cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1546973 [2/2] - in /cxf/trunk/services/sts/systests/basic: ./ src/test/java/org/apache/cxf/systest/sts/asymmetric/ src/test/java/org/apache/cxf/systest/sts/bearer/ src/test/java/org/apache/cxf/systest/sts/common/ src/test/java/org/apache/c...
Date Mon, 02 Dec 2013 12:12:22 GMT
Copied: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfCachingTest.java (from r1546615, cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfCachingTest.java?p2=cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfCachingTest.java&p1=cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java&r1=1546615&r2=1546973&rev=1546973&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfCachingTest.java Mon Dec  2 12:12:22 2013
@@ -45,10 +45,8 @@ import org.junit.BeforeClass;
  * it has obtained from an unknown client as an "OnBehalfOf" element. This username is obtained
  * by parsing the "ws-security.username" property. The client then invokes on the service 
  * provider using the returned token from the STS. 
- * 
- * It tests both DOM + StAX clients against the DOM server.
  */
-public class UsernameOnBehalfOfTest extends AbstractBusClientServerTestBase {
+public class UsernameOnBehalfOfCachingTest extends AbstractBusClientServerTestBase {
     
     static final String STSPORT = allocatePort(STSServer.class);
     static final String STSPORT2 = allocatePort(STSServer.class, 2);
@@ -58,8 +56,6 @@ public class UsernameOnBehalfOfTest exte
 
     private static final String PORT = allocatePort(Server.class);
     
-    private static boolean standalone;
-    
     @BeforeClass
     public static void startServers() throws Exception {
         assertTrue(
@@ -68,16 +64,12 @@ public class UsernameOnBehalfOfTest exte
             // set this to false to fork
             launchServer(Server.class, true)
         );
-        String deployment = System.getProperty("sts.deployment");
-        if ("standalone".equals(deployment) || deployment == null) {
-            standalone = true;
-            assertTrue(
-                    "Server failed to launch",
-                    // run the server in the same process
-                    // set this to false to fork
-                    launchServer(STSServer.class, true)
-            );
-        }
+        assertTrue(
+                   "Server failed to launch",
+                   // run the server in the same process
+                   // set this to false to fork
+                   launchServer(STSServer.class, true)
+        );
     }
     
     @org.junit.AfterClass
@@ -86,133 +78,20 @@ public class UsernameOnBehalfOfTest exte
         stopAllServers();
     }
 
-    @org.junit.Test
-    public void testUsernameOnBehalfOf() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
-
-        SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
-
-        Bus bus = bf.createBus(busFile.toString());
-        SpringBusFactory.setDefaultBus(bus);
-        SpringBusFactory.setThreadDefaultBus(bus);
-
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
-        Service service = Service.create(wsdl, SERVICE_QNAME);
-        QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort");
-        DoubleItPortType port = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
-
-        // Transport port
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        doubleIt(port, 25);
-        
-        ((java.io.Closeable)port).close();
-        
-        DoubleItPortType port2 = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port2, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port2, STSPORT2);
-        }
-        ((BindingProvider)port2).getRequestContext().put(
-            "ws-security.username", "eve"
-        );
-        // This time we expect a failure as the server validator doesn't accept "eve".
-        try {
-            doubleIt(port2, 30);
-            fail("Failure expected on an unknown user");
-        } catch (Exception ex) {
-            // expected
-        }
-        
-        ((java.io.Closeable)port2).close();
-        bus.shutdown(true);
-    }
-    
-    @org.junit.Test
-    public void testUsernameOnBehalfOfStreaming() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
-
-        SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
-
-        Bus bus = bf.createBus(busFile.toString());
-        SpringBusFactory.setDefaultBus(bus);
-        SpringBusFactory.setThreadDefaultBus(bus);
-
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
-        Service service = Service.create(wsdl, SERVICE_QNAME);
-        QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort");
-        DoubleItPortType port = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
-        SecurityTestUtil.enableStreaming(port);
-
-        // Transport port
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        doubleIt(port, 25);
-        
-        ((java.io.Closeable)port).close();
-        
-        DoubleItPortType port2 = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port2, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port2, STSPORT2);
-        }
-        SecurityTestUtil.enableStreaming(port2);
-        
-        ((BindingProvider)port2).getRequestContext().put(
-            "ws-security.username", "eve"
-        );
-        // This time we expect a failure as the server validator doesn't accept "eve".
-        try {
-            doubleIt(port2, 30);
-            fail("Failure expected on an unknown user");
-        } catch (Exception ex) {
-            // expected
-        }
-        
-        ((java.io.Closeable)port2).close();
-        bus.shutdown(true);
-    }
-    
     /**
      * Test caching the issued token
      */
     @org.junit.Test
     public void testUsernameOnBehalfOfCaching() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
         
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
+        URL busFile = UsernameOnBehalfOfCachingTest.class.getResource("cxf-client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
 
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
+        URL wsdl = UsernameOnBehalfOfCachingTest.class.getResource("DoubleIt.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort2");
         
@@ -222,9 +101,8 @@ public class UsernameOnBehalfOfTest exte
         DoubleItPortType port = 
             service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
+        
+        TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
         
         TokenStore tokenStore = new MemoryTokenStore();
         ((BindingProvider)port).getRequestContext().put(
@@ -251,9 +129,8 @@ public class UsernameOnBehalfOfTest exte
         DoubleItPortType port2 = 
             service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port2, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port2, STSPORT2);
-        }
+        
+        TokenTestUtils.updateSTSPort((BindingProvider)port2, STSPORT2);
         
         // Change the STSClient so that it can no longer find the STS
         p = (BindingProvider)port2;
@@ -293,28 +170,23 @@ public class UsernameOnBehalfOfTest exte
      */
     @org.junit.Test
     public void testDifferentUsersCaching() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
         
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
+        URL busFile = UsernameOnBehalfOfCachingTest.class.getResource("cxf-client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
 
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
+        URL wsdl = UsernameOnBehalfOfCachingTest.class.getResource("DoubleIt.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort3");
         
         DoubleItPortType port = 
             service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
+        
+        TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
         
         // Disable storing tokens per-proxy
         ((BindingProvider)port).getRequestContext().put(
@@ -388,28 +260,23 @@ public class UsernameOnBehalfOfTest exte
      */
     @org.junit.Test
     public void testAppliesToCaching() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
         
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
+        URL busFile = UsernameOnBehalfOfCachingTest.class.getResource("cxf-client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
 
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
+        URL wsdl = UsernameOnBehalfOfCachingTest.class.getResource("DoubleIt.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort4");
         
         DoubleItPortType port = 
             service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
+       
+        TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
         
         // Disable storing tokens per-proxy
         ((BindingProvider)port).getRequestContext().put(
@@ -484,28 +351,23 @@ public class UsernameOnBehalfOfTest exte
      */
     @org.junit.Test
     public void testNoAppliesToCaching() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
         
         SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
+        URL busFile = UsernameOnBehalfOfCachingTest.class.getResource("cxf-client.xml");
 
         Bus bus = bf.createBus(busFile.toString());
         SpringBusFactory.setDefaultBus(bus);
         SpringBusFactory.setThreadDefaultBus(bus);
 
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
+        URL wsdl = UsernameOnBehalfOfCachingTest.class.getResource("DoubleIt.wsdl");
         Service service = Service.create(wsdl, SERVICE_QNAME);
         QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort5");
         
         DoubleItPortType port = 
             service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
+         
+        TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
         
         // Disable storing tokens per-proxy
         ((BindingProvider)port).getRequestContext().put(

Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java?rev=1546973&r1=1546972&r2=1546973&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java Mon Dec  2 12:12:22 2013
@@ -19,46 +19,50 @@
 package org.apache.cxf.systest.sts.username_onbehalfof;
 
 import java.net.URL;
+import java.util.Arrays;
+import java.util.Collection;
 
 import javax.xml.namespace.QName;
 import javax.xml.ws.BindingProvider;
 import javax.xml.ws.Service;
 
 import org.apache.cxf.Bus;
-import org.apache.cxf.BusException;
 import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.endpoint.EndpointException;
 import org.apache.cxf.systest.sts.common.SecurityTestUtil;
+import org.apache.cxf.systest.sts.common.TestParam;
 import org.apache.cxf.systest.sts.common.TokenTestUtils;
 import org.apache.cxf.systest.sts.deployment.STSServer;
+import org.apache.cxf.systest.sts.deployment.StaxSTSServer;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-import org.apache.cxf.ws.security.SecurityConstants;
-import org.apache.cxf.ws.security.tokenstore.MemoryTokenStore;
-import org.apache.cxf.ws.security.tokenstore.SecurityToken;
-import org.apache.cxf.ws.security.tokenstore.TokenStore;
-import org.apache.cxf.ws.security.trust.STSClient;
 import org.example.contract.doubleit.DoubleItPortType;
 import org.junit.BeforeClass;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized.Parameters;
 
 /**
  * In this test case, a CXF client requests a Security Token from an STS, passing a username that
  * it has obtained from an unknown client as an "OnBehalfOf" element. This username is obtained
  * by parsing the "ws-security.username" property. The client then invokes on the service 
  * provider using the returned token from the STS. 
- * 
- * It tests both DOM + StAX clients against the DOM server.
  */
+@RunWith(value = org.junit.runners.Parameterized.class)
 public class UsernameOnBehalfOfTest extends AbstractBusClientServerTestBase {
     
     static final String STSPORT = allocatePort(STSServer.class);
+    static final String STAX_STSPORT = allocatePort(StaxSTSServer.class);
     static final String STSPORT2 = allocatePort(STSServer.class, 2);
+    static final String STAX_STSPORT2 = allocatePort(StaxSTSServer.class, 2);
     
     private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
     private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
 
     private static final String PORT = allocatePort(Server.class);
     
-    private static boolean standalone;
+    final TestParam test;
+    
+    public UsernameOnBehalfOfTest(TestParam type) {
+        this.test = type;
+    }
     
     @BeforeClass
     public static void startServers() throws Exception {
@@ -68,16 +72,29 @@ public class UsernameOnBehalfOfTest exte
             // set this to false to fork
             launchServer(Server.class, true)
         );
-        String deployment = System.getProperty("sts.deployment");
-        if ("standalone".equals(deployment) || deployment == null) {
-            standalone = true;
-            assertTrue(
-                    "Server failed to launch",
-                    // run the server in the same process
-                    // set this to false to fork
-                    launchServer(STSServer.class, true)
-            );
-        }
+        assertTrue(
+                   "Server failed to launch",
+                   // run the server in the same process
+                   // set this to false to fork
+                   launchServer(STSServer.class, true)
+        );
+        assertTrue(
+                   "Server failed to launch",
+                   // run the server in the same process
+                   // set this to false to fork
+                   launchServer(StaxSTSServer.class, true)
+        );
+    }
+    
+    @Parameters(name = "{0}")
+    public static Collection<TestParam[]> data() {
+       
+        return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT2)},
+                                                {new TestParam(PORT, true, STSPORT2)},
+                                                
+                                                {new TestParam(PORT, false, STAX_STSPORT2)},
+                                                {new TestParam(PORT, true, STAX_STSPORT2)},
+        });
     }
     
     @org.junit.AfterClass
@@ -88,10 +105,6 @@ public class UsernameOnBehalfOfTest exte
 
     @org.junit.Test
     public void testUsernameOnBehalfOf() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
 
         SpringBusFactory bf = new SpringBusFactory();
         URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
@@ -105,64 +118,13 @@ public class UsernameOnBehalfOfTest exte
         QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort");
         DoubleItPortType port = 
             service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
-
-        // Transport port
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        doubleIt(port, 25);
+        updateAddressPort(port, test.getPort());
         
-        ((java.io.Closeable)port).close();
+        TokenTestUtils.updateSTSPort((BindingProvider)port, test.getStsPort());
         
-        DoubleItPortType port2 = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port2, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port2, STSPORT2);
-        }
-        ((BindingProvider)port2).getRequestContext().put(
-            "ws-security.username", "eve"
-        );
-        // This time we expect a failure as the server validator doesn't accept "eve".
-        try {
-            doubleIt(port2, 30);
-            fail("Failure expected on an unknown user");
-        } catch (Exception ex) {
-            // expected
+        if (test.isStreaming()) {
+            SecurityTestUtil.enableStreaming(port);
         }
-        
-        ((java.io.Closeable)port2).close();
-        bus.shutdown(true);
-    }
-    
-    @org.junit.Test
-    public void testUsernameOnBehalfOfStreaming() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
-
-        SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
-
-        Bus bus = bf.createBus(busFile.toString());
-        SpringBusFactory.setDefaultBus(bus);
-        SpringBusFactory.setThreadDefaultBus(bus);
-
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
-        Service service = Service.create(wsdl, SERVICE_QNAME);
-        QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort");
-        DoubleItPortType port = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
-        SecurityTestUtil.enableStreaming(port);
 
         // Transport port
         ((BindingProvider)port).getRequestContext().put(
@@ -174,11 +136,13 @@ public class UsernameOnBehalfOfTest exte
         
         DoubleItPortType port2 = 
             service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port2, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port2, STSPORT2);
+        updateAddressPort(port2, test.getPort());
+        
+        TokenTestUtils.updateSTSPort((BindingProvider)port2, test.getStsPort());
+        
+        if (test.isStreaming()) {
+            SecurityTestUtil.enableStreaming(port2);
         }
-        SecurityTestUtil.enableStreaming(port2);
         
         ((BindingProvider)port2).getRequestContext().put(
             "ws-security.username", "eve"
@@ -195,361 +159,6 @@ public class UsernameOnBehalfOfTest exte
         bus.shutdown(true);
     }
     
-    /**
-     * Test caching the issued token
-     */
-    @org.junit.Test
-    public void testUsernameOnBehalfOfCaching() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
-        
-        SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
-
-        Bus bus = bf.createBus(busFile.toString());
-        SpringBusFactory.setDefaultBus(bus);
-        SpringBusFactory.setThreadDefaultBus(bus);
-
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
-        Service service = Service.create(wsdl, SERVICE_QNAME);
-        QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort2");
-        
-        //
-        // Proxy no. 1
-        // 
-        DoubleItPortType port = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
-        
-        TokenStore tokenStore = new MemoryTokenStore();
-        ((BindingProvider)port).getRequestContext().put(
-            TokenStore.class.getName(), tokenStore
-        );
-
-        // Make a successful invocation
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        doubleIt(port, 25);
-        
-        // Change the STSClient so that it can no longer find the STS
-        BindingProvider p = (BindingProvider)port;
-        clearSTSClient(p);
-        
-        // This invocation should be successful as the token is cached
-        doubleIt(port, 25);
-        
-        ((java.io.Closeable)port).close();
-        // 
-        // Proxy no. 2
-        //
-        DoubleItPortType port2 = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port2, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port2, STSPORT2);
-        }
-        
-        // Change the STSClient so that it can no longer find the STS
-        p = (BindingProvider)port2;
-        clearSTSClient(p);
-        
-        // This should fail as the cache is not being used
-        try {
-            doubleIt(port2, 40);
-            fail("Failure expected as the token is not stored in the cache");
-        } catch (Exception ex) {
-            // expected
-        }
-        
-        // Set the cache correctly
-        p.getRequestContext().put(TokenStore.class.getName(), tokenStore);
-        
-        // Make another invocation - this should succeed as the token is cached
-        p.getRequestContext().put("ws-security.username", "alice");
-        doubleIt(port2, 40);
-        
-        // Reset the cache - this invocation should fail
-        p.getRequestContext().put(TokenStore.class.getName(), new MemoryTokenStore());
-        p.getRequestContext().put(SecurityConstants.TOKEN, new SecurityToken());
-        try {
-            doubleIt(port2, 40);
-            fail("Failure expected as the cache is reset");
-        } catch (Exception ex) {
-            // expected
-        }
-        
-        ((java.io.Closeable)port2).close();
-        bus.shutdown(true);
-    }
-    
-    /**
-     * Test caching the issued token when the STSClient is deployed in an intermediary
-     */
-    @org.junit.Test
-    public void testDifferentUsersCaching() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
-        
-        SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
-
-        Bus bus = bf.createBus(busFile.toString());
-        SpringBusFactory.setDefaultBus(bus);
-        SpringBusFactory.setThreadDefaultBus(bus);
-
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
-        Service service = Service.create(wsdl, SERVICE_QNAME);
-        QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort3");
-        
-        DoubleItPortType port = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
-        
-        // Disable storing tokens per-proxy
-        ((BindingProvider)port).getRequestContext().put(
-            SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, "false"
-        );
-        
-        // Make a successful invocation
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        doubleIt(port, 25);
-        
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "bob"
-        );
-        doubleIt(port, 30);
-        
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "eve"
-        );
-        try {
-            doubleIt(port, 30);
-            fail("Failure expected on a bad user");
-        } catch (Exception ex) {
-            //
-        }
-        
-        // Change the STSClient so that it can no longer find the STS
-        BindingProvider p = (BindingProvider)port;
-        clearSTSClient(p);
-        
-        // Make a successful invocation
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        doubleIt(port, 25);
-        
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "bob"
-        );
-        doubleIt(port, 30);
-        
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "eve2"
-        );
-        try {
-            doubleIt(port, 30);
-            fail("Failure expected on a bad user");
-        } catch (Exception ex) {
-            //
-        }
-        
-        // Reset the cache - this invocation should fail
-        p.getRequestContext().put(TokenStore.class.getName(), new MemoryTokenStore());
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        try {
-            doubleIt(port, 30);
-            fail("Failure expected");
-        } catch (Exception ex) {
-            //
-        }
-        
-        ((java.io.Closeable)port).close();
-        bus.shutdown(true);
-    }
-    
-    /**
-     * Test caching the issued token when the STSClient is deployed in an intermediary
-     */
-    @org.junit.Test
-    public void testAppliesToCaching() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
-        
-        SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
-
-        Bus bus = bf.createBus(busFile.toString());
-        SpringBusFactory.setDefaultBus(bus);
-        SpringBusFactory.setThreadDefaultBus(bus);
-
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
-        Service service = Service.create(wsdl, SERVICE_QNAME);
-        QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort4");
-        
-        DoubleItPortType port = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
-        
-        // Disable storing tokens per-proxy
-        ((BindingProvider)port).getRequestContext().put(
-            SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, "false"
-        );
-        
-        // Make a successful invocation
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        BindingProvider p = (BindingProvider)port;
-        p.getRequestContext().put(
-            SecurityConstants.STS_APPLIES_TO, 
-            "http://localhost:" + PORT + "/doubleit/services/doubleitasymmetricnew"
-        );
-        doubleIt(port, 25);
-        
-        // Make a successful invocation
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "bob"
-        );
-        p.getRequestContext().put(
-            SecurityConstants.STS_APPLIES_TO, 
-            "http://localhost:" + PORT + "/doubleit/services/doubleitasymmetricnew2"
-        );
-        doubleIt(port, 25);
-        
-        // Change the STSClient so that it can no longer find the STS
-        clearSTSClient(p);
-        
-        // Make a successful invocation - should work as token is cached
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        p.getRequestContext().put(
-            SecurityConstants.STS_APPLIES_TO, 
-            "http://localhost:" + PORT + "/doubleit/services/doubleitasymmetricnew"
-        );
-        doubleIt(port, 25);
-        
-        // Make a successful invocation - should work as token is cached
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "bob"
-        );
-        p.getRequestContext().put(
-            SecurityConstants.STS_APPLIES_TO, 
-            "http://localhost:" + PORT + "/doubleit/services/doubleitasymmetricnew2"
-        );
-        doubleIt(port, 25);
-        
-        // Change appliesTo - should fail
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        p.getRequestContext().put(
-            SecurityConstants.STS_APPLIES_TO, 
-            "http://localhost:" + PORT + "/doubleit/services/doubleitasymmetricnew2"
-        );
-        try {
-            doubleIt(port, 30);
-            fail("Failure expected");
-        } catch (Exception ex) {
-            //
-        }
-        
-        ((java.io.Closeable)port).close();
-        bus.shutdown(true);
-    }
-    
-    /**
-     * Test caching the issued token when the STSClient is deployed in an intermediary
-     */
-    @org.junit.Test
-    public void testNoAppliesToCaching() throws Exception {
-        // Only run these tests for the standalone scenario.
-        if (!standalone) {
-            return;
-        }
-        
-        SpringBusFactory bf = new SpringBusFactory();
-        URL busFile = UsernameOnBehalfOfTest.class.getResource("cxf-client.xml");
-
-        Bus bus = bf.createBus(busFile.toString());
-        SpringBusFactory.setDefaultBus(bus);
-        SpringBusFactory.setThreadDefaultBus(bus);
-
-        URL wsdl = UsernameOnBehalfOfTest.class.getResource("DoubleIt.wsdl");
-        Service service = Service.create(wsdl, SERVICE_QNAME);
-        QName portQName = new QName(NAMESPACE, "DoubleItOBOAsymmetricSAML2BearerPort5");
-        
-        DoubleItPortType port = 
-            service.getPort(portQName, DoubleItPortType.class);
-        updateAddressPort(port, PORT);
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)port, STSPORT2);
-        }
-        
-        // Disable storing tokens per-proxy
-        ((BindingProvider)port).getRequestContext().put(
-            SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT, "false"
-        );
-        
-        // Make a successful invocation
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "alice"
-        );
-        // Disable appliesTo
-        BindingProvider p = (BindingProvider)port;
-        STSClient stsClient = (STSClient)p.getRequestContext().get(SecurityConstants.STS_CLIENT);
-        stsClient.setEnableAppliesTo(false);
-        doubleIt(port, 25);
-        
-        // Change the STSClient so that it can no longer find the STS
-        clearSTSClient(p);
-        
-        // This should work
-        doubleIt(port, 25);
-        
-        // Bob should fail
-        ((BindingProvider)port).getRequestContext().put(
-            "ws-security.username", "bob"
-        );
-        try {
-            doubleIt(port, 30);
-            fail("Failure expected");
-        } catch (Exception ex) {
-            //
-        }
-        
-        ((java.io.Closeable)port).close();
-        bus.shutdown(true);
-    }
-    
-    private void clearSTSClient(BindingProvider p) throws BusException, EndpointException {
-        STSClient stsClient = (STSClient)p.getRequestContext().get(SecurityConstants.STS_CLIENT);
-        stsClient.getClient().destroy();
-        stsClient.setWsdlLocation(null);
-        stsClient.setLocation(null);
-    }
-    
     private static void doubleIt(DoubleItPortType port, int numToDouble) {
         int resp = port.doubleIt(numToDouble);
         assertEquals(2 * numToDouble, resp);

Modified: cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java?rev=1546973&r1=1546972&r2=1546973&view=diff
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java (original)
+++ cxf/trunk/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/x509_symmetric/X509SymmetricBindingTest.java Mon Dec  2 12:12:22 2013
@@ -32,6 +32,7 @@ import org.apache.cxf.systest.sts.common
 import org.apache.cxf.systest.sts.common.TestParam;
 import org.apache.cxf.systest.sts.common.TokenTestUtils;
 import org.apache.cxf.systest.sts.deployment.STSServer;
+import org.apache.cxf.systest.sts.deployment.StaxSTSServer;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 import org.example.contract.doubleit.DoubleItPortType;
 import org.junit.BeforeClass;
@@ -47,7 +48,9 @@ import org.junit.runners.Parameterized.P
 public class X509SymmetricBindingTest extends AbstractBusClientServerTestBase {
     
     static final String STSPORT = allocatePort(STSServer.class);
+    static final String STAX_STSPORT = allocatePort(StaxSTSServer.class);
     static final String STSPORT2 = allocatePort(STSServer.class, 2);
+    static final String STAX_STSPORT2 = allocatePort(StaxSTSServer.class, 2);
     
     private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
     private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");
@@ -55,8 +58,6 @@ public class X509SymmetricBindingTest ex
     private static final String PORT = allocatePort(Server.class);
     private static final String STAX_PORT = allocatePort(StaxServer.class);
     
-    private static boolean standalone;
-    
     final TestParam test;
     
     public X509SymmetricBindingTest(TestParam type) {
@@ -77,25 +78,32 @@ public class X509SymmetricBindingTest ex
                    // set this to false to fork
                    launchServer(StaxServer.class, true)
         );
-        String deployment = System.getProperty("sts.deployment");
-        if ("standalone".equals(deployment) || deployment == null) {
-            standalone = true;
-            assertTrue(
-                    "Server failed to launch",
-                    // run the server in the same process
-                    // set this to false to fork
-                    launchServer(STSServer.class, true)
-            );
-        }
+        assertTrue(
+                   "Server failed to launch",
+                   // run the server in the same process
+                   // set this to false to fork
+                   launchServer(STSServer.class, true)
+        );
+        assertTrue(
+                   "Server failed to launch",
+                   // run the server in the same process
+                   // set this to false to fork
+                   launchServer(StaxSTSServer.class, true)
+        );
     }
     
     @Parameters(name = "{0}")
     public static Collection<TestParam[]> data() {
        
-        return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
-                                                {new TestParam(PORT, true)},
-                                                {new TestParam(STAX_PORT, false)},
-                                                {new TestParam(STAX_PORT, true)},
+        return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false, STSPORT2)},
+                                                {new TestParam(PORT, true, STSPORT2)},
+                                                {new TestParam(STAX_PORT, false, STSPORT2)},
+                                                {new TestParam(STAX_PORT, true, STSPORT2)},
+                                                
+                                                {new TestParam(PORT, false, STAX_STSPORT2)},
+                                                {new TestParam(PORT, true, STAX_STSPORT2)},
+                                                {new TestParam(STAX_PORT, false, STAX_STSPORT2)},
+                                                {new TestParam(STAX_PORT, true, STAX_STSPORT2)},
         });
     }
     
@@ -121,9 +129,8 @@ public class X509SymmetricBindingTest ex
         DoubleItPortType symmetricSaml1Port = 
             service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(symmetricSaml1Port, test.getPort());
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, STSPORT2);
-        }
+        
+        TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml1Port, test.getStsPort());
         
         if (test.isStreaming()) {
             SecurityTestUtil.enableStreaming(symmetricSaml1Port);
@@ -151,9 +158,8 @@ public class X509SymmetricBindingTest ex
         DoubleItPortType symmetricSaml2Port = 
             service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(symmetricSaml2Port, test.getPort());
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT2);
-        }
+        
+        TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, test.getStsPort());
         
         if (test.isStreaming()) {
             SecurityTestUtil.enableStreaming(symmetricSaml2Port);
@@ -182,9 +188,8 @@ public class X509SymmetricBindingTest ex
         DoubleItPortType symmetricSaml2Port = 
             service.getPort(portQName, DoubleItPortType.class);
         updateAddressPort(symmetricSaml2Port, test.getPort());
-        if (standalone) {
-            TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, STSPORT2);
-        }
+        
+        TokenTestUtils.updateSTSPort((BindingProvider)symmetricSaml2Port, test.getStsPort());
         
         if (test.isStreaming()) {
             SecurityTestUtil.enableStreaming(symmetricSaml2Port);

Added: cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-encrypted-ut.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-encrypted-ut.xml?rev=1546973&view=auto
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-encrypted-ut.xml (added)
+++ cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-encrypted-ut.xml Mon Dec  2 12:12:22 2013
@@ -0,0 +1,60 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:cxf="http://cxf.apache.org/core" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:test="http://apache.org/hello_world_soap_http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="         http://cxf.apache.org/core         http://cxf.apache.org/schemas/core.xsd         http://www.springframework.org/schema/beans         http://www.springframework.org/schema/beans/spring-beans-2.0.xsd         http://cxf.apache.org/jaxws                                              http://cxf.apache.org/schemas/jaxws.xsd         http://www.springframework.org/schema/util         http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+    <bean id="encryptedUtSTSProviderBean" class="org.apache.cxf.sts.provider.DefaultSecurityTokenServiceProvider">
+        <property name="services" ref="encryptedUtService"/>
+        <property name="stsProperties" ref="encryptedUtSTSProperties"/>
+        <property name="encryptIssuedToken" value="true"/>
+    </bean>
+    <bean id="encryptedUtService" class="org.apache.cxf.sts.service.StaticService">
+        <property name="endpoints" ref="encryptedUtEndpoints"/>
+    </bean>
+    <util:list id="encryptedUtEndpoints">
+        <value>http://localhost:(\d)*/doubleit/services/doubleit(a)?symmetricsaml1encrypted
+                </value>
+    </util:list>
+    <bean id="encProperties" class="org.apache.cxf.sts.service.EncryptionProperties">
+        <property name="encryptionAlgorithm" value="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+        <property name="keyWrapAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </bean>
+    <bean id="encryptedUtSTSProperties" class="org.apache.cxf.sts.StaticSTSProperties">
+        <property name="signaturePropertiesFile" value="stsKeystore.properties"/>
+        <property name="signatureUsername" value="mystskey"/>
+        <property name="callbackHandlerClass" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+        <property name="encryptionPropertiesFile" value="stsKeystore.properties"/>
+        <property name="encryptionProperties" ref="encProperties"/>
+        <property name="issuer" value="DoubleItSTSIssuer"/>
+        <property name="encryptionUsername" value="myservicekey"/>
+    </bean>
+    <jaxws:endpoint xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/" id="EncryptedUTSTS" implementor="#encryptedUtSTSProviderBean" address="http://localhost:${testutil.ports.StaxSTSServer.2}/SecurityTokenService/UTEncrypted" wsdlLocation="src/test/resources/org/apache/cxf/systest/sts/deployment/ws-trust-1.4-service.wsdl" serviceName="ns1:SecurityTokenService" endpointName="ns1:UTEncrypted_Port">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+            <entry key="ws-security.signature.properties" value="stsKeystore.properties"/>
+            <entry key="ws-security.signature.username" value="mystskey"/>
+            <entry key="ws-security.enable.streaming" value="true"/>
+        </jaxws:properties>
+    </jaxws:endpoint>
+</beans>

Added: cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-servlet.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-servlet.xml?rev=1546973&view=auto
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-servlet.xml (added)
+++ cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-servlet.xml Mon Dec  2 12:12:22 2013
@@ -0,0 +1,31 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:cxf="http://cxf.apache.org/core" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:test="http://apache.org/hello_world_soap_http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="         http://cxf.apache.org/core         http://cxf.apache.org/schemas/core.xsd         http://www.springframework.org/schema/beans         http://www.springframework.org/schema/beans/spring-beans-2.0.xsd         http://cxf.apache.org/jaxws                                              http://cxf.apache.org/schemas/jaxws.xsd         http://www.springframework.org/schema/util         http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+    <import resource="classpath:META-INF/cxf/cxf.xml"/>
+    <import resource="stax-cxf-transport.xml"/>
+    <import resource="stax-cxf-ut.xml"/>
+    <import resource="stax-cxf-encrypted-ut.xml"/>
+    <import resource="stax-cxf-x509.xml"/>
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+</beans>

Added: cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-transport.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-transport.xml?rev=1546973&view=auto
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-transport.xml (added)
+++ cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-transport.xml Mon Dec  2 12:12:22 2013
@@ -0,0 +1,168 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:cxf="http://cxf.apache.org/core" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:test="http://apache.org/hello_world_soap_http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="         http://cxf.apache.org/core         http://cxf.apache.org/schemas/core.xsd         http://www.springframework.org/schema/beans         http://www.springframework.org/schema/beans/spring-beans-2.0.xsd         http://cxf.apache.org/jaxws                                              http://cxf.apache.org/schemas/jaxws.xsd         http://cxf.apache.org/configuration/security         http://cxf.apache.org/schemas/configuration/security.xsd         http://cxf.apache.org/transports/http-jetty/configuration         http://cxf.apache.org/sc
 hemas/configuration/http-jetty.xsd         http://www.springframework.org/schema/util         http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+    <bean id="hokDelegationHandler" class="org.apache.cxf.sts.token.delegation.HOKDelegationHandler"/>
+    <bean id="transportSTSProviderBean2" class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
+        <property name="issueOperation" ref="transportIssueDelegate2"/>
+        <property name="validateOperation" ref="transportValidateDelegate2"/>
+    </bean>
+    <bean id="transportIssueDelegate2" class="org.apache.cxf.sts.operation.TokenIssueOperation">
+        <property name="tokenProviders" ref="transportTokenProviders2"/>
+        <property name="tokenValidators" ref="transportTokenValidators"/>
+        <property name="services" ref="transportService"/>
+        <property name="stsProperties" ref="transportSTSProperties"/>
+        <property name="delegationHandlers" ref="hokDelegationHandler"/>
+    </bean>
+    <bean id="transportValidateDelegate2" class="org.apache.cxf.sts.operation.TokenValidateOperation">
+        <property name="tokenValidators" ref="transportTokenValidators2"/>
+        <property name="stsProperties" ref="transportSTSProperties"/>
+    </bean>
+    <util:list id="transportTokenValidators2">
+        <ref bean="transportSamlTokenValidator2"/>
+    </util:list>
+    <util:list id="transportTokenProviders2">
+        <ref bean="transportSamlTokenProvider2"/>
+    </util:list>
+    <bean id="transportSamlTokenValidator2" class="org.apache.cxf.sts.token.validator.SAMLTokenValidator">
+        <property name="samlRealmCodec" ref="samlRealmCodec"/>
+    </bean>
+    <bean id="transportSamlTokenProvider2" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
+        <property name="realmMap" ref="realms"/>
+    </bean>
+    <bean id="transportIssueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
+        <property name="tokenProviders" ref="transportTokenProviders"/>
+        <property name="tokenValidators" ref="transportTokenValidators"/>
+        <property name="services" ref="transportService"/>
+        <property name="stsProperties" ref="transportSTSProperties"/>
+        <property name="delegationHandlers" ref="hokDelegationHandler"/>
+    </bean>
+    <bean id="transportValidateDelegate" class="org.apache.cxf.sts.operation.TokenValidateOperation">
+        <property name="tokenValidators" ref="transportTokenValidators"/>
+        <property name="stsProperties" ref="transportSTSProperties"/>
+    </bean>
+    <util:list id="transportTokenValidators">
+        <ref bean="transportSamlTokenValidator"/>
+    </util:list>
+    <util:list id="transportTokenProviders">
+        <ref bean="transportSamlTokenProvider"/>
+    </util:list>
+    <bean id="transportSamlTokenValidator" class="org.apache.cxf.sts.token.validator.SAMLTokenValidator">
+    </bean>
+    <bean id="transportSamlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
+    </bean>
+    <bean id="transportSTSProviderBean" class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
+        <property name="issueOperation" ref="transportIssueDelegate"/>
+        <property name="validateOperation" ref="transportValidateDelegate"/>
+    </bean>
+    <bean id="transportService" class="org.apache.cxf.sts.service.StaticService">
+        <property name="endpoints" ref="transportEndpoints"/>
+    </bean>
+    <util:list id="transportEndpoints">
+        <value>https://localhost:(\d)*/doubleit/services/doubleittransport.*
+        </value>
+    </util:list>
+    <bean id="realmA" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+        <property name="issuer" value="a-issuer"/>
+    </bean>
+    <bean id="realmB" class="org.apache.cxf.sts.token.realm.SAMLRealm">
+        <property name="issuer" value="b-issuer"/>
+    </bean>
+    <util:map id="realms">
+        <entry key="a-issuer" value-ref="realmA"/>
+        <entry key="b-issuer" value-ref="realmB"/>
+    </util:map>
+    <bean id="samlRealmCodec" class="org.apache.cxf.systest.sts.common.SAMLRealmCNCodec"/>
+    <bean id="customRealmParser" class="org.apache.cxf.systest.sts.common.UriRealmParser"/>
+    <bean id="identityMapper" class="org.apache.cxf.systest.sts.common.CustomIdentityMapper"/>
+    <util:list id="relationships">
+        <bean class="org.apache.cxf.sts.token.realm.Relationship">
+            <property name="sourceRealm" value="a-issuer"/>
+            <property name="targetRealm" value="b-issuer"/>
+            <property name="identityMapper" ref="identityMapper"/>
+            <property name="type" value="FederatedIdentity"/>
+        </bean>
+    </util:list>
+    <bean id="transportSTSProperties" class="org.apache.cxf.sts.StaticSTSProperties">
+        <property name="signaturePropertiesFile" value="stsKeystore.properties"/>
+        <property name="signatureUsername" value="mystskey"/>
+        <property name="callbackHandlerClass" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+        <property name="encryptionPropertiesFile" value="stsKeystore.properties"/>
+        <property name="issuer" value="DoubleItSTSIssuer"/>
+        <property name="encryptionUsername" value="myservicekey"/>
+        <property name="realmParser" ref="customRealmParser"/>
+        <property name="relationships" ref="relationships"/>
+        <property name="samlRealmCodec" ref="samlRealmCodec"/>
+    </bean>
+    <jaxws:endpoint xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/" id="transportSTS" implementor="#transportSTSProviderBean" address="https://localhost:${testutil.ports.StaxSTSServer}/SecurityTokenService/Transport" wsdlLocation="src/test/resources/org/apache/cxf/systest/sts/deployment/ws-trust-1.4-service.wsdl" serviceName="ns1:SecurityTokenService" endpointName="ns1:Transport_Port" depends-on="ClientAuthHttpsSettings">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+            <entry key="ws-security.enable.streaming" value="true"/>
+        </jaxws:properties>
+    </jaxws:endpoint>
+    <jaxws:endpoint xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/" id="transportSTS-realmB" implementor="#transportSTSProviderBean2" address="https://localhost:${testutil.ports.StaxSTSServer}/SecurityTokenService/b-issuer/Transport" wsdlLocation="src/test/resources/org/apache/cxf/systest/sts/deployment/ws-trust-1.4-service.wsdl" serviceName="ns1:SecurityTokenService" endpointName="ns1:Transport_SAML_Port" depends-on="ClientAuthHttpsSettings">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+            <entry key="ws-security.signature.properties" value="stsKeystore.properties"/>
+            <entry key="ws-security.enable.streaming" value="true"/>
+        </jaxws:properties>
+    </jaxws:endpoint>
+    <!--
+    <jaxws:endpoint id="transportSTS-realmB" implementor="#transportSTSProviderBean2"
+        address="https://localhost:${testutil.ports.StaxSTSServer}/SecurityTokenService/b-issuer/Transport"
+        wsdlLocation="src/test/resources/org/apache/cxf/systest/sts/deployment/ws-trust-1.4-service.wsdl"
+        xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+        serviceName="ns1:SecurityTokenService" endpointName="ns1:Transport_Port"
+                depends-on="ClientAuthHttpsSettings">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler"
+                value="org.apache.cxf.systest.sts.common.CommonCallbackHandler" />
+            <entry key="ws-security.signature.properties" value="stsKeystore.properties"/>
+            <entry key="ws-security.enable.streaming" value="true"/>
+        </jaxws:properties>
+    </jaxws:endpoint>
+    -->
+    <httpj:engine-factory id="ClientAuthHttpsSettings" bus="cxf">
+        <httpj:engine port="${testutil.ports.StaxSTSServer}">
+            <httpj:tlsServerParameters>
+                <sec:keyManagers keyPassword="skpass">
+                    <sec:keyStore type="jks" password="sspass" resource="servicestore.jks"/>
+                </sec:keyManagers>
+                <sec:trustManagers>
+                    <sec:keyStore type="jks" password="stsspass" resource="stsstore.jks"/>
+                </sec:trustManagers>
+                <sec:cipherSuitesFilter>
+                    <sec:include>.*_EXPORT_.*</sec:include>
+                    <sec:include>.*_EXPORT1024_.*</sec:include>
+                    <sec:include>.*_WITH_DES_.*</sec:include>
+                    <sec:include>.*_WITH_AES_.*</sec:include>
+                    <sec:include>.*_WITH_NULL_.*</sec:include>
+                    <sec:exclude>.*_DH_anon_.*</sec:exclude>
+                </sec:cipherSuitesFilter>
+                <sec:clientAuthentication want="false" required="false"/>
+            </httpj:tlsServerParameters>
+        </httpj:engine>
+    </httpj:engine-factory>
+</beans>

Added: cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-ut.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-ut.xml?rev=1546973&view=auto
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-ut.xml (added)
+++ cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-ut.xml Mon Dec  2 12:12:22 2013
@@ -0,0 +1,53 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:cxf="http://cxf.apache.org/core" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:test="http://apache.org/hello_world_soap_http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="         http://cxf.apache.org/core         http://cxf.apache.org/schemas/core.xsd         http://www.springframework.org/schema/beans         http://www.springframework.org/schema/beans/spring-beans-2.0.xsd         http://cxf.apache.org/jaxws                                              http://cxf.apache.org/schemas/jaxws.xsd         http://www.springframework.org/schema/util         http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+    <bean id="utSTSProviderBean" class="org.apache.cxf.sts.provider.DefaultSecurityTokenServiceProvider">
+        <property name="services" ref="utService"/>
+        <property name="stsProperties" ref="utSTSProperties"/>
+    </bean>
+    <bean id="utService" class="org.apache.cxf.sts.service.StaticService">
+        <property name="endpoints" ref="utEndpoints"/>
+    </bean>
+    <util:list id="utEndpoints">
+        <value>http://localhost:(\d)*/(doubleit|metrowsp)/services/doubleit(UT|.*symmetric.*|.*)
+                </value>
+    </util:list>
+    <bean id="utSTSProperties" class="org.apache.cxf.sts.StaticSTSProperties">
+        <property name="signaturePropertiesFile" value="stsKeystore.properties"/>
+        <property name="signatureUsername" value="mystskey"/>
+        <property name="callbackHandlerClass" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+        <property name="encryptionPropertiesFile" value="stsKeystore.properties"/>
+        <property name="issuer" value="DoubleItSTSIssuer"/>
+        <property name="encryptionUsername" value="myservicekey"/>
+    </bean>
+    <jaxws:endpoint xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/" id="UTSTS" implementor="#utSTSProviderBean" address="http://localhost:${testutil.ports.StaxSTSServer.2}/SecurityTokenService/UT" wsdlLocation="src/test/resources/org/apache/cxf/systest/sts/deployment/ws-trust-1.4-service.wsdl" serviceName="ns1:SecurityTokenService" endpointName="ns1:UT_Port">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+            <entry key="ws-security.signature.properties" value="stsKeystore.properties"/>
+            <entry key="ws-security.enable.streaming" value="true"/>
+        </jaxws:properties>
+    </jaxws:endpoint>
+</beans>

Added: cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-x509.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-x509.xml?rev=1546973&view=auto
==============================================================================
--- cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-x509.xml (added)
+++ cxf/trunk/services/sts/systests/basic/src/test/resources/org/apache/cxf/systest/sts/deployment/stax-cxf-x509.xml Mon Dec  2 12:12:22 2013
@@ -0,0 +1,77 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:cxf="http://cxf.apache.org/core" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:test="http://apache.org/hello_world_soap_http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="         http://cxf.apache.org/core         http://cxf.apache.org/schemas/core.xsd         http://www.springframework.org/schema/beans         http://www.springframework.org/schema/beans/spring-beans-2.0.xsd         http://cxf.apache.org/jaxws                                              http://cxf.apache.org/schemas/jaxws.xsd         http://www.springframework.org/schema/util         http://www.springframework.org/schema/util/spring-util-2.0.xsd">
+    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+    <cxf:bus>
+        <cxf:features>
+            <cxf:logging/>
+        </cxf:features>
+    </cxf:bus>
+    <bean id="x509STSProviderBean" class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
+        <property name="issueOperation" ref="x509IssueDelegate"/>
+        <property name="validateOperation" ref="x509ValidateDelegate"/>
+    </bean>
+    <bean id="utDelegationHandler" class="org.apache.cxf.sts.token.delegation.UsernameTokenDelegationHandler"/>
+    <bean id="x509IssueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
+        <property name="tokenProviders" ref="x509SamlTokenProvider"/>
+        <property name="tokenValidators" ref="x509TokenValidatorsOBO"/>
+        <property name="services" ref="x509Service"/>
+        <property name="stsProperties" ref="x509STSProperties"/>
+        <property name="delegationHandlers" ref="utDelegationHandler"/>
+    </bean>
+    <bean id="x509ValidateDelegate" class="org.apache.cxf.sts.operation.TokenValidateOperation">
+        <property name="tokenValidators" ref="x509SamlTokenValidator"/>
+        <property name="stsProperties" ref="x509STSProperties"/>
+    </bean>
+    <bean id="x509SamlTokenProvider" class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
+        </bean>
+    <bean id="x509SamlTokenValidator" class="org.apache.cxf.sts.token.validator.SAMLTokenValidator">
+        </bean>
+    <util:list id="x509TokenValidatorsOBO">
+        <ref bean="x509SamlTokenValidator"/>
+        <bean class="org.apache.cxf.systest.sts.username_onbehalfof.UsernameTokenValidator"/>
+    </util:list>
+    <bean id="x509Service" class="org.apache.cxf.sts.service.StaticService">
+        <property name="endpoints" ref="x509Endpoints"/>
+    </bean>
+    <util:list id="x509Endpoints">
+        <value>http://localhost:(\d)*/doubleit/services/doubleitsymmetric.*
+                </value>
+        <value>http://localhost:(\d)*/doubleit/services/doubleitasymmetric.*
+                </value>
+    </util:list>
+    <bean id="x509STSProperties" class="org.apache.cxf.sts.StaticSTSProperties">
+        <property name="signaturePropertiesFile" value="stsKeystore.properties"/>
+        <property name="signatureUsername" value="mystskey"/>
+        <property name="callbackHandlerClass" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+        <property name="encryptionPropertiesFile" value="stsKeystore.properties"/>
+        <property name="issuer" value="DoubleItSTSIssuer"/>
+        <property name="encryptionUsername" value="myservicekey"/>
+    </bean>
+    <jaxws:endpoint xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/" id="X509STS" implementor="#x509STSProviderBean" address="http://localhost:${testutil.ports.StaxSTSServer.2}/SecurityTokenService/X509" wsdlLocation="src/test/resources/org/apache/cxf/systest/sts/deployment/ws-trust-1.4-service.wsdl" serviceName="ns1:SecurityTokenService" endpointName="ns1:X509_Port">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+            <entry key="ws-security.signature.properties" value="stsKeystore.properties"/>
+            <entry key="ws-security.signature.username" value="mystskey"/>
+            <entry key="ws-security.encryption.username" value="useReqSigCert"/>
+            <entry key="ws-security.enable.streaming" value="true"/>
+        </jaxws:properties>
+    </jaxws:endpoint>
+</beans>



Mime
View raw message