cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/3] git commit: Adding a Action -> Policy test for a KeyIdentifier fix
Date Tue, 26 Aug 2014 11:52:06 GMT
Repository: cxf
Updated Branches:
  refs/heads/2.7.x-fixes 6ea54ba9c -> 4408bdc4c


Adding a Action -> Policy test for a KeyIdentifier fix

Conflicts:
	rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
	systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
	systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl
	systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/383cac01
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/383cac01
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/383cac01

Branch: refs/heads/2.7.x-fixes
Commit: 383cac010dc4adddb6c0b005f8a4c78d02f7a26e
Parents: 6ea54ba
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Aug 26 11:53:56 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Aug 26 12:12:06 2014 +0100

----------------------------------------------------------------------
 .../X509TokenPolicyValidator.java               | 107 +++++++++++++++++-
 .../cxf/systest/ws/action/ActionTest.java       |  28 +++++
 .../cxf/systest/ws/action/DoubleItAction.wsdl   |   7 ++
 .../systest/ws/action/DoubleItActionPolicy.wsdl | 113 +++++++++++++++++++
 .../org/apache/cxf/systest/ws/action/client.xml |  34 ++++++
 .../org/apache/cxf/systest/ws/action/server.xml |   9 ++
 6 files changed, 296 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/383cac01/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
index b26406e..510ded0 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
@@ -27,6 +27,7 @@ import org.w3c.dom.Element;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
+<<<<<<< HEAD
 import org.apache.cxf.ws.security.policy.SP12Constants;
 import org.apache.cxf.ws.security.policy.SPConstants;
 import org.apache.cxf.ws.security.policy.model.X509Token;
@@ -34,6 +35,19 @@ import org.apache.cxf.ws.security.wss4j.WSS4JUtils;
 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSSecurityEngineResult;
 import org.apache.ws.security.message.token.BinarySecurity;
+=======
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.dom.bsp.BSPEnforcer;
+import org.apache.wss4j.dom.message.token.BinarySecurity;
+import org.apache.wss4j.dom.message.token.X509Security;
+import org.apache.wss4j.dom.str.STRParser;
+import org.apache.wss4j.dom.util.WSSecurityUtil;
+import org.apache.wss4j.policy.SPConstants;
+import org.apache.wss4j.policy.model.X509Token;
+import org.apache.wss4j.policy.model.X509Token.TokenType;
+>>>>>>> 6d6ce13... Adding a Action -> Policy test for a KeyIdentifier
fix
 
 /**
  * Validate an X509 Token policy.
@@ -50,11 +64,40 @@ public class X509TokenPolicyValidator extends AbstractTokenPolicyValidator
imple
         List<WSSecurityEngineResult> results,
         List<WSSecurityEngineResult> signedResults
     ) {
+<<<<<<< HEAD
         Collection<AssertionInfo> ais = aim.get(SP12Constants.X509_TOKEN);
         if (ais == null || ais.isEmpty()) {
             return true;
         }
         
+=======
+        Collection<AssertionInfo> ais = getAllAssertionsByLocalname(aim, SPConstants.X509_TOKEN);
+        if (!ais.isEmpty()) {
+            parsePolicies(ais, message, signedResults, results);
+            
+            assertPolicy(aim, SPConstants.WSS_X509_PKI_PATH_V1_TOKEN10);
+            assertPolicy(aim, SPConstants.WSS_X509_PKI_PATH_V1_TOKEN11);
+            assertPolicy(aim, SPConstants.WSS_X509_V1_TOKEN10);
+            assertPolicy(aim, SPConstants.WSS_X509_V1_TOKEN11);
+            assertPolicy(aim, SPConstants.WSS_X509_V3_TOKEN10);
+            assertPolicy(aim, SPConstants.WSS_X509_V3_TOKEN11);
+            
+            assertPolicy(aim, SPConstants.REQUIRE_ISSUER_SERIAL_REFERENCE);
+            assertPolicy(aim, SPConstants.REQUIRE_THUMBPRINT_REFERENCE);
+            assertPolicy(aim, SPConstants.REQUIRE_KEY_IDENTIFIER_REFERENCE);
+            assertPolicy(aim, SPConstants.REQUIRE_EMBEDDED_TOKEN_REFERENCE);
+        }
+        
+        return true;
+    }
+    
+    private void parsePolicies(
+        Collection<AssertionInfo> ais, 
+        Message message,
+        List<WSSecurityEngineResult> signedResults,
+        List<WSSecurityEngineResult> results
+    ) {
+>>>>>>> 6d6ce13... Adding a Action -> Policy test for a KeyIdentifier
fix
         List<WSSecurityEngineResult> bstResults = 
             WSS4JUtils.fetchAllActionResults(results, WSConstants.BST);
         
@@ -66,14 +109,18 @@ public class X509TokenPolicyValidator extends AbstractTokenPolicyValidator
imple
                 continue;
             }
 
-            if (bstResults.isEmpty()) {
+            if (bstResults.isEmpty() && signedResults.isEmpty()) {
                 ai.setNotAsserted(
                     "The received token does not match the token inclusion requirement"
                 );
                 continue;
             }
 
+<<<<<<< HEAD
             if (!checkTokenType(x509TokenPolicy.getTokenVersionAndType(), bstResults)) {
+=======
+            if (!checkTokenType(x509TokenPolicy.getTokenType(), bstResults, signedResults))
{
+>>>>>>> 6d6ce13... Adding a Action -> Policy test for a KeyIdentifier
fix
                 ai.setNotAsserted("An incorrect X.509 Token Type is detected");
                 continue;
             }
@@ -85,10 +132,16 @@ public class X509TokenPolicyValidator extends AbstractTokenPolicyValidator
imple
      * Check that at least one received token matches the token type.
      */
     private boolean checkTokenType(
+<<<<<<< HEAD
         String requiredVersionAndType,
         List<WSSecurityEngineResult> bstResults
+=======
+        TokenType tokenType,
+        List<WSSecurityEngineResult> bstResults,
+        List<WSSecurityEngineResult> signedResults
+>>>>>>> 6d6ce13... Adding a Action -> Policy test for a KeyIdentifier
fix
     ) {
-        if (bstResults.isEmpty()) {
+        if (bstResults.isEmpty() && signedResults.isEmpty()) {
             return false;
         }
 
@@ -108,6 +161,56 @@ public class X509TokenPolicyValidator extends AbstractTokenPolicyValidator
imple
                 }
             }
         }
+        
+        // Maybe the X.509 token was included as a KeyIdentifier
+        if (X509_V3_VALUETYPE.equals(requiredType)) {
+            for (WSSecurityEngineResult result : signedResults) {
+                STRParser.REFERENCE_TYPE referenceType = 
+                    (STRParser.REFERENCE_TYPE)result.get(WSSecurityEngineResult.TAG_X509_REFERENCE_TYPE);
+                if (STRParser.REFERENCE_TYPE.KEY_IDENTIFIER == referenceType) {
+                    Element signatureElement = 
+                        (Element)result.get(WSSecurityEngineResult.TAG_TOKEN_ELEMENT);
+                    Element keyIdentifier = getKeyIdentifier(signatureElement);
+                    if (keyIdentifier != null 
+                        && X509_V3_VALUETYPE.equals(keyIdentifier.getAttributeNS(null,
"ValueType"))) {
+                        try {
+                            X509Security token = 
+                                new X509Security(keyIdentifier, 
+                                                 new BSPEnforcer(true));
+                            X509Certificate cert = token.getX509Certificate(null);
+                            if (cert != null && cert.getVersion() == 3) {
+                                return true;
+                            }
+                        } catch (WSSecurityException e) {
+                            LOG.log(Level.FINE, e.getMessage());
+                        }
+                    }
+                }
+            }
+        }
         return false;
     }
+    
+    private Element getKeyIdentifier(Element signatureElement) {
+        if (signatureElement != null) {
+            Element keyInfoElement = 
+                WSSecurityUtil.getDirectChildElement(
+                    signatureElement, "KeyInfo", WSConstants.SIG_NS
+                );
+            if (keyInfoElement != null) {
+                Element strElement = 
+                    WSSecurityUtil.getDirectChildElement(
+                        keyInfoElement, "SecurityTokenReference", WSConstants.WSSE_NS
+                    );
+                if (strElement != null) {
+                    Element kiElement = 
+                        WSSecurityUtil.getDirectChildElement(
+                            strElement, "KeyIdentifier", WSConstants.WSSE_NS
+                        );
+                    return kiElement;
+                }
+            }
+        }
+        return null;
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/383cac01/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
index 2e22300..68e85da 100644
--- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
+++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
@@ -214,5 +214,33 @@ public class ActionTest extends AbstractBusClientServerTestBase {
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }
+<<<<<<< HEAD
 
+=======
+    
+    // Here the client is using "Actions", where the server is using an AsymmetricBinding
policy
+    @org.junit.Test
+    public void testAsymmetricActionToPolicy() throws Exception {
+
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = ActionTest.class.getResource("client.xml");
+
+        Bus bus = bf.createBus(busFile.toString());
+        SpringBusFactory.setDefaultBus(bus);
+        SpringBusFactory.setThreadDefaultBus(bus);
+        
+        URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+        Service service = Service.create(wsdl, SERVICE_QNAME);
+        QName portQName = new QName(NAMESPACE, "DoubleItAsymmetricPort");
+        DoubleItPortType port = 
+                service.getPort(portQName, DoubleItPortType.class);
+        updateAddressPort(port, PORT);
+        
+        // Successful call
+        port.doubleIt(25);
+        
+        ((java.io.Closeable)port).close();
+        bus.shutdown(true);
+    }
+>>>>>>> 6d6ce13... Adding a Action -> Policy test for a KeyIdentifier
fix
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/383cac01/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl
index d5054ce..9a73de0 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl
@@ -72,6 +72,13 @@
         <wsdl:port name="DoubleItSignaturePort2" binding="tns:DoubleItNoSecurityBinding">
             <soap:address location="http://localhost:9001/DoubleItSignature2"/>
         </wsdl:port>
+        <wsdl:port name="DoubleItAsymmetricPort" binding="tns:DoubleItNoSecurityBinding">
+            <soap:address location="http://localhost:9001/DoubleItAsymmetric"/>
+        </wsdl:port>
     </wsdl:service>
+<<<<<<< HEAD
 
+=======
+    
+>>>>>>> 6d6ce13... Adding a Action -> Policy test for a KeyIdentifier
fix
 </wsdl:definitions>

http://git-wip-us.apache.org/repos/asf/cxf/blob/383cac01/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItActionPolicy.wsdl
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItActionPolicy.wsdl
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItActionPolicy.wsdl
new file mode 100644
index 0000000..84403e2
--- /dev/null
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItActionPolicy.wsdl
@@ -0,0 +1,113 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ 
+ http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<wsdl:definitions xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://www.example.org/contract/DoubleIt"
xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsaws="http://www.w3.org/2005/08/addressing" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
xmlns:sp13="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802" name="DoubleIt" targetNamespace="http://www.example.org/contract/DoubleIt">
+    <wsdl:import location="src/test/resources/DoubleItLogical.wsdl" namespace="http://www.example.org/contract/DoubleIt"/>
+    <wsdl:binding name="DoubleItAsymmetricBinding" type="tns:DoubleItPortType">
+        <wsp:PolicyReference URI="#DoubleItAsymmetricPolicy"/>
+        <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
+        <wsdl:operation name="DoubleIt">
+            <soap:operation soapAction=""/>
+            <wsdl:input>
+                <soap:body use="literal"/>
+                <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/>
+            </wsdl:input>
+            <wsdl:output>
+                <soap:body use="literal"/>
+                <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/>
+            </wsdl:output>
+            <wsdl:fault name="DoubleItFault">
+                <soap:body use="literal" name="DoubleItFault"/>
+            </wsdl:fault>
+        </wsdl:operation>
+    </wsdl:binding>
+    
+    <wsdl:service name="DoubleItService">
+        <wsdl:port name="DoubleItAsymmetricPort" binding="tns:DoubleItAsymmetricBinding">
+            <soap:address location="http://localhost:9001/DoubleItAsymmetric"/>
+        </wsdl:port>
+    </wsdl:service>
+    
+    <wsp:Policy wsu:Id="DoubleItAsymmetricPolicy">
+        <wsp:ExactlyOne>
+            <wsp:All>
+                <sp:AsymmetricBinding>
+                    <wsp:Policy>
+                        <sp:InitiatorToken>
+                            <wsp:Policy>
+                                <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+                                    <wsp:Policy>
+                                        <sp:WssX509V3Token10/>
+                                    </wsp:Policy>
+                                </sp:X509Token>
+                            </wsp:Policy>
+                        </sp:InitiatorToken>
+                        <sp:RecipientToken>
+                            <wsp:Policy>
+                                <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
+                                    <wsp:Policy>
+                                        <sp:WssX509V3Token10/>
+                                    </wsp:Policy>
+                                </sp:X509Token>
+                            </wsp:Policy>
+                        </sp:RecipientToken>
+                        <sp:Layout>
+                            <wsp:Policy>
+                                <sp:Lax/>
+                            </wsp:Policy>
+                        </sp:Layout>
+                        <sp:IncludeTimestamp/>
+                        <sp:OnlySignEntireHeadersAndBody/>
+                        <sp:AlgorithmSuite>
+                            <wsp:Policy>
+                                <sp:Basic128/>
+                            </wsp:Policy>
+                        </sp:AlgorithmSuite>
+                    </wsp:Policy>
+                </sp:AsymmetricBinding>
+            </wsp:All>
+        </wsp:ExactlyOne>
+    </wsp:Policy>
+    
+    <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Input_Policy">
+        <wsp:ExactlyOne>
+            <wsp:All>
+                <sp:EncryptedParts>
+                    <sp:Body/>
+                </sp:EncryptedParts>
+                <sp:SignedParts>
+                    <sp:Body/>
+                </sp:SignedParts>
+            </wsp:All>
+        </wsp:ExactlyOne>
+    </wsp:Policy>
+    
+    <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Output_Policy">
+        <wsp:ExactlyOne>
+            <wsp:All>
+                <sp:EncryptedParts>
+                    <sp:Body/>
+                </sp:EncryptedParts>
+                <sp:SignedParts>
+                    <sp:Body/>
+                </sp:SignedParts>
+            </wsp:All>
+        </wsp:ExactlyOne>
+    </wsp:Policy>
+</wsdl:definitions>

http://git-wip-us.apache.org/repos/asf/cxf/blob/383cac01/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml
index 01a3486..467d6e1 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml
@@ -188,5 +188,39 @@
         </jaxws:inInterceptors>
     </jaxws:client>
     
+<<<<<<< HEAD
     
+=======
+    <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItAsymmetricPort"
createdFromAPI="true">
+        <jaxws:outInterceptors>
+            <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
+                <constructor-arg>
+                    <map>
+                        <entry key="action" value="Timestamp Signature Encrypt"/>
+                        <entry key="signatureUser" value="alice"/>
+                        <entry key="signaturePropFile" value="alice.properties"/>
+                        <entry key="encryptionUser" value="bob"/>
+                        <entry key="encryptionPropFile" value="bob.properties"/>
+                        <entry key="signatureKeyIdentifier" value="DirectReference"/>
+                        <entry key="signatureParts" value="{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{}{http://schemas.xmlsoap.org/soap/envelope/}Body;"/>
+                        <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+                        <entry key="signatureKeyIdentifier" value="X509KeyIdentifier"/>
+                    </map>
+                </constructor-arg>
+            </bean>
+        </jaxws:outInterceptors>
+        <jaxws:inInterceptors>
+            <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
+                <constructor-arg>
+                    <map>
+                        <entry key="action" value="Timestamp Signature Encrypt"/>
+                        <entry key="signatureVerificationPropFile" value="bob.properties"/>
+                        <entry key="decryptionPropFile" value="alice.properties"/>
+                        <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+                    </map>
+                </constructor-arg>
+            </bean>
+        </jaxws:inInterceptors>
+    </jaxws:client>
+>>>>>>> 6d6ce13... Adding a Action -> Policy test for a KeyIdentifier
fix
 </beans>

http://git-wip-us.apache.org/repos/asf/cxf/blob/383cac01/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml
----------------------------------------------------------------------
diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml
b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml
index 1a42f37..073067e 100644
--- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml
+++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml
@@ -232,4 +232,13 @@
             </bean>
         </jaxws:inInterceptors>
     </jaxws:endpoint>
+    
+    <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="Asymmetric"
address="http://localhost:${testutil.ports.Server}/DoubleItAsymmetric" serviceName="s:DoubleItService"
endpointName="s:DoubleItAsymmetricPort" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl"
wsdlLocation="org/apache/cxf/systest/ws/action/DoubleItActionPolicy.wsdl">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.ws.common.KeystorePasswordCallback"/>
+            <entry key="ws-security.signature.properties" value="bob.properties"/>
+            <entry key="ws-security.encryption.properties" value="alice.properties"/>
+            <entry key="ws-security.encryption.username" value="alice"/>
+        </jaxws:properties>
+    </jaxws:endpoint>
 </beans>


Mime
View raw message