cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1500667 - in /cxf/trunk: rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/ systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/ systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_ch...
Date Mon, 08 Jul 2013 11:30:47 GMT
Author: coheigea
Date: Mon Jul  8 11:30:47 2013
New Revision: 1500667

URL: http://svn.apache.org/r1500667
Log:
Fixed a bug in the streaming code + added more system tests

Added:
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/StaxCryptoCoverageCheckerTest.java
      - copied, changed from r1500513, cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/server/StaxServer.java
    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/coverage_checker/server/stax-server.xml
Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java
    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java?rev=1500667&r1=1500666&r2=1500667&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java Mon Jul  8 11:30:47 2013
@@ -122,22 +122,6 @@ public class WSS4JStaxInInterceptor exte
             configureProperties(soapMessage);
             configureCallbackHandler(soapMessage);
             
-            if (getSecurityProperties() != null) {
-                TokenStoreCallbackHandler callbackHandler = 
-                    new TokenStoreCallbackHandler(
-                        getSecurityProperties().getCallbackHandler(), getTokenStore(soapMessage)
-                    );
-                getSecurityProperties().setCallbackHandler(callbackHandler);
-            } else {
-                Map<String, Object> config = getProperties();
-                TokenStoreCallbackHandler callbackHandler = 
-                    new TokenStoreCallbackHandler(
-                        (CallbackHandler)config.get(ConfigurationConstants.PW_CALLBACK_REF), 
-                        getTokenStore(soapMessage)
-                    );
-                config.put(ConfigurationConstants.PW_CALLBACK_REF, callbackHandler);
-            }
-            
             InboundWSSec inboundWSSec = null;
             WSSSecurityProperties secProps = null;
             if (getSecurityProperties() != null) {
@@ -146,6 +130,12 @@ public class WSS4JStaxInInterceptor exte
                 secProps = ConfigurationConverter.convert(getProperties());
             }
             
+            TokenStoreCallbackHandler callbackHandler = 
+                new TokenStoreCallbackHandler(
+                    secProps.getCallbackHandler(), getTokenStore(soapMessage)
+                );
+            secProps.setCallbackHandler(callbackHandler);
+
             setTokenValidators(secProps, soapMessage);
             
             SecurityEventListener securityEventListener = 
@@ -253,6 +243,15 @@ public class WSS4JStaxInInterceptor exte
                     ConfigurationConstants.SIG_VER_PROP_FILE,
                     ConfigurationConstants.SIG_VER_PROP_REF_ID
                 );
+            if (sigVerCrypto == null) {
+                // Fall back to using the Signature properties for verification
+                sigVerCrypto = 
+                    loadCrypto(
+                        msg,
+                        ConfigurationConstants.SIG_PROP_FILE,
+                        ConfigurationConstants.SIG_PROP_REF_ID
+                    );
+            }
             if (sigVerCrypto != null) {
                 config.put(ConfigurationConstants.SIG_VER_PROP_REF_ID, "RefId-" + sigVerCrypto.hashCode());
                 config.put("RefId-" + sigVerCrypto.hashCode(), sigVerCrypto);

Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java?rev=1500667&r1=1500666&r2=1500667&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java Mon Jul  8 11:30:47 2013
@@ -32,6 +32,7 @@ import org.apache.cxf.systest.ws.common.
 import org.apache.cxf.systest.ws.coverage_checker.server.Server;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
+import org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor;
 import org.example.contract.doubleit.DoubleItPortType;
 import org.junit.BeforeClass;
 
@@ -89,8 +90,15 @@ public class DefaultCryptoCoverageChecke
                      + "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        port.doubleIt(25);
+        bus.getOutInterceptors().remove(outInterceptor);
         
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         port.doubleIt(25);
         
         ((java.io.Closeable)port).close();
@@ -123,7 +131,21 @@ public class DefaultCryptoCoverageChecke
         outProps.put("signatureParts",
                      "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not signing the Timestamp");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -163,7 +185,21 @@ public class DefaultCryptoCoverageChecke
                      "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not signing the Timestamp");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -204,8 +240,15 @@ public class DefaultCryptoCoverageChecke
                      + "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        port.doubleIt(25);
+        bus.getOutInterceptors().remove(outInterceptor);
         
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         port.doubleIt(25);
         
         ((java.io.Closeable)port).close();
@@ -238,7 +281,21 @@ public class DefaultCryptoCoverageChecke
         outProps.put("signatureParts",
                      "{}{http://www.w3.org/2003/05/soap-envelope}Body;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not signing the Timestamp");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -278,7 +335,21 @@ public class DefaultCryptoCoverageChecke
                      "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not signing the Timestamp");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -321,9 +392,16 @@ public class DefaultCryptoCoverageChecke
                      "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
         outProps.put("encryptionParts",
                      "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        port.doubleIt(25);
+        bus.getOutInterceptors().remove(outInterceptor);
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
-        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         port.doubleIt(25);
         
         ((java.io.Closeable)port).close();
@@ -362,7 +440,21 @@ public class DefaultCryptoCoverageChecke
                      "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not encrypting the SOAP Body");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -402,9 +494,22 @@ public class DefaultCryptoCoverageChecke
                      "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;"
                      + "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
+
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not signing the WS-Addressing headers");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
         
-        WSS4JOutInterceptor wss4jOutInterceptor = new WSS4JOutInterceptor(outProps);
-        bus.getOutInterceptors().add(wss4jOutInterceptor);
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -412,18 +517,25 @@ public class DefaultCryptoCoverageChecke
         } catch (Exception ex) {
             // expected
         }
+        bus.getOutInterceptors().remove(staxOutInterceptor);
         
         // Now sign the WS-Addressing headers
-        bus.getOutInterceptors().remove(wss4jOutInterceptor);
-        
         outProps.put("signatureParts",
                 "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;"
                 + "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                 + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;"
                 + "{}{http://www.w3.org/2005/08/addressing}ReplyTo;");
         
-        wss4jOutInterceptor = new WSS4JOutInterceptor(outProps);
-        bus.getOutInterceptors().add(wss4jOutInterceptor);
+        // DOM
+        outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        port.doubleIt(25);
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         port.doubleIt(25);
         

Copied: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/StaxCryptoCoverageCheckerTest.java (from r1500513, cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/StaxCryptoCoverageCheckerTest.java?p2=cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/StaxCryptoCoverageCheckerTest.java&p1=cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java&r1=1500513&r2=1500667&rev=1500667&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/DefaultCryptoCoverageCheckerTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/StaxCryptoCoverageCheckerTest.java Mon Jul  8 11:30:47 2013
@@ -29,18 +29,19 @@ import javax.xml.ws.Service;
 import org.apache.cxf.Bus;
 import org.apache.cxf.bus.spring.SpringBusFactory;
 import org.apache.cxf.systest.ws.common.SecurityTestUtil;
-import org.apache.cxf.systest.ws.coverage_checker.server.Server;
+import org.apache.cxf.systest.ws.coverage_checker.server.StaxServer;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
+import org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor;
 import org.example.contract.doubleit.DoubleItPortType;
 import org.junit.BeforeClass;
 
 /**
- * A set of tests for the DefaultCryptoCoverageChecker. It tests both DOM + StAX 
- * clients against the DOM server.
+ * A set of tests for the StaxCryptoCoverageChecker. It tests both DOM + StAX 
+ * clients against the StAX server.
  */
-public class DefaultCryptoCoverageCheckerTest extends AbstractBusClientServerTestBase {
-    public static final String PORT = allocatePort(Server.class);
+public class StaxCryptoCoverageCheckerTest extends AbstractBusClientServerTestBase {
+    public static final String PORT = allocatePort(StaxServer.class);
 
     private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
     private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
@@ -51,7 +52,7 @@ public class DefaultCryptoCoverageChecke
                 "Server failed to launch",
                 // run the server in the same process
                 // set this to false to fork
-                launchServer(Server.class, true)
+                launchServer(StaxServer.class, true)
         );
     }
     
@@ -64,13 +65,13 @@ public class DefaultCryptoCoverageChecke
     @org.junit.Test
     public void testSignedBodyTimestamp() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+        URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
         
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+        URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampPort");
         DoubleItPortType port = 
@@ -89,8 +90,15 @@ public class DefaultCryptoCoverageChecke
                      + "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        port.doubleIt(25);
+        bus.getOutInterceptors().remove(outInterceptor);
         
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         port.doubleIt(25);
         
         ((java.io.Closeable)port).close();
@@ -100,13 +108,13 @@ public class DefaultCryptoCoverageChecke
     @org.junit.Test
     public void testSignedBodyOnly() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+        URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
         
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+        URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampPort");
         DoubleItPortType port = 
@@ -123,7 +131,21 @@ public class DefaultCryptoCoverageChecke
         outProps.put("signatureParts",
                      "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not signing the Timestamp");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -139,13 +161,13 @@ public class DefaultCryptoCoverageChecke
     @org.junit.Test
     public void testSignedTimestampOnly() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+        URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
         
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+        URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampPort");
         DoubleItPortType port = 
@@ -163,7 +185,21 @@ public class DefaultCryptoCoverageChecke
                      "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not signing the Timestamp");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -179,13 +215,13 @@ public class DefaultCryptoCoverageChecke
     @org.junit.Test
     public void testSignedBodyTimestampSoap12() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+        URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
         
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+        URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampSoap12Port");
         DoubleItPortType port = 
@@ -204,8 +240,15 @@ public class DefaultCryptoCoverageChecke
                      + "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        port.doubleIt(25);
+        bus.getOutInterceptors().remove(outInterceptor);
         
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         port.doubleIt(25);
         
         ((java.io.Closeable)port).close();
@@ -215,13 +258,13 @@ public class DefaultCryptoCoverageChecke
     @org.junit.Test
     public void testSignedBodyOnlySoap12() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+        URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
         
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+        URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampSoap12Port");
         DoubleItPortType port = 
@@ -238,7 +281,21 @@ public class DefaultCryptoCoverageChecke
         outProps.put("signatureParts",
                      "{}{http://www.w3.org/2003/05/soap-envelope}Body;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not signing the Timestamp");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -254,13 +311,13 @@ public class DefaultCryptoCoverageChecke
     @org.junit.Test
     public void testSignedTimestampOnlySoap12() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+        URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
         
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+        URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItBodyTimestampSoap12Port");
         DoubleItPortType port = 
@@ -278,7 +335,21 @@ public class DefaultCryptoCoverageChecke
                      "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not signing the Timestamp");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -294,13 +365,13 @@ public class DefaultCryptoCoverageChecke
     @org.junit.Test
     public void testSignedEncryptedBody() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+        URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
         
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+        URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItSignedEncryptedBodyPort");
         DoubleItPortType port = 
@@ -321,9 +392,16 @@ public class DefaultCryptoCoverageChecke
                      "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
         outProps.put("encryptionParts",
                      "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        port.doubleIt(25);
+        bus.getOutInterceptors().remove(outInterceptor);
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
-        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         port.doubleIt(25);
         
         ((java.io.Closeable)port).close();
@@ -333,13 +411,13 @@ public class DefaultCryptoCoverageChecke
     @org.junit.Test
     public void testSignedNotEncryptedBody() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+        URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
         
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+        URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItSignedEncryptedBodyPort");
         DoubleItPortType port = 
@@ -362,7 +440,21 @@ public class DefaultCryptoCoverageChecke
                      "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
         
-        bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
+        
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not encrypting the SOAP Body");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -378,13 +470,13 @@ public class DefaultCryptoCoverageChecke
     @org.junit.Test
     public void testWSAddressing() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
+        URL busFile = StaxCryptoCoverageCheckerTest.class.getResource("client/client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
         
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
+        URL wsdl = StaxCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItWSAPort");
         DoubleItPortType port = 
@@ -402,9 +494,22 @@ public class DefaultCryptoCoverageChecke
                      "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;"
                      + "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                      + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
+
+        // DOM
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
         
-        WSS4JOutInterceptor wss4jOutInterceptor = new WSS4JOutInterceptor(outProps);
-        bus.getOutInterceptors().add(wss4jOutInterceptor);
+        try {
+            port.doubleIt(25);
+            fail("Failure expected on not signing the WS-Addressing headers");
+        } catch (Exception ex) {
+            // expected
+        }
+        bus.getOutInterceptors().remove(outInterceptor);
+        
+        // Streaming
+        WSS4JStaxOutInterceptor staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         try {
             port.doubleIt(25);
@@ -412,86 +517,28 @@ public class DefaultCryptoCoverageChecke
         } catch (Exception ex) {
             // expected
         }
+        bus.getOutInterceptors().remove(staxOutInterceptor);
         
         // Now sign the WS-Addressing headers
-        bus.getOutInterceptors().remove(wss4jOutInterceptor);
-        
         outProps.put("signatureParts",
                 "{}{http://schemas.xmlsoap.org/soap/envelope/}Body;"
                 + "{}{http://docs.oasis-open.org/wss/2004/01/oasis-"
                 + "200401-wss-wssecurity-utility-1.0.xsd}Timestamp;"
                 + "{}{http://www.w3.org/2005/08/addressing}ReplyTo;");
         
-        wss4jOutInterceptor = new WSS4JOutInterceptor(outProps);
-        bus.getOutInterceptors().add(wss4jOutInterceptor);
+        // DOM
+        outInterceptor = new WSS4JOutInterceptor(outProps);
+        bus.getOutInterceptors().add(outInterceptor);
         
         port.doubleIt(25);
+        bus.getOutInterceptors().remove(outInterceptor);
         
-        ((java.io.Closeable)port).close();
-        bus.shutdown(true);
-    }
-    
-    // Here the service is sending an secured message back to the client. For a server Fault 
-    // message it returns the original fault, as the CryptoCoverageChecker is configured not 
-    // to check a fault (see CXF-4954)
-    @org.junit.Test
-    public void testClientChecker() throws Exception {
-        SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
-
-        Bus bus = bf.createBus(busFile.toString());
-        SpringBusFactory.setDefaultBus(bus);
-        SpringBusFactory.setThreadDefaultBus(bus);
-        
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
-        Service service = Service.create(wsdl, SERVICE_QNAME);
-        QName portQName = new QName(NAMESPACE, "DoubleItClientCheckerPort");
-        DoubleItPortType port = 
-                service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port, PORT);
+        // Streaming
+        staxOutInterceptor = new WSS4JStaxOutInterceptor(outProps);
+        bus.getOutInterceptors().add(staxOutInterceptor);
         
         port.doubleIt(25);
         
-        // Now try with a message that will create a Fault in the SEI
-        try {
-            port.doubleIt(0);
-            fail("Failure expected on trying to double 0");
-        } catch (Exception ex) {
-            assertTrue(ex.getMessage().contains("0 can't be doubled"));
-        }
-        
-        ((java.io.Closeable)port).close();
-        bus.shutdown(true);
-    }
-    
-    // Here the service is sending an secured message back to the client. For a server Fault 
-    // message it should return a secured Fault message as well
-    @org.junit.Test
-    public void testClientChecker2() throws Exception {
-        SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = DefaultCryptoCoverageCheckerTest.class.getResource("client/client.xml");
-
-        Bus bus = bf.createBus(busFile.toString());
-        SpringBusFactory.setDefaultBus(bus);
-        SpringBusFactory.setThreadDefaultBus(bus);
-        
-        URL wsdl = DefaultCryptoCoverageCheckerTest.class.getResource("DoubleItCoverageChecker.wsdl");
-        Service service = Service.create(wsdl, SERVICE_QNAME);
-        QName portQName = new QName(NAMESPACE, "DoubleItClientCheckerPort2");
-        DoubleItPortType port = 
-                service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port, PORT);
-        
-        port.doubleIt(25);
-        
-        // Now try with a message that will create a Fault in the SEI
-        try {
-            port.doubleIt(0);
-            fail("Failure expected on trying to double 0");
-        } catch (Exception ex) {
-            assertTrue(ex.getMessage().contains("0 can't be doubled"));
-        }
-        
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }

Added: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/server/StaxServer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/server/StaxServer.java?rev=1500667&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/server/StaxServer.java (added)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/coverage_checker/server/StaxServer.java Mon Jul  8 11:30:47 2013
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.ws.coverage_checker.server;
+
+import java.net.URL;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+public class StaxServer extends AbstractBusTestServerBase {
+
+    public StaxServer() {
+
+    }
+
+    protected void run()  {
+        URL busFile = StaxServer.class.getResource("stax-server.xml");
+        Bus busLocal = new SpringBusFactory().createBus(busFile);
+        BusFactory.setDefaultBus(busLocal);
+        setBus(busLocal);
+    }
+}

Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java?rev=1500667&r1=1500666&r2=1500667&view=diff
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java (original)
+++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/PolicyAlternativeTest.java Mon Jul  8 11:30:47 2013
@@ -36,7 +36,8 @@ import org.junit.BeforeClass;
 
 /**
  * This is a test for policy alternatives. The endpoint requires either a UsernameToken (insecured) OR
- * a message signature using the Asymmetric binding.
+ * a message signature using the Asymmetric binding. It tests both DOM + StAX clients against the 
+ * DOM server
  */
 public class PolicyAlternativeTest extends AbstractBusClientServerTestBase {
     static final String PORT = allocatePort(Server.class);
@@ -81,6 +82,11 @@ public class PolicyAlternativeTest exten
                 service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(utPort, PORT);
         
+        // DOM
+        utPort.doubleIt(25);
+        
+        // Streaming
+        SecurityTestUtil.enableStreaming(utPort);
         utPort.doubleIt(25);
         
         ((java.io.Closeable)utPort).close();
@@ -107,6 +113,7 @@ public class PolicyAlternativeTest exten
                 service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(utPort, PORT);
         
+        // DOM
         try {
             utPort.doubleIt(25);
             fail("Failure expected on no Security");
@@ -114,6 +121,15 @@ public class PolicyAlternativeTest exten
             // expected
         }
         
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(utPort);
+            utPort.doubleIt(25);
+            fail("Failure expected on no Security");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // expected
+        }
+        
         ((java.io.Closeable)utPort).close();
         bus.shutdown(true);
     }
@@ -138,8 +154,13 @@ public class PolicyAlternativeTest exten
                 service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(utPort, PORT);
         
+        // DOM
         utPort.doubleIt(25);
         
+        // TODO See WSS-458 Streaming
+        // SecurityTestUtil.enableStreaming(utPort);
+        // utPort.doubleIt(25);
+        
         ((java.io.Closeable)utPort).close();
         bus.shutdown(true);
     }
@@ -165,6 +186,7 @@ public class PolicyAlternativeTest exten
                 service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(utPort, PORT2);
         
+        // DOM
         try {
             utPort.doubleIt(25);
             fail("Failure expected because no client certificate");
@@ -172,6 +194,15 @@ public class PolicyAlternativeTest exten
             assertTrue(ex.getMessage().contains("HttpsToken"));
         }
         
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(utPort);
+            utPort.doubleIt(25);
+            fail("Failure expected because no client certificate");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // assertTrue(ex.getMessage().contains("HttpsToken"));
+        }
+        
         ((java.io.Closeable)utPort).close();
         bus.shutdown(true);
     }
@@ -197,6 +228,7 @@ public class PolicyAlternativeTest exten
                 service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(transportPort, PORT2);
 
+        // DOM
         try {
             transportPort.doubleIt(25);
             fail("Failure expected on not signing a wsa header");
@@ -204,6 +236,15 @@ public class PolicyAlternativeTest exten
             // expected
         }
         
+        // Streaming
+        try {
+            SecurityTestUtil.enableStreaming(transportPort);
+            transportPort.doubleIt(25);
+            fail("Failure expected because no client certificate");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // assertTrue(ex.getMessage().contains("HttpsToken"));
+        }
+        
         ((java.io.Closeable)transportPort).close();
         bus.shutdown(true);
     }
@@ -230,7 +271,17 @@ public class PolicyAlternativeTest exten
                 service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(transportPort, PORT2);
 
+        // DOM
+        try {
+            transportPort.doubleIt(25);
+            fail("Failure expected on not signing a wsa header");
+        } catch (javax.xml.ws.soap.SOAPFaultException ex) {
+            // expected
+        }
+        
+        // Streaming
         try {
+            SecurityTestUtil.enableStreaming(transportPort);
             transportPort.doubleIt(25);
             fail("Failure expected on not signing a wsa header");
         } catch (javax.xml.ws.soap.SOAPFaultException ex) {

Added: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/coverage_checker/server/stax-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/coverage_checker/server/stax-server.xml?rev=1500667&view=auto
==============================================================================
--- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/coverage_checker/server/stax-server.xml (added)
+++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/coverage_checker/server/stax-server.xml Mon Jul  8 11:30:47 2013
@@ -0,0 +1,153 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ 
+ http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns:jaxws="http://cxf.apache.org/jaxws"
+    xmlns:http="http://cxf.apache.org/transports/http/configuration"
+    xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+    xmlns:sec="http://cxf.apache.org/configuration/security"
+    xmlns:cxf="http://cxf.apache.org/core"
+    xmlns:p="http://cxf.apache.org/policy"
+    xsi:schemaLocation="
+        http://www.springframework.org/schema/beans                     http://www.springframework.org/schema/beans/spring-beans.xsd
+        http://cxf.apache.org/jaxws                                     http://cxf.apache.org/schemas/jaxws.xsd
+        http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
+        http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd
+        http://cxf.apache.org/transports/http/configuration             http://cxf.apache.org/schemas/configuration/http-conf.xsd
+        http://cxf.apache.org/transports/http-jetty/configuration       http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+        http://cxf.apache.org/configuration/security                    http://cxf.apache.org/schemas/configuration/security.xsd
+    ">
+    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+    
+    <cxf:bus>
+        <cxf:features>
+            <p:policies/>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+    
+    <jaxws:endpoint 
+       id="BodyTimestamp"
+       address="http://localhost:${testutil.ports.StaxServer}/DoubleItBodyTimestamp" 
+       serviceName="s:DoubleItService"
+       endpointName="s:DoubleItBodyTimestampPort"
+       xmlns:s="http://www.example.org/contract/DoubleIt"
+       implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+       wsdlLocation="org/apache/cxf/systest/ws/coverage_checker/DoubleItCoverageChecker.wsdl">
+        
+       <jaxws:inInterceptors>
+         <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor">
+           <constructor-arg>
+            <map>
+               <entry key="action" value="Signature Timestamp"/>
+               <entry key="signaturePropFile" value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+               <entry key="passwordCallbackClass" 
+                  value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+            </map>
+           </constructor-arg>
+        </bean>
+        <bean class="org.apache.cxf.ws.security.wss4j.StaxCryptoCoverageChecker"/>
+       </jaxws:inInterceptors>
+    </jaxws:endpoint> 
+    
+    <jaxws:endpoint 
+       id="BodyTimestampSoap12"
+       address="http://localhost:${testutil.ports.StaxServer}/DoubleItBodyTimestampSoap12" 
+       serviceName="s:DoubleItService"
+       endpointName="s:DoubleItBodyTimestampSoap12Port"
+       xmlns:s="http://www.example.org/contract/DoubleIt"
+       implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+       wsdlLocation="org/apache/cxf/systest/ws/coverage_checker/DoubleItCoverageChecker.wsdl">
+        
+       <jaxws:inInterceptors>
+         <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor">
+           <constructor-arg>
+            <map>
+               <entry key="action" value="Signature Timestamp"/>
+               <entry key="signaturePropFile" value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+               <entry key="passwordCallbackClass" 
+                  value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+            </map>
+           </constructor-arg>
+        </bean>
+        <bean class="org.apache.cxf.ws.security.wss4j.StaxCryptoCoverageChecker">
+           <property name="signBody" value="true"/>
+           <property name="signTimestamp" value="true"/>
+        </bean>
+       </jaxws:inInterceptors>
+    </jaxws:endpoint> 
+    
+    <jaxws:endpoint 
+       id="SignedEncryptedBody"
+       address="http://localhost:${testutil.ports.StaxServer}/DoubleItSignedEncrypted" 
+       serviceName="s:DoubleItService"
+       endpointName="s:DoubleItSignedEncryptedBodyPort"
+       xmlns:s="http://www.example.org/contract/DoubleIt"
+       implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+       wsdlLocation="org/apache/cxf/systest/ws/coverage_checker/DoubleItCoverageChecker.wsdl">
+        
+       <jaxws:inInterceptors>
+         <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor">
+           <constructor-arg>
+            <map>
+               <entry key="action" value="Encrypt Signature Timestamp"/>
+               <entry key="signaturePropFile" value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+               <entry key="decryptionPropFile" value="org/apache/cxf/systest/ws/wssec10/client/bob.properties"/>
+               <entry key="passwordCallbackClass" 
+                  value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+            </map>
+           </constructor-arg>
+        </bean>
+        <bean class="org.apache.cxf.ws.security.wss4j.StaxCryptoCoverageChecker">
+           <property name="signBody" value="true"/>
+           <property name="signTimestamp" value="false"/>
+           <property name="encryptBody" value="true"/>
+        </bean>
+       </jaxws:inInterceptors>
+    </jaxws:endpoint> 
+    
+    <jaxws:endpoint 
+       id="WSA"
+       address="http://localhost:${testutil.ports.StaxServer}/DoubleItWSA" 
+       serviceName="s:DoubleItService"
+       endpointName="s:DoubleItWSAPort"
+       xmlns:s="http://www.example.org/contract/DoubleIt"
+       implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
+       wsdlLocation="org/apache/cxf/systest/ws/coverage_checker/DoubleItCoverageChecker.wsdl">
+        
+       <jaxws:inInterceptors>
+         <bean class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor">
+           <constructor-arg>
+            <map>
+               <entry key="action" value="Signature Timestamp"/>
+               <entry key="signaturePropFile" value="org/apache/cxf/systest/ws/wssec10/client/alice.properties"/>
+               <entry key="passwordCallbackClass" 
+                  value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback"/>
+            </map>
+           </constructor-arg>
+        </bean>
+        <bean class="org.apache.cxf.ws.security.wss4j.StaxCryptoCoverageChecker"/>
+       </jaxws:inInterceptors>
+       <jaxws:features>
+           <wsa:addressing xmlns:wsa="http://cxf.apache.org/ws/addressing"/>
+       </jaxws:features>
+    </jaxws:endpoint> 
+    
+</beans>



Mime
View raw message