cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1088726 [3/5] - in /cxf/trunk: distribution/src/main/release/samples/ distribution/src/main/release/samples/sts_issue_operation/ distribution/src/main/release/samples/sts_issue_operation/src/ distribution/src/main/release/samples/sts_issue...
Date Mon, 04 Apr 2011 18:59:53 GMT
Added: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.3.xsd
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.3.xsd?rev=1088726&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.3.xsd (added)
+++ cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.3.xsd Mon Apr  4 18:59:51 2011
@@ -0,0 +1,444 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- 
+OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS's procedures with respect to rights in OASIS specifications can be found at the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification, can be obtained from the OASIS Executive Director.
+OASIS invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to implement this specification. Please address the information to the OASIS Executive Director.
+Copyright © OASIS Open 2002-2006. All Rights Reserved.
+This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself does not be modified in any way, such as by removing the copyright notice or references to OASIS, except as needed for the purpose of developing OASIS specifications, in which case the procedures for copyrights defined in the OASIS Intellectual Property Rights document must be followed, or as required to translate it into languages other than English.
+The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.
+This document and the information contained herein is provided on an AS IS basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+-->
+<xs:schema xmlns:xs='http://www.w3.org/2001/XMLSchema'
+xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
+xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
+xmlns:wsp='http://schemas.xmlsoap.org/ws/2004/09/policy' 
+xmlns:wsa='http://www.w3.org/2005/08/addressing'
+xmlns:wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512'
+targetNamespace='http://docs.oasis-open.org/ws-sx/ws-trust/200512'
+elementFormDefault='qualified' >
+
+  <xs:import namespace='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' 
+			 schemaLocation='oasis-200401-wss-wssecurity-secext-1.0.xsd' />
+  <xs:import namespace='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' 
+			 schemaLocation='oasis-200401-wss-wssecurity-utility-1.0.xsd' />
+  <xs:import namespace='http://schemas.xmlsoap.org/ws/2004/09/policy' 
+			 schemaLocation='ws-policy.xsd' />
+  <xs:import namespace='http://www.w3.org/2005/08/addressing' 
+			 schemaLocation='ws-addr.xsd' />
+
+  <!-- WS-Trust Section 3.1 -->
+  <xs:element name='RequestSecurityToken' type='wst:RequestSecurityTokenType' />
+  <xs:complexType name='RequestSecurityTokenType' >
+    <xs:annotation>
+      <xs:documentation>
+        Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
+
+        &lt;xs:element ref='wst:TokenType' minOccurs='0' />
+        &lt;xs:element ref='wst:RequestType' />
+        &lt;xs:element ref='wsp:AppliesTo' minOccurs='0' />
+        &lt;xs:element ref='wst:Claims' minOccurs='0' />
+        &lt;xs:element ref='wst:Entropy' minOccurs='0' />
+        &lt;xs:element ref='wst:Lifetime' minOccurs='0' />
+        &lt;xs:element ref='wst:AllowPostdating' minOccurs='0' />
+        &lt;xs:element ref='wst:Renewing' minOccurs='0' />
+        &lt;xs:element ref='wst:OnBehalfOf' minOccurs='0' />
+        &lt;xs:element ref='wst:Issuer' minOccurs='0' />
+        &lt;xs:element ref='wst:AuthenticationType' minOccurs='0' />
+        &lt;xs:element ref='wst:KeyType' minOccurs='0' />
+        &lt;xs:element ref='wst:KeySize' minOccurs='0' />
+        &lt;xs:element ref='wst:SignatureAlgorithm' minOccurs='0' />
+        &lt;xs:element ref='wst:Encryption' minOccurs='0' />
+        &lt;xs:element ref='wst:EncryptionAlgorithm' minOccurs='0' />
+        &lt;xs:element ref='wst:CanonicalizationAlgorithm' minOccurs='0' />
+        &lt;xs:element ref='wst:ProofEncryption' minOccurs='0' />
+        &lt;xs:element ref='wst:UseKey' minOccurs='0' />
+        &lt;xs:element ref='wst:SignWith' minOccurs='0' />
+        &lt;xs:element ref='wst:EncryptWith' minOccurs='0' />
+        &lt;xs:element ref='wst:DelegateTo' minOccurs='0' />
+        &lt;xs:element ref='wst:Forwardable' minOccurs='0' />
+        &lt;xs:element ref='wst:Delegatable' minOccurs='0' />
+        &lt;xs:element ref='wsp:Policy' minOccurs='0' />
+        &lt;xs:element ref='wsp:PolicyReference' minOccurs='0' />
+        &lt;xs:any namespace='##other' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+
+      </xs:documentation>
+    </xs:annotation>
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+    </xs:sequence>
+    <xs:attribute name='Context' type='xs:anyURI' use='optional' />
+    <xs:anyAttribute namespace='##other' processContents='lax' />
+  </xs:complexType>
+
+  <xs:element name='TokenType' type='xs:anyURI' />
+
+  <xs:element name='RequestType' type='wst:RequestTypeOpenEnum' />
+
+  <xs:simpleType name='RequestTypeOpenEnum' >
+    <xs:union memberTypes='wst:RequestTypeEnum xs:anyURI' />
+  </xs:simpleType>
+
+  <xs:simpleType name='RequestTypeEnum' >
+    <xs:restriction base='xs:anyURI' >
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue' />
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/Renew' />
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/Cancel' />
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/STSCancel' />
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate' />
+    </xs:restriction>
+  </xs:simpleType>
+
+  <!-- WS-Trust Section 3.2 -->
+  <xs:element name='RequestSecurityTokenResponse' type='wst:RequestSecurityTokenResponseType' />
+  <xs:complexType name='RequestSecurityTokenResponseType' >
+    <xs:annotation>
+      <xs:documentation>
+        Actual content model is non-deterministic, hence wildcard. The following shows intended content model:
+
+        &lt;xs:element ref='wst:TokenType' minOccurs='0' />
+        &lt;xs:element ref='wst:RequestType' />
+        &lt;xs:element ref='wst:RequestedSecurityToken'  minOccurs='0' />
+        &lt;xs:element ref='wsp:AppliesTo' minOccurs='0' />
+        &lt;xs:element ref='wst:RequestedAttachedReference' minOccurs='0' />
+        &lt;xs:element ref='wst:RequestedUnattachedReference' minOccurs='0' />
+        &lt;xs:element ref='wst:RequestedProofToken' minOccurs='0' />
+        &lt;xs:element ref='wst:Entropy' minOccurs='0' />
+        &lt;xs:element ref='wst:Lifetime' minOccurs='0' />
+        &lt;xs:element ref='wst:Status' minOccurs='0' />
+        &lt;xs:element ref='wst:AllowPostdating' minOccurs='0' />
+        &lt;xs:element ref='wst:Renewing' minOccurs='0' />
+        &lt;xs:element ref='wst:OnBehalfOf' minOccurs='0' />
+        &lt;xs:element ref='wst:Issuer' minOccurs='0' />
+        &lt;xs:element ref='wst:AuthenticationType' minOccurs='0' />
+        &lt;xs:element ref='wst:Authenticator' minOccurs='0' />
+        &lt;xs:element ref='wst:KeyType' minOccurs='0' />
+        &lt;xs:element ref='wst:KeySize' minOccurs='0' />
+        &lt;xs:element ref='wst:SignatureAlgorithm' minOccurs='0' />
+        &lt;xs:element ref='wst:Encryption' minOccurs='0' />
+        &lt;xs:element ref='wst:EncryptionAlgorithm' minOccurs='0' />
+        &lt;xs:element ref='wst:CanonicalizationAlgorithm' minOccurs='0' />
+        &lt;xs:element ref='wst:ProofEncryption' minOccurs='0' />
+        &lt;xs:element ref='wst:UseKey' minOccurs='0' />
+        &lt;xs:element ref='wst:SignWith' minOccurs='0' />
+        &lt;xs:element ref='wst:EncryptWith' minOccurs='0' />
+        &lt;xs:element ref='wst:DelegateTo' minOccurs='0' />
+        &lt;xs:element ref='wst:Forwardable' minOccurs='0' />
+        &lt;xs:element ref='wst:Delegatable' minOccurs='0' />
+        &lt;xs:element ref='wsp:Policy' minOccurs='0' />
+        &lt;xs:element ref='wsp:PolicyReference' minOccurs='0' />
+        &lt;xs:any namespace='##other' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+
+      </xs:documentation>
+    </xs:annotation>
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+    </xs:sequence>
+    <xs:attribute name='Context' type='xs:anyURI' use='optional' />
+    <xs:anyAttribute namespace='##other' processContents='lax' />
+  </xs:complexType>
+
+  <xs:element name='RequestedSecurityToken' type='wst:RequestedSecurityTokenType' />
+  <xs:complexType name='RequestedSecurityTokenType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <!-- WS-Trust Section 3.3 -->
+  <xs:element name='BinarySecret' type='wst:BinarySecretType' />
+  <xs:complexType name='BinarySecretType' >
+    <xs:simpleContent>
+      <xs:extension base='xs:base64Binary' >
+        <xs:attribute name='Type' type='wst:BinarySecretTypeOpenEnum' use='optional' />
+        <xs:anyAttribute namespace='##other' processContents='lax' />
+      </xs:extension>
+    </xs:simpleContent>
+  </xs:complexType>
+
+  <xs:simpleType name='BinarySecretTypeEnum' >
+    <xs:restriction base='xs:anyURI' >
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/AsymmetricKey' />
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey' />
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce' />
+    </xs:restriction>
+  </xs:simpleType>
+
+  <xs:simpleType name='BinarySecretTypeOpenEnum' >
+    <xs:union memberTypes='wst:BinarySecretTypeEnum xs:anyURI' />
+  </xs:simpleType>
+
+
+  <!-- WS-Trust Section 4.1 -->
+  <xs:element name='Claims' type='wst:ClaimsType' />
+  <xs:complexType name='ClaimsType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+    </xs:sequence>
+    <xs:attribute name='Dialect' type='xs:anyURI' use='optional' />
+    <xs:anyAttribute namespace='##other' processContents='lax' />
+  </xs:complexType>
+
+  <xs:element name='Entropy' type='wst:EntropyType' />
+  <xs:complexType name='EntropyType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+    </xs:sequence>
+    <xs:anyAttribute namespace='##other' processContents='lax' />
+  </xs:complexType>
+
+  <xs:element name='Lifetime' type='wst:LifetimeType' />
+  <xs:complexType name='LifetimeType' >
+    <xs:sequence>
+      <xs:element ref='wsu:Created' minOccurs='0' />
+      <xs:element ref='wsu:Expires' minOccurs='0' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <!-- WS-Trust Section 4.2 -->
+  <xs:element name='RequestSecurityTokenCollection' type='wst:RequestSecurityTokenCollectionType' />
+  <xs:complexType name='RequestSecurityTokenCollectionType' >
+    <xs:annotation>
+      <xs:documentation>
+        The RequestSecurityTokenCollection (RSTC) element is used to provide multiple RST requests. 
+        One or more RSTR elements in an RSTRC element are returned in the response to the RequestSecurityTokenCollection.
+      </xs:documentation>
+    </xs:annotation>
+    <xs:sequence>
+      <xs:element name='RequestSecurityToken' type='wst:RequestSecurityTokenType' minOccurs='2' maxOccurs='unbounded'/>
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:element name='RequestSecurityTokenResponseCollection' type='wst:RequestSecurityTokenResponseCollectionType' />
+  <xs:complexType name='RequestSecurityTokenResponseCollectionType' >
+    <xs:annotation>
+      <xs:documentation>
+        The &lt;wst:RequestSecurityTokenResponseCollection> element (RSTRC) MUST be used to return a security token or 
+        response to a security token request on the final response.
+      </xs:documentation>
+    </xs:annotation>
+    <xs:sequence>
+      <xs:element ref='wst:RequestSecurityTokenResponse' minOccurs='1' maxOccurs='unbounded' />
+    </xs:sequence>
+    <xs:anyAttribute namespace='##other' processContents='lax' />
+  </xs:complexType>
+
+  <!-- WS-Trust Section 4.3 -->
+  <xs:element name='ComputedKey' type='wst:ComputedKeyOpenEnum' />
+  <xs:simpleType name='ComputedKeyEnum' >
+    <xs:restriction base='xs:anyURI' >
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/PSHA1' />
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/HASH' />
+    </xs:restriction>
+  </xs:simpleType>
+
+  <xs:simpleType name='ComputedKeyOpenEnum' >
+    <xs:union memberTypes='wst:ComputedKeyEnum xs:anyURI' />
+  </xs:simpleType>
+
+  <xs:element name='RequestedAttachedReference' type='wst:RequestedReferenceType' />
+  <xs:element name='RequestedUnattachedReference' type='wst:RequestedReferenceType' />
+  <xs:complexType name='RequestedReferenceType' >
+    <xs:sequence>
+      <xs:element ref='wsse:SecurityTokenReference' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:element name='RequestedProofToken' type='wst:RequestedProofTokenType' />
+  <xs:complexType name='RequestedProofTokenType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <!-- WS-Trust Section 6.4 -->
+  <xs:element name='IssuedTokens' type='wst:RequestSecurityTokenResponseCollectionType' />
+
+  <!-- WS-Trust Section 5 -->
+  <xs:element name='RenewTarget' type='wst:RenewTargetType' />
+  <xs:complexType name='RenewTargetType' >
+    <xs:sequence>
+      <xs:any namespace='##other' minOccurs='1' maxOccurs='1' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:element name='AllowPostdating' type='wst:AllowPostdatingType' />
+  <xs:complexType name='AllowPostdatingType' />
+
+  <xs:element name='Renewing' type='wst:RenewingType' />
+  <xs:complexType name='RenewingType' >
+    <xs:attribute name='Allow' type='xs:boolean' use='optional' />
+    <xs:attribute name='OK' type='xs:boolean' use='optional' />
+  </xs:complexType>
+
+  <!-- WS-Trust Section 6 -->
+  <xs:element name='CancelTarget' type='wst:CancelTargetType' />
+  <xs:complexType name='CancelTargetType' >
+    <xs:sequence>
+      <xs:any namespace='##other' minOccurs='1' maxOccurs='1' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:element name='RequestedTokenCancelled' type='wst:RequestedTokenCancelledType' />
+  <xs:complexType name='RequestedTokenCancelledType' />
+
+  <!-- WS-Trust Section 7 -->
+  <xs:element name='ValidateTarget' type='wst:ValidateTargetType' />
+  <xs:complexType name='ValidateTargetType' >
+    <xs:sequence>
+      <xs:any namespace='##other' minOccurs='1' maxOccurs='1' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:element name='Status' type='wst:StatusType' />
+  <xs:complexType name='StatusType' >
+    <xs:sequence>
+      <xs:element name='Code' type='wst:StatusCodeOpenEnum' />
+      <xs:element name='Reason' type='xs:string' minOccurs='0' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:simpleType name='StatusCodeEnum' >
+    <xs:restriction base='xs:anyURI' >
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/valid' />
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/invalid' />
+    </xs:restriction>
+  </xs:simpleType>
+
+  <xs:simpleType name='StatusCodeOpenEnum' >
+    <xs:union memberTypes='wst:StatusCodeEnum xs:anyURI' />
+  </xs:simpleType>
+
+  <!-- WS-Trust Section 8.2 -->
+  <xs:element name='SignChallenge' type='wst:SignChallengeType' />
+  <xs:element name='SignChallengeResponse' type='wst:SignChallengeType' />
+  <xs:complexType name='SignChallengeType' >
+    <xs:sequence>
+      <xs:element ref='wst:Challenge' />
+      <xs:any namespace='##any' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+    </xs:sequence>
+    <xs:anyAttribute namespace='##any' processContents='lax' />
+  </xs:complexType>
+
+  <xs:element name='Challenge' type='xs:string'/>
+
+
+  <!-- WS-Trust Section 8.3 -->
+  <xs:element name='BinaryExchange' type='wst:BinaryExchangeType' />
+  <xs:complexType name='BinaryExchangeType' >
+    <xs:simpleContent>
+      <xs:extension base='xs:string' >
+        <xs:attribute name='ValueType' type='xs:anyURI' use='required' />
+        <xs:attribute name='EncodingType' type='xs:anyURI' use='required' />
+        <xs:anyAttribute namespace='##other' processContents='lax' />
+      </xs:extension>
+    </xs:simpleContent>
+  </xs:complexType>
+
+  <!-- WS-Trust Section 8.4 -->
+  <xs:element name='RequestKET' type='wst:RequestKETType' />
+  <xs:complexType name='RequestKETType' />
+
+  <xs:element name='KeyExchangeToken' type='wst:KeyExchangeTokenType' />
+  <xs:complexType name='KeyExchangeTokenType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <!-- WS-Trust Section 8.9 -->
+  <xs:element name='Authenticator' type='wst:AuthenticatorType' />
+  <xs:complexType name='AuthenticatorType' >
+    <xs:sequence>
+      <xs:element ref='wst:CombinedHash' minOccurs='0' />
+      <xs:any namespace='##other' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:element name='CombinedHash' type='xs:base64Binary' />
+
+  <!-- WS-Trust Section 9.1 -->
+  <xs:element name='OnBehalfOf' type='wst:OnBehalfOfType' />
+  <xs:complexType name='OnBehalfOfType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:element name='Issuer' type='wsa:EndpointReferenceType' />
+
+  <!-- WS-Trust Section 9.2 -->
+  <xs:element name='AuthenticationType' type='xs:anyURI' />
+
+  <xs:element name='KeyType' type='wst:KeyTypeOpenEnum' />
+  <xs:simpleType name='KeyTypeEnum' >
+    <xs:restriction base='xs:anyURI' >
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey' />
+      <xs:enumeration value='http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey' />
+      <xs:enumeration value='http://docs.oasis-open.org/wssx/wstrust/200512/Bearer' />
+    </xs:restriction>
+  </xs:simpleType>
+
+  <xs:simpleType name='KeyTypeOpenEnum' >
+    <xs:union memberTypes='wst:KeyTypeEnum xs:anyURI' />
+  </xs:simpleType>
+
+  <xs:element name='KeySize' type='xs:unsignedInt' />
+
+  <xs:element name='SignatureAlgorithm' type='xs:anyURI' />
+  <xs:element name='EncryptionAlgorithm' type='xs:anyURI' />
+  <xs:element name='CanonicalizationAlgorithm' type='xs:anyURI' />
+  <xs:element name='ComputedKeyAlgorithm' type='xs:anyURI' />
+
+  <xs:element name='Encryption' type='wst:EncryptionType' />
+  <xs:complexType name='EncryptionType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:element name='ProofEncryption' type='wst:ProofEncryptionType' />
+  <xs:complexType name='ProofEncryptionType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:element name='UseKey' type='wst:UseKeyType' />
+  <xs:complexType name='UseKeyType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' minOccurs='0' />
+    </xs:sequence>
+    <xs:attribute name='Sig' type='xs:anyURI' use='optional' />
+  </xs:complexType>
+
+  <xs:element name='KeyWrapAlgorithm' type='xs:anyURI' />
+  <xs:element name='SignWith' type='xs:anyURI' />
+  <xs:element name='EncryptWith' type='xs:anyURI' />
+
+  <!-- WS-Trust Section 9.3 -->
+  <xs:element name='DelegateTo' type='wst:DelegateToType' />
+  <xs:complexType name='DelegateToType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:element name='Forwardable' type='xs:boolean' />
+  <xs:element name='Delegatable' type='xs:boolean' />
+
+  <!-- WS-Trust Section 9.5 -->
+  <xs:element name='Participants' type='wst:ParticipantsType' />
+  <xs:complexType name='ParticipantsType' >
+    <xs:sequence>
+      <xs:element name='Primary' type='wst:ParticipantType' minOccurs='0' />
+      <xs:element name='Participant' type='wst:ParticipantType' minOccurs='0' maxOccurs='unbounded' />
+      <xs:any namespace='##other' processContents='lax' minOccurs='0' maxOccurs='unbounded' />
+    </xs:sequence>
+  </xs:complexType>
+
+  <xs:complexType name='ParticipantType' >
+    <xs:sequence>
+      <xs:any namespace='##any' processContents='lax' />
+    </xs:sequence>
+  </xs:complexType>
+
+</xs:schema>

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.3.xsd
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.3.xsd
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.3.xsd
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl?rev=1088726&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl (added)
+++ cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl Mon Apr  4 18:59:51 2011
@@ -0,0 +1,81 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsdl:definitions
+        targetNamespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl"
+        xmlns:tns="http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl"
+        xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
+        xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/">
+
+  <wsdl:import namespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl" location="ws-trust-1.4.wsdl"/>
+
+  <wsdl:binding name="SecurityTokenServiceSOAP" type="tns:SecurityTokenService">
+  	<soap:binding style="document"
+  		transport="http://schemas.xmlsoap.org/soap/http" />
+  	<wsdl:operation name="Cancel">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  	<wsdl:operation name="Issue">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  	<wsdl:operation name="Renew">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  	<wsdl:operation name="Validate">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  	<wsdl:operation name="KeyExchangeToken">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  	<wsdl:operation name="RequestCollection">
+  		<soap:operation
+  			soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection" />
+  		<wsdl:input>
+  			<soap:body use="literal" />
+  		</wsdl:input>
+  		<wsdl:output>
+  			<soap:body use="literal" />
+  		</wsdl:output>
+  	</wsdl:operation>
+  </wsdl:binding>
+
+  <wsdl:service name="SecurityTokenServiceProvider">
+    <wsdl:port binding="tns:SecurityTokenServiceSOAP" name="SecurityTokenServiceSOAP">
+      <soap:address location="http://localhost:18080/SecurityTokenServiceProvider/"/>
+    </wsdl:port>
+  </wsdl:service>
+
+</wsdl:definitions>
\ No newline at end of file

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4.wsdl
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4.wsdl?rev=1088726&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4.wsdl (added)
+++ cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4.wsdl Mon Apr  4 18:59:51 2011
@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- 
+OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS's procedures with respect to rights in OASIS specifications can be found at the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification, can be obtained from the OASIS Executive Director.
+OASIS invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to implement this specification. Please address the information to the OASIS Executive Director.
+Copyright © OASIS Open 2002-2006. All Rights Reserved.
+This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself does not be modified in any way, such as by removing the copyright notice or references to OASIS, except as needed for the purpose of developing OASIS specifications, in which case the procedures for copyrights defined in the OASIS Intellectual Property Rights document must be followed, or as required to translate it into languages other than English.
+The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.
+This document and the information contained herein is provided on an AS IS basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+-->
+<wsdl:definitions
+        targetNamespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl"
+        xmlns:tns="http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl"
+        xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
+        xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
+        xmlns:xs="http://www.w3.org/2001/XMLSchema"
+        xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
+  <!-- this is the WS-I BP-compliant way to import a schema -->
+  <wsdl:types>
+    <xs:schema>
+      <xs:import
+namespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
+schemaLocation="ws-trust-1.3.xsd"/>
+    </xs:schema>
+  </wsdl:types>
+
+  <!-- WS-Trust defines the following GEDs -->
+  <wsdl:message name="RequestSecurityTokenMsg">
+    <wsdl:part name="request" element="wst:RequestSecurityToken" />
+  </wsdl:message>
+  <wsdl:message name="RequestSecurityTokenResponseMsg">
+    <wsdl:part name="response"
+            element="wst:RequestSecurityTokenResponse" />
+  </wsdl:message>
+  <wsdl:message name="RequestSecurityTokenCollectionMsg">
+    <wsdl:part name="requestCollection"
+            element="wst:RequestSecurityTokenCollection"/>
+  </wsdl:message>
+  <wsdl:message name="RequestSecurityTokenResponseCollectionMsg">
+    <wsdl:part name="responseCollection"
+            element="wst:RequestSecurityTokenResponseCollection"/>
+  </wsdl:message>
+
+  <!-- This portType an example of a Requestor (or other) endpoint that 
+         Accepts SOAP-based challenges from a Security Token Service -->
+  <wsdl:portType name="WSSecurityRequestor">
+    <wsdl:operation name="Challenge">
+      <wsdl:input message="tns:RequestSecurityTokenResponseMsg"/>
+      <wsdl:output message="tns:RequestSecurityTokenResponseMsg"/>
+    </wsdl:operation>
+  </wsdl:portType>
+
+  <!-- This portType is an example of an STS supporting full protocol -->
+  <wsdl:portType name="SecurityTokenService">
+    <wsdl:operation name="Cancel">
+      <wsdl:input wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel" message="tns:RequestSecurityTokenMsg"/>
+      <wsdl:output wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/CancelFinal" message="tns:RequestSecurityTokenResponseMsg"/>
+    </wsdl:operation>
+    <wsdl:operation name="Issue">
+      <wsdl:input wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" message="tns:RequestSecurityTokenMsg"/>
+      <wsdl:output wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal" message="tns:RequestSecurityTokenResponseCollectionMsg"/>
+    </wsdl:operation>
+    <wsdl:operation name="Renew">
+      <wsdl:input wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew" message="tns:RequestSecurityTokenMsg"/>
+      <wsdl:output wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/RenewFinal" message="tns:RequestSecurityTokenResponseMsg"/>
+    </wsdl:operation>
+    <wsdl:operation name="Validate">
+      <wsdl:input wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate" message="tns:RequestSecurityTokenMsg"/>
+      <wsdl:output wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/ValidateFinal" message="tns:RequestSecurityTokenResponseMsg"/>
+    </wsdl:operation>
+    <wsdl:operation name="KeyExchangeToken">
+      <wsdl:input wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KET" message="tns:RequestSecurityTokenMsg"/>
+      <wsdl:output wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/KETFinal" message="tns:RequestSecurityTokenResponseMsg"/>
+    </wsdl:operation>
+    <wsdl:operation name="RequestCollection">
+      <wsdl:input message="tns:RequestSecurityTokenCollectionMsg"/>
+      <wsdl:output message="tns:RequestSecurityTokenResponseCollectionMsg"/>
+    </wsdl:operation>
+  </wsdl:portType>
+
+  <!-- This portType is an example of an endpoint that accepts 
+         Unsolicited RequestSecurityTokenResponse messages -->
+  <wsdl:portType name="SecurityTokenResponseService">
+    <wsdl:operation name="RequestSecurityTokenResponse">
+      <wsdl:input message="tns:RequestSecurityTokenResponseMsg"/>
+    </wsdl:operation>
+  </wsdl:portType>
+
+</wsdl:definitions>

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4.wsdl
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4.wsdl
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4.wsdl
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/xmldsig-core-schema.xsd
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/xmldsig-core-schema.xsd?rev=1088726&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/xmldsig-core-schema.xsd (added)
+++ cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/xmldsig-core-schema.xsd Mon Apr  4 18:59:51 2011
@@ -0,0 +1,420 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE schema
+ [
+   <!ATTLIST schema 
+     xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#">
+   <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
+   <!ENTITY % p ''>
+   <!ENTITY % s ''>
+  ]>
+
+<!-- Schema for XML Signatures
+    http://www.w3.org/2000/09/xmldsig#
+    $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
+
+    Copyright 2001 The Internet Society and W3C (Massachusetts Institute
+    of Technology, Institut National de Recherche en Informatique et en
+    Automatique, Keio University). All Rights Reserved.
+    http://www.w3.org/Consortium/Legal/
+
+    This document is governed by the W3C Software License [1] as described
+    in the FAQ [2].
+
+    [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
+    [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
+-->
+
+
+<xsd:schema xmlns="http://www.w3.org/2001/XMLSchema"
+        xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+        targetNamespace="http://www.w3.org/2000/09/xmldsig#"
+        xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+        version="0.1" elementFormDefault="qualified"> 
+
+<!-- Basic Types Defined for Signatures -->
+
+<xsd:simpleType name="CryptoBinary">
+  <xsd:restriction base="base64Binary">
+  </xsd:restriction>
+</xsd:simpleType>
+
+<!-- Start Signature -->
+
+<xsd:element name="Signature" type="ds:SignatureType" />
+<xsd:complexType name="SignatureType">
+    
+        <xsd:sequence> 
+     
+            <xsd:element ref="ds:SignedInfo" />
+             
+            <xsd:element ref="ds:SignatureValue" />
+             
+            <xsd:element ref="ds:KeyInfo" minOccurs="0" />
+             
+            <xsd:element ref="ds:Object" minOccurs="0" maxOccurs="unbounded" />
+        </xsd:sequence>
+        
+        <xsd:attribute name="Id" type="ID" use="optional" />
+    </xsd:complexType>
+
+  <xsd:element name="SignatureValue" type="ds:SignatureValueType" />
+	<xsd:complexType name="SignatureValueType">
+		<xsd:simpleContent>
+			<xsd:extension base="base64Binary">
+        
+      </xsd:extension>
+		</xsd:simpleContent>
+        
+<!--         <xsd:attribute name="Id" type="ID" use="optional" />   -->
+    </xsd:complexType>
+
+<!-- Start SignedInfo -->
+
+<xsd:element name="SignedInfo" type="ds:SignedInfoType" />
+<xsd:complexType name="SignedInfoType">
+    
+        <xsd:sequence> 
+     
+            <xsd:element ref="ds:CanonicalizationMethod" />
+             
+            <xsd:element ref="ds:SignatureMethod" />
+             
+            <xsd:element ref="ds:Reference" maxOccurs="unbounded" />
+        </xsd:sequence>
+         
+        <xsd:attribute name="Id" type="ID" use="optional" />
+    </xsd:complexType>
+
+  <xsd:element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType" /> 
+  <xsd:complexType name="CanonicalizationMethodType" mixed="true">
+    
+        <xsd:sequence>
+      
+      <!-- (0,unbounded) elements from (1,1) namespace -->
+            <xsd:any namespace="##any" minOccurs="0" maxOccurs="unbounded" />
+        </xsd:sequence>
+         
+        <xsd:attribute name="Algorithm" type="anyURI" use="required" />
+    </xsd:complexType>
+
+  <xsd:element name="SignatureMethod" type="ds:SignatureMethodType" />
+  <xsd:complexType name="SignatureMethodType" mixed="true">
+    
+        <xsd:sequence>
+      
+            <xsd:element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType" />
+            
+      <!-- (0,unbounded) elements from (1,1) external namespace -->
+            <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded" />
+        </xsd:sequence>
+         
+        <xsd:attribute name="Algorithm" type="anyURI" use="required" />
+    </xsd:complexType>
+
+<!-- Start Reference -->
+
+<xsd:element name="Reference" type="ds:ReferenceType" />
+<xsd:complexType name="ReferenceType">
+  
+        <xsd:sequence> 
+     
+            <xsd:element ref="ds:Transforms" minOccurs="0" />
+             
+            <xsd:element ref="ds:DigestMethod" />
+             
+            <xsd:element ref="ds:DigestValue" />
+        </xsd:sequence>
+         
+        <xsd:attribute name="Id" type="ID" use="optional" />
+         
+        <xsd:attribute name="URI" type="anyURI" use="optional" />
+         
+        <xsd:attribute name="Type" type="anyURI" use="optional" />
+    </xsd:complexType>
+
+  <xsd:element name="Transforms" type="ds:TransformsType" />
+  <xsd:complexType name="TransformsType">
+    
+        <xsd:sequence>
+        
+            <xsd:element ref="ds:Transform" maxOccurs="unbounded" />
+        </xsd:sequence>
+    </xsd:complexType>
+
+  <xsd:element name="Transform" type="ds:TransformType" />
+  <xsd:complexType name="TransformType" mixed="true">
+    
+        <xsd:choice minOccurs="0" maxOccurs="unbounded"> 
+      
+      <!-- (1,1) elements from (0,unbounded) namespaces -->
+            <xsd:any namespace="##other" processContents="lax" />
+             
+            <xsd:element name="XPath" type="string" />
+        </xsd:choice>
+         
+        <xsd:attribute name="Algorithm" type="anyURI" use="required" />
+    </xsd:complexType>
+
+<!-- End Reference -->
+
+<xsd:element name="DigestMethod" type="ds:DigestMethodType" />
+<xsd:complexType name="DigestMethodType" mixed="true"> 
+      
+        <xsd:sequence>
+    
+            <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
+        </xsd:sequence>
+         
+        <xsd:attribute name="Algorithm" type="anyURI" use="required" />
+    </xsd:complexType>
+
+<xsd:element name="DigestValue" type="ds:DigestValueType" />
+<xsd:simpleType name="DigestValueType">
+  <xsd:restriction base="base64Binary" />
+</xsd:simpleType>
+
+<!-- End SignedInfo -->
+
+<!-- Start KeyInfo -->
+
+<xsd:element name="KeyInfo" type="ds:KeyInfoType" /> 
+<xsd:complexType name="KeyInfoType" mixed="true">
+  
+        <xsd:choice maxOccurs="unbounded">     
+     
+            <xsd:element ref="ds:KeyName" />
+             
+            <xsd:element ref="ds:KeyValue" />
+             
+            <xsd:element ref="ds:RetrievalMethod" />
+             
+            <xsd:element ref="ds:X509Data" />
+             
+            <xsd:element ref="ds:PGPData" />
+            
+            <xsd:element ref="ds:SPKIData" />
+            
+            <xsd:element ref="ds:MgmtData" />
+            
+    <!-- (1,1) elements from (0,unbounded) namespaces -->
+            <xsd:any processContents="lax" namespace="##other" />
+        </xsd:choice>
+         
+        <xsd:attribute name="Id" type="ID" use="optional" />
+    </xsd:complexType>
+
+  <xsd:element name="KeyName" type="string" />
+  <xsd:element name="MgmtData" type="string" />
+
+  <xsd:element name="KeyValue" type="ds:KeyValueType" /> 
+  <xsd:complexType name="KeyValueType" mixed="true">
+   
+        <xsd:choice>
+     
+            <xsd:element ref="ds:DSAKeyValue" />
+            
+            <xsd:element ref="ds:RSAKeyValue" />
+            
+            <xsd:any namespace="##other" processContents="lax" />
+        </xsd:choice>
+    </xsd:complexType>
+
+  <xsd:element name="RetrievalMethod" type="ds:RetrievalMethodType" /> 
+  <xsd:complexType name="RetrievalMethodType">
+      
+        <xsd:sequence>
+       
+            <xsd:element ref="ds:Transforms" minOccurs="0" />
+        </xsd:sequence>
+        
+        <xsd:attribute name="URI" type="anyURI" />
+        
+        <xsd:attribute name="Type" type="anyURI" use="optional" />
+    </xsd:complexType>
+
+<!-- Start X509Data -->
+
+<xsd:element name="X509Data" type="ds:X509DataType" /> 
+<xsd:complexType name="X509DataType">
+  
+        <xsd:sequence maxOccurs="unbounded">
+    
+            <xsd:choice>
+      
+                <xsd:element name="X509IssuerSerial" type="ds:X509IssuerSerialType" />
+                
+                <xsd:element name="X509SKI" type="base64Binary" />
+                
+                <xsd:element name="X509SubjectName" type="string" />
+                
+                <xsd:element name="X509Certificate" type="base64Binary" />
+                
+                <xsd:element name="X509CRL" type="base64Binary" />
+                
+                <xsd:any namespace="##other" processContents="lax" />
+            </xsd:choice>
+        </xsd:sequence>
+    </xsd:complexType>
+
+<xsd:complexType name="X509IssuerSerialType"> 
+  
+        <xsd:sequence> 
+     
+            <xsd:element name="X509IssuerName" type="string" />
+             
+            <xsd:element name="X509SerialNumber" type="integer" />
+        </xsd:sequence>
+    </xsd:complexType>
+
+<!-- End X509Data -->
+
+<!-- Begin PGPData -->
+
+<xsd:element name="PGPData" type="ds:PGPDataType" /> 
+<xsd:complexType name="PGPDataType"> 
+  
+        <xsd:choice>
+    
+            <xsd:sequence>
+       
+                <xsd:element name="PGPKeyID" type="base64Binary" />
+                 
+                <xsd:element name="PGPKeyPacket" type="base64Binary" minOccurs="0" />
+                
+                <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
+            </xsd:sequence>
+            
+            <xsd:sequence>
+       
+                <xsd:element name="PGPKeyPacket" type="base64Binary" />
+                
+                <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
+            </xsd:sequence>
+        </xsd:choice>
+    </xsd:complexType>
+
+<!-- End PGPData -->
+
+<!-- Begin SPKIData -->
+
+<xsd:element name="SPKIData" type="ds:SPKIDataType" /> 
+<xsd:complexType name="SPKIDataType">
+  
+        <xsd:sequence maxOccurs="unbounded">
+    
+            <xsd:element name="SPKISexp" type="base64Binary" />
+            
+            <xsd:any namespace="##other" processContents="lax" minOccurs="0" />
+        </xsd:sequence>
+    </xsd:complexType> 
+
+<!-- End SPKIData -->
+
+<!-- End KeyInfo -->
+
+<!-- Start Object (Manifest, SignatureProperty) -->
+
+<xsd:element name="Object" type="ds:ObjectType" /> 
+<xsd:complexType name="ObjectType" mixed="true">
+  
+        <xsd:sequence minOccurs="0" maxOccurs="unbounded">
+    
+            <xsd:any namespace="##any" processContents="lax" />
+        </xsd:sequence>
+         
+        <xsd:attribute name="Id" type="ID" use="optional" />
+         <!-- add a grep facet -->
+        <xsd:attribute name="MimeType" type="string" use="optional" />
+         
+        <xsd:attribute name="Encoding" type="anyURI" use="optional" />
+    </xsd:complexType>
+
+<xsd:element name="Manifest" type="ds:ManifestType" /> 
+<xsd:complexType name="ManifestType">
+  
+        <xsd:sequence>
+     
+            <xsd:element ref="ds:Reference" maxOccurs="unbounded" />
+        </xsd:sequence>
+         
+        <xsd:attribute name="Id" type="ID" use="optional" />
+    </xsd:complexType>
+
+<xsd:element name="SignatureProperties" type="ds:SignaturePropertiesType" /> 
+<xsd:complexType name="SignaturePropertiesType">
+  
+        <xsd:sequence>
+     
+            <xsd:element ref="ds:SignatureProperty" maxOccurs="unbounded" />
+        </xsd:sequence>
+         
+        <xsd:attribute name="Id" type="ID" use="optional" />
+    </xsd:complexType>
+
+   <xsd:element name="SignatureProperty" type="ds:SignaturePropertyType" /> 
+   <xsd:complexType name="SignaturePropertyType" mixed="true">
+     
+        <xsd:choice maxOccurs="unbounded">
+       
+       <!-- (1,1) elements from (1,unbounded) namespaces -->
+            <xsd:any namespace="##other" processContents="lax" />
+        </xsd:choice>
+         
+        <xsd:attribute name="Target" type="anyURI" use="required" />
+         
+        <xsd:attribute name="Id" type="ID" use="optional" />
+    </xsd:complexType>
+
+<!-- End Object (Manifest, SignatureProperty) -->
+
+<!-- Start Algorithm Parameters -->
+
+<xsd:simpleType name="HMACOutputLengthType">
+  <xsd:restriction base="integer" />
+</xsd:simpleType>
+
+<!-- Start KeyValue Element-types -->
+
+<xsd:element name="DSAKeyValue" type="ds:DSAKeyValueType" />
+<xsd:complexType name="DSAKeyValueType">
+  
+        <xsd:sequence>
+    
+            <xsd:sequence minOccurs="0">
+      
+                <xsd:element name="P" type="ds:CryptoBinary" />
+                
+                <xsd:element name="Q" type="ds:CryptoBinary" />
+            </xsd:sequence>
+            
+            <xsd:element name="G" type="ds:CryptoBinary" minOccurs="0" />
+            
+            <xsd:element name="Y" type="ds:CryptoBinary" />
+            
+            <xsd:element name="J" type="ds:CryptoBinary" minOccurs="0" />
+            
+            <xsd:sequence minOccurs="0">
+      
+                <xsd:element name="Seed" type="ds:CryptoBinary" />
+                
+                <xsd:element name="PgenCounter" type="ds:CryptoBinary" />
+            </xsd:sequence>
+        </xsd:sequence>
+    </xsd:complexType>
+
+<xsd:element name="RSAKeyValue" type="ds:RSAKeyValueType" />
+<xsd:complexType name="RSAKeyValueType">
+  
+        <xsd:sequence>
+     
+            <xsd:element name="Modulus" type="ds:CryptoBinary" />
+             
+            <xsd:element name="Exponent" type="ds:CryptoBinary" />
+        </xsd:sequence>
+    </xsd:complexType> 
+
+<!-- End KeyValue Element-types -->
+
+<!-- End Signature -->
+
+</xsd:schema>

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/xmldsig-core-schema.xsd
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/xmldsig-core-schema.xsd
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/webapp/WEB-INF/wsdl/xmldsig-core-schema.xsd
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/test/java/demo/sts/provider/operation/IssueDelegateTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/test/java/demo/sts/provider/operation/IssueDelegateTest.java?rev=1088726&view=auto
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/test/java/demo/sts/provider/operation/IssueDelegateTest.java (added)
+++ cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/test/java/demo/sts/provider/operation/IssueDelegateTest.java Mon Apr  4 18:59:51 2011
@@ -0,0 +1,526 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package demo.sts.provider.operation;
+
+
+
+import java.io.ByteArrayInputStream;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.namespace.QName;
+import javax.xml.ws.WebServiceContext;
+import javax.xml.ws.handler.MessageContext;
+
+import org.apache.cxf.common.security.SecurityToken;
+import org.apache.cxf.common.security.UsernameToken;
+import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.ws.security.sts.provider.STSException;
+import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
+import org.apache.cxf.ws.security.sts.provider.model.UseKeyType;
+import org.apache.cxf.ws.security.sts.provider.model.xmldsig.KeyInfoType;
+import org.apache.cxf.ws.security.sts.provider.model.xmldsig.X509DataType;
+
+import org.easymock.classextension.EasyMock;
+
+import org.junit.Ignore;
+import org.junit.Test;
+
+import static org.easymock.classextension.EasyMock.createMock;
+import static org.easymock.classextension.EasyMock.verify;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+
+import demo.sts.provider.cert.CertificateVerifierConfig;
+import demo.sts.provider.token.SAMLTokenIssueOperation;
+import demo.sts.provider.token.Saml1TokenProvider;
+import demo.sts.provider.token.Saml2TokenProvider;
+import demo.sts.provider.token.TokenProvider;
+
+public class IssueDelegateTest {
+
+    private static final String CERT_DATA =
+        "MIIEFjCCA3+gAwIBAgIJAJORWX2Xsa8DMA0GCSqGSIb3DQEBBQUAMIG5MQswCQYDVQQGEwJVUzERMA8G"
+        + "A1UECBMITmV3IFlvcmsxFjAUBgNVBAcTDU5pYWdhcmEgRmFsbHMxLDAqBgNVBAoTI1NhbXBsZSBDbG"
+        + "llbnQgLS0gTk9UIEZPUiBQUk9EVUNUSU9OMRYwFAYDVQQLEw1JVCBEZXBhcnRtZW50MRcwFQYDVQQD"
+        + "Ew53d3cuY2xpZW50LmNvbTEgMB4GCSqGSIb3DQEJARYRY2xpZW50QGNsaWVudC5jb20wHhcNMTEwMj"
+        + "A5MTgzMDI3WhcNMjEwMjA2MTgzMDI3WjCBuTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3Jr"
+        + "MRYwFAYDVQQHEw1OaWFnYXJhIEZhbGxzMSwwKgYDVQQKEyNTYW1wbGUgQ2xpZW50IC0tIE5PVCBGT1"
+        + "IgUFJPRFVDVElPTjEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEXMBUGA1UEAxMOd3d3LmNsaWVudC5j"
+        + "b20xIDAeBgkqhkiG9w0BCQEWEWNsaWVudEBjbGllbnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNAD"
+        + "CBiQKBgQDauFNVqi4B2+u/PC9ktDkn82bglEQYcL4o5JRUhQVEhTK2iEloz1Rvo/qyfDhBPc1lzIUn"
+        + "4ams+DKBSSjZMCgop3XbeCXzIVP784ruC8HF5QrYsXUQfTc7lzqafXZXH8Bk89gSScA1fFme6TpvYz"
+        + "M0zjBETSXADtKOs9oKB2VOIwIDAQABo4IBIjCCAR4wHQYDVR0OBBYEFFIz+0BSZlLtXkA/udRjRgph"
+        + "tREuMIHuBgNVHSMEgeYwgeOAFFIz+0BSZlLtXkA/udRjRgphtREuoYG/pIG8MIG5MQswCQYDVQQGEw"
+        + "JVUzERMA8GA1UECBMITmV3IFlvcmsxFjAUBgNVBAcTDU5pYWdhcmEgRmFsbHMxLDAqBgNVBAoTI1Nh"
+        + "bXBsZSBDbGllbnQgLS0gTk9UIEZPUiBQUk9EVUNUSU9OMRYwFAYDVQQLEw1JVCBEZXBhcnRtZW50MR"
+        + "cwFQYDVQQDEw53d3cuY2xpZW50LmNvbTEgMB4GCSqGSIb3DQEJARYRY2xpZW50QGNsaWVudC5jb22C"
+        + "CQCTkVl9l7GvAzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAEjEr9QfaYsZf7ELnqB++O"
+        + "kWcKxpMt1Yj/VOyL99AekkVTM+rRHCU9Bu+tncMNsfy8mIXUC1JqKQ+Cq5RlaDh/ujzt6i17G7uSGd"
+        + "6U1U/DPZBqTm3Dxwl1cMAGU/CoAKTWE+o+fS4Q2xHv7L1KiXQQc9EWJ4C34Ik45fB6g3DiTj";
+
+    RequestSecurityTokenType requestMock = createMock(RequestSecurityTokenType.class);
+
+    private String storePath = "/stsstore.jks";
+    private String storePwd = "stsspass";
+    private String keySignAlias = "mystskey";
+    private String keySignPwd = "stskpass";
+
+    @Test
+    public void testIssueDelegateNullParameter() {
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+
+        try {
+            id.issue(null, null);
+            fail("NullPointerException should be thrown");
+        } catch (NullPointerException e) {
+            // expected
+        }
+    }
+
+    @Test
+    public void testIssueDelegate() {
+        
+        WebServiceContext context = EasyMock.createNiceMock(WebServiceContext.class);
+        MessageContext ctx2 = EasyMock.createNiceMock(MessageContext.class);
+        EasyMock.expect(context.getMessageContext()).andReturn(ctx2).anyTimes();
+        UsernameToken token = new UsernameToken("joe", null, null, false, null, null);
+        EasyMock.expect(ctx2.get(SecurityToken.class.getName())).andReturn(token).anyTimes();
+
+        
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+        CertificateVerifierConfig certificateVerifierConfig = new CertificateVerifierConfig();
+        certificateVerifierConfig.setTrustCertAliases(Arrays.asList("cacert"));
+        certificateVerifierConfig.setKeySignAlias(keySignAlias);
+        certificateVerifierConfig.setKeySignPwd(keySignPwd);
+        certificateVerifierConfig.setStorePath(storePath);
+        certificateVerifierConfig.setStorePwd(storePwd);
+        id.setCertificateVerifierConfig(certificateVerifierConfig);
+
+        JAXBElement<String> tokenType = new JAXBElement<String>(
+                new QName("http://docs.oasis-open.org/ws-sx/ws-trust/200512",
+                        "TokenType"), String.class,
+                "urn:oasis:names:tc:SAML:1.0:assertion");
+
+        EasyMock.expect(requestMock.getAny()).andStubReturn(
+                Arrays.asList((Object) tokenType));
+        
+        
+        EasyMock.replay(requestMock, context, ctx2);
+
+        TokenProvider tp1 = new Saml1TokenProvider();
+        TokenProvider tp2 = new Saml2TokenProvider();
+        id.setTokenProviders(Arrays.asList(tp1, tp2));
+
+        id.issue(requestMock, context);
+
+        verify(requestMock);
+    }
+
+    @Test
+    public void testIssueDelegateWrongSignKey() {
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+        CertificateVerifierConfig certificateVerifierConfig = new CertificateVerifierConfig();
+        certificateVerifierConfig.setTrustCertAliases(Arrays.asList("cacert"));
+        certificateVerifierConfig.setKeySignAlias(keySignAlias);
+        certificateVerifierConfig.setKeySignPwd("xxx");
+        certificateVerifierConfig.setStorePath(storePath);
+        certificateVerifierConfig.setStorePwd(storePwd);
+        id.setCertificateVerifierConfig(certificateVerifierConfig);
+
+        JAXBElement<String> tokenType = new JAXBElement<String>(new QName(
+                "http://docs.oasis-open.org/ws-sx/ws-trust/200512",
+                "TokenType"), String.class,
+                "urn:oasis:names:tc:SAML:1.0:assertion");
+
+        EasyMock.expect(requestMock.getAny()).andStubReturn(
+                Arrays.asList((Object) tokenType));
+
+        EasyMock.replay(requestMock);
+
+        TokenProvider tp1 = new Saml1TokenProvider();
+        TokenProvider tp2 = new Saml2TokenProvider();
+        id.setTokenProviders(Arrays.asList(tp1, tp2));
+
+        try {
+            id.issue(requestMock, null);
+            fail("STSException should be thrown");
+        } catch (STSException e) {
+            // expected 
+        } finally {
+            verify(requestMock);
+        }
+    }
+
+    @Test
+    public void testIssueDelegateWrongSignAlias() {
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+        CertificateVerifierConfig certificateVerifierConfig = new CertificateVerifierConfig();
+        certificateVerifierConfig.setTrustCertAliases(Arrays.asList("cacert"));
+        certificateVerifierConfig.setKeySignAlias("xxx");
+        certificateVerifierConfig.setKeySignPwd(keySignPwd);
+        certificateVerifierConfig.setStorePath(storePath);
+        certificateVerifierConfig.setStorePwd(storePwd);
+        id.setCertificateVerifierConfig(certificateVerifierConfig);
+
+        JAXBElement<String> tokenType = new JAXBElement<String>(new QName(
+                "http://docs.oasis-open.org/ws-sx/ws-trust/200512",
+                "TokenType"), String.class,
+                "urn:oasis:names:tc:SAML:1.0:assertion");
+
+        EasyMock.expect(requestMock.getAny()).andStubReturn(
+                Arrays.asList((Object) tokenType));
+
+        EasyMock.replay(requestMock);
+
+        TokenProvider tp1 = new Saml1TokenProvider();
+        TokenProvider tp2 = new Saml2TokenProvider();
+        id.setTokenProviders(Arrays.asList(tp1, tp2));
+
+        try {
+            id.issue(requestMock, null);
+
+            fail("STSException should be thrown");
+        } catch (STSException e) {
+            // expected 
+        } finally {
+            verify(requestMock);
+        }
+    }
+
+    @Test
+    public void testIssueDelegateUsernameNull() {
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+        assertNotNull(id);
+
+        EasyMock.expect(requestMock.getAny()).andStubReturn(Arrays.asList());
+        EasyMock.replay(requestMock);
+
+        TokenProvider tp1 = new Saml1TokenProvider();
+        TokenProvider tp2 = new Saml2TokenProvider();
+        id.setTokenProviders(Arrays.asList(tp1, tp2));
+
+        try {
+            id.issue(requestMock, null);
+            fail("STSException should be thrown");
+        } catch (STSException e) {
+            //expected
+        }
+        verify(requestMock);
+    }
+
+    @Ignore
+    @Test
+    public void testIssueDelegateWithCert() throws Exception {
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+        assertNotNull(id);
+        CertificateVerifierConfig certificateVerifierConfig = new CertificateVerifierConfig();
+        certificateVerifierConfig.setTrustCertAliases(Arrays.asList("cacert"));
+        certificateVerifierConfig.setKeySignAlias(keySignAlias);
+        certificateVerifierConfig.setKeySignPwd(keySignPwd);
+        certificateVerifierConfig.setStorePath(storePath);
+        certificateVerifierConfig.setStorePwd(storePwd);
+        id.setCertificateVerifierConfig(certificateVerifierConfig);
+        JAXBElement<byte[]> jX509Certificate = new JAXBElement<byte[]>(
+                QName.valueOf("X509Certificate"), byte[].class,
+                Base64Utility.decode(CERT_DATA));
+
+        X509DataType x509DataType = new X509DataType();
+        x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(
+                jX509Certificate);
+        JAXBElement<X509DataType> jX509DataType = new JAXBElement<X509DataType>(
+                QName.valueOf("X509Data"), X509DataType.class, x509DataType);
+
+        KeyInfoType keyInfoType = new KeyInfoType();
+        keyInfoType.getContent().add(jX509DataType);
+        JAXBElement<KeyInfoType> jKeyInfoType = new JAXBElement<KeyInfoType>(
+                QName.valueOf("KeyInfo"), KeyInfoType.class, keyInfoType);
+
+        UseKeyType useKeyType = new UseKeyType();
+        useKeyType.setAny(jKeyInfoType);
+        JAXBElement<UseKeyType> jUseKeyType = new JAXBElement<UseKeyType>(
+                QName.valueOf("UseKey"), UseKeyType.class, useKeyType);
+
+        JAXBElement<String> tokenType = new JAXBElement<String>(
+                new QName("http://docs.oasis-open.org/ws-sx/ws-trust/200512",
+                        "TokenType"), String.class,
+                "urn:oasis:names:tc:SAML:1.0:assertion");
+
+        EasyMock.expect(requestMock.getAny()).andStubReturn(
+                Arrays.asList((Object) jUseKeyType, (Object) tokenType));
+        EasyMock.replay(requestMock);
+
+        TokenProvider tp1 = new Saml1TokenProvider();
+        TokenProvider tp2 = new Saml2TokenProvider();
+        id.setTokenProviders(Arrays.asList(tp1, tp2));
+
+        id.issue(requestMock, null);
+
+        verify(requestMock);
+    }
+
+    @Test
+    public void testIssueDelegateWithCertWithWrongStorePass() throws Exception {
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+
+        CertificateVerifierConfig certificateVerifierConfig = new CertificateVerifierConfig();
+        certificateVerifierConfig.setTrustCertAliases(Arrays.asList("cacert"));
+        certificateVerifierConfig.setKeySignAlias(keySignAlias);
+        certificateVerifierConfig.setKeySignPwd(keySignPwd);
+        certificateVerifierConfig.setStorePath(storePath);
+        certificateVerifierConfig.setStorePwd("xxx");
+        id.setCertificateVerifierConfig(certificateVerifierConfig);
+        JAXBElement<byte[]> jX509Certificate = new JAXBElement<byte[]>(
+                QName.valueOf("X509Certificate"), byte[].class,
+                Base64Utility.decode(CERT_DATA));
+
+        X509DataType x509DataType = new X509DataType();
+        x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(
+                jX509Certificate);
+        JAXBElement<X509DataType> jX509DataType = new JAXBElement<X509DataType>(
+                QName.valueOf("X509Data"), X509DataType.class, x509DataType);
+
+        KeyInfoType keyInfoType = new KeyInfoType();
+        keyInfoType.getContent().add(jX509DataType);
+        JAXBElement<KeyInfoType> jKeyInfoType = new JAXBElement<KeyInfoType>(
+                QName.valueOf("KeyInfo"), KeyInfoType.class, keyInfoType);
+
+        UseKeyType useKeyType = new UseKeyType();
+        useKeyType.setAny(jKeyInfoType);
+        JAXBElement<UseKeyType> jUseKeyType = new JAXBElement<UseKeyType>(
+                QName.valueOf("UseKey"), UseKeyType.class, useKeyType);
+
+        JAXBElement<String> tokenType = new JAXBElement<String>(new QName(
+                "http://docs.oasis-open.org/ws-sx/ws-trust/200512",
+                "TokenType"), String.class,
+                "urn:oasis:names:tc:SAML:1.0:assertion");
+
+        EasyMock.expect(requestMock.getAny()).andStubReturn(
+                Arrays.asList((Object) jUseKeyType, (Object) tokenType));
+        EasyMock.replay(requestMock);
+
+        TokenProvider tp1 = new Saml1TokenProvider();
+        TokenProvider tp2 = new Saml2TokenProvider();
+        id.setTokenProviders(Arrays.asList(tp1, tp2));
+
+        try {
+            id.issue(requestMock, null);
+            fail("STSException should be thrown");
+        } catch (STSException e) {
+            // expected
+        } finally {
+            verify(requestMock);
+        }
+    }
+
+    @Test
+    public void testIssueDelegateWithCertWithoutTokenProvidersAndTokenType() throws Exception {
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+
+        CertificateVerifierConfig certificateVerifierConfig = new CertificateVerifierConfig();
+        certificateVerifierConfig.setTrustCertAliases(Arrays.asList("cacert"));
+        certificateVerifierConfig.setKeySignAlias(keySignAlias);
+        certificateVerifierConfig.setKeySignPwd(keySignPwd);
+        certificateVerifierConfig.setStorePath(storePath);
+        certificateVerifierConfig.setStorePwd(storePwd);
+        id.setCertificateVerifierConfig(certificateVerifierConfig);
+        JAXBElement<byte[]> jX509Certificate = new JAXBElement<byte[]>(
+                QName.valueOf("X509Certificate"), byte[].class,
+                Base64Utility.decode(CERT_DATA));
+
+        X509DataType x509DataType = new X509DataType();
+        x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(
+                jX509Certificate);
+        JAXBElement<X509DataType> jX509DataType = new JAXBElement<X509DataType>(
+                QName.valueOf("X509Data"), X509DataType.class, x509DataType);
+
+        KeyInfoType keyInfoType = new KeyInfoType();
+        keyInfoType.getContent().add(jX509DataType);
+        JAXBElement<KeyInfoType> jKeyInfoType = new JAXBElement<KeyInfoType>(
+                QName.valueOf("KeyInfo"), KeyInfoType.class, keyInfoType);
+
+        UseKeyType useKeyType = new UseKeyType();
+        useKeyType.setAny(jKeyInfoType);
+        JAXBElement<UseKeyType> jUseKeyType = new JAXBElement<UseKeyType>(
+                QName.valueOf("UseKey"), UseKeyType.class, useKeyType);
+
+        EasyMock.expect(requestMock.getAny()).andStubReturn(
+                Arrays.asList((Object) jUseKeyType));
+        EasyMock.replay(requestMock);
+
+
+        List<TokenProvider> tps = Collections.emptyList();
+        id.setTokenProviders(tps);
+
+        try {
+            id.issue(requestMock, null);
+            fail("STSException should be thrown");
+        } catch (STSException e) {
+            //expected
+        } finally {
+            verify(requestMock);
+        }
+    }
+
+    @Test
+    public void testIssueDelegateWithoutCertAndUserToken() throws CertificateException {
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+
+        JAXBElement<String> tokenType = new JAXBElement<String>(new QName(
+                "http://docs.oasis-open.org/ws-sx/ws-trust/200512",
+                "TokenType"), String.class,
+                "urn:oasis:names:tc:SAML:1.0:assertion");
+
+        EasyMock.expect(requestMock.getAny()).andStubReturn(
+                Arrays.asList((Object) tokenType));
+        EasyMock.replay(requestMock);
+
+        TokenProvider tp1 = new Saml1TokenProvider();
+        TokenProvider tp2 = new Saml2TokenProvider();
+        id.setTokenProviders(Arrays.asList(tp1, tp2));
+
+        try {
+            id.issue(requestMock, null);
+
+            fail("STSException should be thrown");
+        } catch (STSException e) {
+            // expected
+        } finally {
+            verify(requestMock);
+        }
+    }
+
+    @Test
+    public void testIssueDelegateWithInvalidCert() throws CertificateException {
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+        assertNotNull(id);
+
+        // CertificateFactory certificateFactory =
+        // CertificateFactory.getInstance("X.509");
+        // X509Certificate x509Certificate = null;
+        // try {
+        // x509Certificate =
+        // (X509Certificate)certificateFactory.generateCertificate(new
+        // ByteArrayInputStream(Base64.decodeBase64(CERT_DATA.getBytes())));
+        // } catch (CertificateException e) {
+        // e.printStackTrace();
+        // }
+        // JAXBElement<X509Certificate> jX509Certificate = new
+        // JAXBElement<X509Certificate>(QName.valueOf("X509Certificate"),
+        // X509Certificate.class, x509Certificate);
+
+        JAXBElement<byte[]> jX509Certificate = new JAXBElement<byte[]>(
+                QName.valueOf("X509Certificate"), byte[].class,
+                CERT_DATA.getBytes());
+
+        X509DataType x509DataType = new X509DataType();
+        x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(
+                jX509Certificate);
+        JAXBElement<X509DataType> jX509DataType = new JAXBElement<X509DataType>(
+                QName.valueOf("X509Data"), X509DataType.class, x509DataType);
+
+        KeyInfoType keyInfoType = new KeyInfoType();
+        keyInfoType.getContent().add(jX509DataType);
+        JAXBElement<KeyInfoType> jKeyInfoType = new JAXBElement<KeyInfoType>(
+                QName.valueOf("KeyInfo"), KeyInfoType.class, keyInfoType);
+
+        UseKeyType useKeyType = new UseKeyType();
+        useKeyType.setAny(jKeyInfoType);
+        JAXBElement<UseKeyType> jUseKeyType = new JAXBElement<UseKeyType>(
+                QName.valueOf("UseKey"), UseKeyType.class, useKeyType);
+
+        EasyMock.expect(requestMock.getAny()).andStubReturn(
+                Arrays.asList((Object) jUseKeyType));
+        EasyMock.replay(requestMock);
+
+
+        TokenProvider tp1 = new Saml1TokenProvider();
+        TokenProvider tp2 = new Saml2TokenProvider();
+        id.setTokenProviders(Arrays.asList(tp1, tp2));
+
+        try {
+            id.issue(requestMock, null);
+            fail("STSException should be thrown");
+        } catch (STSException e) {
+            //expected
+        }
+
+        verify(requestMock);
+    }
+
+    @Test
+    public void testIssueDelegateWithInvalidCert2() throws Exception {
+        SAMLTokenIssueOperation id = new SAMLTokenIssueOperation();
+        assertNotNull(id);
+
+        CertificateFactory certificateFactory = CertificateFactory
+                .getInstance("X.509");
+        X509Certificate x509Certificate = (X509Certificate) certificateFactory
+                    .generateCertificate(new ByteArrayInputStream(Base64Utility
+                            .decode(CERT_DATA)));
+        JAXBElement<X509Certificate> jX509Certificate = new JAXBElement<X509Certificate>(
+                QName.valueOf("X509Certificate"), X509Certificate.class,
+                x509Certificate);
+
+        // JAXBElement<byte[]> jX509Certificate = new
+        // JAXBElement<byte[]>(QName.valueOf("X509Certificate"), byte[].class,
+        // CERT_DATA.getBytes());
+
+        X509DataType x509DataType = new X509DataType();
+        x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(
+                jX509Certificate);
+        JAXBElement<X509DataType> jX509DataType = new JAXBElement<X509DataType>(
+                QName.valueOf("X509Data"), X509DataType.class, x509DataType);
+
+        KeyInfoType keyInfoType = new KeyInfoType();
+        keyInfoType.getContent().add(jX509DataType);
+        JAXBElement<KeyInfoType> jKeyInfoType = new JAXBElement<KeyInfoType>(
+                QName.valueOf("KeyInfo"), KeyInfoType.class, keyInfoType);
+
+        UseKeyType useKeyType = new UseKeyType();
+        useKeyType.setAny(jKeyInfoType);
+        JAXBElement<UseKeyType> jUseKeyType = new JAXBElement<UseKeyType>(
+                QName.valueOf("UseKey"), UseKeyType.class, useKeyType);
+
+        EasyMock.expect(requestMock.getAny()).andStubReturn(
+                Arrays.asList((Object) jUseKeyType));
+        EasyMock.replay(requestMock);
+
+        TokenProvider tp1 = new Saml1TokenProvider();
+        TokenProvider tp2 = new Saml2TokenProvider();
+        id.setTokenProviders(Arrays.asList(tp1, tp2));
+
+
+        try {
+            id.issue(requestMock, null);
+            fail("CertificateException should be thrown");
+        } catch (Exception e) {
+            //expected
+        }
+
+        verify(requestMock);
+    }
+}

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/test/java/demo/sts/provider/operation/IssueDelegateTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/test/java/demo/sts/provider/operation/IssueDelegateTest.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/test/java/demo/sts/provider/operation/stsstore.jks
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/test/java/demo/sts/provider/operation/stsstore.jks?rev=1088726&view=auto
==============================================================================
Files cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/test/java/demo/sts/provider/operation/stsstore.jks (added) and cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/test/java/demo/sts/provider/operation/stsstore.jks Mon Apr  4 18:59:51 2011 differ

Modified: cxf/trunk/rt/ws/security/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/pom.xml?rev=1088726&r1=1088725&r2=1088726&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/pom.xml (original)
+++ cxf/trunk/rt/ws/security/pom.xml Mon Apr  4 18:59:51 2011
@@ -121,11 +121,20 @@
         <dependency>
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcprov-jdk15</artifactId>
-            <scope>runtime</scope>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.velocity</groupId>
+            <artifactId>velocity</artifactId>
+            <optional>true</optional>
         </dependency>
-
 
         <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-jdk14</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
             <scope>test</scope>
@@ -155,8 +164,39 @@
         </dependency>
     </dependencies>
 
+    <build>
+        <plugins>
+            <plugin>
+            <groupId>org.apache.cxf</groupId>
+            <artifactId>cxf-xjc-plugin</artifactId>
+            <version>${cxf.xjc-utils.version}</version>
+            <executions>
+                <execution>
+                    <id>generate-sources</id>
+                    <phase>generate-sources</phase>
+                    <goals>
+                        <goal>xsdtojava</goal>
+                    </goals>
+                    <configuration>
+                        <extensions>
+                            <extension>org.apache.cxf.xjcplugins:cxf-xjc-dv:${cxf.xjc-utils.version}</extension>
+                        </extensions>
+                        <sourceRoot>${basedir}/target/generated/src/main/java</sourceRoot>
+                        <xsdOptions>
+                            <xsdOption>
+                                <extension>true</extension>
+                                <xsd>${basedir}/src/main/model/ws-trust-1.3.xsd</xsd>
+                                <bindingFile>${basedir}/src/main/model/binding.xjb</bindingFile>
+                            </xsdOption>
+                        </xsdOptions>
+                    </configuration>
+                </execution>
+            </executions>
+            </plugin>
+        </plugins>
+    </build>
 
-    <profiles>
+     <profiles>
         <profile>
             <id>ibmjdk</id>
             <activation>
@@ -215,20 +255,20 @@
                                             <outputDirectory>${basedir}/target/endorsed</outputDirectory>
                                         </artifactItem>
                                     </artifactItems>
-                                 </configuration>
-                             </execution>
-                         </executions>
+                                </configuration>
+                            </execution>
+                        </executions>
                     </plugin>
                     <plugin>
-                         <groupId>org.apache.maven.plugins</groupId>
-                         <artifactId>maven-surefire-plugin</artifactId>
-                         <configuration>
-                             <argLine>-Djava.endorsed.dirs=${basedir}/target/endorsed</argLine>
-                         </configuration>
-                     </plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-surefire-plugin</artifactId>
+                        <configuration>
+                            <argLine>-Djava.endorsed.dirs=${basedir}/target/endorsed</argLine>
+                        </configuration>
+                    </plugin>
                 </plugins>
             </build>
         </profile>
-    </profiles>
+        </profiles>
 
 </project>

Added: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java?rev=1088726&view=auto
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java (added)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java Mon Apr  4 18:59:51 2011
@@ -0,0 +1,37 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.ws.security.sts.provider;
+
+/**
+ *
+ */
+public class STSException extends RuntimeException {
+
+    private static final long serialVersionUID = -6540501345865299260L;
+
+    public STSException(String message) {
+        super(message);
+    }
+
+    public STSException(String message, Throwable e) {
+        super(message, e);
+    }
+
+}

Propchange: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/STSException.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenService.java?rev=1088726&view=auto
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenService.java (added)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenService.java Mon Apr  4 18:59:51 2011
@@ -0,0 +1,119 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.ws.security.sts.provider;
+
+import javax.jws.WebMethod;
+import javax.jws.WebParam;
+import javax.jws.WebResult;
+import javax.jws.WebService;
+import javax.jws.soap.SOAPBinding;
+import javax.xml.bind.annotation.XmlSeeAlso;
+import javax.xml.ws.Action;
+
+import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenCollectionType;
+import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
+import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
+import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
+
+@WebService(targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl", 
+            name = "SecurityTokenService")
+@XmlSeeAlso({org.apache.cxf.ws.security.sts.provider.model.ObjectFactory.class,
+    org.apache.cxf.ws.security.sts.provider.model.secext.ObjectFactory.class,
+    org.apache.cxf.ws.security.sts.provider.model.utility.ObjectFactory.class, 
+    org.apache.cxf.ws.security.sts.provider.model.xmldsig.ObjectFactory.class,
+    org.apache.cxf.ws.addressing.ObjectFactory.class })
+@SOAPBinding(parameterStyle = SOAPBinding.ParameterStyle.BARE)
+public interface SecurityTokenService {
+
+    @WebResult(name = "RequestSecurityTokenResponse",
+               targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512", 
+               partName = "response")
+    @Action(input = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KET", 
+            output = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/KETFinal")
+    @WebMethod(operationName = "KeyExchangeToken")
+    RequestSecurityTokenResponseType keyExchangeToken(
+        @WebParam(partName = "request", 
+                  name = "RequestSecurityToken", 
+                  targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512")
+        RequestSecurityTokenType request
+    );
+
+    @WebResult(name = "RequestSecurityTokenResponseCollection",
+               targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512",
+               partName = "responseCollection")
+    @Action(input = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue", 
+            output = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal")
+    @WebMethod(operationName = "Issue")
+    RequestSecurityTokenResponseCollectionType issue(
+        @WebParam(partName = "request",
+                  name = "RequestSecurityToken", 
+                  targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512")
+        RequestSecurityTokenType request
+    );
+
+    @WebResult(name = "RequestSecurityTokenResponse", 
+               targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512", 
+               
+               partName = "response")
+    @Action(input = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel", 
+            output = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/CancelFinal")
+    @WebMethod(operationName = "Cancel")
+    RequestSecurityTokenResponseType cancel(
+        @WebParam(partName = "request", name = "RequestSecurityToken", 
+                  targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512")
+        RequestSecurityTokenType request
+    );
+
+    @WebResult(name = "RequestSecurityTokenResponse", 
+               targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512", 
+               partName = "response")
+    @Action(input = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate", 
+            output = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/ValidateFinal")
+    @WebMethod(operationName = "Validate")
+    RequestSecurityTokenResponseType validate(
+        @WebParam(partName = "request", name = "RequestSecurityToken", 
+                  targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512")
+        RequestSecurityTokenType request
+    );
+
+    @WebResult(name = "RequestSecurityTokenResponseCollection", 
+               targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512",
+               partName = "responseCollection")
+    @WebMethod(operationName = "RequestCollection")
+    RequestSecurityTokenResponseCollectionType requestCollection(
+        @WebParam(partName = "requestCollection",
+                  name = "RequestSecurityTokenCollection",
+                  targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512")
+        RequestSecurityTokenCollectionType requestCollection
+    );
+
+    @WebResult(name = "RequestSecurityTokenResponse", 
+               targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512", 
+               partName = "response")
+    @Action(input = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew", 
+            output = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/RenewFinal")
+    @WebMethod(operationName = "Renew")
+    RequestSecurityTokenResponseType renew(
+        @WebParam(partName = "request", 
+                  name = "RequestSecurityToken", 
+                  targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512")
+        RequestSecurityTokenType request
+    );
+}

Propchange: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenService.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/sts/provider/SecurityTokenService.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date



Mime
View raw message