Hi Freeman, I'm -1 to the way you are configuring this patch. WSS10 and WSS11 are standard policies defined in the WS-SP 1.3 spec, and so it's not a good idea to add a custom policy for these.
The best way to configure it is to define a (boolean) tag in SecurityConstants so that it can be set as a JAX-WS property. Colm. On Mon, Feb 20, 2012 at 9:51 AM, <ff...@apache.org> wrote: > Author: ffang > Date: Mon Feb 20 09:51:20 2012 > New Revision: 1291166 > > URL: http://svn.apache.org/viewvc?rev=1291166&view=rev > Log: > [CXF-4119]support Certificates revocation check before encrypt when use CXF > WS-SecurityPolicy > > Added: > > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties > > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks > (with props) > > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem > > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks > (with props) > Modified: > > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java > > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java > > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java > > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java > > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java > > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java > > cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java > > cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java > > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl > > Modified: > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java > URL: > http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java?rev=1291166&r1=1291165&r2=1291166&view=diff > ============================================================================== > --- > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java > (original) > +++ > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java > Mon Feb 20 09:51:20 2012 > @@ -386,6 +386,8 @@ public abstract class SPConstants { > > public static final String MUST_SUPPORT_ISSUED_TOKENS = > "MustSupportIssuedTokens"; > > + public static final String ENABLE_REVOCATION = "EnableRevocation"; > + > public static final String REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION > = "RequireRequestSecurityTokenCollection"; > > > Modified: > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java > URL: > http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java?rev=1291166&r1=1291165&r2=1291166&view=diff > ============================================================================== > --- > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java > (original) > +++ > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java > Mon Feb 20 09:51:20 2012 > @@ -65,6 +65,8 @@ public class WSS10Builder implements Ass > parent.setMustSupportRefExternalURI(true); > } else if > (SPConstants.MUST_SUPPORT_REF_EMBEDDED_TOKEN.equals(name)) { > parent.setMustSupportRefEmbeddedToken(true); > + } else if (SPConstants.ENABLE_REVOCATION.equals(name)) { > + parent.setEnableRevocation(true); > } > child = DOMUtils.getNextElement(child); > } > > Modified: > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java > URL: > http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java?rev=1291166&r1=1291165&r2=1291166&view=diff > ============================================================================== > --- > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java > (original) > +++ > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java > Mon Feb 20 09:51:20 2012 > @@ -75,6 +75,8 @@ public class WSS11Builder implements Ass > > } else if > (SPConstants.REQUIRE_SIGNATURE_CONFIRMATION.equals(name)) { > parent.setRequireSignatureConfirmation(true); > + } else if (SPConstants.ENABLE_REVOCATION.equals(name)) { > + parent.setEnableRevocation(true); > } > child = DOMUtils.getNextElement(child); > } > > Modified: > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java > URL: > http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java?rev=1291166&r1=1291165&r2=1291166&view=diff > ============================================================================== > --- > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java > (original) > +++ > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java > Mon Feb 20 09:51:20 2012 > @@ -31,6 +31,7 @@ public class Wss10 extends AbstractSecur > private boolean mustSupportRefIssuerSerial; > private boolean mustSupportRefExternalURI; > private boolean mustSupportRefEmbeddedToken; > + private boolean enableRevocation; > > public Wss10(SPConstants version) { > super(version); > @@ -91,6 +92,20 @@ public class Wss10 extends AbstractSecur > public void setMustSupportRefKeyIdentifier(boolean > mustSupportRefKeyIdentifier) { > this.mustSupportRefKeyIdentifier = mustSupportRefKeyIdentifier; > } > + > + /** > + * @return Returns the enableRevocation. > + */ > + public boolean isEnableRevocation() { > + return enableRevocation; > + } > + > + /** > + * @param enableRevocation The enableRevocation to set. > + */ > + public void setEnableRevocation(boolean enableRevocation) { > + this.enableRevocation = enableRevocation; > + } > > public QName getRealName() { > return constants.getWSS10(); > @@ -150,6 +165,13 @@ public class Wss10 extends AbstractSecur > writer.writeEndElement(); > > } > + > + if (isEnableRevocation()) { > + // <sp:EnableRevocation /> > + writer.writeStartElement(prefix, SPConstants.ENABLE_REVOCATION, > namespaceURI); > + writer.writeEndElement(); > + > + } > > // </wsp:Policy> > writer.writeEndElement(); > > Modified: > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java > URL: > http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java?rev=1291166&r1=1291165&r2=1291166&view=diff > ============================================================================== > --- > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java > (original) > +++ > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java > Mon Feb 20 09:51:20 2012 > @@ -151,6 +151,13 @@ public class Wss11 extends Wss10 { > writer.writeStartElement(prefix, > SPConstants.REQUIRE_SIGNATURE_CONFIRMATION, namespaceURI); > writer.writeEndElement(); > } > + > + if (isEnableRevocation()) { > + // <sp:EnableRevocation /> > + writer.writeStartElement(prefix, SPConstants.ENABLE_REVOCATION, > namespaceURI); > + writer.writeEndElement(); > + > + } > > // </wsp:Policy> > writer.writeEndElement(); > > Modified: > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java > URL: > http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1291166&r1=1291165&r2=1291166&view=diff > ============================================================================== > --- > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java > (original) > +++ > cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java > Mon Feb 20 09:51:20 2012 > @@ -108,6 +108,7 @@ import org.apache.ws.security.WSSecurity > import org.apache.ws.security.WSUsernameTokenPrincipal; > import org.apache.ws.security.components.crypto.Crypto; > import org.apache.ws.security.components.crypto.CryptoFactory; > +import org.apache.ws.security.components.crypto.CryptoType; > import org.apache.ws.security.conversation.ConversationConstants; > import org.apache.ws.security.conversation.ConversationException; > import org.apache.ws.security.handler.WSHandlerConstants; > @@ -1371,9 +1372,28 @@ public abstract class AbstractBindingBui > > > public Crypto getEncryptionCrypto(TokenWrapper wrapper) throws > WSSecurityException { > - return getCrypto(wrapper, > - SecurityConstants.ENCRYPT_CRYPTO, > - SecurityConstants.ENCRYPT_PROPERTIES); > + Crypto crypto = getCrypto(wrapper, SecurityConstants.ENCRYPT_CRYPTO, > + SecurityConstants.ENCRYPT_PROPERTIES); > + Wss10 wss10 = getWss10(); > + boolean enableRevocation = wss10.isEnableRevocation(); > + if (enableRevocation && crypto != null) { > + CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS); > + String encrUser = > (String)message.getContextualProperty(SecurityConstants.ENCRYPT_USERNAME); > + if (crypto != null && encrUser == null) { > + try { > + encrUser = crypto.getDefaultX509Identifier(); > + } catch (WSSecurityException e1) { > + throw new Fault(e1); > + } > + } > + cryptoType.setAlias(encrUser); > + X509Certificate[] certs = crypto.getX509Certificates(cryptoType); > + if (certs != null && certs.length > 0) { > + crypto.verifyTrust(certs, enableRevocation); > + } > + } > + return crypto; > + > } > > public Crypto getCrypto( > > Modified: > cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java > URL: > http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java?rev=1291166&r1=1291165&r2=1291166&view=diff > ============================================================================== > --- > cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java > (original) > +++ > cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java > Mon Feb 20 09:51:20 2012 > @@ -39,6 +39,7 @@ public class KeystorePasswordCallback im > public KeystorePasswordCallback() { > passwords.put("alice", "password"); > passwords.put("bob", "password"); > + passwords.put("wss40rev", "security"); > } > > /** > > Modified: > cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java > URL: > http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java?rev=1291166&r1=1291165&r2=1291166&view=diff > ============================================================================== > --- > cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java > (original) > +++ > cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java > Mon Feb 20 09:51:20 2012 > @@ -489,4 +489,42 @@ public class SecurityPolicyTest extends > di.setNumberToDouble(5); > assertEquals(10, pt.doubleIt(di, 1).getDoubledNumber()); > } > + > + @Test > + public void testCXF4119() throws Exception { > + SpringBusFactory bf = new SpringBusFactory(); > + > + Bus bus = bf.createBus(); > + SpringBusFactory.setDefaultBus(bus); > + SpringBusFactory.setThreadDefaultBus(bus); > + > + URL wsdl = SecurityPolicyTest.class.getResource("DoubleIt.wsdl"); > + Service service = Service.create(wsdl, SERVICE_QNAME); > + > + DoubleItPortTypeHeader pt; > + > + QName portQName = new QName(NAMESPACE, "DoubleItPortCXF4119"); > + pt = service.getPort(portQName, DoubleItPortTypeHeader.class); > + > + updateAddressPort(pt, PORT); > + > ((BindingProvider)pt).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER, > + new > KeystorePasswordCallback()); > + > ((BindingProvider)pt).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES, > + > getClass().getResource("alice.properties")); > + > ((BindingProvider)pt).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES, > + > getClass().getResource("revocation.properties")); > + > + DoubleIt di = new DoubleIt(); > + di.setNumberToDouble(5); > + try { > + pt.doubleIt(di, 1); > + fail("Failure expected on a revoked certificate"); > + } catch (Exception ex) { > + String errorMessage = ex.getMessage(); > + // Different errors using different JDKs... > + assertTrue(errorMessage.contains("Certificate has been revoked") > + || errorMessage.contains("Certificate revocation") > + || errorMessage.contains("Error during certificate > path validation")); > + } > + } > } > > Modified: > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl > URL: > http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl?rev=1291166&r1=1291165&r2=1291166&view=diff > ============================================================================== > --- > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl > (original) > +++ > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl > Mon Feb 20 09:51:20 2012 > @@ -205,6 +205,24 @@ > </wsdl:fault> > </wsdl:operation> > </wsdl:binding> > + <wsdl:binding name="DoubleItBindingCXF4119" type="tns:DoubleItPortType"> > + <wsp:PolicyReference URI="#CXF4119" /> > + <soap:binding style="document" > + transport="http://schemas.xmlsoap.org/soap/http" /> > + <wsdl:operation name="DoubleIt"> > + <soap:operation soapAction="" /> > + <wsdl:input> > + <soap:body use="literal" /> > + </wsdl:input> > + <wsdl:output> > + <soap:body use="literal" /> > + </wsdl:output> > + <wsdl:fault name="DoubleItFault"> > + <soap:body use="literal" name="DoubleItFault" /> > + </wsdl:fault> > + </wsdl:operation> > + </wsdl:binding> > + > > > <wsdl:service name="DoubleItService"> > @@ -241,6 +259,9 @@ > <wsdl:port name="DoubleItPortCXF3452" > binding="tns:DoubleItBindingCXF3452"> > <soap:address location="http://localhost:9010/SecPolTestCXF3452" > /> > </wsdl:port> > + <wsdl:port name="DoubleItPortCXF4119" > binding="tns:DoubleItBindingCXF4119"> > + <soap:address location="http://localhost:9010/SecPolTestCXF4119" > /> > + </wsdl:port> > </wsdl:service> > > <wsp:Policy wsu:Id="DoubleItBindingPolicy"> > @@ -785,5 +806,63 @@ > <sp:Header Namespace="http://cxf.apache.org/policytest/DoubleIt"/> > </sp:SignedParts> > </wsp:Policy> > - > + <wsp:Policy wsu:Id="CXF4119"> > + <wsp:ExactlyOne> > + <wsp:All> > + <sp:AsymmetricBinding > + > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> > + <wsp:Policy> > + <sp:InitiatorToken> > + <wsp:Policy> > + <sp:X509Token > + > sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> > + <wsp:Policy> > + <sp:WssX509V1Token11 /> > + </wsp:Policy> > + </sp:X509Token> > + </wsp:Policy> > + </sp:InitiatorToken> > + <sp:RecipientToken> > + <wsp:Policy> > + <sp:X509Token > + > sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> > + <wsp:Policy> > + <sp:WssX509V1Token11 /> > + </wsp:Policy> > + </sp:X509Token> > + </wsp:Policy> > + </sp:RecipientToken> > + <sp:AlgorithmSuite> > + <wsp:Policy> > + <sp:TripleDesRsa15 /> > + </wsp:Policy> > + </sp:AlgorithmSuite> > + <sp:Layout> > + <wsp:Policy> > + <sp:Lax /> > + </wsp:Policy> > + </sp:Layout> > + <sp:IncludeTimestamp /> > + <sp:EncryptSignature /> > + <sp:OnlySignEntireHeadersAndBody /> > + <sp:EncryptBeforeSigning /> > + </wsp:Policy> > + </sp:AsymmetricBinding> > + <sp:SignedParts > + > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> > + <sp:Body /> > + </sp:SignedParts> > + <sp:EncryptedParts > + > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> > + <sp:Body /> > + </sp:EncryptedParts> > + <sp:Wss10 > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> > + <wsp:Policy> > + <sp:MustSupportRefIssuerSerial /> > + <sp:EnableRevocation/> > + </wsp:Policy> > + </sp:Wss10> > + </wsp:All> > + </wsp:ExactlyOne> > + </wsp:Policy> > </wsdl:definitions> > > Added: > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties > URL: > http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties?rev=1291166&view=auto > ============================================================================== > --- > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties > (added) > +++ > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties > Mon Feb 20 09:51:20 2012 > @@ -0,0 +1,26 @@ > +# > +# Licensed to the Apache Software Foundation (ASF) under one > +# or more contributor license agreements. See the NOTICE file > +# distributed with this work for additional information > +# regarding copyright ownership. The ASF licenses this file > +# to you under the Apache License, Version 2.0 (the > +# "License"); you may not use this file except in compliance > +# with the License. You may obtain a copy of the License at > +# > +# http://www.apache.org/licenses/LICENSE-2.0 > +# > +# Unless required by applicable law or agreed to in writing, > +# software distributed under the License is distributed on an > +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY > +# KIND, either express or implied. See the License for the > +# specific language governing permissions and limitations > +# under the License. > +# > +org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin > +org.apache.ws.security.crypto.merlin.keystore.type=jks > +org.apache.ws.security.crypto.merlin.keystore.password=security > +org.apache.ws.security.crypto.merlin.keystore.alias=wss40rev > +org.apache.ws.security.crypto.merlin.keystore.file=org/apache/cxf/systest/ws/security/wss40rev.jks > +org.apache.ws.security.crypto.merlin.truststore.password=security > +org.apache.ws.security.crypto.merlin.truststore.file=org/apache/cxf/systest/ws/security/wss40CA.jks > +org.apache.ws.security.crypto.merlin.x509crl.file=org/apache/cxf/systest/ws/security/wss40CACRL.pem > > Added: > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks > URL: > http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks?rev=1291166&view=auto > ============================================================================== > Binary file - no diff available. > > Propchange: > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks > ------------------------------------------------------------------------------ > svn:mime-type = application/octet-stream > > Added: > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem > URL: > http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem?rev=1291166&view=auto > ============================================================================== > --- > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem > (added) > +++ > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem > Mon Feb 20 09:51:20 2012 > @@ -0,0 +1,9 @@ > +-----BEGIN X509 CRL----- > +MIIBQTCBqzANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJERTEPMA0GA1UECBMG > +QmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUxFTATBgNVBAsT > +DEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyFw0xMTA1MzAxMTU0MzFaFw0y > +MTA1MjcxMTU0MzFaMBQwEgIBGRcNMTEwNTMwMTE1MzU3WjANBgkqhkiG9w0BAQQF > +AAOBgQB0fgOhsp2l0wL/TYiXJqXuKbkhmzQv8LFXmKKCpLSVktrXvVNCBAM9TWVJ > +35SrZ9eqjoI1sQPsbWSDp+QSieasQf9VgC3P4SFhki6ZupeXqrFgdbzOsXEm0FIR > +uY1WJGFrF0Co/YUM00ee8jy89jX2rDCgmonKHrKBf7CkD+R2bw== > +-----END X509 CRL----- > > Added: > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks > URL: > http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks?rev=1291166&view=auto > ============================================================================== > Binary file - no diff available. > > Propchange: > cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks > ------------------------------------------------------------------------------ > svn:mime-type = application/octet-stream > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com