Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@cxf.apache.org
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1325202 - in /cxf/trunk/services/sts:
 sts-core/src/test/java/org/apache/cxf/sts/token/renewer/
 systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/
 systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/
Date: Thu, 12 Apr 2012 11:07:08 -0000
To: commits@cxf.apache.org
From: coheigea@apache.org
Message-Id: <20120412110708.39B3D238897A@eris.apache.org>

Author: coheigea
Date: Thu Apr 12 11:07:07 2012
New Revision: 1325202

URL: http://svn.apache.org/viewvc?rev=1325202&view=rev
Log:
[CXF-4158] - Added a POP unit test for renewing SAML tokens using a message signature

Added:
    cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
Modified:
    cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewTest.java
    cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-client.xml
    cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-sts-pop.xml

Added: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java?rev=1325202&view=auto
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java (added)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java Thu Apr 12 11:07:07 2012
@@ -0,0 +1,357 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.sts.token.renewer;
+
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.Properties;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.xml.ws.WebServiceContext;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import org.apache.cxf.jaxws.context.WebServiceContextImpl;
+import org.apache.cxf.jaxws.context.WrappedMessageContext;
+import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.sts.STSConstants;
+import org.apache.cxf.sts.StaticSTSProperties;
+import org.apache.cxf.sts.cache.DefaultInMemoryTokenStore;
+import org.apache.cxf.sts.common.PasswordCallbackHandler;
+import org.apache.cxf.sts.request.KeyRequirements;
+import org.apache.cxf.sts.request.Lifetime;
+import org.apache.cxf.sts.request.ReceivedKey;
+import org.apache.cxf.sts.request.ReceivedToken;
+import org.apache.cxf.sts.request.ReceivedToken.STATE;
+import org.apache.cxf.sts.request.Renewing;
+import org.apache.cxf.sts.request.TokenRequirements;
+import org.apache.cxf.sts.service.EncryptionProperties;
+import org.apache.cxf.sts.token.provider.DefaultConditionsProvider;
+import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
+import org.apache.cxf.sts.token.provider.TokenProviderResponse;
+import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
+import org.apache.cxf.sts.token.validator.TokenValidator;
+import org.apache.cxf.sts.token.validator.TokenValidatorParameters;
+import org.apache.cxf.sts.token.validator.TokenValidatorResponse;
+import org.apache.cxf.ws.security.tokenstore.TokenStore;
+import org.apache.ws.security.CustomTokenPrincipal;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSecurityEngineResult;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.components.crypto.CryptoType;
+import org.apache.ws.security.handler.WSHandlerConstants;
+import org.apache.ws.security.handler.WSHandlerResult;
+import org.apache.ws.security.util.XmlSchemaDateFormat;
+import org.junit.BeforeClass;
+
+/**
+ * Some unit tests for renewing a SAML token via the SAMLTokenRenewer with proof of possession enabled
+ * (message level, not TLS).
+ */
+public class SAMLTokenRenewerPOPTest extends org.junit.Assert {
+    
+    private static TokenStore tokenStore;
+    
+    @BeforeClass
+    public static void init() {
+        tokenStore = new DefaultInMemoryTokenStore();
+    }
+    
+    /**
+     * Renew a valid SAML1 Assertion
+     */
+    @org.junit.Test
+    public void renewValidSAML1Assertion() throws Exception {
+        // Create the Assertion
+        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
+        CallbackHandler callbackHandler = new PasswordCallbackHandler();
+        Element samlToken = 
+            createSAMLAssertion(
+                WSConstants.WSS_SAML_TOKEN_TYPE, crypto, "mystskey", callbackHandler, 50000, true, false
+            );
+        Document doc = samlToken.getOwnerDocument();
+        samlToken = (Element)doc.appendChild(samlToken);
+        
+        // Validate the Assertion
+        TokenValidator samlTokenValidator = new SAMLTokenValidator();
+        TokenValidatorParameters validatorParameters = createValidatorParameters();
+        TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
+        ReceivedToken validateTarget = new ReceivedToken(samlToken);
+        tokenRequirements.setValidateTarget(validateTarget);
+        validatorParameters.setToken(validateTarget);
+        
+        assertTrue(samlTokenValidator.canHandleToken(validateTarget));
+        
+        TokenValidatorResponse validatorResponse = 
+                samlTokenValidator.validateToken(validatorParameters);
+        assertTrue(validatorResponse != null);
+        assertTrue(validatorResponse.getToken() != null);
+        assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
+        
+        // Renew the Assertion
+        TokenRenewerParameters renewerParameters = new TokenRenewerParameters();
+        renewerParameters.setAppliesToAddress("http://dummy-service.com/dummy");
+        renewerParameters.setStsProperties(validatorParameters.getStsProperties());
+        renewerParameters.setPrincipal(new CustomTokenPrincipal("alice"));
+        renewerParameters.setWebServiceContext(validatorParameters.getWebServiceContext());
+        renewerParameters.setKeyRequirements(validatorParameters.getKeyRequirements());
+        renewerParameters.setTokenRequirements(validatorParameters.getTokenRequirements());
+        renewerParameters.setTokenStore(validatorParameters.getTokenStore());
+        renewerParameters.setToken(validatorResponse.getToken());
+        
+        TokenRenewer samlTokenRenewer = new SAMLTokenRenewer();
+        assertTrue(samlTokenRenewer.canHandleToken(validatorResponse.getToken()));
+        
+        try {
+            samlTokenRenewer.renewToken(renewerParameters);
+            fail("Expected failure on lack of proof of possession");
+        } catch (Exception ex) {
+            // expected
+        }
+        
+        List<WSSecurityEngineResult> signedResults = new ArrayList<WSSecurityEngineResult>();
+        WSSecurityEngineResult signedResult = new WSSecurityEngineResult(WSConstants.SIGN);
+        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+        cryptoType.setAlias("myclientkey");
+        signedResult.put(
+            WSSecurityEngineResult.TAG_X509_CERTIFICATES, crypto.getX509Certificates(cryptoType)
+        );
+        signedResults.add(signedResult);
+        
+        List<WSHandlerResult> handlerResults = new ArrayList<WSHandlerResult>();
+        WSHandlerResult handlerResult = new WSHandlerResult(null, signedResults);
+        handlerResults.add(handlerResult);
+        
+        WebServiceContext context = validatorParameters.getWebServiceContext();
+        context.getMessageContext().put(WSHandlerConstants.RECV_RESULTS, handlerResults);
+
+        // Now successfully renew the token
+        TokenRenewerResponse renewerResponse = 
+                samlTokenRenewer.renewToken(renewerParameters);
+        assertTrue(renewerResponse != null);
+        assertTrue(renewerResponse.getToken() != null);
+    }
+    
+    /**
+     * Renew a valid SAML1 Assertion
+     */
+    @org.junit.Test
+    public void renewValidSAML1AssertionWrongPOP() throws Exception {
+        // Create the Assertion
+        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
+        CallbackHandler callbackHandler = new PasswordCallbackHandler();
+        Element samlToken = 
+            createSAMLAssertion(
+                WSConstants.WSS_SAML_TOKEN_TYPE, crypto, "mystskey", callbackHandler, 50000, true, false
+            );
+        Document doc = samlToken.getOwnerDocument();
+        samlToken = (Element)doc.appendChild(samlToken);
+        
+        // Validate the Assertion
+        TokenValidator samlTokenValidator = new SAMLTokenValidator();
+        TokenValidatorParameters validatorParameters = createValidatorParameters();
+        TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
+        ReceivedToken validateTarget = new ReceivedToken(samlToken);
+        tokenRequirements.setValidateTarget(validateTarget);
+        validatorParameters.setToken(validateTarget);
+        
+        assertTrue(samlTokenValidator.canHandleToken(validateTarget));
+        
+        TokenValidatorResponse validatorResponse = 
+                samlTokenValidator.validateToken(validatorParameters);
+        assertTrue(validatorResponse != null);
+        assertTrue(validatorResponse.getToken() != null);
+        assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
+        
+        // Renew the Assertion
+        TokenRenewerParameters renewerParameters = new TokenRenewerParameters();
+        renewerParameters.setAppliesToAddress("http://dummy-service.com/dummy");
+        renewerParameters.setStsProperties(validatorParameters.getStsProperties());
+        renewerParameters.setPrincipal(new CustomTokenPrincipal("alice"));
+        renewerParameters.setWebServiceContext(validatorParameters.getWebServiceContext());
+        renewerParameters.setKeyRequirements(validatorParameters.getKeyRequirements());
+        renewerParameters.setTokenRequirements(validatorParameters.getTokenRequirements());
+        renewerParameters.setTokenStore(validatorParameters.getTokenStore());
+        renewerParameters.setToken(validatorResponse.getToken());
+        
+        TokenRenewer samlTokenRenewer = new SAMLTokenRenewer();
+        assertTrue(samlTokenRenewer.canHandleToken(validatorResponse.getToken()));
+        
+        try {
+            samlTokenRenewer.renewToken(renewerParameters);
+            fail("Expected failure on lack of proof of possession");
+        } catch (Exception ex) {
+            // expected
+        }
+        
+        List<WSSecurityEngineResult> signedResults = new ArrayList<WSSecurityEngineResult>();
+        WSSecurityEngineResult signedResult = new WSSecurityEngineResult(WSConstants.SIGN);
+        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+        cryptoType.setAlias("myservicekey");
+        signedResult.put(
+            WSSecurityEngineResult.TAG_X509_CERTIFICATES, crypto.getX509Certificates(cryptoType)
+        );
+        signedResults.add(signedResult);
+        
+        List<WSHandlerResult> handlerResults = new ArrayList<WSHandlerResult>();
+        WSHandlerResult handlerResult = new WSHandlerResult(null, signedResults);
+        handlerResults.add(handlerResult);
+        
+        WebServiceContext context = validatorParameters.getWebServiceContext();
+        context.getMessageContext().put(WSHandlerConstants.RECV_RESULTS, handlerResults);
+
+        try {
+            samlTokenRenewer.renewToken(renewerParameters);
+            fail("Expected failure on wrong signature key");
+        } catch (Exception ex) {
+            // expected
+        }
+    }
+    
+    
+    private TokenValidatorParameters createValidatorParameters() throws WSSecurityException {
+        TokenValidatorParameters parameters = new TokenValidatorParameters();
+        
+        TokenRequirements tokenRequirements = new TokenRequirements();
+        parameters.setTokenRequirements(tokenRequirements);
+        
+        KeyRequirements keyRequirements = new KeyRequirements();
+        parameters.setKeyRequirements(keyRequirements);
+        
+        parameters.setPrincipal(new CustomTokenPrincipal("alice"));
+        // Mock up message context
+        MessageImpl msg = new MessageImpl();
+        WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
+        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
+        parameters.setWebServiceContext(webServiceContext);
+        
+        // Add STSProperties object
+        StaticSTSProperties stsProperties = new StaticSTSProperties();
+        Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
+        stsProperties.setEncryptionCrypto(crypto);
+        stsProperties.setSignatureCrypto(crypto);
+        stsProperties.setEncryptionUsername("myservicekey");
+        stsProperties.setSignatureUsername("mystskey");
+        stsProperties.setCallbackHandler(new PasswordCallbackHandler());
+        stsProperties.setIssuer("STS");
+        parameters.setStsProperties(stsProperties);
+        parameters.setTokenStore(tokenStore);
+        
+        return parameters;
+    }
+    
+    private Element createSAMLAssertion(
+            String tokenType, Crypto crypto, String signatureUsername,
+            CallbackHandler callbackHandler, long ttlMs, boolean allowRenewing,
+            boolean allowRenewingAfterExpiry
+    ) throws WSSecurityException {
+        SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
+        DefaultConditionsProvider conditionsProvider = new DefaultConditionsProvider();
+        conditionsProvider.setAcceptClientLifetime(true);
+        samlTokenProvider.setConditionsProvider(conditionsProvider);
+        TokenProviderParameters providerParameters = 
+            createProviderParameters(
+                    tokenType, STSConstants.PUBLIC_KEY_KEYTYPE, crypto, signatureUsername, callbackHandler
+            );
+        
+        Renewing renewing = new Renewing();
+        renewing.setAllowRenewing(allowRenewing);
+        renewing.setAllowRenewingAfterExpiry(allowRenewingAfterExpiry);
+        providerParameters.getTokenRequirements().setRenewing(renewing);
+
+        if (ttlMs != 0) {
+            Lifetime lifetime = new Lifetime();
+            Date creationTime = new Date();
+            Date expirationTime = new Date();
+            expirationTime.setTime(creationTime.getTime() + ttlMs);
+
+            XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
+            lifetime.setCreated(fmt.format(creationTime));
+            lifetime.setExpires(fmt.format(expirationTime));
+
+            providerParameters.getTokenRequirements().setLifetime(lifetime);
+        }
+
+        TokenProviderResponse providerResponse = samlTokenProvider.createToken(providerParameters);
+        assertTrue(providerResponse != null);
+        assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
+
+        return providerResponse.getToken();
+    }    
+    
+    private TokenProviderParameters createProviderParameters(
+        String tokenType, String keyType, Crypto crypto, 
+        String signatureUsername, CallbackHandler callbackHandler
+    ) throws WSSecurityException {
+        TokenProviderParameters parameters = new TokenProviderParameters();
+
+        TokenRequirements tokenRequirements = new TokenRequirements();
+        tokenRequirements.setTokenType(tokenType);
+        parameters.setTokenRequirements(tokenRequirements);
+
+        KeyRequirements keyRequirements = new KeyRequirements();
+        keyRequirements.setKeyType(keyType);
+        ReceivedKey receivedKey = new ReceivedKey();
+        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+        cryptoType.setAlias("myclientkey");
+        receivedKey.setX509Cert(crypto.getX509Certificates(cryptoType)[0]);
+        keyRequirements.setReceivedKey(receivedKey);
+        parameters.setKeyRequirements(keyRequirements);
+
+        parameters.setPrincipal(new CustomTokenPrincipal("alice"));
+        // Mock up message context
+        MessageImpl msg = new MessageImpl();
+        WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
+        WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
+        parameters.setWebServiceContext(webServiceContext);
+
+        parameters.setAppliesToAddress("http://dummy-service.com/dummy");
+
+        // Add STSProperties object
+        StaticSTSProperties stsProperties = new StaticSTSProperties();
+        stsProperties.setSignatureCrypto(crypto);
+        stsProperties.setSignatureUsername(signatureUsername);
+        stsProperties.setCallbackHandler(callbackHandler);
+        stsProperties.setIssuer("STS");
+        parameters.setStsProperties(stsProperties);
+
+        parameters.setEncryptionProperties(new EncryptionProperties());
+        parameters.setTokenStore(tokenStore);
+        
+        return parameters;
+    }
+    
+    private Properties getEncryptionProperties() {
+        Properties properties = new Properties();
+        properties.put(
+            "org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin"
+        );
+        properties.put("org.apache.ws.security.crypto.merlin.keystore.password", "stsspass");
+        properties.put("org.apache.ws.security.crypto.merlin.keystore.file", "stsstore.jks");
+        
+        return properties;
+    }
+    
+    
+}

Modified: cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewTest.java?rev=1325202&r1=1325201&r2=1325202&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewTest.java (original)
+++ cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewTest.java Thu Apr 12 11:07:07 2012
@@ -44,7 +44,7 @@ import org.junit.BeforeClass;
  */
 public class SAMLRenewTest extends AbstractBusClientServerTestBase {
     
-    static final String STSPORT = allocatePort(STSServer.class);
+    static final String STSPORT = allocatePort(STSServerPOP.class);
     
     private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
     private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
@@ -73,7 +73,6 @@ public class SAMLRenewTest extends Abstr
     }
 
     @org.junit.Test
-    @org.junit.Ignore
     public void testRenewExpiredSAML1Token() throws Exception {
 
         SpringBusFactory bf = new SpringBusFactory();
@@ -142,7 +141,6 @@ public class SAMLRenewTest extends Abstr
     }
     
     @org.junit.Test
-    @org.junit.Ignore
     public void testRenewExpiredSAML2Token() throws Exception {
 
         SpringBusFactory bf = new SpringBusFactory();

Modified: cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-client.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-client.xml?rev=1325202&r1=1325201&r2=1325202&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-client.xml (original)
+++ cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-client.xml Thu Apr 12 11:07:07 2012
@@ -48,7 +48,7 @@ http://cxf.apache.org/configuration/secu
                <bean class="org.apache.cxf.ws.security.trust.STSClient">
                    <constructor-arg ref="cxf"/>
                    <property name="wsdlLocation" 
-                             value="https://localhost:${testutil.ports.STSServer}/SecurityTokenService/Transport?wsdl"/>
+                             value="https://localhost:${testutil.ports.STSServerPOP}/SecurityTokenService/Transport?wsdl"/>
                    <property name="serviceName" 
                              value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService"/>
                    <property name="endpointName" 
@@ -68,7 +68,7 @@ http://cxf.apache.org/configuration/secu
        </jaxws:properties>
    </jaxws:client>
    
-    <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItTransportSaml1BearerPort" createdFromAPI="true">
+   <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItTransportSaml1BearerPort" createdFromAPI="true">
        <jaxws:properties>
            <entry key="ws-security.username" value="alice"/>
            <entry key="ws-security.callback-handler" 
@@ -77,7 +77,7 @@ http://cxf.apache.org/configuration/secu
                <bean class="org.apache.cxf.ws.security.trust.STSClient">
                    <constructor-arg ref="cxf"/>
                    <property name="wsdlLocation" 
-                             value="https://localhost:${testutil.ports.STSServer}/SecurityTokenService/Transport?wsdl"/>
+                             value="https://localhost:${testutil.ports.STSServerPOP}/SecurityTokenService/Transport?wsdl"/>
                    <property name="serviceName" 
                              value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService"/>
                    <property name="endpointName" 
@@ -101,7 +101,7 @@ http://cxf.apache.org/configuration/secu
                <bean class="org.apache.cxf.ws.security.trust.STSClient">
                    <constructor-arg ref="cxf"/>
                    <property name="wsdlLocation" 
-                             value="https://localhost:${testutil.ports.STSServer}/SecurityTokenService/Transport?wsdl"/>
+                             value="https://localhost:${testutil.ports.STSServerPOP}/SecurityTokenService/Transport?wsdl"/>
                    <property name="serviceName" 
                              value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService"/>
                    <property name="endpointName" 

Modified: cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-sts-pop.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-sts-pop.xml?rev=1325202&r1=1325201&r2=1325202&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-sts-pop.xml (original)
+++ cxf/trunk/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-sts-pop.xml Thu Apr 12 11:07:07 2012
@@ -158,16 +158,16 @@
 	</bean>
 
 	<jaxws:endpoint id="localSTS" implementor="#transportSTSProviderBean"
-		address="https://localhost:${testutil.ports.STSServer}/SecurityTokenService/Transport"
+		address="https://localhost:${testutil.ports.STSServerPOP}/SecurityTokenService/Transport"
 		wsdlLocation="src/test/resources/org/apache/cxf/systest/sts/deployment/ws-trust-1.4-service.wsdl"
 		xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
 		depends-on="ClientAuthHttpsSettings" serviceName="ns1:SecurityTokenService"
 		endpointName="ns1:Transport_Port">
 	</jaxws:endpoint>
-
+	
 	<httpj:engine-factory id="ClientAuthHttpsSettings"
 		bus="cxf">
-		<httpj:engine port="${testutil.ports.STSServer}">
+		<httpj:engine port="${testutil.ports.STSServerPOP}">
 			<httpj:tlsServerParameters>
 				<sec:trustManagers>
 					<sec:keyStore type="jks" password="stsspass" resource="stsstore.jks" />