cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1147879 - in /cxf/trunk/systests: rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/ rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/ rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/ w...
Date Mon, 18 Jul 2011 13:49:38 GMT
Author: sergeyb
Date: Mon Jul 18 13:49:35 2011
New Revision: 1147879

URL: http://svn.apache.org/viewvc?rev=1147879&view=rev
Log:
[CXF-3661] Adding system test interceptors which add and extract the signature

Added:
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/BookServerXmlSec.java   (with props)
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSigTest.java   (with props)
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigInHandler.java   (with props)
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigOutInterceptor.java   (with props)
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/client.xml   (with props)
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml   (with props)
Modified:
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/AbstractSamlInHandler.java
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/AbstractSamlOutInterceptor.java
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlHeaderOutInterceptor.java
    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml

Modified: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java?rev=1147879&r1=1147878&r2=1147879&view=diff
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java (original)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java Mon Jul 18 13:49:35 2011
@@ -20,15 +20,15 @@
 package org.apache.cxf.systest.jaxrs.security;
 
 
+import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
+import javax.ws.rs.POST;
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
 
 @Path("/bookstore")
 public class BookStore {
-
-    private Book book = new Book();
     
     public BookStore() {
     }
@@ -37,6 +37,14 @@ public class BookStore {
     @Path("/books/{bookId}/")
     @Produces("application/xml")
     public Book getBook(@PathParam("bookId") String id) {
+        return new Book();
+    }
+    
+    @POST
+    @Path("/books")
+    @Produces("application/xml")
+    @Consumes("application/xml")
+    public Book addBook(Book book) {
         return book;
     }
 }

Modified: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/AbstractSamlInHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/AbstractSamlInHandler.java?rev=1147879&r1=1147878&r2=1147879&view=diff
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/AbstractSamlInHandler.java (original)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/AbstractSamlInHandler.java Mon Jul 18 13:49:35 2011
@@ -136,58 +136,6 @@ public abstract class AbstractSamlInHand
         throw ex != null ? new WebApplicationException(ex, response) : new WebApplicationException(response);
     }
     
-    protected Crypto getCrypto(Message message, String propKey) 
-        throws IOException, WSSecurityException {
-        
-        Object o = message.getContextualProperty(propKey);
-        if (o == null) {
-            return null;
-        }
-        
-        ClassLoader orig = Thread.currentThread().getContextClassLoader();
-        try {
-            URL url = ClassLoaderUtils.getResource((String)o, this.getClass());
-            if (url == null) {
-                ResourceManager manager = message.getExchange()
-                        .getBus().getExtension(ResourceManager.class);
-                ClassLoader loader = manager.resolveResource("", ClassLoader.class);
-                if (loader != null) {
-                    Thread.currentThread().setContextClassLoader(loader);
-                }
-                url = manager.resolveResource((String)o, URL.class);
-            }
-            if (url != null) {
-                Properties props = new Properties();
-                InputStream in = url.openStream(); 
-                props.load(in);
-                in.close();
-                return CryptoFactory.getInstance(props);
-            } else {
-                return CryptoFactory.getInstance((String)o);
-            }
-        } finally {
-            Thread.currentThread().setContextClassLoader(orig);
-        }
-    }
-    
-    private CallbackHandler getCallbackHandler(Message message) {
-        //Then try to get the password from the given callback handler
-        Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
-    
-        CallbackHandler handler = null;
-        if (o instanceof CallbackHandler) {
-            handler = (CallbackHandler)o;
-        } else if (o instanceof String) {
-            try {
-                handler = (CallbackHandler)ClassLoaderUtils
-                    .loadClass((String)o, this.getClass()).newInstance();
-            } catch (Exception e) {
-                handler = null;
-            }
-        }
-        return handler;
-    }
-    
     // TODO: Most of this code can make it into rt/security to minimize the duplication
     //       between ws/security and rs/security
     
@@ -345,4 +293,57 @@ public abstract class AbstractSamlInHand
         }
         return false;
     }
+    
+ // this code will be moved to a common utility class
+    protected Crypto getCrypto(Message message, String propKey) 
+        throws IOException, WSSecurityException {
+        
+        Object o = message.getContextualProperty(propKey);
+        if (o == null) {
+            return null;
+        }
+        
+        ClassLoader orig = Thread.currentThread().getContextClassLoader();
+        try {
+            URL url = ClassLoaderUtils.getResource((String)o, this.getClass());
+            if (url == null) {
+                ResourceManager manager = message.getExchange()
+                        .getBus().getExtension(ResourceManager.class);
+                ClassLoader loader = manager.resolveResource("", ClassLoader.class);
+                if (loader != null) {
+                    Thread.currentThread().setContextClassLoader(loader);
+                }
+                url = manager.resolveResource((String)o, URL.class);
+            }
+            if (url != null) {
+                Properties props = new Properties();
+                InputStream in = url.openStream(); 
+                props.load(in);
+                in.close();
+                return CryptoFactory.getInstance(props);
+            } else {
+                return CryptoFactory.getInstance((String)o);
+            }
+        } finally {
+            Thread.currentThread().setContextClassLoader(orig);
+        }
+    }
+    
+    private CallbackHandler getCallbackHandler(Message message) {
+        //Then try to get the password from the given callback handler
+        Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
+    
+        CallbackHandler handler = null;
+        if (o instanceof CallbackHandler) {
+            handler = (CallbackHandler)o;
+        } else if (o instanceof String) {
+            try {
+                handler = (CallbackHandler)ClassLoaderUtils
+                    .loadClass((String)o, this.getClass()).newInstance();
+            } catch (Exception e) {
+                handler = null;
+            }
+        }
+        return handler;
+    }
 }

Modified: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/AbstractSamlOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/AbstractSamlOutInterceptor.java?rev=1147879&r1=1147878&r2=1147879&view=diff
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/AbstractSamlOutInterceptor.java (original)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/AbstractSamlOutInterceptor.java Mon Jul 18 13:49:35 2011
@@ -71,29 +71,19 @@ public abstract class AbstractSamlOutInt
                     message, SecurityConstants.SELF_SIGN_SAML_ASSERTION, false
                 );
             if (selfSignAssertion) {
+                //--- This code will be moved to a common utility class
                 Crypto crypto = getCrypto(message, 
                                           SecurityConstants.SIGNATURE_CRYPTO,
                                           SecurityConstants.SIGNATURE_PROPERTIES);
                 
-                String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
-                String user = (String)message.getContextualProperty(userNameKey);
-                if (crypto != null && StringUtils.isEmpty(user)) {
-                    try {
-                        user = crypto.getDefaultX509Identifier();
-                    } catch (WSSecurityException e1) {
-                        throw new Fault(e1);
-                    }
-                }
+                String user = getUserName(message, crypto);
                 if (StringUtils.isEmpty(user)) {
                     return assertion;
                 }
         
-                CallbackHandler handler = getCallbackHandler(message);
-                String password = getPassword(handler, user, WSPasswordCallback.SIGNATURE);
-                if (password == null) {
-                    password = "";
-                }
-             
+                String password = getPassword(message, user, WSPasswordCallback.SIGNATURE);
+                //---
+                
                 // TODO configure using a KeyValue here
                 assertion.signAssertion(user, password, crypto, false);
             }
@@ -107,7 +97,23 @@ public abstract class AbstractSamlOutInt
         
     }
         
-    private String getPassword(CallbackHandler handler, String userName, int type) {
+    // This code will be moved to a common utility class
+    private String getUserName(Message message, Crypto crypto) {
+        String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
+        String user = (String)message.getContextualProperty(userNameKey);
+        if (crypto != null && StringUtils.isEmpty(user)) {
+            try {
+                user = crypto.getDefaultX509Identifier();
+            } catch (WSSecurityException e1) {
+                throw new Fault(e1);
+            }
+        }
+        return user;
+    }
+    
+    
+    private String getPassword(Message message, String userName, int type) {
+        CallbackHandler handler = getCallbackHandler(message);
         if (handler == null) {
             return null;
         }
@@ -120,7 +126,8 @@ public abstract class AbstractSamlOutInt
         }
         
         //get the password
-        return cb[0].getPassword();
+        String password = cb[0].getPassword();
+        return password == null ? "" : password;
     }
     
     private CallbackHandler getCallbackHandler(Message message) {

Modified: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlHeaderOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlHeaderOutInterceptor.java?rev=1147879&r1=1147878&r2=1147879&view=diff
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlHeaderOutInterceptor.java (original)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/SamlHeaderOutInterceptor.java Mon Jul 18 13:49:35 2011
@@ -34,11 +34,16 @@ import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.message.Message;
 import org.apache.ws.security.saml.ext.AssertionWrapper;
+import org.apache.ws.security.saml.ext.OpenSAMLUtil;
 
 public class SamlHeaderOutInterceptor extends AbstractSamlOutInterceptor {
     private static final Logger LOG = 
         LogUtils.getL7dLogger(SamlHeaderOutInterceptor.class);
     
+    static {
+        OpenSAMLUtil.initSamlEngine();
+    }
+    
     private boolean useDeflateEncoding = true;
     
     public SamlHeaderOutInterceptor() {

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/BookServerXmlSec.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/BookServerXmlSec.java?rev=1147879&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/BookServerXmlSec.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/BookServerXmlSec.java Mon Jul 18 13:49:35 2011
@@ -0,0 +1,75 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.xml;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.jaxrs.JAXRSServerFactoryBean;
+import org.apache.cxf.jaxrs.lifecycle.SingletonResourceProvider;
+import org.apache.cxf.systest.jaxrs.security.BookStore;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+import org.apache.cxf.testutil.common.TestUtil;
+    
+public class BookServerXmlSec extends AbstractBusTestServerBase {
+    public static final String PORT = TestUtil.getPortNumber("jaxrs-xmlsig");
+    private static final String SERVER_CONFIG_FILE =
+        "org/apache/cxf/systest/jaxrs/security/xml/server.xml";
+    
+    protected void run() {
+        SpringBusFactory bf = new SpringBusFactory();
+        Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
+        BusFactory.setDefaultBus(springBus);
+        
+        JAXRSServerFactoryBean sf = new JAXRSServerFactoryBean();
+        
+        sf.setResourceClasses(BookStore.class);
+        
+        sf.setProvider(new XmlSigInHandler());
+        
+        sf.setResourceProvider(BookStore.class,
+                               new SingletonResourceProvider(new BookStore(), true));
+        sf.setAddress("https://localhost:" + PORT + "/");
+
+        Map<String, Object> properties = new HashMap<String, Object>();
+        properties.put("ws-security.callback-handler", 
+                       "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
+        properties.put("ws-security.signature.properties", 
+                       "org/apache/cxf/systest/jaxrs/security/alice.properties");
+        sf.setProperties(properties);
+        
+        sf.create();        
+    }
+
+    public static void main(String[] args) {
+        try {
+            BookServerXmlSec s = new BookServerXmlSec();
+            s.start();
+        } catch (Exception ex) {
+            ex.printStackTrace();
+            System.exit(-1);
+        } finally {
+            System.out.println("done!");
+        }
+    }
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/BookServerXmlSec.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/BookServerXmlSec.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSigTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSigTest.java?rev=1147879&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSigTest.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSigTest.java Mon Jul 18 13:49:35 2011
@@ -0,0 +1,85 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.xml;
+
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.jaxrs.client.ClientWebApplicationException;
+import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
+import org.apache.cxf.jaxrs.client.ServerWebApplicationException;
+import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.systest.jaxrs.security.Book;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class JAXRSXmlSigTest extends AbstractBusClientServerTestBase {
+    public static final String PORT = BookServerXmlSec.PORT;
+
+    @BeforeClass
+    public static void startServers() throws Exception {
+        assertTrue("server did not launch correctly", 
+                   launchServer(BookServerXmlSec.class, true));
+    }
+    
+    @Test
+    public void testPostBookWithEnvelopedSig() throws Exception {
+        String address = "https://localhost:" + PORT + "/bookstore/books";
+        JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
+        bean.setAddress(address);
+        
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = JAXRSXmlSigTest.class.getResource("client.xml");
+        Bus springBus = bf.createBus(busFile.toString());
+        bean.setBus(springBus);
+
+        Map<String, Object> properties = new HashMap<String, Object>();
+        properties.put("ws-security.callback-handler", 
+                       "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
+        properties.put("ws-security.signature.username", "alice");
+        properties.put("ws-security.signature.properties", 
+                       "org/apache/cxf/systest/jaxrs/security/alice.properties");
+        bean.setProperties(properties);
+        bean.getOutInterceptors().add(new XmlSigOutInterceptor());
+        
+        
+        WebClient wc = bean.createWebClient();
+        try {
+            Book book = wc.post(new Book("CXF", 126L), Book.class);
+            assertEquals(126L, book.getId());
+        } catch (ServerWebApplicationException ex) {
+            fail(ex.getMessage());
+        } catch (ClientWebApplicationException ex) {
+            if (ex.getCause() != null && ex.getCause().getMessage() != null) {
+                fail(ex.getCause().getMessage());
+            } else {
+                fail(ex.getMessage());
+            }
+        }
+        
+    }
+    
+    
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSigTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSigTest.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigInHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigInHandler.java?rev=1147879&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigInHandler.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigInHandler.java Mon Jul 18 13:49:35 2011
@@ -0,0 +1,243 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.xml;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+import java.util.Properties;
+import java.util.logging.Logger;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response;
+import javax.xml.stream.XMLStreamReader;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.jaxrs.ext.RequestHandler;
+import org.apache.cxf.jaxrs.model.ClassResourceInfo;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.resource.ResourceManager;
+import org.apache.cxf.staxutils.W3CDOMStreamReader;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.handler.RequestData;
+import org.apache.ws.security.validate.Credential;
+import org.apache.ws.security.validate.SignatureTrustValidator;
+import org.apache.xml.security.exceptions.XMLSecurityException;
+import org.apache.xml.security.keys.KeyInfo;
+import org.apache.xml.security.signature.Reference;
+import org.apache.xml.security.signature.XMLSignature;
+import org.apache.xml.security.transforms.Transform;
+import org.apache.xml.security.transforms.Transforms;
+import org.apache.xml.security.utils.Constants;
+
+public class XmlSigInHandler implements RequestHandler {
+    private static final Logger LOG = 
+        LogUtils.getL7dLogger(XmlSigInHandler.class);
+    
+    static {
+        org.apache.xml.security.Init.init();
+    }
+    
+    public Response handleRequest(Message message, ClassResourceInfo resourceClass) {
+        
+        String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
+        if ("GET".equals(method)) {
+            return null;
+        }
+        
+        InputStream is = message.getContent(InputStream.class);
+        Document doc = null;
+        try {
+            doc = DOMUtils.readXml(is);
+        } catch (Exception ex) {
+            throwFault("Invalid XML payload", ex);
+        }
+        
+
+        Element root = doc.getDocumentElement();
+        Element sigElement = getSignatureElement(root);
+        if (sigElement == null) {
+            throwFault("Enveloped Signature is not available", null);
+        }
+        
+        Crypto crypto = null;
+        try {
+            crypto = getCrypto(message, SecurityConstants.SIGNATURE_PROPERTIES);
+        } catch (Exception ex) {
+            throwFault("Crypto can not be loaded", ex);
+        }
+        boolean valid = false;
+        try {
+            XMLSignature signature = new XMLSignature(sigElement, "");
+            // WSS4J SAMLUtil.getCredentialFromKeyInfo will also handle 
+            // the X509IssuerSerial case
+            KeyInfo keyInfo = signature.getKeyInfo();
+            
+            X509Certificate cert = keyInfo.getX509Certificate();
+            if (cert != null) {
+                valid = signature.checkSignatureValue(cert);
+            } else {
+                PublicKey pk = keyInfo.getPublicKey();
+                if (pk != null) {
+                    valid = signature.checkSignatureValue(pk);
+                }
+            }
+            // is this call redundant given that signature.checkSignatureValue uses References ?
+            validateReference(root, signature);
+            
+            Credential trustCredential = new Credential();
+            trustCredential.setPublicKey(keyInfo.getPublicKey());
+            trustCredential.setCertificates(new X509Certificate[]{keyInfo.getX509Certificate()});
+            validateTrust(trustCredential, crypto);
+        } catch (Exception ex) {
+            throwFault("Signature validation failed", ex);
+        }
+        if (!valid) {
+            throwFault("Signature validation failed", null);
+        }
+        
+        root.removeAttribute("ID");
+        root.removeChild(sigElement);
+        message.setContent(XMLStreamReader.class, 
+                           new W3CDOMStreamReader(root));
+        message.setContent(InputStream.class, null);
+        
+        //TODO: If we have a SAML assertion header as well with holder-of-key or
+        // sender-vouches claims then we will need to store signature or parts of it
+        // to validate that saml assertion and this payload have been signed by the 
+        // same key
+        
+        return null;
+    }
+    
+    private Element getSignatureElement(Element root) {
+        NodeList list = root.getElementsByTagNameNS(Constants.SignatureSpecNS, "Signature");
+        if (list != null && list.getLength() == 1) {
+            return (Element)list.item(0);
+        } 
+        return null;
+    }
+    
+    private void validateTrust(Credential cred, Crypto crypto) throws Exception {
+        SignatureTrustValidator validator = new SignatureTrustValidator();
+        RequestData data = new RequestData();
+        data.setSigCrypto(crypto);
+        validator.validate(cred, data);
+    }
+    
+    protected void throwFault(String error, Exception ex) {
+        // TODO: get bundle resource message once this filter is moved 
+        // to rt/rs/security
+        LOG.warning(error);
+        Response response = Response.status(401).entity(error).build();
+        throw ex != null ? new WebApplicationException(ex, response) : new WebApplicationException(response);
+    }
+    
+    // this code will be moved to a common utility class
+    protected Crypto getCrypto(Message message, String propKey) 
+        throws IOException, WSSecurityException {
+        
+        Object o = message.getContextualProperty(propKey);
+        if (o == null) {
+            return null;
+        }
+        
+        ClassLoader orig = Thread.currentThread().getContextClassLoader();
+        try {
+            URL url = ClassLoaderUtils.getResource((String)o, this.getClass());
+            if (url == null) {
+                ResourceManager manager = message.getExchange()
+                        .getBus().getExtension(ResourceManager.class);
+                ClassLoader loader = manager.resolveResource("", ClassLoader.class);
+                if (loader != null) {
+                    Thread.currentThread().setContextClassLoader(loader);
+                }
+                url = manager.resolveResource((String)o, URL.class);
+            }
+            if (url != null) {
+                Properties props = new Properties();
+                InputStream in = url.openStream(); 
+                props.load(in);
+                in.close();
+                return CryptoFactory.getInstance(props);
+            } else {
+                return CryptoFactory.getInstance((String)o);
+            }
+        } finally {
+            Thread.currentThread().setContextClassLoader(orig);
+        }
+    }
+    
+    protected void validateReference(Element root, XMLSignature sig) {
+        Reference ref = null;
+        int count = sig.getSignedInfo().getLength();
+        if (count != 1) {
+            throwFault("Multiple Signature Reference are not currently supported", null);
+        }
+        try {
+            ref = sig.getSignedInfo().item(0);
+        } catch (XMLSecurityException ex) {
+            throwFault("Signature Reference is not available", ex);
+        }
+        String rootId = root.getAttribute("ID");
+        String refId = ref.getId();
+        if (refId.length() == 0 && rootId.length() == 0) {
+            // or fragment must be expected ?
+            return;
+        }
+        if (refId.startsWith("#") && refId.length() > 1 && refId.substring(1).equals(rootId)) {
+            return;
+        } else {
+            throwFault("Signature Reference ID is invalid", null);
+        }
+        Transforms transforms = null;
+        try {
+            transforms = ref.getTransforms();
+        } catch (XMLSecurityException ex) {
+            throwFault("Signature transforms can not be obtained", ex);
+        }
+        boolean isEnveloped = false;
+        for (int i = 0; i < transforms.getLength(); i++) {
+            try {
+                Transform tr = transforms.item(i);
+                if (Transforms.TRANSFORM_ENVELOPED_SIGNATURE.equals(tr.getURI())) {
+                    isEnveloped = true;
+                    break;
+                }
+            } catch (Exception ex) {
+                throwFault("Problem accessing Transform instance", ex);    
+            }
+        }
+        if (!isEnveloped) {
+            throwFault("Only enveloped signatures are currently supported", null);
+        }
+    }
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigInHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigInHandler.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigOutInterceptor.java?rev=1147879&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigOutInterceptor.java (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigOutInterceptor.java Mon Jul 18 13:49:35 2011
@@ -0,0 +1,331 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jaxrs.security.xml;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.lang.annotation.Annotation;
+import java.net.URL;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.UUID;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.logging.Logger;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.dom.DOMSource;
+
+import org.w3c.dom.Document;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.jaxrs.provider.JAXBElementProvider;
+import org.apache.cxf.jaxrs.provider.ProviderFactory;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageContentsList;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.cxf.resource.ResourceManager;
+import org.apache.cxf.service.model.EndpointInfo;
+import org.apache.cxf.staxutils.W3CDOMStreamWriter;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.ws.security.WSPasswordCallback;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.components.crypto.CryptoType;
+import org.apache.xml.security.signature.XMLSignature;
+import org.apache.xml.security.transforms.Transforms;
+import org.apache.xml.security.utils.Constants;
+import org.apache.xml.security.utils.ElementProxy;
+import org.opensaml.xml.signature.SignatureConstants;
+
+public class XmlSigOutInterceptor extends AbstractPhaseInterceptor<Message> {
+    private static final Logger LOG = 
+        LogUtils.getL7dLogger(XmlSigOutInterceptor.class);
+    private static final String CRYPTO_CACHE = "ws-security.crypto.cache";
+    
+    static {
+        org.apache.xml.security.Init.init();
+    }
+    
+    private boolean createReferenceId = true;
+    
+    public XmlSigOutInterceptor() {
+        super(Phase.WRITE);
+    } 
+
+    public void setCreateReferenceId(boolean create) {
+        createReferenceId = create;
+    }
+    
+    public void handleMessage(Message message) throws Fault {
+        try {
+            Object body = getRequestBody(message);
+            if (body == null) {
+                return;
+            }
+            Document doc = getDomDocument(body, message);
+            if (doc == null) {
+                return;
+            }
+ 
+            createEnvelopedSignature(message, doc);
+            message.setContent(List.class, 
+                               new MessageContentsList(new DOMSource(doc)));
+        } catch (Exception ex) {
+            StringWriter sw = new StringWriter();
+            ex.printStackTrace(new PrintWriter(sw));
+            LOG.warning(sw.toString());
+            throw new Fault(new RuntimeException(ex.getMessage() + ", stacktrace: " + sw.toString()));
+        }
+    }
+    
+    // enveloping & detached sigs will be supported too
+    private void createEnvelopedSignature(Message message, Document doc) 
+        throws Exception {
+        //--- This code will be moved to a common utility class
+        Crypto crypto = getCrypto(message, 
+                                  SecurityConstants.SIGNATURE_CRYPTO,
+                                  SecurityConstants.SIGNATURE_PROPERTIES);
+        
+        String user = getUserName(message, crypto);
+        if (StringUtils.isEmpty(user)) {
+            return;
+        }
+
+        String password = getPassword(message, user, WSPasswordCallback.SIGNATURE);
+        //---
+        // 
+     // prepare to sign the SAML token
+        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+        cryptoType.setAlias(user);
+        X509Certificate[] issuerCerts = crypto.getX509Certificates(cryptoType);
+        if (issuerCerts == null) {
+            throw new WSSecurityException(
+                "No issuer certs were found to sign the document using issuer name: " 
+                + user);
+        }
+        
+        String sigAlgo = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1;
+        String pubKeyAlgo = issuerCerts[0].getPublicKey().getAlgorithm();
+        if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
+            sigAlgo = XMLSignature.ALGO_ID_SIGNATURE_DSA;
+        }
+        PrivateKey privateKey = null;
+        try {
+            privateKey = crypto.getPrivateKey(user, password);
+        } catch (Exception ex) {
+            throw new WSSecurityException(ex.getMessage(), ex);
+        }
+        //
+        ElementProxy.setDefaultPrefix(Constants.SignatureSpecNS, "ds");
+        
+        String referenceId = "";
+        if (createReferenceId) {
+            String id = UUID.randomUUID().toString();
+            referenceId = "#" + id;
+            doc.getDocumentElement().setAttribute("ID", id);    
+        }
+        
+        XMLSignature sig = new XMLSignature(doc, "", sigAlgo);
+        doc.getDocumentElement().appendChild(sig.getElement());
+        Transforms transforms = new Transforms(doc);
+        transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
+        transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
+        
+        sig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1, referenceId, null);
+        
+        sig.addKeyInfo(issuerCerts[0]);
+        sig.addKeyInfo(issuerCerts[0].getPublicKey());
+        sig.sign(privateKey);
+    }
+    
+    private Object getRequestBody(Message message) {
+        MessageContentsList objs = MessageContentsList.getContentsList(message);
+        if (objs == null || objs.size() == 0) {
+            return null;
+        } else {
+            return objs.get(0);
+        }
+    }
+    
+    @SuppressWarnings("unchecked")
+    private Document getDomDocument(Object body, Message m) throws Exception {
+        
+        ProviderFactory pf = ProviderFactory.getInstance(m);
+        
+        Object providerObject = pf.createMessageBodyWriter(body.getClass(), 
+                                   body.getClass(), new Annotation[]{}, 
+                                   MediaType.APPLICATION_XML_TYPE, m);
+        if (!(providerObject instanceof JAXBElementProvider)) {
+            return null;
+        }
+        JAXBElementProvider provider = (JAXBElementProvider)providerObject;
+        W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
+        m.setContent(XMLStreamWriter.class, writer);
+        provider.writeTo(body, body.getClass(), 
+                         body.getClass(), new Annotation[]{},
+                         MediaType.APPLICATION_XML_TYPE,
+                         (MultivaluedMap)m.get(Message.PROTOCOL_HEADERS), null);
+        return writer.getDocument();
+    }
+    
+ // This code will be moved to a common utility class
+    private String getUserName(Message message, Crypto crypto) {
+        String userNameKey = SecurityConstants.SIGNATURE_USERNAME;
+        String user = (String)message.getContextualProperty(userNameKey);
+        if (crypto != null && StringUtils.isEmpty(user)) {
+            try {
+                user = crypto.getDefaultX509Identifier();
+            } catch (WSSecurityException e1) {
+                throw new Fault(e1);
+            }
+        }
+        return user;
+    }
+    
+    
+    private String getPassword(Message message, String userName, int type) {
+        CallbackHandler handler = getCallbackHandler(message);
+        if (handler == null) {
+            return null;
+        }
+        
+        WSPasswordCallback[] cb = {new WSPasswordCallback(userName, type)};
+        try {
+            handler.handle(cb);
+        } catch (Exception e) {
+            return null;
+        }
+        
+        //get the password
+        String password = cb[0].getPassword();
+        return password == null ? "" : password;
+    }
+    
+    private CallbackHandler getCallbackHandler(Message message) {
+        //Then try to get the password from the given callback handler
+        Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER);
+    
+        CallbackHandler handler = null;
+        if (o instanceof CallbackHandler) {
+            handler = (CallbackHandler)o;
+        } else if (o instanceof String) {
+            try {
+                handler = (CallbackHandler)ClassLoaderUtils
+                    .loadClass((String)o, this.getClass()).newInstance();
+            } catch (Exception e) {
+                handler = null;
+            }
+        }
+        return handler;
+    }
+    
+    private Crypto getCrypto(Message message,
+                             String cryptoKey, 
+                             String propKey) {
+        Crypto crypto = (Crypto)message.getContextualProperty(cryptoKey);
+        if (crypto != null) {
+            return crypto;
+        }
+        
+        Object o = message.getContextualProperty(propKey);
+        if (o == null) {
+            return null;
+        }
+        
+        crypto = getCryptoCache(message).get(o);
+        if (crypto != null) {
+            return crypto;
+        }
+        Properties properties = null;
+        if (o instanceof Properties) {
+            properties = (Properties)o;
+        } else if (o instanceof String) {
+            ResourceManager rm = message.getExchange().get(Bus.class).getExtension(ResourceManager.class);
+            URL url = rm.resolveResource((String)o, URL.class);
+            try {
+                if (url == null) {
+                    url = ClassLoaderUtils.getResource((String)o, this.getClass());
+                }
+                if (url == null) {
+                    try {
+                        url = new URL((String)o);
+                    } catch (Exception ex) {
+                        throw new RuntimeException(ex);
+                    }
+                }
+                if (url != null) {
+                    InputStream ins = url.openStream();
+                    properties = new Properties();
+                    properties.load(ins);
+                    ins.close();
+                }
+            } catch (IOException e) {
+                throw new RuntimeException(e);
+            }
+        } else if (o instanceof URL) {
+            properties = new Properties();
+            try {
+                InputStream ins = ((URL)o).openStream();
+                properties.load(ins);
+                ins.close();
+            } catch (IOException e) {
+                throw new RuntimeException(e);
+            }            
+        }
+        
+        if (properties != null) {
+            try {
+                crypto = CryptoFactory.getInstance(properties);
+            } catch (Exception ex) {
+                return null;
+            }
+            getCryptoCache(message).put(o, crypto);
+        }
+        return crypto;
+    }
+    
+    protected final Map<Object, Crypto> getCryptoCache(Message message) {
+        EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
+        synchronized (info) {
+            Map<Object, Crypto> o = 
+                CastUtils.cast((Map<?, ?>)message.getContextualProperty(CRYPTO_CACHE));
+            if (o == null) {
+                o = new ConcurrentHashMap<Object, Crypto>();
+                info.setProperty(CRYPTO_CACHE, o);
+            }
+            return o;
+        }
+    }
+}

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigOutInterceptor.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/XmlSigOutInterceptor.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/client.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/client.xml?rev=1147879&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/client.xml (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/client.xml Mon Jul 18 13:49:35 2011
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ 
+ http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:http="http://cxf.apache.org/transports/http/configuration"
+       xmlns:jaxws="http://cxf.apache.org/jaxws"
+       xmlns:cxf="http://cxf.apache.org/core"
+       xmlns:p="http://cxf.apache.org/policy"
+       xmlns:sec="http://cxf.apache.org/configuration/security"
+       xsi:schemaLocation="
+          http://www.springframework.org/schema/beans           http://www.springframework.org/schema/beans/spring-beans.xsd
+          http://cxf.apache.org/jaxws                           http://cxf.apache.org/schemas/jaxws.xsd
+          http://cxf.apache.org/transports/http/configuration   http://cxf.apache.org/schemas/configuration/http-conf.xsd
+          http://cxf.apache.org/configuration/security          http://cxf.apache.org/schemas/configuration/security.xsd
+          http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+          http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd"
+>
+    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+    
+    <http:conduit name="https://localhost.*">
+        <http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000"/>
+        <http:tlsClientParameters disableCNCheck="true">
+            <sec:keyManagers keyPassword="password">
+	           <sec:keyStore type="JKS" password="password" 
+	                file="src/test/java/org/apache/cxf/systest/http/resources/Morpit.jks"/>
+	           </sec:keyManagers>
+	        <sec:trustManagers>
+	           <sec:keyStore type="JKS" password="password"
+	               file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
+	        </sec:trustManagers>
+        </http:tlsClientParameters>
+    </http:conduit>  
+        
+</beans>

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/client.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/client.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/client.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml?rev=1147879&view=auto
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml (added)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml Mon Jul 18 13:49:35 2011
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:http="http://cxf.apache.org/transports/http/configuration"
+       xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+       xmlns:sec="http://cxf.apache.org/configuration/security"
+       xmlns:cxf="http://cxf.apache.org/core"
+       xsi:schemaLocation="
+        http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+        http://www.springframework.org/schema/beans                 http://www.springframework.org/schema/beans/spring-beans.xsd
+        http://cxf.apache.org/transports/http/configuration         http://cxf.apache.org/schemas/configuration/http-conf.xsd
+        http://cxf.apache.org/transports/http-jetty/configuration   http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+        http://cxf.apache.org/configuration/security                http://cxf.apache.org/schemas/configuration/security.xsd
+        ">
+
+	<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+	
+	<cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+
+    <httpj:engine-factory id="port-9095-tls-config">
+        <httpj:engine port="${testutil.ports.jaxrs-xmlsig}">
+            <httpj:tlsServerParameters>
+               <sec:keyManagers keyPassword="password">
+	           <sec:keyStore type="JKS" password="password" 
+	                file="src/test/java/org/apache/cxf/systest/http/resources/Bethal.jks"/>
+	      		</sec:keyManagers>
+	      		<sec:trustManagers>
+	          	<sec:keyStore type="JKS" password="password"
+	               file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
+	     		</sec:trustManagers>
+	     		<sec:cipherSuitesFilter>
+                    <sec:include>.*_EXPORT_.*</sec:include>
+                    <sec:include>.*_EXPORT1024_.*</sec:include>
+                    <sec:include>.*_WITH_DES_.*</sec:include>
+                    <sec:include>.*_WITH_NULL_.*</sec:include>
+                    <sec:exclude>.*_DH_anon_.*</sec:exclude>
+                </sec:cipherSuitesFilter>
+                <sec:clientAuthentication want="true" required="true"/>
+            </httpj:tlsServerParameters>
+        </httpj:engine>
+    </httpj:engine-factory>
+
+</beans>

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml?rev=1147879&r1=1147878&r2=1147879&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml (original)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/client/client.xml Mon Jul 18 13:49:35 2011
@@ -42,6 +42,7 @@
     </cxf:bus>
     
     <http:conduit name="https://localhost.*">
+        <http:client ConnectionTimeout="6000000" ReceiveTimeout="6000000"/>
         <http:tlsClientParameters disableCNCheck="true">
             <sec:keyManagers keyPassword="password">
                 <sec:keyStore type="jks" password="password" resource="org/apache/cxf/systest/ws/security/Morpit.jks"/>



Mime
View raw message