cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1332306 - in /cxf/branches/2.5.x-fixes: ./ rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/ systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/
Date Mon, 30 Apr 2012 17:27:43 GMT
Author: sergeyb
Date: Mon Apr 30 17:27:42 2012
New Revision: 1332306

URL: http://svn.apache.org/viewvc?rev=1332306&view=rev
Log:
Merged revisions 1332286 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1332286 | sergeyb | 2012-04-30 17:43:08 +0100 (Mon, 30 Apr 2012) | 1 line
  
  [CXF-4145] Adding the ability to restrict the encryption/signature algorithms for JAX-RS
endpoints
........

Added:
    cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
      - copied unchanged from r1332286, cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
    cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
      - copied unchanged from r1332286, cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
Modified:
    cxf/branches/2.5.x-fixes/   (props changed)
    cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
    cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
    cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSigInHandler.java
    cxf/branches/2.5.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
    cxf/branches/2.5.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml

Propchange: cxf/branches/2.5.x-fixes/
------------------------------------------------------------------------------
    svn:mergeinfo = /cxf/trunk:1332286

Propchange: cxf/branches/2.5.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java?rev=1332306&r1=1332305&r2=1332306&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
(original)
+++ cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
Mon Apr 30 17:27:42 2012
@@ -53,6 +53,8 @@ import org.apache.xml.security.utils.Con
 
 public abstract class AbstractXmlEncInHandler extends AbstractXmlSecInHandler {
     
+    private EncryptionProperties encProps;
+    
     public void decryptContent(Message message) {
         Message outMs = message.getExchange().getOutMessage();
         Message inMsg = outMs == null ? message : outMs.getExchange().getInMessage();
@@ -65,10 +67,17 @@ public abstract class AbstractXmlEncInHa
         
         byte[] symmetricKeyBytes = getSymmetricKeyBytes(message, root);
                 
-        String algorithm = getEncodingMethodAlgorithm(root);
+        String symKeyAlgo = getEncodingMethodAlgorithm(root);
+        
+        if (encProps != null && encProps.getEncryptionSymmetricKeyAlgo() != null
+            && !encProps.getEncryptionSymmetricKeyAlgo().equals(symKeyAlgo)) {
+            throwFault("Encryption Symmetric Key Algorithm is not supported", null);
+        }
+        
+        
         byte[] decryptedPayload = null;
         try {
-            decryptedPayload = decryptPayload(root, symmetricKeyBytes, algorithm);
+            decryptedPayload = decryptPayload(root, symmetricKeyBytes, symKeyAlgo);
         } catch (Exception ex) {
             throwFault("Payload can not be decrypted", ex);
         }
@@ -120,8 +129,21 @@ public abstract class AbstractXmlEncInHa
         }
         
         // now start decrypting
-        String algorithm = getEncodingMethodAlgorithm(encKeyElement);
-        String digestAlgorithm = getDigestMethodAlgorithm(encKeyElement);
+        String keyEncAlgo = getEncodingMethodAlgorithm(encKeyElement);
+        String digestAlgo = getDigestMethodAlgorithm(encKeyElement);
+        
+        if (encProps != null) {
+            if (encProps.getEncryptionKeyTransportAlgo() != null
+                && !encProps.getEncryptionKeyTransportAlgo().equals(keyEncAlgo))
{
+                throwFault("Symmetric Key Algorithm is not supported", null);
+            }
+            if (encProps.getEncryptionDigestAlgo() != null
+                && (digestAlgo == null || !encProps.getEncryptionDigestAlgo().equals(digestAlgo)))
{
+                throwFault("Digest Algorithm is not supported", null);
+            }
+        }
+        
+        
         Element cipherValue = getNode(encKeyElement, WSConstants.ENC_NS, 
                                                "CipherValue", 0);
         if (cipherValue == null) {
@@ -131,8 +153,8 @@ public abstract class AbstractXmlEncInHa
             return decryptSymmetricKey(cipherValue.getTextContent().trim(),
                                        cert,
                                        crypto,
-                                       algorithm,
-                                       digestAlgorithm,
+                                       keyEncAlgo,
+                                       digestAlgo,
                                        message);
         } catch (Exception ex) {
             throwFault(ex.getMessage(), ex);
@@ -241,6 +263,9 @@ public abstract class AbstractXmlEncInHa
         }
         
     }
-    
+
+    public void setEncryptionProperties(EncryptionProperties properties) {
+        this.encProps = properties;
+    }
     
 }

Modified: cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java?rev=1332306&r1=1332305&r2=1332306&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
(original)
+++ cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
Mon Apr 30 17:27:42 2012
@@ -80,7 +80,7 @@ public abstract class AbstractXmlSecInHa
     
     protected void throwFault(String error, Exception ex) {
         LOG.warning(error);
-        Response response = Response.status(401).entity(error).build();
+        Response response = Response.status(400).entity(error).build();
         throw ex != null ? new WebApplicationException(ex, response) : new WebApplicationException(response);
     }
 
@@ -91,4 +91,5 @@ public abstract class AbstractXmlSecInHa
         } 
         return null;
     }
+    
 }

Modified: cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSigInHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSigInHandler.java?rev=1332306&r1=1332305&r2=1332306&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSigInHandler.java
(original)
+++ cxf/branches/2.5.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSigInHandler.java
Mon Apr 30 17:27:42 2012
@@ -41,6 +41,7 @@ import org.apache.ws.security.components
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.keys.KeyInfo;
 import org.apache.xml.security.signature.Reference;
+import org.apache.xml.security.signature.SignedInfo;
 import org.apache.xml.security.signature.XMLSignature;
 import org.apache.xml.security.transforms.Transform;
 import org.apache.xml.security.transforms.Transforms;
@@ -50,6 +51,7 @@ public class AbstractXmlSigInHandler ext
     
     private boolean removeSignature = true;
     private boolean persistSignature = true;
+    private SignatureProperties sigProps;
     
     public void setRemoveSignature(boolean remove) {
         this.removeSignature = remove;
@@ -92,7 +94,20 @@ public class AbstractXmlSigInHandler ext
         boolean valid = false;
         Reference ref = null;
         try {
-            XMLSignature signature = new XMLSignature(signatureElement, "", true);  
+            XMLSignature signature = new XMLSignature(signatureElement, "", true);
+            
+            if (sigProps != null) {
+                SignedInfo sInfo = signature.getSignedInfo();
+                if (sigProps.getSignatureAlgo() != null
+                    && !sigProps.getSignatureAlgo().equals(sInfo.getSignatureMethodURI()))
{
+                    throwFault("Signature Algorithm is not supported", null);
+                }
+                if (sigProps.getSignatureC14Method() != null
+                    && !sigProps.getSignatureC14Method().equals(sInfo.getCanonicalizationMethodURI()))
{
+                    throwFault("Signature Algorithm is not supported", null);
+                }
+            }
+            
             ref = getReference(signature);
             Element signedElement = validateReference(root, ref);
             if (signedElement.hasAttributeNS(null, "ID")) {
@@ -204,21 +219,35 @@ public class AbstractXmlSigInHandler ext
         } catch (XMLSecurityException ex) {
             throwFault("Signature transforms can not be obtained", ex);
         }
-        if (enveloped) {
-            boolean isEnveloped = false;
-            for (int i = 0; i < transforms.getLength(); i++) {
-                try {
-                    Transform tr = transforms.item(i);
-                    if (Transforms.TRANSFORM_ENVELOPED_SIGNATURE.equals(tr.getURI())) {
-                        isEnveloped = true;
-                        break;
-                    }
-                } catch (Exception ex) {
-                    throwFault("Problem accessing Transform instance", ex);    
-                }
+        
+        boolean c14TransformConfirmed = false;
+        String c14TransformExpected = sigProps != null ? sigProps.getSignatureC14Transform()
: null;
+        boolean envelopedConfirmed = false;
+        for (int i = 0; i < transforms.getLength(); i++) {
+            try {
+                Transform tr = transforms.item(i);
+                if (Transforms.TRANSFORM_ENVELOPED_SIGNATURE.equals(tr.getURI())) {
+                    envelopedConfirmed = true;
+                } else if (c14TransformExpected != null && c14TransformExpected.equals(tr.getURI()))
{
+                    c14TransformConfirmed = true;
+                } 
+            } catch (Exception ex) {
+                throwFault("Problem accessing Transform instance", ex);    
             }
-            if (!isEnveloped) {
-                throwFault("Only enveloped signatures are currently supported", null);
+        }
+        if (enveloped && !envelopedConfirmed) {
+            throwFault("Only enveloped signatures are currently supported", null);
+        }
+        if (c14TransformExpected != null && !c14TransformConfirmed) {
+            throwFault("Transform Canonicalization is not supported", null);
+        }
+        
+        if (sigProps != null && sigProps.getSignatureDigestAlgo() != null) {
+            Element dm = 
+                DOMUtils.getFirstChildWithName(ref.getElement(), Constants.SignatureSpecNS,
"DigestMethod");
+            if (dm != null && !dm.getAttribute("Algorithm").equals(
+                sigProps.getSignatureDigestAlgo())) {
+                throwFault("Signature Digest Algorithm is not supported", null);
             }
         }
         return signedEl;
@@ -309,4 +338,7 @@ public class AbstractXmlSigInHandler ext
         return foundElement;
     }
     
+    public void setSignatureProperties(SignatureProperties properties) {
+        this.sigProps = properties;
+    }
 }

Modified: cxf/branches/2.5.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java?rev=1332306&r1=1332305&r2=1332306&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
(original)
+++ cxf/branches/2.5.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
Mon Apr 30 17:27:42 2012
@@ -167,7 +167,7 @@ public class JAXRSXmlSecTest extends Abs
         properties.put("ws-security.encryption.properties", 
                        "org/apache/cxf/systest/jaxrs/security/bob.properties");
         String aes128GCM = "http://www.w3.org/2009/xmlenc11#aes128-gcm";
-        doTestPostEncryptedBook(address, false, properties, SecurityUtils.X509_KEY, aes128GCM,
null);
+        doTestPostEncryptedBook(address, false, properties, SecurityUtils.X509_KEY, aes128GCM,
null, false);
     }
     
     @Test
@@ -180,7 +180,7 @@ public class JAXRSXmlSecTest extends Abs
         properties.put("ws-security.encryption.properties", 
                        "org/apache/cxf/systest/jaxrs/security/bob.properties");
         doTestPostEncryptedBook(
-            address, false, properties, SecurityUtils.X509_KEY, XMLCipher.AES_128, XMLCipher.SHA256
+            address, false, properties, SecurityUtils.X509_KEY, XMLCipher.AES_128, XMLCipher.SHA256,
false
         );
     }
     
@@ -194,13 +194,13 @@ public class JAXRSXmlSecTest extends Abs
         properties.put("ws-security.encryption.properties", 
                        "org/apache/cxf/systest/jaxrs/security/bob.properties");
         doTestPostEncryptedBook(
-            address, false, properties, SecurityUtils.X509_ISSUER_SERIAL, XMLCipher.AES_128,
null
+            address, false, properties, SecurityUtils.X509_ISSUER_SERIAL, XMLCipher.AES_128,
null, false
         );
     }
     
     @Test
     public void testPostEncryptedSignedBook() throws Exception {
-        String address = "https://localhost:" + PORT + "/xmlsec/bookstore/books";
+        String address = "https://localhost:" + PORT + "/xmlsec-validate/bookstore/books";
         Map<String, Object> properties = new HashMap<String, Object>();
         properties.put("ws-security.callback-handler", 
                        "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
@@ -215,6 +215,27 @@ public class JAXRSXmlSecTest extends Abs
     }
     
     @Test
+    public void testPostEncryptedSignedBookInvalid() throws Exception {
+        String address = "https://localhost:" + PORT + "/xmlsec-validate/bookstore/books";
+        Map<String, Object> properties = new HashMap<String, Object>();
+        properties.put("ws-security.callback-handler", 
+                       "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
+        properties.put("ws-security.encryption.username", "bob");
+        properties.put("ws-security.encryption.properties", 
+                       "org/apache/cxf/systest/jaxrs/security/bob.properties");
+        properties.put("ws-security.signature.username", "alice");
+        properties.put("ws-security.signature.properties", 
+                       "org/apache/cxf/systest/jaxrs/security/alice.properties");
+        try {
+            doTestPostEncryptedBook(address, true, properties, SecurityUtils.X509_KEY, 
+                                "http://www.w3.org/2009/xmlenc11#aes128-gcm", null, true);
+        } catch (ServerWebApplicationException ex) {
+            assertEquals(400, ex.getStatus());
+        }
+        
+    }
+    
+    @Test
     public void testPostEncryptedSignedBookUseReqSigCert() throws Exception {
         String address = "https://localhost:" + PORT + "/xmlsec-useReqSigCert/bookstore/books";
         Map<String, Object> properties = new HashMap<String, Object>();
@@ -232,14 +253,15 @@ public class JAXRSXmlSecTest extends Abs
     public void doTestPostEncryptedBook(String address, boolean sign, Map<String, Object>
properties) 
         throws Exception {
         doTestPostEncryptedBook(
-            address, sign, properties, SecurityUtils.X509_KEY, XMLCipher.AES_128, null
+            address, sign, properties, SecurityUtils.X509_KEY, XMLCipher.AES_128, null, false
         );
     }
     
     public void doTestPostEncryptedBook(
         String address, boolean sign, Map<String, Object> properties,
         String keyIdentifierType, String symmetricAlgorithm,
-        String digestAlgorithm
+        String digestAlgorithm,
+        boolean propagateException
     ) throws Exception {
         JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
         bean.setAddress(address);
@@ -271,7 +293,11 @@ public class JAXRSXmlSecTest extends Abs
             Book book = wc.post(new Book("CXF", 126L), Book.class);
             assertEquals(126L, book.getId());
         } catch (ServerWebApplicationException ex) {
-            fail(ex.getMessage());
+            if (propagateException) {
+                throw ex;
+            } else {
+                fail(ex.getMessage());
+            }
         } catch (ClientWebApplicationException ex) {
             if (ex.getCause() != null && ex.getCause().getMessage() != null) {
                 fail(ex.getCause().getMessage());

Modified: cxf/branches/2.5.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml?rev=1332306&r1=1332305&r2=1332306&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
(original)
+++ cxf/branches/2.5.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
Mon Apr 30 17:27:42 2012
@@ -66,9 +66,39 @@ under the License.
     </httpj:engine-factory>
     
     <bean id="serviceBean" class="org.apache.cxf.systest.jaxrs.security.BookStore"/>
-    <bean id="xmlSigHandler" class="org.apache.cxf.rs.security.xml.XmlSigInHandler"/>
+    
+    <bean id="sigProps" class="org.apache.cxf.rs.security.xml.SignatureProperties">
+       <property name="signatureAlgo" 
+                 value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+       <property name="signatureDigestAlgo" 
+                 value="http://www.w3.org/2000/09/xmldsig#sha1"/>
+       <property name="signatureC14Method" 
+                 value="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+       <property name="signatureC14Transform" 
+                 value="http://www.w3.org/2001/10/xml-exc-c14n#"/>                   
                              
+    </bean>
+    
+    <bean id="encProps" class="org.apache.cxf.rs.security.xml.EncryptionProperties">
+       <property name="encryptionKeyTransportAlgo" 
+                 value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+       <property name="encryptionSymmetricKeyAlgo" 
+                 value="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+    </bean>
+    
+    <bean id="xmlSigInHandler" class="org.apache.cxf.rs.security.xml.XmlSigInHandler"/>
+    
+    <bean id="xmlSigInHandlerWithProps" class="org.apache.cxf.rs.security.xml.XmlSigInHandler">
+        <property name="signatureProperties" ref="sigProps"/>
+    </bean>
+    
     <bean id="xmlSigOutHandler" class="org.apache.cxf.rs.security.xml.XmlSigOutInterceptor"/>
-    <bean id="xmlEncHandler" class="org.apache.cxf.rs.security.xml.XmlEncInHandler"/>
+    <bean id="xmlEncInHandler" class="org.apache.cxf.rs.security.xml.XmlEncInHandler"/>
+    
+    <bean id="xmlEncInHandlerWithProps" class="org.apache.cxf.rs.security.xml.XmlEncInHandler">
+        <property name="encryptionProperties" ref="encProps"/>
+    </bean>
+    
+    
     <bean id="xmlEncOutHandler" class="org.apache.cxf.rs.security.xml.XmlEncOutInterceptor">
         <property name="symmetricEncAlgorithm" value="aes128-cbc"/>
     </bean>
@@ -79,7 +109,7 @@ under the License.
           <ref bean="serviceBean"/>
        </jaxrs:serviceBeans>
        <jaxrs:providers>
-          <ref bean="xmlSigHandler"/>
+          <ref bean="xmlSigInHandler"/>
        </jaxrs:providers> 
        <jaxrs:outInterceptors>
           <ref bean="xmlSigOutHandler"/>
@@ -99,7 +129,7 @@ under the License.
           <ref bean="serviceBean"/>
        </jaxrs:serviceBeans>
        <jaxrs:providers>
-          <ref bean="xmlEncHandler"/>
+          <ref bean="xmlEncInHandler"/>
        </jaxrs:providers>
        <jaxrs:outInterceptors>
           <ref bean="xmlEncOutHandler"/>
@@ -119,8 +149,32 @@ under the License.
           <ref bean="serviceBean"/>
        </jaxrs:serviceBeans>
        <jaxrs:providers>
-          <ref bean="xmlEncHandler"/>
-          <ref bean="xmlSigHandler"/>
+          <ref bean="xmlEncInHandler"/>
+          <ref bean="xmlSigInHandler"/>
+       </jaxrs:providers> 
+       <jaxrs:outInterceptors>
+          <ref bean="xmlSigOutHandler"/>
+          <ref bean="xmlEncOutHandler"/>
+       </jaxrs:outInterceptors>
+       <jaxrs:properties>
+           <entry key="ws-security.callback-handler" 
+                  value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/>
+           <entry key="ws-security.encryption.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
+           <entry key="ws-security.signature.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/bob.properties"/>     
 
+       </jaxrs:properties> 
+     
+    </jaxrs:server>
+    
+    <jaxrs:server 
+       address="https://localhost:${testutil.ports.jaxrs-xmlsec}/xmlsec-validate"> 
+       <jaxrs:serviceBeans>
+          <ref bean="serviceBean"/>
+       </jaxrs:serviceBeans>
+       <jaxrs:providers>
+          <ref bean="xmlEncInHandlerWithProps"/>
+          <ref bean="xmlSigInHandlerWithProps"/>
        </jaxrs:providers> 
        <jaxrs:outInterceptors>
           <ref bean="xmlSigOutHandler"/>
@@ -143,8 +197,8 @@ under the License.
           <ref bean="serviceBean"/>
        </jaxrs:serviceBeans>
        <jaxrs:providers>
-          <ref bean="xmlEncHandler"/>
-          <ref bean="xmlSigHandler"/>
+          <ref bean="xmlEncInHandler"/>
+          <ref bean="xmlSigInHandler"/>
        </jaxrs:providers> 
        <jaxrs:outInterceptors>
           <ref bean="xmlSigOutHandler"/>



Mime
View raw message