Author: ruchithf
Date: Thu Sep 20 22:20:02 2007
New Revision: 577987
URL: http://svn.apache.org/viewvc?rev=577987&view=rev
Log:
Added a sec conv test where we establish the context using UT auth
Added:
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/sc-3.xml
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-sc-3.xml
Modified:
webservices/rampart/trunk/java/modules/rampart-integration/pom.xml
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
Modified: webservices/rampart/trunk/java/modules/rampart-integration/pom.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/pom.xml?rev=577987&r1=577986&r2=577987&view=diff
==============================================================================
--- webservices/rampart/trunk/java/modules/rampart-integration/pom.xml
(original)
+++ webservices/rampart/trunk/java/modules/rampart-integration/pom.xml Thu Sep
20 22:20:02 2007
@@ -256,7 +256,7 @@
<jar
jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC1.aar"
basedir="target/temp-ramp"/>
- <!-- Service
SC-1 -->
+ <!-- Service
SC-2 -->
<copy overwrite="yes"
file="src/test/resources/rampart/issuer.properties"
tofile="target/temp-ramp/issuer.properties"/>
@@ -266,6 +266,16 @@
<jar
jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC2.aar"
basedir="target/temp-ramp"/>
+ <!-- Service
SC-3 -->
+ <copy overwrite="yes"
+
file="src/test/resources/rampart/issuer.properties"
+
tofile="target/temp-ramp/issuer.properties"/>
+ <copy overwrite="yes"
+
file="src/test/resources/rampart/services-sc-3.xml"
+
tofile="target/temp-ramp/META-INF/services.xml"/>
+ <jar
jarfile="target/test-resources/rampart_service_repo/services/SecureServiceSC3.aar"
+ basedir="target/temp-ramp"/>
+
<!--
Set up the infra for rahas tests and the
rahas client repo
-->
Modified:
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?rev=577987&r1=577986&r2=577987&view=diff
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
Thu Sep 20 22:20:02 2007
@@ -103,7 +103,7 @@
}
- for (int i = 1; i <= 2; i++) { //<-The number of tests we have
+ for (int i = 1; i <= 3; i++) { //<-The number of tests we have
Options options = new Options();
System.out.println("Testing WS-SecConv: custom scenario " + i);
Added:
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/sc-3.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/sc-3.xml?rev=577987&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/sc-3.xml
(added)
+++
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/sc-3.xml
Thu Sep 20 22:20:02 2007
@@ -0,0 +1,98 @@
+<wsp:Policy wsu:Id="SecConvPolicy1"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+ <wsp:Policy>
+
<sp:RequireDerivedKeys/>
+
<sp:BootstrapPolicy>
+
<wsp:Policy>
+
<sp:TransportBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+
<wsp:Policy>
+
<sp:TransportToken>
+
<wsp:Policy>
+
<sp:HttpsToken RequireClientCertificate="false"/>
+
</wsp:Policy>
+
</sp:TransportToken>
+
<sp:AlgorithmSuite>
+
<wsp:Policy>
+
<sp:Basic256/>
+
</wsp:Policy>
+
</sp:AlgorithmSuite>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Lax/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
</wsp:Policy>
+
</sp:TransportBinding>
+
<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+
<wsp:Policy>
+
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
/>
+
</wsp:Policy>
+
</sp:SignedSupportingTokens>
+
</wsp:Policy>
+
</sp:BootstrapPolicy>
+ </wsp:Policy>
+
</sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ <sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>alice</ramp:user>
+ <ramp:encryptionUser>bob</ramp:encryptionUser>
+
<ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
Added:
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-sc-3.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-sc-3.xml?rev=577987&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-sc-3.xml
(added)
+++
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-sc-3.xml
Thu Sep 20 22:20:02 2007
@@ -0,0 +1,154 @@
+<service name="SecureServiceSC3">
+
+ <module ref="addressing"/>
+ <module ref="rampart"/>
+ <module ref="rahas"/>
+
+ <parameter locked="false"
name="ServiceClass">org.apache.rampart.Service</parameter>
+
+ <operation name="echo">
+ <messageReceiver
class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
+ <actionMapping>urn:echo</actionMapping>
+ </operation>
+
+ <wsp:Policy wsu:Id="SecConvPolicy2"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+ <wsp:Policy>
+
<sp:RequireDerivedKeys/>
+
<sp:BootstrapPolicy>
+
<wsp:Policy>
+
<sp:TransportBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+
<wsp:Policy>
+
<sp:TransportToken>
+
<wsp:Policy>
+
<sp:HttpsToken RequireClientCertificate="false"/>
+
</wsp:Policy>
+
</sp:TransportToken>
+
<sp:AlgorithmSuite>
+
<wsp:Policy>
+
<sp:Basic256/>
+
</wsp:Policy>
+
</sp:AlgorithmSuite>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Lax/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
</wsp:Policy>
+
</sp:TransportBinding>
+
<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+
<wsp:Policy>
+
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
/>
+
</wsp:Policy>
+
</sp:SignedSupportingTokens>
+
</wsp:Policy>
+
</sp:BootstrapPolicy>
+ </wsp:Policy>
+
</sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128Rsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss11
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ <sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>bob</ramp:user>
+ <ramp:encryptionUser>alice</ramp:encryptionUser>
+
<ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">rampart/store.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+
+ <parameter name="sct-issuer-config">
+ <sct-issuer-config>
+ <cryptoProperties>
+ <crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
+ <property
name="org.apache.ws.security.crypto.merlin.file">rampart/sts.jks</property>
+ <property
name="org.apache.ws.security.crypto.merlin.keystore.password">password</property>
+ </crypto>
+ </cryptoProperties>
+ <addRequestedAttachedRef />
+ <addRequestedUnattachedRef />
+
+ <!--
+ Key computation mechanism
+ 1 - Use Request Entropy
+ 2 - Provide Entropy
+ 3 - Use Own Key
+ -->
+ <keyComputation>3</keyComputation>
+
+ <!--
+ proofKeyType element is valid only if the keyComputation is set
to 3
+ i.e. Use Own Key
+
+ Valid values are: EncryptedKey & BinarySecret
+ -->
+ <proofKeyType>BinarySecret</proofKeyType>
+ </sct-issuer-config>
+ </parameter>
+
+ <parameter name="token-canceler-config">
+ <token-canceler-config>
+ <!--<proofToken>EncryptedKey</proofToken>-->
+
<!--<cryptoProperties>sctIssuer.properties</cryptoProperties>-->
+ <!--<addRequestedAttachedRef />-->
+ </token-canceler-config>
+ </parameter>
+
+
+</service>
