cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r887328 [1/2] - in /cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy: ./ bin/ certs/ certs/demoCA/ certs/demoCA/newcerts/ src/ src/demo/ src/demo/wssec/ src/demo/wssec/client/ src/demo/wssec/resources/ src/demo/wssec/se...
Date Fri, 04 Dec 2009 19:28:19 GMT
Author: dkulp
Date: Fri Dec  4 19:28:17 2009
New Revision: 887328

URL: http://svn.apache.org/viewvc?rev=887328&view=rev
Log:
[CXF-2553] Add WS-SecPolicy based UsernameToken sample.
Contribution from Oliver Wulff

Added:
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ca.crl
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cacert.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/caprivkey.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry-ra-cert.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.chain
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.jks
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrcherry.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrra.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrwibble.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr.old
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.old
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1345.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1346.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1347.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial.old
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/exts
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ra-ca-cert.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/raprivkey.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/truststore.jks
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble-ra-cert.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.chain
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.jks
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/abigcompany_ca.pem
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/celtix.p12
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/celtixp12.truststore
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/server/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/server/GreeterImpl.java   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/server/Server.java   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/server/UTPasswordCallback.java   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/server/wssec.xml   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/wsdl/
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/wsdl/hello_world.wsdl   (with props)
    cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/wsdl/hello_world_no_policy.wsdl   (with props)

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt Fri Dec  4 19:28:17 2009
@@ -0,0 +1,148 @@
+WS-Security Demo  (UsernameToken and Timestamp)
+=================
+
+This demo shows how WS-Security support in Apache CXF may be enabled.
+
+WS-Security can be configured to the Client and Server endpoints by adding
+WS-SecurityPolicies into the WSDL.
+
+The logging feature is used to log the inbound and outbound
+SOAP messages and display these to the console.
+
+In all other respects this demo is based on the basic hello_world sample.
+
+Please review the README in the samples directory before continuing.
+
+
+Prerequisite
+------------
+
+If your environment already includes cxf-manifest.jar on the CLASSPATH,
+and the JDK and ant bin directories on the PATH, it is not necessary to
+run the environment script described in the samples directory README.
+If your environment is not properly configured, or if you are planning
+on using wsdl2java, javac, and java to build and run the demos, you must
+set the environment by running the script.
+
+
+*** Requirements ***
+
+The samples in this directory use STRONG encryption.  The default encryption algorithms
+included in a JRE is not adequate for these samples.   The Java Cryptography Extension
+(JCE) Unlimited Strength Jurisdiction Policy Files available on Sun's JDK download
+page[3] *must* be installed for the examples to work.   If you get errors about invalid
+key lengths, the Unlimited Strength files are not installed.
+
+[3] http://java.sun.com/javase/downloads/index.jsp
+
+
+Building and running the demo using Ant
+---------------------------------------
+
+From the base directory of this sample (i.e., where this README file is
+located), the Ant build.xml file can be used to build and run the demo.
+The server and client targets automatically build the demo.
+
+Using either UNIX or Windows:
+
+  ant server  (from one command line window)
+  ant client  (from a second command line window)
+
+On startup, the client makes one invocation.
+
+You can use the target client.unauthenticated to show that the policy UsernameToken is enforced by the server.
+
+To remove the code generated from the WSDL file and the .class
+files, run "ant clean".
+
+
+Building and running the demo using Maven
+---------------------------------------
+
+From the base directory of this sample (i.e., where this README file is
+located), the maven pom.xml file can be used to build and run the demo.
+
+
+Using either UNIX or Windows:
+
+  mvn install (builds the demo)
+  mvn -Pserver  (from one command line window)
+  Mvn -Pclient  (from a second command line window)
+
+On startup, the client makes one invocation.
+
+You can use the profile client.unauthenticated to show that the policy UsernameToken is enforced by the server.
+
+To remove the code generated from the WSDL file and the .class
+files, run "mvn clean".
+
+
+
+Building the demo using wsdl2java and javac
+-------------------------------------------
+
+From the base directory of this sample (i.e., where this README file is
+located) first create the target directory build/classes and then
+generate code from the WSDL file.
+
+
+For UNIX:
+  mkdir -p build/classes
+
+  wsdl2java -d build/classes -compile ./wsdl/hello_world_wssec.wsdl
+
+For Windows:
+  mkdir build\classes
+    Must use back slashes.
+
+  wsdl2java -d build\classes -compile .\wsdl\hello_world_wssec.wsdl
+    May use either forward or back slashes.
+
+Now compile the provided client and server applications with the commands:
+
+For UNIX:
+
+  export CLASSPATH=$CLASSPATH:$CXF_HOME/lib/cxf-manifest.jar:./build/classes
+  javac -d build/classes src/demo/wssec/common/*.java
+  javac -d build/classes src/demo/wssec/client/*.java
+  javac -d build/classes src/demo/wssec/server/*.java
+
+For Windows:
+  set classpath=%classpath%;%CXF_HOME%\lib\cxf-manifest.jar;.\build\classes
+  javac -d build\classes src\demo\wssec\common\*.java
+  javac -d build\classes src\demo\wssec\client\*.java
+  javac -d build\classes src\demo\wssec\server\*.java
+
+
+Running the demo using java
+---------------------------
+
+From the base directory of this sample (i.e., where this README file is
+located) run the commands, entered on a single command line:
+
+For UNIX (must use forward slashes):
+    java -Djava.util.logging.config.file=./logging.properties
+         demo.wssec.server.Server &
+
+    java -Djava.util.logging.config.file=./logging.properties
+         demo.wssec.client.Client ./wsdl/hello_world_wssec.wsdl
+
+The server process starts in the background.
+
+For Windows (may use either forward or back slashes):
+  start
+    java -Djava.util.logging.config.file=.\logging.properties
+         demo.wssec.server.Server
+
+    java -Djava.util.logging.config.file=.\logging.properties
+         demo.wssec.client.Client .\wsdl\hello_world_wssec.wsdl
+
+The server process starts in a new command window.
+
+After running the client, terminate the server process.
+
+To remove the code generated from the WSDL file and the .class
+files, either delete the build directory and its contents or run:
+
+  ant clean
+

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/README.txt
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh Fri Dec  4 19:28:17 2009
@@ -0,0 +1,163 @@
+#!/bin/sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+#
+#
+# This file uses openssl and keytool to generate 2 chains of 3 certificates 
+# CN=Wibble             CN=Cherry
+#             CN=TheRA
+#             CN=TheCA
+# and generates a CRL to revoke the "CN=TheRA" certificate.
+#
+# This file also serves as a specification on what needs to be done to
+# get the underlying CXF to work correctly.
+# For the most part, you need to use only JKS (Java Key Store) formatted
+# keystores and truststores.
+
+
+# Initialize the default openssl DataBase.
+# According to a default /usr/lib/ssl/openssl.cnf file it is ./demoCA
+# Depending on the Openssl version, comment out "crlnumber" in config file.
+# We echo 1345 to start the certificate serial number counter.
+
+    rm -rf demoCA
+    mkdir -p demoCA/newcerts
+    cp /dev/null demoCA/index.txt
+    echo "1345" > demoCA/serial
+
+# This file makes sure that the certificate for CN=TheRA can be a Certificate
+# Authority, i.e. can sign the user certificates, e.g. "CN=Wibble".
+
+cat <<EOF > exts
+[x509_extensions]
+basicConstraints=CA:TRUE
+EOF
+
+# Create the CA's keypair and self-signed certificate
+#   -x509 means create self-sign cert
+#   -keyout means generate keypair
+#   -nodes means do not encrypt private key.
+#   -set_serial sets the serial number of the certificate
+
+    openssl req -verbose -x509 -new -nodes -set_serial 1234 \
+    -subj "/CN=TheCA/OU=NOT FOR PRODUCTION/O=Apache/ST=NY/C=US" \
+    -days 7300 -out cacert.pem -keyout caprivkey.pem 
+
+# Create the RA's keypair and Certificate Request
+#    without -x509, we generate an x509 cert request.
+#   -keyout means generate keypair
+#   -nodes means do not encrypt private key.
+
+    openssl req -verbose -new -nodes \
+    -subj "/CN=TheRA/OU=NOT FOR PRODUCTION/O=Apache/ST=NY/C=US" \
+    -days 7300 -out csrra.pem -keyout raprivkey.pem 
+
+# Have the CN=TheCA issue a certificate for the CN=TheRA
+# We need -extfile exts -extenstions x509_extensions to make sure 
+# CN=TheRA can be a Certificate Authority.
+
+    openssl ca -batch -days 7300 -cert cacert.pem -keyfile caprivkey.pem \
+    -in csrra.pem -out ra-ca-cert.pem -extfile exts -extensions x509_extensions
+
+# Create keypairs and Cert Request for a certificate for CN=Wibble and CN=Cherry
+# This procedure must be done in JKS, because we need to use a JKS keystore.
+# The current version of CXF using PCKS12 will not work for a number of 
+# internal CXF reasons.
+
+    rm -f wibble.jks
+
+    keytool -genkey \
+    -dname "CN=Wibble, OU=NOT FOR PRODUCTION, O=Apache, ST=NY, C=US" \
+    -keystore wibble.jks -storetype jks -storepass password -keypass password
+
+    keytool -certreq -keystore wibble.jks -storetype jks -storepass password \
+    -keypass password -file csrwibble.pem
+
+
+    rm -f cherry.jks
+
+    keytool -genkey \
+    -dname "CN=Cherry, OU=NOT FOR PRODUCTION, O=Apache, ST=NY, C=US" \
+    -keystore cherry.jks -storetype jks -storepass password -keypass password
+
+    keytool -certreq -keystore cherry.jks -storetype jks -storepass password \
+    -keypass password -file csrcherry.pem
+
+
+# Have the CN=TheRA issue a certificate for CN=Wibble and CN=Cherry via
+# their Certificate Requests.
+
+   openssl ca -batch -days 7300 -cert ra-ca-cert.pem -keyfile raprivkey.pem \
+   -in csrwibble.pem -out wibble-ra-cert.pem 
+   
+   openssl ca -batch -days 7300 -cert ra-ca-cert.pem -keyfile raprivkey.pem \
+   -in csrcherry.pem -out cherry-ra-cert.pem
+
+
+# Rewrite the certificates in PEM only format. This allows us to concatenate
+# them into chains.
+
+    openssl x509 -in cacert.pem -out cacert.pem -outform PEM
+    openssl x509 -in ra-ca-cert.pem -out ra-ca-cert.pem -outform PEM
+    openssl x509 -in wibble-ra-cert.pem -out wibble-ra-cert.pem -outform PEM
+    openssl x509 -in cherry-ra-cert.pem -out cherry-ra-cert.pem -outform PEM
+
+# Create a chain readable by CertificateFactory.getCertificates.
+
+    cat wibble-ra-cert.pem ra-ca-cert.pem cacert.pem > wibble.chain
+    cat cherry-ra-cert.pem ra-ca-cert.pem cacert.pem > cherry.chain
+
+# Replace the certificate in the Wibble keystore with their respective
+# full chains.
+
+    keytool -import -file wibble.chain -keystore wibble.jks -storetype jks \
+    -storepass password -keypass password -noprompt
+
+    keytool -import -file cherry.chain -keystore cherry.jks -storetype jks \
+    -storepass password -keypass password -noprompt
+
+# Revoke the CN=TheRA certificate (happens in the Openssl DB)
+
+    openssl ca -verbose -cert cacert.pem -keyfile caprivkey.pem \
+    -revoke ra-ca-cert.pem -crl_reason keyCompromise 
+
+# Create the CRL from that revocation (from the Openssl DB)
+
+    openssl ca -verbose -gencrl -out ca.crl -cert cacert.pem \
+    -keyfile caprivkey.pem
+
+# Create the Truststore file containing the CA cert.
+
+    rm -f truststore.jks
+    
+    keytool -import -file cacert.pem -alias TheCA -keystore truststore.jks \
+    -storepass password -noprompt
+
+# Uncomment to see what's in the Keystores and CRL
+
+    keytool -v -list -keystore wibble.jks -storepass password
+    
+    keytool -v -list -keystore cherry.jks -storepass password
+    
+    keytool -v -list -keystore truststore.jks -storepass password
+    
+    openssl crl -in ca.crl -text -noout
+
+# Get rid of everything but wibble.chain and ra.crl
+#rm -rf *.pem exts demoCA *pk12

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/bin/gencerts.sh
------------------------------------------------------------------------------
    svn:eol-style = native

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml Fri Dec  4 19:28:17 2009
@@ -0,0 +1,45 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project name="Secure hello world demo" default="build" basedir=".">
+
+    <import file="../../common_build.xml"/>        
+        
+    <target name="unauthenticated.client" description="run demo insecure client" depends="build">
+        <property name="param" value=""/>
+        <cxfrun classname="demo.wssec.client.Client"
+                param1="${basedir}/wsdl/hello_world.wsdl"/>
+    </target> 
+
+    <target name="client" description="run demo secure client" depends="build">
+        <property name="param" value=""/>
+        <cxfrun classname="demo.wssec.client.Client"
+                param1="${basedir}/wsdl/hello_world.wsdl"/>
+    </target> 
+        
+    <target name="server" description="run demo server" depends="build">
+        <cxfrun classname="demo.wssec.server.Server" logging-properties-file="${basedir}/logging.properties"/>
+    </target>
+        
+    <target name="generate.code">
+        <echo level="info" message="Generating code using wsdl2java..."/>
+        <wsdl2java file="hello_world.wsdl"/>
+    </target>
+    
+</project>

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/build.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ca.crl
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ca.crl?rev=887328&view=auto
==============================================================================
    (empty)

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cacert.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cacert.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cacert.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cacert.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC3DCCAkWgAwIBAgICBNIwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQ
+Uk9EVUNUSU9OMQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQG
+EwJVUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3st0/lxVtgRQMbMWvuQz
+MHFv64qXPIm6sTvK3ff6ILGiOnx6wd98oQoJ+X1MuSVBv0ncf7qwZkxZ+imaf1zl
+MwOw6Rha8yl0Uw2YbVYWFCldSXK/9+0KRTm3El5uzzGKT2dKJ2840Wh7LuYKGoEw
+95xXfWb13K1SL13Ewn8Er1cCAwEAAaOBtDCBsTAdBgNVHQ4EFgQUj0/bfQrFQIB6
+6jnKNpqmcGUjy7cwgYEGA1UdIwR6MHiAFI9P230KxUCAeuo5yjaapnBlI8u3oVyk
+WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9O
+MQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQGEwJVU4ICBNIw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBnLYUUrajPw+Ku9Jr8oDte
+KEe+zGDcEEa0uI8ld0XqLjcVcX1SGGYh13ophJCqn3kBwcXtgH1oxj9/M4fWr6pL
+ml4oJMzrYGRi1M2bMgzWFhX5lhTTy/WCDRW05K9LDvTv94yRJV07uk1ztbYgpiyn
+zjX4WJceNv6/6wzWTT7+Ow==
+-----END CERTIFICATE-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/caprivkey.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/caprivkey.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/caprivkey.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/caprivkey.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDey3T+XFW2BFAxsxa+5DMwcW/ripc8ibqxO8rd9/ogsaI6fHrB
+33yhCgn5fUy5JUG/Sdx/urBmTFn6KZp/XOUzA7DpGFrzKXRTDZhtVhYUKV1Jcr/3
+7QpFObcSXm7PMYpPZ0onbzjRaHsu5goagTD3nFd9ZvXcrVIvXcTCfwSvVwIDAQAB
+AoGAUCoK7Z8RpA2HQWq8C3GWzZ5zc+AJLNot16m5BAc+89aWlc7GaM3eTR+MmT2x
+hojWUFrmQPtOj3B3i6C+m4c0XGuU8B9lFaKSdjz4NytWAsykQPxx+KsVfyNxt2mk
+np8hoTQU0qoTG6XAZmvYaSOkqSC7s5gUCwEzK/J+mWbyYcECQQD9UqIhMLOrbFfT
+1T/VNcAp7WkvW0Dqio1G/o11Yas1ZKhTfwxczA84Lpu5aSoUoKJwSRjEsfSHrqrV
+GobsS813AkEA4SY62Krv4zW7PtEElJbUhzF0+Yc/SXmVFuq7C9sfiV9ko/lpAn2L
+lWFzEeRE+3+o+khL5+PW5NYQBJUhHxslIQJABwfzHg62/ewM6AFEO0u5oLBJOhpD
+S/86epz4Gijy0pGPpnmhQzYaugl5IwVLOLVYrNsqh9MUoWt0rGOHGSnlcwJAHYm8
+cqyKaE6mUClv5mabX1k3tXzu6p7O1oDZJUcMLiObun+ALVl3NJPiWtiNzEkFTECr
+5LJZgRAsbc162O/gwQJAJ0n+Sd2qJz5n0/iu9LYH+DH8Bjd88thq+PVYz9r5lYvl
+ksRCCYECTkW8Q7pT8SlLEBePRBvVmENTnPlAENTwwQ==
+-----END RSA PRIVATE KEY-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry-ra-cert.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry-ra-cert.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry-ra-cert.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry-ra-cert.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECjCCA3OgAwIBAgICE0cwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZD
+aGVycnkwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAACgYBi7WDT5ifoKr+6CYNM4bgp
+boGIDcm4gAzvN87riAREspwE1e/n7248yu3HUSO11IeO9Nry3yANg2yU93478ZKY
+iMO4Vsf3otK3HX+RVRF7el2hcIxidpCwDn7+BRwaYEVJ+FICtzJJir7v9kVm+rc+
+hkjllDDvS99Lv6OOiejBOqOByDCBxTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf
+Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU75GNmqmw
+1Y0VOsXjb3lTww8M4I4wawYDVR0jBGQwYqFcpFowWDEOMAwGA1UEAxMFVGhlQ0Ex
+GzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hlMQsw
+CQYDVQQIEwJOWTELMAkGA1UEBhMCVVOCAhNFMA0GCSqGSIb3DQEBBQUAA4GBAEyD
+BUFePKRHtTlWIW8VH1gTfWm8vLDONxS8Xsk+rcXTG1PZCnVlgYBGRPmmxWApDJJT
+bmp4A7ZnQL/jCP8rQCFlqRCGEHFOqxzqQy1H7klJ6NrzhgzpqqIwfkjk7UBWbaMR
+lXEvynvUC0h0JieUdm6qHAaRuSs5ZQv5+sndW/g3
+-----END CERTIFICATE-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.chain
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.chain?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.chain (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.chain Fri Dec  4 19:28:17 2009
@@ -0,0 +1,56 @@
+-----BEGIN CERTIFICATE-----
+MIIECjCCA3OgAwIBAgICE0cwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZD
+aGVycnkwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAACgYBi7WDT5ifoKr+6CYNM4bgp
+boGIDcm4gAzvN87riAREspwE1e/n7248yu3HUSO11IeO9Nry3yANg2yU93478ZKY
+iMO4Vsf3otK3HX+RVRF7el2hcIxidpCwDn7+BRwaYEVJ+FICtzJJir7v9kVm+rc+
+hkjllDDvS99Lv6OOiejBOqOByDCBxTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf
+Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU75GNmqmw
+1Y0VOsXjb3lTww8M4I4wawYDVR0jBGQwYqFcpFowWDEOMAwGA1UEAxMFVGhlQ0Ex
+GzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hlMQsw
+CQYDVQQIEwJOWTELMAkGA1UEBhMCVVOCAhNFMA0GCSqGSIb3DQEBBQUAA4GBAEyD
+BUFePKRHtTlWIW8VH1gTfWm8vLDONxS8Xsk+rcXTG1PZCnVlgYBGRPmmxWApDJJT
+bmp4A7ZnQL/jCP8rQCFlqRCGEHFOqxzqQy1H7klJ6NrzhgzpqqIwfkjk7UBWbaMR
+lXEvynvUC0h0JieUdm6qHAaRuSs5ZQv5+sndW/g3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgICE0UwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ4wDAYDVQQDEwVU
+aGVSQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArUsKksqHsbd7Ncxapwvq
+i8FAV+Ea6ZwfbiFs46ZXDcVEnvwbFWB8PkYrq1vEJGrBCLKS+QNpYh3QG06etm2A
+frUwIGOJkJgGObQ9lFyHBbg27hmct+wYymx0Z3IGe6w1wD5EkK7nzF0Yg0Ph2xfd
+rHaqNEbVL+RemqaABcNbltcCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG
+9w0BAQUFAAOBgQC14vN7a3bbfmqR2mAWDfS5z2+nO0i6M/z3Y7vAVZqyBuiHcUzW
+RYyE4kKzMrxDHBES3zwTOXmW3NSbwMMKd61RRSF0W2cR4MF42etFoUUr0/NjRwIW
+g9IYN2wGBwKYPrSCUSwCGMhxhOEaoqvAeg0sd1v5OezuZjCGQ9UR2myMvA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC3DCCAkWgAwIBAgICBNIwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQ
+Uk9EVUNUSU9OMQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQG
+EwJVUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3st0/lxVtgRQMbMWvuQz
+MHFv64qXPIm6sTvK3ff6ILGiOnx6wd98oQoJ+X1MuSVBv0ncf7qwZkxZ+imaf1zl
+MwOw6Rha8yl0Uw2YbVYWFCldSXK/9+0KRTm3El5uzzGKT2dKJ2840Wh7LuYKGoEw
+95xXfWb13K1SL13Ewn8Er1cCAwEAAaOBtDCBsTAdBgNVHQ4EFgQUj0/bfQrFQIB6
+6jnKNpqmcGUjy7cwgYEGA1UdIwR6MHiAFI9P230KxUCAeuo5yjaapnBlI8u3oVyk
+WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9O
+MQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQGEwJVU4ICBNIw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBnLYUUrajPw+Ku9Jr8oDte
+KEe+zGDcEEa0uI8ld0XqLjcVcX1SGGYh13ophJCqn3kBwcXtgH1oxj9/M4fWr6pL
+ml4oJMzrYGRi1M2bMgzWFhX5lhTTy/WCDRW05K9LDvTv94yRJV07uk1ztbYgpiyn
+zjX4WJceNv6/6wzWTT7+Ow==
+-----END CERTIFICATE-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.jks
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.jks?rev=887328&view=auto
==============================================================================
Files cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.jks (added) and cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/cherry.jks Fri Dec  4 19:28:17 2009 differ

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrcherry.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrcherry.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrcherry.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrcherry.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,13 @@
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIICXjCCAhsCAQAwWTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUx
+GzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEAxMGQ2hlcnJ5MIIBtzCCASwGByqG
+SM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/
+xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208Ue
+wwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+Gg
+hdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwky
+jMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6A
+e1UlZAFMO/7PSSoDgYQAAoGAYu1g0+Yn6Cq/ugmDTOG4KW6BiA3JuIAM7zfO64gERLKcBNXv5+9u
+PMrtx1EjtdSHjvTa8t8gDYNslPd+O/GSmIjDuFbH96LStx1/kVURe3pdoXCMYnaQsA5+/gUcGmBF
+SfhSArcySYq+7/ZFZvq3PoZI5ZQw70vfS7+jjonowTqgADALBgcqhkjOOAQDBQADMAAwLQIUL/Kb
+evVCJJJYu/t6x1a4hsqrjEACFQCVsCt5XBVEnBOMISaGVWJOfa0OoA==
+-----END NEW CERTIFICATE REQUEST-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrra.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrra.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrra.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrra.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBmDCCAQECAQAwWDEOMAwGA1UEAxMFVGhlUkExGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hlMQswCQYDVQQIEwJOWTELMAkGA1UE
+BhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK1LCpLKh7G3ezXMWqcL
+6ovBQFfhGumcH24hbOOmVw3FRJ78GxVgfD5GK6tbxCRqwQiykvkDaWId0BtOnrZt
+gH61MCBjiZCYBjm0PZRchwW4Nu4ZnLfsGMpsdGdyBnusNcA+RJCu58xdGIND4dsX
+3ax2qjRG1S/kXpqmgAXDW5bXAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQCoR9+A
+4a2uIYk4wJyKwV4ghskSrG/O7pR0wY+tkJN66YOci3C3x+nefdlUK73+SOqbdqL4
+x5io/1fT5BLdFXfcwkWgpzoRzYAZVKj1zQAM7pqEotuxLVy3Bo/Bkij81RgRBtq1
+pDEnDgzGOt3Ly/XVPzK4S4atQe6/fjmfCsfnVw==
+-----END CERTIFICATE REQUEST-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrwibble.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrwibble.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrwibble.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/csrwibble.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,13 @@
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIICXjCCAhwCAQAwWTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUx
+GzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEAxMGV2liYmxlMIIBuDCCASwGByqG
+SM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/
+xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208Ue
+wwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+Gg
+hdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwky
+jMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6A
+e1UlZAFMO/7PSSoDgYUAAoGBAOVw/LSWWM/t6EdzPEKo9T/gHMbknoGwkfq+3wRhhHOtr45dVyPL
+agrEmkKllHFoCCZc5Rw5PSXeTRGT2Zwt9YDPH/n97ju8OH8NIo1moyyL7F0iHOlUCnrFv3ok2SYA
+WnVxW0giyjGWIEgtnrxLb1Hj84biGRx8IIDp//CJ6/8qoAAwCwYHKoZIzjgEAwUAAy8AMCwCFH2/
+V9FvF0zHa3lUIL8NU7lbuX/yAhQxHI/8jJMJprrAhaQDSiys9sRfNA==
+-----END NEW CERTIFICATE REQUEST-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt Fri Dec  4 19:28:17 2009
@@ -0,0 +1,3 @@
+R	290617153708Z	090622153711Z,keyCompromise	1345	unknown	/C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=TheRA
+V	290617153710Z		1346	unknown	/C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=Wibble
+V	290617153710Z		1347	unknown	/C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=Cherry

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr Fri Dec  4 19:28:17 2009
@@ -0,0 +1 @@
+unique_subject = yes

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr.old
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr.old?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr.old (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.attr.old Fri Dec  4 19:28:17 2009
@@ -0,0 +1 @@
+unique_subject = yes

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.old
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.old?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.old (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/index.txt.old Fri Dec  4 19:28:17 2009
@@ -0,0 +1,3 @@
+V	290617153708Z		1345	unknown	/C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=TheRA
+V	290617153710Z		1346	unknown	/C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=Wibble
+V	290617153710Z		1347	unknown	/C=US/ST=NY/O=Apache/OU=NOT FOR PRODUCTION/CN=Cherry

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1345.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1345.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1345.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1345.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,50 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 4933 (0x1345)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: CN=TheCA, OU=NOT FOR PRODUCTION, O=Apache, ST=NY, C=US
+        Validity
+            Not Before: Jun 22 15:37:08 2009 GMT
+            Not After : Jun 17 15:37:08 2029 GMT
+        Subject: C=US, ST=NY, O=Apache, OU=NOT FOR PRODUCTION, CN=TheRA
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:ad:4b:0a:92:ca:87:b1:b7:7b:35:cc:5a:a7:0b:
+                    ea:8b:c1:40:57:e1:1a:e9:9c:1f:6e:21:6c:e3:a6:
+                    57:0d:c5:44:9e:fc:1b:15:60:7c:3e:46:2b:ab:5b:
+                    c4:24:6a:c1:08:b2:92:f9:03:69:62:1d:d0:1b:4e:
+                    9e:b6:6d:80:7e:b5:30:20:63:89:90:98:06:39:b4:
+                    3d:94:5c:87:05:b8:36:ee:19:9c:b7:ec:18:ca:6c:
+                    74:67:72:06:7b:ac:35:c0:3e:44:90:ae:e7:cc:5d:
+                    18:83:43:e1:db:17:dd:ac:76:aa:34:46:d5:2f:e4:
+                    5e:9a:a6:80:05:c3:5b:96:d7
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: sha1WithRSAEncryption
+        b5:e2:f3:7b:6b:76:db:7e:6a:91:da:60:16:0d:f4:b9:cf:6f:
+        a7:3b:48:ba:33:fc:f7:63:bb:c0:55:9a:b2:06:e8:87:71:4c:
+        d6:45:8c:84:e2:42:b3:32:bc:43:1c:11:12:df:3c:13:39:79:
+        96:dc:d4:9b:c0:c3:0a:77:ad:51:45:21:74:5b:67:11:e0:c1:
+        78:d9:eb:45:a1:45:2b:d3:f3:63:47:02:16:83:d2:18:37:6c:
+        06:07:02:98:3e:b4:82:51:2c:02:18:c8:71:84:e1:1a:a2:ab:
+        c0:7a:0d:2c:77:5b:f9:39:ec:ee:66:30:86:43:d5:11:da:6c:
+        8c:bc
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgICE0UwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ4wDAYDVQQDEwVU
+aGVSQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArUsKksqHsbd7Ncxapwvq
+i8FAV+Ea6ZwfbiFs46ZXDcVEnvwbFWB8PkYrq1vEJGrBCLKS+QNpYh3QG06etm2A
+frUwIGOJkJgGObQ9lFyHBbg27hmct+wYymx0Z3IGe6w1wD5EkK7nzF0Yg0Ph2xfd
+rHaqNEbVL+RemqaABcNbltcCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG
+9w0BAQUFAAOBgQC14vN7a3bbfmqR2mAWDfS5z2+nO0i6M/z3Y7vAVZqyBuiHcUzW
+RYyE4kKzMrxDHBES3zwTOXmW3NSbwMMKd61RRSF0W2cR4MF42etFoUUr0/NjRwIW
+g9IYN2wGBwKYPrSCUSwCGMhxhOEaoqvAeg0sd1v5OezuZjCGQ9UR2myMvA==
+-----END CERTIFICATE-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1346.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1346.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1346.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1346.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,90 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 4934 (0x1346)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=NY, O=Apache, OU=NOT FOR PRODUCTION, CN=TheRA
+        Validity
+            Not Before: Jun 22 15:37:10 2009 GMT
+            Not After : Jun 17 15:37:10 2029 GMT
+        Subject: C=US, ST=NY, O=Apache, OU=NOT FOR PRODUCTION, CN=Wibble
+        Subject Public Key Info:
+            Public Key Algorithm: dsaEncryption
+            DSA Public Key:
+                pub: 
+                    00:e5:70:fc:b4:96:58:cf:ed:e8:47:73:3c:42:a8:
+                    f5:3f:e0:1c:c6:e4:9e:81:b0:91:fa:be:df:04:61:
+                    84:73:ad:af:8e:5d:57:23:cb:6a:0a:c4:9a:42:a5:
+                    94:71:68:08:26:5c:e5:1c:39:3d:25:de:4d:11:93:
+                    d9:9c:2d:f5:80:cf:1f:f9:fd:ee:3b:bc:38:7f:0d:
+                    22:8d:66:a3:2c:8b:ec:5d:22:1c:e9:54:0a:7a:c5:
+                    bf:7a:24:d9:26:00:5a:75:71:5b:48:22:ca:31:96:
+                    20:48:2d:9e:bc:4b:6f:51:e3:f3:86:e2:19:1c:7c:
+                    20:80:e9:ff:f0:89:eb:ff:2a
+                P:   
+                    00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:
+                    e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:
+                    51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:
+                    c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:
+                    6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:
+                    10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:
+                    c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:
+                    54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:
+                    f2:22:03:19:9d:d1:48:01:c7
+                Q:   
+                    00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:
+                    84:0b:f0:58:1c:f5
+                G:   
+                    00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:
+                    57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:
+                    07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:
+                    81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:
+                    32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:
+                    ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:
+                    f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:
+                    a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:
+                    25:64:01:4c:3b:fe:cf:49:2a
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                OpenSSL Generated Certificate
+            X509v3 Subject Key Identifier: 
+                91:4C:0A:EC:6C:E5:92:06:AE:3A:F8:96:32:EC:92:50:8C:CB:83:E7
+            X509v3 Authority Key Identifier: 
+                DirName:/CN=TheCA/OU=NOT FOR PRODUCTION/O=Apache/ST=NY/C=US
+                serial:13:45
+
+    Signature Algorithm: sha1WithRSAEncryption
+        2e:14:ab:c9:48:9c:b5:b6:16:af:d2:59:3b:2c:bd:79:e9:f6:
+        2c:e9:0b:ac:58:ab:82:e5:87:4a:6b:b4:ea:d4:d5:d8:5c:86:
+        cf:96:33:ec:f1:c2:60:7d:6b:64:05:6f:8b:37:64:4d:71:f0:
+        c6:75:82:f6:ba:8a:31:16:1e:5a:fa:93:35:ed:ee:a3:6f:98:
+        e9:06:09:12:dd:e7:c0:df:9c:a1:9b:9e:db:3a:43:35:ac:c4:
+        dd:e9:4d:6e:ba:88:b9:d5:c5:05:ea:7f:72:24:64:51:7c:b3:
+        8d:24:bf:dd:9a:76:46:5a:c6:22:b4:bb:cd:c0:9c:96:3a:5c:
+        6e:35
+-----BEGIN CERTIFICATE-----
+MIIECzCCA3SgAwIBAgICE0YwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZX
+aWJibGUwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhQACgYEA5XD8tJZYz+3oR3M8Qqj1
+P+AcxuSegbCR+r7fBGGEc62vjl1XI8tqCsSaQqWUcWgIJlzlHDk9Jd5NEZPZnC31
+gM8f+f3uO7w4fw0ijWajLIvsXSIc6VQKesW/eiTZJgBadXFbSCLKMZYgSC2evEtv
+UePzhuIZHHwggOn/8Inr/yqjgcgwgcUwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0E
+HxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJFMCuxs
+5ZIGrjr4ljLsklCMy4PnMGsGA1UdIwRkMGKhXKRaMFgxDjAMBgNVBAMTBVRoZUNB
+MRswGQYDVQQLExJOT1QgRk9SIFBST0RVQ1RJT04xDzANBgNVBAoTBkFwYWNoZTEL
+MAkGA1UECBMCTlkxCzAJBgNVBAYTAlVTggITRTANBgkqhkiG9w0BAQUFAAOBgQAu
+FKvJSJy1thav0lk7LL156fYs6QusWKuC5YdKa7Tq1NXYXIbPljPs8cJgfWtkBW+L
+N2RNcfDGdYL2uooxFh5a+pM17e6jb5jpBgkS3efA35yhm57bOkM1rMTd6U1uuoi5
+1cUF6n9yJGRRfLONJL/dmnZGWsYitLvNwJyWOlxuNQ==
+-----END CERTIFICATE-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1347.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1347.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1347.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/newcerts/1347.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,90 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 4935 (0x1347)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=NY, O=Apache, OU=NOT FOR PRODUCTION, CN=TheRA
+        Validity
+            Not Before: Jun 22 15:37:10 2009 GMT
+            Not After : Jun 17 15:37:10 2029 GMT
+        Subject: C=US, ST=NY, O=Apache, OU=NOT FOR PRODUCTION, CN=Cherry
+        Subject Public Key Info:
+            Public Key Algorithm: dsaEncryption
+            DSA Public Key:
+                pub: 
+                    62:ed:60:d3:e6:27:e8:2a:bf:ba:09:83:4c:e1:b8:
+                    29:6e:81:88:0d:c9:b8:80:0c:ef:37:ce:eb:88:04:
+                    44:b2:9c:04:d5:ef:e7:ef:6e:3c:ca:ed:c7:51:23:
+                    b5:d4:87:8e:f4:da:f2:df:20:0d:83:6c:94:f7:7e:
+                    3b:f1:92:98:88:c3:b8:56:c7:f7:a2:d2:b7:1d:7f:
+                    91:55:11:7b:7a:5d:a1:70:8c:62:76:90:b0:0e:7e:
+                    fe:05:1c:1a:60:45:49:f8:52:02:b7:32:49:8a:be:
+                    ef:f6:45:66:fa:b7:3e:86:48:e5:94:30:ef:4b:df:
+                    4b:bf:a3:8e:89:e8:c1:3a
+                P:   
+                    00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:
+                    e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:
+                    51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:
+                    c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:
+                    6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:
+                    10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:
+                    c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:
+                    54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:
+                    f2:22:03:19:9d:d1:48:01:c7
+                Q:   
+                    00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:
+                    84:0b:f0:58:1c:f5
+                G:   
+                    00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:
+                    57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:
+                    07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:
+                    81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:
+                    32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:
+                    ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:
+                    f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:
+                    a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:
+                    25:64:01:4c:3b:fe:cf:49:2a
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                OpenSSL Generated Certificate
+            X509v3 Subject Key Identifier: 
+                EF:91:8D:9A:A9:B0:D5:8D:15:3A:C5:E3:6F:79:53:C3:0F:0C:E0:8E
+            X509v3 Authority Key Identifier: 
+                DirName:/CN=TheCA/OU=NOT FOR PRODUCTION/O=Apache/ST=NY/C=US
+                serial:13:45
+
+    Signature Algorithm: sha1WithRSAEncryption
+        4c:83:05:41:5e:3c:a4:47:b5:39:56:21:6f:15:1f:58:13:7d:
+        69:bc:bc:b0:ce:37:14:bc:5e:c9:3e:ad:c5:d3:1b:53:d9:0a:
+        75:65:81:80:46:44:f9:a6:c5:60:29:0c:92:53:6e:6a:78:03:
+        b6:67:40:bf:e3:08:ff:2b:40:21:65:a9:10:86:10:71:4e:ab:
+        1c:ea:43:2d:47:ee:49:49:e8:da:f3:86:0c:e9:aa:a2:30:7e:
+        48:e4:ed:40:56:6d:a3:11:95:71:2f:ca:7b:d4:0b:48:74:26:
+        27:94:76:6e:aa:1c:06:91:b9:2b:39:65:0b:f9:fa:c9:dd:5b:
+        f8:37
+-----BEGIN CERTIFICATE-----
+MIIECjCCA3OgAwIBAgICE0cwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZD
+aGVycnkwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAACgYBi7WDT5ifoKr+6CYNM4bgp
+boGIDcm4gAzvN87riAREspwE1e/n7248yu3HUSO11IeO9Nry3yANg2yU93478ZKY
+iMO4Vsf3otK3HX+RVRF7el2hcIxidpCwDn7+BRwaYEVJ+FICtzJJir7v9kVm+rc+
+hkjllDDvS99Lv6OOiejBOqOByDCBxTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf
+Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU75GNmqmw
+1Y0VOsXjb3lTww8M4I4wawYDVR0jBGQwYqFcpFowWDEOMAwGA1UEAxMFVGhlQ0Ex
+GzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hlMQsw
+CQYDVQQIEwJOWTELMAkGA1UEBhMCVVOCAhNFMA0GCSqGSIb3DQEBBQUAA4GBAEyD
+BUFePKRHtTlWIW8VH1gTfWm8vLDONxS8Xsk+rcXTG1PZCnVlgYBGRPmmxWApDJJT
+bmp4A7ZnQL/jCP8rQCFlqRCGEHFOqxzqQy1H7klJ6NrzhgzpqqIwfkjk7UBWbaMR
+lXEvynvUC0h0JieUdm6qHAaRuSs5ZQv5+sndW/g3
+-----END CERTIFICATE-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial Fri Dec  4 19:28:17 2009
@@ -0,0 +1 @@
+1348

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial.old
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial.old?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial.old (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/demoCA/serial.old Fri Dec  4 19:28:17 2009
@@ -0,0 +1 @@
+1347

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/exts
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/exts?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/exts (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/exts Fri Dec  4 19:28:17 2009
@@ -0,0 +1,2 @@
+[x509_extensions]
+basicConstraints=CA:TRUE

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ra-ca-cert.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ra-ca-cert.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ra-ca-cert.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/ra-ca-cert.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgICE0UwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ4wDAYDVQQDEwVU
+aGVSQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArUsKksqHsbd7Ncxapwvq
+i8FAV+Ea6ZwfbiFs46ZXDcVEnvwbFWB8PkYrq1vEJGrBCLKS+QNpYh3QG06etm2A
+frUwIGOJkJgGObQ9lFyHBbg27hmct+wYymx0Z3IGe6w1wD5EkK7nzF0Yg0Ph2xfd
+rHaqNEbVL+RemqaABcNbltcCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG
+9w0BAQUFAAOBgQC14vN7a3bbfmqR2mAWDfS5z2+nO0i6M/z3Y7vAVZqyBuiHcUzW
+RYyE4kKzMrxDHBES3zwTOXmW3NSbwMMKd61RRSF0W2cR4MF42etFoUUr0/NjRwIW
+g9IYN2wGBwKYPrSCUSwCGMhxhOEaoqvAeg0sd1v5OezuZjCGQ9UR2myMvA==
+-----END CERTIFICATE-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/raprivkey.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/raprivkey.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/raprivkey.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/raprivkey.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCtSwqSyoext3s1zFqnC+qLwUBX4RrpnB9uIWzjplcNxUSe/BsV
+YHw+RiurW8QkasEIspL5A2liHdAbTp62bYB+tTAgY4mQmAY5tD2UXIcFuDbuGZy3
+7BjKbHRncgZ7rDXAPkSQrufMXRiDQ+HbF92sdqo0RtUv5F6apoAFw1uW1wIDAQAB
+AoGAWcNEH9MuxJxxAuXukxa2EFwy0xJ0GUvYb/h6adUwxJ5JND0MXl9THALG/gUT
+rXVqtfGh9cCRptQghvSLe51u79giGhDUJVntPv24XaHGRjP4a9WbRbHCf+wQtoiN
+LwAyPz7epjmsLUzd/xboxHIw6b0yoDUHAKkXWhvJsQ6gQvkCQQDmR1th4beChxWR
+UFW567G51Rf3TNEG7IQ8VHfAar7T2VYukmpyMCKiPkGtJLLNu9y/tXZhKtdm39a0
+aoW8tu8lAkEAwKY5jFYMLq/rBRdYJ0d6YFow8c54eimN4KqNs61Aa6sUlr5w1PxT
+VoPda5MHnTASf5fzxCxrBpQTQziNeC47SwJBAKgIfcgo+s2GYNiOdF+cey2NL1XH
+eefBgqS7Rj7kJadUuix1rrLwKPWW1DnRw5+Ya/aAJYe1yURKJdO0vy37lvkCQDI8
+ppEj9zVNhpnjRoenqg/qNQ05bE1e/LJzh1Qtf7kT+eB9dOr1ib3r0Re2Vav11z0S
+oOytMJOclZFX8/w9AhUCQE9KNcvzylzJnnFkwm6F0cetxMLcAnPnbVrTjMLKEvV2
+8QrzjD2oQtCXtbImtplvK7SwSqMu2FxH/5glziWCJf8=
+-----END RSA PRIVATE KEY-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/truststore.jks
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/truststore.jks?rev=887328&view=auto
==============================================================================
Files cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/truststore.jks (added) and cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/truststore.jks Fri Dec  4 19:28:17 2009 differ

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble-ra-cert.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble-ra-cert.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble-ra-cert.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble-ra-cert.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECzCCA3SgAwIBAgICE0YwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZX
+aWJibGUwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhQACgYEA5XD8tJZYz+3oR3M8Qqj1
+P+AcxuSegbCR+r7fBGGEc62vjl1XI8tqCsSaQqWUcWgIJlzlHDk9Jd5NEZPZnC31
+gM8f+f3uO7w4fw0ijWajLIvsXSIc6VQKesW/eiTZJgBadXFbSCLKMZYgSC2evEtv
+UePzhuIZHHwggOn/8Inr/yqjgcgwgcUwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0E
+HxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJFMCuxs
+5ZIGrjr4ljLsklCMy4PnMGsGA1UdIwRkMGKhXKRaMFgxDjAMBgNVBAMTBVRoZUNB
+MRswGQYDVQQLExJOT1QgRk9SIFBST0RVQ1RJT04xDzANBgNVBAoTBkFwYWNoZTEL
+MAkGA1UECBMCTlkxCzAJBgNVBAYTAlVTggITRTANBgkqhkiG9w0BAQUFAAOBgQAu
+FKvJSJy1thav0lk7LL156fYs6QusWKuC5YdKa7Tq1NXYXIbPljPs8cJgfWtkBW+L
+N2RNcfDGdYL2uooxFh5a+pM17e6jb5jpBgkS3efA35yhm57bOkM1rMTd6U1uuoi5
+1cUF6n9yJGRRfLONJL/dmnZGWsYitLvNwJyWOlxuNQ==
+-----END CERTIFICATE-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.chain
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.chain?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.chain (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.chain Fri Dec  4 19:28:17 2009
@@ -0,0 +1,56 @@
+-----BEGIN CERTIFICATE-----
+MIIECzCCA3SgAwIBAgICE0YwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAk5ZMQ8wDQYDVQQKEwZBcGFjaGUxGzAZBgNVBAsTEk5PVCBGT1Ig
+UFJPRFVDVElPTjEOMAwGA1UEAxMFVGhlUkEwHhcNMDkwNjIyMTUzNzEwWhcNMjkw
+NjE3MTUzNzEwWjBZMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ8wDQYDVQQDEwZX
+aWJibGUwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YR
+t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ
+UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps9
+3su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQ
+iaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhQACgYEA5XD8tJZYz+3oR3M8Qqj1
+P+AcxuSegbCR+r7fBGGEc62vjl1XI8tqCsSaQqWUcWgIJlzlHDk9Jd5NEZPZnC31
+gM8f+f3uO7w4fw0ijWajLIvsXSIc6VQKesW/eiTZJgBadXFbSCLKMZYgSC2evEtv
+UePzhuIZHHwggOn/8Inr/yqjgcgwgcUwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0E
+HxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJFMCuxs
+5ZIGrjr4ljLsklCMy4PnMGsGA1UdIwRkMGKhXKRaMFgxDjAMBgNVBAMTBVRoZUNB
+MRswGQYDVQQLExJOT1QgRk9SIFBST0RVQ1RJT04xDzANBgNVBAoTBkFwYWNoZTEL
+MAkGA1UECBMCTlkxCzAJBgNVBAYTAlVTggITRTANBgkqhkiG9w0BAQUFAAOBgQAu
+FKvJSJy1thav0lk7LL156fYs6QusWKuC5YdKa7Tq1NXYXIbPljPs8cJgfWtkBW+L
+N2RNcfDGdYL2uooxFh5a+pM17e6jb5jpBgkS3efA35yhm57bOkM1rMTd6U1uuoi5
+1cUF6n9yJGRRfLONJL/dmnZGWsYitLvNwJyWOlxuNQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgICE0UwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkxDzANBgNVBAoT
+BkFwYWNoZTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9OMQ4wDAYDVQQDEwVU
+aGVSQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArUsKksqHsbd7Ncxapwvq
+i8FAV+Ea6ZwfbiFs46ZXDcVEnvwbFWB8PkYrq1vEJGrBCLKS+QNpYh3QG06etm2A
+frUwIGOJkJgGObQ9lFyHBbg27hmct+wYymx0Z3IGe6w1wD5EkK7nzF0Yg0Ph2xfd
+rHaqNEbVL+RemqaABcNbltcCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG
+9w0BAQUFAAOBgQC14vN7a3bbfmqR2mAWDfS5z2+nO0i6M/z3Y7vAVZqyBuiHcUzW
+RYyE4kKzMrxDHBES3zwTOXmW3NSbwMMKd61RRSF0W2cR4MF42etFoUUr0/NjRwIW
+g9IYN2wGBwKYPrSCUSwCGMhxhOEaoqvAeg0sd1v5OezuZjCGQ9UR2myMvA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC3DCCAkWgAwIBAgICBNIwDQYJKoZIhvcNAQEFBQAwWDEOMAwGA1UEAxMFVGhl
+Q0ExGzAZBgNVBAsTEk5PVCBGT1IgUFJPRFVDVElPTjEPMA0GA1UEChMGQXBhY2hl
+MQswCQYDVQQIEwJOWTELMAkGA1UEBhMCVVMwHhcNMDkwNjIyMTUzNzA4WhcNMjkw
+NjE3MTUzNzA4WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQ
+Uk9EVUNUSU9OMQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQG
+EwJVUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3st0/lxVtgRQMbMWvuQz
+MHFv64qXPIm6sTvK3ff6ILGiOnx6wd98oQoJ+X1MuSVBv0ncf7qwZkxZ+imaf1zl
+MwOw6Rha8yl0Uw2YbVYWFCldSXK/9+0KRTm3El5uzzGKT2dKJ2840Wh7LuYKGoEw
+95xXfWb13K1SL13Ewn8Er1cCAwEAAaOBtDCBsTAdBgNVHQ4EFgQUj0/bfQrFQIB6
+6jnKNpqmcGUjy7cwgYEGA1UdIwR6MHiAFI9P230KxUCAeuo5yjaapnBlI8u3oVyk
+WjBYMQ4wDAYDVQQDEwVUaGVDQTEbMBkGA1UECxMSTk9UIEZPUiBQUk9EVUNUSU9O
+MQ8wDQYDVQQKEwZBcGFjaGUxCzAJBgNVBAgTAk5ZMQswCQYDVQQGEwJVU4ICBNIw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBnLYUUrajPw+Ku9Jr8oDte
+KEe+zGDcEEa0uI8ld0XqLjcVcX1SGGYh13ophJCqn3kBwcXtgH1oxj9/M4fWr6pL
+ml4oJMzrYGRi1M2bMgzWFhX5lhTTy/WCDRW05K9LDvTv94yRJV07uk1ztbYgpiyn
+zjX4WJceNv6/6wzWTT7+Ow==
+-----END CERTIFICATE-----

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.jks
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.jks?rev=887328&view=auto
==============================================================================
Files cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.jks (added) and cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/certs/wibble.jks Fri Dec  4 19:28:17 2009 differ

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml Fri Dec  4 19:28:17 2009
@@ -0,0 +1,221 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>org.apache.cxf.samples</groupId>
+    <artifactId>wssec</artifactId>
+    <version>1.0</version>
+    <name>WS-Security Demo</name>
+    <properties>
+        <cxf.version>[2,)</cxf.version>
+    </properties>
+    <build>
+        <sourceDirectory>src</sourceDirectory>
+        <plugins>
+            <plugin>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>1.5</source> 
+                    <target>1.5</target>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.cxf</groupId>
+                <artifactId>cxf-codegen-plugin</artifactId>
+                <version>LATEST</version>
+                <executions>
+                    <execution>
+                        <id>generate-sources</id>
+                        <phase>generate-sources</phase>
+                        <configuration>
+                            <wsdlOptions>
+                                <wsdlOption>
+                                    <wsdl>${basedir}/wsdl/hello_world.wsdl</wsdl>
+                                </wsdlOption>
+                            </wsdlOptions>
+                        </configuration>
+                        <goals>
+                            <goal>wsdl2java</goal>
+                        </goals>
+                    </execution>
+               </executions>
+           </plugin>
+           <plugin>
+                <artifactId>maven-antrun-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>copyxmlfiles</id>
+                        <phase>generate-sources</phase>
+	    	        <goals>
+	    	            <goal>run</goal>
+	    	        </goals>
+	    	        <configuration>
+	    	            <tasks>
+	    	               <copy file="${basedir}/src/demo/wssec/server/wssec.xml" todir="${basedir}/target/classes/demo/wssec/server"/>
+	    	               <copy file="${basedir}/src/demo/wssec/client/wssec.xml" todir="${basedir}/target/classes/demo/wssec/client"/>
+	    	               <copy todir="${basedir}/target/classes/certs">
+	    	                   <fileset dir="${basedir}/certs"/>
+	    	               </copy>
+	    	            </tasks>
+	    	        </configuration>
+	    	    </execution>
+	    	</executions>
+            </plugin>           
+       </plugins>
+    </build>   
+    <profiles>
+        <profile>
+            <id>server</id>
+            <build>
+                <defaultGoal>test</defaultGoal>
+                <plugins>
+                    <plugin>
+                        <groupId>org.codehaus.mojo</groupId>
+                        <artifactId>exec-maven-plugin</artifactId>
+                        <executions>
+                            <execution>
+                                <phase>test</phase>
+                                <goals>
+                                    <goal>exec</goal>
+                                </goals>
+                                <configuration>
+                                    <executable>java</executable>
+                                    <arguments>
+                                        <argument>-classpath</argument>
+                                        <classpath/>
+                                        <argument>demo.wssec.server.Server</argument>
+                                    </arguments>
+                                </configuration>
+                            </execution>
+                        </executions>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+        <profile>
+            <id>client</id>
+            <build>
+                <defaultGoal>test</defaultGoal>
+                <plugins>
+                    <plugin>
+                        <groupId>org.codehaus.mojo</groupId>
+                        <artifactId>exec-maven-plugin</artifactId>
+                        <executions>
+                            <execution>
+                                <phase>test</phase>
+                                <goals>
+                                    <goal>java</goal>
+                                </goals>
+                                <configuration>
+                                    <mainClass>demo.wssec.client.Client</mainClass>
+                                    <arguments>
+                                        <argument>${basedir}/wsdl/hello_world.wsdl</argument>
+                                        <argument>secure</argument>
+                                   </arguments>
+                               </configuration>
+                           </execution>
+                       </executions>
+                   </plugin>
+               </plugins>
+           </build>
+        </profile>
+        <profile>
+            <id>client.unauthenticated</id>
+            <build>
+                <defaultGoal>test</defaultGoal>
+                <plugins>
+                    <plugin>
+                        <groupId>org.codehaus.mojo</groupId>
+                        <artifactId>exec-maven-plugin</artifactId>
+                        <executions>
+                            <execution>
+                                <phase>test</phase>
+                                <goals>
+                                    <goal>java</goal>
+                                </goals>
+                                <configuration>
+                                    <mainClass>demo.wssec.client.Client</mainClass>
+                                    <arguments>
+                                        <argument>${basedir}/wsdl/hello_world_no_policy.wsdl</argument>
+                                        <argument>secure</argument>
+                                   </arguments>
+                               </configuration>
+                           </execution>
+                       </executions>
+                   </plugin>
+               </plugins>
+           </build>
+        </profile>        
+    </profiles>
+    <repositories>
+        <repository>
+            <id>apache-snapshots</id>
+            <name>Apache Snapshot Repository</name>
+            <url>http://repository.apache.org/content/groups/snapshots-group/</url>
+            <releases>
+                <enabled>false</enabled>
+            </releases>
+            <snapshots>
+                <enabled>true</enabled>
+            </snapshots>
+        </repository>
+    </repositories>
+    <pluginRepositories>
+        <pluginRepository>
+            <id>apache-plugin-snapshots</id>
+            <name>Apache Maven Plugin Snapshots</name>
+            <url>http://repository.apache.org/content/groups/snapshots-group/</url>
+            <releases>
+                <enabled>false</enabled>
+            </releases>
+            <snapshots>
+                <enabled>true</enabled>
+            </snapshots>
+        </pluginRepository>
+    </pluginRepositories>
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.cxf</groupId>
+            <artifactId>cxf-rt-frontend-jaxws</artifactId>
+            <version>${cxf.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf</groupId>
+            <artifactId>cxf-rt-transports-http</artifactId>
+            <version>${cxf.version}</version>
+        </dependency>
+        <dependency>
+             <groupId>org.apache.cxf</groupId>
+             <artifactId>cxf-rt-transports-http-jetty</artifactId>
+             <version>${cxf.version}</version>
+       </dependency>
+       
+       <dependency>
+            <groupId>org.apache.cxf</groupId>
+            <artifactId>cxf-rt-ws-security</artifactId>
+            <version>${cxf.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf</groupId>
+            <artifactId>cxf-rt-ws-policy</artifactId>
+            <version>${cxf.version}</version>
+        </dependency>
+        
+   </dependencies>
+</project>

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java Fri Dec  4 19:28:17 2009
@@ -0,0 +1,81 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package demo.wssec.client;
+
+import java.io.File;
+import java.net.URL;
+import javax.xml.namespace.QName;
+import org.apache.cxf.Bus;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.hello_world_soap_http.Greeter;
+import org.apache.hello_world_soap_http.SOAPService;
+
+public final class Client {
+
+    private static final QName SERVICE_NAME
+        = new QName("http://apache.org/hello_world_soap_http", "SOAPService");
+
+    private static final QName PORT_NAME =
+        new QName("http://apache.org/hello_world_soap_http", "SoapPort");
+
+
+    private Client() {
+    }
+
+    public static void main(String args[]) throws Exception {
+
+        if (args.length == 0) {
+            System.out.println("please specify wsdl");
+            System.exit(1);
+        }
+
+        URL wsdlURL;
+        File wsdlFile = new File(args[0]);
+        if (wsdlFile.exists()) {
+            wsdlURL = wsdlFile.toURL();
+        } else {
+            wsdlURL = new URL(args[0]);
+        }
+
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = Client.class.getResource("wssec.xml");
+        
+        Bus bus = bf.createBus(busFile.toString());
+        bf.setDefaultBus(bus);
+
+        System.out.println(wsdlURL);
+        SOAPService ss = new SOAPService(wsdlURL, SERVICE_NAME);
+        Greeter port = ss.getPort(PORT_NAME, Greeter.class);
+
+        System.out.println("Invoking greetMe...");
+        try {
+            String resp = port.greetMe(System.getProperty("user.name"));
+            System.out.println("Server responded with: " + resp);
+            System.out.println();
+
+        } catch (Exception e) {
+            System.out.println("Invocation failed with the following: " + e.getCause());
+            System.out.println();
+        }
+
+        System.exit(0);
+    }
+
+}

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/Client.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java Fri Dec  4 19:28:17 2009
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package demo.wssec.client;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.apache.ws.security.WSPasswordCallback;
+
+/**
+ */
+
+public class UTPasswordCallback implements CallbackHandler {
+
+    private Map<String, String> passwords =
+        new HashMap<String, String>();
+
+    public UTPasswordCallback() {
+        passwords.put("Alice", "ecilA");
+        passwords.put("abcd", "dcba");
+    }
+
+    /**
+     * Here, we attempt to get the password from the private
+     * alias/passwords map.
+     */
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
+
+            String pass = passwords.get(pc.getIdentifier());
+            if (pass != null) {
+                pc.setPassword(pass);
+                return;
+            }
+        }
+
+        //
+        // Password not found
+        //
+        throw new IOException();
+    }
+
+    /**
+     * Add an alias/password pair to the callback mechanism.
+     */
+    public void setAliasPassword(String alias, String password) {
+        passwords.put(alias, password);
+    }
+}

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/UTPasswordCallback.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml Fri Dec  4 19:28:17 2009
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+  
+  http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+<!-- 
+  ** This file configures the Wibble Client
+  -->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:cxf="http://cxf.apache.org/core"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:sec="http://cxf.apache.org/configuration/security"
+  xmlns:http="http://cxf.apache.org/transports/http/configuration"
+  xmlns:jaxws="http://cxf.apache.org/jaxws"
+  xsi:schemaLocation="
+           http://cxf.apache.org/core
+           http://cxf.apache.org/schemas/core.xsd
+           http://cxf.apache.org/configuration/security
+           http://cxf.apache.org/schemas/configuration/security.xsd
+           http://cxf.apache.org/jaxws
+           http://cxf.apache.org/schemas/jaxws.xsd
+           http://cxf.apache.org/transports/http/configuration
+           http://cxf.apache.org/schemas/configuration/http-conf.xsd
+           http://www.springframework.org/schema/beans
+           http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+
+  <http:conduit name="{http://apache.org/hello_world_soap_http}SoapPort.http-conduit">
+    <http:tlsClientParameters disableCNCheck="true">
+      <sec:trustManagers>
+          <sec:keyStore type="JKS" password="password"
+               file="certs/truststore.jks"/>
+      </sec:trustManagers>
+      <sec:keyManagers keyPassword="password">
+           <sec:keyStore type="JKS" password="password" 
+                file="certs/wibble.jks"/>
+      </sec:keyManagers>
+      <sec:cipherSuitesFilter>
+        <!-- these filters ensure that a ciphersuite with
+          export-suitable or null encryption is used,
+          but exclude anonymous Diffie-Hellman key change as
+          this is vulnerable to man-in-the-middle attacks -->
+        <sec:include>.*_EXPORT_.*</sec:include>
+        <sec:include>.*_EXPORT1024_.*</sec:include>
+        <sec:include>.*_WITH_DES_.*</sec:include>
+        <sec:include>.*_WITH_NULL_.*</sec:include>
+        <sec:exclude>.*_DH_anon_.*</sec:exclude>
+      </sec:cipherSuitesFilter>
+    </http:tlsClientParameters>
+   </http:conduit>
+
+  
+   <jaxws:client name="{http://apache.org/hello_world_soap_http}SoapPort" createdFromAPI="true">
+      <jaxws:properties>
+        <entry key="ws-security.username" value="Alice" />
+        <entry key="ws-security.callback-handler" value="demo.wssec.client.UTPasswordCallback" />
+      </jaxws:properties>
+        
+   </jaxws:client>
+   
+
+   
+</beans> 
+

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/client/wssec.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/abigcompany_ca.pem
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/abigcompany_ca.pem?rev=887328&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/abigcompany_ca.pem (added)
+++ cxf/trunk/distribution/src/main/release/samples/ws_security/ut_policy/src/demo/wssec/resources/abigcompany_ca.pem Fri Dec  4 19:28:17 2009
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDlTCCAv6gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlDELMAkGA1UEBhMCSUUx
+DTALBgNVBAgTBExlaW4xDzANBgNVBAcTBkR1YmxpbjEaMBgGA1UEChMRTGFyZ2Ug
+V2lkZ2V0cyBJbmMxFDASBgNVBAsTC0VuZ2luZWVyaW5nMRIwEAYDVQQDEwlsb2Nh
+bGhvc3QxHzAdBgkqhkiG9w0BCQEWEGluZm9AbHdpZGdldHMuaWUwHhcNMDYwNDA2
+MTMzMTU1WhcNMTYwNDAzMTMzMTU1WjCBlDELMAkGA1UEBhMCSUUxDTALBgNVBAgT
+BExlaW4xDzANBgNVBAcTBkR1YmxpbjEaMBgGA1UEChMRTGFyZ2UgV2lkZ2V0cyBJ
+bmMxFDASBgNVBAsTC0VuZ2luZWVyaW5nMRIwEAYDVQQDEwlsb2NhbGhvc3QxHzAd
+BgkqhkiG9w0BCQEWEGluZm9AbHdpZGdldHMuaWUwgZ8wDQYJKoZIhvcNAQEBBQAD
+gY0AMIGJAoGBAKXQaKoeGRuv9Mt/j8oAlDjL29Rf0XKA0ylHTt9thQ9O6GPiUAzd
+0djHAt0NbIV5f6DmlRfl+KQzri9d+BfywoCTSNoaclp1x5jM/dEjyaCXDPcNzr0l
+7oT1e5V5nLVDJG6qMjxveiQ73kX+IV3EoY8dwiFJALzp4y+1Cslkn08pAgMBAAGj
+gfQwgfEwHQYDVR0OBBYEFNvk101Zxkp0RlKVsvJpCvkcS99kMIHBBgNVHSMEgbkw
+gbaAFNvk101Zxkp0RlKVsvJpCvkcS99koYGapIGXMIGUMQswCQYDVQQGEwJJRTEN
+MAsGA1UECBMETGVpbjEPMA0GA1UEBxMGRHVibGluMRowGAYDVQQKExFMYXJnZSBX
+aWRnZXRzIEluYzEUMBIGA1UECxMLRW5naW5lZXJpbmcxEjAQBgNVBAMTCWxvY2Fs
+aG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0Bsd2lkZ2V0cy5pZYIBADAMBgNVHRME
+BTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAHEPllN7pvzOwvCZWUMsnPihjnMibTnk
+26U1OTOxmKrLNUJ0FTqeygZk68SZjBsxyReW1LwXflAAWqBGhm9FlZIxEhceGQe+
+Wxi/9yDfMi0yG6+pC+Tb++nwDaJwU88N8HxNM3ZLDiV4td1AM3dIzHLyVs5Bb+G2
+jSrwuQwUi2F2
+-----END CERTIFICATE-----



Mime
View raw message