cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From e..@apache.org
Subject git commit: [CXF-5810]:Empty response is returned when both security policy and handler chain are enabled
Date Wed, 18 Jun 2014 01:17:09 GMT
Repository: cxf
Updated Branches:
  refs/heads/2.7.x-fixes 449255214 -> e5014f1be


[CXF-5810]:Empty response is returned when both security policy and handler chain are enabled


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e5014f1b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e5014f1b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e5014f1b

Branch: refs/heads/2.7.x-fixes
Commit: e5014f1beab3a430b6c9b88adb179e0fede7625b
Parents: 4492552
Author: Jim Ma <ema@apache.org>
Authored: Wed Jun 18 09:16:16 2014 +0800
Committer: Jim Ma <ema@apache.org>
Committed: Wed Jun 18 09:16:47 2014 +0800

----------------------------------------------------------------------
 .../binding/soap/saaj/SAAJOutInterceptor.java   |   6 +-
 .../policy/handler/CommonPasswordCallback.java  |  58 +++++++++++++++
 .../systest/ws/policy/handler/DummyHandler.java |  54 ++++++++++++++
 .../systest/ws/policy/handler/HelloService.java |  42 +++++++++++
 .../ws/policy/handler/HelloServiceImpl.java     |  45 ++++++++++++
 .../cxf/systest/ws/policy/handler/MyFault.java  |  37 ++++++++++
 .../handler/PolicyHandlerFaultResponseTest.java |  72 +++++++++++++++++++
 .../cxf/systest/ws/policy/handler/Server.java   |  45 ++++++++++++
 .../cxf/systest/ws/policy/handler/handlers.xml  |  10 +++
 .../src/test/resources/alice.properties         |  21 ++++++
 .../src/test/resources/certs/alice.jks          | Bin 0 -> 2428 bytes
 .../resources/handler_policies/inputPolicy.xml  |  25 +++++++
 .../resources/handler_policies/outputPolicy.xml |  25 +++++++
 .../handler_policies/x509SecurityPolicy.xml     |  61 ++++++++++++++++
 14 files changed, 499 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJOutInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJOutInterceptor.java
b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJOutInterceptor.java
index 7531b68..a6c47c6 100644
--- a/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJOutInterceptor.java
+++ b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJOutInterceptor.java
@@ -124,8 +124,10 @@ public class SAAJOutInterceptor extends AbstractSoapInterceptor {
                 SOAPMessage soapMessage = factory.createMessage();
 
                 SOAPPart soapPart = soapMessage.getSOAPPart();
-                
-                XMLStreamWriter origWriter = message.getContent(XMLStreamWriter.class);
+                XMLStreamWriter origWriter = (XMLStreamWriter)message.get(ORIGINAL_XML_WRITER);
+                if (origWriter == null) {
+                    origWriter = message.getContent(XMLStreamWriter.class);
+                }
                 message.put(ORIGINAL_XML_WRITER, origWriter);
                 W3CDOMStreamWriter writer = new SAAJStreamWriter(soapPart);
                 // Replace stax writer with DomStreamWriter

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/CommonPasswordCallback.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/CommonPasswordCallback.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/CommonPasswordCallback.java
new file mode 100644
index 0000000..7f2f951
--- /dev/null
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/CommonPasswordCallback.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.ws.policy.handler;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.apache.ws.security.WSPasswordCallback;
+
+public class CommonPasswordCallback implements CallbackHandler {
+
+    private Map<String, String> passwords = new HashMap<String, String>();
+
+    public CommonPasswordCallback() {
+        passwords.put("abc", "abc");
+        passwords.put("alice", "password");
+        passwords.put("bob", "password");
+    }
+
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
+        for (int i = 0; i < callbacks.length; i++) {
+            WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
+            String pass = passwords.get(pc.getIdentifier());
+            if (pass != null) {
+                pc.setPassword(pass);
+                return;
+            }
+        }
+    }
+
+    /**
+     * Add an alias/password pair to the callback mechanism.
+     */
+    public void setAliasPassword(String alias, String password) {
+        passwords.put(alias, password);
+    }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/DummyHandler.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/DummyHandler.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/DummyHandler.java
new file mode 100644
index 0000000..2f03300
--- /dev/null
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/DummyHandler.java
@@ -0,0 +1,54 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.ws.policy.handler;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.handler.MessageContext;
+import javax.xml.ws.handler.soap.SOAPHandler;
+import javax.xml.ws.handler.soap.SOAPMessageContext;
+
+public class DummyHandler implements SOAPHandler<SOAPMessageContext> {
+
+    @Override
+    public boolean handleMessage(SOAPMessageContext context) {
+        return true;
+    }
+
+    @Override
+    public boolean handleFault(SOAPMessageContext context) {
+        return true;
+    }
+
+    @Override
+    public void close(MessageContext context) {
+    }
+
+    @Override
+    public Set<QName> getHeaders() {
+        Set<QName> understoodHeaders = new HashSet<QName>();
+        QName securityHeader = 
+            new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
"Security");
+        understoodHeaders.add(securityHeader);
+        return understoodHeaders;
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloService.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloService.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloService.java
new file mode 100644
index 0000000..96826fb
--- /dev/null
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloService.java
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.ws.policy.handler;
+
+import javax.jws.WebMethod;
+import javax.jws.WebParam;
+import javax.jws.WebResult;
+import javax.jws.WebService;
+
+import org.apache.cxf.annotations.Policies;
+import org.apache.cxf.annotations.Policy;
+
+@WebService(serviceName = "HelloPolicyService")
+@Policy(placement = Policy.Placement.BINDING, uri = "classpath:/handler_policies/x509SecurityPolicy.xml")
+public interface HelloService {
+
+    @WebMethod(action = "checkHello")
+    @WebResult(name = "result")
+    @Policies({
+        @Policy(uri = "classpath:/handler_policies/inputPolicy.xml", 
+            placement = Policy.Placement.PORT_TYPE_OPERATION_INPUT),
+        @Policy(uri = "classpath:/handler_policies/outputPolicy.xml", 
+        placement = Policy.Placement.PORT_TYPE_OPERATION_OUTPUT)
+    })
+    boolean checkHello(@WebParam(name = "input") String input) throws MyFault;
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java
new file mode 100644
index 0000000..c93cbf2
--- /dev/null
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.ws.policy.handler;
+
+import javax.jws.HandlerChain;
+import javax.jws.WebParam;
+import javax.jws.WebResult;
+import javax.jws.WebService;
+
+import org.apache.cxf.annotations.EndpointProperties;
+import org.apache.cxf.annotations.EndpointProperty;
+
+@WebService(name = "HelloPolicyService", serviceName = "HelloPolicyService")
+@EndpointProperties(value = {
+        @EndpointProperty(key = "ws-security.callback-handler", 
+        value = "org.apache.cxf.systest.ws.policy.handler.CommonPasswordCallback"),
+        @EndpointProperty(key = "ws-security.is-bsp-compliant", value = "false"),
+        @EndpointProperty(key = "ws-security.signature.properties", value = "alice.properties"),
+        @EndpointProperty(key = "ws-security.signature.username", value = "alice")
+        })
+@HandlerChain(file = "handlers.xml")
+public class HelloServiceImpl implements HelloService {
+    @Override
+    @WebResult(name = "result")
+    public boolean checkHello(@WebParam(name = "input") String input) throws MyFault {
+        throw new MyFault("myMessage", "myFaultInfo");
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/MyFault.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/MyFault.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/MyFault.java
new file mode 100644
index 0000000..c7fc209
--- /dev/null
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/MyFault.java
@@ -0,0 +1,37 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.ws.policy.handler;
+
+import javax.xml.ws.WebFault;
+
+@SuppressWarnings("serial")
+@WebFault
+public class MyFault extends Exception {
+
+    private String faultInfo;
+
+    public MyFault(String message, String faultInfo) {
+        super(message);
+        this.faultInfo = faultInfo;
+    }
+
+    public String getFaultInfo() {
+        return faultInfo;
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/PolicyHandlerFaultResponseTest.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/PolicyHandlerFaultResponseTest.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/PolicyHandlerFaultResponseTest.java
new file mode 100644
index 0000000..2681829
--- /dev/null
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/PolicyHandlerFaultResponseTest.java
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.ws.policy.handler;
+
+import java.net.URL;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Service;
+import javax.xml.ws.soap.SOAPBinding;
+
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class PolicyHandlerFaultResponseTest extends AbstractBusClientServerTestBase {
+    public static final String PORT = Server.PORT;
+    private final QName serviceName = new QName("http://handler.policy.ws.systest.cxf.apache.org/",
+                                                "HelloPolicyService");
+
+    @BeforeClass
+    public static void startServers() throws Exception {
+        assertTrue("server did not launch correctly", launchServer(Server.class));
+
+    }
+
+    @Test
+    public void testFaultResponse() throws Exception {
+        String address = "http://localhost:" + PORT + "/policytest";
+        URL wsdlURL = new URL(address + "?wsdl");
+
+        Service service = Service.create(wsdlURL, serviceName);
+        service
+            .addPort(new QName("http://handler.policy.ws.systest.cxf.apache.org/", "HelloPolicyServicePort"),
+                     SOAPBinding.SOAP11HTTP_BINDING, address);
+        HelloService port = service.getPort(new QName("http://handler.policy.ws.systest.cxf.apache.org/",
+                                                      "HelloPolicyServicePort"), HelloService.class);
+        Map<String, Object> context = ((BindingProvider)port).getRequestContext();
+        context.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, address);
+
+        context.put(SecurityConstants.CALLBACK_HANDLER, new CommonPasswordCallback());
+        context.put(SecurityConstants.SIGNATURE_PROPERTIES, "alice.properties");
+        context.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
+
+        try {
+            port.checkHello("input");
+            fail("Exception is expected");
+        } catch (MyFault e) {
+            assertEquals("Fault is not expected", "myMessage", e.getMessage());
+        }
+
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/Server.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/Server.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/Server.java
new file mode 100644
index 0000000..bcd7072
--- /dev/null
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/Server.java
@@ -0,0 +1,45 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.ws.policy.handler;
+
+import javax.xml.ws.Endpoint;
+
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+public class Server extends AbstractBusTestServerBase {
+    public static final String PORT = allocatePort(Server.class);
+    protected void run() {
+        Object implementor = new HelloServiceImpl();
+        String address = "http://localhost:" + PORT + "/policytest";
+        Endpoint.publish(address, implementor);
+    }
+
+    public static void main(String args[]) {
+        try {
+            Server s = new Server();
+            s.start();
+        } catch (Exception ex) {
+            ex.printStackTrace();
+            System.exit(-1);
+        } finally {
+            System.out.println("done!");
+        }
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/handlers.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/handlers.xml
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/handlers.xml
new file mode 100644
index 0000000..8348eda
--- /dev/null
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/handlers.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<handler-chains xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee javaee_web_services_1_2.xsd">
+    <handler-chain>
+        <handler>
+            <handler-name>Dummy</handler-name>
+            <handler-class>org.apache.cxf.systest.ws.policy.handler.DummyHandler</handler-class>
+        </handler>
+    </handler-chain>
+</handler-chains>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/resources/alice.properties
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/alice.properties b/systests/ws-security/src/test/resources/alice.properties
new file mode 100644
index 0000000..1b9111d
--- /dev/null
+++ b/systests/ws-security/src/test/resources/alice.properties
@@ -0,0 +1,21 @@
+#    Licensed to the Apache Software Foundation (ASF) under one
+#    or more contributor license agreements. See the NOTICE file
+#    distributed with this work for additional information
+#    regarding copyright ownership. The ASF licenses this file
+#    to you under the Apache License, Version 2.0 (the
+#    "License"); you may not use this file except in compliance
+#    with the License. You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing,
+#    software distributed under the License is distributed on an
+#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the License for the
+#    specific language governing permissions and limitations
+#    under the License.
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=password
+org.apache.ws.security.crypto.merlin.keystore.alias=alice
+org.apache.ws.security.crypto.merlin.keystore.file=certs/alice.jks

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/resources/certs/alice.jks
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/certs/alice.jks b/systests/ws-security/src/test/resources/certs/alice.jks
new file mode 100644
index 0000000..9f47a5c
Binary files /dev/null and b/systests/ws-security/src/test/resources/certs/alice.jks differ

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/resources/handler_policies/inputPolicy.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/handler_policies/inputPolicy.xml b/systests/ws-security/src/test/resources/handler_policies/inputPolicy.xml
new file mode 100644
index 0000000..35e6c99
--- /dev/null
+++ b/systests/ws-security/src/test/resources/handler_policies/inputPolicy.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ 
+ http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<wsp:Policy wsu:Id="Input_Security_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+    <wsp:ExactlyOne>
+        <wsp:All/>
+    </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/resources/handler_policies/outputPolicy.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/handler_policies/outputPolicy.xml b/systests/ws-security/src/test/resources/handler_policies/outputPolicy.xml
new file mode 100644
index 0000000..4c15073
--- /dev/null
+++ b/systests/ws-security/src/test/resources/handler_policies/outputPolicy.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ 
+ http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<wsp:Policy wsu:Id="Output_Security_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+    <wsp:ExactlyOne>
+        <wsp:All />
+    </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/resources/handler_policies/x509SecurityPolicy.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/handler_policies/x509SecurityPolicy.xml
b/systests/ws-security/src/test/resources/handler_policies/x509SecurityPolicy.xml
new file mode 100644
index 0000000..55ed83f
--- /dev/null
+++ b/systests/ws-security/src/test/resources/handler_policies/x509SecurityPolicy.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ 
+ http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<wsp:Policy wsu:Id="X509SecurityPolicy" xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:wsa="http://www.w3.org/2005/08/addressing"
+    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+    <wsp:ExactlyOne>
+        <wsp:All>
+            <sp:AsymmetricBinding>
+                <wsp:Policy>
+                    <sp:InitiatorToken>
+                        <wsp:Policy>
+                            <sp:X509Token
+                                sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+                                <wsp:Policy>
+                                    <sp:WssX509V3Token10 />
+                                </wsp:Policy>
+                            </sp:X509Token>
+                        </wsp:Policy>
+                    </sp:InitiatorToken>
+                    <sp:RecipientToken>
+                        <wsp:Policy>
+                            <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
+                                <wsp:Policy>
+                                    <sp:WssX509V3Token10 />
+                                </wsp:Policy>
+                            </sp:X509Token>
+                        </wsp:Policy>
+                    </sp:RecipientToken>
+                    <sp:AlgorithmSuite>
+                        <wsp:Policy>
+                            <sp:Basic128 />
+                        </wsp:Policy>
+                    </sp:AlgorithmSuite>
+                    <sp:Layout>
+                        <wsp:Policy>
+                            <sp:Strict />
+                        </wsp:Policy>
+                    </sp:Layout>
+                    <sp:IncludeTimestamp />
+                </wsp:Policy>
+            </sp:AsymmetricBinding>
+        </wsp:All>
+    </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file


Mime
View raw message