cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1144394 [2/3] - in /cxf/trunk/systests/rs-security: ./ src/ src/test/ src/test/java/ src/test/java/org/ src/test/java/org/apache/ src/test/java/org/apache/cxf/ src/test/java/org/apache/cxf/systest/ src/test/java/org/apache/cxf/systest/http...
Date Fri, 08 Jul 2011 17:29:41 GMT
Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/greeting.wsdl
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/greeting.wsdl?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/greeting.wsdl (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/greeting.wsdl Fri Jul  8 17:29:39 2011
@@ -0,0 +1,185 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<wsdl:definitions name="HelloWorld" 
+    targetNamespace="http://apache.org/hello_world" 
+    xmlns="http://schemas.xmlsoap.org/wsdl/" 
+    xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" 
+    xmlns:tns="http://apache.org/hello_world"
+    xmlns:x1="http://apache.org/hello_world/types"
+    xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" 
+    xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+    <wsdl:types>
+        <schema targetNamespace="http://apache.org/hello_world/types" 
+            xmlns="http://www.w3.org/2001/XMLSchema"
+	    xmlns:tns="http://apache.org/hello_world/types"
+            elementFormDefault="qualified">
+	    <simpleType name="MyStringType">
+		<restriction base="string">
+		    <maxLength value="30" />
+		</restriction>
+	    </simpleType>
+
+            <element name="sayHi">
+                <complexType/>
+            </element>
+            <element name="sayHiResponse">
+                <complexType>
+                    <sequence>
+                        <element name="responseType" type="string"/>
+                    </sequence>
+                </complexType>
+            </element>
+            <element name="greetMe">
+                <complexType>
+                    <sequence>
+                        <element name="requestType" type="tns:MyStringType"/>
+                    </sequence>
+                </complexType>
+            </element>
+            <element name="greetMeResponse">
+                <complexType>
+                    <sequence>
+                        <element name="responseType" type="string"/>
+                    </sequence>
+                </complexType>
+            </element>
+            <element name="pingMe">
+                <complexType/>
+            </element>
+            <element name="pingMeResponse">
+                <complexType/>
+            </element>
+            <element name="faultDetail">
+                <complexType>
+                    <sequence>
+                        <element name="minor" type="short"/>
+                        <element name="major" type="short"/>
+                    </sequence>
+                </complexType>
+            </element>
+        </schema>
+    </wsdl:types>
+    <wsdl:message name="sayHiRequest">
+        <wsdl:part element="x1:sayHi" name="in"/>
+    </wsdl:message>
+    <wsdl:message name="sayHiResponse">
+        <wsdl:part element="x1:sayHiResponse" name="out"/>
+    </wsdl:message>
+    <wsdl:message name="greetMeRequest">
+        <wsdl:part element="x1:greetMe" name="in"/>
+    </wsdl:message>
+    <wsdl:message name="greetMeResponse">
+        <wsdl:part element="x1:greetMeResponse" name="out"/>
+    </wsdl:message>
+    <wsdl:message name="pingMeRequest">
+        <wsdl:part name="in" element="x1:pingMe"/>
+    </wsdl:message>
+    <wsdl:message name="pingMeResponse">
+        <wsdl:part name="out" element="x1:pingMeResponse"/>
+    </wsdl:message>		
+    <wsdl:message name="pingMeFault">
+        <wsdl:part name="faultDetail" element="x1:faultDetail"/>
+    </wsdl:message>
+    
+    <wsdl:portType name="Greeter">
+        <wsdl:operation name="sayHi">
+            <wsdl:input message="tns:sayHiRequest" name="sayHiRequest"/>
+            <wsdl:output message="tns:sayHiResponse" name="sayHiResponse"/>
+        </wsdl:operation>
+        
+        <wsdl:operation name="greetMe">
+            <wsdl:input message="tns:greetMeRequest" name="greetMeRequest"/>
+            <wsdl:output message="tns:greetMeResponse" name="greetMeResponse"/>
+        </wsdl:operation>
+
+        <wsdl:operation name="pingMe">
+            <wsdl:input name="pingMeRequest" message="tns:pingMeRequest"/>
+            <wsdl:output name="pingMeResponse" message="tns:pingMeResponse"/>
+            <wsdl:fault name="pingMeFault" message="tns:pingMeFault"/>
+        </wsdl:operation> 
+    </wsdl:portType>
+    <wsdl:binding name="Greeter_SOAPBinding" type="tns:Greeter">
+        <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
+        
+        <wsdl:operation name="sayHi">
+            <soap:operation soapAction="" style="document"/>
+            <wsdl:input name="sayHiRequest">
+                <soap:body use="literal"/>
+            </wsdl:input>
+            <wsdl:output name="sayHiResponse">
+                <soap:body use="literal"/>
+            </wsdl:output>
+        </wsdl:operation>
+        
+        <wsdl:operation name="greetMe">
+            <soap:operation soapAction="" style="document"/>
+            <wsdl:input name="greetMeRequest">
+                <soap:body use="literal"/>
+            </wsdl:input>
+            <wsdl:output name="greetMeResponse">
+                <soap:body use="literal"/>
+            </wsdl:output>
+        </wsdl:operation>
+
+        <wsdl:operation name="pingMe">
+            <soap:operation style="document"/>
+            <wsdl:input>
+                <soap:body use="literal"/>
+            </wsdl:input>
+            <wsdl:output>
+                <soap:body use="literal"/>
+            </wsdl:output>
+            <wsdl:fault name="pingMeFault">
+                <soap:fault name="pingMeFault" use="literal"/>
+            </wsdl:fault>
+        </wsdl:operation>
+        
+    </wsdl:binding>
+    <wsdl:service name="SOAPService">
+        <wsdl:port binding="tns:Greeter_SOAPBinding" name="Mortimer">
+            <soap:address location="http://localhost:9000/Mortimer"/>
+        </wsdl:port>
+        <wsdl:port binding="tns:Greeter_SOAPBinding" name="Tarpin">
+            <soap:address location="https://localhost:9003/Tarpin"/>
+        </wsdl:port>
+        <wsdl:port binding="tns:Greeter_SOAPBinding" name="Rethwel">
+            <soap:address location="http://localhost:9004/Rethwel"/>
+        </wsdl:port>
+        <wsdl:port binding="tns:Greeter_SOAPBinding" name="Gordy">
+            <soap:address location="https://localhost:9001/Gordy"/>
+        </wsdl:port>
+        <wsdl:port binding="tns:Greeter_SOAPBinding" name="Bethal">
+            <soap:address location="https://localhost:9002/Bethal"/>
+        </wsdl:port>
+        <wsdl:port binding="tns:Greeter_SOAPBinding" name="Hurlon">
+            <soap:address location="http://localhost:9006/Hurlon"/>
+        </wsdl:port>
+        <wsdl:port binding="tns:Greeter_SOAPBinding" name="Poltim">
+            <soap:address location="https://localhost:9005/Poltim"/>
+        </wsdl:port>
+        <wsdl:port binding="tns:Greeter_SOAPBinding" name="Abost">
+            <soap:address location="https://localhost:9007/Abost"/>
+        </wsdl:port>
+        <wsdl:port binding="tns:Greeter_SOAPBinding" name="Morpit">
+            <soap:address location="https://localhost:9008/Morpit"/>
+        </wsdl:port>
+    </wsdl:service>
+</wsdl:definitions>
+

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/greeting.wsdl
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/greeting.wsdl
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/greeting.wsdl
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-publish.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-publish.xml?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-publish.xml (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-publish.xml Fri Jul  8 17:29:39 2011
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:http="http://cxf.apache.org/transports/http/configuration"
+       xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+       xmlns:jaxws="http://cxf.apache.org/jaxws"
+       xmlns:sec="http://cxf.apache.org/configuration/security"
+       xsi:schemaLocation="
+        http://www.springframework.org/schema/beans                 http://www.springframework.org/schema/beans/spring-beans.xsd
+        http://cxf.apache.org/jaxws                                 http://cxf.apache.org/schemas/jaxws.xsd
+        http://cxf.apache.org/transports/http/configuration         http://cxf.apache.org/schemas/configuration/http-conf.xsd
+        http://cxf.apache.org/transports/http-jetty/configuration   http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+        http://cxf.apache.org/configuration/security                http://cxf.apache.org/schemas/configuration/security.xsd
+        ">
+
+    <!-- -->
+    <!-- This Spring config file is designed to represent a minimal -->
+    <!-- configuration for spring-loading a CXF servant, where the -->
+    <!-- servant listens using HTTP/S as the transport protocol. -->
+    <!-- -->
+    <!-- Note that the service endpoint is spring-loaded.  In the -->
+    <!-- scenario in which this config is designed to run, the -->
+    <!-- server application merely instantiates a Bus, and does not -->
+    <!-- publish any services programmatically -->
+    <!-- -->
+
+    <!-- -->
+    <!-- Spring-load an HTTPS servant -->
+    <!-- -->
+    <jaxws:endpoint 
+        id="JaxwsHttpsEndpoint"
+        implementor="org.apache.cxf.systest.http.GreeterImpl"
+        address="https://localhost:9001/SoapContext/HttpsPort"
+        serviceName="s:SOAPService"
+        endpointName="e:HttpsPort"
+        xmlns:e="http://apache.org/hello_world/services"
+        xmlns:s="http://apache.org/hello_world/services"
+        depends-on="port-9001-tls-config"/>
+
+    <!-- -->
+    <!-- TLS Port configuration parameters for port 9001 -->
+    <!-- -->
+    <httpj:engine-factory id="port-9001-tls-config">
+        <httpj:engine port="9001">
+            <httpj:tlsServerParameters>
+               <sec:keyManagers keyPassword="password">
+               <sec:keyStore type="JKS" password="password" 
+                    file="src/test/java/org/apache/cxf/systest/http/resources/Bethal.jks"/>
+                </sec:keyManagers>
+                <sec:trustManagers>
+                <sec:keyStore type="JKS" password="password"
+                   file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
+                </sec:trustManagers>
+            </httpj:tlsServerParameters>
+        </httpj:engine>
+    </httpj:engine-factory>
+
+    <!-- -->
+    <!-- HTTP/S configuration for clients -->
+    <!-- -->
+    <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+        <http:tlsClientParameters disableCNCheck="true">
+            <sec:keyManagers keyPassword="password">
+               <sec:keyStore type="JKS" password="password" 
+                    file="src/test/java/org/apache/cxf/systest/http/resources/Morpit.jks"/>
+               </sec:keyManagers>
+            <sec:trustManagers>
+               <sec:keyStore type="JKS" password="password"
+                   file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
+            </sec:trustManagers>
+        </http:tlsClientParameters>
+    </http:conduit>
+
+</beans>

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-publish.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-publish.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-publish.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-server.xml?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-server.xml (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-server.xml Fri Jul  8 17:29:39 2011
@@ -0,0 +1,108 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:http="http://cxf.apache.org/transports/http/configuration"
+       xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+       xmlns:jaxws="http://cxf.apache.org/jaxws"
+       xmlns:sec="http://cxf.apache.org/configuration/security"
+       xsi:schemaLocation="
+        http://www.springframework.org/schema/beans                 http://www.springframework.org/schema/beans/spring-beans.xsd
+        http://cxf.apache.org/jaxws                                 http://cxf.apache.org/schemas/jaxws.xsd
+        http://cxf.apache.org/transports/http/configuration         http://cxf.apache.org/schemas/configuration/http-conf.xsd
+        http://cxf.apache.org/transports/http-jetty/configuration   http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+        http://cxf.apache.org/configuration/security                http://cxf.apache.org/schemas/configuration/security.xsd
+        ">
+
+    <!-- -->
+    <!-- This Spring config file is designed to represent a minimal -->
+    <!-- configuration for spring-loading a CXF servant, where the -->
+    <!-- servant listens using HTTP/S as the transport protocol. -->
+    <!-- -->
+    <!-- Note that the service endpoint is spring-loaded.  In the -->
+    <!-- scenario in which this config is designed to run, the -->
+    <!-- server application merely instantiates a Bus, and does not -->
+    <!-- publish any services programmatically -->
+    <!-- -->
+
+    <!-- -->
+    <!-- Spring-load an HTTPS servant -->
+    <!-- -->
+    <jaxws:server 
+        id="JaxwsHttpsEndpoint"        
+        address="https://localhost:9002/SoapContext/HttpsPort"
+        serviceName="s:SOAPService"
+        endpointName="e:HttpsPort"
+        xmlns:e="http://apache.org/hello_world/services"
+        xmlns:s="http://apache.org/hello_world/services"
+        depends-on="port-9002-tls-config">
+        <jaxws:serviceBean>
+           <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+        </jaxws:serviceBean>
+    </jaxws:server>   
+    
+    <!--  Non http endpoint -->
+    <jaxws:server 
+        id="JaxwsHttpEndpoint"        
+        address="http://localhost:9003/SoapContext/HttpPort"
+        serviceName="s:SOAPService"
+        endpointName="e:HttpsPort"
+        xmlns:e="http://apache.org/hello_world/services"
+        xmlns:s="http://apache.org/hello_world/services">
+        <jaxws:serviceBean>
+           <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+        </jaxws:serviceBean>
+    </jaxws:server> 
+
+    <!-- -->
+    <!-- TLS Port configuration parameters for port 9002 -->
+    <!-- -->
+    <httpj:engine-factory id="port-9002-tls-config">
+        <httpj:engine port="9002">
+            <httpj:tlsServerParameters>
+               <sec:keyManagers keyPassword="password">
+	           <sec:keyStore type="JKS" password="password" 
+	                file="src/test/java/org/apache/cxf/systest/http/resources/Bethal.jks"/>
+	      		</sec:keyManagers>
+	      		<sec:trustManagers>
+	          	<sec:keyStore type="JKS" password="password"
+	               file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
+	     		</sec:trustManagers>
+            </httpj:tlsServerParameters>
+        </httpj:engine>
+    </httpj:engine-factory>
+
+    <!-- -->
+    <!-- HTTP/S configuration for clients -->
+    <!-- -->
+    <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+        <http:tlsClientParameters disableCNCheck="true">
+            <sec:keyManagers keyPassword="password">
+	           <sec:keyStore type="JKS" password="password" 
+	                file="src/test/java/org/apache/cxf/systest/http/resources/Morpit.jks"/>
+	           </sec:keyManagers>
+	        <sec:trustManagers>
+	           <sec:keyStore type="JKS" password="password"
+	               file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
+	        </sec:trustManagers>
+        </http:tlsClientParameters>
+    </http:conduit>
+
+</beans>
\ No newline at end of file

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-server.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-server.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/jaxws-server.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/pkcs12.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/pkcs12.xml?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/pkcs12.xml (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/pkcs12.xml Fri Jul  8 17:29:39 2011
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:http="http://cxf.apache.org/transports/http/configuration"
+       xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+       xmlns:jaxws="http://cxf.apache.org/jaxws"
+       xmlns:sec="http://cxf.apache.org/configuration/security"
+       xsi:schemaLocation="
+        http://www.springframework.org/schema/beans                 http://www.springframework.org/schema/beans/spring-beans.xsd
+        http://cxf.apache.org/jaxws                                 http://cxf.apache.org/schemas/jaxws.xsd
+        http://cxf.apache.org/transports/http/configuration         http://cxf.apache.org/schemas/configuration/http-conf.xsd
+        http://cxf.apache.org/transports/http-jetty/configuration   http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+        http://cxf.apache.org/configuration/security                http://cxf.apache.org/schemas/configuration/security.xsd
+        ">
+
+    <!-- -->
+    <!-- This Spring config file is designed to represent a minimal -->
+    <!-- configuration for spring-loading a CXF servant, where the -->
+    <!-- servant listens using HTTP/S as the transport protocol. -->
+    <!-- -->
+    <!-- Note that the service endpoint is spring-loaded.  In the -->
+    <!-- scenario in which this config is designed to run, the -->
+    <!-- server application merely instantiates a Bus, and does not -->
+    <!-- publish any services programmatically -->
+    <!-- -->
+    <!-- This test ensures we can use PKCS12 keystores and PEM truststores -->
+    <!-- -->
+
+    <!-- -->
+    <!-- Spring-load an HTTPS servant -->
+    <!-- -->
+    <jaxws:server 
+        id="JaxwsHttpsEndpoint"        
+        address="https://localhost:9003/SoapContext/HttpsPort"
+        serviceName="s:SOAPService"
+        endpointName="e:HttpsPort"
+        xmlns:e="http://apache.org/hello_world/services"
+        xmlns:s="http://apache.org/hello_world/services"
+        depends-on="port-9003-tls-config">
+        <jaxws:serviceBean>
+           <bean class="org.apache.cxf.systest.http.GreeterImpl"/>
+        </jaxws:serviceBean>
+    </jaxws:server>    
+
+    <!-- -->
+    <!-- TLS Port configuration parameters for port 9002 -->
+    <!-- -->
+    <httpj:engine-factory id="port-9003-tls-config">
+        <httpj:engine port="9003">
+            <httpj:tlsServerParameters>
+                <sec:keyManagers keyPassword="password">
+                    <sec:keyStore type="pkcs12" password="password" 
+                        file="src/test/java/org/apache/cxf/systest/http/resources/Bethal.p12"/>
+                </sec:keyManagers>
+                <sec:trustManagers>
+                    <sec:certStore
+                        file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.pem"/>
+                </sec:trustManagers>
+            </httpj:tlsServerParameters>
+        </httpj:engine>
+    </httpj:engine-factory>
+
+    <!-- -->
+    <!-- HTTP/S configuration for clients -->
+    <!-- -->
+    <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+        <http:tlsClientParameters disableCNCheck="true">
+            <sec:keyManagers keyPassword="password">
+               <sec:keyStore type="pkcs12" password="password" 
+                    file="src/test/java/org/apache/cxf/systest/http/resources/Morpit.p12"/>
+               </sec:keyManagers>
+            <sec:trustManagers>
+               <sec:certStore
+                   file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.pem"/>
+            </sec:trustManagers>
+        </http:tlsClientParameters>
+    </http:conduit>
+
+</beans>

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/pkcs12.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/pkcs12.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/pkcs12.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec-url.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec-url.xml?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec-url.xml (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec-url.xml Fri Jul  8 17:29:39 2011
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:http="http://cxf.apache.org/transports/http/configuration"
+       xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+       xmlns:jaxws="http://cxf.apache.org/jaxws"
+       xmlns:sec="http://cxf.apache.org/configuration/security"
+       xsi:schemaLocation="
+        http://www.springframework.org/schema/beans                 http://www.springframework.org/schema/beans/spring-beans.xsd
+        http://cxf.apache.org/jaxws                                 http://cxf.apache.org/schemas/jaxws.xsd
+        http://cxf.apache.org/transports/http/configuration         http://cxf.apache.org/schemas/configuration/http-conf.xsd
+        http://cxf.apache.org/transports/http-jetty/configuration   http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+        http://cxf.apache.org/configuration/security                http://cxf.apache.org/schemas/configuration/security.xsd
+        ">
+
+    <!-- -->
+    <!-- This Spring config file is designed to represent a minimal -->
+    <!-- configuration for spring-loading a CXF servant, where the -->
+    <!-- servant listens using HTTP/S as the transport protocol. -->
+    <!-- -->
+    <!-- Note that the service endpoint is spring-loaded.  In the -->
+    <!-- scenario in which this config is designed to run, the -->
+    <!-- server application merely instantiates a Bus, and does not -->
+    <!-- publish any services programmatically -->
+    <!-- -->
+
+    <!-- -->
+    <!-- Spring-load an HTTPS servant -->
+    <!-- -->
+    <jaxws:endpoint 
+        id="JaxwsHttpsEndpoint"
+        implementor="org.apache.cxf.systest.http.GreeterImpl"
+        address="https://localhost:9005/SoapContext/HttpsPort"
+        serviceName="s:SOAPService"
+        endpointName="e:HttpsPort"
+        xmlns:e="http://apache.org/hello_world/services"
+        xmlns:s="http://apache.org/hello_world/services"
+        depends-on="port-9005-tls-config"/>
+
+    <!-- -->
+    <!-- TLS Port configuration parameters for port 9005 -->
+    <!-- -->
+    <!-- This test exercises the resource attribute in a keyStore element -->
+    <!-- -->
+    <httpj:engine-factory id="port-9005-tls-config">
+        <httpj:engine port="9005">
+            <httpj:tlsServerParameters>
+               <sec:keyManagers keyPassword="password">
+               <sec:keyStore type="JKS" password="password" 
+                    resource="org/apache/cxf/systest/http/resources/Bethal.jks"/>
+                </sec:keyManagers>
+                <sec:trustManagers>
+                <sec:keyStore type="JKS" password="password"
+                   resource="org/apache/cxf/systest/http/resources/Truststore.jks"/>
+                </sec:trustManagers>
+            </httpj:tlsServerParameters>
+        </httpj:engine>
+    </httpj:engine-factory>
+
+    <!-- -->
+    <!-- HTTP/S configuration for clients -->
+    <!-- -->
+    <!-- This test exercises the resource attribute in a keyStore and certStore element -->
+    <!-- -->
+    <http:conduit name="https://localhost:9005/SoapContext/HttpsPort">
+        <http:tlsClientParameters disableCNCheck="true">
+            <sec:keyManagers keyPassword="password">
+               <sec:keyStore type="pkcs12" password="password" 
+                    resource="org/apache/cxf/systest/http/resources/Morpit.p12"/>
+               </sec:keyManagers>
+            <sec:trustManagers>
+               <sec:certStore
+                   resource="org/apache/cxf/systest/http/resources/Truststore.pem"/>
+            </sec:trustManagers>
+        </http:tlsClientParameters>
+    </http:conduit>
+
+</beans>

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec-url.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec-url.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec-url.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec.xml?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec.xml (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec.xml Fri Jul  8 17:29:39 2011
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:http="http://cxf.apache.org/transports/http/configuration"
+       xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+       xmlns:jaxws="http://cxf.apache.org/jaxws"
+       xmlns:sec="http://cxf.apache.org/configuration/security"
+       xsi:schemaLocation="
+        http://www.springframework.org/schema/beans                 http://www.springframework.org/schema/beans/spring-beans.xsd
+        http://cxf.apache.org/jaxws                                 http://cxf.apache.org/schemas/jaxws.xsd
+        http://cxf.apache.org/transports/http/configuration         http://cxf.apache.org/schemas/configuration/http-conf.xsd
+        http://cxf.apache.org/transports/http-jetty/configuration   http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+        http://cxf.apache.org/configuration/security                http://cxf.apache.org/schemas/configuration/security.xsd
+        ">
+
+    <!-- -->
+    <!-- This Spring config file is designed to represent a minimal -->
+    <!-- configuration for spring-loading a CXF servant, where the -->
+    <!-- servant listens using HTTP/S as the transport protocol. -->
+    <!-- -->
+    <!-- Note that the service endpoint is spring-loaded.  In the -->
+    <!-- scenario in which this config is designed to run, the -->
+    <!-- server application merely instantiates a Bus, and does not -->
+    <!-- publish any services programmatically -->
+    <!-- -->
+
+    <!-- -->
+    <!-- Spring-load an HTTPS servant -->
+    <!-- -->
+    <jaxws:endpoint 
+        id="JaxwsHttpsEndpoint"
+        implementor="org.apache.cxf.systest.http.GreeterImpl"
+        address="https://localhost:9004/SoapContext/HttpsPort"
+        serviceName="s:SOAPService"
+        endpointName="e:HttpsPort"
+        xmlns:e="http://apache.org/hello_world/services"
+        xmlns:s="http://apache.org/hello_world/services"
+        depends-on="port-9004-tls-config"/>
+
+    <!-- -->
+    <!-- TLS Port configuration parameters for port 9004 -->
+    <!-- -->
+    <!-- This test exercises the resource attribute in a keyStore element -->
+    <!-- -->
+    <httpj:engine-factory id="port-9004-tls-config">
+        <httpj:engine port="9004">
+            <httpj:tlsServerParameters>
+               <sec:keyManagers keyPassword="password">
+               <sec:keyStore type="JKS" password="password" 
+                    resource="org/apache/cxf/systest/http/resources/Bethal.jks"/>
+                </sec:keyManagers>
+                <sec:trustManagers>
+                <sec:keyStore type="JKS" password="password"
+                   resource="org/apache/cxf/systest/http/resources/Truststore.jks"/>
+                </sec:trustManagers>
+            </httpj:tlsServerParameters>
+        </httpj:engine>
+    </httpj:engine-factory>
+
+    <!-- -->
+    <!-- HTTP/S configuration for clients -->
+    <!-- -->
+    <!-- This test exercises the resource attribute in a keyStore and certStore element -->
+    <!-- -->
+    <http:conduit name="{http://apache.org/hello_world/services}HttpsPort.http-conduit">
+        <http:tlsClientParameters disableCNCheck="true">
+            <sec:keyManagers keyPassword="password">
+               <sec:keyStore type="pkcs12" password="password" 
+                    resource="org/apache/cxf/systest/http/resources/Morpit.p12"/>
+               </sec:keyManagers>
+            <sec:trustManagers>
+               <sec:certStore
+                   resource="org/apache/cxf/systest/http/resources/Truststore.pem"/>
+            </sec:trustManagers>
+        </http:tlsClientParameters>
+    </http:conduit>
+
+</beans>

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/http/resources/resource-key-spec.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/Book.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/Book.java?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/Book.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/Book.java Fri Jul  8 17:29:39 2011
@@ -0,0 +1,54 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security;
+
+import javax.xml.bind.annotation.XmlRootElement;
+
+
+@XmlRootElement(name = "Book")
+public class Book {
+    private String name = "CXF";
+    private long id = 123L;
+    
+    public Book() {
+    }
+    
+    public Book(String name, long id) {
+        this.name = name;
+        this.id = id;
+    }
+    
+    public void setName(String n) {
+        name = n;
+    }
+
+    public String getName() {
+        return name;
+    }
+    
+    public void setId(long i) {
+        id = i;
+    }
+    public long getId() {
+        return id;
+    }
+    
+    
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/Book.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/Book.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java Fri Jul  8 17:29:39 2011
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security;
+
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+
+@Path("/bookstore")
+public class BookStore {
+
+    private Book book = new Book();
+    
+    public BookStore() {
+    }
+    
+    @GET
+    @Path("/books/{bookId}/")
+    @Produces("application/xml")
+    public Book getBook(@PathParam("bookId") String id) {
+        return book;
+    }
+}
+
+

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java Fri Jul  8 17:29:39 2011
@@ -0,0 +1,75 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.saml;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.jaxrs.JAXRSServerFactoryBean;
+import org.apache.cxf.jaxrs.lifecycle.SingletonResourceProvider;
+import org.apache.cxf.systest.jaxrs.security.BookStore;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+import org.apache.cxf.testutil.common.TestUtil;
+    
+public class BookServerSaml extends AbstractBusTestServerBase {
+    public static final String PORT = TestUtil.getPortNumber("jaxrs-saml");
+    private static final String SERVER_CONFIG_FILE =
+        "org/apache/cxf/systest/jaxrs/security/saml/server.xml";
+    
+    protected void run() {
+        SpringBusFactory bf = new SpringBusFactory();
+        Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
+        BusFactory.setDefaultBus(springBus);
+        
+        JAXRSServerFactoryBean sf = new JAXRSServerFactoryBean();
+        
+        sf.setResourceClasses(BookStore.class);
+        
+        sf.setProvider(new SamlInRequestHandler());
+        
+        sf.setResourceProvider(BookStore.class,
+                               new SingletonResourceProvider(new BookStore(), true));
+        sf.setAddress("https://localhost:" + PORT + "/");
+
+        Map<String, Object> properties = new HashMap<String, Object>();
+        properties.put("ws-security.callback-handler", 
+                       "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
+        properties.put("ws-security.signature.properties", 
+                       "org/apache/cxf/systest/jaxrs/security/alice.properties");
+        sf.setProperties(properties);
+        
+        sf.create();        
+    }
+
+    public static void main(String[] args) {
+        try {
+            BookServerSaml s = new BookServerSaml();
+            s.start();
+        } catch (Exception ex) {
+            ex.printStackTrace();
+            System.exit(-1);
+        } finally {
+            System.out.println("done!");
+        }
+    }
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java Fri Jul  8 17:29:39 2011
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.saml;
+
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
+import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.systest.jaxrs.security.Book;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class JAXRSSamlTest extends AbstractBusClientServerTestBase {
+    public static final String PORT = BookServerSaml.PORT;
+
+    @BeforeClass
+    public static void startServers() throws Exception {
+        assertTrue("server did not launch correctly", 
+                   launchServer(BookServerSaml.class, true));
+    }
+    
+    @Test
+    public void testGetBookSAMLTokenAsHeader() throws Exception {
+        String address = "https://localhost:" + PORT + "/bookstore/books/123";
+        JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
+        bean.setAddress(address);
+        
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = JAXRSSamlTest.class.getResource("client.xml");
+        Bus springBus = bf.createBus(busFile.toString());
+        bean.setBus(springBus);
+
+        Map<String, Object> properties = new HashMap<String, Object>();
+        properties.put("ws-security.callback-handler", 
+                       "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
+        properties.put("ws-security.signature.username", "alice");
+        properties.put("ws-security.signature.properties", 
+                       "org/apache/cxf/systest/jaxrs/security/alice.properties");
+        properties.put("ws-security.self-sign-saml-assertion", "true");
+        bean.setProperties(properties);
+        bean.getOutInterceptors().add(new SamlOutInterceptor());
+        
+        WebClient wc = bean.createWebClient();
+        Book book = wc.get(Book.class);
+        assertEquals(123L, book.getId());
+    }
+    
+    
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java Fri Jul  8 17:29:39 2011
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.saml;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.apache.ws.security.WSPasswordCallback;
+
+/**
+ */
+
+public class KeystorePasswordCallback implements CallbackHandler {
+    
+    public KeystorePasswordCallback() {
+    }
+
+    /**
+     * It attempts to get the password from the private 
+     * alias/passwords map.
+     */
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
+            if ("alice".equals(pc.getIdentifier())) {
+                pc.setPassword("password");
+            } else if ("bob".equals(pc.getIdentifier())) {
+                pc.setPassword("password");
+            } else {
+                pc.setPassword("abcd!1234");
+            }
+        }
+    }
+    
+
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java Fri Jul  8 17:29:39 2011
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.saml;
+
+import java.io.IOException;
+import java.util.Collections;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.apache.ws.security.saml.ext.SAMLCallback;
+import org.apache.ws.security.saml.ext.bean.AttributeBean;
+import org.apache.ws.security.saml.ext.bean.AttributeStatementBean;
+import org.apache.ws.security.saml.ext.bean.SubjectBean;
+import org.apache.ws.security.saml.ext.builder.SAML1Constants;
+import org.apache.ws.security.saml.ext.builder.SAML2Constants;
+import org.opensaml.common.SAMLVersion;
+
+/**
+ * A CallbackHandler instance that is used by the STS to mock up a SAML Attribute Assertion.
+ */
+public class SamlCallbackHandler implements CallbackHandler {
+    private boolean saml2 = true;
+    private String confirmationMethod = SAML2Constants.CONF_SENDER_VOUCHES;
+    
+    public SamlCallbackHandler() {
+        //
+    }
+    
+    public SamlCallbackHandler(boolean saml2) {
+        this.saml2 = saml2;
+    }
+    
+    public void setConfirmationMethod(String confirmationMethod) {
+        this.confirmationMethod = confirmationMethod;
+    }
+    
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof SAMLCallback) {
+                SAMLCallback callback = (SAMLCallback) callbacks[i];
+                if (saml2) {
+                    callback.setSamlVersion(SAMLVersion.VERSION_20);
+                } else {
+                    callback.setSamlVersion(SAMLVersion.VERSION_11);
+                }
+                callback.setIssuer("sts");
+                String subjectName = "uid=sts-client,o=mock-sts.com";
+                String subjectQualifier = "www.mock-sts.com";
+                if (!saml2 && SAML2Constants.CONF_SENDER_VOUCHES.equals(confirmationMethod)) {
+                    confirmationMethod = SAML1Constants.CONF_SENDER_VOUCHES;
+                }
+                SubjectBean subjectBean = 
+                    new SubjectBean(
+                        subjectName, subjectQualifier, confirmationMethod
+                    );
+                callback.setSubject(subjectBean);
+                
+                AttributeStatementBean attrBean = new AttributeStatementBean();
+                attrBean.setSubject(subjectBean);
+                
+                AttributeBean attributeBean = new AttributeBean();
+                attributeBean.setSimpleName("subject-role");
+                attributeBean.setAttributeValues(Collections.singletonList("system-user"));
+                attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
+                callback.setAttributeStatementData(Collections.singletonList(attrBean));
+            }
+        }
+    }
+    
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlCallbackHandler.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlInRequestHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlInRequestHandler.java?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlInRequestHandler.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlInRequestHandler.java Fri Jul  8 17:29:39 2011
@@ -0,0 +1,223 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.saml;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.net.URL;
+import java.security.cert.Certificate;
+import java.util.List;
+import java.util.Properties;
+import java.util.zip.Inflater;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
+
+import org.w3c.dom.Document;
+
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.jaxrs.ext.RequestHandler;
+import org.apache.cxf.jaxrs.model.ClassResourceInfo;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
+import org.apache.cxf.resource.ResourceManager;
+import org.apache.cxf.security.transport.TLSSessionInfo;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.ws.security.WSSConfig;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.handler.RequestData;
+import org.apache.ws.security.handler.WSHandlerConstants;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
+import org.apache.ws.security.validate.Credential;
+import org.apache.ws.security.validate.SamlAssertionValidator;
+import org.apache.ws.security.validate.Validator;
+
+public class SamlInRequestHandler implements RequestHandler {
+
+    private static final String SAML_AUTH = "SAML";
+    
+    @Context
+    private HttpHeaders headers;
+    
+    private Validator samlValidator = new SamlAssertionValidator();
+    
+    public void setValidator(Validator validator) {
+        samlValidator = validator;
+    }
+    
+    @Override
+    public Response handleRequest(Message message, ClassResourceInfo resourceClass) {
+        
+        List<String> values = headers.getRequestHeader(HttpHeaders.AUTHORIZATION);
+        if (values == null || values.size() != 1 || !values.get(0).startsWith(SAML_AUTH)) {
+            return Response.status(401).build();    
+        }
+        
+        String[] parts = values.get(0).split(" ");
+        if (parts.length != 2) {
+            return Response.status(401).build();
+        }
+        
+        Document doc = null;
+        try {
+            byte[] deflatedToken = Base64Utility.decode(parts[1]);
+            Inflater inflater = new Inflater();
+            inflater.setInput(deflatedToken);
+            byte[] input = new byte[4096];
+            int length = inflater.inflate(input);
+            
+            ByteArrayInputStream bis = new ByteArrayInputStream(input, 0, length); 
+            doc = DOMUtils.readXml(new InputStreamReader(bis, "UTF-8"));
+        } catch (Exception ex) {
+            return Response.status(401).build();
+        }
+        
+        try {
+            AssertionWrapper assertion = new AssertionWrapper(doc.getDocumentElement());
+            if (assertion.isSigned()) {
+                RequestData data = new RequestData();
+                WSSConfig cfg = new WSSConfig(); 
+                data.setWssConfig(cfg);
+                data.setCallbackHandler(getCallbackHandler(message));
+                data.setSigCrypto(getCrypto(message, 
+                                            SecurityConstants.SIGNATURE_PROPERTIES));
+                data.setEnableRevocation(MessageUtils.isTrue(
+                    message.getContextualProperty(WSHandlerConstants.ENABLE_REVOCATION)));
+                assertion.verifySignature(data, null);
+                assertion.parseHOKSubject(data, null);
+                Credential credential = new Credential();
+                credential.setAssertion(assertion);
+                if (samlValidator != null) {
+                    samlValidator.validate(credential, data);
+                }
+                
+                TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
+                Certificate[] tlsCerts = null;
+                if (tlsInfo != null) {
+                    tlsCerts = tlsInfo.getPeerCertificates();
+                }
+                // AbstractSamlPolicyValidator:
+                //if (!checkHolderOfKey(assertion, null, tlsCerts)) {
+                //    return Response.status(401).build();
+                //}
+                if (!checkSenderVouches(assertion, tlsCerts)) {
+                    return Response.status(401).build();
+                }
+                
+            }
+        } catch (Exception ex) {
+            return Response.status(401).build();
+        }
+        
+        return null;
+    }
+
+    
+    protected Crypto getCrypto(Message message, String propKey) throws Exception {
+        
+        Object o = message.getContextualProperty(propKey);
+        if (o == null) {
+            return null;
+        }
+        
+        ClassLoader orig = Thread.currentThread().getContextClassLoader();
+        try {
+            try {
+                URL url = ClassLoaderUtils.getResource((String)o, this.getClass());
+                if (url == null) {
+                    ResourceManager manager = message.getExchange()
+                            .getBus().getExtension(ResourceManager.class);
+                    ClassLoader loader = manager.resolveResource("", ClassLoader.class);
+                    if (loader != null) {
+                        Thread.currentThread().setContextClassLoader(loader);
+                    }
+                    url = manager.resolveResource((String)o, URL.class);
+                }
+                if (url != null) {
+                    Properties props = new Properties();
+                    InputStream in = url.openStream(); 
+                    props.load(in);
+                    in.close();
+                    return CryptoFactory.getInstance(props);
+                }
+            } catch (Exception e) {
+                //ignore
+            } 
+            return CryptoFactory.getInstance((String)o);
+        } finally {
+            Thread.currentThread().setContextClassLoader(orig);
+        }
+    }
+    
+    private CallbackHandler getCallbackHandler(Message message) {
+        //Then try to get the password from the given callback handler
+        Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
+    
+        CallbackHandler handler = null;
+        if (o instanceof CallbackHandler) {
+            handler = (CallbackHandler)o;
+        } else if (o instanceof String) {
+            try {
+                handler = (CallbackHandler)ClassLoaderUtils
+                    .loadClass((String)o, this.getClass()).newInstance();
+            } catch (Exception e) {
+                handler = null;
+            }
+        }
+        return handler;
+    }
+    
+    // SamlTokenPolicyValidator
+    /**
+     * Check the sender-vouches requirements against the received assertion. The SAML
+     * Assertion and the SOAP Body must be signed by the same signature.
+     */
+    private boolean checkSenderVouches(
+        AssertionWrapper assertionWrapper,
+        Certificate[] tlsCerts
+    ) {
+        //
+        // If we have a 2-way TLS connection, then we don't have to check that the
+        // assertion + SOAP body are signed
+        //
+        if (tlsCerts != null && tlsCerts.length > 0) {
+            return true;
+        }
+        return false;
+//        List<String> confirmationMethods = assertionWrapper.getConfirmationMethods();
+//        for (String confirmationMethod : confirmationMethods) {
+//            if (OpenSAMLUtil.isMethodSenderVouches(confirmationMethod)) {
+//                if (signedResults == null || signedResults.isEmpty()) {
+//                    return false;
+//                }
+//                if (!checkAssertionAndBodyAreSigned(assertionWrapper)) {
+//                    return false;
+//                }
+//            }
+//        }
+//        return true;
+    }
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlInRequestHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlInRequestHandler.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlOutInterceptor.java?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlOutInterceptor.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlOutInterceptor.java Fri Jul  8 17:29:39 2011
@@ -0,0 +1,239 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jaxrs.security.saml;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.StringWriter;
+import java.net.URL;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.zip.Deflater;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.cxf.resource.ResourceManager;
+import org.apache.cxf.service.model.EndpointInfo;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.ws.security.WSPasswordCallback;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
+import org.apache.ws.security.saml.ext.SAMLParms;
+
+public class SamlOutInterceptor extends AbstractPhaseInterceptor<Message> {
+    private static final String CRYPTO_CACHE = "ws-security.crypto.cache";
+    
+    public SamlOutInterceptor() {
+        super(Phase.PRE_MARSHAL);
+    } 
+
+    public void handleMessage(Message message) throws Fault {
+        try {
+            SAMLParms samlParms = new SAMLParms();
+            samlParms.setCallbackHandler(new SamlCallbackHandler());
+            AssertionWrapper assertion = new AssertionWrapper(samlParms);
+            boolean selfSignAssertion = 
+                MessageUtils.getContextualBoolean(
+                    message, SecurityConstants.SELF_SIGN_SAML_ASSERTION, false
+                );
+            if (selfSignAssertion) {
+                Crypto crypto = getCrypto(message, 
+                                          SecurityConstants.SIGNATURE_CRYPTO,
+                                          SecurityConstants.SIGNATURE_PROPERTIES);
+                
+                String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
+                String user = (String)message.getContextualProperty(userNameKey);
+                if (crypto != null && StringUtils.isEmpty(user)) {
+                    try {
+                        user = crypto.getDefaultX509Identifier();
+                    } catch (WSSecurityException e1) {
+                        throw new Fault(e1);
+                    }
+                }
+                if (StringUtils.isEmpty(user)) {
+                    return;
+                }
+        
+                CallbackHandler handler = getCallbackHandler(message);
+                String password = getPassword(handler, user, WSPasswordCallback.SIGNATURE);
+                if (password == null) {
+                    password = "";
+                }
+             
+                // TODO configure using a KeyValue here
+                assertion.signAssertion(user, password, crypto, false);
+                
+                String assertionValue = assertion.assertionToString();
+                
+                Deflater compresser = new Deflater();
+                compresser.setInput(assertionValue.getBytes("UTF-8"));
+                compresser.finish();
+                
+                byte[] output = new byte[4096];
+                int compressedDataLength = compresser.deflate(output);
+                
+                StringWriter writer = new StringWriter();
+                Base64Utility.encode(output, 0, compressedDataLength, writer);
+                
+                Map<String, List<String>> headers = 
+                    CastUtils.cast((Map)message.get(Message.PROTOCOL_HEADERS));
+                if (headers == null) {
+                    headers = new HashMap<String, List<String>>();
+                }
+                
+                StringBuilder builder = new StringBuilder();
+                builder.append("SAML").append(" ").append(writer.toString());
+                headers.put("Authorization", 
+                    CastUtils.cast(Collections.singletonList(builder.toString()), String.class));
+            }
+        } catch (Exception ex) {
+            // ignore
+        }
+    }
+        
+    private String getPassword(CallbackHandler handler, String userName, int type) {
+        if (handler == null) {
+            return null;
+        }
+        
+        WSPasswordCallback[] cb = {new WSPasswordCallback(userName, type)};
+        try {
+            handler.handle(cb);
+        } catch (Exception e) {
+            return null;
+        }
+        
+        //get the password
+        return cb[0].getPassword();
+    }
+    
+    private CallbackHandler getCallbackHandler(Message message) {
+        //Then try to get the password from the given callback handler
+        Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
+    
+        CallbackHandler handler = null;
+        if (o instanceof CallbackHandler) {
+            handler = (CallbackHandler)o;
+        } else if (o instanceof String) {
+            try {
+                handler = (CallbackHandler)ClassLoaderUtils
+                    .loadClass((String)o, this.getClass()).newInstance();
+            } catch (Exception e) {
+                handler = null;
+            }
+        }
+        return handler;
+    }
+    
+    private Crypto getCrypto(Message message,
+                             String cryptoKey, 
+                             String propKey) {
+        Crypto crypto = (Crypto)message.getContextualProperty(cryptoKey);
+        if (crypto != null) {
+            return crypto;
+        }
+        
+        Object o = message.getContextualProperty(propKey);
+        if (o == null) {
+            return null;
+        }
+        
+        crypto = getCryptoCache(message).get(o);
+        if (crypto != null) {
+            return crypto;
+        }
+        Properties properties = null;
+        if (o instanceof Properties) {
+            properties = (Properties)o;
+        } else if (o instanceof String) {
+            ResourceManager rm = message.getExchange().get(Bus.class).getExtension(ResourceManager.class);
+            URL url = rm.resolveResource((String)o, URL.class);
+            try {
+                if (url == null) {
+                    url = ClassLoaderUtils.getResource((String)o, this.getClass());
+                }
+                if (url == null) {
+                    try {
+                        url = new URL((String)o);
+                    } catch (Exception ex) {
+                        throw new RuntimeException(ex);
+                    }
+                }
+                if (url != null) {
+                    InputStream ins = url.openStream();
+                    properties = new Properties();
+                    properties.load(ins);
+                    ins.close();
+                }
+            } catch (IOException e) {
+                throw new RuntimeException(e);
+            }
+        } else if (o instanceof URL) {
+            properties = new Properties();
+            try {
+                InputStream ins = ((URL)o).openStream();
+                properties.load(ins);
+                ins.close();
+            } catch (IOException e) {
+                throw new RuntimeException(e);
+            }            
+        }
+        
+        if (properties != null) {
+            try {
+                crypto = CryptoFactory.getInstance(properties);
+            } catch (Exception ex) {
+                return null;
+            }
+            getCryptoCache(message).put(o, crypto);
+        }
+        return crypto;
+    }
+    
+    protected final Map<Object, Crypto> getCryptoCache(Message message) {
+        EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
+        synchronized (info) {
+            Map<Object, Crypto> o = 
+                CastUtils.cast((Map<?, ?>)message.getContextualProperty(CRYPTO_CACHE));
+            if (o == null) {
+                o = new ConcurrentHashMap<Object, Crypto>();
+                info.setProperty(CRYPTO_CACHE, o);
+            }
+            return o;
+        }
+    }
+    
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlOutInterceptor.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlOutInterceptor.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/alice.properties
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/alice.properties?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/alice.properties (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/alice.properties Fri Jul  8 17:29:39 2011
@@ -0,0 +1,21 @@
+#    Licensed to the Apache Software Foundation (ASF) under one
+#    or more contributor license agreements. See the NOTICE file
+#    distributed with this work for additional information
+#    regarding copyright ownership. The ASF licenses this file
+#    to you under the Apache License, Version 2.0 (the
+#    "License"); you may not use this file except in compliance
+#    with the License. You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing,
+#    software distributed under the License is distributed on an
+#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the License for the
+#    specific language governing permissions and limitations
+#    under the License.
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=password
+org.apache.ws.security.crypto.merlin.keystore.alias=alice
+org.apache.ws.security.crypto.merlin.keystore.file=org/apache/cxf/systest/jaxrs/security/certs/alice.jks

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/alice.properties
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/alice.properties
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/alice.properties
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/client.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/client.xml?rev=1144394&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/client.xml (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/client.xml Fri Jul  8 17:29:39 2011
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ 
+ http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:http="http://cxf.apache.org/transports/http/configuration"
+       xmlns:jaxws="http://cxf.apache.org/jaxws"
+       xmlns:cxf="http://cxf.apache.org/core"
+       xmlns:p="http://cxf.apache.org/policy"
+       xmlns:sec="http://cxf.apache.org/configuration/security"
+       xsi:schemaLocation="
+          http://www.springframework.org/schema/beans           http://www.springframework.org/schema/beans/spring-beans.xsd
+          http://cxf.apache.org/jaxws                           http://cxf.apache.org/schemas/jaxws.xsd
+          http://cxf.apache.org/transports/http/configuration   http://cxf.apache.org/schemas/configuration/http-conf.xsd
+          http://cxf.apache.org/configuration/security          http://cxf.apache.org/schemas/configuration/security.xsd
+          http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+          http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd"
+>
+    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+    
+    <http:conduit name="https://localhost.*">
+        <http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000"/>
+        <http:tlsClientParameters disableCNCheck="true">
+            <sec:keyManagers keyPassword="password">
+	           <sec:keyStore type="JKS" password="password" 
+	                file="src/test/java/org/apache/cxf/systest/http/resources/Morpit.jks"/>
+	           </sec:keyManagers>
+	        <sec:trustManagers>
+	           <sec:keyStore type="JKS" password="password"
+	               file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
+	        </sec:trustManagers>
+        </http:tlsClientParameters>
+    </http:conduit>  
+        
+</beans>

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/client.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/client.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/client.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml



Mime
View raw message