exception e) {
+ return null;
+ }
+
+ }
+
+ /**
+ * This function returns the realm which depends on
+ * the user name, as follows:
+ * <pre>
+ * Username Mary --> Andromeda
+ * Username Edward --> Zorantius
+ * Username George --> Cronus
+ * </pre>
+ * However, if the password is not "password" this function
+ * throws an exception, regardless.
+ */
+ private String checkUserPass(
+ String user,
+ String pass
+ ) throws Exception {
+ //System.out.println("Got user: " + user + " pass: " + pass);
+ if (!"password".equals(pass)) {
+ throw new Exception("bad password");
+ }
+ if ("Mary".equals(user)) {
+ return "Andromeda";
+ }
+ if ("Edward".equals(user)) {
+ return "Zorantius";
+ }
+ if ("George".equals(user)) {
+ return "Cronus";
+ }
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ public void handleMessage(Message message) throws Fault {
+
+ Map<String, List<String>> headers =
+ (Map<String, List<String>>)
+ message.get(Message.PROTOCOL_HEADERS);
+
+ List<String> auth = headers.get("Authorization");
+ if (auth == null) {
+ // No Auth Header, respond with 401 Realm=Cronus
+ replyUnauthorized(message, "Cronus");
+ return;
+ } else {
+ for (String a : auth) {
+ if (a.startsWith("Basic ")) {
+ String[] userpass =
+ extractUserPass(a.substring("Basic ".length()));
+ if (userpass != null) {
+ try {
+ String realm =
+ checkUserPass(userpass[0], userpass[1]);
+ if (realm != null) {
+ replyUnauthorized(message, realm);
+ return;
+ } else {
+ // Password is good and no realm
+ // We just return for successful fall thru.
+ return;
+ }
+ } catch (Exception e) {
+ // Bad Password
+ replyUnauthorized(message, null);
+ return;
+ }
+ }
+ }
+ }
+ // No Authorization: Basic
+ replyUnauthorized(message, null);
+ return;
+ }
+ }
+
+ /**
+ * This function issues a 401 response back down the conduit.
+ * If the realm is not null, a WWW-Authenticate: Basic realm=
+ * header is sent. The interceptor chain is aborted stopping
+ * the Message from going to the servant.
+ */
+ private void replyUnauthorized(Message message, String realm) {
+ Message outMessage = getOutMessage(message);
+ outMessage.put(Message.RESPONSE_CODE,
+ HttpURLConnection.HTTP_UNAUTHORIZED);
+
+ if (realm != null) {
+ setHeader(outMessage,
+ "WWW-Authenticate", "Basic realm=" + realm);
+ }
+ message.getInterceptorChain().abort();
+ try {
+ getConduit(message).prepare(outMessage);
+ close(outMessage);
+ } catch (IOException e) {
+ //System.out.println("Prepare of message not working." + e);
+ e.printStackTrace();
+ }
+ }
+
+ /**
+ * Retrieves/creates the corresponding Outbound Message.
+ */
+ private Message getOutMessage(Message message) {
+ Exchange exchange = message.getExchange();
+ Message outMessage = exchange.getOutMessage();
+ if (outMessage == null) {
+ Endpoint endpoint = exchange.get(Endpoint.class);
+ outMessage = new MessageImpl();
+ outMessage.putAll(message);
+ outMessage.remove(Message.PROTOCOL_HEADERS);
+ outMessage.setExchange(exchange);
+ outMessage = endpoint.getBinding().createMessage(outMessage);
+ exchange.setOutMessage(outMessage);
+ }
+ return outMessage;
+ }
+
+ /**
+ * This function sets the header in the PROTOCO_HEADERS of
+ * the message.
+ */
+ private void setHeader(Message message, String key, String value) {
+ Map<String, List<String>> responseHeaders = Headers.getSetProtocolHeaders(message);
+ responseHeaders.put(key, Arrays.asList(new String[] {value}));
+ }
+
+ /**
+ * This method retrieves/creates the conduit for the response
+ * message.
+ */
+ private Conduit getConduit(Message message) throws IOException {
+ Exchange exchange = message.getExchange();
+ Conduit conduit =
+ exchange.getDestination().getBackChannel(message);
+ exchange.setConduit(conduit);
+ return conduit;
+ }
+
+ /**
+ * This method closes the output stream associated with the
+ * message.
+ */
+ private void close(Message message) throws IOException {
+ OutputStream os = message.getContent(OutputStream.class);
+ os.flush();
+ os.close();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7c93cc/systests/transports/src/test/resources/org/apache/cxf/systest/http/Abost.cxf
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Abost.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/http/Abost.cxf
index c3cf97f..a250d5d 100644
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/http/Abost.cxf
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/http/Abost.cxf
@@ -41,7 +41,7 @@
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
<http:destination name="{http://apache.org/hello_world}Abost.http-destination">
- <http:server RedirectURL="http://localhost:${testutil.ports.BusServer.6}/Hurlon"/>
+ <http:server RedirectURL="http://localhost:${testutil.ports.BusServer.3}/Hurlon"/>
</http:destination>
</beans>