cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From owu...@apache.org
Subject git commit: Encrypted Token configuration prepared
Date Thu, 02 Oct 2014 17:18:13 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master 387092865 -> 3b9d837b8


Encrypted Token configuration prepared


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/3b9d837b
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/3b9d837b
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/3b9d837b

Branch: refs/heads/master
Commit: 3b9d837b851a146ddb2bc7f6e922bc0e3f8bae77
Parents: 3870928
Author: Oliver Wulff <owulff@talend.com>
Authored: Thu Oct 2 14:22:02 2014 +0200
Committer: Oliver Wulff <owulff@talend.com>
Committed: Thu Oct 2 14:22:02 2014 +0200

----------------------------------------------------------------------
 .../src/main/resources/stsEncryption.properties |   5 +++
 services/sts/src/main/resources/stsencrypt.jks  | Bin 0 -> 32 bytes
 .../src/main/webapp/WEB-INF/cxf-transport.xml   |  35 +++++++++++++++----
 3 files changed, 33 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3b9d837b/services/sts/src/main/resources/stsEncryption.properties
----------------------------------------------------------------------
diff --git a/services/sts/src/main/resources/stsEncryption.properties b/services/sts/src/main/resources/stsEncryption.properties
new file mode 100644
index 0000000..9badcdc
--- /dev/null
+++ b/services/sts/src/main/resources/stsEncryption.properties
@@ -0,0 +1,5 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=storepass
+org.apache.ws.security.crypto.merlin.keystore.file=stsencrypt.jks
+

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3b9d837b/services/sts/src/main/resources/stsencrypt.jks
----------------------------------------------------------------------
diff --git a/services/sts/src/main/resources/stsencrypt.jks b/services/sts/src/main/resources/stsencrypt.jks
new file mode 100644
index 0000000..7bac48a
Binary files /dev/null and b/services/sts/src/main/resources/stsencrypt.jks differ

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3b9d837b/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
----------------------------------------------------------------------
diff --git a/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml b/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
index 052956f..6eec84f 100644
--- a/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
+++ b/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
@@ -68,12 +68,13 @@
 
     <bean id="transportIssueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
         <property name="tokenProviders" ref="transportTokenProviders" />
-        <property name="services" ref="transportService" />
+        <property name="services" ref="transportServices" />
         <property name="stsProperties" ref="transportSTSProperties" />
         <property name="claimsManager" ref="claimsManager" />
         <property name="tokenValidators" ref="transportTokenValidators" />
         <property name="eventListener" ref="loggerListener" />
         <property name="delegationHandlers" ref="samlDelegationHandler" />
+        <property name="encryptIssuedToken" value="true"/>
     </bean>
 
     <bean id="transportValidateDelegate" class="org.apache.cxf.sts.operation.TokenValidateOperation">
@@ -166,20 +167,40 @@
         class="org.apache.cxf.sts.token.validator.UsernameTokenValidator">
     </bean>
 
+    <util:list id="transportServices">
+        <ref bean="myEncryptionService" />
+        <ref bean="transportService" />
+    </util:list>
+
     <bean id="transportService" class="org.apache.cxf.sts.service.StaticService">
-        <property name="endpoints" ref="transportEndpoints" />
+        <property name="endpoints">
+            <util:list>
+                <value>.*</value>
+            </util:list>
+        </property>
+    </bean>
+    
+    <bean id="myEncryptionService" class="org.apache.cxf.sts.service.StaticService">
+        <property name="endpoints">
+            <util:list>
+                <value>myServiceB.*</value>
+            </util:list>
+        </property>
+        <property name="encryptionProperties">
+            <bean class="org.apache.cxf.sts.service.EncryptionProperties">
+                <property name="encryptionName" value="serviceB"/>
+                <property name="encryptionAlgorithm" value="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+            </bean>
+        </property>
     </bean>
-
-    <util:list id="transportEndpoints">
-        <value>.*</value>
-    </util:list>
 
     <bean id="transportSTSProperties" class="org.apache.cxf.sts.StaticSTSProperties">
         <property name="callbackHandlerClass"
             value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler" />
         <property name="issuer" value="Fediz STS" />
         <property name="realmParser" ref="customRealmParser" />
-        <property name="signaturePropertiesFile" value="stsTruststore.properties" />
+        <property name="signatureCryptoProperties" value="stsTruststore.properties" />
+        <property name="encryptionCryptoProperties" value="stsEncryption.properties"/>
         <property name="relationships" ref="relationships" />
     </bean>
 


Mime
View raw message