cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From owu...@apache.org
Subject svn commit: r1425349 [2/3] - in /cxf/fediz/trunk: ./ plugins/jetty/src/test/java/org/apache/cxf/fediz/jetty/ plugins/jetty/src/test/resources/ systests/ systests/idp/ systests/idp/src/ systests/idp/src/main/ systests/idp/src/main/java/ systests/idp/src...
Date Sat, 22 Dec 2012 21:37:16 GMT
Added: cxf/fediz/trunk/systests/idp/src/main/resources/logging.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/idp/src/main/resources/logging.properties?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/idp/src/main/resources/logging.properties (added)
+++ cxf/fediz/trunk/systests/idp/src/main/resources/logging.properties Sat Dec 22 21:37:14 2012
@@ -0,0 +1,53 @@
+############################################################
+#  	Default Logging Configuration File
+#
+# You can use a different file by specifying a filename
+# with the java.util.logging.config.file system property.  
+# For example java -Djava.util.logging.config.file=myfile
+############################################################
+
+############################################################
+#  	Global properties
+############################################################
+
+# "handlers" specifies a comma separated list of log Handler 
+# classes.  These handlers will be installed during VM startup.
+# Note that these classes must be on the system classpath.
+# By default we only configure a ConsoleHandler, which will only
+# show messages at the WARNING and above levels.
+handlers= java.util.logging.ConsoleHandler
+#handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler
+
+# Default global logging level.
+# This specifies which kinds of events are logged across
+# all loggers.  For any given facility this global level
+# can be overridden by a facility specific level
+# Note that the ConsoleHandler also has a separate level
+# setting to limit messages printed to the console.
+.level= INFO
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+
+# default file output is in user's home directory.
+java.util.logging.FileHandler.pattern = %h/java%u.log
+java.util.logging.FileHandler.limit = 50000
+java.util.logging.FileHandler.count = 1
+java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
+
+# Limit the message that are printed on the console to WARNING and above.
+java.util.logging.ConsoleHandler.level = FINEST
+java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
+
+
+############################################################
+# Facility specific properties.
+# Provides extra control for each logger.
+############################################################
+
+# For example, set the com.xyz.foo logger to only log SEVERE
+# messages:
+#com.xyz.foo.level = SEVERE
+org.apache.cxf.fediz.service.idp.level = FINEST

Added: cxf/fediz/trunk/systests/idp/src/main/resources/test.txt
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/idp/src/main/resources/test.txt?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/idp/src/main/resources/test.txt (added)
+++ cxf/fediz/trunk/systests/idp/src/main/resources/test.txt Sat Dec 22 21:37:14 2012
@@ -0,0 +1,2 @@
+${idp.https.port}
+${rp.https.port}

Added: cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/RPClaims.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/RPClaims.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/RPClaims.xml (added)
+++ cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/RPClaims.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
+	xsi:schemaLocation="
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+
+
+	<util:map id="realm2ClaimsMap">
+		<entry key="http://localhost:8080/fedizhelloworldother/"
+			value-ref="claimsWsfedhelloworld" />
+		<entry key="http://localhost:8080/fedizhelloworld/"
+			value-ref="claimsWsfedhelloworld2" />
+		<entry key="https://localhost:8443/fedizhelloworld/"
+			value-ref="claimsWsfedhelloworld2" />
+		<entry key="urn:org:apache:cxf:fediz:fedizhelloworld"
+			value-ref="claimsWsfedhelloworld2" />
+		<entry key="urn:org:apache:cxf:fediz:fedizhelloworld2"
+			value-ref="claimsWsfedhelloworld" />  			
+	</util:map>
+
+
+
+	<util:list id="claimsWsfedhelloworld">
+		<value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</value>
+		<value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</value>
+	</util:list>
+
+	<util:list id="claimsWsfedhelloworld2">
+		<value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</value>
+		<value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</value>
+		<value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</value>
+		<value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</value>
+	</util:list>
+
+</beans>

Added: cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/applicationContext.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/applicationContext.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/applicationContext.xml (added)
+++ cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/applicationContext.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:cxf="http://cxf.apache.org/core" xmlns:jaxws="http://cxf.apache.org/jaxws"
+	xmlns:test="http://apache.org/hello_world_soap_http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:util="http://www.springframework.org/schema/util" xmlns:http="http://cxf.apache.org/transports/http/configuration"
+	xmlns:sec="http://cxf.apache.org/configuration/security"
+	xsi:schemaLocation="
+        http://cxf.apache.org/core
+        http://cxf.apache.org/schemas/core.xsd
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+        http://cxf.apache.org/jaxws                                     
+        http://cxf.apache.org/schemas/jaxws.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-2.0.xsd
+        http://cxf.apache.org/transports/http/configuration
+        http://cxf.apache.org/schemas/configuration/http-conf.xsd
+        http://cxf.apache.org/configuration/security
+        http://cxf.apache.org/schemas/configuration/security.xsd">
+        
+	<import resource="classpath:META-INF/cxf/cxf.xml" />
+
+	<cxf:bus>
+		<cxf:features>
+			<cxf:logging />
+		</cxf:features>
+	</cxf:bus>
+
+    
+    <http:conduit name="https://localhost:${idp.https.port}/.*">
+      <http:tlsClientParameters disableCNCheck="true">
+        <sec:trustManagers>
+          <sec:keyStore type="jks" password="ispass" resource="idpstore.jks"/>
+        </sec:trustManagers>
+      </http:tlsClientParameters>
+   </http:conduit>
+    
+   
+   <import resource="RPClaims.xml" />
+
+</beans>
+

Added: cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/signinform.jsp
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/signinform.jsp?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/signinform.jsp (added)
+++ cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/signinform.jsp Sat Dec 22 21:37:14 2012
@@ -0,0 +1,43 @@
+<%@ page import="java.util.Set"%>
+<%@ page import="java.util.HashSet"%>
+<%@ page import="java.lang.reflect.Field"%>
+<%@ page import="org.apache.cxf.fediz.service.idp.FederationFilter"%>
+<%@ page import="org.apache.cxf.fediz.service.idp.HttpFormAuthenticationFilter"%>
+<%@ page import="org.apache.cxf.fediz.service.idp.IdpServlet"%>
+
+<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<title>IDP SignIn Request Form</title>
+</head>
+<body>
+	<form method="POST" name="signinform">
+		<%--
+			Replicating the context.
+		--%>
+		<%
+		Set<String> ctx = new HashSet<String>();
+		Field[] fields = FederationFilter.class.getFields();
+		for (Field f : fields) {
+			if(f.getName().startsWith("PARAM_") && String.class.equals(f.getType())) { 
+				String key = (String) f.get(null);
+				Object value = request.getAttribute(key);
+				if(null != value && value instanceof String) {
+					%>
+		<input type="hidden" name="<%=key%>" value="<%=value%>" readonly="readonly" />
+					<%
+				}
+			}
+		}
+		%>
+		<input type="hidden" name="<%=HttpFormAuthenticationFilter.PARAM_TAG%>" value="<%=HttpFormAuthenticationFilter.PARAM_TAG%>" readonly="readonly" />
+		userid :
+		<input type="text" name="<%=HttpFormAuthenticationFilter.PARAM_USERNAME%>" size="32" /><br />
+		password :
+		<input type="password" name="<%=HttpFormAuthenticationFilter.PARAM_PASSWORD%>" size="32" /><br />
+		<input type="submit" value="Authenticate" />
+	</form>
+</body>
+</html>
\ No newline at end of file

Added: cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/web.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/web.xml (added)
+++ cxf/fediz/trunk/systests/idp/src/main/webapp/WEB-INF/web.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,281 @@
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+                      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+	version="3.0" metadata-complete="true">
+
+	<description>
+    WS Federation Tomcat Example
+    </description>
+	<display-name>WS Federation Tomcat Example</display-name>
+
+	<filter>
+		<filter-name>FederationFilter</filter-name>
+		<filter-class>org.apache.cxf.fediz.service.idp.FederationFilter</filter-class>
+		<!-- 
+		<init-param>
+			<param-name>pre-state</param-name>
+			<param-value>NOT_AUTHENTICATED</param-value>
+		</init-param>
+		-->
+		<!--
+		<init-param>
+			<param-name>next-state</param-name>
+			<param-value>AUTHENTICATION_REQUIRED</param-value>
+		</init-param>
+		-->
+		<init-param>
+			<param-name>session.token</param-name>
+			<param-value>IDP_TOKEN</param-value>
+		</init-param>		
+		
+	</filter>
+
+	<filter>
+		<filter-name>AuthenticationFilter</filter-name>
+		<filter-class>org.apache.cxf.fediz.service.idp.AuthenticationFilter</filter-class>
+		<init-param>
+			<param-name>pre-state</param-name>
+			<param-value>AUTHENTICATION_REQUIRED</param-value>
+		</init-param>
+	</filter>	
+	
+	<filter>
+		<filter-name>BasicAuthenticationFilter</filter-name>
+		<filter-class>org.apache.cxf.fediz.service.idp.BasicAuthenticationFilter</filter-class>
+		<init-param>
+			<param-name>pre-state</param-name>
+			<param-value>USERNAME_PASSWORD_REQUIRED</param-value>
+		</init-param>
+		<init-param>
+			<param-name>next-state</param-name>
+			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
+		</init-param>		
+	</filter>
+	
+	<filter>
+		<filter-name>FormAuthenticationFilter</filter-name>
+		<filter-class>org.apache.cxf.fediz.service.idp.HttpFormAuthenticationFilter</filter-class>
+		<init-param>
+			<param-name>pre-state</param-name>
+			<param-value>USERNAME_PASSWORD_REQUIRED</param-value>
+		</init-param>
+		<init-param>
+			<param-name>next-state</param-name>
+			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
+		</init-param>		
+	</filter>
+	
+	<filter>
+		<filter-name>STSClientFilterRequestor</filter-name>
+		<filter-class>org.apache.cxf.fediz.service.idp.STSClientFilter</filter-class>
+		<init-param>
+			<param-name>pre-state</param-name>
+			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
+		</init-param>
+		<init-param>
+			<param-name>next-state</param-name>
+			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
+		</init-param>			
+		<init-param>
+			<param-name>sts.wsdl.url</param-name>
+			<param-value>https://localhost:${idp.https.port}/fedizidpsts/STSService?wsdl</param-value>
+		</init-param>
+		<init-param>
+			<param-name>sts.wsdl.service</param-name>
+			<param-value>SecurityTokenService</param-value>
+		</init-param>
+		<init-param>
+			<param-name>sts.wsdl.endpoint</param-name>
+			<param-value>TransportUT_Port</param-value>
+		</init-param>
+		<init-param>
+			<param-name>sts.auth-type</param-name>
+			<param-value>USERNAME_PASSWORD</param-value>
+		</init-param>		
+		<init-param>
+			<param-name>sts.applies-to</param-name>
+			<param-value>urn:fediz:idp</param-value>
+		</init-param>
+		<init-param>
+			<param-name>token.store.name</param-name>
+			<param-value>IDP_TOKEN</param-value>
+		</init-param>
+		<!--
+		<init-param>
+			<param-name>token.store.session</param-name>
+			<param-value>true</param-value>
+		</init-param>
+		-->
+		<init-param>
+			<param-name>sts.rstr.content-type</param-name>
+			<param-value>TOKEN</param-value>
+		</init-param>			
+	</filter>
+	
+	<filter>
+		<filter-name>STSClientFilterRP</filter-name>
+		<filter-class>org.apache.cxf.fediz.service.idp.STSClientFilter</filter-class>
+		<init-param>
+			<param-name>pre-state</param-name>
+			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
+		</init-param>
+		<init-param>
+			<param-name>next-state</param-name>
+			<param-value>AUTHENTICATED</param-value>
+		</init-param>			
+		<init-param>
+			<param-name>sts.wsdl.url</param-name>
+			<param-value>https://localhost:${idp.https.port}/fedizidpsts/STSServiceTransport?wsdl</param-value>
+		</init-param>
+		<init-param>
+			<param-name>sts.wsdl.service</param-name>
+			<param-value>SecurityTokenService</param-value>
+		</init-param>
+		<init-param>
+			<param-name>sts.wsdl.endpoint</param-name>
+			<param-value>Transport_Port</param-value>
+		</init-param>
+		<init-param>
+			<param-name>sts.auth-type</param-name>
+			<param-value>NONE</param-value>
+		</init-param>
+		<init-param>
+			<param-name>sts.applies-to</param-name>
+			<param-value>$wtrealm</param-value>
+		</init-param>
+		<init-param>
+			<param-name>sts.onbehalfof.token.name</param-name>
+			<param-value>IDP_TOKEN</param-value>
+		</init-param>		
+		<init-param>
+			<param-name>token.store.name</param-name>
+			<param-value>RP_TOKEN</param-value>
+		</init-param>
+		<init-param>
+			<param-name>sts.rstr.content-type</param-name>
+			<param-value>RSTR</param-value>
+		</init-param>		
+		<init-param>
+			<param-name>sts.claims.required</param-name>
+			<param-value>true</param-value>
+		</init-param>		
+	</filter>	
+
+	<filter>
+		<filter-name>FederationPostFilter</filter-name>
+		<filter-class>org.apache.cxf.fediz.service.idp.FederationPostFilter</filter-class>
+		<init-param>
+			<param-name>pre-state</param-name>
+			<param-value>AUTHENTICATED</param-value>
+		</init-param>
+		<init-param>
+			<param-name>next-state</param-name>
+			<param-value>AUTHENTICATED</param-value>
+		</init-param>		
+		<init-param>
+			<param-name>token.store.name</param-name>
+			<param-value>RP_TOKEN</param-value>		
+		</init-param>
+	</filter>
+
+	<filter>
+		<filter-name>LogoutFilter</filter-name>
+		<filter-class>org.apache.cxf.fediz.service.idp.LogoutFilter</filter-class>
+		<init-param>
+			<param-name>pre-state</param-name>
+			<param-value>AUTHENTICATED</param-value>
+		</init-param>
+		<init-param>
+			<param-name>logout.uri</param-name>
+			<param-value>logout</param-value>
+		</init-param>
+	</filter>
+	
+	<filter>
+		<filter-name>SessionCacheFilter</filter-name>
+		<filter-class>org.apache.cxf.fediz.service.idp.SessionCacheFilter</filter-class>
+		<init-param>
+			<param-name>pre-state</param-name>
+			<param-value>AUTHENTICATED</param-value>
+		</init-param>
+		<init-param>
+			<param-name>next-state</param-name>
+			<param-value>AUTHENTICATED</param-value>
+		</init-param>		
+		<init-param>
+			<param-name>item1</param-name>
+			<param-value>IDP_PRINCIPAL</param-value>		
+		</init-param>
+		<init-param>
+			<param-name>item2</param-name>
+			<param-value>IDP_TOKEN</param-value>		
+		</init-param>		
+	</filter>	
+
+
+
+	<filter-mapping>
+		<filter-name>FederationFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	
+	<filter-mapping>
+		<filter-name>AuthenticationFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+     
+	<filter-mapping>
+		<filter-name>BasicAuthenticationFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	
+	<!-- FORM based authentication -->
+	<!--
+	<filter-mapping>
+		<filter-name>FormAuthenticationFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	-->
+	
+	<filter-mapping>
+		<filter-name>STSClientFilterRequestor</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	
+	<filter-mapping>
+		<filter-name>STSClientFilterRequestor</filter-name>
+                
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	
+	<filter-mapping>
+		<filter-name>STSClientFilterRP</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+
+	<filter-mapping>
+		<filter-name>FederationPostFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+
+	<filter-mapping>
+		<filter-name>LogoutFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>	
+	
+	<filter-mapping>
+		<filter-name>SessionCacheFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	
+
+	<context-param>
+		<param-name>contextConfigLocation</param-name>
+		<param-value>WEB-INF/applicationContext.xml</param-value>
+	</context-param>
+	<listener>
+		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+	</listener>
+
+
+</web-app>

Added: cxf/fediz/trunk/systests/idp/src/main/webapp/index.html
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/idp/src/main/webapp/index.html?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/idp/src/main/webapp/index.html (added)
+++ cxf/fediz/trunk/systests/idp/src/main/webapp/index.html Sat Dec 22 21:37:14 2012
@@ -0,0 +1,25 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<HTML><HEAD><TITLE>WS Federation Tomcat Examples</TITLE>
+<META http-equiv=Content-Type content="text/html">
+</HEAD>
+<BODY>
+<P>
+<H3>Hello World</H3>
+<P></P>
+</BODY></HTML>

Added: cxf/fediz/trunk/systests/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/pom.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/pom.xml (added)
+++ cxf/fediz/trunk/systests/pom.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,68 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+   <modelVersion>4.0.0</modelVersion>
+   <parent>
+       <groupId>org.apache.cxf.fediz</groupId>
+       <artifactId>fediz</artifactId>
+       <version>1.1.0-SNAPSHOT</version>
+   </parent>
+   <groupId>org.apache.cxf.fediz</groupId>
+   <artifactId>systests</artifactId>
+   <name>Apache Fediz System tests</name>
+   <packaging>pom</packaging>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.codehaus.mojo</groupId>
+        <artifactId>build-helper-maven-plugin</artifactId>
+        <version>1.7</version>
+        <executions>
+          <execution>
+            <id>reserve-network-port</id>
+            <goals>
+              <goal>reserve-network-port</goal>
+            </goals>
+            <phase>initialize</phase>
+            <configuration>
+              <portNames>
+                <portName>idp.https.port</portName>
+                <portName>rp.https.port</portName>
+              </portNames>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+
+
+   <modules>
+      <module>idp</module>
+      <module>sts</module>
+      <module>simpleWebapp</module>
+<!--
+      <module>springWebapp</module>
+-->
+      <module>tests</module>
+   </modules>
+
+</project>

Added: cxf/fediz/trunk/systests/simpleWebapp/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/simpleWebapp/pom.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/simpleWebapp/pom.xml (added)
+++ cxf/fediz/trunk/systests/simpleWebapp/pom.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+    <modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.apache.cxf.fediz</groupId>
+		<artifactId>systests</artifactId>
+		<version>1.1.0-SNAPSHOT</version>
+		<relativePath>../pom.xml</relativePath>
+	</parent>
+        <groupId>org.apache.cxf.fediz.systests</groupId>
+    <artifactId>systests-simpleWebapp</artifactId>
+    <name>Apache Fediz Systests SimpleWebapp</name>
+    <packaging>war</packaging>
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>servlet-api</artifactId>
+            <version>2.5</version>
+            <scope>provided</scope>
+        </dependency>
+        <!-- Required to cast Principal to FederationPrincipal -->
+        <dependency>
+            <groupId>org.apache.cxf.fediz</groupId>
+            <artifactId>fediz-core</artifactId>
+            <version>${project.version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-lang3</artifactId>
+            <version>3.0.1</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <!-- Name of the generated WAR file -->
+        <finalName>fedizhelloworld</finalName>
+    </build>
+
+</project>

Added: cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationFilter.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationFilter.java?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationFilter.java (added)
+++ cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationFilter.java Sat Dec 22 21:37:14 2012
@@ -0,0 +1,81 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.example;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+
+import org.w3c.dom.Element;
+
+/**
+ * Add security token to thread local
+ */
+public class FederationFilter implements Filter {
+
+    private static final String DEFAULT_SECURITY_TOKEN_ATTR = "org.apache.fediz.SECURITY_TOKEN";
+    private static final String SECURITY_TOKEN_ATTR_CONFIG = "security.token.attribute";
+
+    private String securityTokenAttr = DEFAULT_SECURITY_TOKEN_ATTR;
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+        String attrName = filterConfig.getInitParameter(SECURITY_TOKEN_ATTR_CONFIG);
+        if (attrName != null) {
+            securityTokenAttr = attrName;
+        }
+    }
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response,
+                         FilterChain chain) throws IOException, ServletException {
+
+        if (request instanceof HttpServletRequest) {
+            HttpServletRequest hrequest = (HttpServletRequest)request;
+            Element el = (Element)hrequest.getSession().getAttribute(securityTokenAttr);
+            if (el != null) {
+                try {
+                    SecurityTokenThreadLocal.setToken(el);
+                    chain.doFilter(request, response);
+                } finally {
+                    SecurityTokenThreadLocal.setToken(null);
+                }
+            } else {
+                chain.doFilter(request, response);
+            }
+
+        } else {
+            chain.doFilter(request, response);
+        }
+    }
+
+    @Override
+    public void destroy() {
+        // TODO Auto-generated method stub
+
+    }
+
+}

Added: cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java (added)
+++ cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/FederationServlet.java Sat Dec 22 21:37:14 2012
@@ -0,0 +1,115 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.example;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.security.Principal;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.transform.OutputKeys;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.w3c.dom.Element;
+
+import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.cxf.fediz.core.Claim;
+import org.apache.cxf.fediz.core.ClaimCollection;
+import org.apache.cxf.fediz.core.FederationPrincipal;
+
+
+public class FederationServlet extends HttpServlet {
+
+    /**
+     * 
+     */
+    private static final long serialVersionUID = -9019993850246851112L;
+
+    public void doGet(HttpServletRequest request, HttpServletResponse response)
+        throws ServletException, IOException {
+
+        response.setContentType("text/html");
+        PrintWriter out = response.getWriter();
+
+        out.println("<html>");
+        out.println("<head><title>WS Federation Tomcat Examples</title></head>");
+        out.println("<body>");
+        out.println("<h1>Hello World</h1>");
+        out.println("Hello world<br>");
+        out.println("Request url: " + request.getRequestURL().toString() + "<p>");
+
+
+        out.println("<br><b>User</b><p>");
+        Principal p = request.getUserPrincipal();
+        if (p != null) {
+            out.println("Principal: " + p.getName() + "<p>");
+        }
+
+        out.println("<br><b>Roles</b><p>");
+        List<String> roleListToCheck = Arrays.asList("Admin", "Manager", "User", "Authenticated");
+        for (String item: roleListToCheck) {
+            out.println("Has role '" + item + "': " + ((request.isUserInRole(item)) ? "<b>yes</b>" : "no") + "<p>");
+        }
+
+        if (p instanceof FederationPrincipal) {
+            FederationPrincipal fp = (FederationPrincipal)p;
+
+            out.println("<br><b>Claims</b><p>");
+            ClaimCollection claims = fp.getClaims();
+            for (Claim c: claims) {
+                out.println(c.getClaimType().toString() + ": " + c.getValue() + "<p>");
+            }
+        } else {
+            out.println("Principal is not instance of FederationPrincipal");
+        }
+
+        Element el = SecurityTokenThreadLocal.getToken();
+        if (el != null) {
+            out.println("<p>Bootstrap token...");
+            String token = null;
+            try {
+                TransformerFactory transFactory = TransformerFactory.newInstance();
+                Transformer transformer = transFactory.newTransformer();
+                StringWriter buffer = new StringWriter();
+                transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
+                transformer.transform(new DOMSource(el),
+                                      new StreamResult(buffer));
+                token = buffer.toString();
+                out.println("<p>" + StringEscapeUtils.escapeXml(token));
+            } catch (Exception ex) {
+                out.println("<p>Failed to transform cached element to string: " + ex.toString());
+            }
+        } else {
+            out.println("<p>Bootstrap token not cached in thread local storage");
+        }
+
+        out.println("</body>");
+    }
+
+}
\ No newline at end of file

Added: cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/SecurityTokenThreadLocal.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/SecurityTokenThreadLocal.java?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/SecurityTokenThreadLocal.java (added)
+++ cxf/fediz/trunk/systests/simpleWebapp/src/main/java/org/apache/cxf/fediz/example/SecurityTokenThreadLocal.java Sat Dec 22 21:37:14 2012
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.example;
+
+import org.w3c.dom.Element;
+
+
+/**
+ * Thread local storage for security token
+ */
+public final class SecurityTokenThreadLocal {
+
+    private static final ThreadLocal<Element> TLS = 
+        new ThreadLocal<Element>();
+
+    private SecurityTokenThreadLocal() {
+    }    
+        
+    public static void setToken(Element token) {
+        if (token == null) { 
+            TLS.remove();
+        } else {
+            TLS.set(token);
+        }
+    }
+
+    public static Element getToken() {
+        return TLS.get();
+    }
+    
+
+}

Added: cxf/fediz/trunk/systests/simpleWebapp/src/main/resources/log4j.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/simpleWebapp/src/main/resources/log4j.properties?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/simpleWebapp/src/main/resources/log4j.properties (added)
+++ cxf/fediz/trunk/systests/simpleWebapp/src/main/resources/log4j.properties Sat Dec 22 21:37:14 2012
@@ -0,0 +1,17 @@
+# Set root category priority to INFO and its only appender to CONSOLE.
+log4j.rootCategory=FATAL, CONSOLE
+#log4j.rootCategory=DEBUG, CONSOLE
+
+# CONSOLE is set to be a ConsoleAppender using a PatternLayout.
+log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
+log4j.appender.CONSOLE.Threshold=DEBUG
+log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
+log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n
+
+# LOGFILE is set to be a File appender using a PatternLayout.
+log4j.appender.LOGFILE=org.apache.log4j.FileAppender
+log4j.appender.LOGFILE.File=target/wss4j.log
+log4j.appender.LOGFILE.Append=false
+log4j.appender.LOGFILE.Threshold=DEBUG
+log4j.appender.LOGFILE.layout=org.apache.log4j.PatternLayout
+log4j.appender.LOGFILE.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n

Added: cxf/fediz/trunk/systests/simpleWebapp/src/main/resources/logging.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/simpleWebapp/src/main/resources/logging.properties?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/simpleWebapp/src/main/resources/logging.properties (added)
+++ cxf/fediz/trunk/systests/simpleWebapp/src/main/resources/logging.properties Sat Dec 22 21:37:14 2012
@@ -0,0 +1,52 @@
+############################################################
+#  	Default Logging Configuration File
+#
+# You can use a different file by specifying a filename
+# with the java.util.logging.config.file system property.  
+# For example java -Djava.util.logging.config.file=myfile
+############################################################
+
+############################################################
+#  	Global properties
+############################################################
+
+# "handlers" specifies a comma separated list of log Handler 
+# classes.  These handlers will be installed during VM startup.
+# Note that these classes must be on the system classpath.
+# By default we only configure a ConsoleHandler, which will only
+# show messages at the WARNING and above levels.
+handlers= java.util.logging.ConsoleHandler
+#handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler
+
+# Default global logging level.
+# This specifies which kinds of events are logged across
+# all loggers.  For any given facility this global level
+# can be overridden by a facility specific level
+# Note that the ConsoleHandler also has a separate level
+# setting to limit messages printed to the console.
+.level= INFO
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+
+# default file output is in user's home directory.
+java.util.logging.FileHandler.pattern = %h/java%u.log
+java.util.logging.FileHandler.limit = 50000
+java.util.logging.FileHandler.count = 1
+java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
+
+# Limit the message that are printed on the console to WARNING and above.
+java.util.logging.ConsoleHandler.level = INFO
+java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
+
+
+############################################################
+# Facility specific properties.
+# Provides extra control for each logger.
+############################################################
+
+# For example, set the com.xyz.foo logger to only log SEVERE
+# messages:
+#com.xyz.foo.level = SEVERE

Added: cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/META-INF/context.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/META-INF/context.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/META-INF/context.xml (added)
+++ cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/META-INF/context.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,3 @@
+<Context>
+        <Valve className="org.apache.cxf.fediz.tomcat.FederationAuthenticator" configFile="conf/fediz_config.xml" />        
+</Context>

Added: cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/WEB-INF/web.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/WEB-INF/web.xml (added)
+++ cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/WEB-INF/web.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,66 @@
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+                      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+	version="3.0" metadata-complete="true">
+
+	<description>
+    WS Federation Tomcat Example
+    </description>
+	<display-name>WS Federation Tomcat Example</display-name>
+
+	<filter>
+		<filter-name>FederationFilter</filter-name>
+		<filter-class>org.apache.cxf.fediz.example.FederationFilter</filter-class>
+		<!--
+		<init-param>
+			<param-name>security.token.attribute</param-name>
+			<param-value>org.apache.fediz.SECURITY_TOKEN</param-value>
+		</init-param>
+		-->
+	</filter>
+
+	<!-- now map this filter to a URL-pattern -->
+	<filter-mapping>
+		<filter-name>FederationFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+
+	<servlet>
+		<servlet-name>FederationServlet</servlet-name>
+		<servlet-class>org.apache.cxf.fediz.example.FederationServlet</servlet-class>
+	</servlet>
+
+	<servlet-mapping>
+		<servlet-name>FederationServlet</servlet-name>
+		<url-pattern>/secure/fedservlet</url-pattern>
+	</servlet-mapping>
+
+	<security-role>
+		<role-name>Manager</role-name>
+	</security-role>
+	<security-role>
+		<role-name>User</role-name>
+	</security-role>
+	<security-role>
+		<role-name>Admin</role-name>
+	</security-role>
+	<security-role>
+		<role-name>Authenticated</role-name>
+	</security-role>				
+
+	<security-constraint>
+		<web-resource-collection>
+			<web-resource-name>Protected Area</web-resource-name>
+			<url-pattern>/secure/*</url-pattern>
+		</web-resource-collection>
+		<auth-constraint>
+			<role-name>*</role-name>
+		</auth-constraint>
+	</security-constraint>
+
+	<login-config>
+		<auth-method>WSFED</auth-method>
+		<realm-name>WSFED</realm-name>
+	</login-config>
+
+</web-app>

Added: cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/index.html
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/index.html?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/index.html (added)
+++ cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/index.html Sat Dec 22 21:37:14 2012
@@ -0,0 +1,25 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<HTML><HEAD><TITLE>WS Federation Tomcat Examples</TITLE>
+<META http-equiv=Content-Type content="text/html">
+</HEAD>
+<BODY>
+<P>
+<H3>Hello World</H3>
+<P></P>
+</BODY></HTML>

Added: cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/secure/test.html
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/secure/test.html?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/secure/test.html (added)
+++ cxf/fediz/trunk/systests/simpleWebapp/src/main/webapp/secure/test.html Sat Dec 22 21:37:14 2012
@@ -0,0 +1,25 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<HTML><HEAD><TITLE>WS Federation Tomcat Examples</TITLE>
+<META http-equiv=Content-Type content="text/html">
+</HEAD>
+<BODY>
+<P>
+<H3>Secure Test</H3>
+<P></P>
+</BODY></HTML>

Added: cxf/fediz/trunk/systests/sts/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/pom.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/pom.xml (added)
+++ cxf/fediz/trunk/systests/sts/pom.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.apache.cxf.fediz</groupId>
+		<artifactId>systests</artifactId>
+		<version>1.1.0-SNAPSHOT</version>
+	</parent>
+        <groupId>org.apache.cxf.fediz.systests</groupId>
+	<artifactId>systests-fediz-idp-sts</artifactId>
+	<name>Apache Fediz Systests STS</name>
+	<packaging>war</packaging>
+
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+	</properties>
+
+	<dependencies>
+	    <dependency>
+           <groupId>org.springframework</groupId>
+           <artifactId>spring-web</artifactId>
+           <version>${spring.version}</version>
+        </dependency>
+		<dependency>
+			<groupId>org.apache.cxf</groupId>
+			<artifactId>cxf-rt-transports-http</artifactId>
+			<version>${cxf.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.cxf</groupId>
+			<artifactId>cxf-rt-frontend-jaxws</artifactId>
+			<version>${cxf.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.cxf</groupId>
+			<artifactId>cxf-rt-ws-policy</artifactId>
+			<version>${cxf.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.cxf.services.sts</groupId>
+			<artifactId>cxf-services-sts-core</artifactId>
+			<version>${cxf.version}</version>
+        </dependency>        
+   </dependencies>
+
+    <build>
+        <!-- Name of the generated WAR file -->
+        <finalName>fedizidpsts</finalName>
+    </build>
+
+</project>

Added: cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/FileClaimsHandler.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/FileClaimsHandler.java?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/FileClaimsHandler.java (added)
+++ cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/FileClaimsHandler.java Sat Dec 22 21:37:14 2012
@@ -0,0 +1,100 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.sts;
+
+import java.net.URI;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.cxf.sts.claims.Claim;
+import org.apache.cxf.sts.claims.ClaimCollection;
+import org.apache.cxf.sts.claims.ClaimsHandler;
+import org.apache.cxf.sts.claims.ClaimsParameters;
+import org.apache.cxf.sts.claims.RequestClaim;
+import org.apache.cxf.sts.claims.RequestClaimCollection;
+
+/**
+ * A custom ClaimsHandler implementation for use in the tests.
+ */
+public class FileClaimsHandler implements ClaimsHandler {
+
+    public static final URI ROLE = 
+        URI.create("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role");
+
+    private Map<String, Map<String, String>> userClaims;
+    private List<URI> supportedClaims;
+
+    public void setUserClaims(Map<String, Map<String, String>> userClaims) {
+        this.userClaims = userClaims;
+    }
+
+    public Map<String, Map<String, String>> getUserClaims() {
+        return userClaims;
+    }
+    
+    public void setSupportedClaims(List<URI> supportedClaims) {
+        this.supportedClaims = supportedClaims;
+    }
+    
+    @Override
+    public List<URI> getSupportedClaimTypes() {
+        return Collections.unmodifiableList(this.supportedClaims);
+    }
+    
+
+    @Override
+    public ClaimCollection retrieveClaimValues(RequestClaimCollection claims,
+            ClaimsParameters parameters) {
+
+        if (getUserClaims() == null) {
+            return new ClaimCollection();
+        }
+
+        if (claims == null || claims.size() == 0) {
+            return new ClaimCollection();
+        }
+
+        Map<String, String> claimMap = getUserClaims().get(parameters.getPrincipal().getName());
+        if (claimMap == null || claimMap.size() == 0) {
+            return new ClaimCollection();
+        }
+
+        if (claims != null && claims.size() > 0) {
+            ClaimCollection claimCollection = new ClaimCollection();
+            for (RequestClaim requestClaim : claims) { 
+                String claimValue = claimMap.get(requestClaim.getClaimType().toString());
+                if (claimValue != null) {
+                    Claim claim = new Claim();
+                    claim.setClaimType(requestClaim.getClaimType());
+                    claim.setIssuer("Test Issuer");
+                    claim.setOriginalIssuer("Original Issuer");
+                    claim.setValue(claimValue);
+                    claimCollection.add(claim);
+                }   
+            }
+            return claimCollection;
+        }
+        return null;
+
+    }
+
+
+
+}

Added: cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/PasswordCallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/PasswordCallbackHandler.java?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/PasswordCallbackHandler.java (added)
+++ cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/PasswordCallbackHandler.java Sat Dec 22 21:37:14 2012
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.sts;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import org.apache.ws.security.WSPasswordCallback;
+
+public class PasswordCallbackHandler implements CallbackHandler {
+
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof WSPasswordCallback) { // CXF
+                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+                if ("mystskey".equals(pc.getIdentifier())) {
+                    pc.setPassword("stskpass");
+                    break;
+                }
+            }
+        }
+    }
+
+}

Added: cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/UsernamePasswordCallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/UsernamePasswordCallbackHandler.java?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/UsernamePasswordCallbackHandler.java (added)
+++ cxf/fediz/trunk/systests/sts/src/main/java/org/apache/cxf/fediz/service/sts/UsernamePasswordCallbackHandler.java Sat Dec 22 21:37:14 2012
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.sts;
+
+import java.io.IOException;
+import java.util.Map;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import org.apache.ws.security.WSPasswordCallback;
+
+public class UsernamePasswordCallbackHandler implements CallbackHandler {
+
+    private Map<String, String> passwords;
+
+    public void setPasswords(Map<String, String> passwords) {
+        this.passwords = passwords;
+    }
+
+    public Map<String, String> getPasswords() {
+        return passwords;
+    }
+
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+
+        if (getPasswords() == null || getPasswords().size() == 0) {
+            return;
+        }
+
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof WSPasswordCallback) { // CXF
+                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+
+                String pw = getPasswords().get(pc.getIdentifier());
+                pc.setPassword(pw);
+            }
+        }
+    }
+
+
+}

Added: cxf/fediz/trunk/systests/sts/src/main/resources/log4j.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/resources/log4j.properties?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/resources/log4j.properties (added)
+++ cxf/fediz/trunk/systests/sts/src/main/resources/log4j.properties Sat Dec 22 21:37:14 2012
@@ -0,0 +1,17 @@
+# Set root category priority to INFO and its only appender to CONSOLE.
+log4j.rootCategory=FATAL, CONSOLE
+#log4j.rootCategory=DEBUG, CONSOLE
+
+# CONSOLE is set to be a ConsoleAppender using a PatternLayout.
+log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
+log4j.appender.CONSOLE.Threshold=DEBUG
+log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
+log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n
+
+# LOGFILE is set to be a File appender using a PatternLayout.
+log4j.appender.LOGFILE=org.apache.log4j.FileAppender
+log4j.appender.LOGFILE.File=target/wss4j.log
+log4j.appender.LOGFILE.Append=false
+log4j.appender.LOGFILE.Threshold=DEBUG
+log4j.appender.LOGFILE.layout=org.apache.log4j.PatternLayout
+log4j.appender.LOGFILE.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n

Added: cxf/fediz/trunk/systests/sts/src/main/resources/logging.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/resources/logging.properties?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/resources/logging.properties (added)
+++ cxf/fediz/trunk/systests/sts/src/main/resources/logging.properties Sat Dec 22 21:37:14 2012
@@ -0,0 +1,52 @@
+############################################################
+#  	Default Logging Configuration File
+#
+# You can use a different file by specifying a filename
+# with the java.util.logging.config.file system property.  
+# For example java -Djava.util.logging.config.file=myfile
+############################################################
+
+############################################################
+#  	Global properties
+############################################################
+
+# "handlers" specifies a comma separated list of log Handler 
+# classes.  These handlers will be installed during VM startup.
+# Note that these classes must be on the system classpath.
+# By default we only configure a ConsoleHandler, which will only
+# show messages at the WARNING and above levels.
+handlers= java.util.logging.ConsoleHandler
+#handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler
+
+# Default global logging level.
+# This specifies which kinds of events are logged across
+# all loggers.  For any given facility this global level
+# can be overridden by a facility specific level
+# Note that the ConsoleHandler also has a separate level
+# setting to limit messages printed to the console.
+.level= INFO
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+
+# default file output is in user's home directory.
+java.util.logging.FileHandler.pattern = %h/java%u.log
+java.util.logging.FileHandler.limit = 50000
+java.util.logging.FileHandler.count = 1
+java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
+
+# Limit the message that are printed on the console to WARNING and above.
+java.util.logging.ConsoleHandler.level = INFO
+java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
+
+
+############################################################
+# Facility specific properties.
+# Provides extra control for each logger.
+############################################################
+
+# For example, set the com.xyz.foo logger to only log SEVERE
+# messages:
+#com.xyz.foo.level = SEVERE

Added: cxf/fediz/trunk/systests/sts/src/main/resources/stsKeystore.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/resources/stsKeystore.properties?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/resources/stsKeystore.properties (added)
+++ cxf/fediz/trunk/systests/sts/src/main/resources/stsKeystore.properties Sat Dec 22 21:37:14 2012
@@ -0,0 +1,6 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=stsspass
+org.apache.ws.security.crypto.merlin.keystore.alias=mystskey
+org.apache.ws.security.crypto.merlin.file=stsstore.jks
+

Added: cxf/fediz/trunk/systests/sts/src/main/resources/stsstore.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/resources/stsstore.jks?rev=1425349&view=auto
==============================================================================
Files cxf/fediz/trunk/systests/sts/src/main/resources/stsstore.jks (added) and cxf/fediz/trunk/systests/sts/src/main/resources/stsstore.jks Sat Dec 22 21:37:14 2012 differ

Added: cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-encrypted-ut.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-encrypted-ut.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-encrypted-ut.xml (added)
+++ cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-encrypted-ut.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans 
+    xmlns="http://www.springframework.org/schema/beans"
+    xmlns:cxf="http://cxf.apache.org/core"
+    xmlns:jaxws="http://cxf.apache.org/jaxws"
+    xmlns:test="http://apache.org/hello_world_soap_http"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns:util="http://www.springframework.org/schema/util"
+    xsi:schemaLocation="
+        http://cxf.apache.org/core
+        http://cxf.apache.org/schemas/core.xsd
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+        http://cxf.apache.org/jaxws                                     
+        http://cxf.apache.org/schemas/jaxws.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+
+    <bean id="encryptedUtSTSProviderBean"
+		class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
+		<property name="issueOperation" ref="encryptedUtIssueDelegate"/>
+		<property name="validateOperation" ref="encryptedUtValidateDelegate"/>
+	</bean>	
+
+	<bean id="encryptedUtIssueDelegate"
+		class="org.apache.cxf.sts.operation.TokenIssueOperation">
+		<property name="tokenProviders" ref="encryptedUtSamlTokenProvider"/>
+		<property name="services" ref="encryptedUtService"/>
+		<property name="stsProperties" ref="encryptedUtSTSProperties"/>
+		<property name="encryptIssuedToken" value="true" />
+	</bean>
+	
+	<bean id="encryptedUtValidateDelegate"
+	    class="org.apache.cxf.sts.operation.TokenValidateOperation">
+	</bean>
+	
+	<bean id="encryptedUtSamlTokenProvider"
+		class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
+    </bean>
+    
+    <bean id="encryptedUtService"
+        class="org.apache.cxf.sts.service.StaticService">
+        <property name="endpoints" ref="encryptedUtEndpoints"/>
+    </bean>
+    
+    <util:list id="encryptedUtEndpoints">
+		<value>http://localhost:(\d)*/doubleit/services/doubleitasymmetricsaml1encrypted</value>
+	</util:list>
+	
+	<bean id="encProperties" class="org.apache.cxf.sts.service.EncryptionProperties">
+        <property name="encryptionAlgorithm" value="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+        <property name="keyWrapAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" />
+    </bean>
+    
+	<bean id="encryptedUtSTSProperties"
+	     class="org.apache.cxf.sts.StaticSTSProperties">
+	    <property name="signaturePropertiesFile" value="stsKeystore.properties"/>
+		<property name="signatureUsername" value="mystskey"/>
+		<property name="callbackHandlerClass" value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler"/>
+		<property name="encryptionPropertiesFile" value="stsKeystore.properties"/>
+		<property name="encryptionProperties" ref="encProperties" />
+		<property name="issuer" value="DoubleItSTSIssuer"/>
+		<property name="encryptionUsername" value="myservicekey"/>
+    </bean>
+    
+	<jaxws:endpoint id="EncryptedUTSTS"
+		implementor="#encryptedUtSTSProviderBean"
+		address="/UTEncrypted" 
+        wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
+        xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+        serviceName="ns1:SecurityTokenService"
+        endpointName="ns1:UTEncrypted_Port">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler"/>
+            <entry key="ws-security.signature.properties" value="stsKeystore.properties"/>
+            <entry key="ws-security.signature.username" value="mystskey"/>
+        </jaxws:properties> 
+	</jaxws:endpoint>
+	
+
+</beans>
+

Added: cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-servlet.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-servlet.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-servlet.xml (added)
+++ cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-servlet.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans 
+    xmlns="http://www.springframework.org/schema/beans"
+    xmlns:cxf="http://cxf.apache.org/core"
+    xmlns:jaxws="http://cxf.apache.org/jaxws"
+    xmlns:test="http://apache.org/hello_world_soap_http"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns:util="http://www.springframework.org/schema/util"
+    xsi:schemaLocation="
+        http://cxf.apache.org/core
+        http://cxf.apache.org/schemas/core.xsd
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+        http://cxf.apache.org/jaxws                                     
+        http://cxf.apache.org/schemas/jaxws.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+    <import resource="classpath:META-INF/cxf/cxf.xml"/>   
+    <import resource="cxf-transport.xml"/>  
+    <!--
+    <import resource="cxf-ut.xml"/>
+    <import resource="cxf-encrypted-ut.xml"/>   
+    <import resource="cxf-x509.xml"/>   
+    -->
+    
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+
+</beans>
+

Added: cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-transport.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-transport.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-transport.xml (added)
+++ cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-transport.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,143 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:cxf="http://cxf.apache.org/core" xmlns:jaxws="http://cxf.apache.org/jaxws"
+	xmlns:test="http://apache.org/hello_world_soap_http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:util="http://www.springframework.org/schema/util" xmlns:http="http://cxf.apache.org/transports/http/configuration"
+	xmlns:sec="http://cxf.apache.org/configuration/security"
+	xsi:schemaLocation="
+        http://cxf.apache.org/core
+        http://cxf.apache.org/schemas/core.xsd
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+        http://cxf.apache.org/jaxws                                     
+        http://cxf.apache.org/schemas/jaxws.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-2.0.xsd
+        http://cxf.apache.org/transports/http/configuration
+        http://cxf.apache.org/schemas/configuration/http-conf.xsd
+        http://cxf.apache.org/configuration/security
+        http://cxf.apache.org/schemas/configuration/security.xsd">
+
+	<cxf:bus>
+		<cxf:features>
+			<cxf:logging />
+		</cxf:features>
+	</cxf:bus>
+
+	<bean id="transportSTSProviderBean"
+		class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
+		<property name="issueOperation" ref="transportIssueDelegate" />
+		<property name="validateOperation" ref="transportValidateDelegate" />
+	</bean>
+
+	<bean id="transportIssueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
+		<property name="tokenProviders" ref="transportTokenProviders" />
+		<property name="tokenValidators" ref="transportTokenValidators" />
+		<property name="services" ref="transportService" />
+		<property name="stsProperties" ref="transportSTSProperties" />
+		<property name="claimsManager" ref="claimsManager" />
+	</bean>
+
+	<bean id="transportValidateDelegate" class="org.apache.cxf.sts.operation.TokenValidateOperation">
+		<property name="tokenValidators" ref="transportTokenValidators" />
+		<property name="stsProperties" ref="transportSTSProperties" />
+	</bean>
+
+	<util:list id="transportTokenProviders">
+		<ref bean="transportSamlTokenProvider" />
+	</util:list>
+
+	<util:list id="transportTokenValidators">
+		<ref bean="transportSamlTokenValidator" />
+	</util:list>
+
+	<bean id="transportSamlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
+		<property name="attributeStatementProviders" ref="attributeStatementProvidersList" />
+		<property name="conditionsProvider" ref="conditionsProvider" />
+	</bean>
+
+	<bean id="conditionsProvider"
+		class="org.apache.cxf.sts.token.provider.DefaultConditionsProvider">
+		<property name="lifetime" value="1200" />
+		<property name="acceptClientLifetime" value="true" />
+	</bean>
+
+	<bean id="transportSamlTokenValidator" class="org.apache.cxf.sts.token.validator.SAMLTokenValidator" />
+
+
+	<bean id="transportX509TokenValidator" class="org.apache.cxf.sts.token.validator.X509TokenValidator" />
+
+
+	<bean id="transportUsernameTokenValidator"
+		class="org.apache.cxf.sts.token.validator.UsernameTokenValidator" />
+
+
+	<util:list id="attributeStatementProvidersList">
+		<ref bean="claimsAttributeProvider" />
+	</util:list>
+
+	<bean id="claimsAttributeProvider"
+		class="org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider" />
+
+	<import resource="userClaims.xml" />
+
+	<bean id="claimsManager" class="org.apache.cxf.sts.claims.ClaimsManager">
+		<property name="claimHandlers" ref="claimHandlerList" />
+	</bean>
+
+	<util:list id="claimHandlerList">
+		<ref bean="fileClaimsHandler" />
+	</util:list>
+
+	<bean id="fileClaimsHandler" class="org.apache.cxf.fediz.service.sts.FileClaimsHandler">
+
+		<property name="userClaims" ref="userClaims" />
+		<property name="supportedClaims" ref="supportedClaims" />
+	</bean>
+
+	<import resource="passwords.xml" />
+
+	<bean id="upCallBackHandler"
+		class="org.apache.cxf.fediz.service.sts.UsernamePasswordCallbackHandler">
+		<property name="passwords" ref="passwords" />
+	</bean>
+
+
+	<bean id="transportService" class="org.apache.cxf.sts.service.StaticService">
+		<property name="endpoints" ref="transportEndpoints" />
+	</bean>
+
+	<util:list id="transportEndpoints">
+		<value>.*</value>
+		<value>https://localhost:(\d)*/doubleit/services/doubleittransport.*</value>
+	</util:list>
+
+	<bean id="transportSTSProperties" class="org.apache.cxf.sts.StaticSTSProperties">
+		<property name="signaturePropertiesFile" value="stsKeystore.properties" />
+		<property name="signatureUsername" value="mystskey" />
+		<property name="callbackHandlerClass"
+			value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler" />
+		<property name="encryptionPropertiesFile" value="stsKeystore.properties" />
+		<property name="issuer" value="DoubleItSTSIssuer" />
+		<property name="encryptionUsername" value="myservicekey" />
+	</bean>
+
+	<jaxws:endpoint id="transportSTS1" implementor="#transportSTSProviderBean"
+		address="/STSService" wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
+		xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+		serviceName="ns1:SecurityTokenService" endpointName="ns1:TransportUT_Port">
+		<jaxws:properties>
+			<entry key="ws-security.callback-handler" value-ref="upCallBackHandler" />
+		</jaxws:properties>
+	</jaxws:endpoint>
+	
+	<jaxws:endpoint id="transportSTS2" implementor="#transportSTSProviderBean"
+		address="/STSServiceTransport" wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
+		xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+		serviceName="ns1:SecurityTokenService" endpointName="ns1:Transport_Port">
+		<jaxws:properties>
+		</jaxws:properties>
+	</jaxws:endpoint>	
+
+</beans>
+

Added: cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-ut.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-ut.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-ut.xml (added)
+++ cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-ut.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,87 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans 
+    xmlns="http://www.springframework.org/schema/beans"
+    xmlns:cxf="http://cxf.apache.org/core"
+    xmlns:jaxws="http://cxf.apache.org/jaxws"
+    xmlns:test="http://apache.org/hello_world_soap_http"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns:util="http://www.springframework.org/schema/util"
+    xsi:schemaLocation="
+        http://cxf.apache.org/core
+        http://cxf.apache.org/schemas/core.xsd
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+        http://cxf.apache.org/jaxws                                     
+        http://cxf.apache.org/schemas/jaxws.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+
+    <bean id="utSTSProviderBean"
+		class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
+		<property name="issueOperation" ref="utIssueDelegate"/>
+		<property name="validateOperation" ref="utValidateDelegate"/>
+	</bean>	
+
+	<bean id="utIssueDelegate"
+		class="org.apache.cxf.sts.operation.TokenIssueOperation">
+		<property name="tokenProviders" ref="utSamlTokenProvider"/>
+		<property name="services" ref="utService"/>
+		<property name="stsProperties" ref="utSTSProperties"/>
+	</bean>
+	
+	<bean id="utValidateDelegate"
+	    class="org.apache.cxf.sts.operation.TokenValidateOperation">
+	    <property name="tokenValidators" ref="utSamlTokenValidator"/>
+		<property name="stsProperties" ref="utSTSProperties"/>
+	</bean>
+	
+	<bean id="utSamlTokenProvider"
+		class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
+    </bean>
+    
+    <bean id="utSamlTokenValidator"
+		class="org.apache.cxf.sts.token.validator.SAMLTokenValidator">
+    </bean>
+    
+    <bean id="utService"
+        class="org.apache.cxf.sts.service.StaticService">
+        <property name="endpoints" ref="utEndpoints"/>
+    </bean>
+    
+    <util:list id="utEndpoints">
+		<value>http://localhost:(\d)*/doubleit/services/doubleit(UT|.*symmetric.*)</value>
+	</util:list>
+	
+	<bean id="utSTSProperties"
+	     class="org.apache.cxf.sts.StaticSTSProperties">
+	    <property name="signaturePropertiesFile" value="stsKeystore.properties"/>
+		<property name="signatureUsername" value="mystskey"/>
+		<property name="callbackHandlerClass" value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler"/>
+		<property name="encryptionPropertiesFile" value="stsKeystore.properties"/>
+		<property name="issuer" value="DoubleItSTSIssuer"/>
+		<property name="encryptionUsername" value="myservicekey" />
+    </bean>
+    
+	<jaxws:endpoint id="UTSTS"
+		implementor="#utSTSProviderBean"
+		address="/UT" 
+        wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
+        xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+        serviceName="ns1:SecurityTokenService"
+        endpointName="ns1:UT_Port">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler"/>
+            <entry key="ws-security.signature.properties" value="stsKeystore.properties"/>
+            <entry key="ws-security.signature.username" value="mystskey"/>
+        </jaxws:properties> 
+	</jaxws:endpoint>
+	
+
+</beans>
+

Added: cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-x509.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-x509.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-x509.xml (added)
+++ cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/cxf-x509.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,89 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans 
+    xmlns="http://www.springframework.org/schema/beans"
+    xmlns:cxf="http://cxf.apache.org/core"
+    xmlns:jaxws="http://cxf.apache.org/jaxws"
+    xmlns:test="http://apache.org/hello_world_soap_http"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns:util="http://www.springframework.org/schema/util"
+    xsi:schemaLocation="
+        http://cxf.apache.org/core
+        http://cxf.apache.org/schemas/core.xsd
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+        http://cxf.apache.org/jaxws                                     
+        http://cxf.apache.org/schemas/jaxws.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+
+    <bean id="x509STSProviderBean"
+		class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
+		<property name="issueOperation" ref="x509IssueDelegate"/>
+		<property name="validateOperation" ref="x509ValidateDelegate"/>
+	</bean>	
+
+	<bean id="x509IssueDelegate"
+		class="org.apache.cxf.sts.operation.TokenIssueOperation">
+		<property name="tokenProviders" ref="x509SamlTokenProvider"/>
+		<property name="services" ref="x509Service"/>
+		<property name="stsProperties" ref="x509STSProperties"/>
+	</bean>
+	
+	<bean id="x509ValidateDelegate"
+	    class="org.apache.cxf.sts.operation.TokenValidateOperation">
+	    <property name="tokenValidators" ref="x509SamlTokenValidator"/>
+		<property name="stsProperties" ref="x509STSProperties"/>
+	</bean>
+	
+	<bean id="x509SamlTokenProvider"
+		class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
+    </bean>
+    
+    <bean id="x509SamlTokenValidator"
+		class="org.apache.cxf.sts.token.validator.SAMLTokenValidator">
+    </bean>
+    
+    <bean id="x509Service"
+        class="org.apache.cxf.sts.service.StaticService">
+        <property name="endpoints" ref="x509Endpoints"/>
+    </bean>
+    
+    <util:list id="x509Endpoints">
+		<value>http://localhost:(\d)*/doubleit/services/doubleitsymmetric.*</value>
+		<value>http://localhost:(\d)*/doubleit/services/doubleitasymmetric.*</value>
+	</util:list>
+	
+	<bean id="x509STSProperties"
+	     class="org.apache.cxf.sts.StaticSTSProperties">
+	    <property name="signaturePropertiesFile" value="stsKeystore.properties"/>
+		<property name="signatureUsername" value="mystskey"/>
+		<property name="callbackHandlerClass" value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler"/>
+		<property name="encryptionPropertiesFile" value="stsKeystore.properties"/>
+		<property name="issuer" value="DoubleItSTSIssuer"/>
+		<property name="encryptionUsername" value="myservicekey" />
+    </bean>
+    
+	<jaxws:endpoint id="X509STS"
+		implementor="#x509STSProviderBean"
+		address="/X509" 
+        wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
+        xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+        serviceName="ns1:SecurityTokenService"
+        endpointName="ns1:X509_Port">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler"/>
+            <entry key="ws-security.signature.properties" value="stsKeystore.properties"/>
+            <entry key="ws-security.signature.username" value="mystskey"/>
+            <entry key="ws-security.encryption.username" value="useReqSigCert"/>
+        </jaxws:properties> 
+	</jaxws:endpoint>
+	
+
+</beans>
+

Added: cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/passwords.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/passwords.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/passwords.xml (added)
+++ cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/passwords.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
+	xsi:schemaLocation="
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+
+
+	<util:map id="passwords">
+		<entry key="alice"
+			value="ecila" />
+		<entry key="bob"
+			value="bob" />
+		<entry key="ted"
+			value="det" />
+	</util:map>
+
+</beans>
\ No newline at end of file

Added: cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/userClaims.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/userClaims.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/userClaims.xml (added)
+++ cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/userClaims.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
+	xsi:schemaLocation="
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+
+	<util:map id="userClaims">
+		<entry key="alice"
+			value-ref="aliceClaims" />
+		<entry key="bob"
+			value-ref="bobClaims" />
+		<entry key="ted"
+			value-ref="tedClaims" />
+	</util:map>
+	
+	<util:map id="aliceClaims">
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"
+			value="Alice" />
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
+			value="Smith" />
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
+			value="alice@mycompany.org" />
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"
+			value="User" />
+			
+	</util:map>
+	
+	<util:map id="bobClaims">
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"
+			value="Bob" />
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
+			value="Windsor" />
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
+			value="bobwindsor@idp.org" />
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"
+			value="User,Manager,Admin" />
+	</util:map>
+	
+	<util:map id="tedClaims">
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"
+			value="Ted" />
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
+			value="Cooper" />
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
+			value="tcooper@hereiam.org" />
+		<entry key="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role"
+			value="" />			
+	</util:map>
+	
+	<util:list id="supportedClaims">
+		<value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</value>
+		<value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</value>
+		<value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</value>
+		<value>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</value>
+	</util:list>
+
+</beans>
\ No newline at end of file

Added: cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/web.xml?rev=1425349&view=auto
==============================================================================
--- cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/web.xml (added)
+++ cxf/fediz/trunk/systests/sts/src/main/webapp/WEB-INF/web.xml Sat Dec 22 21:37:14 2012
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 
+         http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
+	<display-name>CXF STS</display-name>
+	<servlet>
+		<servlet-name>sts</servlet-name>
+		<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
+		<!-- <load-on-startup>1</load-on-startup> -->
+		<init-param>
+			<param-name>config-location</param-name>
+			<param-value>WEB-INF/cxf-servlet.xml</param-value>
+		</init-param>
+	</servlet>
+	<servlet-mapping>
+		<servlet-name>sts</servlet-name>
+		<url-pattern>/*</url-pattern>
+	</servlet-mapping>
+	<session-config>
+		<session-timeout>60</session-timeout>
+	</session-config>
+	
+</web-app>



Mime
View raw message