cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From owu...@apache.org
Subject svn commit: r1338661 [1/2] - in /cxf/fediz/trunk: ./ examples/ examples/simpleWebapp/ examples/simpleWebapp/WebContent/ examples/simpleWebapp/src/main/config/ examples/wsclientWebapp/ examples/wsclientWebapp/webapp/ examples/wsclientWebapp/webapp/src/m...
Date Tue, 15 May 2012 11:59:33 GMT
Author: owulff
Date: Tue May 15 11:59:31 2012
New Revision: 1338661

URL: http://svn.apache.org/viewvc?rev=1338661&view=rev
Log:
[FEDIZ-10] improved federation configuration

Added:
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStore.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertificateValidationMethod.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Claim.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStore.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/PropertyType.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Protocol.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManager.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuer.java
    cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd
Removed:
    cxf/fediz/trunk/examples/simpleWebapp/WebContent/
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ArgumentType.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/AudienceUris.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/AuthenticationType.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStoreType.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ClaimType.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypeRequested.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ClaimTypesRequested.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ContextConfig.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocolType.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizConfig.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStoreType.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ObjectFactory.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ProtocolType.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManagersType.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuers.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/ValidationType.java
    cxf/fediz/trunk/plugins/core/src/main/resources/configFile.xsd
Modified:
    cxf/fediz/trunk/examples/pom.xml
    cxf/fediz/trunk/examples/simpleWebapp/pom.xml
    cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
    cxf/fediz/trunk/examples/wsclientWebapp/pom.xml
    cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml
    cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
    cxf/fediz/trunk/examples/wsclientWebapp/webservice/common/pom.xml
    cxf/fediz/trunk/examples/wsclientWebapp/webservice/pom.xml
    cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/pom.xml
    cxf/fediz/trunk/plugins/core/pom.xml
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java
    cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
    cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
    cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml
    cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config2.xml
    cxf/fediz/trunk/plugins/pom.xml
    cxf/fediz/trunk/plugins/tomcat/pom.xml
    cxf/fediz/trunk/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
    cxf/fediz/trunk/pom.xml
    cxf/fediz/trunk/services/idp/pom.xml
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/RPClaims.xml
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/beans.xml
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml
    cxf/fediz/trunk/services/pom.xml
    cxf/fediz/trunk/services/sts/pom.xml

Modified: cxf/fediz/trunk/examples/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/pom.xml (original)
+++ cxf/fediz/trunk/examples/pom.xml Tue May 15 11:59:31 2012
@@ -24,12 +24,12 @@
    <parent>
        <groupId>org.apache.cxf.fediz</groupId>
        <artifactId>fediz</artifactId>
-       <version>0.6-SNAPSHOT</version>
+       <version>1.0-SNAPSHOT</version>
        <relativePath>../pom.xml</relativePath>
    </parent>
    <groupId>org.apache.cxf.fediz.examples</groupId>
    <artifactId>examples</artifactId>
-   <version>0.6-SNAPSHOT</version>
+   <version>1.0-SNAPSHOT</version>
    <name>Apache Fediz examples</name>
    <packaging>pom</packaging>
 

Modified: cxf/fediz/trunk/examples/simpleWebapp/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/simpleWebapp/pom.xml (original)
+++ cxf/fediz/trunk/examples/simpleWebapp/pom.xml Tue May 15 11:59:31 2012
@@ -24,12 +24,12 @@
 	<parent>
 		<groupId>org.apache.cxf.fediz.examples</groupId>
 		<artifactId>examples</artifactId>
-		<version>0.6-SNAPSHOT</version>
+		<version>1.0-SNAPSHOT</version>
 	</parent>
 
 	<groupId>org.apache.cxf.fediz.examples</groupId>
 	<artifactId>simpleWebapp</artifactId>
-	<name>Apache Fediz Webapp simple</name>
+	<name>Apache Fediz Examples - Webapp Simple</name>
 	<packaging>war</packaging>
 
 	<properties>
@@ -54,13 +54,13 @@
         <dependency>
                 <groupId>org.apache.cxf.fediz</groupId>
                 <artifactId>fediz-core</artifactId>
-                <version>0.6-SNAPSHOT</version>
+                <version>${project.version}</version>
                 <scope>provided</scope>
         </dependency>
         <dependency>
                 <groupId>org.apache.cxf.fediz</groupId>
                 <artifactId>fediz-tomcat</artifactId>
-                <version>0.6-SNAPSHOT</version>
+                <version>${project.version}</version>
                 <scope>provided</scope>
         </dependency>
         <dependency>

Modified: cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml Tue May 15 11:59:31 2012
@@ -4,11 +4,14 @@
 		<audienceUris>
 			<audienceItem>http://host_one:port/url</audienceItem>
 		</audienceUris>
-		<certificateValidation>ChainTrust</certificateValidation>
+		<certificateStores>
+			<trustManager>
+				<keyStore file="conf/stsstore.jks" password="stsspass" type="JKS" />
+			</trustManager>
+		</certificateStores>
 		<trustedIssuers>
-			<trustedIssuerItem provider=".*CN=www.sts.com.*">
-				<keyStore file="/projects/fediz/tomcat-rp2/conf/stsstore.jks" password="stsspass" type="file" />
-			</trustedIssuerItem>
+			<issuer subject=".*CN=www.sts.com.*" certificateValidation="ChainTrust"
+				name="DoubleItSTSIssuer" />
 		</trustedIssuers>
 		<maximumClockSkew>1000</maximumClockSkew>
 		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

Modified: cxf/fediz/trunk/examples/wsclientWebapp/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/pom.xml Tue May 15 11:59:31 2012
@@ -24,11 +24,11 @@
    <parent>
        <groupId>org.apache.cxf.fediz.examples</groupId>
        <artifactId>examples</artifactId>
-       <version>0.6-SNAPSHOT</version>
+       <version>1.0-SNAPSHOT</version>
    </parent>
     <groupId>org.apache.cxf.fediz.examples</groupId>
     <artifactId>wsclientWebapp</artifactId>
-    <name>Apache Fediz Webapp WebService Client</name>
+    <name>Apache Fediz Examples - Webapp WS Client</name>
    <packaging>pom</packaging>
 
    <modules>

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/pom.xml Tue May 15 11:59:31 2012
@@ -24,10 +24,10 @@
 	<parent>
 		<groupId>org.apache.cxf.fediz.examples</groupId>
 		<artifactId>wsclientWebapp</artifactId>
-		<version>0.6-SNAPSHOT</version>
+		<version>1.0-SNAPSHOT</version>
 	</parent>
 	<artifactId>webapp</artifactId>
-	<name>Apache Fediz webservice Client Webapp</name>
+	<name>Apache Fediz Examples - Webapp WS Client - Webapp</name>
 	<packaging>war</packaging>
 
 	<properties>
@@ -55,13 +55,13 @@
 		<dependency>
 			<groupId>org.apache.cxf.fediz</groupId>
 			<artifactId>fediz-core</artifactId>
-			<version>0.6-SNAPSHOT</version>
+			<version>${project.version}</version>
 			<scope>provided</scope>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.cxf.fediz</groupId>
 			<artifactId>fediz-tomcat</artifactId>
-			<version>0.6-SNAPSHOT</version>
+			<version>${project.version}</version>
 			<scope>provided</scope>
 		</dependency>
 		<dependency>

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml Tue May 15 11:59:31 2012
@@ -4,11 +4,14 @@
 		<audienceUris>
 			<audienceItem>http://host_one:port/url</audienceItem>
 		</audienceUris>
-		<certificateValidation>ChainTrust</certificateValidation>
+		<certificateStores>
+			<trustManager>
+				<keyStore file="conf/stsstore.jks" password="stsspass" type="JKS" />
+			</trustManager>
+		</certificateStores>
 		<trustedIssuers>
-			<trustedIssuerItem provider=".*CN=www.sts.com.*">
-				<keyStore file="/projects/fediz/tomcat-rp2/conf/stsstore.jks" password="stsspass" type="file" />
-			</trustedIssuerItem>
+			<issuer subject=".*CN=www.sts.com.*" certificateValidation="ChainTrust"
+				name="DoubleItSTSIssuer" />
 		</trustedIssuers>
 		<maximumClockSkew>1000</maximumClockSkew>
 		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webservice/common/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/common/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webservice/common/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webservice/common/pom.xml Tue May 15 11:59:31 2012
@@ -24,12 +24,11 @@
     <parent>
        <groupId>org.apache.cxf.fediz.examples</groupId>
        <artifactId>webservice</artifactId>
-       <version>0.6-SNAPSHOT</version>
+       <version>1.0-SNAPSHOT</version>
     </parent>
     <groupId>org.apache.cxf.fediz.examples.webservice</groupId>
     <artifactId>service-common</artifactId>
-    <name>Apache Fediz Web Service common</name>
-    <version>0.6-SNAPSHOT</version>
+    <name>Apache Fediz Examples - Webapp WS Client - Web Service Common</name>
     <packaging>jar</packaging>
 
     <dependencies>

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webservice/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webservice/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webservice/pom.xml Tue May 15 11:59:31 2012
@@ -24,11 +24,10 @@
     <parent>
        <groupId>org.apache.cxf.fediz.examples</groupId>
        <artifactId>wsclientWebapp</artifactId>
-       <version>0.6-SNAPSHOT</version>
+       <version>1.0-SNAPSHOT</version>
     </parent>
     <artifactId>webservice</artifactId>
-    <name>Apache Fediz wsclientwebapp - web service</name>
-    <version>0.6-SNAPSHOT</version>
+    <name>Apache Fediz Examples - Webapp WS Client - Web Service</name>
     <packaging>pom</packaging>
 
     <properties>

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/pom.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/pom.xml Tue May 15 11:59:31 2012
@@ -24,12 +24,11 @@
 	<parent>
 		<groupId>org.apache.cxf.fediz.examples</groupId>
 		<artifactId>webservice</artifactId>
-		<version>0.6-SNAPSHOT</version>
+		<version>1.0-SNAPSHOT</version>
 	</parent>
 	<groupId>org.apache.cxf.fediz.examples.webservice</groupId>
 	<artifactId>service-war</artifactId>
-	<name>Apache Fediz Web Service implementation</name>
-	<version>0.6-SNAPSHOT</version>
+	<name>Apache Fediz Examples - Webapp WS Client - Web Service Implementation</name>
 	<packaging>war</packaging>
 
 	<build>

Modified: cxf/fediz/trunk/plugins/core/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/pom.xml?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/pom.xml (original)
+++ cxf/fediz/trunk/plugins/core/pom.xml Tue May 15 11:59:31 2012
@@ -23,7 +23,7 @@
 	<parent>
 		<groupId>org.apache.cxf.fediz</groupId>
 		<artifactId>fediz</artifactId>
-		<version>0.6-SNAPSHOT</version>
+		<version>1.0-SNAPSHOT</version>
 		<relativePath>../../pom.xml</relativePath>
 	</parent>
 	<artifactId>fediz-core</artifactId>
@@ -64,8 +64,50 @@
 			<version>2.5</version>
 			<scope>provided</scope>
 		</dependency>
-
 	</dependencies>
-    
+   <build>
+     <plugins>
+	    <plugin>
+	    <groupId>com.sun.tools.xjc.maven2</groupId>
+	    <artifactId>maven-jaxb-plugin</artifactId>
+	    <executions>
+                <execution>
+   	        <goals>
+                    <goal>generate</goal>
+	        </goals>
+ 	        </execution>
+	    </executions>
+	    <configuration>
+	        <schemaDirectory>${basedir}/src/main/resources</schemaDirectory>
+	        <generatePackage>org.apache.cxf.fediz.core.config.jaxb</generatePackage>
+	        <includeSchemas>
+                    <includeSchema>**/FedizConfig.xsd</includeSchema>
+	        </includeSchemas>
+	        <excludeSchemas>
+	             <excludeSchema>test*.xsd</excludeSchema>
+	        </excludeSchemas>
+	        <includeBindings>
+	            <includeBinding>*.xjb</includeBinding>
+	        </includeBindings>
+	        <strict>true</strict>
+	        <verbose>true</verbose>
+ 	    </configuration>
+	    </plugin>
+   		<plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-source-plugin</artifactId>
+                <version>2.1.2</version>
+                <executions>
+                    <execution>
+                        <id>attach-sources</id>
+                        <phase>verify</phase>
+                        <goals>
+                            <goal>jar-no-fork</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>    
 </project>
  

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java Tue May 15 11:59:31 2012
@@ -30,7 +30,7 @@ import javax.servlet.http.HttpServletReq
 import javax.xml.parsers.ParserConfigurationException;
 
 import org.apache.cxf.fediz.core.config.FederationContext;
-import org.apache.cxf.fediz.core.config.FederationProtocolType;
+import org.apache.cxf.fediz.core.config.FederationProtocol;
 import org.apache.cxf.fediz.core.saml.SAMLTokenValidator;
 import org.apache.cxf.fediz.core.util.DOMUtils;
 import org.apache.ws.security.WSConstants;
@@ -254,7 +254,7 @@ public class FederationProcessorImpl imp
         //        } 
         try
         {
-            String issuerURL = ((FederationProtocolType) config.getProtocol()).getIssuer();
+            String issuerURL = ((FederationProtocol) config.getProtocol()).getIssuer();
             if (issuerURL != null && issuerURL.length() > 0) {
                 redirectURL = issuerURL;
             }

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Authentication.java Tue May 15 11:59:31 2012
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
+import org.apache.cxf.fediz.core.config.jaxb.AuthenticationType;
+
+public class Authentication {
+    private AuthenticationType authType = null;
+
+    public Authentication(AuthenticationType authType) {
+        super();
+        this.authType = authType;
+    }
+
+    protected AuthenticationType getAuthType() {
+        return authType;
+    }
+
+    protected void setAuthType(AuthenticationType authType) {
+        this.authType = authType;
+    }
+
+    public PropertyType getType() {
+        return PropertyType.fromValue(authType.getType().value());
+    }
+
+    public int hashCode() {
+        return authType.hashCode();
+    }
+
+    public void setType(PropertyType value) {
+        authType.setType(ArgumentType.fromValue(value.value()));
+    }
+
+    public String getValue() {
+        return authType.getValue();
+    }
+
+    public void setValue(String value) {
+        authType.setValue(value);
+    }
+
+    public boolean equals(Object obj) {
+        return authType.equals(obj);
+    }
+
+    public String toString() {
+        return authType.toString();
+    }
+ 
+}

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStore.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStore.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStore.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertStore.java Tue May 15 11:59:31 2012
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.CertStoreType;
+
+public class CertStore {
+    private CertStoreType certStoreType = null;
+
+    public CertStore(CertStoreType certStoreType) {
+        super();
+        this.certStoreType = certStoreType;
+    }
+
+    protected CertStoreType getCertStoreType() {
+        return certStoreType;
+    }
+
+    protected void setCertStoreType(CertStoreType certStoreType) {
+        this.certStoreType = certStoreType;
+    }
+
+    public int hashCode() {
+        return certStoreType.hashCode();
+    }
+
+    public String getFile() {
+        return certStoreType.getFile();
+    }
+
+    public void setFile(String value) {
+        certStoreType.setFile(value);
+    }
+
+    public String getResource() {
+        return certStoreType.getResource();
+    }
+
+    public void setResource(String value) {
+        certStoreType.setResource(value);
+    }
+
+    public String getUrl() {
+        return certStoreType.getUrl();
+    }
+
+    public void setUrl(String value) {
+        certStoreType.setUrl(value);
+    }
+
+    public boolean equals(Object obj) {
+        return certStoreType.equals(obj);
+    }
+
+    public String toString() {
+        return certStoreType.toString();
+    }
+
+}

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertificateValidationMethod.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertificateValidationMethod.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertificateValidationMethod.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/CertificateValidationMethod.java Tue May 15 11:59:31 2012
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.ValidationType;
+
+public enum CertificateValidationMethod {
+
+    PEER_TRUST("PeerTrust"),
+
+    CHAIN_TRUST("ChainTrust");
+    private final String value;
+
+    CertificateValidationMethod(String v) {
+        value = v;
+    }
+    CertificateValidationMethod(ValidationType type) {
+        value = type.value();
+    }
+
+    public String value() {
+        return value;
+    }
+
+    ValidationType validationType = null;
+    
+    public static CertificateValidationMethod fromValue(String v) {
+        for (CertificateValidationMethod c: CertificateValidationMethod.values()) {
+            if (c.value.equals(v)) {
+                return c;
+            }
+        }
+        throw new IllegalArgumentException(v);
+    }
+
+    
+    
+}

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Claim.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Claim.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Claim.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Claim.java Tue May 15 11:59:31 2012
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.ClaimType;
+
+public class Claim {
+
+    private ClaimType claimType = null;
+
+    public Claim(ClaimType claimType) {
+        super();
+        this.claimType = claimType;
+    }
+
+    protected ClaimType getClaimType() {
+        return claimType;
+    }
+
+    protected void setClaimType(ClaimType claimType) {
+        this.claimType = claimType;
+    }
+
+    public boolean isOptional() {
+        return claimType.isOptional();
+    }
+
+    public int hashCode() {
+        return claimType.hashCode();
+    }
+
+    public void setOptional(boolean value) {
+        claimType.setOptional(value);
+    }
+
+    public String getType() {
+        return claimType.getType();
+    }
+
+    public void setType(String value) {
+        claimType.setType(value);
+    }
+
+    public boolean equals(Object obj) {
+        return claimType.equals(obj);
+    }
+
+    public String toString() {
+        return claimType.toString();
+    }
+    
+    
+    
+}

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java Tue May 15 11:59:31 2012
@@ -20,10 +20,15 @@ package org.apache.cxf.fediz.core.config
 import java.io.File;
 import java.io.Reader;
 import java.io.Writer;
+import java.util.ArrayList;
+import java.util.List;
 
 import javax.xml.bind.JAXBContext;
 import javax.xml.bind.JAXBException;
 
+import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
+import org.apache.cxf.fediz.core.config.jaxb.FedizConfig;
+
 public class FederationConfigurator {
 
     private FedizConfig rootConfig = null;
@@ -59,6 +64,14 @@ public class FederationConfigurator {
         return jaxbContext;
     }
 
+    public List<FederationContext> getFederationContextList(){
+        List<FederationContext> ctxList = new ArrayList<FederationContext>();
+        for (ContextConfig config : rootConfig.getContextConfig()) {
+            ctxList.add(new FederationContext(config));            
+        }
+        return ctxList;
+    }
+    
     public FederationContext getFederationContext(String contextName) {
         ContextConfig config = getContextConfig(contextName);
         if (config == null) {

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java Tue May 15 11:59:31 2012
@@ -21,9 +21,15 @@ import java.math.BigInteger;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.ArrayList;
-import java.util.Collections;
 import java.util.List;
 
+import org.apache.cxf.fediz.core.config.jaxb.CertificateStores;
+import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
+import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
+import org.apache.cxf.fediz.core.config.jaxb.ProtocolType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustManagersType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuers;
 import org.apache.cxf.fediz.core.exception.IllegalConfigurationException;
 
 public class FederationContext {
@@ -42,24 +48,41 @@ public class FederationContext {
         return config.getAudienceUris().getAudienceItem();
     }
 
-    public ValidationType getCertificateValidation() {
-        return config.getCertificateValidation();
-    }
-
-    public TrustedIssuers getTrustedIssuers() {
-        return config.getTrustedIssuers();
+    public List<TrustedIssuer> getTrustedIssuers(){
+        TrustedIssuers issuers = config.getTrustedIssuers();
+        List<TrustedIssuerType> trustManagers =  issuers.getIssuer();
+        List<TrustedIssuer> trustedIssuers = new ArrayList<TrustedIssuer>();
+        for(TrustedIssuerType manager:trustManagers){
+            trustedIssuers.add(new TrustedIssuer(manager));
+        }
+        return trustedIssuers; 
+    }
+    
+    
+    public List<TrustManager> getCertificateStores(){
+        CertificateStores certStores = config.getCertificateStores();
+        List<TrustManagersType> trustManagers =  certStores.getTrustManager();
+        List<TrustManager> trustedIssuers = new ArrayList<TrustManager>();
+        for(TrustManagersType manager:trustManagers){
+            trustedIssuers.add(new TrustManager(manager));
+        }
+        return trustedIssuers; 
     }
-
+    
     public BigInteger getMaximumClockSkew() {
         return config.getMaximumClockSkew();
     }
 
-    public TrustManagersType getServiceCertificate() {
-        return config.getServiceCertificate();
-    }
-
-    public ProtocolType getProtocol() {
-        return config.getProtocol();
+//    public TrustManager getServiceCertificate() {
+//        return new TrustManager(config.getServiceCertificate());
+//    }
+
+    public Protocol getProtocol() {
+        ProtocolType type = config.getProtocol();
+        if(type instanceof FederationProtocolType){
+            return new FederationProtocol(type);
+        }
+        return null;
     }
 
     public String getName() {
@@ -86,18 +109,20 @@ public class FederationContext {
         this.detectReplayedTokens = detectReplayedTokens;
     }
 
+    /*
     public List<String> getTrustedIssuersNames() {
         TrustedIssuers issuers = config.getTrustedIssuers();
         List<String> issuerNames = new ArrayList<String>();
         if (issuers != null) {
             for (TrustManagersType t : issuers.getTrustedIssuerItem()) {
-                issuerNames.add(t.getProvider());
+                issuerNames.add(t.getName());
             }
             return issuerNames;
         } else {
             return Collections.<String> emptyList();
         }
     }
+    */
 
     public URI getRoleURI() {
         ProtocolType pt = config.getProtocol();
@@ -127,19 +152,22 @@ public class FederationContext {
                 "No FederationProtocolType found");
     }
 
+    /*
     public String getTrustStoreFile() {
-        KeyStoreType storeType = getTrustStore();
+        KeyStore storeType = getTrustStore();
         return storeType.getFile();
     }
 
     public String getTrustStorePassword() {
-        KeyStoreType storeType = getTrustStore();
+        KeyStore storeType = getTrustStore();
         return storeType.getPassword();
     }
+    
+
+    private KeyStore getTrustStore() {
 
-    private KeyStoreType getTrustStore() {
-        List<TrustManagersType> managers = config.getTrustedIssuers()
-                .getTrustedIssuerItem();
+        List<TrustManager> managers =  getTrustedIssuers();
+        
         if (managers == null) {
             throw new IllegalConfigurationException(
                     "No Trusted Issuers Keystore found");
@@ -148,9 +176,11 @@ public class FederationContext {
             throw new IllegalConfigurationException(
                     "Only one Trusted Issuer Keystore supported");
         }
-        TrustManagersType trustManager = managers.get(0);
+        
+        TrustManager trustManager = managers.get(0);
         return trustManager.getKeyStore();
     }
+    */
 
     public void setRelativePath(String relativePath) {
         this.relativePath = relativePath;

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java Tue May 15 11:59:31 2012
@@ -0,0 +1,151 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.cxf.fediz.core.config.jaxb.ClaimType;
+import org.apache.cxf.fediz.core.config.jaxb.ClaimTypesRequested;
+import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
+import org.apache.cxf.fediz.core.config.jaxb.ProtocolType;
+
+public class FederationProtocol extends Protocol {
+
+    public FederationProtocol(ProtocolType protocolType) {
+        super(protocolType);
+    }
+
+    protected FederationProtocolType getFederationProtocol() {
+        return (FederationProtocolType)super.getProtocolType();
+    }
+
+    protected void setFederationProtocol(FederationProtocolType federationProtocol) {
+        super.setProtocolType(federationProtocol);
+    }
+
+    public int hashCode() {
+        return getFederationProtocol().hashCode();
+    }
+
+    public String getRealm() {
+        return getFederationProtocol().getRealm();
+    }
+
+    public void setRealm(String value) {
+        getFederationProtocol().setRealm(value);
+    }
+
+    public String getIssuer() {
+        return getFederationProtocol().getIssuer();
+    }
+
+    public boolean equals(Object obj) {
+        return getFederationProtocol().equals(obj);
+    }
+
+    public void setIssuer(String value) {
+        getFederationProtocol().setIssuer(value);
+    }
+
+    public String getRoleDelimiter() {
+        return getFederationProtocol().getRoleDelimiter();
+    }
+
+    public void setRoleDelimiter(String value) {
+        getFederationProtocol().setRoleDelimiter(value);
+    }
+
+    public String getRoleURI() {
+        return getFederationProtocol().getRoleURI();
+    }
+
+    public void setRoleURI(String value) {
+        getFederationProtocol().setRoleURI(value);
+    }
+
+    public Authentication getAuthenticationType() {
+        return new Authentication(getFederationProtocol().getAuthenticationType());
+    }
+
+    public void setAuthenticationType(Authentication value) {
+        getFederationProtocol().setAuthenticationType(value.getAuthType());
+    }
+
+    public HomeRealm getHomeRealm() {
+        return new HomeRealm(getFederationProtocol().getHomeRealm());
+    }
+
+    public void setHomeRealm(HomeRealm value) {
+        getFederationProtocol().setHomeRealm(value.getHomeRealm());
+    }
+
+    public String getFreshness() {
+        return getFederationProtocol().getFreshness();
+    }
+
+    public void setFreshness(String value) {
+        getFederationProtocol().setFreshness(value);
+    }
+
+    public String getReply() {
+        return getFederationProtocol().getReply();
+    }
+
+    public void setReply(String value) {
+        getFederationProtocol().setReply(value);
+    }
+
+    public String getRequest() {
+        return getFederationProtocol().getRequest();
+    }
+
+    public void setRequest(String value) {
+        getFederationProtocol().setRequest(value);
+    }
+
+    public List<Claim> getClaimTypesRequested() {
+        ClaimTypesRequested claimsRequested = getFederationProtocol().getClaimTypesRequested();
+        List<Claim> claims = new ArrayList<Claim>();
+        for(ClaimType c:claimsRequested.getClaimType() ){
+            claims.add(new Claim(c));
+        }
+        return claims;
+    }
+
+    public void setClaimTypesRequested(ClaimTypesRequested value) {
+        getFederationProtocol().setClaimTypesRequested(value);
+    }
+
+    public List<String> getSecurityTokenValidators() {
+        return getFederationProtocol().getSecurityTokenValidators();
+    }
+
+    public String getVersion() {
+        return getFederationProtocol().getVersion();
+    }
+
+    public void setVersion(String value) {
+        getFederationProtocol().setVersion(value);
+    }
+
+    public String toString() {
+        return getFederationProtocol().toString();
+    }
+
+}

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/HomeRealm.java Tue May 15 11:59:31 2012
@@ -1,89 +1,51 @@
-//
-// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4 
-// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a> 
-// Any modifications to this file will be lost upon recompilation of the source schema. 
-// Generated on: 2012.03.28 at 02:33:06 PM CEST 
-//
-
 package org.apache.cxf.fediz.core.config;
 
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlRootElement;
-import javax.xml.bind.annotation.XmlType;
-
-/**
- * <p>
- * Java class for anonymous complex type.
- * 
- * <p>
- * The following schema fragment specifies the expected content contained within
- * this class.
- * 
- * <pre>
- * &lt;complexType>
- *   &lt;complexContent>
- *     &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
- *       &lt;attribute name="type" use="required" type="{}argumentType" />
- *       &lt;attribute name="value" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
- *     &lt;/restriction>
- *   &lt;/complexContent>
- * &lt;/complexType>
- * </pre>
- * 
- * 
- */
-@XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(name = "")
-@XmlRootElement(name = "homeRealm")
+import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
+
 public class HomeRealm {
+    private org.apache.cxf.fediz.core.config.jaxb.HomeRealm homeRealm = null;
+
+    public HomeRealm(org.apache.cxf.fediz.core.config.jaxb.HomeRealm homeRealm) {
+        super();
+        this.homeRealm = homeRealm;
+    }
+
+    protected org.apache.cxf.fediz.core.config.jaxb.HomeRealm getHomeRealm() {
+        return homeRealm;
+    }
+
+    protected void setHomeRealm(org.apache.cxf.fediz.core.config.jaxb.HomeRealm homeRealm) {
+        this.homeRealm = homeRealm;
+    }
 
-    @XmlAttribute(name = "type", required = true)
-    protected ArgumentType type;
-    @XmlAttribute(name = "value", required = true)
-    protected String value;
-
-    /**
-     * Gets the value of the type property.
-     * 
-     * @return possible object is {@link ArgumentType }
-     * 
-     */
     public ArgumentType getType() {
-        return type;
+        return homeRealm.getType();
+    }
+
+    public int hashCode() {
+        return homeRealm.hashCode();
     }
 
-    /**
-     * Sets the value of the type property.
-     * 
-     * @param value
-     *            allowed object is {@link ArgumentType }
-     * 
-     */
     public void setType(ArgumentType value) {
-        this.type = value;
+        homeRealm.setType(value);
     }
 
-    /**
-     * Gets the value of the value property.
-     * 
-     * @return possible object is {@link String }
-     * 
-     */
     public String getValue() {
-        return value;
+        return homeRealm.getValue();
     }
 
-    /**
-     * Sets the value of the value property.
-     * 
-     * @param value
-     *            allowed object is {@link String }
-     * 
-     */
     public void setValue(String value) {
-        this.value = value;
+        homeRealm.setValue(value);
+    }
+
+    public boolean equals(Object obj) {
+        return homeRealm.equals(obj);
+    }
+
+    public String toString() {
+        return homeRealm.toString();
     }
 
-}
+    
+    
+}
\ No newline at end of file

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStore.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStore.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStore.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/KeyStore.java Tue May 15 11:59:31 2012
@@ -0,0 +1,98 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.KeyStoreType;
+
+public class KeyStore {
+    private KeyStoreType kesyStoreType = null;
+
+    public KeyStore(KeyStoreType kesyStoreType) {
+        super();
+        this.kesyStoreType = kesyStoreType;
+    }
+
+    protected KeyStoreType getKesyStoreType() {
+        return kesyStoreType;
+    }
+
+    protected void setKesyStoreType(KeyStoreType kesyStoreType) {
+        this.kesyStoreType = kesyStoreType;
+    }
+
+    public String getType() {
+        return kesyStoreType.getType();
+    }
+
+    public void setType(String value) {
+        kesyStoreType.setType(value);
+    }
+
+    public String getPassword() {
+        return kesyStoreType.getPassword();
+    }
+
+    public void setPassword(String value) {
+        kesyStoreType.setPassword(value);
+    }
+
+    public String getProvider() {
+        return kesyStoreType.getProvider();
+    }
+
+    public void setProvider(String value) {
+        kesyStoreType.setProvider(value);
+    }
+
+    public String getUrl() {
+        return kesyStoreType.getUrl();
+    }
+
+    public void setUrl(String value) {
+        kesyStoreType.setUrl(value);
+    }
+
+    public String getFile() {
+        return kesyStoreType.getFile();
+    }
+
+    public void setFile(String value) {
+        kesyStoreType.setFile(value);
+    }
+
+    public String getResource() {
+        return kesyStoreType.getResource();
+    }
+
+    public void setResource(String value) {
+        kesyStoreType.setResource(value);
+    }
+
+    public int hashCode() {
+        return kesyStoreType.hashCode();
+    }
+
+    public boolean equals(Object obj) {
+        return kesyStoreType.equals(obj);
+    }
+
+    public String toString() {
+        return kesyStoreType.toString();
+    }
+
+}

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/PropertyType.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/PropertyType.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/PropertyType.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/PropertyType.java Tue May 15 11:59:31 2012
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
+
+public enum PropertyType {
+    CLASS("Class"),
+    
+    STRING("String");
+    private final String value;
+
+    
+
+    PropertyType(String v) {
+        value = v;
+    }
+
+    
+    PropertyType(ArgumentType arg) {
+        value = arg.value();
+    }
+
+    public String value() {
+        return value;
+    }
+
+    public static PropertyType fromValue(String v) {
+        for (PropertyType c: PropertyType.values()) {
+            if (c.value.equals(v)) {
+                return c;
+            }
+        }
+        throw new IllegalArgumentException(v);
+    }
+
+    
+}

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Protocol.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Protocol.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Protocol.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/Protocol.java Tue May 15 11:59:31 2012
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.ProtocolType;
+
+public abstract class Protocol {
+    private ProtocolType protocolType = null;
+
+    public Protocol(ProtocolType protocolType) {
+        super();
+        this.protocolType = protocolType;
+    }
+
+    protected ProtocolType getProtocolType() {
+        return protocolType;
+    }
+
+    protected void setProtocolType(ProtocolType protocolType) {
+        this.protocolType = protocolType;
+    }
+
+    public int hashCode() {
+        return protocolType.hashCode();
+    }
+
+    public boolean equals(Object obj) {
+        return protocolType.equals(obj);
+    }
+
+    public String toString() {
+        return protocolType.toString();
+    }
+    
+    
+
+}

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManager.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManager.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManager.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustManager.java Tue May 15 11:59:31 2012
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.TrustManagersType;
+
+public class TrustManager {
+    private TrustManagersType trustManagerType = null;
+
+        
+    public TrustManager(TrustManagersType trustManagerType) {
+        super();
+        this.trustManagerType = trustManagerType;
+    }
+
+   
+
+    public KeyStore getKeyStore() {
+        return new KeyStore(trustManagerType.getKeyStore());
+    }
+
+    public void setKeyStore(KeyStore keyStore) {
+        trustManagerType.setKeyStore(keyStore.getKesyStoreType());
+    }
+
+ 
+
+    public String getProvider() {
+        return trustManagerType.getProvider();
+    }
+
+    public void setProvider(String value) {
+        trustManagerType.setProvider(value);
+    }
+
+   public int hashCode() {
+        return trustManagerType.hashCode();
+    }
+    
+    public boolean equals(Object obj) {
+        return trustManagerType.equals(obj);
+    }
+
+    public String toString() {
+        return trustManagerType.toString();
+    }
+    
+
+}

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuer.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuer.java?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuer.java (added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/TrustedIssuer.java Tue May 15 11:59:31 2012
@@ -0,0 +1,83 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.cxf.fediz.core.config;
+
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
+import org.apache.cxf.fediz.core.config.jaxb.ValidationType;
+
+public class TrustedIssuer {
+    private TrustedIssuerType trustedIssuerType = null;
+
+        
+    public TrustedIssuer(TrustedIssuerType trustedIssuerType) {
+        super();
+        this.trustedIssuerType = trustedIssuerType;
+    }
+    
+    public String getName() {
+        return trustedIssuerType.getName();
+    }
+    
+    public void setName(String name) {
+        trustedIssuerType.setName(name);
+    }
+    
+    public String getSubject() {
+        return trustedIssuerType.getSubject();
+    }
+    
+    public void setSubject(String subject) {
+        trustedIssuerType.setSubject(subject);
+    }
+
+    public CertificateValidationMethod getCertificateValidationMethod() {
+        if (ValidationType.CHAIN_TRUST.equals(trustedIssuerType.getCertificateValidation())) {
+            return CertificateValidationMethod.CHAIN_TRUST;
+        } else if (ValidationType.PEER_TRUST.equals(trustedIssuerType.getCertificateValidation())) {
+            return CertificateValidationMethod.PEER_TRUST;
+        } else {
+            throw new IllegalStateException("Not supported certificate validation type");
+        }
+    }
+    
+    public void setCertificateValidationMethod(CertificateValidationMethod validationMethod) {
+        if (CertificateValidationMethod.CHAIN_TRUST.equals(validationMethod)) {
+            trustedIssuerType.setCertificateValidation(ValidationType.CHAIN_TRUST);
+        } else if (CertificateValidationMethod.PEER_TRUST.equals(validationMethod)) {
+            trustedIssuerType.setCertificateValidation(ValidationType.PEER_TRUST);
+        } else {
+            throw new IllegalStateException("Not supported certificate validation type");
+        }
+    }
+    
+    
+
+   public int hashCode() {
+        return trustedIssuerType.hashCode();
+    }
+    
+    public boolean equals(Object obj) {
+        return trustedIssuerType.equals(obj);
+    }
+
+    public String toString() {
+        return trustedIssuerType.toString();
+    }
+    
+
+}

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/exception/IllegalConfigurationException.java Tue May 15 11:59:31 2012
@@ -1,7 +1,29 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.apache.cxf.fediz.core.exception;
 
 public class IllegalConfigurationException extends RuntimeException {
 
+    /**
+     * 
+     */
+    private static final long serialVersionUID = 6273022567957710601L;
+
     public IllegalConfigurationException() {
         super();
     }

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java Tue May 15 11:59:31 2012
@@ -38,6 +38,9 @@ import org.apache.cxf.fediz.core.ClaimCo
 import org.apache.cxf.fediz.core.TokenValidator;
 import org.apache.cxf.fediz.core.TokenValidatorResponse;
 import org.apache.cxf.fediz.core.config.FederationContext;
+import org.apache.cxf.fediz.core.config.KeyStore;
+import org.apache.cxf.fediz.core.config.TrustManager;
+import org.apache.cxf.fediz.core.config.TrustedIssuer;
 import org.apache.ws.security.SAMLTokenPrincipal;
 import org.apache.ws.security.WSDocInfo;
 import org.apache.ws.security.WSPasswordCallback;
@@ -76,15 +79,24 @@ public class SAMLTokenValidator implemen
             FederationContext config) {
 
         try {
-            String trustStoreFile = config.getTrustStoreFile();
+            String trustStoreFile;
+            String trustStorePw;
+            //[TODO] Support more than one truststore
+            TrustManager tm = config.getCertificateStores().get(0);
+            KeyStore ks = tm.getKeyStore();
+            if (ks.getFile() != null && !ks.getFile().isEmpty()) {
+                trustStoreFile = ks.getFile();
+                trustStorePw = ks.getPassword();
+            } else {
+                throw new IllegalStateException("No certificate store configured");
+            }
             
             File f = new File(trustStoreFile);
             if (!f.exists() && config.getRelativePath() != null && !config.getRelativePath().isEmpty()) {
-                trustStoreFile = config.getRelativePath().concat(File.separator + config.getTrustStoreFile());
+                trustStoreFile = config.getRelativePath().concat(File.separator + trustStoreFile);
             }
             
-            Properties sigProperties = createCryptoProviderProperties(
-                    trustStoreFile, config.getTrustStorePassword());
+            Properties sigProperties = createCryptoProviderProperties(trustStoreFile, trustStorePw);
 
             Crypto sigCrypto = CryptoFactory.getInstance(sigProperties);
             RequestData requestData = new RequestData();
@@ -122,9 +134,10 @@ public class SAMLTokenValidator implemen
                 cert = trustCredential.getCertificates()[0];
             }
 
-            // List<String> subjectConstraints =
-            // Arrays.asList(config.getTrustedIssuer());
-            List<String> subjectConstraints = config.getTrustedIssuersNames();
+            // [TODO] Support more than one trusted issuer
+            List<TrustedIssuer> trustedIssuers = config.getTrustedIssuers();
+            TrustedIssuer ti = trustedIssuers.get(0);
+            List<String> subjectConstraints = Collections.singletonList(ti.getSubject());
 
             CertConstraintsParser certConstraints = new CertConstraintsParser();
             certConstraints.setSubjectConstraints(subjectConstraints);

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/AbstractServletCallback.java Tue May 15 11:59:31 2012
@@ -1,3 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.apache.cxf.fediz.core.spi;
 
 import javax.security.auth.callback.Callback;

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/IDPCallback.java Tue May 15 11:59:31 2012
@@ -1,3 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.apache.cxf.fediz.core.spi;
 
 import java.net.URL;

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java (original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/WAuthCallback.java Tue May 15 11:59:31 2012
@@ -1,3 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.apache.cxf.fediz.core.spi;
 
 import javax.servlet.http.HttpServletRequest;

Added: cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd?rev=1338661&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd (added)
+++ cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd Tue May 15 11:59:31 2012
@@ -0,0 +1,389 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
+	elementFormDefault="qualified" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+	<xs:element name="FedizConfig">
+		<xs:complexType>
+			<xs:sequence minOccurs="1" maxOccurs="unbounded">
+				<xs:element ref="contextConfig" />
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="contextConfig">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element ref="audienceUris" />
+				<xs:element ref="certificateValidation" />
+				<xs:element ref="certificateStores" />
+				<xs:element ref="maximumClockSkew" />
+				<xs:element ref="serviceCertificate" />
+				<xs:element ref="trustedIssuers" />
+				<xs:element ref="protocol" />
+			</xs:sequence>
+			<xs:attribute name="name" use="required" type="xs:string" />
+
+		</xs:complexType>
+	</xs:element>
+
+	<!-- <xs:element name="trustedIssuerItem" type="TrustManagersType" /> <xs:element 
+		name="trustedIssuers"> <xs:complexType> <xs:sequence minOccurs="1" maxOccurs="unbounded"> 
+		<xs:element ref="trustedIssuerItem" /> </xs:sequence> </xs:complexType> </xs:element> -->
+
+	<xs:element name="trustedIssuers">
+		<xs:complexType>
+			<xs:sequence minOccurs="1" maxOccurs="unbounded">
+				<xs:element name="issuer" type="TrustedIssuerType" />
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:complexType name="TrustedIssuerType">
+		<xs:attribute name="name" type="xs:string" use="optional" />
+		<xs:attribute name="certificateValidation" type="validationType"
+			use="optional" />
+		<xs:attribute name="subject" type="xs:string" use="optional" />
+	</xs:complexType>
+
+	<xs:element name="certificateStores">
+		<xs:complexType>
+			<xs:sequence minOccurs="1" maxOccurs="unbounded">
+				<xs:element name="trustManager" type="TrustManagersType" />
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+
+	<!-- <xs:element name="audienceUris" type="xs:anyURI"/> -->
+	<xs:element name="audienceUris">
+		<xs:complexType>
+			<xs:sequence minOccurs="1" maxOccurs="unbounded">
+				<xs:element ref="audienceItem" />
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="audienceItem" type="xs:anyURI" />
+
+	<xs:element name="certificateValidation" type="validationType" />
+
+	<xs:simpleType name="validationType">
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="PeerTrust" />
+			<xs:enumeration value="ChainTrust" />
+		</xs:restriction>
+	</xs:simpleType>
+
+
+
+	<xs:element name="maximumClockSkew" type="xs:integer" />
+
+	<!-- keystore type -->
+	<xs:element name="serviceCertificate" type="KeyManagersType" />
+
+	<xs:element name="protocol" type="protocolType" />
+
+	<xs:complexType name="federationProtocolType">
+		<xs:complexContent>
+			<xs:extension base="protocolType">
+				<xs:sequence>
+					<xs:element ref="realm" />
+					<xs:element ref="issuer" />
+					<xs:element ref="roleDelimiter" />
+					<xs:element ref="roleURI" />
+					<xs:element ref="authenticationType" />
+					<xs:element ref="homeRealm" />
+					<xs:element ref="freshness" />
+					<xs:element ref="reply" />
+					<xs:element ref="request" />
+					<xs:element ref="claimTypesRequested" />
+					<xs:sequence minOccurs="1" maxOccurs="unbounded">
+						<xs:element ref="securityTokenValidators" />
+					</xs:sequence>
+				</xs:sequence>
+				<!-- <xs:attribute name="roleDelimiter" type="xs:string"/> -->
+				<!--<xs:attribute name="roleURI" use="required" type="xs:string"/> -->
+				<xs:attribute name="version" use="required" type="xs:string" />
+				<!--<xs:attribute name="realm" use="required" type="xs:string"/> -->
+				<!--<xs:attribute name="freshness" use="required" type="xs:string"/> -->
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+
+	<xs:element name="roleDelimiter" type="xs:string" />
+	<xs:element name="roleURI" type="xs:string" />
+	<xs:element name="realm" type="xs:string" />
+	<xs:element name="issuer" type="xs:anyURI" />
+	<xs:element name="freshness" type="xs:string" />
+
+	<xs:complexType name="protocolType" abstract="true" />
+
+	<xs:element name="homeRealm">
+		<xs:complexType>
+			<xs:attribute name="type" use="required" type="argumentType" />
+			<xs:attribute name="value" use="required" type="xs:string" />
+		</xs:complexType>
+	</xs:element>
+
+
+	<xs:element name="authenticationType">
+		<xs:complexType>
+			<xs:attribute name="type" use="required" type="argumentType" />
+			<xs:attribute name="value" use="required" type="xs:string" />
+		</xs:complexType>
+	</xs:element>
+
+	<xs:simpleType name="argumentType">
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="Class" />
+			<xs:enumeration value="String" />
+		</xs:restriction>
+	</xs:simpleType>
+
+	<xs:element name="reply" type="xs:string" />
+
+	<xs:element name="request" type="xs:string" />
+
+	<xs:element name="claimTypesRequested">
+		<xs:complexType>
+			<xs:sequence minOccurs="1" maxOccurs="unbounded">
+				<xs:element ref="claimType" />
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="claimType">
+		<xs:complexType>
+			<xs:attribute name="optional" use="required" type="optionalType" />
+			<xs:attribute name="type" use="required" type="xs:string" />
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="securityTokenValidators" type="xs:string" />
+
+	<xs:simpleType name="optionalType">
+		<xs:restriction base="xs:boolean" />
+	</xs:simpleType>
+
+
+	<xs:complexType name="TrustManagersType">
+		<xs:annotation>
+			<xs:documentation>
+				This structure contains the specification of JSSE
+				TrustManagers for
+				a single Keystore used for trusted certificates.
+			</xs:documentation>
+		</xs:annotation>
+		<xs:sequence minOccurs="1" maxOccurs="1">
+			<xs:element name="keyStore" type="KeyStoreType" minOccurs="1">
+				<xs:annotation>
+					<xs:documentation>
+						This element contains the KeyStore used as a
+						trust
+						store.
+                  </xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="provider" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute contains the KeyManagers provider
+					name.
+				</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="factoryAlgorithm" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute contains the algorithm the KeyManagers Factory
+					will use in creating the KeyManagers from the KeyStore. Most
+					common examples are "PKIX".
+                </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+
+	<xs:complexType name="KeyStoreType">
+		<xs:annotation>
+			<xs:documentation>
+				A KeyStoreType represents the information needed to
+				load a collection
+				of key and certificate material from a desired
+				location.
+				The "url", "file", and "resource" attributes are intended
+				to be
+				mutually exclusive, though this assumption is not encoded in
+				schema.
+				The precedence order observed by the runtime is
+				1) "file", 2)
+				"resource", and 3) "url".
+        </xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="type" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute specifies the type of the keystore.
+					It is highly correlated to the provider. Most common examples
+					are
+					"jks" "pkcs12".
+            </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="password" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute specifes the integrity password for
+					the keystore.
+					This is not the password that unlock keys within the
+					keystore.
+				</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="provider" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute specifies the keystore
+					implementation provider.
+					Most common examples are "SUN".
+				</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="url" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute specifies the URL location of the
+					keystore.
+					This element should be a properly accessible URL, such as
+					"http://..." "file:///...", etc. Only one attribute of
+					"url",
+					"file", or "resource" is allowed.
+            </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="file" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute specifies the File location of the
+					keystore.
+					This element should be a properly accessible file from the
+					working directory. Only one attribute of
+					"url", "file", or
+					"resource" is allowed.
+            </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="resource" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute specifies the Resource location of
+					the keystore.
+					This element should be a properly accessible on the
+					classpath.
+					Only one attribute of "url", "file", or "resource" is
+					allowed.
+            </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+
+	<xs:complexType name="CertStoreType">
+		<xs:annotation>
+			<xs:documentation>
+				A CertStoreType represents a catenated sequence of
+				X.509 certificates,
+				in PEM or DER format.
+				The "url", "file", and
+				"resource" attributes are intended to be
+				mutually exclusive, though
+				this assumption is not encoded in schema.
+				The precedence order
+				observed by the runtime is
+				1) "file", 2) "resource", and 3) "url".
+			</xs:documentation>
+		</xs:annotation>
+		<xs:attribute name="file" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute specifies the File location of the
+					certificate store.
+					This element should be a properly accessible file
+					from the working directory. Only one attribute of
+					"url", "file", or
+					"resource" is allowed.
+            </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="resource" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute specifies the Resource location of
+					the certificate store.
+					This element should be a properly accessible
+					on the classpath.
+					Only one attribute of "url", "file", or "resource"
+					is allowed.
+            </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="url" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute specifies the URL location of the
+					certificate store.
+					This element should be a properly accessible URL,
+					such as
+					"http://..." "file:///...", etc. Only one attribute of
+					"url", "file", or "resource" is allowed.
+            </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+
+
+
+	<xs:complexType name="KeyManagersType">
+		<xs:annotation>
+			<xs:documentation>
+				This structure specifies the JSSE based KeyManagers
+				for a single Keystore.
+        </xs:documentation>
+		</xs:annotation>
+
+		<xs:sequence>
+			<xs:element name="keyStore" type="KeyStoreType" minOccurs="0">
+				<xs:annotation>
+					<xs:documentation>
+						This element specified the Keystore for these
+						JSSE KeyManagers.
+					</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="keyPassword" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute contains the password that unlocks
+					the keys within the keystore.
+                </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="provider" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute contains the KeyManagers provider name.
+				</xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+		<xs:attribute name="factoryAlgorithm" type="xs:string">
+			<xs:annotation>
+				<xs:documentation>
+					This attribute contains the algorithm the KeyManagers Factory
+					will use in creating the KeyManagers from the KeyStore. Most
+					common examples are "PKIX".
+                </xs:documentation>
+			</xs:annotation>
+		</xs:attribute>
+	</xs:complexType>
+
+
+</xs:schema>

Modified: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java?rev=1338661&r1=1338660&r2=1338661&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java (original)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationTest.java Tue May 15 11:59:31 2012
@@ -9,12 +9,28 @@ import java.math.BigInteger;
 import javax.xml.bind.JAXBContext;
 import javax.xml.bind.JAXBException;
 
+import org.apache.cxf.fediz.core.config.jaxb.ArgumentType;
+import org.apache.cxf.fediz.core.config.jaxb.AudienceUris;
+import org.apache.cxf.fediz.core.config.jaxb.AuthenticationType;
+import org.apache.cxf.fediz.core.config.jaxb.CertificateStores;
+import org.apache.cxf.fediz.core.config.jaxb.ClaimType;
+import org.apache.cxf.fediz.core.config.jaxb.ClaimTypesRequested;
+import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
+import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
+import org.apache.cxf.fediz.core.config.jaxb.FedizConfig;
+import org.apache.cxf.fediz.core.config.jaxb.HomeRealm;
+import org.apache.cxf.fediz.core.config.jaxb.KeyStoreType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustManagersType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
+import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuers;
+import org.apache.cxf.fediz.core.config.jaxb.ValidationType;
 import org.junit.Assert;
 
 public class FedizConfigurationTest {
 
     private static final String ISSUER = "http://url_to_the_issuer";
     private static final String PROTOCOL_VERSION = "1.0.0";
+    //private static final String REQUEST = "request value";
     private static final String REPLY = "reply value";
     private static final String TARGET_REALM = "target realm";
     private static final String HOME_REALM_CLASS = "org.apache.fediz.realm.MyHomeRealm.class";
@@ -22,20 +38,13 @@ public class FedizConfigurationTest {
 
     private static final String CONFIG_NAME = "ROOT";
     private static final String CLOCK_SKEW = "1000";
-    private static final String KEYSTORE_FILE = "/path/keystore.jks";
-    private static final String FACTORY_ALGORITHM_1 = "factory algorithm 1";
-    private static final String FACTORY_ALGORITHM_2 = "factory algorithm 2";
-    private static final String RESOURCE_TYPE = "resource";
 
-    private static final String FILE_TYPE = "file";
     private static final String KEYSTORE_PASSWORD_1 = "passw0rd1";
     private static final String KEYSTORE_RESOURCE_PATH_1 = "org.apache.fediz.kestore1";
     private static final String KEYSTORE_PASSWORD_2 = "passw0rd2";
     private static final String KEYSTORE_RESOURCE_PATH_2 = "org.apache.fediz.kestore2";
     private static final String KEYSTORE_PASSWORD_3 = "passw0rd3";
     private static final String KEYSTORE_RESOURCE_PATH_3 = "org.apache.fediz.kestore3";
-    private static final String CERT_STORE_FILE_1 = "/path/truststore.jks";
-    private static final String CERT_STORE_FILE_2 = "/path/keyfile.pem";
     private static final String AUTH_TYPE_VALUE = "some auth type";
 
     private static final String AUDIENCE_URI_1 = "http://host_one:port/url";
@@ -46,6 +55,10 @@ public class FedizConfigurationTest {
     private static final String ROLE_URI = "http://someserver:8080/path/roles.uri";
     private static final String CLAIM_TYPE_1 = "a particular claim type";
     private static final String CLAIM_TYPE_2 = "a second particular claim type";
+    private static final String SUBJECT_VALUE_1 = ".*CN=www.sts1.com.*";
+    private static final String SUBJECT_VALUE_2 = ".*CN=www.sts2.com.*";
+    private static final String SUBJECT_VALUE_3 = ".*CN=www.sts3.com.*";
+    
 
     private static final String CONFIG_FILE = "./fedizconfig.xml";
 
@@ -57,59 +70,62 @@ public class FedizConfigurationTest {
 
         config.setName(CONFIG_NAME);
         config.setMaximumClockSkew(new BigInteger(CLOCK_SKEW));
-        config.setCertificateValidation(ValidationType.CHAIN_TRUST);
-
-        TrustManagersType tm0 = new TrustManagersType();
-
-        CertStoreType cs0 = new CertStoreType();
-        cs0.setFile(KEYSTORE_FILE);
-        tm0.setCertStore(cs0);
-        tm0.setFactoryAlgorithm(FACTORY_ALGORITHM_1);
 
+        CertificateStores certStores = new CertificateStores();
+        
+        TrustManagersType tm0 = new TrustManagersType();       
         KeyStoreType ks0 = new KeyStoreType();
-        ks0.setType(RESOURCE_TYPE);
+        ks0.setType("JKS");
         ks0.setPassword(KEYSTORE_PASSWORD_1);
         ks0.setResource(KEYSTORE_RESOURCE_PATH_1);
-
         tm0.setKeyStore(ks0);
-
-        config.setServiceCertificate(tm0);
-
-        FederationProtocolType protocol = new FederationProtocolType();
-        config.setProtocol(protocol);
-
-        TrustedIssuers trustedIssuer = new TrustedIssuers();
-
+        
+        certStores.getTrustManager().add(tm0);
+        
         TrustManagersType tm1 = new TrustManagersType();
-        CertStoreType cs1 = new CertStoreType();
-        cs1.setFile(CERT_STORE_FILE_1);
-        tm1.setCertStore(cs1);
-        tm1.setFactoryAlgorithm(FACTORY_ALGORITHM_2);
-
         KeyStoreType ks1 = new KeyStoreType();
-        ks1.setType(RESOURCE_TYPE);
+        ks1.setType("JKS");
         ks1.setPassword(KEYSTORE_PASSWORD_2);
         ks1.setResource(KEYSTORE_RESOURCE_PATH_2);
-
         tm1.setKeyStore(ks1);
-        trustedIssuer.getTrustedIssuerItem().add(tm1);
-
+        
+        certStores.getTrustManager().add(tm1);
+        
         TrustManagersType tm2 = new TrustManagersType();
-
-        CertStoreType cs2 = new CertStoreType();
-        cs2.setFile(CERT_STORE_FILE_2);
-        tm2.setCertStore(cs2);
-        tm2.setFactoryAlgorithm(FACTORY_ALGORITHM_2);
-
         KeyStoreType ks2 = new KeyStoreType();
-        ks2.setType(FILE_TYPE);
+        ks2.setType("JKS");
         ks2.setPassword(KEYSTORE_PASSWORD_3);
         ks2.setResource(KEYSTORE_RESOURCE_PATH_3);
-
         tm2.setKeyStore(ks2);
-        trustedIssuer.getTrustedIssuerItem().add(tm2);
+        
+        certStores.getTrustManager().add(tm2);
+        
+        config.setCertificateStores(certStores);
+        
+        TrustedIssuers trustedIssuers = new TrustedIssuers();
+        
+        TrustedIssuerType ti0 = new TrustedIssuerType();
+        ti0.setCertificateValidation(ValidationType.CHAIN_TRUST);
+        ti0.setName("issuer1");
+        ti0.setSubject(SUBJECT_VALUE_1);
+        trustedIssuers.getIssuer().add(ti0);
+        
+        TrustedIssuerType ti1 = new TrustedIssuerType();
+        ti1.setCertificateValidation(ValidationType.CHAIN_TRUST);
+        ti1.setName("issuer1");
+        ti1.setSubject(SUBJECT_VALUE_2);
+        trustedIssuers.getIssuer().add(ti1);
+        
+        TrustedIssuerType ti2 = new TrustedIssuerType();
+        ti2.setCertificateValidation(ValidationType.CHAIN_TRUST);
+        ti2.setName("issuer1");
+        ti2.setSubject(SUBJECT_VALUE_3);
+        trustedIssuers.getIssuer().add(ti2);
+        
+        config.setTrustedIssuers(trustedIssuers);
 
-        config.setTrustedIssuers(trustedIssuer);
+        FederationProtocolType protocol = new FederationProtocolType();
+        config.setProtocol(protocol);
 
         AuthenticationType authType = new AuthenticationType();
         authType.setType(ArgumentType.STRING);
@@ -164,7 +180,7 @@ public class FedizConfigurationTest {
 
         StringWriter writer = new StringWriter();
         jaxbContext.createMarshaller().marshal(configOut, writer);
-
+        
         StringReader reader = new StringReader(writer.toString());
         jaxbContext.createUnmarshaller().unmarshal(reader);
     }



Mime
View raw message