Author: shankar Date: Wed Aug 20 06:21:31 2008 New Revision: 687320 URL: http://svn.apache.org/viewvc?rev=687320&view=rev Log: adding test cases for WS-SecPolicy 1.2 and WS-SecConv1.3
Added:
webservices/rampart/trunk/c/samples/secpolicy/scenario27/
webservices/rampart/trunk/c/samples/secpolicy/scenario27/client-policy.xml
webservices/rampart/trunk/c/samples/secpolicy/scenario27/services.xml
webservices/rampart/trunk/c/samples/secpolicy/scenario28/
webservices/rampart/trunk/c/samples/secpolicy/scenario28/client-policy.xml
webservices/rampart/trunk/c/samples/secpolicy/scenario28/services.xml
Modified:
webservices/rampart/trunk/c/samples/secpolicy/README
webservices/rampart/trunk/c/samples/secpolicy/run_all.bat
webservices/rampart/trunk/c/samples/secpolicy/run_all.sh
Modified: webservices/rampart/trunk/c/samples/secpolicy/README
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/README?rev=687320&r1=687319&r2=687320&view=diff
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/README (original)
+++ webservices/rampart/trunk/c/samples/secpolicy/README Wed Aug 20 06:21:31
2008
@@ -65,6 +65,8 @@
24. SAML as a protection token for signing and encrypting a
message.
25. SecureConversation using Rahas module. Issue operation
is defined in rahas
26. SecureConversation using Rahas module. Issue operation
is defined in service
+27. Same as 25. With WS-SecurityPolicy1.2, WS-Trust1.3 and
WS-SecConv 1.3
+28. Same as 26. With WS-SecurityPolicy1.2, WS-Trust1.3 and
WS-SecConv 1.3
FAQ:
---
Modified: webservices/rampart/trunk/c/samples/secpolicy/run_all.bat
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/run_all.bat?rev=687320&r1=687319&r2=687320&view=diff
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/run_all.bat (original)
+++ webservices/rampart/trunk/c/samples/secpolicy/run_all.bat Wed Aug 20
06:21:31 2008
@@ -7,7 +7,7 @@
-for %%i in (1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 21 22 23 25 26) do
call test_scen.bat %_SCEN%%%i %_PORT% off
+for %%i in (1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 21 22 23 25 26 27
28) do call test_scen.bat %_SCEN%%%i %_PORT% off
taskkill /F /IM axis2_http_server.exe
echo DONE
Modified: webservices/rampart/trunk/c/samples/secpolicy/run_all.sh
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/run_all.sh?rev=687320&r1=687319&r2=687320&view=diff
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/run_all.sh (original)
+++ webservices/rampart/trunk/c/samples/secpolicy/run_all.sh Wed Aug 20
06:21:31 2008
@@ -4,7 +4,7 @@
_PORT=9090
_SLEEP=2
#You may change these to scenarios u need to run
-_LST="1 2 3 4 5 6 7 8 9 10 11 12 13 15 16 17 18 19 21 22 23 25 26"
+_LST="1 2 3 4 5 6 7 8 9 10 11 12 13 15 16 17 18 19 21 22 23 25 26 27 28"
if [ $# -eq 1 ]
then
Added:
webservices/rampart/trunk/c/samples/secpolicy/scenario27/client-policy.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/scenario27/client-policy.xml?rev=687320&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/scenario27/client-policy.xml
(added)
+++ webservices/rampart/trunk/c/samples/secpolicy/scenario27/client-policy.xml
Wed Aug 20 06:21:31 2008
@@ -0,0 +1,158 @@
+<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:EncryptionToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:BootstrapPolicy>
+
<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+
<wsp:ExactlyOne>
+
<wsp:All>
+
<sp:AsymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<wsp:Policy>
+
<sp:InitiatorToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:InitiatorToken>
+
<sp:RecipientToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Strict/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
</wsp:Policy>
+
</sp:AsymmetricBinding>
+
<rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+
<rampc:TimeToLive>360</rampc:TimeToLive>
+
</rampc:RampartConfig>
+
</wsp:All>
+
</wsp:ExactlyOne>
+
</wsp:Policy>
+
</sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:EncryptionToken>
+ <sp:SignatureToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:BootstrapPolicy>
+
<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+
<wsp:ExactlyOne>
+
<wsp:All>
+
<sp:AsymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<wsp:Policy>
+
<sp:InitiatorToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:InitiatorToken>
+
<sp:RecipientToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Strict/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
</wsp:Policy>
+
</sp:AsymmetricBinding>
+
<rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+
<rampc:TimeToLive>360</rampc:TimeToLive>
+
</rampc:RampartConfig>
+
</wsp:All>
+
</wsp:ExactlyOne>
+
</wsp:Policy>
+
+
</sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:SignatureToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ <sp:EncryptSignature/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SignedSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+ <wsp:Policy>
+ <sp:WssUsernameToken10/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:Wss11
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+ <rampc:User>Alice</rampc:User>
+ <rampc:TimeToLive>360</rampc:TimeToLive>
+ <rampc:PasswordType>Digest</rampc:PasswordType>
+
<rampc:PasswordCallbackClass>AXIS2C_HOME/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
+ </rampc:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
Added: webservices/rampart/trunk/c/samples/secpolicy/scenario27/services.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/scenario27/services.xml?rev=687320&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/scenario27/services.xml
(added)
+++ webservices/rampart/trunk/c/samples/secpolicy/scenario27/services.xml Wed
Aug 20 06:21:31 2008
@@ -0,0 +1,81 @@
+<service name="sec_echo">
+ <parameter name="ServiceClass" locked="xsd:false">sec_echo</parameter>
+
+ <description>
+ This is a testing service , to test the system is working or not
+ </description>
+ <module ref="rampart"/>
+ <module ref="rahas"/>
+
+ <operation name="echoString">
+ <parameter
name="wsamapping">http://example.com/ws/2004/09/policy/Test/EchoRequest</parameter>
+ <wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:EncryptionToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:SC13SecurityContextToken/>
+
</wsp:Policy>
+
</sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:EncryptionToken>
+ <sp:SignatureToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:SC13SecurityContextToken/>
+
</wsp:Policy>
+
</sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:SignatureToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+
<sp:OnlySignEntireHeadersAndBody/>
+ <sp:EncryptSignature/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SignedSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always"/>
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:Wss10
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+
<sp:MustSupportRefEmbeddedToken/>
+
<sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+ <rampc:User>Bob</rampc:User>
+
<rampc:PasswordType>Digest</rampc:PasswordType>
+
<rampc:PasswordCallbackClass>AXIS2C_HOME/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
+ </rampc:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ </operation>
+
+
+
+</service>
Added:
webservices/rampart/trunk/c/samples/secpolicy/scenario28/client-policy.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/scenario28/client-policy.xml?rev=687320&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/scenario28/client-policy.xml
(added)
+++ webservices/rampart/trunk/c/samples/secpolicy/scenario28/client-policy.xml
Wed Aug 20 06:21:31 2008
@@ -0,0 +1,224 @@
+<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:EncryptionToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:BootstrapPolicy>
+
<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+
<wsp:ExactlyOne>
+
<wsp:All>
+
<sp:SymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<wsp:Policy>
+
<sp:ProtectionToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:RequireDerivedKeys/>
+
<sp:RequireThumbprintReference/>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:ProtectionToken>
+
<sp:AlgorithmSuite>
+
<wsp:Policy>
+
<sp:Basic256/>
+
</wsp:Policy>
+
</sp:AlgorithmSuite>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Strict/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
<sp:EncryptSignature/>
+
<sp:OnlySignEntireHeadersAndBody/>
+
</wsp:Policy>
+
</sp:SymmetricBinding>
+
<sp:SignedSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<wsp:Policy>
+
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssUsernameToken10/>
+
</wsp:Policy>
+
</sp:UsernameToken>
+
</wsp:Policy>
+
</sp:SignedSupportingTokens>
+
<sp:Trust13
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens />
+ <sp:RequireClientEntropy />
+ <sp:RequireServerEntropy />
+ </wsp:Policy>
+ </sp:Trust13>
+
<sp:Wss11
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+
<sp:MustSupportRefIssuerSerial/>
+
<sp:MustSupportRefThumbprint/>
+
<sp:MustSupportRefEncryptedKey/>
+
</wsp:Policy>
+
</sp:Wss11>
+
<!--sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<sp:Body/>
+
</sp:EncryptedParts-->
+
<sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<sp:Body/>
+
<sp:Header
Namespace="http://www.w3.org/2005/08/addressing"/>
+
</sp:SignedParts>
+
<rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+
<rampc:User>Alice</rampc:User>
+
<rampc:TimeToLive>360</rampc:TimeToLive>
+
<rampc:EncryptionUser>a</rampc:EncryptionUser>
+
<rampc:PasswordType>Digest</rampc:PasswordType>
+
<rampc:PasswordCallbackClass>AXIS2C_HOME/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
+
<rampc:ReceiverCertificate>AXIS2C_HOME/bin/samples/rampart/keys/ahome/bob_cert.cert</rampc:ReceiverCertificate>
+
<rampc:Certificate>AXIS2C_HOME/bin/samples/rampart/keys/ahome/alice_cert.cert</rampc:Certificate>
+
<rampc:PrivateKey>AXIS2C_HOME/bin/samples/rampart/keys/ahome/alice_key.pem</rampc:PrivateKey>
+
</rampc:RampartConfig>
+
</wsp:All>
+
</wsp:ExactlyOne>
+
</wsp:Policy>
+
</sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:EncryptionToken>
+ <sp:SignatureToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:BootstrapPolicy>
+
<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+
<wsp:ExactlyOne>
+
<wsp:All>
+
<sp:SymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<wsp:Policy>
+
<sp:ProtectionToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:RequireDerivedKeys/>
+
<sp:RequireThumbprintReference/>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:ProtectionToken>
+
<sp:AlgorithmSuite>
+
<wsp:Policy>
+
<sp:Basic256/>
+
</wsp:Policy>
+
</sp:AlgorithmSuite>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Strict/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
<sp:EncryptSignature/>
+
<sp:OnlySignEntireHeadersAndBody/>
+
</wsp:Policy>
+
</sp:SymmetricBinding>
+
<sp:SignedSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<wsp:Policy>
+
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssUsernameToken10/>
+
</wsp:Policy>
+
</sp:UsernameToken>
+
</wsp:Policy>
+
</sp:SignedSupportingTokens>
+
<sp:Trust13
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens />
+ <sp:RequireClientEntropy />
+ <sp:RequireServerEntropy />
+ </wsp:Policy>
+ </sp:Trust13>
+
<sp:Wss11
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+
<sp:MustSupportRefIssuerSerial/>
+
<sp:MustSupportRefThumbprint/>
+
<sp:MustSupportRefEncryptedKey/>
+
</wsp:Policy>
+
</sp:Wss11>
+
<!--sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<sp:Body/>
+
</sp:EncryptedParts-->
+
<sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<sp:Body/>
+
<sp:Header
Namespace="http://www.w3.org/2005/08/addressing"/>
+
</sp:SignedParts>
+
<rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+
<rampc:User>Alice</rampc:User>
+
<rampc:TimeToLive>360</rampc:TimeToLive>
+
<rampc:EncryptionUser>a</rampc:EncryptionUser>
+
<rampc:PasswordType>Digest</rampc:PasswordType>
+
<rampc:PasswordCallbackClass>AXIS2C_HOME/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
+
<rampc:ReceiverCertificate>AXIS2C_HOME/bin/samples/rampart/keys/ahome/bob_cert.cert</rampc:ReceiverCertificate>
+
<rampc:Certificate>AXIS2C_HOME/bin/samples/rampart/keys/ahome/alice_cert.cert</rampc:Certificate>
+
<rampc:PrivateKey>AXIS2C_HOME/bin/samples/rampart/keys/ahome/alice_key.pem</rampc:PrivateKey>
+
</rampc:RampartConfig>
+
</wsp:All>
+
</wsp:ExactlyOne>
+
</wsp:Policy>
+
+
</sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:SignatureToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ <sp:EncryptSignature/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SignedSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+ <wsp:Policy>
+ <sp:WssUsernameToken10/>
+ </wsp:Policy>
+ </sp:UsernameToken>
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:Wss11
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+ <rampc:User>Alice</rampc:User>
+ <rampc:TimeToLive>360</rampc:TimeToLive>
+ <rampc:PasswordType>Digest</rampc:PasswordType>
+
<rampc:PasswordCallbackClass>AXIS2C_HOME/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
+ </rampc:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
Added: webservices/rampart/trunk/c/samples/secpolicy/scenario28/services.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/scenario28/services.xml?rev=687320&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/scenario28/services.xml
(added)
+++ webservices/rampart/trunk/c/samples/secpolicy/scenario28/services.xml Wed
Aug 20 06:21:31 2008
@@ -0,0 +1,231 @@
+<service name="sec_echo">
+ <parameter name="ServiceClass" locked="xsd:false">sec_echo</parameter>
+
+ <description>
+ This is a testing service , to test the system is working or not
+ </description>
+ <module ref="rampart"/>
+ <module ref="rahas"/>
+
+ <operation name="SecConv13Issue">
+ <parameter
name="wsamapping">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT</parameter>
+ <wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:RequireDerivedKeys/>
+
<sp:RequireThumbprintReference/>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+
<sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SignedSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always"/>
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:Wss10
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+
<sp:MustSupportRefEmbeddedToken/>
+
<sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:Trust13
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens />
+ <sp:RequireClientEntropy />
+ <sp:RequireServerEntropy />
+ </wsp:Policy>
+ </sp:Trust13>
+ <!--sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts-->
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:SignedParts>
+ <rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+ <rampc:User>Bob</rampc:User>
+
<rampc:TimeToLive>360</rampc:TimeToLive>
+
<rampc:EncryptionUser>b</rampc:EncryptionUser>
+
<rampc:PasswordType>Digest</rampc:PasswordType>
+
<rampc:PasswordCallbackClass>AXIS2C_HOME/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
+
<rampc:ReceiverCertificate>AXIS2C_HOME/bin/samples/rampart/keys/bhome/alice_cert.cert</rampc:ReceiverCertificate>
+
<rampc:Certificate>AXIS2C_HOME/bin/samples/rampart/keys/bhome/bob_cert.cert</rampc:Certificate>
+
<rampc:PrivateKey>AXIS2C_HOME/bin/samples/rampart/keys/bhome/bob_key.pem</rampc:PrivateKey>
+ </rampc:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ </operation>
+
+ <operation name="echoString">
+ <parameter
name="wsamapping">http://example.com/ws/2004/09/policy/Test/EchoRequest</parameter>
+ <wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:EncryptionToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:BootstrapPolicy>
+
<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+
<wsp:ExactlyOne>
+
<wsp:All>
+
<sp:AsymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<wsp:Policy>
+
<sp:InitiatorToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:InitiatorToken>
+
<sp:RecipientToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:RecipientToken>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Strict/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
</wsp:Policy>
+
</sp:AsymmetricBinding>
+
<rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+
<rampc:TimeToLive>360</rampc:TimeToLive>
+
</rampc:RampartConfig>
+
</wsp:All>
+
</wsp:ExactlyOne>
+
</wsp:Policy>
+
+
</sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:EncryptionToken>
+ <sp:SignatureToken>
+ <wsp:Policy>
+
<sp:SecureConversationToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:BootstrapPolicy>
+
<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+
<wsp:ExactlyOne>
+
<wsp:All>
+
<sp:AsymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+
<wsp:Policy>
+
<sp:InitiatorToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:InitiatorToken>
+
<sp:RecipientToken>
+
<wsp:Policy>
+
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+
</sp:X509Token>
+
</wsp:Policy>
+
</sp:RecipientToken>
+
<sp:Layout>
+
<wsp:Policy>
+
<sp:Strict/>
+
</wsp:Policy>
+
</sp:Layout>
+
<sp:IncludeTimestamp/>
+
</wsp:Policy>
+
</sp:AsymmetricBinding>
+
<rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+
<rampc:TimeToLive>360</rampc:TimeToLive>
+
</rampc:RampartConfig>
+
</wsp:All>
+
</wsp:ExactlyOne>
+
</wsp:Policy>
+
+
</sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:SignatureToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ <sp:EncryptSignature/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SignedSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always"/>
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:Wss10
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefEmbeddedToken/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <rampc:RampartConfig
xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
+ <rampc:User>Bob</rampc:User>
+ <rampc:PasswordType>Digest</rampc:PasswordType>
+
<rampc:PasswordCallbackClass>AXIS2C_HOME/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
+ </rampc:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+ </operation>
+
+
+</service>
