[jbossws-commits] JBossWS SVN: r18497 - in stack/cxf/trunk/modules/testsuite/cxf-tests/src/test: resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl and 1 other directory.
jbossws-commits at lists.jboss.org
jbossws-commits at lists.jboss.org
Tue Mar 11 14:16:19 EDT 2014
Author: asoldano
Date: 2014-03-11 14:16:19 -0400 (Tue, 11 Mar 2014)
New Revision: 18497
Modified:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustBearerTestCase.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/BearerService.wsdl
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/bearer-ws-trust-1.4-service.wsdl
Log:
[JBWS-3738] Some changes & cleanup for the bearer scenario with supporting token only on service endpoint policy + usual symmetric binding with UT on sts policy. Still need to check keystores' contents etc
Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustBearerTestCase.java
===================================================================
--- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustBearerTestCase.java 2014-03-11 16:31:56 UTC (rev 18496)
+++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustBearerTestCase.java 2014-03-11 18:16:19 UTC (rev 18497)
@@ -21,50 +21,25 @@
*/
package org.jboss.test.ws.jaxws.samples.wsse.policy.trust;
-import java.io.InputStream;
+import java.net.URL;
+import java.util.Map;
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+
import junit.framework.Test;
+
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
-import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.configuration.Configurer;
-import org.apache.cxf.configuration.jsse.TLSClientParameters;
-import org.apache.cxf.security.SecurityContext;
-import org.apache.cxf.transport.ConduitInitiator;
-import org.apache.cxf.transport.ConduitInitiatorManager;
-import org.apache.cxf.transport.http.HTTPConduit;
-import org.apache.cxf.transport.http.URLConnectionHTTPConduit;
import org.apache.cxf.ws.security.SecurityConstants;
-import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.trust.STSClient;
import org.jboss.test.ws.jaxws.samples.wsse.policy.trust.bearer.BearerIface;
import org.jboss.test.ws.jaxws.samples.wsse.policy.trust.shared.ClientCallbackHandler;
-import org.jboss.wsf.stack.cxf.client.configuration.BeanCustomizer;
-import org.jboss.wsf.stack.cxf.client.configuration.JBossWSConfigurer;
-import org.jboss.wsf.stack.cxf.client.configuration.JBossWSSpringBusFactory;
import org.jboss.wsf.test.JBossWSCXFTestSetup;
import org.jboss.wsf.test.JBossWSTest;
-import org.w3c.dom.Element;
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.xml.namespace.QName;
-import javax.xml.ws.BindingProvider;
-import javax.xml.ws.Service;
-import java.io.FileInputStream;
-import java.net.URL;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.cert.X509Certificate;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import org.apache.cxf.service.model.EndpointInfo;
-import org.apache.cxf.service.model.ServiceInfo;
-
/**
* A demo of using SAML Bearer key type
*
@@ -76,34 +51,13 @@
private final String serviceURL = "http://" + getServerHost()
+ ":8080/jaxws-samples-wsse-policy-trust-bearer/BearerService";
- private final String stsURL = "http://" + getServerHost()
- + ":8080/jaxws-samples-wsse-policy-trust-sts-bearer/SecurityTokenService";
public static Test suite()
{
- /** ***/
- // this must be set before testSetup is returned
- System.setProperty("javax.net.ssl.trustStore", "/home/rsearls/j1/jbossws/trunk/modules/testsuite/cxf-tests/target/test-resources/jaxws/samples/wsse/policy/trust/WEB-INF/stsstore.jks");
- System.setProperty("javax.net.ssl.trustStorePassword", "stsspass");
- System.setProperty("javax.net.ssl.trustStoreType", "jks");
- System.setProperty("org.jboss.security.ignoreHttpsHost", "true");
-
-
//deploy client, STS and service; start a security domain to be used by the STS for authenticating client
JBossWSCXFTestSetup testSetup = WSTrustTestUtils.getTestSetup(WSTrustBearerTestCase.class,
"jaxws-samples-wsse-policy-trust-client.jar jaxws-samples-wsse-policy-trust-sts-bearer.war jaxws-samples-wsse-policy-trust-bearer.war");
-
- /**
- // the server looks for the file /home/rsearls/.keystore no matter what
- // path given for keystore-path. Fails to deploy war; test never runs
- Map<String, String> sslOptions = new HashMap<String, String>();
- sslOptions.put("server-identity.ssl.keystore-path", "servicestore.jks");
- sslOptions.put("server-identity.ssl.keystore-password", "sspass");
- sslOptions.put("authentication.truststore.keystore-path", "stsstore.jks");
- sslOptions.put("authentication.truststore.keystore-password", "stsspass");
- testSetup.setHttpsConnectorRequirement(sslOptions);
- **/
return testSetup;
}
@@ -124,36 +78,21 @@
Map<String, Object> ctx = ((BindingProvider)proxy).getRequestContext();
- //jaxws-samples-wsse-policy-trust-sts-bearer
- // 8443
STSClient stsClient = new STSClient(bus);
- /**/
- //stsClient.setWsdlLocation("https://localhost:8443/jaxws-samples-wsse-policy-trust-sts-bearer/SecurityTokenService/UT?wsdl");
- //-stsClient.setWsdlLocation("http://localhost:8080/jaxws-samples-wsse-policy-trust-sts-bearer/SecurityTokenService/UT?wsdl");
- //WEB-INF/wsdl/bearer-ws-trust-1.4-service.wsdl
- URL stsWsdlURL =
- Thread.currentThread().getContextClassLoader().getResource("META-INF/bearer-ws-trust-1.4-service.wsdl");
- System.out.println("## stsWsdlURL: " + stsWsdlURL.toString());
- //.getResourceAsStream("WEB-INF/wsdl/bearer-ws-trust-1.4-service.wsdl");
- stsClient.setWsdlLocation(stsWsdlURL.toString());
-
- //stsClient.setWsdlLocation("http://localhost:8080/jaxws-samples-wsse-policy-trust-sts-bearer/SecurityTokenService?wsdl");
-
- stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService");
- stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}UT_Port");
-
- //stsClient.setServiceName("http://docs.oasis-open.org/ws-sx/ws-trust/200512/SecurityTokenService");
- // stsClient.setEndpointName("http://docs.oasis-open.org/ws-sx/ws-trust/200512/UT_Port");
- /**/
- Map<String, Object> props = stsClient.getProperties();
- props.put(SecurityConstants.USERNAME, "alice");
- props.put(SecurityConstants.CALLBACK_HANDLER, new ClientCallbackHandler());
- props.put(SecurityConstants.STS_TOKEN_USERNAME, "myclientkey");
- props.put(SecurityConstants.STS_TOKEN_PROPERTIES,
- Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
- props.put(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO, "true");
-
+ ctx.put(SecurityConstants.CALLBACK_HANDLER, new ClientCallbackHandler());
+ ctx.put(SecurityConstants.SIGNATURE_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
+ ctx.put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
+ ctx.put(SecurityConstants.SIGNATURE_USERNAME, "myclientkey");
+ ctx.put(SecurityConstants.ENCRYPT_USERNAME, "myservicekey");
+ ctx.put(appendIssuedTokenSuffix(SecurityConstants.USERNAME), "alice");
+ ctx.put(appendIssuedTokenSuffix(SecurityConstants.CALLBACK_HANDLER), new ClientCallbackHandler());
+ ctx.put(appendIssuedTokenSuffix(SecurityConstants.ENCRYPT_PROPERTIES), Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
+ ctx.put(appendIssuedTokenSuffix(SecurityConstants.ENCRYPT_USERNAME), "mystskey");
+ ctx.put(appendIssuedTokenSuffix(SecurityConstants.STS_TOKEN_USERNAME), "myclientkey");
+ ctx.put(appendIssuedTokenSuffix(SecurityConstants.STS_TOKEN_PROPERTIES), Thread.currentThread().getContextClassLoader().getResource("META-INF/clientKeystore.properties"));
+ ctx.put(appendIssuedTokenSuffix(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO), "true");
+
ctx.put(SecurityConstants.STS_CLIENT, stsClient);
@@ -164,112 +103,10 @@
assertTrue(false);
}
}
-
- public void XX_testBearer() throws Exception
+
+ private static String appendIssuedTokenSuffix(String prop)
{
- Bus bus = BusFactory.newInstance().createBus();
- try
- {
- /** **/
- // ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- //-ServiceInfo servInfo = new ServiceInfo();
- //-servInfo.setTargetNamespace("http://www.jboss.org/jbossws/ws-extensions/bearerwssecuritypolicy");
- //-servInfo.setName(new QName("http://www.jboss.org/jbossws/ws-extensions/bearerwssecuritypolicy", "BearerService"));
-
- ConduitInitiatorManager mgr = bus.getExtension(ConduitInitiatorManager.class);
- ConduitInitiator ci = null;
- ci = mgr.getConduitInitiator("http://cxf.apache.org/transports/http");
-
- URL myWsdlURL = new URL(serviceURL + "?wsdl");
- EndpointInfo endpointInfo = new EndpointInfo();
- endpointInfo.setName(new QName("http://cxf.apache.org", "TransportURIResolver"));
- endpointInfo.setAddress(myWsdlURL.toURI().toString());
- HTTPConduit httpConduit = new URLConnectionHTTPConduit(bus, endpointInfo,
- endpointInfo.getTarget());
-
- TLSClientParameters tlsParams = new TLSClientParameters();
- tlsParams.setSecureSocketProtocol("TLSv1"); // SSL .. try this
- setKeyManagers(tlsParams, "ckpass", "META-INF/clientstore.jks");
- tlsParams.setDisableCNCheck(true);
-
- /** fix this
- * FiltersType filter = new FiltersType();
- filter.getInclude().add(".*_EXPORT_.*");
- filter.getInclude().add(".*_EXPORT1024_.*");
- filter.getInclude().add(".*_WITH_DES_.*");
- filter.getInclude().add(".*_WITH_NULL_.*");
- filter.getExclude().add(".*_DH_anon_.*");
- tlsParams.setCipherSuitesFilter(filter);
-
- */
- httpConduit.setTlsClientParameters(tlsParams);
-
- JBossWSConfigurer configurer = (JBossWSConfigurer)bus.getExtension(Configurer.class);
- BeanCustomizer customizer = configurer.getCustomizer();
- customizer.customize(httpConduit);
-
- // ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-
-
- BusFactory.setThreadDefaultBus(bus);
-
- //------------------------------
- final QName serviceName = new QName("http://www.jboss.org/jbossws/ws-extensions/bearerwssecuritypolicy", "BearerService");
- final URL wsdlURL = new URL(serviceURL + "?wsdl");
- Service service = Service.create(wsdlURL, serviceName);
- BearerIface proxy = (BearerIface) service.getPort(BearerIface.class);
-
- WSTrustTestUtils.setupWsseAndSTSClientBearer((BindingProvider) proxy, bus);
-
- assertEquals("Bearer WS-Trust Hello World!", proxy.sayHello());
-
- //- proxy.sayHello();
-
-
- } catch (Exception e) { // rls added
- e.printStackTrace(); // rls added
- assertTrue(false); // rls added
- } // rls added
-
- finally
- {
- bus.shutdown(true);
- }
+ return prop + ".it";
}
-
- //
- private TLSClientParameters setKeyManagers(TLSClientParameters tlsParams,
- String keyPassword, String keyStoreLoc)
- throws KeyStoreException, Exception {
- keyStoreLoc = "META-INF/clientstore.jks";
- InputStream inStream = Thread.currentThread().getContextClassLoader()
- .getResourceAsStream(keyStoreLoc);
- KeyStore keyStore = KeyStore.getInstance("JKS");
- keyStore.load(inStream, "cspass".toCharArray());
- inStream.close();
-
-
- String alg = KeyManagerFactory.getDefaultAlgorithm();
- char[] keyPass = keyPassword != null
- ? keyPassword.toCharArray()
- : null;
- KeyManagerFactory keyMF = KeyManagerFactory.getInstance(alg);
- keyMF.init(keyStore, keyPass);
- KeyManager[] myKeyManagers = keyMF.getKeyManagers();
- tlsParams.setKeyManagers(myKeyManagers);
-
-
- inStream = Thread.currentThread().getContextClassLoader()
- .getResourceAsStream(keyStoreLoc);
- KeyStore trustStore = KeyStore.getInstance("JKS");
- trustStore.load(inStream, "cspass".toCharArray());
- inStream.close();
- TrustManagerFactory trustMF = TrustManagerFactory.getInstance(alg);
- trustMF.init(trustStore);
- TrustManager[] myTrustStoreKeyManagers = trustMF.getTrustManagers();
- tlsParams.setTrustManagers(myTrustStoreKeyManagers);
- return tlsParams;
- }
-
}
Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/BearerService.wsdl
===================================================================
--- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/BearerService.wsdl 2014-03-11 16:31:56 UTC (rev 18496)
+++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/BearerService.wsdl 2014-03-11 18:16:19 UTC (rev 18497)
@@ -38,29 +38,21 @@
<soap:operation soapAction=""/>
<input>
<soap:body use="literal"/>
- <!-- -->
- <wsp:PolicyReference URI="#Input_Policy" />
+ <!--
+ <wsp:PolicyReference URI="#Input_Policy" />-->
</input>
<output>
<soap:body use="literal"/>
- <!-- -->
- <wsp:PolicyReference URI="#Output_Policy" />
+ <!--
+ <wsp:PolicyReference URI="#Output_Policy" />-->
</output>
</operation>
</binding>
<service name="BearerService">
<port name="BearerServicePort" binding="tns:BearerServicePortBinding">
- <!-- -->
- <soap:address
- location="http://@jboss.bind.address@:8080/jaxws-samples-wsse-policy-trust-bearer/BearerService"/>
-
- <!-- rls require use the SSL address of JBoss (8443 is industry stnd address) -->
- <!--
- <soap:address
- location="https://@jboss.bind.address@:8443/jaxws-samples-wsse-policy-trust-bearer/BearerService"/>
- -->
+ <soap:address location="http://@jboss.bind.address@:8080/jaxws-samples-wsse-policy-trust-bearer/BearerService"/>
</port>
</service>
@@ -71,7 +63,7 @@
<wsam:Addressing wsp:Optional="false">
<wsp:Policy />
</wsam:Addressing>
- <!-- -->
+ <!--
<sp:TransportBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
@@ -94,7 +86,7 @@
</sp:Layout>
<sp:IncludeTimestamp />
</wsp:Policy>
- </sp:TransportBinding>
+ </sp:TransportBinding>-->
<sp:SignedSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
@@ -108,45 +100,18 @@
<wsp:Policy>
<sp:RequireInternalReference />
</wsp:Policy>
- <!--
- <sp:Issuer>
- <wsaw:Address>http://localhost:8080/SecurityTokenService/UT
- </wsaw:Address>
- <wsaw:Metadata>
- <wsx:Metadata>
- <wsx:MetadataSection>
- <wsx:MetadataReference>
- <wsaw:Address>http://localhost:8080/SecurityTokenService/UT/mex
- </wsaw:Address>
- </wsx:MetadataReference>
- </wsx:MetadataSection>
- </wsx:Metadata>
- </wsaw:Metadata>
- </sp:Issuer>
- -->
- <!--
- <wsaws:Address>http://@jboss.bind.address@:8080/jaxws-samples-wsse-policy-trust-sts-bearer/SecurityTokenService/UT</wsaws:Address>
- -->
- <!--
- <wsaws:Metadata xmlns:wsdli="http://www.w3.org/2006/01/wsdl-instance"
- wsdli:wsdlLocation="http://@jboss.bind.address@:8443/jaxws-samples-wsse-policy-trust-sts-bearer/SecurityTokenService?wsdl">
- -->
-
- <!--
- <sp:Issuer>
- <wsaws:Address>http://@jboss.bind.address@:8080/jaxws-samples-wsse-policy-trust-sts-bearer/SecurityTokenService</wsaws:Address>
-
- <wsaws:Metadata xmlns:wsdli="http://www.w3.org/2006/01/wsdl-instance"
- wsdli:wsdlLocation="http://@jboss.bind.address@:8080/jaxws-samples-wsse-policy-trust-sts-bearer/SecurityTokenService?wsdl">
-
- <wsaw:ServiceName xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
- xmlns:stsns="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
- EndpointName="UT_Port">stsns:SecurityTokenService</wsaw:ServiceName>
- </wsaws:Metadata>
- </sp:Issuer>
- -->
+ <sp:Issuer>
+ <wsaws:Address>http://@jboss.bind.address@:8080/jaxws-samples-wsse-policy-trust-sts-bearer/SecurityTokenService</wsaws:Address>
+ <wsaws:Metadata xmlns:wsdli="http://www.w3.org/2006/01/wsdl-instance"
+ wsdli:wsdlLocation="http://@jboss.bind.address@:8080/jaxws-samples-wsse-policy-trust-sts-bearer/SecurityTokenService?wsdl">
+ <wsaw:ServiceName xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
+ xmlns:stsns="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+ EndpointName="UT_Port">stsns:SecurityTokenService</wsaw:ServiceName>
+ </wsaws:Metadata>
+ </sp:Issuer>
+
</sp:IssuedToken>
</wsp:Policy>
</sp:SignedSupportingTokens>
@@ -169,65 +134,5 @@
</wsp:Policy>
- <wsp:Policy wsu:Id="Input_Policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:EncryptedParts>
- <sp:Body />
- </sp:EncryptedParts>
- <sp:SignedParts>
- <sp:Body />
- <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
- <!--
- <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="AckRequested"
- Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
- <sp:Header Name="SequenceAcknowledgement"
- Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
- <sp:Header Name="Sequence"
- Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
- <sp:Header Name="CreateSequence"
- Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
- -->
- </sp:SignedParts>
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
-
- <wsp:Policy wsu:Id="Output_Policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:EncryptedParts>
- <sp:Body />
- </sp:EncryptedParts>
- <sp:SignedParts>
- <sp:Body />
- <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
- <!--
- <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="AckRequested"
- Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
- <sp:Header Name="SequenceAcknowledgement"
- Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
- <sp:Header Name="Sequence"
- Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
- <sp:Header Name="CreateSequence"
- Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
- -->
- </sp:SignedParts>
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
-
</definitions>
Modified: stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/bearer-ws-trust-1.4-service.wsdl
===================================================================
--- stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/bearer-ws-trust-1.4-service.wsdl 2014-03-11 16:31:56 UTC (rev 18496)
+++ stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/wsdl/bearer-ws-trust-1.4-service.wsdl 2014-03-11 18:16:19 UTC (rev 18497)
@@ -13,38 +13,29 @@
xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
<wsdl:types>
- <xs:schema elementFormDefault="qualified"
- targetNamespace='http://docs.oasis-open.org/ws-sx/ws-trust/200512'>
+ <xs:schema elementFormDefault="qualified" targetNamespace='http://docs.oasis-open.org/ws-sx/ws-trust/200512'>
- <xs:element name='RequestSecurityToken'
- type='wst:AbstractRequestSecurityTokenType' />
- <xs:element name='RequestSecurityTokenResponse'
- type='wst:AbstractRequestSecurityTokenType' />
+ <xs:element name='RequestSecurityToken' type='wst:AbstractRequestSecurityTokenType' />
+ <xs:element name='RequestSecurityTokenResponse' type='wst:AbstractRequestSecurityTokenType' />
<xs:complexType name='AbstractRequestSecurityTokenType' >
<xs:sequence>
- <xs:any namespace='##any' processContents='lax'
- minOccurs='0' maxOccurs='unbounded' />
+ <xs:any namespace='##any' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
</xs:sequence>
<xs:attribute name='Context' type='xs:anyURI' use='optional' />
<xs:anyAttribute namespace='##other' processContents='lax' />
</xs:complexType>
- <xs:element name='RequestSecurityTokenCollection'
- type='wst:RequestSecurityTokenCollectionType' />
+ <xs:element name='RequestSecurityTokenCollection' type='wst:RequestSecurityTokenCollectionType' />
<xs:complexType name='RequestSecurityTokenCollectionType' >
<xs:sequence>
- <xs:element name='RequestSecurityToken'
- type='wst:AbstractRequestSecurityTokenType'
- minOccurs='2' maxOccurs='unbounded'/>
+ <xs:element name='RequestSecurityToken' type='wst:AbstractRequestSecurityTokenType' minOccurs='2' maxOccurs='unbounded'/>
</xs:sequence>
</xs:complexType>
- <xs:element name='RequestSecurityTokenResponseCollection'
- type='wst:RequestSecurityTokenResponseCollectionType' />
+ <xs:element name='RequestSecurityTokenResponseCollection' type='wst:RequestSecurityTokenResponseCollectionType' />
<xs:complexType name='RequestSecurityTokenResponseCollectionType' >
<xs:sequence>
- <xs:element ref='wst:RequestSecurityTokenResponse'
- minOccurs='1' maxOccurs='unbounded' />
+ <xs:element ref='wst:RequestSecurityTokenResponse' minOccurs='1' maxOccurs='unbounded' />
</xs:sequence>
<xs:anyAttribute namespace='##other' processContents='lax' />
</xs:complexType>
@@ -115,22 +106,20 @@
</wsdl:portType>
<wsdl:binding name="UT_Binding" type="wstrust:STS">
- <wsp:PolicyReference URI="#Bearer_Transport_policy" />
+ <wsp:PolicyReference URI="#UT_policy" />
<soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http" />
<wsdl:operation name="Issue">
<soap:operation
soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" />
<wsdl:input>
- <!-- -->
- <wsp:PolicyReference URI="#Input_policy" />
-
+ <wsp:PolicyReference
+ URI="#Input_policy" />
<soap:body use="literal" />
</wsdl:input>
<wsdl:output>
- <!-- -->
- <wsp:PolicyReference URI="#Output_policy" />
-
+ <wsp:PolicyReference
+ URI="#Output_policy" />
<soap:body use="literal" />
</wsdl:output>
</wsdl:operation>
@@ -138,15 +127,13 @@
<soap:operation
soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate" />
<wsdl:input>
- <!-- -->
- <wsp:PolicyReference URI="#Input_policy" />
-
+ <wsp:PolicyReference
+ URI="#Input_policy" />
<soap:body use="literal" />
</wsdl:input>
<wsdl:output>
- <!-- -->
- <wsp:PolicyReference URI="#Output_policy" />
-
+ <wsp:PolicyReference
+ URI="#Output_policy" />
<soap:body use="literal" />
</wsdl:output>
</wsdl:operation>
@@ -194,141 +181,132 @@
<wsdl:service name="SecurityTokenService">
<wsdl:port name="UT_Port" binding="tns:UT_Binding">
- <!--
- <soap:address location="http://localhost:8080/SecurityTokenService/UT" />
- -->
- <!-- -->
- <soap:address location="https://localhost:8443/SecurityTokenService/UT" />
-
+ <soap:address location="http://localhost:8080/SecurityTokenService/UT" />
</wsdl:port>
</wsdl:service>
-
-
- <wsp:Policy wsu:Id="Bearer_Transport_policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <wsap10:UsingAddressing />
- <!-- rls testing -->
- <sp:TransportBinding
- xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
- <wsp:Policy>
- <sp:TransportToken>
- <wsp:Policy>
- <sp:HttpsToken>
- <wsp:Policy />
- </sp:HttpsToken>
- </wsp:Policy>
- </sp:TransportToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:Basic128 />
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Lax />
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp />
- </wsp:Policy>
- </sp:TransportBinding>
-
- <sp:SignedSupportingTokens
- xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
- <wsp:Policy>
- <wsp:ExactlyOne>
- <!-- -->
- <wsp:All>
- <wsp:Policy>
+
+ <wsp:Policy wsu:Id="UT_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <wsap10:UsingAddressing/>
+ <sp:SymmetricBinding
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys />
+ <sp:RequireThumbprintReference />
+ <sp:WssX509V3Token10 />
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256 />
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax />
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp />
+ <sp:EncryptSignature />
+ <sp:OnlySignEntireHeadersAndBody />
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SignedSupportingTokens
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
<sp:UsernameToken
- sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:WssUsernameToken10 />
- </wsp:Policy>
+ sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssUsernameToken10 />
+ </wsp:Policy>
</sp:UsernameToken>
- </wsp:Policy>
- </wsp:All>
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:Wss11
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier />
+ <sp:MustSupportRefIssuerSerial />
+ <sp:MustSupportRefThumbprint />
+ <sp:MustSupportRefEncryptedKey />
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust13
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens />
+ <sp:RequireClientEntropy />
+ <sp:RequireServerEntropy />
+ </wsp:Policy>
+ </sp:Trust13>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+ <wsp:Policy wsu:Id="Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body />
+ <sp:Header Name="To"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="From"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="FaultTo"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="ReplyTo"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="MessageID"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="RelatesTo"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="Action"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ </sp:SignedParts>
+<!-- <sp:EncryptedParts
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body />
+ </sp:EncryptedParts> -->
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+ <wsp:Policy wsu:Id="Output_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body />
+ <sp:Header Name="To"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="From"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="FaultTo"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="ReplyTo"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="MessageID"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="RelatesTo"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ <sp:Header Name="Action"
+ Namespace="http://www.w3.org/2005/08/addressing" />
+ </sp:SignedParts>
+<!-- <sp:EncryptedParts
+ xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+ <sp:Body />
+ </sp:EncryptedParts>-->
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
- <wsp:All>
- <wsp:Policy>
- <sp:SamlToken
- sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:WssSamlV20Token11 />
- </wsp:Policy>
- </sp:SamlToken>
- </wsp:Policy>
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
- </sp:SignedSupportingTokens>
- <sp:Wss11
- xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier />
- <sp:MustSupportRefIssuerSerial />
- <sp:MustSupportRefThumbprint />
- <sp:MustSupportRefEncryptedKey />
- </wsp:Policy>
- </sp:Wss11>
- <sp:Trust13
- xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
- <wsp:Policy>
- <sp:MustSupportIssuedTokens />
- <sp:RequireClientEntropy />
- <sp:RequireServerEntropy />
- </wsp:Policy>
- </sp:Trust13>
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
-
- <wsp:Policy wsu:Id="Input_policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:SignedParts
- xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
- <sp:Body />
- <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
- <!--
- <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
- -->
- </sp:SignedParts>
- <sp:EncryptedParts
- xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
- <sp:Body />
- </sp:EncryptedParts>
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
-
- <wsp:Policy wsu:Id="Output_policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:SignedParts
- xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
- <sp:Body />
- <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
- <!--
- <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
- <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
- -->
- </sp:SignedParts>
- <sp:EncryptedParts
- xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
- <sp:Body />
- </sp:EncryptedParts>
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
-
</wsdl:definitions>
More information about the jbossws-commits
mailing list