cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From owu...@apache.org
Subject svn commit: r1535507 - in /cxf/fediz/trunk: examples/samplekeys/ examples/simpleWebapp/src/main/config/ examples/spring2Webapp/src/main/config/ examples/spring2Webapp/src/main/resources/ examples/spring2Webapp/src/main/webapp/WEB-INF/ examples/springPr...
Date Thu, 24 Oct 2013 19:38:23 GMT
Author: owulff
Date: Thu Oct 24 19:38:22 2013
New Revision: 1535507

URL: http://svn.apache.org/r1535507
Log:
Clean up java keystores

Added:
    cxf/fediz/trunk/examples/samplekeys/idp-ssl-server.jks
    cxf/fediz/trunk/examples/samplekeys/rp-ssl-server.jks
      - copied, changed from r1528997, cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks
    cxf/fediz/trunk/examples/samplekeys/ststrust.jks
      - copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
    cxf/fediz/trunk/examples/samplekeys/wsp-ssl-server.jks
    cxf/fediz/trunk/examples/spring2Webapp/src/main/resources/ststrust.jks
      - copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
    cxf/fediz/trunk/examples/springWebapp/src/main/resources/ststrust.jks
      - copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
    cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/stsTruststore.properties
      - copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.properties
    cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/ststrust.jks
      - copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
    cxf/fediz/trunk/plugins/core/src/test/resources/ststrust.jks
      - copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
    cxf/fediz/trunk/services/idp/src/main/resources/idp-ssl-trust.jks
    cxf/fediz/trunk/systests/jetty8/src/test/resources/ststrust.jks
      - copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
    cxf/fediz/trunk/systests/spring2Webapp/src/main/resources/ststrust.jks
      - copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
    cxf/fediz/trunk/systests/springWebapp/src/main/resources/ststrust.jks
      - copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
    cxf/fediz/trunk/systests/tomcat7/src/test/resources/ststrust.jks
      - copied, changed from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
Removed:
    cxf/fediz/trunk/examples/spring2Webapp/src/main/config/fediz_config.xml
    cxf/fediz/trunk/examples/spring2Webapp/src/main/resources/stsstore.jks
    cxf/fediz/trunk/examples/springWebapp/src/main/config/fediz_config.xml
    cxf/fediz/trunk/examples/springWebapp/src/main/resources/stsstore.jks
    cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks
    cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.properties
    cxf/fediz/trunk/services/idp/src/main/resources/idpstore.jks
    cxf/fediz/trunk/systests/jetty8/src/test/resources/stsstore.jks
    cxf/fediz/trunk/systests/spring2Webapp/src/main/resources/stsstore.jks
    cxf/fediz/trunk/systests/springWebapp/src/main/resources/stsstore.jks
    cxf/fediz/trunk/systests/tomcat7/src/test/resources/stsstore.jks
Modified:
    cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html
    cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks
    cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
    cxf/fediz/trunk/examples/spring2Webapp/src/main/webapp/WEB-INF/fediz_config.xml
    cxf/fediz/trunk/examples/springPreauthWebapp/src/main/config/fediz_config.xml
    cxf/fediz/trunk/examples/springWebapp/src/main/webapp/WEB-INF/fediz_config.xml
    cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
    cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/webapp/WEB-INF/applicationContext.xml
    cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
    cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
    cxf/fediz/trunk/plugins/core/src/test/resources/fediz_meta_test_config.xml
    cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml
    cxf/fediz/trunk/services/sts/src/realms/resources/log4j.properties
    cxf/fediz/trunk/services/sts/src/realms/resources/ststrust.jks
    cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java
    cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml
    cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml
    cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java
    cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml

Modified: cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html (original)
+++ cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html Thu Oct 24 19:38:22 2013
@@ -8,37 +8,46 @@ is recommended.</p>
 
 <table border="1" bgcolor="#FFFFCC" align="center">
 <tr bgcolor="#FFCCCC">
-<th>Keystore (Password)</th><th>Alias (Password)</th><th>Location</th><th>Creation Script Used</th><th>Needs to trust</th><th>Is trusted by</th></tr>
-<tr><td colspan="6"><strong><em>Tomcat Keystores:  The Tomcat keys can be simply placed in the root folder of each Tomcat installation.  They are used to configure SSL for the Tomcat instances as described here: <a href="http://cxf.apache.org/fediz-tomcat.html">http://cxf.apache.org/fediz-tomcat.html</a>.  For Tomcat keys only, the keystore password and the private key password needs to be the same.</em></strong></tr>
-<tr><td>tomcat-idp.jks (tompass)</td><td>mytomidpkey (tompass)</td><td>base folder of Tomcat instance holding the IDP and IDP STS</td>
-    <td><code>keytool -genkeypair -validity 730 -alias mytomidpkey -keystore tomcat-idp.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code><br/><br/><code>keytool -keystore tomcat-idp.jks -storepass tompass -export -alias mytomidpkey -file MyTCIDP.cer</code></td>
-    <td>Nobody</td><td>IDP app</td></tr> 
-<tr><td>tomcat-rp.jks (tompass)</td><td>mytomrpkey (tompass)</td><td>base folder of Tomcat instance holding the relying party applications for both samples (simpleWebapp and wsclientWebapp); has the STS public cert added to it because this keystore is configured in conf/fediz_config.xml. <p><em>Note: If desired can avoid adding STS public cert to this keystore if you create a separate truststore for Fediz w/STS public cert (identical to webserviceKeystore.jks below), and use that in fediz_config.xml instead.</em></p></td>
-    <td><code>keytool -genkeypair -validity 730 -alias mytomrpkey -keystore tomcat-rp.jks -dname "cn=localhost" -keypass tompass -storepass tompass<br/><br/>keytool -import -trustcacerts -keystore tomcat-rp.jks -storepass tompass -alias mystskey -file MySTS.cer -noprompt (see stsstore.jks below for MySTS.cer)</code></td>
-    <td>IDP STS (Fediz Tomcat plugin makes STS call)</td><td>Nobody</td></tr> 
-<tr><td>tomcat-wsp.jks (tompass)</td><td>mytomwspkey (tompass)</td><td>base folder of Tomcat instance holding the web service provider in the second (wsClientWebapp) sample</td>
-    <td><code>keytool -genkeypair -validity 730 -alias mytomwspkey -keystore tomcat-wsp.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code><br/><br/><code>keytool -keystore tomcat-wsp.jks -storepass tompass -export -alias mytomwspkey -file MyTCWSP.cer</code></td>
+<th>Keystore (Password)</th><th>Key Alias (Password)</th><th>Location</th><th>Creation Script Used</th><th>Needs to trust</th><th>Is trusted by</th></tr>
+<tr><td colspan="6"><strong><em>Servlet Container Keystores:  The keys can be simply placed in the root folder of each Servlet Container installation.  They are used to configure SSL for the Servlet Container instances as described here for Tomcat: <a href="http://cxf.apache.org/fediz-tomcat.html">http://cxf.apache.org/fediz-tomcat.html</a>.  For Tomcat keys only, the keystore password and the private key password needs to be the same.</em></strong></tr>
+<tr><td>idp-ssl-server.jks (tompass)</td><td>mytomidpkey (tompass)</td><td>base folder of Tomcat instance holding the IDP and IDP STS</td>
+    <td><code>keytool -genkeypair -validity 730 -alias mytomidpkey -keystore idp-ssl-server.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code><br/><br/><code>keytool -keystore idp-ssl-server.jks -storepass tompass -export -alias mytomidpkey -file MyTCIDP.cer</code></td>
+    <td>Nobody</td><td>Fediz IDP module<br/><br/>wsclientWebapp's webapp module<br/><br/>Browser</td></tr> 
+<tr><td>rp-ssl-server.jks (tompass)</td><td>mytomrpkey (tompass)</td><td>base folder of Tomcat instance holding the relying party applications for both samples (simpleWebapp and wsclientWebapp); STS public cert NOT imported anymore - instead use ststrust.jks</td>
+    <td><code>keytool -genkeypair -validity 730 -alias mytomrpkey -keystore rp-ssl-server.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code></td>
+    <td>Nobody</td><td>Browser</td></tr> 
+<tr><td>wsp-ssl-server.jks (tompass)</td><td>mytomwspkey (tompass)</td><td>base folder of Tomcat instance holding the web service provider in the second (wsClientWebapp) sample</td>
+    <td><code>keytool -genkeypair -validity 730 -alias mytomwspkey -keystore wsp-ssl-server.jks -dname "cn=localhost" -keypass tompass -storepass tompass</code><br/><br/><code>keytool -keystore wsp-ssl-server.jks -storepass tompass -export -alias mytomwspkey -file MyTCWSP.cer</code></td>
     <td>Nobody</td><td>wsclientWebapp's webapp module</td></tr> 
 <tr><td colspan="6"><strong><em>Service Keystores:  These Fediz services form the core of the product and can be used with both the sample webapps provided and of course your own web applications.</em></strong></tr>
-<tr><td>idpstore.jks (ispass)</td><td>myidpkey (ikpass)</td><td>services/idp/src/main/resources/idpstore.jks</td>
-    <td><code>keytool -genkey -keyalg RSA -sigalg SHA1withRSA -validity 730 -alias myidpkey -keypass ikpass -storepass ispass -keystore idpstore.jks</code><br/><br/><code>keytool -import -trustcacerts -keystore idpstore.jks -storepass ispass -alias mytomidpkey -file MyTCIDP.cer -noprompt</code><br/><br/><code>keytool -export -rfc -keystore idpstore.jks -storepass ispass -alias myidpkey -file MyIDP.cer</code></td>
+<tr><td>idp-ssl-trust.jks (ispass)</td><td>myidpkey (ikpass)</td><td>services/idp/src/main/resources/idp-ssl-trust.jks</td>
+    <td><code>keytool -import -trustcacerts -keystore idp-ssl-trust.jks -storepass ispass -alias mytomidpkey -file MyTCIDP.cer -noprompt</code></td>
     <td>mytomidpkey (because of SSL call to IDP STS)</td><td>IDP STS</td></tr> 
-<tr><td>stsstore.jks (stsspass)</td><td>mystskey (stskpass)</td><td>services/sts/src/main/resources/stsstore.jks</td>
+<tr><td>stsrealm_a.jks (storepass)</td><td>realma (realma)</td><td>services/sts/src/realms/resources/stsrealm_a.jks</td>
     <td><code>
-keytool -genkey -keyalg RSA -sigalg SHA1withRSA -validity 730 -alias mystskey -keypass stskpass -storepass stsspass -keystore stsstore.jks<br/><br/>
-keytool -import -trustcacerts -keystore stsstore.jks -storepass stsspass -alias myidpkey -file MyIDP.cer -noprompt<br/><br/>
-keytool -export -rfc -keystore stsstore.jks -storepass stsspass -alias mystskey -file MySTS.cer
+keytool -genkeypair -keyalg RSA -validity 3600 -alias realma -keystore stsrealm_a.jks -dname "cn=REALMA" -keypass realma -storepass storepass<br/><br/>
+keytool -export -rfc -keystore stsrealm_a.jks -storepass storepass -alias realma -file realma.cert
 </code>
 </td>
-    <td>myidpkey (because of X.509 auth between IDP and IDP STS)</td><td>wsclientWebapp's webservice</td></tr> 
+    <td>Nobody</td><td>By Relying Party (ststrust.jks)</td></tr>
+<tr><td>stsrealm_b.jks (storepass)</td><td>realmb (realmb)</td><td>services/sts/src/realms/resources/stsrealm_b.jks</td>
+    <td><code>
+keytool -genkeypair -keyalg RSA -validity 3600 -alias realma -keystore stsrealm_b.jks -dname "cn=REALMB" -keypass realmb -storepass storepass<br/><br/>
+keytool -export -rfc -keystore stsrealm_b.jks -storepass storepass -alias realmb -file realmb.cert
+</code>
+</td>
+    <td>Nobody</td><td>By Relying Party (ststrust.jks)</td></tr>
+<tr><td>ststrust.jks (storepass)</td><td>N/A (no key, just a truststore)</td><td>examples/samplekeys/ststrust.jks<br/><br/>services/sts/src/realms/resources/ststrust.jks</td>
+    <td><code>
+keytool -import -trustcacerts -keystore ststrust.jks -storepass storepass -alias realma -file realma.cert -noprompt<br/><br/>
+keytool -import -trustcacerts -keystore ststrust.jks -storepass storepass -alias realmb -file realmb.cert -noprompt
+</code>
+</td>
+    <td>Nobody</td><td>By Relying Party (Fediz configuration file)</td></tr>    
 <tr><td colspan="6"><strong><em>Sample Keystores: No production value, just used for running the "wsclientWebapp" sample provided with Fediz.  (simpleWebapp has/uses no keys).</em></strong></tr>
-<tr><td>webappKeystore.jks (waspass)</td><td>mywakey (wakpass)</td><td>examples/wsclientWebapp/webapp/src/main/resources/webappKeystore.jks</td>
-    <td><code>keytool -genkey -keyalg RSA -sigalg SHA1withRSA -validity 730 -alias mywakey -keypass wakpass -storepass waspass -keystore webappKeystore.jks<br/><br/>
-keytool -import -trustcacerts -keystore webappKeystore.jks -storepass waspass -alias mytomidpkey -file MyTCIDP.cer -noprompt<br/><br/>
-keytool -import -trustcacerts -keystore webappKeystore.jks -storepass waspass -alias mytomwspkey -file MyTCWSP.cer -noprompt<br/><br/>
+<tr><td>webappKeystore.jks (waspass)</td><td>N/A (no key, just a SSL truststore)</td><td>examples/wsclientWebapp/webapp/src/main/resources/webappKeystore.jks</td>
+    <td><code>keytool -import -trustcacerts -keystore webappKeystore.jks -storepass waspass -alias mytomidpkey -file MyTCIDP.cer -noprompt<br/><br/>
+keytool -import -trustcacerts -keystore webappKeystore.jks -storepass waspass -alias mytomwspkey -file MyTCWSP.cer -noprompt
 </code></td>
-    <td>mytomidpkey (to access IDP STS via HTTPS, mytomwspkey (to access web service via HTTPS)</td><td>Nobody</td></tr> 
-<tr><td>webserviceKeystore.jks (wsspass)</td><td>N/A (no key, just a truststore)</td><td>examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks</td>
-    <td><code>keytool -import -trustcacerts -keystore webserviceKeystore.jks -storepass wsspass -alias mystskey -file MySTS.cer -noprompt</code></td>
-    <td>IDP STS (signature verification)</td><td>Nobody</td></tr> 
+    <td>mytomidpkey (to access IDP STS via HTTPS, mytomwspkey (to access web service via HTTPS)</td><td>Nobody</td></tr>  
 </table>

Added: cxf/fediz/trunk/examples/samplekeys/idp-ssl-server.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/idp-ssl-server.jks?rev=1535507&view=auto
==============================================================================
Files cxf/fediz/trunk/examples/samplekeys/idp-ssl-server.jks (added) and cxf/fediz/trunk/examples/samplekeys/idp-ssl-server.jks Thu Oct 24 19:38:22 2013 differ

Copied: cxf/fediz/trunk/examples/samplekeys/rp-ssl-server.jks (from r1528997, cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/rp-ssl-server.jks?p2=cxf/fediz/trunk/examples/samplekeys/rp-ssl-server.jks&p1=cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.

Copied: cxf/fediz/trunk/examples/samplekeys/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/ststrust.jks?p2=cxf/fediz/trunk/examples/samplekeys/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.

Modified: cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/tomcat-rp.jks?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
Binary files - no diff available.

Added: cxf/fediz/trunk/examples/samplekeys/wsp-ssl-server.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/wsp-ssl-server.jks?rev=1535507&view=auto
==============================================================================
Files cxf/fediz/trunk/examples/samplekeys/wsp-ssl-server.jks (added) and cxf/fediz/trunk/examples/samplekeys/wsp-ssl-server.jks Thu Oct 24 19:38:22 2013 differ

Modified: cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/simpleWebapp/src/main/config/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -1,7 +1,8 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file. 
-     Keystore referenced below must have IDP STS' public cert included in it.  This example re-uses the Tomcat SSL 
-     keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead. 
+<!-- Place in Tomcat conf folder or other location as designated in this sample's file. 
+     Keystore referenced below must have IDP STS' public cert included in it.  This example uses the
+     ststrust Truststore (ststrust.jks) for this task.
+     In Fediz 1.0, one keystore was used for SSL and the STS public certificate.
 -->
 <FedizConfig>
 	<contextConfig name="/fedizhelloworld">
@@ -10,12 +11,14 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="tomcat-rp.jks" password="tompass" type="JKS" />
+				<keyStore file="ststrust.jks" password="storepass" type="JKS" />
 			</trustManager>
 		</certificateStores>
 		<trustedIssuers>
 			<issuer subject=".*CN=www.sts.com.*" certificateValidation="ChainTrust"
 				name="DoubleItSTSIssuer" />
+			<issuer subject=".*CN=REALMA.*" certificateValidation="ChainTrust"
+			    name="REALM A"/>
 		</trustedIssuers>
 		<maximumClockSkew>1000</maximumClockSkew>
 		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@@ -24,11 +27,6 @@
 			<issuer>https://localhost:9443/fediz-idp/federation</issuer>
 			<roleDelimiter>,</roleDelimiter>
 			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
-			<!--<authenticationType type="String">some auth type</authenticationType>-->
-            <homeRealm type="Class">org.apache.cxf.fediz.example.HomeRealmCallbackHandler</homeRealm>
-			<!--<freshness>0</freshness>-->
-			<!--<reply>reply value</reply>-->
-			<!--<request>REQUEST</request>-->
 			<claimTypesRequested>
 				<claimType type="a particular claim type" optional="true" />
 			</claimTypesRequested>

Copied: cxf/fediz/trunk/examples/spring2Webapp/src/main/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/spring2Webapp/src/main/resources/ststrust.jks?p2=cxf/fediz/trunk/examples/spring2Webapp/src/main/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.

Modified: cxf/fediz/trunk/examples/spring2Webapp/src/main/webapp/WEB-INF/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/spring2Webapp/src/main/webapp/WEB-INF/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/spring2Webapp/src/main/webapp/WEB-INF/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/spring2Webapp/src/main/webapp/WEB-INF/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -1,7 +1,8 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file. 
-     Keystore referenced below must have IDP STS' public cert included in it.  This example re-uses the Tomcat SSL 
-     keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead. 
+<!-- Place in Tomcat conf folder or other location as designated in this sample's file. 
+     Keystore referenced below must have IDP STS' public cert included in it.  This example uses the
+     ststrust Truststore (ststrust.jks) for this task.
+     In Fediz 1.0, one keystore was used for SSL and the STS public certificate.
 -->
 <FedizConfig>
 	<contextConfig name="/fedizhelloworld">
@@ -10,7 +11,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+				<keyStore file="ststrust.jks" password="storepass" type="JKS" />
 			</trustManager>
 		</certificateStores>
 		<trustedIssuers>
@@ -23,16 +24,10 @@
 		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 			xsi:type="federationProtocolType" version="1.0.0">
 			<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
-			<issuer>https://localhost:9443/fediz-idp/</issuer>
+			<issuer>https://localhost:9443/fediz-idp/federation</issuer>
 			<roleDelimiter>,</roleDelimiter>
 			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
                         <reply>/j_spring_fediz_security_check</reply>
-			<!--<authenticationType type="String">some auth type</authenticationType>-->
-			<!--<homeRealm type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
-			<!--<freshness>0</freshness>-->
-			<!--<reply>reply value</reply>-->
-			<!--<request>REQUEST</request>-->
-			<homeRealm type="String">urn:org:apache:cxf:fediz:idp:realm-A</homeRealm>
 			<claimTypesRequested>
 				<claimType type="a particular claim type" optional="true" />
 			</claimTypesRequested>

Modified: cxf/fediz/trunk/examples/springPreauthWebapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/springPreauthWebapp/src/main/config/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/springPreauthWebapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/springPreauthWebapp/src/main/config/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -1,7 +1,8 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file. 
-     Keystore referenced below must have IDP STS' public cert included in it.  This example re-uses the Tomcat SSL 
-     keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead. 
+<!-- Place in Tomcat conf folder or other location as designated in this sample's file. 
+     Keystore referenced below must have IDP STS' public cert included in it.  This example uses the
+     ststrust Truststore (ststrust.jks) for this task.
+     In Fediz 1.0, one keystore was used for SSL and the STS public certificate.
 -->
 <FedizConfig>
 	<contextConfig name="/fedizhelloworld">
@@ -10,25 +11,22 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="tomcat-rp.jks" password="tompass" type="JKS" />
+				<keyStore file="ststrust.jks" password="storepass" type="JKS" />
 			</trustManager>
 		</certificateStores>
 		<trustedIssuers>
 			<issuer subject=".*CN=www.sts.com.*" certificateValidation="ChainTrust"
 				name="DoubleItSTSIssuer" />
+			<issuer subject=".*CN=REALMA.*" certificateValidation="ChainTrust"
+			    name="REALM A"/>
 		</trustedIssuers>
 		<maximumClockSkew>1000</maximumClockSkew>
 		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 			xsi:type="federationProtocolType" version="1.0.0">
 			<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
-			<issuer>https://localhost:9443/fediz-idp/</issuer>
+			<issuer>https://localhost:9443/fediz-idp/federation</issuer>
 			<roleDelimiter>,</roleDelimiter>
 			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
-			<!--<authenticationType type="String">some auth type</authenticationType>-->
-			<!--<homeRealm type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
-			<!--<freshness>0</freshness>-->
-			<!--<reply>reply value</reply>-->
-			<!--<request>REQUEST</request>-->
 			<claimTypesRequested>
 				<claimType type="a particular claim type" optional="true" />
 			</claimTypesRequested>

Copied: cxf/fediz/trunk/examples/springWebapp/src/main/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/springWebapp/src/main/resources/ststrust.jks?p2=cxf/fediz/trunk/examples/springWebapp/src/main/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.

Modified: cxf/fediz/trunk/examples/springWebapp/src/main/webapp/WEB-INF/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/springWebapp/src/main/webapp/WEB-INF/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/springWebapp/src/main/webapp/WEB-INF/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/springWebapp/src/main/webapp/WEB-INF/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -1,7 +1,8 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file. 
-     Keystore referenced below must have IDP STS' public cert included in it.  This example re-uses the Tomcat SSL 
-     keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead. 
+<!-- Place in Tomcat conf folder or other location as designated in this sample's file. 
+     Keystore referenced below must have IDP STS' public cert included in it.  This example uses the
+     ststrust Truststore (ststrust.jks) for this task.
+     In Fediz 1.0, one keystore was used for SSL and the STS public certificate.
 -->
 <FedizConfig>
 	<contextConfig name="/fedizhelloworld">
@@ -10,7 +11,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+				<keyStore file="ststrust.jks" password="storepass" type="JKS" />
 			</trustManager>
 		</certificateStores>
 		<trustedIssuers>
@@ -23,16 +24,10 @@
 		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 			xsi:type="federationProtocolType" version="1.0.0">
 			<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
-			<issuer>https://localhost:9443/fediz-idp/</issuer>
+			<issuer>https://localhost:9443/fediz-idp/federation</issuer>
 			<roleDelimiter>,</roleDelimiter>
 			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
                         <reply>/j_spring_fediz_security_check</reply>
-			<!--<authenticationType type="String">some auth type</authenticationType>-->
-			<!--<homeRealm type="Class">org.apache.fediz.realm.MyHomeRealm</homeRealm>-->
-			<!--<freshness>0</freshness>-->
-			<!--<reply>reply value</reply>-->
-			<!--<request>REQUEST</request>-->
-			<homeRealm type="String">urn:org:apache:cxf:fediz:idp:realm-A</homeRealm>
 			<claimTypesRequested>
 				<claimType type="a particular claim type" optional="true" />
 			</claimTypesRequested>

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/config/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -1,7 +1,8 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file. 
-     Keystore referenced below must have IDP STS' public cert included in it.  This example re-uses the Tomcat SSL 
-     keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead. 
+<!-- Place in Tomcat conf folder or other location as designated in this sample's file. 
+     Keystore referenced below must have IDP STS' public cert included in it.  This example uses the
+     ststrust Truststore (ststrust.jks) for this task.
+     In Fediz 1.0, one keystore was used for SSL and the STS public certificate.
 -->
 <FedizConfig>
 	<contextConfig name="/fedizhelloworld">
@@ -10,12 +11,14 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="tomcat-rp.jks" password="tompass" type="JKS" />
+				<keyStore file="ststrust.jks" password="storepass" type="JKS" />
 			</trustManager>
 		</certificateStores>
 		<trustedIssuers>
 			<issuer subject=".*CN=www.sts.com.*" certificateValidation="ChainTrust"
 				name="DoubleItSTSIssuer" />
+			<issuer subject=".*CN=REALMA.*" certificateValidation="ChainTrust"
+			    name="REALM A"/>
 		</trustedIssuers>
 		<maximumClockSkew>1000</maximumClockSkew>
 		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@@ -24,11 +27,6 @@
 			<issuer>https://localhost:9443/fediz-idp/federation</issuer>
 			<roleDelimiter>,</roleDelimiter>
 			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
-			<!--<authenticationType type="String">some auth type</authenticationType>-->
-            <homeRealm type="Class">org.apache.cxf.fediz.example.HomeRealmCallbackHandler</homeRealm>
-			<!--<freshness>0</freshness>-->
-			<!--<reply>reply value</reply>-->
-			<!--<request>REQUEST</request>-->
 			<claimTypesRequested>
 				<claimType type="a particular claim type" optional="true" />
 			</claimTypesRequested>

Copied: cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/stsTruststore.properties (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.properties)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/stsTruststore.properties?p2=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/stsTruststore.properties&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.properties&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.properties (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/stsTruststore.properties Thu Oct 24 19:38:22 2013
@@ -1,5 +1,5 @@
 org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
 org.apache.ws.security.crypto.merlin.keystore.type=jks
-org.apache.ws.security.crypto.merlin.keystore.password=wsspass
-org.apache.ws.security.crypto.merlin.keystore.file=webserviceKeystore.jks
+org.apache.ws.security.crypto.merlin.keystore.password=storepass
+org.apache.ws.security.crypto.merlin.keystore.file=ststrust.jks
 

Copied: cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/ststrust.jks?p2=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.

Modified: cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/webapp/WEB-INF/applicationContext.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/webapp/WEB-INF/applicationContext.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/webapp/WEB-INF/applicationContext.xml (original)
+++ cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/webapp/WEB-INF/applicationContext.xml Thu Oct 24 19:38:22 2013
@@ -22,7 +22,7 @@
 		xmlns:svc="http://apache.org/hello_world_soap_http" address="/GreeterService">
 
 		<jaxws:properties>
-			<entry key="ws-security.signature.properties" value="webserviceKeystore.properties" />
+			<entry key="ws-security.signature.properties" value="ststrust.properties" />
 		</jaxws:properties>
 
 		<jaxws:features>

Modified: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java (original)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/FederationProcessorTest.java Thu Oct 24 19:38:22 2013
@@ -1080,8 +1080,8 @@ public class FederationProcessorTest {
         TrustManagersType tm0 = new TrustManagersType();       
         KeyStoreType ks0 = new KeyStoreType();
         ks0.setType("JKS");
-        ks0.setPassword("stsspass");
-        ks0.setFile("stsstore.jks");
+        ks0.setPassword("storepass");
+        ks0.setFile("ststrust.jks");
         tm0.setKeyStore(ks0);
         certStores.getTrustManager().add(tm0);
         config.setCertificateStores(certStores);

Modified: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java (original)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/FedizConfigurationWriterTest.java Thu Oct 24 19:38:22 2013
@@ -65,11 +65,11 @@ public class FedizConfigurationWriterTes
 
     private static final String CONFIG_NAME = "ROOT";
     private static final String CLOCK_SKEW = "1000";
-    private static final String KEYSTORE_FILE = "stsstore.jks";
+    private static final String KEYSTORE_FILE = "ststrust.jks";
 
     private static final String JKS_TYPE = "JKS";
 
-    private static final String KEYSTORE_PASSWORD = "stsspass";
+    private static final String KEYSTORE_PASSWORD = "storepass";
     private static final String KEY_PASSWORD = "stskpass";
     private static final String KEY_ALIAS = "mystskey";
     
@@ -282,4 +282,4 @@ public class FedizConfigurationWriterTes
 
     }
 
-}
\ No newline at end of file
+}

Modified: cxf/fediz/trunk/plugins/core/src/test/resources/fediz_meta_test_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/resources/fediz_meta_test_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/resources/fediz_meta_test_config.xml (original)
+++ cxf/fediz/trunk/plugins/core/src/test/resources/fediz_meta_test_config.xml Thu Oct 24 19:38:22 2013
@@ -6,7 +6,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass"
+				<keyStore file="ststrust.jks" password="storepass"
 					type="JKS" />
 			</trustManager>
 		</certificateStores>
@@ -43,7 +43,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass"
+				<keyStore file="ststrust.jks" password="storepass"
 					type="JKS" />
 			</trustManager>
 		</certificateStores>
@@ -79,7 +79,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass"
+				<keyStore file="ststrust.jks" password="storepass"
 					type="JKS" />
 			</trustManager>
 		</certificateStores>
@@ -106,4 +106,4 @@
 			</claimTypesRequested>
 		</protocol>
 	</contextConfig>
-</FedizConfig>
\ No newline at end of file
+</FedizConfig>

Modified: cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml (original)
+++ cxf/fediz/trunk/plugins/core/src/test/resources/fediz_test_config.xml Thu Oct 24 19:38:22 2013
@@ -6,7 +6,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass"
+				<keyStore file="ststrust.jks" password="storepass"
 					type="JKS" />
 			</trustManager>		
 		</certificateStores>
@@ -43,7 +43,7 @@
 					type="JKS" />
 			</trustManager>	
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass"
+				<keyStore file="ststrust.jks" password="storepass"
 					type="JKS" />
 			</trustManager>		
 		</certificateStores>
@@ -80,7 +80,7 @@
 					type="JKS" />
 			</trustManager>	
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass"
+				<keyStore file="ststrust.jks" password="storepass"
 					type="JKS" />
 			</trustManager>		
 		</certificateStores>
@@ -114,7 +114,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass"
+				<keyStore file="ststrust.jks" password="storepass"
 					type="JKS" />
 			</trustManager>		
 		</certificateStores>
@@ -150,7 +150,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass"
+				<keyStore file="ststrust.jks" password="storepass"
 					type="JKS" />
 			</trustManager>		
 		</certificateStores>
@@ -181,7 +181,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass"
+				<keyStore file="ststrust.jks" password="storepass"
 					type="JKS" />
 			</trustManager>		
 		</certificateStores>
@@ -214,7 +214,7 @@
         </audienceUris>
         <certificateStores>
             <trustManager>
-                <keyStore file="stsstore.jks" password="stsspass"
+                <keyStore file="ststrust.jks" password="storepass"
                     type="JKS" />
             </trustManager>     
         </certificateStores>

Copied: cxf/fediz/trunk/plugins/core/src/test/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/resources/ststrust.jks?p2=cxf/fediz/trunk/plugins/core/src/test/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.

Added: cxf/fediz/trunk/services/idp/src/main/resources/idp-ssl-trust.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/resources/idp-ssl-trust.jks?rev=1535507&view=auto
==============================================================================
Files cxf/fediz/trunk/services/idp/src/main/resources/idp-ssl-trust.jks (added) and cxf/fediz/trunk/services/idp/src/main/resources/idp-ssl-trust.jks Thu Oct 24 19:38:22 2013 differ

Modified: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml (original)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/applicationContext.xml Thu Oct 24 19:38:22 2013
@@ -55,7 +55,7 @@
     <http:conduit name="*.http-conduit">
         <http:tlsClientParameters disableCNCheck="true">
             <sec:trustManagers>
-                <sec:keyStore type="jks" password="ispass" resource="idpstore.jks"/>
+                <sec:keyStore type="jks" password="ispass" resource="idp-ssl-trust.jks"/>
             </sec:trustManagers>
         </http:tlsClientParameters>
     </http:conduit>

Modified: cxf/fediz/trunk/services/sts/src/realms/resources/log4j.properties
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/realms/resources/log4j.properties?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/services/sts/src/realms/resources/log4j.properties (original)
+++ cxf/fediz/trunk/services/sts/src/realms/resources/log4j.properties Thu Oct 24 19:38:22 2013
@@ -28,4 +28,4 @@ log4j.appender.AUDIT.File=${catalina.bas
 log4j.appender.AUDIT.Append=true
 log4j.appender.AUDIT.Threshold=DEBUG
 log4j.appender.AUDIT.layout=org.apache.cxf.sts.event.LoggerPatternLayoutLog4J
-log4j.appender.AUDIT.layout.ConversionPattern=%m%n
\ No newline at end of file
+log4j.appender.AUDIT.layout.ConversionPattern=%m%n

Modified: cxf/fediz/trunk/services/sts/src/realms/resources/ststrust.jks
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/realms/resources/ststrust.jks?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
Files cxf/fediz/trunk/services/sts/src/realms/resources/ststrust.jks (original) and cxf/fediz/trunk/services/sts/src/realms/resources/ststrust.jks Thu Oct 24 19:38:22 2013 differ

Modified: cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java (original)
+++ cxf/fediz/trunk/systests/jetty8/src/test/java/org/apache/cxf/fediz/integrationtests/JettyTest.java Thu Oct 24 19:38:22 2013
@@ -39,7 +39,7 @@ public class JettyTest extends AbstractT
         System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.security.web", "debug");
         System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.security", "debug");
         System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf.fediz", "debug");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf", "debug"); 
+        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf", "info");
 
         idpHttpsPort = System.getProperty("idp.https.port");
         Assert.assertNotNull("Property 'idp.https.port' null", idpHttpsPort);

Modified: cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml (original)
+++ cxf/fediz/trunk/systests/jetty8/src/test/resources/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -10,7 +10,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+				<keyStore file="ststrust.jks" password="storepass" type="JKS" />
 			</trustManager>
 		</certificateStores>
 		<trustedIssuers>
@@ -39,7 +39,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+				<keyStore file="ststrust.jks" password="storepass" type="JKS" />
 			</trustManager>
 		</certificateStores>
 		<trustedIssuers>

Copied: cxf/fediz/trunk/systests/jetty8/src/test/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/jetty8/src/test/resources/ststrust.jks?p2=cxf/fediz/trunk/systests/jetty8/src/test/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.

Modified: cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml (original)
+++ cxf/fediz/trunk/systests/spring/src/test/resources/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -10,7 +10,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+				<keyStore file="ststrust.jks" password="storepass" type="JKS" />
 			</trustManager>
 		</certificateStores>
 		<trustedIssuers>
@@ -44,7 +44,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="stsstore.jks" password="stsspass" type="JKS" />
+				<keyStore file="ststrust.jks" password="storepass" type="JKS" />
 			</trustManager>
 		</certificateStores>
 		<trustedIssuers>

Copied: cxf/fediz/trunk/systests/spring2Webapp/src/main/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/spring2Webapp/src/main/resources/ststrust.jks?p2=cxf/fediz/trunk/systests/spring2Webapp/src/main/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.

Copied: cxf/fediz/trunk/systests/springWebapp/src/main/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/springWebapp/src/main/resources/ststrust.jks?p2=cxf/fediz/trunk/systests/springWebapp/src/main/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.

Modified: cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java (original)
+++ cxf/fediz/trunk/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/TomcatTest.java Thu Oct 24 19:38:22 2013
@@ -74,7 +74,8 @@ public class TomcatTest extends Abstract
         System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient", "debug");
         System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.webflow", "debug");
         System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.security.web", "debug");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf.fediz", "debug"); 
+        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf.fediz", "debug");
+        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf", "info");  
         
         idpHttpsPort = System.getProperty("idp.https.port");
         Assert.assertNotNull("Property 'idp.https.port' null", idpHttpsPort);

Modified: cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml?rev=1535507&r1=1535506&r2=1535507&view=diff
==============================================================================
--- cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml (original)
+++ cxf/fediz/trunk/systests/tomcat7/src/test/resources/fediz_config.xml Thu Oct 24 19:38:22 2013
@@ -10,7 +10,7 @@
 		</audienceUris>
 		<certificateStores>
 			<trustManager>
-				<keyStore file="test-classes/stsstore.jks" password="stsspass" type="JKS" />
+				<keyStore file="test-classes/ststrust.jks" password="storepass" type="JKS" />
 			</trustManager>
 		</certificateStores>
 		<trustedIssuers>

Copied: cxf/fediz/trunk/systests/tomcat7/src/test/resources/ststrust.jks (from r1528997, cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks)
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/systests/tomcat7/src/test/resources/ststrust.jks?p2=cxf/fediz/trunk/systests/tomcat7/src/test/resources/ststrust.jks&p1=cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/src/main/resources/webserviceKeystore.jks&r1=1528997&r2=1535507&rev=1535507&view=diff
==============================================================================
Binary files - no diff available.



Mime
View raw message