You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ow...@apache.org on 2013/10/24 21:38:23 UTC
svn commit: r1535507 - in /cxf/fediz/trunk: examples/samplekeys/
examples/simpleWebapp/src/main/config/
examples/spring2Webapp/src/main/config/
examples/spring2Webapp/src/main/resources/
examples/spring2Webapp/src/main/webapp/WEB-INF/ examples/springPr...
Author: owulff
Date: Thu Oct 24 19:38:22 2013
New Revision: 1535507
URL: http://svn.apache.org/r1535507
Log:
Clean up java keystores
Added:
cxf/fediz/trunk/examples/samplekeys/idp-ssl-server.jks
cxf/fediz/trunk/examples/samplekeys/rp-ssl-server.jks
- copied, changed from r1528997, cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks
cxf/fediz/trunk/examples/samplekeys/ststrust.jks
- copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
cxf/fediz/trunk/examples/samplekeys/wsp-ssl-server.jks
cxf/fediz/trunk/examples/spring2Webapp/src/main/resources/ststrust.jks
- copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
cxf/fediz/trunk/examples/springWebapp/src/main/resources/ststrust.jks
- copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/stsTruststore.properties
- copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.properties
cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/ststrust.jks
- copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
cxf/fediz/trunk/plugins/core/src/test/resources/ststrust.jks
- copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
cxf/fediz/trunk/services/idp/src/main/resources/idp-ssl-trust.jks
cxf/fediz/trunk/systests/jetty8/src/test/resources/ststrust.jks
- copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
cxf/fediz/trunk/systests/spring2Webapp/src/main/resources/ststrust.jks
- copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
cxf/fediz/trunk/systests/springWebapp/src/main/resources/ststrust.jks
- copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
cxf/fediz/trunk/systests/tomcat7/src/test/resources/ststrust.jks
- copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
Removed:
cxf/fediz/trunk/examples/spring2Webapp/src/main/config/fediz_config.xml
cxf/fediz/trunk/examples/spring2Webapp/src/main/resources/stsstore.jks
cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml
cxf/fediz/trunk/examples/springWebapp/src/main/resources/stsstore.jks
cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.properties
cxf/fediz/trunk/services/idp/src/main/resources/idpstore.jks
cxf/fediz/trunk/systests/jetty8/src/test/resources/stsstore.jks
cxf/fediz/trunk/systests/spring2Webapp/src/main/resources/stsstore.jks
cxf/fediz/trunk/systests/springWebapp/src/main/resources/stsstore.jks
cxf/fediz/trunk/systests/tomcat7/src/test/resources/stsstore.jks
Modified:
cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html
cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks
cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
cxf/fediz/trunk/examples/spring2Webapp/src/main/webapp/WEB-INF/fediz_config.xml
cxf/fediz/trunk/examples/springPreauthWebapp/src/main/config/fediz_config.xml
cxf/fediz/trunk/examples/springWebapp/src/main/webapp/WEB-INF/fediz_config.xml
cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/webapp/WEB-INF/applicationContext.xml
cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
cxf/fediz/trunk/plugins/core/src/test/resources/fediz_meta_test_config.xml
cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml
cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml
cxf/fediz/trunk/services/sts/src/realms/resources/log4j.properties
cxf/fediz/trunk/services/sts/src/realms/resources/ststrust.jks
cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java
cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml
cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml
cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java
cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml
Modified: cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html (original)
+++ cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html Thu Oct 24 19:38:22 2013
@@ -8,37 +8,46 @@ is recommended.</p>
<table border="1" bgcolor="#FFFFCC" align="center">
<tr bgcolor="#FFCCCC">
-<th>Keystore (Password)</th><th>Alias (Password)</th><th>Location</th><th>Creation Script Used</th><th>Needs to trust</th><th>Is trusted by</th></tr>
-<tr><td colspan="6"><strong><em>Tomcat Keystores: The Tomcat keys can be simply placed in the root folder of each Tomcat installation. They are used to configure SSL for the Tomcat instances as described here: <a href="http://cxf.apache.org/fediz-tomcat.html">http://cxf.apache.org/fediz-tomcat.html</a>. For Tomcat keys only, the keystore password and the private key password needs to be the same.</em></strong></tr>
-<tr><td>tomcat-idp.jks (tompass)</td><td>mytomidpkey (tompass)</td><td>base folder of Tomcat instance holding the IDP and IDP STS</td>
- <td><code>keytool -genkeypair -validity 730 -alias mytomidpkey -keystore tomcat-idp.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code><br/><br/><code>keytool -keystore tomcat-idp.jks -storepass tompass -export -alias mytomidpkey -file MyTCIDP.cer</code></td>
- <td>Nobody</td><td>IDP app</td></tr>
-<tr><td>tomcat-rp.jks (tompass)</td><td>mytomrpkey (tompass)</td><td>base folder of Tomcat instance holding the relying party applications for both samples (simpleWebapp and wsclientWebapp); has the STS public cert added to it because this keystore is configured in conf/fediz_config.xml. <p><em>Note: If desired can avoid adding STS public cert to this keystore if you create a separate truststore for Fediz w/STS public cert (identical to webserviceKeystore.jks below), and use that in fediz_config.xml instead.</em></p></td>
- <td><code>keytool -genkeypair -validity 730 -alias mytomrpkey -keystore tomcat-rp.jks -dname "cn=localhost" -keypass tompass -storepass tompass<br/><br/>keytool -import -trustcacerts -keystore tomcat-rp.jks -storepass tompass -alias mystskey -file MySTS.cer -noprompt (see stsstore.jks below for MySTS.cer)</code></td>
- <td>IDP STS (Fediz Tomcat plugin makes STS call)</td><td>Nobody</td></tr>
-<tr><td>tomcat-wsp.jks (tompass)</td><td>mytomwspkey (tompass)</td><td>base folder of Tomcat instance holding the web service provider in the second (wsClientWebapp) sample</td>
- <td><code>keytool -genkeypair -validity 730 -alias mytomwspkey -keystore tomcat-wsp.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code><br/><br/><code>keytool -keystore tomcat-wsp.jks -storepass tompass -export -alias mytomwspkey -file MyTCWSP.cer</code></td>
+<th>Keystore (Password)</th><th>Key Alias (Password)</th><th>Location</th><th>Creation Script Used</th><th>Needs to trust</th><th>Is trusted by</th></tr>
+<tr><td colspan="6"><strong><em>Servlet Container Keystores: The keys can be simply placed in the root folder of each Servlet Container installation. They are used to configure SSL for the Servlet Container instances as described here for Tomcat: <a href="http://cxf.apache.org/fediz-tomcat.html">http://cxf.apache.org/fediz-tomcat.html</a>. For Tomcat keys only, the keystore password and the private key password needs to be the same.</em></strong></tr>
+<tr><td>idp-ssl-server.jks (tompass)</td><td>mytomidpkey (tompass)</td><td>base folder of Tomcat instance holding the IDP and IDP STS</td>
+ <td><code>keytool -genkeypair -validity 730 -alias mytomidpkey -keystore idp-ssl-server.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code><br/><br/><code>keytool -keystore idp-ssl-server.jks -storepass tompass -export -alias mytomidpkey -file MyTCIDP.cer</code></td>
+ <td>Nobody</td><td>Fediz IDP module<br/><br/>wsclientWebapp's webapp module<br/><br/>Browser</td></tr>
+<tr><td>rp-ssl-server.jks (tompass)</td><td>mytomrpkey (tompass)</td><td>base folder of Tomcat instance holding the relying party applications for both samples (simpleWebapp and wsclientWebapp); STS public cert NOT imported anymore - instead use ststrust.jks</td>
+ <td><code>keytool -genkeypair -validity 730 -alias mytomrpkey -keystore rp-ssl-server.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code></td>
+ <td>Nobody</td><td>Browser</td></tr>
+<tr><td>wsp-ssl-server.jks (tompass)</td><td>mytomwspkey (tompass)</td><td>base folder of Tomcat instance holding the web service provider in the second (wsClientWebapp) sample</td>
+ <td><code>keytool -genkeypair -validity 730 -alias mytomwspkey -keystore wsp-ssl-server.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code><br/><br/><code>keytool -keystore wsp-ssl-server.jks -storepass tompass -export -alias mytomwspkey -file MyTCWSP.cer</code></td>
<td>Nobody</td><td>wsclientWebapp's webapp module</td></tr>
<tr><td colspan="6"><strong><em>Service Keystores: These Fediz services form the core of the product and can be used with both the sample webapps provided and of course your own web applications.</em></strong></tr>
-<tr><td>idpstore.jks (ispass)</td><td>myidpkey (ikpass)</td><td>services/idp/src/main/resources/idpstore.jks</td>
- <td><code>keytool -genkey -keyalg RSA -sigalg SHA1withRSA -validity 730 -alias myidpkey -keypass ikpass -storepass ispass -keystore idpstore.jks</code><br/><br/><code>keytool -import -trustcacerts -keystore idpstore.jks -storepass ispass -alias mytomidpkey -file MyTCIDP.cer -noprompt</code><br/><br/><code>keytool -export -rfc -keystore idpstore.jks -storepass ispass -alias myidpkey -file MyIDP.cer</code></td>
+<tr><td>idp-ssl-trust.jks (ispass)</td><td>myidpkey (ikpass)</td><td>services/idp/src/main/resources/idp-ssl-trust.jks</td>
+ <td><code>keytool -import -trustcacerts -keystore idp-ssl-trust.jks -storepass ispass -alias mytomidpkey -file MyTCIDP.cer -noprompt</code></td>
<td>mytomidpkey (because of SSL call to IDP STS)</td><td>IDP STS</td></tr>
-<tr><td>stsstore.jks (stsspass)</td><td>mystskey (stskpass)</td><td>services/sts/src/main/resources/stsstore.jks</td>
+<tr><td>stsrealm_a.jks (storepass)</td><td>realma (realma)</td><td>services/sts/src/realms/resources/stsrealm_a.jks</td>
<td><code>
-keytool -genkey -keyalg RSA -sigalg SHA1withRSA -validity 730 -alias mystskey -keypass stskpass -storepass stsspass -keystore stsstore.jks<br/><br/>
-keytool -import -trustcacerts -keystore stsstore.jks -storepass stsspass -alias myidpkey -file MyIDP.cer -noprompt<br/><br/>
-keytool -export -rfc -keystore stsstore.jks -storepass stsspass -alias mystskey -file MySTS.cer
+keytool -genkeypair -keyalg RSA -validity 3600 -alias realma -keystore stsrealm_a.jks -dname "cn=REALMA" -keypass realma -storepass storepass<br/><br/>
+keytool -export -rfc -keystore stsrealm_a.jks -storepass storepass -alias realma -file realma.cert
</code>
</td>
- <td>myidpkey (because of X.509 auth between IDP and IDP STS)</td><td>wsclientWebapp's webservice</td></tr>
+ <td>Nobody</td><td>By Relying Party (ststrust.jks)</td></tr>
+<tr><td>stsrealm_b.jks (storepass)</td><td>realmb (realmb)</td><td>services/sts/src/realms/resources/stsrealm_b.jks</td>
+ <td><code>
+keytool -genkeypair -keyalg RSA -validity 3600 -alias realma -keystore stsrealm_b.jks -dname "cn=REALMB" -keypass realmb -storepass storepass<br/><br/>
+keytool -export -rfc -keystore stsrealm_b.jks -storepass storepass -alias realmb -file realmb.cert
+</code>
+</td>
+ <td>Nobody</td><td>By Relying Party (ststrust.jks)</td></tr>
+<tr><td>ststrust.jks (storepass)</td><td>N/A (no key, just a truststore)</td><td>examples/samplekeys/ststrust.jks<br/><br/>services/sts/src/realms/resources/ststrust.jks</td>
+ <td><code>
+keytool -import -trustcacerts -keystore ststrust.jks -storepass storepass -alias realma -file realma.cert -noprompt<br/><br/>
+keytool -import -trustcacerts -keystore ststrust.jks -storepass storepass -alias realmb -file realmb.cert -noprompt
+</code>
+</td>
+ <td>Nobody</td><td>By Relying Party (Fediz configuration file)</td></tr>
<tr><td colspan="6"><strong><em>Sample Keystores: No production value, just used for running the "wsclientWebapp" sample provided with Fediz. (simpleWebapp has/uses no keys).</em></strong></tr>
-<tr><td>webappKeystore.jks (waspass)</td><td>mywakey (wakpass)</td><td>examples/wsclientWebapp/webapp/src/main/resources/webappKeystore.jks</td>
- <td><code>keytool -genkey -keyalg RSA -sigalg SHA1withRSA -validity 730 -alias mywakey -keypass wakpass -storepass waspass -keystore webappKeystore.jks<br/><br/>
-keytool -import -trustcacerts -keystore webappKeystore.jks -storepass waspass -alias mytomidpkey -file MyTCIDP.cer -noprompt<br/><br/>
-keytool -import -trustcacerts -keystore webappKeystore.jks -storepass waspass -alias mytomwspkey -file MyTCWSP.cer -noprompt<br/><br/>
+<tr><td>webappKeystore.jks (waspass)</td><td>N/A (no key, just a SSL truststore)</td><td>examples/wsclientWebapp/webapp/src/main/resources/webappKeystore.jks</td>
+ <td><code>keytool -import -trustcacerts -keystore webappKeystore.jks -storepass waspass -alias mytomidpkey -file MyTCIDP.cer -noprompt<br/><br/>
+keytool -import -trustcacerts -keystore webappKeystore.jks -storepass waspass -alias mytomwspkey -file MyTCWSP.cer -noprompt
</code></td>
- <td>mytomidpkey (to access IDP STS via HTTPS, mytomwspkey (to access web service via HTTPS)</td><td>Nobody</td></tr>
-<tr><td>webserviceKeystore.jks (wsspass)</td><td>N/A (no key, just a truststore)</td><td>examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks</td>
- <td><code>keytool -import -trustcacerts -keystore webserviceKeystore.jks -storepass wsspass -alias mystskey -file MySTS.cer -noprompt</code></td>
- <td>IDP STS (signature verification)</td><td>Nobody</td></tr>
+ <td>mytomidpkey (to access IDP STS via HTTPS, mytomwspkey (to access web service via HTTPS)</td><td>Nobody</td></tr>
</table>
Added: cxf/fediz/trunk/examples/samplekeys/idp-ssl-server.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/idp-ssl-server.jks?rev=1535507&view=auto
==============================================================================
Files cxf/fediz/trunk/examples/samplekeys/idp-ssl-server.jks (added) and cxf/fediz/trunk/examples/samplekeys/idp-ssl-server.jks Thu Oct 24 19:38:22 2013 differ
Copied: cxf/fediz/trunk/examples/samplekeys/rp-ssl-server.jks (from r1528997, cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/rp-ssl-server.jks?p2=cxf/fediz/trunk/examples/samplekeys/rp-ssl-server.jks&p1=cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.
Copied: cxf/fediz/trunk/examples/samplekeys/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/ststrust.jks?p2=cxf/fediz/trunk/examples/samplekeys/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.
Modified: cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
Binary files - no diff available.
Added: cxf/fediz/trunk/examples/samplekeys/wsp-ssl-server.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/wsp-ssl-server.jks?rev=1535507&view=auto
==============================================================================
Files cxf/fediz/trunk/examples/samplekeys/wsp-ssl-server.jks (added) and cxf/fediz/trunk/examples/samplekeys/wsp-ssl-server.jks Thu Oct 24 19:38:22 2013 differ
Modified: cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -1,7 +1,8 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file.
- Keystore referenced below must have IDP STS' public cert included in it. This example re-uses the Tomcat SSL
- keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead.
+<!-- Place in Tomcat conf folder or other location as designated in this sample's file.
+ Keystore referenced below must have IDP STS' public cert included in it. This example uses the
+ ststrust Truststore (ststrust.jks) for this task.
+ In Fediz 1.0, one keystore was used for SSL and the STS public certificate.
-->
<FedizConfig>
<contextConfig name="/fedizhelloworld">
@@ -10,12 +11,14 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="tomcat-rp.jks" password="tompass" type="JKS" />
+ <keyStore file="ststrust.jks" password="storepass" type="JKS" />
</trustManager>
</certificateStores>
<trustedIssuers>
<issuer subject=".*CN=www.sts.com.*" certificateValidation="ChainTrust"
name="DoubleItSTSIssuer" />
+ <issuer subject=".*CN=REALMA.*" certificateValidation="ChainTrust"
+ name="REALM A"/>
</trustedIssuers>
<maximumClockSkew>1000</maximumClockSkew>
<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@@ -24,11 +27,6 @@
<issuer>https://localhost:9443/fediz-idp/federation</issuer>
<roleDelimiter>,</roleDelimiter>
<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
- <!--<authenticationType type="String">some auth type</authenticationType>-->
- <homeRealm type="Class">org.apache.cxf.fediz.example.HomeRealmCallbackHandler</homeRealm>
- <!--<freshness>0</freshness>-->
- <!--<reply>reply value</reply>-->
- <!--<request>REQUEST</request>-->
<claimTypesRequested>
<claimType type="a particular claim type" optional="true" />
</claimTypesRequested>
Copied: cxf/fediz/trunk/examples/spring2Webapp/src/main/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/spring2Webapp/src/main/resources/ststrust.jks?p2=cxf/fediz/trunk/examples/spring2Webapp/src/main/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.
Modified: cxf/fediz/trunk/examples/spring2Webapp/src/main/webapp/WEB-INF/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/spring2Webapp/src/main/webapp/WEB-INF/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/spring2Webapp/src/main/webapp/WEB-INF/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/spring2Webapp/src/main/webapp/WEB-INF/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -1,7 +1,8 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file.
- Keystore referenced below must have IDP STS' public cert included in it. This example re-uses the Tomcat SSL
- keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead.
+<!-- Place in Tomcat conf folder or other location as designated in this sample's file.
+ Keystore referenced below must have IDP STS' public cert included in it. This example uses the
+ ststrust Truststore (ststrust.jks) for this task.
+ In Fediz 1.0, one keystore was used for SSL and the STS public certificate.
-->
<FedizConfig>
<contextConfig name="/fedizhelloworld">
@@ -10,7 +11,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+ <keyStore file="ststrust.jks" password="storepass" type="JKS" />
</trustManager>
</certificateStores>
<trustedIssuers>
@@ -23,16 +24,10 @@
<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="federationProtocolType" version="1.0.0">
<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
- <issuer>https://localhost:9443/fediz-idp/</issuer>
+ <issuer>https://localhost:9443/fediz-idp/federation</issuer>
<roleDelimiter>,</roleDelimiter>
<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
<reply>/j_spring_fediz_security_check</reply>
- <!--<authenticationType type="String">some auth type</authenticationType>-->
- <!--<homeRealm type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
- <!--<freshness>0</freshness>-->
- <!--<reply>reply value</reply>-->
- <!--<request>REQUEST</request>-->
- <homeRealm type="String">urn:org:apache:cxf:fediz:idp:realm-A</homeRealm>
<claimTypesRequested>
<claimType type="a particular claim type" optional="true" />
</claimTypesRequested>
Modified: cxf/fediz/trunk/examples/springPreauthWebapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/springPreauthWebapp/src/main/config/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/springPreauthWebapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/springPreauthWebapp/src/main/config/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -1,7 +1,8 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file.
- Keystore referenced below must have IDP STS' public cert included in it. This example re-uses the Tomcat SSL
- keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead.
+<!-- Place in Tomcat conf folder or other location as designated in this sample's file.
+ Keystore referenced below must have IDP STS' public cert included in it. This example uses the
+ ststrust Truststore (ststrust.jks) for this task.
+ In Fediz 1.0, one keystore was used for SSL and the STS public certificate.
-->
<FedizConfig>
<contextConfig name="/fedizhelloworld">
@@ -10,25 +11,22 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="tomcat-rp.jks" password="tompass" type="JKS" />
+ <keyStore file="ststrust.jks" password="storepass" type="JKS" />
</trustManager>
</certificateStores>
<trustedIssuers>
<issuer subject=".*CN=www.sts.com.*" certificateValidation="ChainTrust"
name="DoubleItSTSIssuer" />
+ <issuer subject=".*CN=REALMA.*" certificateValidation="ChainTrust"
+ name="REALM A"/>
</trustedIssuers>
<maximumClockSkew>1000</maximumClockSkew>
<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="federationProtocolType" version="1.0.0">
<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
- <issuer>https://localhost:9443/fediz-idp/</issuer>
+ <issuer>https://localhost:9443/fediz-idp/federation</issuer>
<roleDelimiter>,</roleDelimiter>
<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
- <!--<authenticationType type="String">some auth type</authenticationType>-->
- <!--<homeRealm type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
- <!--<freshness>0</freshness>-->
- <!--<reply>reply value</reply>-->
- <!--<request>REQUEST</request>-->
<claimTypesRequested>
<claimType type="a particular claim type" optional="true" />
</claimTypesRequested>
Copied: cxf/fediz/trunk/examples/springWebapp/src/main/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/springWebapp/src/main/resources/ststrust.jks?p2=cxf/fediz/trunk/examples/springWebapp/src/main/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.
Modified: cxf/fediz/trunk/examples/springWebapp/src/main/webapp/WEB-INF/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/springWebapp/src/main/webapp/WEB-INF/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/springWebapp/src/main/webapp/WEB-INF/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/springWebapp/src/main/webapp/WEB-INF/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -1,7 +1,8 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file.
- Keystore referenced below must have IDP STS' public cert included in it. This example re-uses the Tomcat SSL
- keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead.
+<!-- Place in Tomcat conf folder or other location as designated in this sample's file.
+ Keystore referenced below must have IDP STS' public cert included in it. This example uses the
+ ststrust Truststore (ststrust.jks) for this task.
+ In Fediz 1.0, one keystore was used for SSL and the STS public certificate.
-->
<FedizConfig>
<contextConfig name="/fedizhelloworld">
@@ -10,7 +11,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+ <keyStore file="ststrust.jks" password="storepass" type="JKS" />
</trustManager>
</certificateStores>
<trustedIssuers>
@@ -23,16 +24,10 @@
<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="federationProtocolType" version="1.0.0">
<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
- <issuer>https://localhost:9443/fediz-idp/</issuer>
+ <issuer>https://localhost:9443/fediz-idp/federation</issuer>
<roleDelimiter>,</roleDelimiter>
<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
<reply>/j_spring_fediz_security_check</reply>
- <!--<authenticationType type="String">some auth type</authenticationType>-->
- <!--<homeRealm type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
- <!--<freshness>0</freshness>-->
- <!--<reply>reply value</reply>-->
- <!--<request>REQUEST</request>-->
- <homeRealm type="String">urn:org:apache:cxf:fediz:idp:realm-A</homeRealm>
<claimTypesRequested>
<claimType type="a particular claim type" optional="true" />
</claimTypesRequested>
Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -1,7 +1,8 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file.
- Keystore referenced below must have IDP STS' public cert included in it. This example re-uses the Tomcat SSL
- keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead.
+<!-- Place in Tomcat conf folder or other location as designated in this sample's file.
+ Keystore referenced below must have IDP STS' public cert included in it. This example uses the
+ ststrust Truststore (ststrust.jks) for this task.
+ In Fediz 1.0, one keystore was used for SSL and the STS public certificate.
-->
<FedizConfig>
<contextConfig name="/fedizhelloworld">
@@ -10,12 +11,14 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="tomcat-rp.jks" password="tompass" type="JKS" />
+ <keyStore file="ststrust.jks" password="storepass" type="JKS" />
</trustManager>
</certificateStores>
<trustedIssuers>
<issuer subject=".*CN=www.sts.com.*" certificateValidation="ChainTrust"
name="DoubleItSTSIssuer" />
+ <issuer subject=".*CN=REALMA.*" certificateValidation="ChainTrust"
+ name="REALM A"/>
</trustedIssuers>
<maximumClockSkew>1000</maximumClockSkew>
<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@@ -24,11 +27,6 @@
<issuer>https://localhost:9443/fediz-idp/federation</issuer>
<roleDelimiter>,</roleDelimiter>
<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
- <!--<authenticationType type="String">some auth type</authenticationType>-->
- <homeRealm type="Class">org.apache.cxf.fediz.example.HomeRealmCallbackHandler</homeRealm>
- <!--<freshness>0</freshness>-->
- <!--<reply>reply value</reply>-->
- <!--<request>REQUEST</request>-->
<claimTypesRequested>
<claimType type="a particular claim type" optional="true" />
</claimTypesRequested>
Copied: cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/stsTruststore.properties (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.properties)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/stsTruststore.properties?p2=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/stsTruststore.properties&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.properties&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.properties (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/stsTruststore.properties Thu Oct 24 19:38:22 2013
@@ -1,5 +1,5 @@
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
-org.apache.ws.security.crypto.merlin.keystore.password=wsspass
-org.apache.ws.security.crypto.merlin.keystore.file=webserviceKeystore.jks
+org.apache.ws.security.crypto.merlin.keystore.password=storepass
+org.apache.ws.security.crypto.merlin.keystore.file=ststrust.jks
Copied: cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/ststrust.jks?p2=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.
Modified: cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/webapp/WEB-INF/applicationContext.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/webapp/WEB-INF/applicationContext.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/webapp/WEB-INF/applicationContext.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/webapp/WEB-INF/applicationContext.xml Thu Oct 24 19:38:22 2013
@@ -22,7 +22,7 @@
xmlns:svc="http://apache.org/hello_world_soap_http" address="/GreeterService">
<jaxws:properties>
- <entry key="ws-security.signature.properties" value="webserviceKeystore.properties" />
+ <entry key="ws-security.signature.properties" value="ststrust.properties" />
</jaxws:properties>
<jaxws:features>
Modified: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java (original)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java Thu Oct 24 19:38:22 2013
@@ -1080,8 +1080,8 @@ public class FederationProcessorTest {
TrustManagersType tm0 = new TrustManagersType();
KeyStoreType ks0 = new KeyStoreType();
ks0.setType("JKS");
- ks0.setPassword("stsspass");
- ks0.setFile("stsstore.jks");
+ ks0.setPassword("storepass");
+ ks0.setFile("ststrust.jks");
tm0.setKeyStore(ks0);
certStores.getTrustManager().add(tm0);
config.setCertificateStores(certStores);
Modified: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java (original)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java Thu Oct 24 19:38:22 2013
@@ -65,11 +65,11 @@ public class FedizConfigurationWriterTes
private static final String CONFIG_NAME = "ROOT";
private static final String CLOCK_SKEW = "1000";
- private static final String KEYSTORE_FILE = "stsstore.jks";
+ private static final String KEYSTORE_FILE = "ststrust.jks";
private static final String JKS_TYPE = "JKS";
- private static final String KEYSTORE_PASSWORD = "stsspass";
+ private static final String KEYSTORE_PASSWORD = "storepass";
private static final String KEY_PASSWORD = "stskpass";
private static final String KEY_ALIAS = "mystskey";
@@ -282,4 +282,4 @@ public class FedizConfigurationWriterTes
}
-}
\ No newline at end of file
+}
Modified: cxf/fediz/trunk/plugins/core/src/test/resources/fediz_meta_test_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/resources/fediz_meta_test_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/resources/fediz_meta_test_config.xml (original)
+++ cxf/fediz/trunk/plugins/core/src/test/resources/fediz_meta_test_config.xml Thu Oct 24 19:38:22 2013
@@ -6,7 +6,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass"
+ <keyStore file="ststrust.jks" password="storepass"
type="JKS" />
</trustManager>
</certificateStores>
@@ -43,7 +43,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass"
+ <keyStore file="ststrust.jks" password="storepass"
type="JKS" />
</trustManager>
</certificateStores>
@@ -79,7 +79,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass"
+ <keyStore file="ststrust.jks" password="storepass"
type="JKS" />
</trustManager>
</certificateStores>
@@ -106,4 +106,4 @@
</claimTypesRequested>
</protocol>
</contextConfig>
-</FedizConfig>
\ No newline at end of file
+</FedizConfig>
Modified: cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml (original)
+++ cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml Thu Oct 24 19:38:22 2013
@@ -6,7 +6,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass"
+ <keyStore file="ststrust.jks" password="storepass"
type="JKS" />
</trustManager>
</certificateStores>
@@ -43,7 +43,7 @@
type="JKS" />
</trustManager>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass"
+ <keyStore file="ststrust.jks" password="storepass"
type="JKS" />
</trustManager>
</certificateStores>
@@ -80,7 +80,7 @@
type="JKS" />
</trustManager>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass"
+ <keyStore file="ststrust.jks" password="storepass"
type="JKS" />
</trustManager>
</certificateStores>
@@ -114,7 +114,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass"
+ <keyStore file="ststrust.jks" password="storepass"
type="JKS" />
</trustManager>
</certificateStores>
@@ -150,7 +150,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass"
+ <keyStore file="ststrust.jks" password="storepass"
type="JKS" />
</trustManager>
</certificateStores>
@@ -181,7 +181,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass"
+ <keyStore file="ststrust.jks" password="storepass"
type="JKS" />
</trustManager>
</certificateStores>
@@ -214,7 +214,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass"
+ <keyStore file="ststrust.jks" password="storepass"
type="JKS" />
</trustManager>
</certificateStores>
Copied: cxf/fediz/trunk/plugins/core/src/test/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/resources/ststrust.jks?p2=cxf/fediz/trunk/plugins/core/src/test/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.
Added: cxf/fediz/trunk/services/idp/src/main/resources/idp-ssl-trust.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/resources/idp-ssl-trust.jks?rev=1535507&view=auto
==============================================================================
Files cxf/fediz/trunk/services/idp/src/main/resources/idp-ssl-trust.jks (added) and cxf/fediz/trunk/services/idp/src/main/resources/idp-ssl-trust.jks Thu Oct 24 19:38:22 2013 differ
Modified: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml (original)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml Thu Oct 24 19:38:22 2013
@@ -55,7 +55,7 @@
<http:conduit name="*.http-conduit">
<http:tlsClientParameters disableCNCheck="true">
<sec:trustManagers>
- <sec:keyStore type="jks" password="ispass" resource="idpstore.jks"/>
+ <sec:keyStore type="jks" password="ispass" resource="idp-ssl-trust.jks"/>
</sec:trustManagers>
</http:tlsClientParameters>
</http:conduit>
Modified: cxf/fediz/trunk/services/sts/src/realms/resources/log4j.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/realms/resources/log4j.properties?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/services/sts/src/realms/resources/log4j.properties (original)
+++ cxf/fediz/trunk/services/sts/src/realms/resources/log4j.properties Thu Oct 24 19:38:22 2013
@@ -28,4 +28,4 @@ log4j.appender.AUDIT.File=${catalina.bas
log4j.appender.AUDIT.Append=true
log4j.appender.AUDIT.Threshold=DEBUG
log4j.appender.AUDIT.layout=org.apache.cxf.sts.event.LoggerPatternLayoutLog4J
-log4j.appender.AUDIT.layout.ConversionPattern=%m%n
\ No newline at end of file
+log4j.appender.AUDIT.layout.ConversionPattern=%m%n
Modified: cxf/fediz/trunk/services/sts/src/realms/resources/ststrust.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/realms/resources/ststrust.jks?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
Files cxf/fediz/trunk/services/sts/src/realms/resources/ststrust.jks (original) and cxf/fediz/trunk/services/sts/src/realms/resources/ststrust.jks Thu Oct 24 19:38:22 2013 differ
Modified: cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java (original)
+++ cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java Thu Oct 24 19:38:22 2013
@@ -39,7 +39,7 @@ public class JettyTest extends AbstractT
System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.security.web", "debug");
System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.security", "debug");
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf.fediz", "debug");
- System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf", "debug");
+ System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf", "info");
idpHttpsPort = System.getProperty("idp.https.port");
Assert.assertNotNull("Property 'idp.https.port' null", idpHttpsPort);
Modified: cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml (original)
+++ cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -10,7 +10,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+ <keyStore file="ststrust.jks" password="storepass" type="JKS" />
</trustManager>
</certificateStores>
<trustedIssuers>
@@ -39,7 +39,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+ <keyStore file="ststrust.jks" password="storepass" type="JKS" />
</trustManager>
</certificateStores>
<trustedIssuers>
Copied: cxf/fediz/trunk/systests/jetty8/src/test/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/jetty8/src/test/resources/ststrust.jks?p2=cxf/fediz/trunk/systests/jetty8/src/test/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.
Modified: cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml (original)
+++ cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -10,7 +10,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+ <keyStore file="ststrust.jks" password="storepass" type="JKS" />
</trustManager>
</certificateStores>
<trustedIssuers>
@@ -44,7 +44,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+ <keyStore file="ststrust.jks" password="storepass" type="JKS" />
</trustManager>
</certificateStores>
<trustedIssuers>
Copied: cxf/fediz/trunk/systests/spring2Webapp/src/main/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/spring2Webapp/src/main/resources/ststrust.jks?p2=cxf/fediz/trunk/systests/spring2Webapp/src/main/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.
Copied: cxf/fediz/trunk/systests/springWebapp/src/main/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/springWebapp/src/main/resources/ststrust.jks?p2=cxf/fediz/trunk/systests/springWebapp/src/main/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.
Modified: cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java (original)
+++ cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java Thu Oct 24 19:38:22 2013
@@ -74,7 +74,8 @@ public class TomcatTest extends Abstract
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient", "debug");
System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.webflow", "debug");
System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.security.web", "debug");
- System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf.fediz", "debug");
+ System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf.fediz", "debug");
+ System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf", "info");
idpHttpsPort = System.getProperty("idp.https.port");
Assert.assertNotNull("Property 'idp.https.port' null", idpHttpsPort);
Modified: cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml (original)
+++ cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -10,7 +10,7 @@
</audienceUris>
<certificateStores>
<trustManager>
- <keyStore file="test-classes/stsstore.jks" password="stsspass" type="JKS" />
+ <keyStore file="test-classes/ststrust.jks" password="storepass" type="JKS" />
</trustManager>
</certificateStores>
<trustedIssuers>
Copied: cxf/fediz/trunk/systests/tomcat7/src/test/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/tomcat7/src/test/resources/ststrust.jks?p2=cxf/fediz/trunk/systests/tomcat7/src/test/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.