Author: owulff
Date: Thu Dec 22 13:47:00 2011
New Revision: 1222230
URL: http://svn.apache.org/viewvc?rev=1222230&view=rev
Log:
SAML token lifetime set to 20 minutes
Modified:
cxf/sandbox/fediz/fediz-idp-sts/src/main/webapp/WEB-INF/cxf-transport.xml
Modified:
cxf/sandbox/fediz/fediz-idp-sts/src/main/webapp/WEB-INF/cxf-transport.xml
URL:
http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-idp-sts/src/main/webapp/WEB-INF/cxf-transport.xml?rev=1222230&r1=1222229&r2=1222230&view=diff
==============================================================================
--- cxf/sandbox/fediz/fediz-idp-sts/src/main/webapp/WEB-INF/cxf-transport.xml
(original)
+++ cxf/sandbox/fediz/fediz-idp-sts/src/main/webapp/WEB-INF/cxf-transport.xml
Thu Dec 22 13:47:00 2011
@@ -17,7 +17,7 @@
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd";>
-
+
<import resource="classpath:META-INF/cxf/cxf.xml" />
<cxf:bus>
@@ -26,24 +26,22 @@
</cxf:features>
</cxf:bus>
- <bean id="transportSTSProviderBean"
+ <bean id="transportSTSProviderBean"
class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
- <property name="issueOperation" ref="transportIssueDelegate"/>
- <property name="validateOperation"
ref="transportValidateDelegate"/>
- </bean>
-
- <bean id="transportIssueDelegate"
- class="org.apache.cxf.sts.operation.TokenIssueOperation">
- <property name="tokenProviders" ref="transportTokenProviders"/>
- <property name="services" ref="transportService"/>
- <property name="stsProperties" ref="transportSTSProperties"/>
- <property name="claimsManager" ref="claimsManager"/>
- </bean>
-
- <bean id="transportValidateDelegate"
- class="org.apache.cxf.sts.operation.TokenValidateOperation">
- <property name="tokenValidators" ref="transportTokenValidators"/>
- <property name="stsProperties" ref="transportSTSProperties"/>
+ <property name="issueOperation" ref="transportIssueDelegate" />
+ <property name="validateOperation"
ref="transportValidateDelegate" />
+ </bean>
+
+ <bean id="transportIssueDelegate"
class="org.apache.cxf.sts.operation.TokenIssueOperation">
+ <property name="tokenProviders" ref="transportTokenProviders" />
+ <property name="services" ref="transportService" />
+ <property name="stsProperties" ref="transportSTSProperties" />
+ <property name="claimsManager" ref="claimsManager" />
+ </bean>
+
+ <bean id="transportValidateDelegate"
class="org.apache.cxf.sts.operation.TokenValidateOperation">
+ <property name="tokenValidators" ref="transportTokenValidators"
/>
+ <property name="stsProperties" ref="transportSTSProperties" />
</bean>
<util:list id="transportTokenProviders">
@@ -55,87 +53,86 @@
</util:list>
<bean id="transportSamlTokenProvider"
class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
- <property name="attributeStatementProviders"
ref="attributeStatementProvidersList" />
+ <property name="attributeStatementProviders"
ref="attributeStatementProvidersList" />
+ <property name="conditionsProvider" ref="conditionsProvider" />
</bean>
- <bean id="transportSamlTokenValidator"
class="org.apache.cxf.sts.token.validator.SAMLTokenValidator">
+ <bean id="conditionsProvider"
+
class="org.apache.cxf.sts.token.provider.DefaultConditionsProvider">
+ <property name="lifetime" value="1200" />
</bean>
-
- <bean id="transportX509TokenValidator"
- class="org.apache.cxf.sts.token.validator.X509TokenValidator">
- </bean>
-
- <bean id="transportUsernameTokenValidator"
-
class="org.apache.cxf.sts.token.validator.UsernameTokenValidator">
- </bean>
- <util:list id="attributeStatementProvidersList">
- <ref bean="claimsAttributeProvider"/>
+ <bean id="transportSamlTokenValidator"
class="org.apache.cxf.sts.token.validator.SAMLTokenValidator" />
+
+
+ <bean id="transportX509TokenValidator"
class="org.apache.cxf.sts.token.validator.X509TokenValidator" />
+
+
+ <bean id="transportUsernameTokenValidator"
+
class="org.apache.cxf.sts.token.validator.UsernameTokenValidator" />
+
+
+ <util:list id="attributeStatementProvidersList">
+ <ref bean="claimsAttributeProvider" />
</util:list>
-
- <bean id="defaultAttributeProvider"
-
class="org.apache.cxf.sts.token.provider.DefaultAttributeStatementProvider">
- </bean>
-
- <bean id="claimsAttributeProvider"
-
class="org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider">
- </bean>
-
- <import resource="userClaims.xml" />
-
- <bean id="claimsManager"
- class="org.apache.cxf.sts.claims.ClaimsManager">
+
+ <bean id="defaultAttributeProvider"
+
class="org.apache.cxf.sts.token.provider.DefaultAttributeStatementProvider" />
+
+
+ <bean id="claimsAttributeProvider"
+
class="org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider" />
+
+
+ <import resource="userClaims.xml" />
+
+ <bean id="claimsManager"
class="org.apache.cxf.sts.claims.ClaimsManager">
<property name="claimHandlers" ref="claimHandlerList" />
- </bean>
-
- <util:list id="claimHandlerList">
- <ref bean="fileClaimsHandler"/>
+ </bean>
+
+ <util:list id="claimHandlerList">
+ <ref bean="fileClaimsHandler" />
</util:list>
-
- <bean id="fileClaimsHandler"
- class="org.apache.cxf.fediz.service.sts.FileClaimsHandler">
-
+
+ <bean id="fileClaimsHandler"
class="org.apache.cxf.fediz.service.sts.FileClaimsHandler">
+
<property name="userClaims" ref="userClaims" />
- </bean>
-
- <import resource="passwords.xml" />
-
- <bean id="upCallBackHandler"
+ </bean>
+
+ <import resource="passwords.xml" />
+
+ <bean id="upCallBackHandler"
class="org.apache.cxf.fediz.service.sts.UsernamePasswordCallbackHandler">
<property name="passwords" ref="passwords" />
- </bean>
-
-
- <bean id="transportService"
- class="org.apache.cxf.sts.service.StaticService">
- <property name="endpoints" ref="transportEndpoints"/>
- </bean>
-
- <util:list id="transportEndpoints">
- <value>.*</value>
+ </bean>
+
+
+ <bean id="transportService"
class="org.apache.cxf.sts.service.StaticService">
+ <property name="endpoints" ref="transportEndpoints" />
+ </bean>
+
+ <util:list id="transportEndpoints">
+ <value>.*</value>
<value>https://localhost:(8081|8083)/doubleit/services/doubleittransport.*</value>
</util:list>
-
- <bean id="transportSTSProperties"
- class="org.apache.cxf.sts.StaticSTSProperties">
- <property name="signaturePropertiesFile"
value="stsKeystore.properties"/>
- <property name="signatureUsername" value="mystskey"/>
- <property name="callbackHandlerClass"
value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler"/>
- <property name="encryptionPropertiesFile"
value="stsKeystore.properties"/>
- <property name="issuer" value="DoubleItSTSIssuer"/>
- <property name="encryptionUsername" value="myservicekey"/>
- </bean>
-
- <jaxws:endpoint id="transportSTS1"
- implementor="#transportSTSProviderBean"
- address="/STSService"
- wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
- xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/";
- serviceName="ns1:SecurityTokenService"
- endpointName="ns1:TransportUT_Port">
- <jaxws:properties>
- <entry key="ws-security.callback-handler"
value-ref="upCallBackHandler"/>
- </jaxws:properties>
+
+ <bean id="transportSTSProperties"
class="org.apache.cxf.sts.StaticSTSProperties">
+ <property name="signaturePropertiesFile"
value="stsKeystore.properties" />
+ <property name="signatureUsername" value="mystskey" />
+ <property name="callbackHandlerClass"
+
value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler" />
+ <property name="encryptionPropertiesFile"
value="stsKeystore.properties" />
+ <property name="issuer" value="DoubleItSTSIssuer" />
+ <property name="encryptionUsername" value="myservicekey" />
+ </bean>
+
+ <jaxws:endpoint id="transportSTS1"
implementor="#transportSTSProviderBean"
+ address="/STSService"
wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
+ xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/";
+ serviceName="ns1:SecurityTokenService"
endpointName="ns1:TransportUT_Port">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
value-ref="upCallBackHandler" />
+ </jaxws:properties>
</jaxws:endpoint>
</beans>
