cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1157743 - in /cxf/trunk: rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/ systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/
Date Mon, 15 Aug 2011 09:06:33 GMT
Author: sergeyb
Date: Mon Aug 15 09:06:33 2011
New Revision: 1157743

URL: http://svn.apache.org/viewvc?rev=1157743&view=rev
Log:
[CXF-3677] Updating tests to receive encrypted content on the client side

Added:
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
  (with props)
Modified:
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncInHandler.java
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml

Added: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java?rev=1157743&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
(added)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
Mon Aug 15 09:06:33 2011
@@ -0,0 +1,247 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.xml;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+import java.util.logging.Logger;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.security.auth.callback.CallbackHandler;
+import javax.xml.stream.XMLStreamReader;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.util.Base64Exception;
+import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.helpers.DOMUtils;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.rs.security.common.CryptoLoader;
+import org.apache.cxf.rs.security.common.SecurityUtils;
+import org.apache.cxf.rs.security.common.TrustValidator;
+import org.apache.cxf.staxutils.W3CDOMStreamReader;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSConfig;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.util.WSSecurityUtil;
+import org.apache.xml.security.encryption.XMLCipher;
+import org.apache.xml.security.encryption.XMLEncryptionException;
+import org.apache.xml.security.utils.Constants;
+
+
+public abstract class AbstractXmlEncInHandler {
+    private static final Logger LOG = 
+        LogUtils.getL7dLogger(AbstractXmlEncInHandler.class);
+    
+    static {
+        WSSConfig.init();
+    }
+    
+    
+    public void decryptContent(Message message) {
+        Message outMs = message.getExchange().getOutMessage();
+        Message inMsg = outMs == null ? message : outMs.getExchange().getInMessage();
+        String method = (String)inMsg.get(Message.HTTP_REQUEST_METHOD);
+        if ("GET".equals(method)) {
+            return;
+        }
+        
+        InputStream is = message.getContent(InputStream.class);
+        Document doc = null;
+        try {
+            doc = DOMUtils.readXml(is);
+        } catch (Exception ex) {
+            String errorMessage = "Invalid XML payload";
+            LOG.warning(errorMessage);
+            throwFault(errorMessage, ex);
+        }
+        
+
+        Element root = doc.getDocumentElement();
+        
+        byte[] symmetricKeyBytes = getSymmetricKeyBytes(message, root);
+                
+        String algorithm = getEncodingMethodAlgorithm(root);
+        byte[] decryptedPayload = null;
+        try {
+            decryptedPayload = decryptPayload(root, symmetricKeyBytes, algorithm);
+        } catch (Exception ex) {
+            throwFault("Payload can not be decrypted", ex);
+        }
+        
+        Document payloadDoc = null;
+        try {
+            payloadDoc = DOMUtils.readXml(new InputStreamReader(new ByteArrayInputStream(decryptedPayload),
+                                               "UTF-8"));
+        } catch (Exception ex) {
+            throwFault("Payload document can not be created", ex);
+        }
+        message.setContent(XMLStreamReader.class, 
+                           new W3CDOMStreamReader(payloadDoc));
+        message.setContent(InputStream.class, null);
+    }
+    
+    // Subclasses can overwrite it and return the bytes, assuming they know the actual key
+    protected byte[] getSymmetricKeyBytes(Message message, Element encDataElement) {
+        Crypto crypto = null;
+        try {
+            crypto = new CryptoLoader().getCrypto(message,
+                               SecurityConstants.ENCRYPT_CRYPTO,
+                               SecurityConstants.ENCRYPT_PROPERTIES);
+        } catch (Exception ex) {
+            throwFault("Crypto can not be loaded", ex);
+        }
+        
+        Element encKeyElement = getNode(encDataElement, WSConstants.ENC_NS, "EncryptedKey",
0);
+        if (encKeyElement == null) {
+            //TODO: support EncryptedData/ds:KeyInfo - the encrypted key is passed out of
band
+            throwFault("EncryptedKey element is not available", null);
+        }
+        
+        X509Certificate cert = loadCertificate(crypto, encKeyElement);
+        
+        try {
+            new TrustValidator().validateTrust(crypto, cert, null);
+        } catch (Exception ex) {
+            throwFault(ex.getMessage(), ex);
+        }
+        
+        // now start decrypting
+        String algorithm = getEncodingMethodAlgorithm(encKeyElement);
+        Element cipherValue = getNode(encKeyElement, WSConstants.ENC_NS, 
+                                               "CipherValue", 0);
+        if (cipherValue == null) {
+            throwFault("CipherValue element is not available", null);
+        }
+        try {
+            return decryptSymmetricKey(cipherValue.getTextContent().trim(),
+                                       cert,
+                                       crypto,
+                                       algorithm,
+                                       message);
+        } catch (Exception ex) {
+            throwFault(ex.getMessage(), ex);
+        }
+        return null;
+    }
+    
+    private X509Certificate loadCertificate(Crypto crypto, Element encKeyElement) {
+        /**
+         * TODO: the following can be easily supported too  
+         <X509SKI>31d97bd7</X509SKI>
+         <X509SubjectName>Subject of Certificate B</X509SubjectName>
+         * 
+         */
+        
+        Element certNode = getNode(encKeyElement, 
+                                   Constants.SignatureSpecNS, "X509Certificate", 0);
+        if (certNode != null) {
+            try {
+                return SecurityUtils.loadX509Certificate(crypto, certNode);
+            } catch (Exception ex) {
+                throwFault("X509Certificate can not be created", ex);
+            }
+        }
+        certNode = getNode(encKeyElement, 
+                Constants.SignatureSpecNS, "X509IssuerSerial", 0);
+        if (certNode != null) {
+            try {
+                return SecurityUtils.loadX509IssuerSerial(crypto, certNode);
+            } catch (Exception ex) {
+                throwFault("X509Certificate can not be created", ex);
+            }
+        }
+        throwFault("Certificate is missing", null);
+        return null;
+    }
+    
+    private String getEncodingMethodAlgorithm(Element parent) {
+        Element encMethod = getNode(parent, WSConstants.ENC_NS, "EncryptionMethod", 0);
+        if (encMethod == null) {
+            throwFault("EncryptionMethod element is not available", null);
+        }
+        return encMethod.getAttribute("Algorithm");
+    }
+
+    //TODO: Support symmetric keys if requested
+    protected byte[] decryptSymmetricKey(String base64EncodedKey, 
+                                         X509Certificate cert,
+                                         Crypto crypto,
+                                         String keyEncAlgo,
+                                         Message message) throws WSSecurityException {
+        CallbackHandler callback = SecurityUtils.getCallbackHandler(message, this.getClass());
+        PrivateKey key = null;
+        try {
+            key = crypto.getPrivateKey(cert, callback);
+        } catch (Exception ex) {
+            throwFault("Encrypted key can not be decrypted", ex);
+        }
+        Cipher cipher = 
+            EncryptionUtils.initCipherWithKey(keyEncAlgo, Cipher.DECRYPT_MODE, key);
+        try {
+            byte[] encryptedBytes = Base64Utility.decode(base64EncodedKey);
+            return cipher.doFinal(encryptedBytes);
+        } catch (Base64Exception ex) {
+            throwFault("Base64 decoding has failed", ex);
+        } catch (Exception ex) {
+            throwFault("Encrypted key can not be decrypted", ex);
+        }
+        return null;
+        
+    }
+    
+    protected byte[] decryptPayload(Element root, 
+                                    byte[] secretKeyBytes,
+                                    String symEncAlgo) throws WSSecurityException {
+        SecretKey key = WSSecurityUtil.prepareSecretKey(symEncAlgo, secretKeyBytes);
+        try {
+            XMLCipher xmlCipher = 
+                EncryptionUtils.initXMLCipher(symEncAlgo, XMLCipher.DECRYPT_MODE, key);
+            return xmlCipher.decryptToByteArray(root);
+        } catch (XMLEncryptionException ex) {
+            throw new WSSecurityException(
+                WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, ex
+            );
+        }
+        
+    }
+    
+    
+    private Element getNode(Element parent, String ns, String name, int index) {
+        NodeList list = parent.getElementsByTagNameNS(ns, name);
+        if (list != null && list.getLength() >= index + 1) {
+            return (Element)list.item(index);
+        } 
+        return null;
+    }
+    
+       
+    protected abstract void throwFault(String error, Exception ex);
+    
+}

Propchange: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncInHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncInHandler.java?rev=1157743&r1=1157742&r2=1157743&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncInHandler.java
(original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncInHandler.java
Mon Aug 15 09:06:33 2011
@@ -19,231 +19,27 @@
 
 package org.apache.cxf.rs.security.xml;
 
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.security.PrivateKey;
-import java.security.cert.X509Certificate;
 import java.util.logging.Logger;
 
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import javax.security.auth.callback.CallbackHandler;
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Response;
-import javax.xml.stream.XMLStreamReader;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
 
 import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.Base64Exception;
-import org.apache.cxf.common.util.Base64Utility;
-import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.jaxrs.ext.RequestHandler;
 import org.apache.cxf.jaxrs.model.ClassResourceInfo;
 import org.apache.cxf.message.Message;
-import org.apache.cxf.rs.security.common.CryptoLoader;
-import org.apache.cxf.rs.security.common.SecurityUtils;
-import org.apache.cxf.rs.security.common.TrustValidator;
-import org.apache.cxf.staxutils.W3CDOMStreamReader;
-import org.apache.cxf.ws.security.SecurityConstants;
-import org.apache.ws.security.WSConstants;
-import org.apache.ws.security.WSSConfig;
-import org.apache.ws.security.WSSecurityException;
-import org.apache.ws.security.components.crypto.Crypto;
-import org.apache.ws.security.util.WSSecurityUtil;
-import org.apache.xml.security.encryption.XMLCipher;
-import org.apache.xml.security.encryption.XMLEncryptionException;
-import org.apache.xml.security.utils.Constants;
 
-public class XmlEncInHandler implements RequestHandler {
+public class XmlEncInHandler extends AbstractXmlEncInHandler implements RequestHandler {
     private static final Logger LOG = 
         LogUtils.getL7dLogger(XmlEncInHandler.class);
     
-    static {
-        WSSConfig.init();
-    }
-    
     
     public Response handleRequest(Message message, ClassResourceInfo resourceClass) {
         
-        String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
-        if ("GET".equals(method)) {
-            return null;
-        }
-        
-        InputStream is = message.getContent(InputStream.class);
-        Document doc = null;
-        try {
-            doc = DOMUtils.readXml(is);
-        } catch (Exception ex) {
-            throwFault("Invalid XML payload", ex);
-        }
-        
-
-        Element root = doc.getDocumentElement();
-        
-        byte[] symmetricKeyBytes = getSymmetricKeyBytes(message, root);
-                
-        String algorithm = getEncodingMethodAlgorithm(root);
-        byte[] decryptedPayload = null;
-        try {
-            decryptedPayload = decryptPayload(root, symmetricKeyBytes, algorithm);
-        } catch (Exception ex) {
-            throwFault("Payload can not be decrypted", ex);
-        }
-        
-        Document payloadDoc = null;
-        try {
-            payloadDoc = DOMUtils.readXml(new InputStreamReader(new ByteArrayInputStream(decryptedPayload),
-                                               "UTF-8"));
-        } catch (Exception ex) {
-            throwFault("Payload document can not be created", ex);
-        }
-        message.setContent(XMLStreamReader.class, 
-                           new W3CDOMStreamReader(payloadDoc));
-        message.setContent(InputStream.class, null);
-        return null;
-    }
-    
-    // Subclasses can overwrite it and return the bytes, assuming they know the actual key
-    protected byte[] getSymmetricKeyBytes(Message message, Element encDataElement) {
-        Crypto crypto = null;
-        try {
-            crypto = new CryptoLoader().getCrypto(message,
-                               SecurityConstants.ENCRYPT_CRYPTO,
-                               SecurityConstants.ENCRYPT_PROPERTIES);
-        } catch (Exception ex) {
-            throwFault("Crypto can not be loaded", ex);
-        }
-        
-        Element encKeyElement = getNode(encDataElement, WSConstants.ENC_NS, "EncryptedKey",
0);
-        if (encKeyElement == null) {
-            //TODO: support EncryptedData/ds:KeyInfo - the encrypted key is passed out of
band
-            throwFault("EncryptedKey element is not available", null);
-        }
-        
-        X509Certificate cert = loadCertificate(crypto, encKeyElement);
-        
-        try {
-            new TrustValidator().validateTrust(crypto, cert, null);
-        } catch (Exception ex) {
-            throwFault(ex.getMessage(), ex);
-        }
-        
-        // now start decrypting
-        String algorithm = getEncodingMethodAlgorithm(encKeyElement);
-        Element cipherValue = getNode(encKeyElement, WSConstants.ENC_NS, 
-                                               "CipherValue", 0);
-        if (cipherValue == null) {
-            throwFault("CipherValue element is not available", null);
-        }
-        try {
-            return decryptSymmetricKey(cipherValue.getTextContent().trim(),
-                                       cert,
-                                       crypto,
-                                       algorithm,
-                                       message);
-        } catch (Exception ex) {
-            throwFault(ex.getMessage(), ex);
-        }
-        return null;
-    }
-    
-    private X509Certificate loadCertificate(Crypto crypto, Element encKeyElement) {
-        /**
-         * TODO: the following can be easily supported too  
-         <X509SKI>31d97bd7</X509SKI>
-         <X509SubjectName>Subject of Certificate B</X509SubjectName>
-         * 
-         */
-        
-        Element certNode = getNode(encKeyElement, 
-                                   Constants.SignatureSpecNS, "X509Certificate", 0);
-        if (certNode != null) {
-            try {
-                return SecurityUtils.loadX509Certificate(crypto, certNode);
-            } catch (Exception ex) {
-                throwFault("X509Certificate can not be created", ex);
-            }
-        }
-        certNode = getNode(encKeyElement, 
-                Constants.SignatureSpecNS, "X509IssuerSerial", 0);
-        if (certNode != null) {
-            try {
-                return SecurityUtils.loadX509IssuerSerial(crypto, certNode);
-            } catch (Exception ex) {
-                throwFault("X509Certificate can not be created", ex);
-            }
-        }
-        throwFault("Certificate is missing", null);
-        return null;
-    }
-    
-    private String getEncodingMethodAlgorithm(Element parent) {
-        Element encMethod = getNode(parent, WSConstants.ENC_NS, "EncryptionMethod", 0);
-        if (encMethod == null) {
-            throwFault("EncryptionMethod element is not available", null);
-        }
-        return encMethod.getAttribute("Algorithm");
-    }
-
-    //TODO: Support symmetric keys if requested
-    protected byte[] decryptSymmetricKey(String base64EncodedKey, 
-                                         X509Certificate cert,
-                                         Crypto crypto,
-                                         String keyEncAlgo,
-                                         Message message) throws WSSecurityException {
-        CallbackHandler callback = SecurityUtils.getCallbackHandler(message, this.getClass());
-        PrivateKey key = null;
-        try {
-            key = crypto.getPrivateKey(cert, callback);
-        } catch (Exception ex) {
-            throwFault("Encrypted key can not be decrypted", ex);
-        }
-        Cipher cipher = 
-            EncryptionUtils.initCipherWithKey(keyEncAlgo, Cipher.DECRYPT_MODE, key);
-        try {
-            byte[] encryptedBytes = Base64Utility.decode(base64EncodedKey);
-            return cipher.doFinal(encryptedBytes);
-        } catch (Base64Exception ex) {
-            throwFault("Base64 decoding has failed", ex);
-        } catch (Exception ex) {
-            throwFault("Encrypted key can not be decrypted", ex);
-        }
-        return null;
-        
-    }
-    
-    protected byte[] decryptPayload(Element root, 
-                                    byte[] secretKeyBytes,
-                                    String symEncAlgo) throws WSSecurityException {
-        SecretKey key = WSSecurityUtil.prepareSecretKey(symEncAlgo, secretKeyBytes);
-        try {
-            XMLCipher xmlCipher = 
-                EncryptionUtils.initXMLCipher(symEncAlgo, XMLCipher.DECRYPT_MODE, key);
-            return xmlCipher.decryptToByteArray(root);
-        } catch (XMLEncryptionException ex) {
-            throw new WSSecurityException(
-                WSSecurityException.UNSUPPORTED_ALGORITHM, null, null, ex
-            );
-        }
-        
-    }
-    
-    
-    private Element getNode(Element parent, String ns, String name, int index) {
-        NodeList list = parent.getElementsByTagNameNS(ns, name);
-        if (list != null && list.getLength() >= index + 1) {
-            return (Element)list.item(index);
-        } 
+        decryptContent(message);
         return null;
     }
     
-       
     protected void throwFault(String error, Exception ex) {
         // TODO: get bundle resource message once this filter is moved 
         // to rt/rs/security

Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java?rev=1157743&r1=1157742&r2=1157743&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
(original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
Mon Aug 15 09:06:33 2011
@@ -53,6 +53,7 @@ import org.apache.ws.security.util.UUIDG
 import org.apache.ws.security.util.WSSecurityUtil;
 import org.apache.xml.security.algorithms.JCEMapper;
 import org.apache.xml.security.encryption.XMLCipher;
+import org.apache.xml.security.utils.EncryptionConstants;
 
 public class XmlEncOutInterceptor extends AbstractXmlSecOutInterceptor {
     
@@ -76,6 +77,9 @@ public class XmlEncOutInterceptor extend
     }
     
     public void setSymmetricEncAlgorithm(String algo) {
+        if (!algo.startsWith(EncryptionConstants.EncryptionSpecNS)) {
+            algo = EncryptionConstants.EncryptionSpecNS + algo;
+        }
         symEncAlgo = algo;
     }
     

Modified: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java?rev=1157743&r1=1157742&r2=1157743&view=diff
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
(original)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
Mon Aug 15 09:06:33 2011
@@ -30,6 +30,7 @@ import org.apache.cxf.jaxrs.client.JAXRS
 import org.apache.cxf.jaxrs.client.ServerWebApplicationException;
 import org.apache.cxf.jaxrs.client.WebClient;
 import org.apache.cxf.rs.security.common.SecurityUtils;
+import org.apache.cxf.rs.security.xml.XmlEncInInterceptor;
 import org.apache.cxf.rs.security.xml.XmlEncOutInterceptor;
 import org.apache.cxf.rs.security.xml.XmlSigOutInterceptor;
 import org.apache.cxf.systest.jaxrs.security.Book;
@@ -215,6 +216,7 @@ public class JAXRSXmlSecTest extends Abs
         encInterceptor.setSymmetricEncAlgorithm(XMLCipher.AES_128);
         bean.getOutInterceptors().add(encInterceptor);
         
+        bean.getInInterceptors().add(new XmlEncInInterceptor());
         
         WebClient wc = bean.createWebClient();
         try {

Modified: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml?rev=1157743&r1=1157742&r2=1157743&view=diff
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
(original)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
Mon Aug 15 09:06:33 2011
@@ -67,6 +67,9 @@ under the License.
     <bean id="serviceBean" class="org.apache.cxf.systest.jaxrs.security.BookStore"/>
     <bean id="xmlSigHandler" class="org.apache.cxf.rs.security.xml.XmlSigInHandler"/>
     <bean id="xmlEncHandler" class="org.apache.cxf.rs.security.xml.XmlEncInHandler"/>
+    <bean id="xmlEncOutHandler" class="org.apache.cxf.rs.security.xml.XmlEncOutInterceptor">
+        <property name="symmetricEncAlgorithm" value="aes128-cbc"/>
+    </bean>
     
     <jaxrs:server 
        address="https://localhost:${testutil.ports.jaxrs-xmlsec}/xmlsig"> 
@@ -90,7 +93,10 @@ under the License.
        </jaxrs:serviceBeans>
        <jaxrs:providers>
           <ref bean="xmlEncHandler"/>
-       </jaxrs:providers> 
+       </jaxrs:providers>
+       <jaxrs:outInterceptors>
+          <ref bean="xmlEncOutHandler"/>
+       </jaxrs:outInterceptors> 
        <jaxrs:properties>
            <entry key="ws-security.callback-handler" 
                   value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/>
@@ -109,6 +115,9 @@ under the License.
           <ref bean="xmlEncHandler"/>
           <ref bean="xmlSigHandler"/>
        </jaxrs:providers> 
+       <jaxrs:outInterceptors>
+          <ref bean="xmlEncOutHandler"/>
+       </jaxrs:outInterceptors>
        <jaxrs:properties>
            <entry key="ws-security.callback-handler" 
                   value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/>
@@ -130,6 +139,9 @@ under the License.
           <ref bean="xmlEncHandler"/>
           <ref bean="xmlSigHandler"/>
        </jaxrs:providers> 
+       <jaxrs:outInterceptors>
+          <ref bean="xmlEncOutHandler"/>
+       </jaxrs:outInterceptors>
        <jaxrs:properties>
            <entry key="ws-security.callback-handler" 
                   value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/>



Mime
View raw message