[CXF-6209][CXF-6210] - Bug in processing Signed/Encrypted Elements policies with multiple XPaths - XPath evaluation failure on the client side causes all subsequent evaluations to fail
Conflicts: rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/client.xml systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/server.xml Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/847b73ea Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/847b73ea Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/847b73ea Branch: refs/heads/2.7.x-fixes Commit: 847b73ead53ac597ae5d36eddaad8bd8e8175572 Parents: b79e793 Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Tue Jan 20 15:04:00 2015 +0000 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Tue Jan 20 15:26:52 2015 +0000 ---------------------------------------------------------------------- .../wss4j/PolicyBasedWSS4JInInterceptor.java | 19 + .../policyhandlers/AbstractBindingBuilder.java | 59 +++- .../policyhandlers/TransportBindingHandler.java | 7 +- .../apache/cxf/systest/ws/parts/PartsTest.java | 50 +++ .../cxf/systest/ws/parts/DoubleItParts.wsdl | 8 + .../org/apache/cxf/systest/ws/parts/client.xml | 348 +++++++++++++++++++ .../multiple-encrypted-elements-policy.xml | 48 +++ .../org/apache/cxf/systest/ws/parts/server.xml | 331 ++++++++++++++++++ 8 files changed, 866 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/847b73ea/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java index 1394a0b..d889fed 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java @@ -481,10 +481,29 @@ public class PolicyBasedWSS4JInInterceptor extends WSS4JInInterceptor { xpaths = p.getXPathExpressions(); } +<<<<<<< HEAD if (xpaths != null) { if (namespaces != null) { xpath.setNamespaceContext(new MapNamespaceContext(namespaces)); } +======= + RequiredElements elements = (RequiredElements)ai.getAssertion(); + + if (elements != null && elements.getXPaths() != null + && !elements.getXPaths().isEmpty()) { + List<String> expressions = new ArrayList<String>(); + MapNamespaceContext namespaceContext = new MapNamespaceContext(); + + for (org.apache.wss4j.policy.model.XPath xPath : elements.getXPaths()) { + expressions.add(xPath.getXPath()); + Map<String, String> namespaceMap = xPath.getPrefixNamespaceMap(); + if (namespaceMap != null) { + namespaceContext.addNamespaces(namespaceMap); + } + } + + xpath.setNamespaceContext(namespaceContext); +>>>>>>> 5c8f473... [CXF-6209][CXF-6210] - Bug in processing Signed/Encrypted Elements policies with multiple XPaths try { CryptoCoverageUtil.checkCoverage(soapEnvelope, refs, xpath, xpaths, type, scope); http://git-wip-us.apache.org/repos/asf/cxf/blob/847b73ea/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java index 6ac3388..c23d0d3 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java @@ -1244,8 +1244,8 @@ public abstract class AbstractBindingBuilder { // Handle sign/enc parts result.addAll(this.getParts(sign, includeBody, parts, found)); - // Handle sign/enc elements +<<<<<<< HEAD try { result.addAll(this.getElements("Element", xpaths, namespaces, found, sign)); } catch (XPathExpressionException e) { @@ -1259,6 +1259,13 @@ public abstract class AbstractBindingBuilder { } catch (XPathExpressionException e) { LOG.log(Level.FINE, e.getMessage(), e); // REVISIT +======= + result.addAll(this.getElements("Element", xpaths, found, sign)); + + if (!sign) { + // Handle content encrypted elements + result.addAll(this.getElements("Content", contentXpaths, found, sign)); +>>>>>>> 5c8f473... [CXF-6209][CXF-6210] - Bug in processing Signed/Encrypted Elements policies with multiple XPaths } return result; @@ -1371,7 +1378,7 @@ public abstract class AbstractBindingBuilder { protected List<WSEncryptionPart> getElements(String encryptionModifier, List<String> xpaths, Map<String, String> namespaces, List<Element> found, - boolean forceId) throws XPathExpressionException, SOAPException { + boolean forceId) throws SOAPException { List<WSEncryptionPart> result = new ArrayList<WSEncryptionPart>(); @@ -1383,6 +1390,7 @@ public abstract class AbstractBindingBuilder { xpath.setNamespaceContext(new MapNamespaceContext(namespaces)); } +<<<<<<< HEAD NodeList list = (NodeList)xpath.evaluate(expression, saaj.getSOAPPart().getEnvelope(), XPathConstants.NODESET); for (int x = 0; x < list.getLength(); x++) { @@ -1408,8 +1416,29 @@ public abstract class AbstractBindingBuilder { new WSEncryptionPart(id, encryptionModifier); part.setElement(el); part.setXpath(expression); +======= + NodeList list = null; + try { + list = (NodeList)xpath.evaluate(xPath.getXPath(), saaj.getSOAPPart().getEnvelope(), + XPathConstants.NODESET); + } catch (XPathExpressionException e) { + LOG.log(Level.WARNING, "Failure in evaluating an XPath expression", e); + } + + if (list != null) { + for (int x = 0; x < list.getLength(); x++) { + Element el = (Element)list.item(x); +>>>>>>> 5c8f473... [CXF-6209][CXF-6210] - Bug in processing Signed/Encrypted Elements policies with multiple XPaths - result.add(part); + if (!found.contains(el)) { + String id = setIdOnElement(el, forceId); + WSEncryptionPart part = + new WSEncryptionPart(id, encryptionModifier); + part.setElement(el); + part.setXpath(xPath.getXPath()); + + result.add(part); + } } } } @@ -1418,8 +1447,32 @@ public abstract class AbstractBindingBuilder { return result; } +<<<<<<< HEAD protected WSSecEncryptedKey getEncryptedKeyBuilder(TokenWrapper wrapper, Token token) throws WSSecurityException { +======= + private String setIdOnElement(Element element, boolean forceId) { + if (forceId) { + return this.addWsuIdToElement(element); + } + + //not forcing an ID on this. Use one if there is one + //there already, but don't force one + Attr idAttr = element.getAttributeNodeNS(null, "Id"); + if (idAttr == null) { + //then try the wsu:Id value + idAttr = element.getAttributeNodeNS(PolicyConstants.WSU_NAMESPACE_URI, "Id"); + } + if (idAttr != null) { + return idAttr.getValue(); + } + + return null; + } + + protected WSSecEncryptedKey getEncryptedKeyBuilder(AbstractTokenWrapper wrapper, + AbstractToken token) throws WSSecurityException { +>>>>>>> 5c8f473... [CXF-6209][CXF-6210] - Bug in processing Signed/Encrypted Elements policies with multiple XPaths WSSecEncryptedKey encrKey = new WSSecEncryptedKey(wssConfig); Crypto crypto = getEncryptionCrypto(wrapper); message.getExchange().put(SecurityConstants.ENCRYPT_CRYPTO, crypto); http://git-wip-us.apache.org/repos/asf/cxf/blob/847b73ea/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java index a5bacb2..03fc377 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java @@ -28,7 +28,6 @@ import java.util.logging.Level; import javax.xml.crypto.dsig.Reference; import javax.xml.soap.SOAPException; import javax.xml.soap.SOAPMessage; -import javax.xml.xpath.XPathExpressionException; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -602,6 +601,7 @@ public class TransportBindingHandler extends AbstractBindingBuilder { if (signedElements != null) { // Handle SignedElements +<<<<<<< HEAD try { result.addAll( this.getElements( @@ -613,6 +613,11 @@ public class TransportBindingHandler extends AbstractBindingBuilder { LOG.log(Level.FINE, e.getMessage(), e); // REVISIT } +======= + result.addAll( + this.getElements("Element", signedElements.getXPaths(), found, true) + ); +>>>>>>> 5c8f473... [CXF-6209][CXF-6210] - Bug in processing Signed/Encrypted Elements policies with multiple XPaths } return result; http://git-wip-us.apache.org/repos/asf/cxf/blob/847b73ea/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/parts/PartsTest.java ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/parts/PartsTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/parts/PartsTest.java index 41ad92b..5e8793c 100644 --- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/parts/PartsTest.java +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/parts/PartsTest.java @@ -302,6 +302,56 @@ public class PartsTest extends AbstractBusClientServerTestBase { } @org.junit.Test + public void testMultipleEncryptedElements() throws Exception { + + if (test.isStreaming() || STAX_PORT.equals(test.getPort())) { + return; + } + + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = PartsTest.class.getResource("client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + URL wsdl = PartsTest.class.getResource("DoubleItParts.wsdl"); + Service service = Service.create(wsdl, SERVICE_QNAME); + + // Successful invocation + QName portQName = new QName(NAMESPACE, "DoubleItEncryptedElementsPort3"); + DoubleItPortType port = service.getPort(portQName, DoubleItPortType.class); + updateAddressPort(port, test.getPort()); + + if (test.isStreaming()) { + SecurityTestUtil.enableStreaming(port); + } + + port.doubleIt(25); + + // This should fail, as the service requires that the header must be encrypted + portQName = new QName(NAMESPACE, "DoubleItEncryptedElementsPort2"); + port = service.getPort(portQName, DoubleItPortType.class); + updateAddressPort(port, test.getPort()); + + if (test.isStreaming()) { + SecurityTestUtil.enableStreaming(port); + } + + try { + port.doubleIt(25); + fail("Failure expected on a header which isn't encrypted"); + } catch (javax.xml.ws.soap.SOAPFaultException ex) { + String error = "EncryptedElements"; + assertTrue(ex.getMessage().contains(error) + || ex.getMessage().contains("To must be encrypted")); + } + + ((java.io.Closeable)port).close(); + bus.shutdown(true); + } + + @org.junit.Test public void testContentEncryptedElements() throws Exception { SpringBusFactory bf = new SpringBusFactory(); http://git-wip-us.apache.org/repos/asf/cxf/blob/847b73ea/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl index eb57ec4..6049718 100644 --- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl +++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl @@ -90,8 +90,16 @@ <wsdl:port name="DoubleItEncryptedElementsPort2" binding="tns:DoubleItStandardBinding"> <soap:address location="http://localhost:9010/DoubleItEncryptedElements2" /> </wsdl:port> +<<<<<<< HEAD <wsdl:port name="DoubleItContentEncryptedElementsPort" binding="tns:DoubleItStandardBinding"> <soap:address location="http://localhost:9010/DoubleItContentEncryptedElements" /> +======= + <wsdl:port name="DoubleItEncryptedElementsPort3" binding="tns:DoubleItStandardBinding"> + <soap:address location="http://localhost:9010/DoubleItEncryptedElements3"/> + </wsdl:port> + <wsdl:port name="DoubleItContentEncryptedElementsPort" binding="tns:DoubleItStandardBinding"> + <soap:address location="http://localhost:9010/DoubleItContentEncryptedElements"/> +>>>>>>> 5c8f473... [CXF-6209][CXF-6210] - Bug in processing Signed/Encrypted Elements policies with multiple XPaths </wsdl:port> <wsdl:port name="DoubleItContentEncryptedElementsPort2" binding="tns:DoubleItStandardBinding"> <soap:address location="http://localhost:9010/DoubleItContentEncryptedElements2" /> http://git-wip-us.apache.org/repos/asf/cxf/blob/847b73ea/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/client.xml ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/client.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/client.xml new file mode 100644 index 0000000..6aa97be --- /dev/null +++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/client.xml @@ -0,0 +1,348 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli cy.xsd http://www.w3.org/ns/ws-policy http://www.w3.org/2007/02/ws-policy.xsd"> + <cxf:bus> + <cxf:features> + <p:policies/> + <cxf:logging/> + </cxf:features> + </cxf:bus> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItRequiredPartsPort" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/addr-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItRequiredPartsPort2" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/addr-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItRequiredElementsPort" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/addr-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItRequiredElementsPort2" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/addr-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignedPartsPort" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/signed-parts-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignedPartsPort2" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/signed-addr-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignedPartsPort3" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/signed-body-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignedElementsPort" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/signed-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignedElementsPort2" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/addr-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedPartsPort" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-parts-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedPartsPort2" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-addr-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedPartsPort3" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-body-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedElementsPort" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedElementsPort2" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/addr-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedElementsPort3" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/multiple-encrypted-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItContentEncryptedElementsPort" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/content-encrypted-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItContentEncryptedElementsPort2" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/addr-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignedAttachmentsPort" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" + URI="classpath:/org/apache/cxf/systest/ws/parts/signed-attachments-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItSignedAttachmentsPort2" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" + URI="classpath:/org/apache/cxf/systest/ws/parts/signed-body-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedAttachmentsPort" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" + URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-attachments-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItEncryptedAttachmentsPort2" createdFromAPI="true"> + <jaxws:properties> + <entry key="ws-security.username" value="Alice"/> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.encryption.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="bob"/> + <entry key="ws-security.signature.properties" value="alice.properties"/> + <entry key="ws-security.signature.username" value="alice"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" + URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-body-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:client> + +</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/847b73ea/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/multiple-encrypted-elements-policy.xml ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/multiple-encrypted-elements-policy.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/multiple-encrypted-elements-policy.xml new file mode 100644 index 0000000..a75f6fd --- /dev/null +++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/multiple-encrypted-elements-policy.xml @@ -0,0 +1,48 @@ +<?xml version="1.0"?> +<wsp:Policy xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://www.w3.org/ns/ws-policy" wsu:Id="RequiredPartsPolicy"> + <wsp:ExactlyOne> + <wsp:All> + <sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> + <wsp:Policy> + <sp:InitiatorToken> + <wsp:Policy> + <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"> + <wsp:Policy> + <sp:WssX509V3Token10/> + </wsp:Policy> + </sp:X509Token> + </wsp:Policy> + </sp:InitiatorToken> + <sp:RecipientToken> + <wsp:Policy> + <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never"> + <wsp:Policy> + <sp:WssX509V3Token10/> + <sp:RequireIssuerSerialReference/> + </wsp:Policy> + </sp:X509Token> + </wsp:Policy> + </sp:RecipientToken> + <sp:Layout> + <wsp:Policy> + <sp:Lax/> + </wsp:Policy> + </sp:Layout> + <sp:AlgorithmSuite> + <wsp:Policy> + <sp:Basic128/> + </wsp:Policy> + </sp:AlgorithmSuite> + </wsp:Policy> + </sp:AsymmetricBinding> + <sp:EncryptedElements xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> + <sp:XPath xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">/soap:Envelope/soap:Header/wsa:To</sp:XPath> + <sp:XPath xmlns:example1="http://www.example.org/schema/DoubleIt">//example1:DoubleIt</sp:XPath> + </sp:EncryptedElements> + <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> + <sp:Body/> + </sp:SignedParts> + <wsaws:UsingAddressing xmlns:wsaws="http://www.w3.org/2006/05/addressing/wsdl"/> + </wsp:All> + </wsp:ExactlyOne> +</wsp:Policy> http://git-wip-us.apache.org/repos/asf/cxf/blob/847b73ea/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/server.xml ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/server.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/server.xml new file mode 100644 index 0000000..40f10f1 --- /dev/null +++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/parts/server.xml @@ -0,0 +1,331 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apa che.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://www.w3.org/ns/ws-policy http://www.w3.org/2007/02/ws-policy.xsd "> + <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> + <cxf:bus> + <cxf:features> + <p:policies/> + <cxf:logging/> + </cxf:features> + </cxf:bus> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="RequiredParts" address="http://localhost:${testutil.ports.Server}/DoubleItRequiredParts" serviceName="s:DoubleItService" endpointName="s:DoubleItRequiredPartsPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/req-parts-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="RequiredParts2" address="http://localhost:${testutil.ports.Server}/DoubleItRequiredParts2" serviceName="s:DoubleItService" endpointName="s:DoubleItRequiredPartsPort2" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/bad-req-parts-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="RequiredElements" address="http://localhost:${testutil.ports.Server}/DoubleItRequiredElements" serviceName="s:DoubleItService" endpointName="s:DoubleItRequiredElementsPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/req-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="RequiredElements2" address="http://localhost:${testutil.ports.Server}/DoubleItRequiredElements2" serviceName="s:DoubleItService" endpointName="s:DoubleItRequiredElementsPort2" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/bad-req-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignedParts" address="http://localhost:${testutil.ports.Server}/DoubleItSignedParts" serviceName="s:DoubleItService" endpointName="s:DoubleItSignedPartsPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/signed-parts-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignedParts2" address="http://localhost:${testutil.ports.Server}/DoubleItSignedParts2" serviceName="s:DoubleItService" endpointName="s:DoubleItSignedPartsPort2" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/signed-parts-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignedParts3" address="http://localhost:${testutil.ports.Server}/DoubleItSignedParts3" serviceName="s:DoubleItService" endpointName="s:DoubleItSignedPartsPort3" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/signed-parts-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignedElements" address="http://localhost:${testutil.ports.Server}/DoubleItSignedElements" serviceName="s:DoubleItService" endpointName="s:DoubleItSignedElementsPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/signed-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignedElements2" address="http://localhost:${testutil.ports.Server}/DoubleItSignedElements2" serviceName="s:DoubleItService" endpointName="s:DoubleItSignedElementsPort2" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/signed-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="EncryptedParts" address="http://localhost:${testutil.ports.Server}/DoubleItEncryptedParts" serviceName="s:DoubleItService" endpointName="s:DoubleItEncryptedPartsPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="alice"/> + <entry key="ws-security.encryption.properties" value="alice.properties"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-parts-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="EncryptedParts2" address="http://localhost:${testutil.ports.Server}/DoubleItEncryptedParts2" serviceName="s:DoubleItService" endpointName="s:DoubleItEncryptedPartsPort2" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="alice"/> + <entry key="ws-security.encryption.properties" value="alice.properties"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-parts-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="EncryptedParts3" address="http://localhost:${testutil.ports.Server}/DoubleItEncryptedParts3" serviceName="s:DoubleItService" endpointName="s:DoubleItEncryptedPartsPort3" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="alice"/> + <entry key="ws-security.encryption.properties" value="alice.properties"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-parts-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="EncryptedElements" address="http://localhost:${testutil.ports.Server}/DoubleItEncryptedElements" serviceName="s:DoubleItService" endpointName="s:DoubleItEncryptedElementsPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="alice"/> + <entry key="ws-security.encryption.properties" value="alice.properties"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="EncryptedElements2" address="http://localhost:${testutil.ports.Server}/DoubleItEncryptedElements2" serviceName="s:DoubleItService" endpointName="s:DoubleItEncryptedElementsPort2" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="alice"/> + <entry key="ws-security.encryption.properties" value="alice.properties"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="EncryptedElements3" address="http://localhost:${testutil.ports.Server}/DoubleItEncryptedElements3" serviceName="s:DoubleItService" endpointName="s:DoubleItEncryptedElementsPort3" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="alice"/> + <entry key="ws-security.encryption.properties" value="alice.properties"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/multiple-encrypted-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="ContentEncryptedElements" address="http://localhost:${testutil.ports.Server}/DoubleItContentEncryptedElements" serviceName="s:DoubleItService" endpointName="s:DoubleItContentEncryptedElementsPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="alice"/> + <entry key="ws-security.encryption.properties" value="alice.properties"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/content-encrypted-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="ContentEncryptedElements2" address="http://localhost:${testutil.ports.Server}/DoubleItContentEncryptedElements2" serviceName="s:DoubleItService" endpointName="s:DoubleItContentEncryptedElementsPort2" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="alice"/> + <entry key="ws-security.encryption.properties" value="alice.properties"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="classpath:/org/apache/cxf/systest/ws/parts/content-encrypted-elements-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignedAttachments" + address="http://localhost:${testutil.ports.Server}/DoubleItSignedAttachments" + serviceName="s:DoubleItService" endpointName="s:DoubleItSignedAttachmentsPort" + implementor="org.apache.cxf.systest.ws.parts.DoubleIt3Impl" + wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" + URI="classpath:/org/apache/cxf/systest/ws/parts/signed-attachments-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="SignedAttachments2" + address="http://localhost:${testutil.ports.Server}/DoubleItSignedAttachments2" + serviceName="s:DoubleItService" endpointName="s:DoubleItSignedAttachmentsPort2" + implementor="org.apache.cxf.systest.ws.parts.DoubleIt3Impl" + wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" + URI="classpath:/org/apache/cxf/systest/ws/parts/signed-attachments-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="EncryptedAttachments" + address="http://localhost:${testutil.ports.Server}/DoubleItEncryptedAttachments" + serviceName="s:DoubleItService" endpointName="s:DoubleItEncryptedAttachmentsPort" + implementor="org.apache.cxf.systest.ws.parts.DoubleIt3Impl" + wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" + URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-attachments-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="EncryptedAttachments2" + address="http://localhost:${testutil.ports.Server}/DoubleItEncryptedAttachments2" + serviceName="s:DoubleItService" endpointName="s:DoubleItEncryptedAttachmentsPort2" + implementor="org.apache.cxf.systest.ws.parts.DoubleIt3Impl" + wsdlLocation="org/apache/cxf/systest/ws/parts/DoubleItParts.wsdl"> + <jaxws:properties> + <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.UTPasswordCallback"/> + <entry key="ws-security.signature.properties" value="bob.properties"/> + <entry key="ws-security.encryption.username" value="useReqSigCert"/> + <entry key="ws-security.subject.cert.constraints" value=".*O=apache.org.*"/> + </jaxws:properties> + <jaxws:features> + <p:policies> + <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" + URI="classpath:/org/apache/cxf/systest/ws/parts/encrypted-attachments-policy.xml"/> + </p:policies> + </jaxws:features> + </jaxws:endpoint> + +</beans>