Re: svn commit: r1291166 - in /cxf/trunk: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ r

Tue, 21 Feb 2012 01:37:56 -0800 

Thanks, it looks good now.

Colm.

On Mon, Feb 20, 2012 at 10:57 AM, Freeman Fang <[email protected]> wrote:
> Hi Colm,
>
> Thanks for the input, will revise it accordingly.
>
> Freeman
>
> On 2012-2-20, at 下午6:06, Colm O hEigeartaigh wrote:
>
>> Hi Freeman,
>>
>> I'm -1 to the way you are configuring this patch. WSS10 and WSS11 are
>> standard policies defined in the WS-SP 1.3 spec, and so it's not a
>> good idea to add a custom policy for these.
>>
>> The best way to configure it is to define a (boolean) tag in
>> SecurityConstants so that it can be set as a JAX-WS property.
>>
>> Colm.
>>
>> On Mon, Feb 20, 2012 at 9:51 AM,  <[email protected]> wrote:
>>>
>>> Author: ffang
>>> Date: Mon Feb 20 09:51:20 2012
>>> New Revision: 1291166
>>>
>>> URL: http://svn.apache.org/viewvc?rev=1291166&view=rev
>>> Log:
>>> [CXF-4119]support Certificates revocation check before encrypt when use
>>> CXF WS-SecurityPolicy
>>>
>>> Added:
>>>
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties
>>>
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks
>>>   (with props)
>>>
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem
>>>
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks
>>>   (with props)
>>> Modified:
>>>
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
>>>
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java
>>>
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java
>>>
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java
>>>
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java
>>>
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
>>>
>>> cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java
>>>
>>> cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
>>>
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl
>>>
>>> Modified:
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java?rev=1291166&r1=1291165&r2=1291166&view=diff
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
>>> (original)
>>> +++
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
>>> Mon Feb 20 09:51:20 2012
>>> @@ -386,6 +386,8 @@ public abstract class SPConstants {
>>>
>>>    public static final String MUST_SUPPORT_ISSUED_TOKENS =
>>> "MustSupportIssuedTokens";
>>>
>>> +    public static final String ENABLE_REVOCATION = "EnableRevocation";
>>> +
>>>    public static final String REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION
>>>        = "RequireRequestSecurityTokenCollection";
>>>
>>>
>>> Modified:
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java?rev=1291166&r1=1291165&r2=1291166&view=diff
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java
>>> (original)
>>> +++
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java
>>> Mon Feb 20 09:51:20 2012
>>> @@ -65,6 +65,8 @@ public class WSS10Builder implements Ass
>>>                    parent.setMustSupportRefExternalURI(true);
>>>                } else if
>>> (SPConstants.MUST_SUPPORT_REF_EMBEDDED_TOKEN.equals(name)) {
>>>                    parent.setMustSupportRefEmbeddedToken(true);
>>> +                } else if (SPConstants.ENABLE_REVOCATION.equals(name)) {
>>> +                    parent.setEnableRevocation(true);
>>>                }
>>>                child = DOMUtils.getNextElement(child);
>>>            }
>>>
>>> Modified:
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java?rev=1291166&r1=1291165&r2=1291166&view=diff
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java
>>> (original)
>>> +++
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java
>>> Mon Feb 20 09:51:20 2012
>>> @@ -75,6 +75,8 @@ public class WSS11Builder implements Ass
>>>
>>>                } else if
>>> (SPConstants.REQUIRE_SIGNATURE_CONFIRMATION.equals(name)) {
>>>                    parent.setRequireSignatureConfirmation(true);
>>> +                } else if (SPConstants.ENABLE_REVOCATION.equals(name)) {
>>> +                    parent.setEnableRevocation(true);
>>>                }
>>>                child = DOMUtils.getNextElement(child);
>>>            }
>>>
>>> Modified:
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java?rev=1291166&r1=1291165&r2=1291166&view=diff
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java
>>> (original)
>>> +++
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java
>>> Mon Feb 20 09:51:20 2012
>>> @@ -31,6 +31,7 @@ public class Wss10 extends AbstractSecur
>>>    private boolean mustSupportRefIssuerSerial;
>>>    private boolean mustSupportRefExternalURI;
>>>    private boolean mustSupportRefEmbeddedToken;
>>> +    private boolean enableRevocation;
>>>
>>>    public Wss10(SPConstants version) {
>>>        super(version);
>>> @@ -91,6 +92,20 @@ public class Wss10 extends AbstractSecur
>>>    public void setMustSupportRefKeyIdentifier(boolean
>>> mustSupportRefKeyIdentifier) {
>>>        this.mustSupportRefKeyIdentifier = mustSupportRefKeyIdentifier;
>>>    }
>>> +
>>> +    /**
>>> +     * @return Returns the enableRevocation.
>>> +     */
>>> +    public boolean isEnableRevocation() {
>>> +        return enableRevocation;
>>> +    }
>>> +
>>> +    /**
>>> +     * @param enableRevocation The enableRevocation to set.
>>> +     */
>>> +    public void setEnableRevocation(boolean enableRevocation) {
>>> +        this.enableRevocation = enableRevocation;
>>> +    }
>>>
>>>    public QName getRealName() {
>>>        return constants.getWSS10();
>>> @@ -150,6 +165,13 @@ public class Wss10 extends AbstractSecur
>>>            writer.writeEndElement();
>>>
>>>        }
>>> +
>>> +        if (isEnableRevocation()) {
>>> +            // <sp:EnableRevocation />
>>> +            writer.writeStartElement(prefix,
>>> SPConstants.ENABLE_REVOCATION, namespaceURI);
>>> +            writer.writeEndElement();
>>> +
>>> +        }
>>>
>>>        // </wsp:Policy>
>>>        writer.writeEndElement();
>>>
>>> Modified:
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java?rev=1291166&r1=1291165&r2=1291166&view=diff
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java
>>> (original)
>>> +++
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java
>>> Mon Feb 20 09:51:20 2012
>>> @@ -151,6 +151,13 @@ public class Wss11 extends Wss10 {
>>>            writer.writeStartElement(prefix,
>>> SPConstants.REQUIRE_SIGNATURE_CONFIRMATION, namespaceURI);
>>>            writer.writeEndElement();
>>>        }
>>> +
>>> +        if (isEnableRevocation()) {
>>> +            // <sp:EnableRevocation />
>>> +            writer.writeStartElement(prefix,
>>> SPConstants.ENABLE_REVOCATION, namespaceURI);
>>> +            writer.writeEndElement();
>>> +
>>> +        }
>>>
>>>        // </wsp:Policy>
>>>        writer.writeEndElement();
>>>
>>> Modified:
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1291166&r1=1291165&r2=1291166&view=diff
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
>>> (original)
>>> +++
>>> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
>>> Mon Feb 20 09:51:20 2012
>>> @@ -108,6 +108,7 @@ import org.apache.ws.security.WSSecurity
>>>  import org.apache.ws.security.WSUsernameTokenPrincipal;
>>>  import org.apache.ws.security.components.crypto.Crypto;
>>>  import org.apache.ws.security.components.crypto.CryptoFactory;
>>> +import org.apache.ws.security.components.crypto.CryptoType;
>>>  import org.apache.ws.security.conversation.ConversationConstants;
>>>  import org.apache.ws.security.conversation.ConversationException;
>>>  import org.apache.ws.security.handler.WSHandlerConstants;
>>> @@ -1371,9 +1372,28 @@ public abstract class AbstractBindingBui
>>>
>>>
>>>    public Crypto getEncryptionCrypto(TokenWrapper wrapper) throws
>>> WSSecurityException {
>>> -        return getCrypto(wrapper,
>>> -                         SecurityConstants.ENCRYPT_CRYPTO,
>>> -                         SecurityConstants.ENCRYPT_PROPERTIES);
>>> +        Crypto crypto = getCrypto(wrapper,
>>> SecurityConstants.ENCRYPT_CRYPTO,
>>> +                                  SecurityConstants.ENCRYPT_PROPERTIES);
>>> +        Wss10 wss10 = getWss10();
>>> +        boolean enableRevocation = wss10.isEnableRevocation();
>>> +        if (enableRevocation && crypto != null) {
>>> +            CryptoType cryptoType = new
>>> CryptoType(CryptoType.TYPE.ALIAS);
>>> +            String encrUser =
>>> (String)message.getContextualProperty(SecurityConstants.ENCRYPT_USERNAME);
>>> +            if (crypto != null && encrUser == null) {
>>> +                try {
>>> +                    encrUser = crypto.getDefaultX509Identifier();
>>> +                } catch (WSSecurityException e1) {
>>> +                    throw new Fault(e1);
>>> +                }
>>> +            }
>>> +            cryptoType.setAlias(encrUser);
>>> +            X509Certificate[] certs =
>>> crypto.getX509Certificates(cryptoType);
>>> +            if (certs != null && certs.length > 0) {
>>> +                crypto.verifyTrust(certs, enableRevocation);
>>> +            }
>>> +        }
>>> +        return crypto;
>>> +
>>>    }
>>>
>>>    public Crypto getCrypto(
>>>
>>> Modified:
>>> cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java?rev=1291166&r1=1291165&r2=1291166&view=diff
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java
>>> (original)
>>> +++
>>> cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java
>>> Mon Feb 20 09:51:20 2012
>>> @@ -39,6 +39,7 @@ public class KeystorePasswordCallback im
>>>    public KeystorePasswordCallback() {
>>>        passwords.put("alice", "password");
>>>        passwords.put("bob", "password");
>>> +        passwords.put("wss40rev", "security");
>>>    }
>>>
>>>    /**
>>>
>>> Modified:
>>> cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java?rev=1291166&r1=1291165&r2=1291166&view=diff
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
>>> (original)
>>> +++
>>> cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
>>> Mon Feb 20 09:51:20 2012
>>> @@ -489,4 +489,42 @@ public class SecurityPolicyTest extends
>>>        di.setNumberToDouble(5);
>>>        assertEquals(10, pt.doubleIt(di, 1).getDoubledNumber());
>>>    }
>>> +
>>> +    @Test
>>> +    public void testCXF4119() throws Exception {
>>> +        SpringBusFactory bf = new SpringBusFactory();
>>> +
>>> +        Bus bus = bf.createBus();
>>> +        SpringBusFactory.setDefaultBus(bus);
>>> +        SpringBusFactory.setThreadDefaultBus(bus);
>>> +
>>> +        URL wsdl =
>>> SecurityPolicyTest.class.getResource("DoubleIt.wsdl");
>>> +        Service service = Service.create(wsdl, SERVICE_QNAME);
>>> +
>>> +        DoubleItPortTypeHeader pt;
>>> +
>>> +        QName portQName = new QName(NAMESPACE, "DoubleItPortCXF4119");
>>> +        pt = service.getPort(portQName, DoubleItPortTypeHeader.class);
>>> +
>>> +        updateAddressPort(pt, PORT);
>>> +
>>>  ((BindingProvider)pt).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER,
>>> +                                                      new
>>> KeystorePasswordCallback());
>>> +
>>>  ((BindingProvider)pt).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,
>>> +
>>>  getClass().getResource("alice.properties"));
>>> +
>>>  ((BindingProvider)pt).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES,
>>> +
>>>  getClass().getResource("revocation.properties"));
>>> +
>>> +        DoubleIt di = new DoubleIt();
>>> +        di.setNumberToDouble(5);
>>> +        try {
>>> +            pt.doubleIt(di, 1);
>>> +            fail("Failure expected on a revoked certificate");
>>> +        } catch (Exception ex) {
>>> +            String errorMessage = ex.getMessage();
>>> +            // Different errors using different JDKs...
>>> +            assertTrue(errorMessage.contains("Certificate has been
>>> revoked")
>>> +                       || errorMessage.contains("Certificate
>>> revocation")
>>> +                       || errorMessage.contains("Error during
>>> certificate path validation"));
>>> +        }
>>> +    }
>>>  }
>>>
>>> Modified:
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl?rev=1291166&r1=1291165&r2=1291166&view=diff
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl
>>> (original)
>>> +++
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl
>>> Mon Feb 20 09:51:20 2012
>>> @@ -205,6 +205,24 @@
>>>            </wsdl:fault>
>>>        </wsdl:operation>
>>>    </wsdl:binding>
>>> +    <wsdl:binding name="DoubleItBindingCXF4119"
>>> type="tns:DoubleItPortType">
>>> +        <wsp:PolicyReference URI="#CXF4119" />
>>> +        <soap:binding style="document"
>>> +          transport="http://schemas.xmlsoap.org/soap/http"; />
>>> +        <wsdl:operation name="DoubleIt">
>>> +            <soap:operation soapAction="" />
>>> +            <wsdl:input>
>>> +                <soap:body use="literal" />
>>> +            </wsdl:input>
>>> +            <wsdl:output>
>>> +                <soap:body use="literal" />
>>> +            </wsdl:output>
>>> +            <wsdl:fault name="DoubleItFault">
>>> +                <soap:body use="literal" name="DoubleItFault" />
>>> +            </wsdl:fault>
>>> +        </wsdl:operation>
>>> +    </wsdl:binding>
>>> +
>>>
>>>
>>>    <wsdl:service name="DoubleItService">
>>> @@ -241,6 +259,9 @@
>>>        <wsdl:port name="DoubleItPortCXF3452"
>>> binding="tns:DoubleItBindingCXF3452">
>>>            <soap:address
>>> location="http://localhost:9010/SecPolTestCXF3452"; />
>>>        </wsdl:port>
>>> +        <wsdl:port name="DoubleItPortCXF4119"
>>> binding="tns:DoubleItBindingCXF4119">
>>> +            <soap:address
>>> location="http://localhost:9010/SecPolTestCXF4119"; />
>>> +        </wsdl:port>
>>>    </wsdl:service>
>>>
>>>    <wsp:Policy wsu:Id="DoubleItBindingPolicy">
>>> @@ -785,5 +806,63 @@
>>>            <sp:Header
>>> Namespace="http://cxf.apache.org/policytest/DoubleIt"/>
>>>        </sp:SignedParts>
>>>    </wsp:Policy>
>>> -
>>> +    <wsp:Policy wsu:Id="CXF4119">
>>> +        <wsp:ExactlyOne>
>>> +            <wsp:All>
>>> +                <sp:AsymmetricBinding
>>> +
>>>  xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>>> +                    <wsp:Policy>
>>> +                        <sp:InitiatorToken>
>>> +                            <wsp:Policy>
>>> +                                <sp:X509Token
>>> +
>>>  sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
>>> +                                    <wsp:Policy>
>>> +                                        <sp:WssX509V1Token11 />
>>> +                                    </wsp:Policy>
>>> +                                </sp:X509Token>
>>> +                            </wsp:Policy>
>>> +                        </sp:InitiatorToken>
>>> +                        <sp:RecipientToken>
>>> +                            <wsp:Policy>
>>> +                                <sp:X509Token
>>> +
>>>  sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
>>> +                                    <wsp:Policy>
>>> +                                        <sp:WssX509V1Token11 />
>>> +                                    </wsp:Policy>
>>> +                                </sp:X509Token>
>>> +                            </wsp:Policy>
>>> +                        </sp:RecipientToken>
>>> +                        <sp:AlgorithmSuite>
>>> +                            <wsp:Policy>
>>> +                                <sp:TripleDesRsa15 />
>>> +                            </wsp:Policy>
>>> +                        </sp:AlgorithmSuite>
>>> +                        <sp:Layout>
>>> +                            <wsp:Policy>
>>> +                                <sp:Lax />
>>> +                            </wsp:Policy>
>>> +                        </sp:Layout>
>>> +                        <sp:IncludeTimestamp />
>>> +                        <sp:EncryptSignature />
>>> +                        <sp:OnlySignEntireHeadersAndBody />
>>> +                        <sp:EncryptBeforeSigning />
>>> +                    </wsp:Policy>
>>> +                </sp:AsymmetricBinding>
>>> +                <sp:SignedParts
>>> +
>>>  xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>>> +                    <sp:Body />
>>> +                </sp:SignedParts>
>>> +                <sp:EncryptedParts
>>> +
>>>  xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>>> +                    <sp:Body />
>>> +                </sp:EncryptedParts>
>>> +                <sp:Wss10
>>> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>>> +                    <wsp:Policy>
>>> +                        <sp:MustSupportRefIssuerSerial />
>>> +                        <sp:EnableRevocation/>
>>> +                    </wsp:Policy>
>>> +                </sp:Wss10>
>>> +            </wsp:All>
>>> +        </wsp:ExactlyOne>
>>> +    </wsp:Policy>
>>>  </wsdl:definitions>
>>>
>>> Added:
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties?rev=1291166&view=auto
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties
>>> (added)
>>> +++
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties
>>> Mon Feb 20 09:51:20 2012
>>> @@ -0,0 +1,26 @@
>>> +#
>>> +#    Licensed to the Apache Software Foundation (ASF) under one
>>> +#    or more contributor license agreements. See the NOTICE file
>>> +#    distributed with this work for additional information
>>> +#    regarding copyright ownership. The ASF licenses this file
>>> +#    to you under the Apache License, Version 2.0 (the
>>> +#    "License"); you may not use this file except in compliance
>>> +#    with the License. You may obtain a copy of the License at
>>> +#
>>> +#    http://www.apache.org/licenses/LICENSE-2.0
>>> +#
>>> +#    Unless required by applicable law or agreed to in writing,
>>> +#    software distributed under the License is distributed on an
>>> +#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>> +#    KIND, either express or implied. See the License for the
>>> +#    specific language governing permissions and limitations
>>> +#    under the License.
>>> +#
>>>
>>> +org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
>>> +org.apache.ws.security.crypto.merlin.keystore.type=jks
>>> +org.apache.ws.security.crypto.merlin.keystore.password=security
>>> +org.apache.ws.security.crypto.merlin.keystore.alias=wss40rev
>>>
>>> +org.apache.ws.security.crypto.merlin.keystore.file=org/apache/cxf/systest/ws/security/wss40rev.jks
>>> +org.apache.ws.security.crypto.merlin.truststore.password=security
>>>
>>> +org.apache.ws.security.crypto.merlin.truststore.file=org/apache/cxf/systest/ws/security/wss40CA.jks
>>>
>>> +org.apache.ws.security.crypto.merlin.x509crl.file=org/apache/cxf/systest/ws/security/wss40CACRL.pem
>>>
>>> Added:
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks?rev=1291166&view=auto
>>>
>>> ==============================================================================
>>> Binary file - no diff available.
>>>
>>> Propchange:
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks
>>>
>>> ------------------------------------------------------------------------------
>>>   svn:mime-type = application/octet-stream
>>>
>>> Added:
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem?rev=1291166&view=auto
>>>
>>> ==============================================================================
>>> ---
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem
>>> (added)
>>> +++
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem
>>> Mon Feb 20 09:51:20 2012
>>> @@ -0,0 +1,9 @@
>>> +-----BEGIN X509 CRL-----
>>> +MIIBQTCBqzANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJERTEPMA0GA1UECBMG
>>> +QmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUxFTATBgNVBAsT
>>> +DEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyFw0xMTA1MzAxMTU0MzFaFw0y
>>> +MTA1MjcxMTU0MzFaMBQwEgIBGRcNMTEwNTMwMTE1MzU3WjANBgkqhkiG9w0BAQQF
>>> +AAOBgQB0fgOhsp2l0wL/TYiXJqXuKbkhmzQv8LFXmKKCpLSVktrXvVNCBAM9TWVJ
>>> +35SrZ9eqjoI1sQPsbWSDp+QSieasQf9VgC3P4SFhki6ZupeXqrFgdbzOsXEm0FIR
>>> +uY1WJGFrF0Co/YUM00ee8jy89jX2rDCgmonKHrKBf7CkD+R2bw==
>>> +-----END X509 CRL-----
>>>
>>> Added:
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks
>>> URL:
>>> http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks?rev=1291166&view=auto
>>>
>>> ==============================================================================
>>> Binary file - no diff available.
>>>
>>> Propchange:
>>> cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks
>>>
>>> ------------------------------------------------------------------------------
>>>   svn:mime-type = application/octet-stream
>>>
>>>
>>
>>
>>
>> --
>> Colm O hEigeartaigh
>>
>> Talend Community Coder
>> http://coders.talend.com
>
>
> ---------------------------------------------
> Freeman Fang
>
> FuseSource
> Email:[email protected]
> Web: fusesource.com
> Twitter: freemanfang
> Blog: http://freemanfang.blogspot.com
>
>
>
>
>
>
>
>
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to