Repository: cxf
Updated Branches:
refs/heads/2.7.x-fixes 837ed4c4a -> 9d402cbc9
[CXF-6327] - Adding @Ignore'd test
Conflicts:
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java
services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/DoubleIt.wsdl
services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-client.xml
services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-service.xml
services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-stax-service.xml
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/fcbb360b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/fcbb360b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/fcbb360b
Branch: refs/heads/2.7.x-fixes
Commit: fcbb360b0ac771128fd614825be986280892c2c7
Parents: 837ed4c
Author: Colm O hEigeartaigh <cohei...@apache.org>
Authored: Wed Apr 15 10:13:25 2015 +0100
Committer: Colm O hEigeartaigh <cohei...@apache.org>
Committed: Wed Apr 15 10:16:46 2015 +0100
----------------------------------------------------------------------
.../sts/transport/TransportBindingTest.java | 147 +++++++
.../cxf/systest/sts/transport/DoubleIt.wsdl | 406 +++++++++++++++++++
.../cxf/systest/sts/transport/cxf-client.xml | 55 +++
.../cxf/systest/sts/transport/cxf-service.xml | 50 +++
.../systest/sts/transport/cxf-stax-service.xml | 72 ++++
5 files changed, 730 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/fcbb360b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java
----------------------------------------------------------------------
diff --git
a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java
b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java
index bc9fb7e..8026dcb 100644
---
a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java
+++
b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java
@@ -227,6 +227,153 @@ public class TransportBindingTest extends
AbstractBusClientServerTestBase {
bus.shutdown(true);
}
+<<<<<<< HEAD
+=======
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = TransportBindingTest.class.getResource("cxf-client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = TransportBindingTest.class.getResource("DoubleIt.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItTransportSAML2Port");
+
+ Dispatch<DOMSource> dispatch =
+ service.createDispatch(portQName, DOMSource.class,
Service.Mode.PAYLOAD);
+ updateAddressPort(dispatch, test.getPort());
+
+ // Setup STSClient
+ STSClient stsClient = createDispatchSTSClient(bus);
+ String wsdlLocation = "https://localhost:"; + test.getStsPort() +
"/SecurityTokenService/Transport?wsdl";
+ stsClient.setWsdlLocation(wsdlLocation);
+
+ // Creating a DOMSource Object for the request
+ DOMSource request = createDOMRequest();
+
+ // Make a successful request
+ Client client = ((DispatchImpl<DOMSource>) dispatch).getClient();
+ client.getRequestContext().put("ws-security.username", "alice");
+ client.getRequestContext().put("ws-security.sts.client", stsClient);
+
+ if (test.isStreaming()) {
+
client.getRequestContext().put(SecurityConstants.ENABLE_STREAMING_SECURITY,
"true");
+
client.getResponseContext().put(SecurityConstants.ENABLE_STREAMING_SECURITY,
"true");
+ }
+
+ DOMSource response = dispatch.invoke(request);
+ assertNotNull(response);
+
+ bus.shutdown(true);
+ }
+
+ @org.junit.Test
+ public void testSAML2DispatchLocation() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = TransportBindingTest.class.getResource("cxf-client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = TransportBindingTest.class.getResource("DoubleIt.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE, "DoubleItTransportSAML2Port");
+
+ Dispatch<DOMSource> dispatch =
+ service.createDispatch(portQName, DOMSource.class,
Service.Mode.PAYLOAD);
+ updateAddressPort(dispatch, test.getPort());
+
+ // Setup STSClient
+ STSClient stsClient = createDispatchSTSClient(bus);
+ String location = "https://localhost:"; + test.getStsPort() +
"/SecurityTokenService/Transport";
+ stsClient.setLocation(location);
+
stsClient.setPolicy("classpath:/org/apache/cxf/systest/sts/issuer/sts-transport-policy.xml");
+
+ // Creating a DOMSource Object for the request
+ DOMSource request = createDOMRequest();
+
+ // Make a successful request
+ Client client = ((DispatchImpl<DOMSource>) dispatch).getClient();
+ client.getRequestContext().put("ws-security.username", "alice");
+ client.getRequestContext().put("ws-security.sts.client", stsClient);
+
+ if (test.isStreaming()) {
+
client.getRequestContext().put(SecurityConstants.ENABLE_STREAMING_SECURITY,
"true");
+
client.getResponseContext().put(SecurityConstants.ENABLE_STREAMING_SECURITY,
"true");
+ }
+
+ DOMSource response = dispatch.invoke(request);
+ assertNotNull(response);
+
+ bus.shutdown(true);
+ }
+
+ // TODO Not supported for now
+ @org.junit.Test
+ @org.junit.Ignore
+ public void testSAML2EndorsingX509() throws Exception {
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = TransportBindingTest.class.getResource("cxf-client.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ URL wsdl = TransportBindingTest.class.getResource("DoubleIt.wsdl");
+ Service service = Service.create(wsdl, SERVICE_QNAME);
+ QName portQName = new QName(NAMESPACE,
"DoubleItTransportSAML2X509EndorsingPort");
+ DoubleItPortType transportSaml1Port =
+ service.getPort(portQName, DoubleItPortType.class);
+ updateAddressPort(transportSaml1Port, test.getPort());
+
+ TokenTestUtils.updateSTSPort((BindingProvider)transportSaml1Port,
test.getStsPort());
+
+ if (test.isStreaming()) {
+ SecurityTestUtil.enableStreaming(transportSaml1Port);
+ }
+
+ doubleIt(transportSaml1Port, 25);
+
+ ((java.io.Closeable)transportSaml1Port).close();
+ bus.shutdown(true);
+ }
+
+ private DOMSource createDOMRequest() throws ParserConfigurationException {
+ // Creating a DOMSource Object for the request
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ Document requestDoc = db.newDocument();
+ Element root =
requestDoc.createElementNS("http://www.example.org/schema/DoubleIt";,
"ns2:DoubleIt");
+ root.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:ns2",
"http://www.example.org/schema/DoubleIt";);
+ Element number = requestDoc.createElementNS(null, "numberToDouble");
+ number.setTextContent("25");
+ root.appendChild(number);
+ requestDoc.appendChild(root);
+ return new DOMSource(requestDoc);
+ }
+
+ private STSClient createDispatchSTSClient(Bus bus) {
+ STSClient stsClient = new STSClient(bus);
+
stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService";);
+
stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Transport_Port";);
+
+ Map<String, Object> properties = new HashMap<String, Object>();
+ properties.put("ws-security.username", "alice");
+ properties.put("ws-security.callback-handler",
+
"org.apache.cxf.systest.sts.common.CommonCallbackHandler");
+ properties.put("ws-security.sts.token.username", "myclientkey");
+ properties.put("ws-security.sts.token.properties",
"clientKeystore.properties");
+ properties.put("ws-security.sts.token.usecert", "true");
+ stsClient.setProperties(properties);
+
+ return stsClient;
+ }
+
+>>>>>>> 6a41413... [CXF-6327] - Adding @Ignore'd test
private static void doubleIt(DoubleItPortType port, int numToDouble) {
int resp = port.doubleIt(numToDouble);
http://git-wip-us.apache.org/repos/asf/cxf/blob/fcbb360b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/DoubleIt.wsdl
----------------------------------------------------------------------
diff --git
a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/DoubleIt.wsdl
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/DoubleIt.wsdl
index f4342c1..bb84d91 100644
---
a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/DoubleIt.wsdl
+++
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/DoubleIt.wsdl
@@ -16,6 +16,7 @@
specific language governing permissions and limitations
under the License.
-->
+<<<<<<< HEAD
<wsdl:definitions name="DoubleIt"
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/";
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/";
xmlns:di="http://www.example.org/schema/DoubleIt";
@@ -363,4 +364,409 @@
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
+=======
+<wsdl:definitions xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/";
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/";
xmlns:di="http://www.example.org/schema/DoubleIt";
xmlns:tns="http://www.example.org/contract/DoubleIt";
xmlns:wsp="http://www.w3.org/ns/ws-policy";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata";
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";
xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512";
xmlns:wsaw="http://www.w3.org/2005/08/addressing";
xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"; name="DoubleIt"
targetNamespace="http://www.example.org/contract/DoubleIt";>
+ <wsdl:import location="src/test/resources/DoubleItLogical.wsdl"
namespace="http://www.example.org/contract/DoubleIt"/>
+ <wsdl:binding name="DoubleItTransportSAML1Binding"
type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItBindingTransportSAML1Policy"/>
+ <soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http"/>
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction=""/>
+ <wsdl:input>
+ <soap:body use="literal"/>
+ <wsp:PolicyReference
URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal"/>
+ <wsp:PolicyReference
URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:binding name="DoubleItTransportSAML2Binding"
type="tns:DoubleItPortType">
+ <wsp:PolicyReference URI="#DoubleItBindingTransportSAML2Policy"/>
+ <soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http"/>
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction=""/>
+ <wsdl:input>
+ <soap:body use="literal"/>
+ <wsp:PolicyReference
URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal"/>
+ <wsp:PolicyReference
URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:binding name="DoubleItTransportSAML1EndorsingBinding"
type="tns:DoubleItPortType">
+ <wsp:PolicyReference
URI="#DoubleItBindingTransportSAML1EndorsingPolicy"/>
+ <soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http"/>
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction=""/>
+ <wsdl:input>
+ <soap:body use="literal"/>
+ <wsp:PolicyReference
URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal"/>
+ <wsp:PolicyReference
URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:binding name="DoubleItTransportSAML2X509EndorsingBinding"
type="tns:DoubleItPortType">
+ <wsp:PolicyReference
URI="#DoubleItBindingTransportSAML2X509EndorsingPolicy"/>
+ <soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http"/>
+ <wsdl:operation name="DoubleIt">
+ <soap:operation soapAction=""/>
+ <wsdl:input>
+ <soap:body use="literal"/>
+ <wsp:PolicyReference
URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+ </wsdl:input>
+ <wsdl:output>
+ <soap:body use="literal"/>
+ <wsp:PolicyReference
URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+ </wsdl:output>
+ </wsdl:operation>
+ </wsdl:binding>
+ <wsdl:service name="DoubleItService">
+ <wsdl:port name="DoubleItTransportSAML1Port"
binding="tns:DoubleItTransportSAML1Binding">
+ <soap:address
location="https://localhost:8081/doubleit/services/doubleittransportsaml1"/>
+ </wsdl:port>
+ <wsdl:port name="DoubleItTransportSAML2Port"
binding="tns:DoubleItTransportSAML2Binding">
+ <soap:address
location="https://localhost:8081/doubleit/services/doubleittransportsaml2"/>
+ </wsdl:port>
+ <wsdl:port name="DoubleItTransportSAML1EndorsingPort"
binding="tns:DoubleItTransportSAML1EndorsingBinding">
+ <soap:address
location="https://localhost:8081/doubleit/services/doubleittransportsaml1endorsing"/>
+ </wsdl:port>
+ <wsdl:port name="DoubleItTransportSAML2X509EndorsingPort"
+ binding="tns:DoubleItTransportSAML2X509EndorsingBinding">
+ <soap:address
location="https://localhost:8081/doubleit/services/doubleittransportsaml2x509endorsing"/>
+ </wsdl:port>
+ </wsdl:service>
+ <wsp:Policy wsu:Id="DoubleItBindingTransportSAML1Policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <wsam:Addressing wsp:Optional="false">
+ <wsp:Policy/>
+ </wsam:Addressing>
+ <sp:TransportBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:IssuedToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+ <sp:RequestSecurityTokenTemplate>
+
<t:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</t:TokenType>
+
<t:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</t:KeyType>
+ </sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+ <sp:RequireInternalReference/>
+ </wsp:Policy>
+ <sp:Issuer>
+
<wsaw:Address>http://localhost:8080/STS/STSUT
+
</wsaw:Address>
+ <wsaw:Metadata>
+ <wsx:Metadata>
+ <wsx:MetadataSection>
+ <wsx:MetadataReference>
+
<wsaw:Address>http://localhost:8080/SecurityTokenService/UT/mex
+
</wsaw:Address>
+ </wsx:MetadataReference>
+ </wsx:MetadataSection>
+ </wsx:Metadata>
+ </wsaw:Metadata>
+ </sp:Issuer>
+ </sp:IssuedToken>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDes/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust13>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItBindingTransportSAML2Policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <wsam:Addressing wsp:Optional="false">
+ <wsp:Policy/>
+ </wsam:Addressing>
+ <sp:TransportBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:IssuedToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+ <sp:RequestSecurityTokenTemplate>
+
<t:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</t:TokenType>
+
<t:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</t:KeyType>
+ </sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+ <sp:RequireInternalReference/>
+ </wsp:Policy>
+ <sp:Issuer>
+
<wsaw:Address>http://localhost:8080/SecurityTokenService/UT
+
</wsaw:Address>
+ <wsaw:Metadata>
+ <wsx:Metadata>
+ <wsx:MetadataSection>
+ <wsx:MetadataReference>
+
<wsaw:Address>http://localhost:8080/SecurityTokenService/UT/mex
+
</wsaw:Address>
+ </wsx:MetadataReference>
+ </wsx:MetadataSection>
+ </wsx:Metadata>
+ </wsaw:Metadata>
+ </sp:Issuer>
+ </sp:IssuedToken>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDes/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust13>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItBindingTransportSAML1EndorsingPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <wsam:Addressing wsp:Optional="false">
+ <wsp:Policy/>
+ </wsam:Addressing>
+ <sp:TransportBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken>
+ <wsp:Policy/>
+ </sp:HttpsToken>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDes/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:EndorsingSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:IssuedToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+ <sp:RequestSecurityTokenTemplate>
+
<t:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</t:TokenType>
+
<t:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</t:KeyType>
+ </sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+ <sp:RequireInternalReference/>
+ </wsp:Policy>
+ <sp:Issuer>
+ <wsaw:Address>http://localhost:8080/STS/STSUT
+ </wsaw:Address>
+ <wsaw:Metadata>
+ <wsx:Metadata>
+ <wsx:MetadataSection>
+ <wsx:MetadataReference>
+
<wsaw:Address>http://localhost:8080/SecurityTokenService/UT/mex
+
</wsaw:Address>
+ </wsx:MetadataReference>
+ </wsx:MetadataSection>
+ </wsx:Metadata>
+ </wsaw:Metadata>
+ </sp:Issuer>
+ </sp:IssuedToken>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust13>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItBindingTransportSAML2X509EndorsingPolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <wsam:Addressing wsp:Optional="false">
+ <wsp:Policy/>
+ </wsam:Addressing>
+ <sp:TransportBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken>
+ <wsp:Policy/>
+ </sp:HttpsToken>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDes/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:EndorsingSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:IssuedToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+ <sp:RequestSecurityTokenTemplate>
+
<t:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</t:TokenType>
+
<t:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</t:KeyType>
+ </sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+ <sp:RequireInternalReference/>
+ </wsp:Policy>
+ <sp:Issuer>
+ <wsaw:Address>http://localhost:8080/STS/STSUT
+ </wsaw:Address>
+ <wsaw:Metadata>
+ <wsx:Metadata>
+ <wsx:MetadataSection>
+ <wsx:MetadataReference>
+
<wsaw:Address>http://localhost:8080/SecurityTokenService/UT/mex
+
</wsaw:Address>
+ </wsx:MetadataReference>
+ </wsx:MetadataSection>
+ </wsx:Metadata>
+ </wsaw:Metadata>
+ </sp:Issuer>
+ </sp:IssuedToken>
+ <sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ <sp:RequireIssuerSerialReference/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust13>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Input_Policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:EncryptedParts>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:SignedParts>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="AckRequested"
Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
+ <sp:Header Name="SequenceAcknowledgement"
Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
+ <sp:Header Name="Sequence"
Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
+ <sp:Header Name="CreateSequence"
Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
+ </sp:SignedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Output_Policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:EncryptedParts>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:SignedParts>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="AckRequested"
Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
+ <sp:Header Name="SequenceAcknowledgement"
Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
+ <sp:Header Name="Sequence"
Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
+ <sp:Header Name="CreateSequence"
Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
+ </sp:SignedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+>>>>>>> 6a41413... [CXF-6327] - Adding @Ignore'd test
</wsdl:definitions>
http://git-wip-us.apache.org/repos/asf/cxf/blob/fcbb360b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-client.xml
----------------------------------------------------------------------
diff --git
a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-client.xml
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-client.xml
index 78d4a23..76c8ecd 100644
---
a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-client.xml
+++
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-client.xml
@@ -54,6 +54,7 @@ http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/confi
</map>
</property>
</bean>
+<<<<<<< HEAD
<jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItTransportSAML1Port";
createdFromAPI="true">
<jaxws:properties>
@@ -109,5 +110,59 @@ http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/confi
</http:tlsClientParameters>
</http:conduit>
+=======
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItTransportSAML1Port";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.sts.client" value-ref="stsClient"/>
+ </jaxws:properties>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItTransportSAML2Port";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.sts.client">
+ <bean class="org.apache.cxf.ws.security.trust.STSClient">
+ <constructor-arg ref="cxf"/>
+ <property name="wsdlLocation"
value="https://localhost:8443/SecurityTokenService/Transport?wsdl"/>
+ <property name="serviceName"
value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService"/>
+ <property name="endpointName"
value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Transport_Port"/>
+ <property name="properties">
+ <map>
+ <entry key="ws-security.username" value="alice"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.sts.token.username"
value="myclientkey"/>
+ <entry key="ws-security.sts.token.properties"
value="clientKeystore.properties"/>
+ <entry key="ws-security.sts.token.usecert"
value="false"/>
+ </map>
+ </property>
+ </bean>
+ </entry>
+ </jaxws:properties>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItTransportSAML1EndorsingPort";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="myclientkey"/>
+ <entry key="ws-security.signature.properties"
value="clientKeystore.properties"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.sts.client" value-ref="stsClient"/>
+ </jaxws:properties>
+ </jaxws:client>
+ <jaxws:client
name="{http://www.example.org/contract/DoubleIt}DoubleItTransportSAML2X509EndorsingPort";
createdFromAPI="true">
+ <jaxws:properties>
+ <entry key="ws-security.username" value="myclientkey"/>
+ <entry key="ws-security.signature.properties"
value="clientKeystore.properties"/>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.sts.client" value-ref="stsClient"/>
+ </jaxws:properties>
+ </jaxws:client>
+ <http:conduit name="https://localhost.*";>
+ <http:tlsClientParameters disableCNCheck="true">
+ <sec:keyManagers keyPassword="ckpass">
+ <sec:keyStore type="jks" password="cspass"
resource="clientstore.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="jks" password="cspass"
resource="clientstore.jks"/>
+ </sec:trustManagers>
+ </http:tlsClientParameters>
+ </http:conduit>
+>>>>>>> 6a41413... [CXF-6327] - Adding @Ignore'd test
</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/fcbb360b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-service.xml
----------------------------------------------------------------------
diff --git
a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-service.xml
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-service.xml
index af3e48d..83b51f3 100644
---
a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-service.xml
+++
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-service.xml
@@ -16,6 +16,7 @@
specific language governing permissions and limitations
under the License.
-->
+<<<<<<< HEAD
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:cxf="http://cxf.apache.org/core";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
@@ -117,5 +118,54 @@
</httpj:engine>
</httpj:engine-factory>
+=======
+<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:cxf="http://cxf.apache.org/core";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:sec="http://cxf.apache.org/configuration/security";
xmlns:http="http://cxf.apache.org/transports/http/configuration";
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration";
xmlns:jaxws="http://cxf.apache.org/jaxws"; xsi:schemaLocation="
http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/transports/http-jetty/configuration
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd";>
+ <bean
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt";
id="doubleittransportsaml1"
implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl"
endpointName="s:DoubleItTransportSAML1Port" serviceName="s:DoubleItService"
depends-on="ClientAuthHttpsSettings"
address="https://localhost:${testutil.ports.Server}/doubleit/services/doubleittransportsaml1";
wsdlLocation="org/apache/cxf/systest/sts/transport/DoubleIt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.signature.properties"
value="serviceKeystore.properties"/>
+ <entry key="ws-security.saml1.validator">
+ <bean
class="org.apache.cxf.ws.security.trust.STSTokenValidator"/>
+ </entry>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt";
id="doubleittransportsaml2"
implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl"
endpointName="s:DoubleItTransportSAML2Port" serviceName="s:DoubleItService"
depends-on="ClientAuthHttpsSettings"
address="https://localhost:${testutil.ports.Server}/doubleit/services/doubleittransportsaml2";
wsdlLocation="org/apache/cxf/systest/sts/transport/DoubleIt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.signature.properties"
value="serviceKeystore.properties"/>
+ <entry key="ws-security.saml2.validator">
+ <bean
class="org.apache.cxf.ws.security.trust.STSTokenValidator"/>
+ </entry>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt";
id="doubleittransportsaml1endorsing"
implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl"
endpointName="s:DoubleItTransportSAML1EndorsingPort"
serviceName="s:DoubleItService" depends-on="ClientAuthHttpsSettings"
address="https://localhost:${testutil.ports.Server}/doubleit/services/doubleittransportsaml1endorsing";
wsdlLocation="org/apache/cxf/systest/sts/transport/DoubleIt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.signature.properties"
value="serviceKeystore.properties"/>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt";
id="doubleittransportsaml2x509"
implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl"
endpointName="s:DoubleItTransportSAML2X509EndorsingPort"
serviceName="s:DoubleItService" depends-on="ClientAuthHttpsSettings"
address="https://localhost:${testutil.ports.Server}/doubleit/services/doubleittransportsaml2x509endorsing";
wsdlLocation="org/apache/cxf/systest/sts/transport/DoubleIt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.signature.properties"
value="serviceKeystore.properties"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <httpj:engine-factory id="ClientAuthHttpsSettings" bus="cxf">
+ <httpj:engine port="${testutil.ports.Server}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="skpass">
+ <sec:keyStore type="jks" password="sspass"
resource="servicestore.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="jks" password="stsspass"
resource="stsstore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+>>>>>>> 6a41413... [CXF-6327] - Adding @Ignore'd test
</beans>
http://git-wip-us.apache.org/repos/asf/cxf/blob/fcbb360b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-stax-service.xml
----------------------------------------------------------------------
diff --git
a/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-stax-service.xml
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-stax-service.xml
new file mode 100644
index 0000000..f9d7a0c
--- /dev/null
+++
b/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/transport/cxf-stax-service.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:cxf="http://cxf.apache.org/core";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:sec="http://cxf.apache.org/configuration/security";
xmlns:http="http://cxf.apache.org/transports/http/configuration";
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration";
xmlns:jaxws="http://cxf.apache.org/jaxws"; xsi:schemaLocation="
http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/transports/http-jetty/configuration
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd";>
+ <bean
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt";
id="doubleittransportsaml1"
implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl"
endpointName="s:DoubleItTransportSAML1Port" serviceName="s:DoubleItService"
depends-on="ClientAuthHttpsSettings"
address="https://localhost:${testutil.ports.StaxServer}/doubleit/services/doubleittransportsaml1";
wsdlLocation="org/apache/cxf/systest/sts/transport/DoubleIt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.signature.properties"
value="serviceKeystore.properties"/>
+ <entry key="ws-security.saml1.validator">
+ <bean
class="org.apache.cxf.ws.security.trust.STSStaxTokenValidator"/>
+ </entry>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt";
id="doubleittransportsaml2"
implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl"
endpointName="s:DoubleItTransportSAML2Port" serviceName="s:DoubleItService"
depends-on="ClientAuthHttpsSettings"
address="https://localhost:${testutil.ports.StaxServer}/doubleit/services/doubleittransportsaml2";
wsdlLocation="org/apache/cxf/systest/sts/transport/DoubleIt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.signature.properties"
value="serviceKeystore.properties"/>
+ <entry key="ws-security.saml2.validator">
+ <bean
class="org.apache.cxf.ws.security.trust.STSStaxTokenValidator"/>
+ </entry>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt";
id="doubleittransportsaml1endorsing"
implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl"
endpointName="s:DoubleItTransportSAML1EndorsingPort"
serviceName="s:DoubleItService" depends-on="ClientAuthHttpsSettings"
address="https://localhost:${testutil.ports.StaxServer}/doubleit/services/doubleittransportsaml1endorsing";
wsdlLocation="org/apache/cxf/systest/sts/transport/DoubleIt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.signature.properties"
value="serviceKeystore.properties"/>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt";
id="doubleittransportsaml2x509endorsing"
implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl"
endpointName="s:DoubleItTransportSAML2X509EndorsingPort"
serviceName="s:DoubleItService" depends-on="ClientAuthHttpsSettings"
address="https://localhost:${testutil.ports.StaxServer}/doubleit/services/doubleittransportsaml2x509endorsing";
wsdlLocation="org/apache/cxf/systest/sts/transport/DoubleIt.wsdl">
+ <jaxws:properties>
+ <entry key="ws-security.callback-handler"
value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+ <entry key="ws-security.signature.properties"
value="serviceKeystore.properties"/>
+ <entry key="ws-security.is-bsp-compliant" value="false"/>
+ <entry key="ws-security.enable.streaming" value="true"/>
+ </jaxws:properties>
+ </jaxws:endpoint>
+ <httpj:engine-factory id="ClientAuthHttpsSettings" bus="cxf">
+ <httpj:engine port="${testutil.ports.StaxServer}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="skpass">
+ <sec:keyStore type="jks" password="sspass"
resource="servicestore.jks"/>
+ </sec:keyManagers>
+ <sec:trustManagers>
+ <sec:keyStore type="jks" password="stsspass"
resource="stsstore.jks"/>
+ </sec:trustManagers>
+ <sec:clientAuthentication want="true" required="true"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+</beans>
