You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/05/17 11:38:59 UTC
svn commit: r1483714 [2/2] - in /cxf/branches/wss4j2.0-port: parent/
services/sts/sts-core/
services/sts/sts-core/src/main/java/org/apache/cxf/sts/event/
services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/
services/sts/sts-war/ services/s...
Modified: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java?rev=1483714&r1=1483713&r2=1483714&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java (original)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenRenewOperation.java Fri May 17 09:38:59 2013
@@ -31,6 +31,8 @@ import javax.xml.ws.WebServiceContext;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.sts.QNameConstants;
import org.apache.cxf.sts.RealmParser;
+import org.apache.cxf.sts.event.STSRenewFailureEvent;
+import org.apache.cxf.sts.event.STSRenewSuccessEvent;
import org.apache.cxf.sts.request.KeyRequirements;
import org.apache.cxf.sts.request.ReceivedToken;
import org.apache.cxf.sts.request.ReceivedToken.STATE;
@@ -51,6 +53,7 @@ import org.apache.cxf.ws.security.sts.pr
import org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType;
import org.apache.cxf.ws.security.sts.provider.operation.RenewOperation;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.springframework.context.ApplicationEvent;
/**
* An implementation of the IssueOperation interface to renew tokens.
@@ -72,105 +75,129 @@ public class TokenRenewOperation extends
public RequestSecurityTokenResponseType renew(
RequestSecurityTokenType request, WebServiceContext context
) {
- RequestParser requestParser = parseRequest(request, context);
-
- KeyRequirements keyRequirements = requestParser.getKeyRequirements();
- TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
-
- ReceivedToken renewTarget = tokenRequirements.getRenewTarget();
- if (renewTarget == null || renewTarget.getToken() == null) {
- throw new STSException("No element presented for renewal", STSException.INVALID_REQUEST);
- }
- if (tokenRequirements.getTokenType() == null) {
- LOG.fine("Received TokenType is null");
- }
-
- // Get the realm of the request
- String realm = null;
- if (stsProperties.getRealmParser() != null) {
- RealmParser realmParser = stsProperties.getRealmParser();
- realm = realmParser.parseRealm(context);
- }
-
- // Validate the request
- TokenValidatorResponse tokenResponse = validateReceivedToken(
- context, realm, tokenRequirements, renewTarget);
-
- if (tokenResponse == null) {
- LOG.fine("No Token Validator has been found that can handle this token");
- renewTarget.setState(STATE.INVALID);
- throw new STSException(
- "No Token Validator has been found that can handle this token"
- + tokenRequirements.getTokenType(),
- STSException.REQUEST_FAILED
- );
- }
-
- // Reject an invalid token
- if (tokenResponse.getToken().getState() != STATE.EXPIRED
- && tokenResponse.getToken().getState() != STATE.VALID) {
- LOG.fine("The token is not valid or expired, and so it cannot be renewed");
- throw new STSException(
- "No Token Validator has been found that can handle this token"
- + tokenRequirements.getTokenType(),
- STSException.REQUEST_FAILED
- );
- }
+ long start = System.currentTimeMillis();
+ TokenRenewerParameters renewerParameters = new TokenRenewerParameters();
- //
- // Renew the token
- //
- TokenRenewerResponse tokenRenewerResponse = null;
- TokenRenewerParameters renewerParameters = createTokenRenewerParameters(requestParser, context);
- Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
- if (additionalProperties != null) {
- renewerParameters.setAdditionalProperties(additionalProperties);
- }
- renewerParameters.setRealm(tokenResponse.getTokenRealm());
- renewerParameters.setToken(tokenResponse.getToken());
-
- realm = tokenResponse.getTokenRealm();
- for (TokenRenewer tokenRenewer : tokenRenewers) {
- boolean canHandle = false;
- if (realm == null) {
- canHandle = tokenRenewer.canHandleToken(tokenResponse.getToken());
- } else {
- canHandle = tokenRenewer.canHandleToken(tokenResponse.getToken(), realm);
+ try {
+ RequestParser requestParser = parseRequest(request, context);
+
+ KeyRequirements keyRequirements = requestParser.getKeyRequirements();
+ TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
+
+ renewerParameters.setStsProperties(stsProperties);
+ renewerParameters.setPrincipal(context.getUserPrincipal());
+ renewerParameters.setWebServiceContext(context);
+ renewerParameters.setTokenStore(getTokenStore());
+
+ renewerParameters.setKeyRequirements(keyRequirements);
+ renewerParameters.setTokenRequirements(tokenRequirements);
+
+ ReceivedToken renewTarget = tokenRequirements.getRenewTarget();
+ if (renewTarget == null || renewTarget.getToken() == null) {
+ throw new STSException("No element presented for renewal", STSException.INVALID_REQUEST);
}
- if (canHandle) {
- try {
- tokenRenewerResponse = tokenRenewer.renewToken(renewerParameters);
- } catch (STSException ex) {
- LOG.log(Level.WARNING, "", ex);
- throw ex;
- } catch (RuntimeException ex) {
- LOG.log(Level.WARNING, "", ex);
- throw new STSException(
- "Error in providing a token", ex, STSException.REQUEST_FAILED
- );
+ renewerParameters.setToken(renewTarget);
+
+ if (tokenRequirements.getTokenType() == null) {
+ LOG.fine("Received TokenType is null");
+ }
+
+ // Get the realm of the request
+ String realm = null;
+ if (stsProperties.getRealmParser() != null) {
+ RealmParser realmParser = stsProperties.getRealmParser();
+ realm = realmParser.parseRealm(context);
+ }
+ renewerParameters.setRealm(realm);
+
+ // Validate the request
+ TokenValidatorResponse tokenResponse = validateReceivedToken(
+ context, realm, tokenRequirements, renewTarget);
+
+ if (tokenResponse == null) {
+ LOG.fine("No Token Validator has been found that can handle this token");
+ renewTarget.setState(STATE.INVALID);
+ throw new STSException(
+ "No Token Validator has been found that can handle this token"
+ + tokenRequirements.getTokenType(),
+ STSException.REQUEST_FAILED
+ );
+ }
+
+ // Reject an invalid token
+ if (tokenResponse.getToken().getState() != STATE.EXPIRED
+ && tokenResponse.getToken().getState() != STATE.VALID) {
+ LOG.fine("The token is not valid or expired, and so it cannot be renewed");
+ throw new STSException(
+ "No Token Validator has been found that can handle this token"
+ + tokenRequirements.getTokenType(),
+ STSException.REQUEST_FAILED
+ );
+ }
+
+ //
+ // Renew the token
+ //
+ TokenRenewerResponse tokenRenewerResponse = null;
+ renewerParameters = createTokenRenewerParameters(requestParser, context);
+ Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
+ if (additionalProperties != null) {
+ renewerParameters.setAdditionalProperties(additionalProperties);
+ }
+ renewerParameters.setRealm(tokenResponse.getTokenRealm());
+ renewerParameters.setToken(tokenResponse.getToken());
+
+ realm = tokenResponse.getTokenRealm();
+ for (TokenRenewer tokenRenewer : tokenRenewers) {
+ boolean canHandle = false;
+ if (realm == null) {
+ canHandle = tokenRenewer.canHandleToken(tokenResponse.getToken());
+ } else {
+ canHandle = tokenRenewer.canHandleToken(tokenResponse.getToken(), realm);
+ }
+ if (canHandle) {
+ try {
+ tokenRenewerResponse = tokenRenewer.renewToken(renewerParameters);
+ } catch (STSException ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw ex;
+ } catch (RuntimeException ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw new STSException(
+ "Error in providing a token", ex, STSException.REQUEST_FAILED
+ );
+ }
+ break;
}
- break;
}
- }
- if (tokenRenewerResponse == null || tokenRenewerResponse.getToken() == null) {
- LOG.fine("No Token Renewer has been found that can handle this token");
- throw new STSException(
- "No token renewer found for requested token type", STSException.REQUEST_FAILED
- );
- }
-
- // prepare response
- try {
- EncryptionProperties encryptionProperties = renewerParameters.getEncryptionProperties();
- RequestSecurityTokenResponseType response =
- createResponse(
- encryptionProperties, tokenRenewerResponse, tokenRequirements, keyRequirements, context
+ if (tokenRenewerResponse == null || tokenRenewerResponse.getToken() == null) {
+ LOG.fine("No Token Renewer has been found that can handle this token");
+ throw new STSException(
+ "No token renewer found for requested token type", STSException.REQUEST_FAILED
);
- return response;
- } catch (Throwable ex) {
- LOG.log(Level.WARNING, "", ex);
- throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
- }
+ }
+
+ // prepare response
+ try {
+ EncryptionProperties encryptionProperties = renewerParameters.getEncryptionProperties();
+ RequestSecurityTokenResponseType response =
+ createResponse(
+ encryptionProperties, tokenRenewerResponse, tokenRequirements, keyRequirements, context
+ );
+ ApplicationEvent event = new STSRenewSuccessEvent(renewerParameters,
+ System.currentTimeMillis() - start);
+ publishEvent(event);
+ return response;
+ } catch (Throwable ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
+ }
+ } catch (RuntimeException ex) {
+ ApplicationEvent event = new STSRenewFailureEvent(renewerParameters,
+ System.currentTimeMillis() - start, ex);
+ publishEvent(event);
+ throw ex;
+ }
}
private RequestSecurityTokenResponseType createResponse(
Modified: cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java?rev=1483714&r1=1483713&r2=1483714&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java (original)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java Fri May 17 09:38:59 2013
@@ -31,6 +31,8 @@ import org.apache.cxf.sts.QNameConstants
import org.apache.cxf.sts.RealmParser;
import org.apache.cxf.sts.STSConstants;
import org.apache.cxf.sts.claims.RequestClaimCollection;
+import org.apache.cxf.sts.event.STSValidateFailureEvent;
+import org.apache.cxf.sts.event.STSValidateSuccessEvent;
import org.apache.cxf.sts.request.ReceivedToken;
import org.apache.cxf.sts.request.ReceivedToken.STATE;
import org.apache.cxf.sts.request.RequestParser;
@@ -39,6 +41,7 @@ import org.apache.cxf.sts.token.provider
import org.apache.cxf.sts.token.provider.TokenProviderParameters;
import org.apache.cxf.sts.token.provider.TokenProviderResponse;
import org.apache.cxf.sts.token.provider.TokenReference;
+import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
import org.apache.cxf.sts.token.validator.TokenValidatorResponse;
import org.apache.cxf.ws.security.sts.provider.STSException;
import org.apache.cxf.ws.security.sts.provider.model.LifetimeType;
@@ -49,6 +52,7 @@ import org.apache.cxf.ws.security.sts.pr
import org.apache.cxf.ws.security.sts.provider.model.StatusType;
import org.apache.cxf.ws.security.sts.provider.operation.ValidateOperation;
import org.apache.wss4j.common.ext.WSSecurityException;
+import org.springframework.context.ApplicationEvent;
/**
* An implementation of the ValidateOperation interface.
@@ -61,101 +65,128 @@ public class TokenValidateOperation exte
RequestSecurityTokenType request,
WebServiceContext context
) {
- RequestParser requestParser = parseRequest(request, context);
+ long start = System.currentTimeMillis();
+ TokenValidatorParameters validatorParameters = new TokenValidatorParameters();
- TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
-
- ReceivedToken validateTarget = tokenRequirements.getValidateTarget();
- if (validateTarget == null || validateTarget.getToken() == null) {
- throw new STSException("No element presented for validation", STSException.INVALID_REQUEST);
- }
- if (tokenRequirements.getTokenType() == null) {
- tokenRequirements.setTokenType(STSConstants.STATUS);
- LOG.fine(
- "Received TokenType is null, falling back to default token type: "
- + STSConstants.STATUS
- );
- }
-
- // Get the realm of the request
- String realm = null;
- if (stsProperties.getRealmParser() != null) {
- RealmParser realmParser = stsProperties.getRealmParser();
- realm = realmParser.parseRealm(context);
- }
-
- TokenValidatorResponse tokenResponse = validateReceivedToken(
- context, realm, tokenRequirements, validateTarget);
-
- if (tokenResponse == null) {
- LOG.fine("No Token Validator has been found that can handle this token");
- tokenResponse = new TokenValidatorResponse();
- validateTarget.setState(STATE.INVALID);
- tokenResponse.setToken(validateTarget);
- }
-
- //
- // Create a new token (if requested)
- //
- TokenProviderResponse tokenProviderResponse = null;
- String tokenType = tokenRequirements.getTokenType();
- if (tokenResponse.getToken().getState() == STATE.VALID
- && !STSConstants.STATUS.equals(tokenType)) {
- TokenProviderParameters providerParameters =
- createTokenProviderParameters(requestParser, context);
-
- processValidToken(providerParameters, validateTarget, tokenResponse);
-
- // Check if the requested claims can be handled by the configured claim handlers
- RequestClaimCollection requestedClaims = providerParameters.getRequestedPrimaryClaims();
- checkClaimsSupport(requestedClaims);
- requestedClaims = providerParameters.getRequestedSecondaryClaims();
- checkClaimsSupport(requestedClaims);
- providerParameters.setClaimsManager(claimsManager);
-
- Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
- if (additionalProperties != null) {
- providerParameters.setAdditionalProperties(additionalProperties);
- }
- realm = providerParameters.getRealm();
- for (TokenProvider tokenProvider : tokenProviders) {
- boolean canHandle = false;
- if (realm == null) {
- canHandle = tokenProvider.canHandleToken(tokenType);
- } else {
- canHandle = tokenProvider.canHandleToken(tokenType, realm);
+ try {
+ RequestParser requestParser = parseRequest(request, context);
+
+ TokenRequirements tokenRequirements = requestParser.getTokenRequirements();
+
+ validatorParameters.setStsProperties(stsProperties);
+ validatorParameters.setPrincipal(context.getUserPrincipal());
+ validatorParameters.setWebServiceContext(context);
+ validatorParameters.setTokenStore(getTokenStore());
+
+ //validatorParameters.setKeyRequirements(keyRequirements);
+ validatorParameters.setTokenRequirements(tokenRequirements);
+
+ ReceivedToken validateTarget = tokenRequirements.getValidateTarget();
+ if (validateTarget == null || validateTarget.getToken() == null) {
+ throw new STSException("No element presented for validation", STSException.INVALID_REQUEST);
+ }
+ validatorParameters.setToken(validateTarget);
+
+ if (tokenRequirements.getTokenType() == null) {
+ tokenRequirements.setTokenType(STSConstants.STATUS);
+ LOG.fine(
+ "Received TokenType is null, falling back to default token type: "
+ + STSConstants.STATUS
+ );
+ }
+
+ // Get the realm of the request
+ String realm = null;
+ if (stsProperties.getRealmParser() != null) {
+ RealmParser realmParser = stsProperties.getRealmParser();
+ realm = realmParser.parseRealm(context);
+ }
+ validatorParameters.setRealm(realm);
+
+ TokenValidatorResponse tokenResponse = validateReceivedToken(
+ context, realm, tokenRequirements, validateTarget);
+
+ if (tokenResponse == null) {
+ LOG.fine("No Token Validator has been found that can handle this token");
+ tokenResponse = new TokenValidatorResponse();
+ validateTarget.setState(STATE.INVALID);
+ tokenResponse.setToken(validateTarget);
+ }
+
+ //
+ // Create a new token (if requested)
+ //
+ TokenProviderResponse tokenProviderResponse = null;
+ String tokenType = tokenRequirements.getTokenType();
+ if (tokenResponse.getToken().getState() == STATE.VALID
+ && !STSConstants.STATUS.equals(tokenType)) {
+ TokenProviderParameters providerParameters =
+ createTokenProviderParameters(requestParser, context);
+
+ processValidToken(providerParameters, validateTarget, tokenResponse);
+
+ // Check if the requested claims can be handled by the configured claim handlers
+ RequestClaimCollection requestedClaims = providerParameters.getRequestedPrimaryClaims();
+ checkClaimsSupport(requestedClaims);
+ requestedClaims = providerParameters.getRequestedSecondaryClaims();
+ checkClaimsSupport(requestedClaims);
+ providerParameters.setClaimsManager(claimsManager);
+
+ Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
+ if (additionalProperties != null) {
+ providerParameters.setAdditionalProperties(additionalProperties);
}
- if (canHandle) {
- try {
- tokenProviderResponse = tokenProvider.createToken(providerParameters);
- } catch (STSException ex) {
- LOG.log(Level.WARNING, "", ex);
- throw ex;
- } catch (RuntimeException ex) {
- LOG.log(Level.WARNING, "", ex);
- throw new STSException(
- "Error in providing a token", ex, STSException.REQUEST_FAILED
- );
+ realm = providerParameters.getRealm();
+ for (TokenProvider tokenProvider : tokenProviders) {
+ boolean canHandle = false;
+ if (realm == null) {
+ canHandle = tokenProvider.canHandleToken(tokenType);
+ } else {
+ canHandle = tokenProvider.canHandleToken(tokenType, realm);
}
- break;
+ if (canHandle) {
+ try {
+ tokenProviderResponse = tokenProvider.createToken(providerParameters);
+ } catch (STSException ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw ex;
+ } catch (RuntimeException ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw new STSException(
+ "Error in providing a token", ex, STSException.REQUEST_FAILED
+ );
+ }
+ break;
+ }
+ }
+ if (tokenProviderResponse == null || tokenProviderResponse.getToken() == null) {
+ LOG.fine("No Token Provider has been found that can handle this token");
+ throw new STSException(
+ "No token provider found for requested token type: " + tokenType,
+ STSException.REQUEST_FAILED
+ );
}
}
- if (tokenProviderResponse == null || tokenProviderResponse.getToken() == null) {
- LOG.fine("No Token Provider has been found that can handle this token");
- throw new STSException(
- "No token provider found for requested token type: " + tokenType,
- STSException.REQUEST_FAILED
- );
+
+ // prepare response
+ try {
+ RequestSecurityTokenResponseType response =
+ createResponse(tokenResponse, tokenProviderResponse, tokenRequirements);
+ ApplicationEvent event = new STSValidateSuccessEvent(validatorParameters,
+ System.currentTimeMillis() - start);
+ publishEvent(event);
+ return response;
+ } catch (Throwable ex) {
+ LOG.log(Level.WARNING, "", ex);
+ throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
}
- }
-
- // prepare response
- try {
- return createResponse(tokenResponse, tokenProviderResponse, tokenRequirements);
- } catch (Throwable ex) {
- LOG.log(Level.WARNING, "", ex);
- throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
- }
+
+ } catch (RuntimeException ex) {
+ ApplicationEvent event = new STSValidateFailureEvent(validatorParameters,
+ System.currentTimeMillis() - start, ex);
+ publishEvent(event);
+ throw ex;
+ }
}
private RequestSecurityTokenResponseType createResponse(
Modified: cxf/branches/wss4j2.0-port/services/sts/sts-war/pom.xml
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-war/pom.xml?rev=1483714&r1=1483713&r2=1483714&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-war/pom.xml (original)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-war/pom.xml Fri May 17 09:38:59 2013
@@ -53,10 +53,10 @@
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
- <artifactId>slf4j-jdk14</artifactId>
+ <artifactId>slf4j-log4j12</artifactId>
+ <version>${cxf.slf4j.version}</version>
<scope>runtime</scope>
</dependency>
-
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache-core</artifactId>
Modified: cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/log4j.properties
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/log4j.properties?rev=1483714&r1=1483713&r2=1483714&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/log4j.properties (original)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/log4j.properties Fri May 17 09:38:59 2013
@@ -1,36 +1,24 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
-# Set root category priority to INFO and its only appender to CONSOLE.
-log4j.rootCategory=FATAL, CONSOLE
-#log4j.rootCategory=DEBUG, CONSOLE
+log4j.rootLogger=INFO, CONSOLE, LOGFILE
+log4j.logger.org.apache.cxf.sts.event.LoggerListener=DEBUG, AUDIT
# CONSOLE is set to be a ConsoleAppender using a PatternLayout.
log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
-log4j.appender.CONSOLE.Threshold=DEBUG
+log4j.appender.CONSOLE.Threshold=INFO
log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
-log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n
+log4j.appender.CONSOLE.layout.ConversionPattern=%d [%t] %-5p %c %x - %m%n
# LOGFILE is set to be a File appender using a PatternLayout.
log4j.appender.LOGFILE=org.apache.log4j.FileAppender
-log4j.appender.LOGFILE.File=target/wss4j.log
-log4j.appender.LOGFILE.Append=false
-log4j.appender.LOGFILE.Threshold=DEBUG
+log4j.appender.LOGFILE.File=${catalina.base}/logs/sts.log
+log4j.appender.LOGFILE.Append=true
+log4j.appender.LOGFILE.Threshold=INFO
log4j.appender.LOGFILE.layout=org.apache.log4j.PatternLayout
-log4j.appender.LOGFILE.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n
+log4j.appender.LOGFILE.layout.ConversionPattern=%d [%t] %-5p %c %x - %m%n
+
+# LOGFILE is set to be a File appender using a PatternLayout.
+log4j.appender.AUDIT=org.apache.log4j.FileAppender
+log4j.appender.AUDIT.File=${catalina.base}/logs/audit.log
+log4j.appender.AUDIT.Append=true
+log4j.appender.AUDIT.Threshold=DEBUG
+log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout
+log4j.appender.AUDIT.layout.ConversionPattern=%m%n
\ No newline at end of file
Added: cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/org.apache.cxf.Logger
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/org.apache.cxf.Logger?rev=1483714&view=auto
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/org.apache.cxf.Logger (added)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/resources/org.apache.cxf.Logger Fri May 17 09:38:59 2013
@@ -0,0 +1 @@
+org.apache.cxf.common.logging.Log4jLogger
\ No newline at end of file
Modified: cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/webapp/WEB-INF/cxf-transport.xml
URL: http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/webapp/WEB-INF/cxf-transport.xml?rev=1483714&r1=1483713&r2=1483714&view=diff
==============================================================================
--- cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/webapp/WEB-INF/cxf-transport.xml (original)
+++ cxf/branches/wss4j2.0-port/services/sts/sts-war/src/main/webapp/WEB-INF/cxf-transport.xml Fri May 17 09:38:59 2013
@@ -38,6 +38,8 @@
<cxf:logging/>
</cxf:features>
</cxf:bus>
+
+ <bean id="loggerListener" class="org.apache.cxf.sts.event.LoggerListener" />
<bean id="transportSTSProviderBean"
class="org.apache.cxf.sts.provider.DefaultSecurityTokenServiceProvider">