cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [3/3] cxf git commit: Adding an STS OSGi test
Date Thu, 13 Aug 2015 16:51:10 GMT
Adding an STS OSGi test

Conflicts:
	parent/pom.xml


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2144c1f7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2144c1f7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2144c1f7

Branch: refs/heads/3.0.x-fixes
Commit: 2144c1f7811f076c8112c524e487b1c0a35d07a7
Parents: b86ec03
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Aug 13 16:21:37 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Aug 13 17:51:00 2015 +0100

----------------------------------------------------------------------
 parent/pom.xml                                  |   6 +
 services/sts/systests/pom.xml                   |   3 +
 services/sts/systests/sts-features/pom.xml      |  82 +++++
 .../src/main/resources/features.xml             |  27 ++
 services/sts/systests/sts-itests/pom.xml        | 167 ++++++++++
 .../sts/itests/BasicSTSIntegrationTest.java     |  82 +++++
 .../sts/itests/unit/CommonCallbackHandler.java  |  56 ++++
 .../systest/sts/itests/unit/STSUnitTest.java    | 132 ++++++++
 .../test/resources/clientKeystore.properties    |  24 ++
 .../src/test/resources/clientstore.jks          | Bin 0 -> 4436 bytes
 .../resources/etc/org.ops4j.pax.logging.cfg     |  25 ++
 services/sts/systests/sts-osgi/pom.xml          |  40 +++
 .../systest/sts/osgi/CommonCallbackHandler.java |  56 ++++
 .../resources/OSGI-INF/blueprint/blueprint.xml  |  60 ++++
 .../sts-osgi/src/main/resources/STSService.wsdl | 318 +++++++++++++++++++
 .../src/main/resources/stsKeystore.properties   |  23 ++
 .../sts-osgi/src/main/resources/stsstore.jks    | Bin 0 -> 3978 bytes
 services/xkms/xkms-itests/pom.xml               |  28 +-
 18 files changed, 1119 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/parent/pom.xml
----------------------------------------------------------------------
diff --git a/parent/pom.xml b/parent/pom.xml
index f101fb9..a47bb73 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -137,10 +137,16 @@
         <cxf.netty.version.range>[4,5)</cxf.netty.version.range>
         <cxf.oauth.bundle.version>20100527_1</cxf.oauth.bundle.version>
         <cxf.oauth.version>20100527</cxf.oauth.version>
+<<<<<<< HEAD
         <cxf.opensaml.version>2.6.1</cxf.opensaml.version>
         <cxf.opensaml.osgi.version>2.6.1_1</cxf.opensaml.osgi.version>
         <cxf.opensaml.xmltooling.version>1.4.0_1</cxf.opensaml.xmltooling.version>
         <cxf.opensamlws.version>1.5.0_1</cxf.opensamlws.version>
+=======
+        <cxf.opensaml.version>3.1.1_3-SNAPSHOT</cxf.opensaml.version>
+        <cxf.opensaml.osgi.version>3.1.0_1</cxf.opensaml.osgi.version>
+        <cxf.opensaml.osgi.version.range>[3.1,4)</cxf.opensaml.osgi.version.range>
+>>>>>>> cf87907... Adding an STS OSGi test
         <cxf.rhino.version>1.7R2</cxf.rhino.version>
         <cxf.saaj-api.version>1.3.5</cxf.saaj-api.version>
         <cxf.servlet-api.group>org.apache.geronimo.specs</cxf.servlet-api.group>

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/pom.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/pom.xml b/services/sts/systests/pom.xml
index 0c9fc9d..a24a731 100644
--- a/services/sts/systests/pom.xml
+++ b/services/sts/systests/pom.xml
@@ -32,5 +32,8 @@
     <modules>
         <module>basic</module>
         <module>advanced</module>
+        <module>sts-osgi</module>
+        <module>sts-features</module>
+        <module>sts-itests</module>
     </modules>
 </project>

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-features/pom.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-features/pom.xml b/services/sts/systests/sts-features/pom.xml
new file mode 100644
index 0000000..4e729fd
--- /dev/null
+++ b/services/sts/systests/sts-features/pom.xml
@@ -0,0 +1,82 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>org.apache.cxf.services.sts.systests</groupId>
+    <artifactId>cxf-services-sts-systests-features</artifactId>
+
+    <packaging>pom</packaging>
+    <name>Apache CXF STS test Karaf Features</name>
+    <url>http://cxf.apache.org</url>
+    <parent>
+        <groupId>org.apache.cxf</groupId>
+        <artifactId>cxf-parent</artifactId>
+        <version>3.1.3-SNAPSHOT</version>
+        <relativePath>../../../../parent/pom.xml</relativePath>
+    </parent>
+    <build>
+        <resources>
+            <resource>
+                <directory>${project.basedir}/src/main/resources</directory>
+                <filtering>true</filtering>
+                <includes>
+                    <include>**/features.xml</include>
+                    <include>**/*.properties</include>
+                </includes>
+            </resource>
+        </resources>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-resources-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>filter</id>
+                        <phase>generate-resources</phase>
+                        <goals>
+                            <goal>resources</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>build-helper-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>attach-artifacts</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>attach-artifact</goal>
+                        </goals>
+                        <configuration>
+                            <artifacts>
+                                <artifact>
+                                    <file>target/classes/features.xml</file>
+                                    <type>xml</type>
+                                </artifact>
+                            </artifacts>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+</project>

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-features/src/main/resources/features.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-features/src/main/resources/features.xml b/services/sts/systests/sts-features/src/main/resources/features.xml
new file mode 100644
index 0000000..9edf968
--- /dev/null
+++ b/services/sts/systests/sts-features/src/main/resources/features.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<features xmlns="http://karaf.apache.org/xmlns/features/v1.0.0" name="cxf-sts-osgi">
+    <repository>mvn:org.apache.cxf.karaf/apache-cxf/${project.version}/xml/features</repository>
+    <feature name="cxf-sts-service" version="${project.version}">
+        <feature>cxf</feature>
+        <feature>cxf-sts</feature>
+        <bundle>mvn:${project.groupId}/cxf-services-sts-systests-osgi/${project.version}</bundle>
+    </feature>
+</features>

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-itests/pom.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-itests/pom.xml b/services/sts/systests/sts-itests/pom.xml
new file mode 100644
index 0000000..9dd60cd
--- /dev/null
+++ b/services/sts/systests/sts-itests/pom.xml
@@ -0,0 +1,167 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>org.apache.cxf.services.sts.systests</groupId>
+    <artifactId>cxf-services-sts-systests-itests</artifactId>
+    <name>Apache CXF STS Integration Tests</name>
+    <url>http://cxf.apache.org</url>
+    <parent>
+        <groupId>org.apache.cxf</groupId>
+        <artifactId>cxf-parent</artifactId>
+        <version>3.1.3-SNAPSHOT</version>
+        <relativePath>../../../../parent/pom.xml</relativePath>
+    </parent>
+    <dependencies>
+        <dependency>
+            <groupId>org.osgi</groupId>
+            <artifactId>org.osgi.core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf.services.sts</groupId>
+            <artifactId>cxf-services-sts-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf.services.sts.systests</groupId>
+            <artifactId>cxf-services-sts-systests-features</artifactId>
+            <version>${project.version}</version>
+            <type>xml</type>
+        </dependency>
+        
+        <!-- to force the karaf cxf feature to be available before testing -->
+        <dependency>
+            <groupId>org.apache.cxf.karaf</groupId>
+            <artifactId>apache-cxf</artifactId>
+            <version>${project.version}</version>
+            <type>pom</type>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf.karaf</groupId>
+            <artifactId>cxf-karaf-commands</artifactId>
+            <version>${project.version}</version>
+            <type>pom</type>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.ops4j.pax.exam</groupId>
+            <artifactId>pax-exam-junit4</artifactId>
+            <version>${cxf.pax.exam.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.ops4j.pax.exam</groupId>
+            <artifactId>pax-exam</artifactId>
+            <version>${cxf.pax.exam.version}</version>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.ops4j.pax.exam</groupId>
+            <artifactId>pax-exam-container-karaf</artifactId>
+            <version>${cxf.pax.exam.version}</version>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.ops4j.pax.exam</groupId>
+            <artifactId>pax-exam-link-mvn</artifactId>
+            <version>${cxf.pax.exam.version}</version>
+            <scope>test</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-jdk14</artifactId>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <!-- generate dependency versions -->
+            <plugin>
+                <groupId>org.apache.servicemix.tooling</groupId>
+                <artifactId>depends-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <phase>generate-resources</phase>
+                        <id>generate-depends-file</id>
+                        <goals>
+                            <goal>generate-depends-file</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <systemPropertyVariables>
+                        <org.ops4j.pax.logging.DefaultServiceLog.level>WARN</org.ops4j.pax.logging.DefaultServiceLog.level>
+                        <karaf.version>${cxf.karaf.version}</karaf.version>
+                        <localRepository>${maven.repo.local}</localRepository>
+                    </systemPropertyVariables>
+                </configuration>
+            </plugin>
+        </plugins>
+        <pluginManagement>
+            <plugins>
+                <!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
+                <plugin>
+                    <groupId>org.eclipse.m2e</groupId>
+                    <artifactId>lifecycle-mapping</artifactId>
+                    <version>1.0.0</version>
+                    <configuration>
+                        <lifecycleMappingMetadata>
+                            <pluginExecutions>
+                                <pluginExecution>
+                                    <pluginExecutionFilter>
+                                        <groupId>
+                                            org.apache.servicemix.tooling
+                                        </groupId>
+                                        <artifactId>
+                                            depends-maven-plugin
+                                        </artifactId>
+                                        <versionRange>
+                                            [1.2,)
+                                        </versionRange>
+                                        <goals>
+                                            <goal>
+                                                generate-depends-file
+                                            </goal>
+                                        </goals>
+                                    </pluginExecutionFilter>
+                                    <action>
+                                        <ignore></ignore>
+                                    </action>
+                                </pluginExecution>
+                            </pluginExecutions>
+                        </lifecycleMappingMetadata>
+                    </configuration>
+                </plugin>
+            </plugins>
+        </pluginManagement>
+    </build>
+</project>

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/BasicSTSIntegrationTest.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/BasicSTSIntegrationTest.java b/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/BasicSTSIntegrationTest.java
new file mode 100644
index 0000000..f9f0768
--- /dev/null
+++ b/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/BasicSTSIntegrationTest.java
@@ -0,0 +1,82 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.sts.itests;
+
+import java.io.File;
+
+import org.ops4j.pax.exam.Configuration;
+import org.ops4j.pax.exam.Option;
+import org.ops4j.pax.exam.options.MavenArtifactUrlReference;
+import org.ops4j.pax.exam.spi.reactors.ExamReactorStrategy;
+import org.ops4j.pax.exam.spi.reactors.PerClass;
+
+import static org.ops4j.pax.exam.CoreOptions.maven;
+import static org.ops4j.pax.exam.CoreOptions.systemProperty;
+import static org.ops4j.pax.exam.CoreOptions.when;
+import static org.ops4j.pax.exam.karaf.options.KarafDistributionOption.configureConsole;
+import static org.ops4j.pax.exam.karaf.options.KarafDistributionOption.editConfigurationFilePut;
+import static org.ops4j.pax.exam.karaf.options.KarafDistributionOption.features;
+import static org.ops4j.pax.exam.karaf.options.KarafDistributionOption.karafDistributionConfiguration;
+import static org.ops4j.pax.exam.karaf.options.KarafDistributionOption.replaceConfigurationFile;
+
+@ExamReactorStrategy(PerClass.class)
+public class BasicSTSIntegrationTest {
+
+    protected static final String HTTP_PORT = "9191";
+    protected static final String STS_ENDPOINT = "http://localhost:" + HTTP_PORT + "/cxf/X509";
+
+    @Configuration
+    public Option[] getConfig() {
+        String karafVersion = System.getProperty("karaf.version", "3.0.4");
+        String localRepository = System.getProperty("localRepository");
+        
+        MavenArtifactUrlReference karafUrl = maven() //
+                        .groupId("org.apache.karaf") //
+                        .artifactId("apache-karaf") //
+                        .version(karafVersion)
+                        .type("tar.gz");
+        MavenArtifactUrlReference stsFeatures = maven() //
+            .groupId("org.apache.cxf.services.sts.systests") //
+            .artifactId("cxf-services-sts-systests-features") //
+            .versionAsInProject() //
+            .type("xml");
+
+        return new Option[] {
+            karafDistributionConfiguration().frameworkUrl(karafUrl).karafVersion(karafVersion)
+                .unpackDirectory(new File("target/paxexam/unpack/")).useDeployFolder(false),
+            systemProperty("java.awt.headless").value("true"),
+
+            copy("clientKeystore.properties"),
+            copy("clientstore.jks"),
+            copy("etc/org.ops4j.pax.logging.cfg"),
+            editConfigurationFilePut("etc/org.ops4j.pax.web.cfg", "org.osgi.service.http.port", HTTP_PORT),
+            when(localRepository != null)
+                .useOptions(editConfigurationFilePut("etc/org.ops4j.pax.url.mvn.cfg",
+                            "org.ops4j.pax.url.mvn.localRepository",
+                            localRepository)),
+            features(stsFeatures, "cxf-sts-service"),
+            configureConsole().ignoreLocalConsole(),
+        };
+    }
+
+    protected Option copy(String path) {
+        return replaceConfigurationFile(path, new File("src/test/resources/" + path));
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/unit/CommonCallbackHandler.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/unit/CommonCallbackHandler.java b/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/unit/CommonCallbackHandler.java
new file mode 100644
index 0000000..1ba65db
--- /dev/null
+++ b/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/unit/CommonCallbackHandler.java
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.sts.itests.unit;
+
+import java.io.IOException;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import org.apache.wss4j.common.ext.WSPasswordCallback;
+
+public class CommonCallbackHandler implements CallbackHandler {
+
+    public void handle(Callback[] callbacks) throws IOException,
+            UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof WSPasswordCallback) { // CXF
+                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+                if ("myclientkey".equals(pc.getIdentifier())) {
+                    pc.setPassword("ckpass");
+                    break;
+                } else if ("myservicekey".equals(pc.getIdentifier())) {
+                    pc.setPassword("skpass");
+                    break;
+                } else if ("alice".equals(pc.getIdentifier())) {
+                    pc.setPassword("clarinet");
+                    break;
+                } else if ("bob".equals(pc.getIdentifier())) {
+                    pc.setPassword("trombone");
+                    break;
+                } else if ("eve".equals(pc.getIdentifier())) {
+                    pc.setPassword("evekpass");
+                    break;
+                } else if ("mystskey".equals(pc.getIdentifier())) {
+                    pc.setPassword("stskpass");
+                    break;
+                }
+            }
+        }
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/unit/STSUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/unit/STSUnitTest.java b/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/unit/STSUnitTest.java
new file mode 100644
index 0000000..8401080
--- /dev/null
+++ b/services/sts/systests/sts-itests/src/test/java/org/apache/cxf/systest/sts/itests/unit/STSUnitTest.java
@@ -0,0 +1,132 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.sts.itests.unit;
+
+import java.net.URISyntaxException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.systest.sts.itests.BasicSTSIntegrationTest;
+import org.apache.cxf.ws.security.SecurityConstants;
+import org.apache.cxf.ws.security.tokenstore.SecurityToken;
+import org.apache.cxf.ws.security.trust.STSClient;
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.saml.SamlAssertionWrapper;
+import org.apache.wss4j.dom.WSDocInfo;
+import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.dom.handler.RequestData;
+import org.apache.wss4j.dom.processor.Processor;
+import org.apache.wss4j.dom.processor.SAMLTokenProcessor;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.ops4j.pax.exam.junit.PaxExam;
+
+/**
+ * Some tests to retrieve a SAML token directly from the STS.
+ */
+@RunWith(PaxExam.class)
+public class STSUnitTest extends BasicSTSIntegrationTest {
+    
+    private static final String SAML2_TOKEN_TYPE = 
+        "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
+    private static final String BEARER_KEYTYPE = 
+        "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer";
+    
+    @Test
+    public void testBearerSAML2Token() throws URISyntaxException, Exception {
+        Bus bus = BusFactory.getDefaultBus();
+
+        // Get a token
+        SecurityToken token = 
+            requestSecurityToken(SAML2_TOKEN_TYPE, BEARER_KEYTYPE, bus, STS_ENDPOINT);
+        Assert.assertTrue(SAML2_TOKEN_TYPE.equals(token.getTokenType()));
+        Assert.assertTrue(token.getToken() != null);
+        
+        // Process the token
+        List<WSSecurityEngineResult> results = processToken(token);
+
+        Assert.assertTrue(results != null && results.size() == 1);
+        SamlAssertionWrapper assertion = 
+            (SamlAssertionWrapper)results.get(0).get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+        Assert.assertTrue(assertion != null);
+        Assert.assertTrue(assertion.getSaml1() == null && assertion.getSaml2() != null);
+        Assert.assertTrue(assertion.isSigned());
+        
+        List<String> methods = assertion.getConfirmationMethods();
+        String confirmMethod = null;
+        if (methods != null && methods.size() > 0) {
+            confirmMethod = methods.get(0);
+        }
+        Assert.assertTrue(confirmMethod.contains("bearer"));
+        
+        bus.shutdown(true);
+    }
+    
+    private SecurityToken requestSecurityToken(
+       String tokenType, 
+       String keyType, 
+       Bus bus,
+       String endpointAddress
+    ) throws Exception {
+        STSClient stsClient = new STSClient(bus);
+
+        stsClient.setWsdlLocation(endpointAddress + "?wsdl");
+        stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService");
+        stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}X509_Port");
+        stsClient.setEnableAppliesTo(false);
+
+        Map<String, Object> properties = new HashMap<String, Object>();
+        properties.put(SecurityConstants.USERNAME, "alice");
+        properties.put(
+            SecurityConstants.CALLBACK_HANDLER, new CommonCallbackHandler()
+        );
+        properties.put(SecurityConstants.SIGNATURE_USERNAME, "myclientkey");
+        properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "clientKeystore.properties");
+        properties.put(SecurityConstants.ENCRYPT_USERNAME, "mystskey");
+        properties.put(SecurityConstants.ENCRYPT_PROPERTIES, "clientKeystore.properties");
+
+        stsClient.setProperties(properties);
+        stsClient.setTokenType(tokenType);
+        stsClient.setKeyType(keyType);
+
+        return stsClient.requestSecurityToken(endpointAddress);
+    }
+
+    private List<WSSecurityEngineResult> processToken(SecurityToken token) throws Exception {
+        RequestData requestData = new RequestData();
+        CallbackHandler callbackHandler = new CommonCallbackHandler();
+        requestData.setCallbackHandler(callbackHandler);
+        Crypto crypto = CryptoFactory.getInstance("clientKeystore.properties", 
+                                                  this.getClass().getClassLoader());
+        requestData.setSigVerCrypto(crypto);
+        
+        Processor processor = new SAMLTokenProcessor();
+        return processor.handleToken(
+            token.getToken(), requestData, new WSDocInfo(token.getToken().getOwnerDocument())
+        );
+    }
+    
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-itests/src/test/resources/clientKeystore.properties
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-itests/src/test/resources/clientKeystore.properties b/services/sts/systests/sts-itests/src/test/resources/clientKeystore.properties
new file mode 100644
index 0000000..8ab391e
--- /dev/null
+++ b/services/sts/systests/sts-itests/src/test/resources/clientKeystore.properties
@@ -0,0 +1,24 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=cspass
+org.apache.ws.security.crypto.merlin.keystore.alias=myclientkey
+org.apache.ws.security.crypto.merlin.keystore.file=clientstore.jks
+

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-itests/src/test/resources/clientstore.jks
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-itests/src/test/resources/clientstore.jks b/services/sts/systests/sts-itests/src/test/resources/clientstore.jks
new file mode 100644
index 0000000..23168a9
Binary files /dev/null and b/services/sts/systests/sts-itests/src/test/resources/clientstore.jks differ

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-itests/src/test/resources/etc/org.ops4j.pax.logging.cfg
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-itests/src/test/resources/etc/org.ops4j.pax.logging.cfg b/services/sts/systests/sts-itests/src/test/resources/etc/org.ops4j.pax.logging.cfg
new file mode 100644
index 0000000..5355947
--- /dev/null
+++ b/services/sts/systests/sts-itests/src/test/resources/etc/org.ops4j.pax.logging.cfg
@@ -0,0 +1,25 @@
+# Root logger
+log4j.rootLogger=WARN, stdout, file
+log4j.throwableRenderer=org.apache.log4j.OsgiThrowableRenderer
+
+log4j.logger.org.apache.cxf.xkms=INFO
+log4j.logger.org.apache.cxf.xkms.x509.validator=WARN
+
+# Reduce noisy output
+log4j.logger.org.ops4j.pax.swissbox.bnd.BndUtils=ERROR
+
+# CONSOLE appender
+log4j.appender.stdout.threshold=INFO
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} | %-5.5p | %-50.50c | %m%n
+#log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} | %-5.5p | %-40.40c | %-3.3X{bundle.id} - %-20.20X{bundle.name} | %m%n
+
+
+# File appender
+log4j.appender.file.threshold=DEBUG
+log4j.appender.file=org.apache.log4j.FileAppender
+log4j.appender.file.layout=org.apache.log4j.PatternLayout
+log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} | %-5.5p | %-50.50c | %m%n
+log4j.appender.file.file=${karaf.data}/log/karaf.log
+log4j.appender.file.append=true

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-osgi/pom.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-osgi/pom.xml b/services/sts/systests/sts-osgi/pom.xml
new file mode 100644
index 0000000..1686c03
--- /dev/null
+++ b/services/sts/systests/sts-osgi/pom.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>org.apache.cxf.services.sts.systests</groupId>
+    <artifactId>cxf-services-sts-systests-osgi</artifactId>
+    <packaging>bundle</packaging>
+    <name>Apache CXF STS test OSGi deployment</name>
+    <url>http://cxf.apache.org</url>
+    <parent>
+        <groupId>org.apache.cxf</groupId>
+        <artifactId>cxf-parent</artifactId>
+        <version>3.1.3-SNAPSHOT</version>
+        <relativePath>../../../../parent/pom.xml</relativePath>
+    </parent>
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.cxf.services.sts</groupId>
+            <artifactId>cxf-services-sts-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
+</project>

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-osgi/src/main/java/org/apache/cxf/systest/sts/osgi/CommonCallbackHandler.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-osgi/src/main/java/org/apache/cxf/systest/sts/osgi/CommonCallbackHandler.java b/services/sts/systests/sts-osgi/src/main/java/org/apache/cxf/systest/sts/osgi/CommonCallbackHandler.java
new file mode 100644
index 0000000..306c520
--- /dev/null
+++ b/services/sts/systests/sts-osgi/src/main/java/org/apache/cxf/systest/sts/osgi/CommonCallbackHandler.java
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.sts.osgi;
+
+import java.io.IOException;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import org.apache.wss4j.common.ext.WSPasswordCallback;
+
+public class CommonCallbackHandler implements CallbackHandler {
+
+    public void handle(Callback[] callbacks) throws IOException,
+            UnsupportedCallbackException {
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof WSPasswordCallback) { // CXF
+                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+                if ("myclientkey".equals(pc.getIdentifier())) {
+                    pc.setPassword("ckpass");
+                    break;
+                } else if ("myservicekey".equals(pc.getIdentifier())) {
+                    pc.setPassword("skpass");
+                    break;
+                } else if ("alice".equals(pc.getIdentifier())) {
+                    pc.setPassword("clarinet");
+                    break;
+                } else if ("bob".equals(pc.getIdentifier())) {
+                    pc.setPassword("trombone");
+                    break;
+                } else if ("eve".equals(pc.getIdentifier())) {
+                    pc.setPassword("evekpass");
+                    break;
+                } else if ("mystskey".equals(pc.getIdentifier())) {
+                    pc.setPassword("stskpass");
+                    break;
+                }
+            }
+        }
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-osgi/src/main/resources/OSGI-INF/blueprint/blueprint.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-osgi/src/main/resources/OSGI-INF/blueprint/blueprint.xml b/services/sts/systests/sts-osgi/src/main/resources/OSGI-INF/blueprint/blueprint.xml
new file mode 100644
index 0000000..62fbced
--- /dev/null
+++ b/services/sts/systests/sts-osgi/src/main/resources/OSGI-INF/blueprint/blueprint.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ 
+ http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cxf="http://cxf.apache.org/blueprint/core" xmlns:jaxws="http://cxf.apache.org/blueprint/jaxws" xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.1.0" xmlns:ext="http://www.osgi.org/xmlns/blueprint-ext/v1.1.0" xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd                         http://www.osgi.org/xmlns/blueprint-ext/v1.1.0 https://svn.apache.org/repos/asf/aries/tags/blueprint-0.3.1/blueprint-core/src/main/resources/org/apache/aries/blueprint/ext/blueprint-ext.xsd                           http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0 http://aries.apache.org/schemas/blueprint-cm/blueprint-cm-1.0.0.xsd                         http://cxf.apache.org/blueprint/jaxws http://cxf.apache.org/schemas/blueprint/jaxws.xsd                         http://cxf.apache.org/blue
 print/core http://cxf.apache.org/schemas/blueprint/core.xsd ">
+
+    <bean id="x509STSProviderBean"
+        class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
+        <property name="issueOperation" ref="x509IssueDelegate" />
+    </bean>
+
+    <bean id="x509IssueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
+        <property name="tokenProviders">
+            <list>
+                <ref component-id="x509SAMLTokenProvider"/>
+            </list>
+        </property>
+        <property name="stsProperties" ref="x509STSProperties" />
+        <property name="returnReferences" value="false" />
+    </bean>
+
+    <bean id="x509SAMLTokenProvider"
+        class="org.apache.cxf.sts.token.provider.SAMLTokenProvider">
+    </bean>
+    
+    <bean id="x509STSProperties" class="org.apache.cxf.sts.StaticSTSProperties">
+        <property name="signaturePropertiesFile" value="stsKeystore.properties" />
+        <property name="signatureUsername" value="mystskey" />
+        <property name="callbackHandlerClass" value="org.apache.cxf.systest.sts.osgi.CommonCallbackHandler" />
+        <property name="issuer" value="STSIssuer" />
+    </bean>
+
+    <jaxws:endpoint id="X509STS" implementor="#x509STSProviderBean"
+        address="/X509" wsdlLocation="STSService.wsdl"
+        xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+        serviceName="ns1:SecurityTokenService" endpointName="ns1:X509_Port">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler"
+                value="org.apache.cxf.systest.sts.osgi.CommonCallbackHandler" />
+            <entry key="ws-security.signature.properties" value="stsKeystore.properties" />
+            <entry key="ws-security.signature.username" value="mystskey" />
+            <entry key="ws-security.encryption.username" value="useReqSigCert" />
+        </jaxws:properties>
+    </jaxws:endpoint>
+</blueprint>

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-osgi/src/main/resources/STSService.wsdl
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-osgi/src/main/resources/STSService.wsdl b/services/sts/systests/sts-osgi/src/main/resources/STSService.wsdl
new file mode 100644
index 0000000..f0a6e03
--- /dev/null
+++ b/services/sts/systests/sts-osgi/src/main/resources/STSService.wsdl
@@ -0,0 +1,318 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsdl:definitions targetNamespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+    xmlns:tns="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+    xmlns:wstrust="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+    xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
+    xmlns:wsap10="http://www.w3.org/2006/05/addressing/wsdl"
+    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
+    xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
+    xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
+    >
+
+    <wsdl:types>
+        <xs:schema elementFormDefault="qualified"
+            targetNamespace='http://docs.oasis-open.org/ws-sx/ws-trust/200512'>
+
+            <xs:element name='RequestSecurityToken'
+                type='wst:AbstractRequestSecurityTokenType' />
+            <xs:element name='RequestSecurityTokenResponse'
+                type='wst:AbstractRequestSecurityTokenType' />
+
+            <xs:complexType name='AbstractRequestSecurityTokenType'>
+                <xs:sequence>
+                    <xs:any namespace='##any' processContents='lax'
+                        minOccurs='0' maxOccurs='unbounded' />
+                </xs:sequence>
+                <xs:attribute name='Context' type='xs:anyURI'
+                    use='optional' />
+                <xs:anyAttribute namespace='##other'
+                    processContents='lax' />
+            </xs:complexType>
+            <xs:element name='RequestSecurityTokenCollection'
+                type='wst:RequestSecurityTokenCollectionType' />
+            <xs:complexType name='RequestSecurityTokenCollectionType'>
+                <xs:sequence>
+                    <xs:element name='RequestSecurityToken'
+                        type='wst:AbstractRequestSecurityTokenType'
+                        minOccurs='2' maxOccurs='unbounded' />
+                </xs:sequence>
+            </xs:complexType>
+
+            <xs:element name='RequestSecurityTokenResponseCollection'
+                type='wst:RequestSecurityTokenResponseCollectionType' />
+            <xs:complexType name='RequestSecurityTokenResponseCollectionType'>
+                <xs:sequence>
+                    <xs:element ref='wst:RequestSecurityTokenResponse'
+                        minOccurs='1' maxOccurs='unbounded' />
+                </xs:sequence>
+                <xs:anyAttribute namespace='##other'
+                    processContents='lax' />
+            </xs:complexType>
+
+        </xs:schema>
+    </wsdl:types>
+
+    <!-- WS-Trust defines the following GEDs -->
+    <wsdl:message name="RequestSecurityTokenMsg">
+        <wsdl:part name="request" element="wst:RequestSecurityToken" />
+    </wsdl:message>
+    <wsdl:message name="RequestSecurityTokenResponseMsg">
+        <wsdl:part name="response" element="wst:RequestSecurityTokenResponse" />
+    </wsdl:message>
+    <wsdl:message name="RequestSecurityTokenCollectionMsg">
+        <wsdl:part name="requestCollection" element="wst:RequestSecurityTokenCollection" />
+    </wsdl:message>
+    <wsdl:message name="RequestSecurityTokenResponseCollectionMsg">
+        <wsdl:part name="responseCollection"
+            element="wst:RequestSecurityTokenResponseCollection" />
+    </wsdl:message>
+
+    <!-- This portType is an example of an STS supporting full protocol -->
+    <wsdl:portType name="STS">
+        <wsdl:operation name="Cancel">
+            <wsdl:input
+                wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel"
+                message="tns:RequestSecurityTokenMsg" />
+            <wsdl:output
+                wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/CancelFinal"
+                message="tns:RequestSecurityTokenResponseMsg" />
+        </wsdl:operation>
+        <wsdl:operation name="Issue">
+            <wsdl:input
+                wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue"
+                message="tns:RequestSecurityTokenMsg" />
+            <wsdl:output
+                wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal"
+                message="tns:RequestSecurityTokenResponseCollectionMsg" />
+        </wsdl:operation>
+        <wsdl:operation name="Renew">
+            <wsdl:input
+                wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew"
+                message="tns:RequestSecurityTokenMsg" />
+            <wsdl:output
+                wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/RenewFinal"
+                message="tns:RequestSecurityTokenResponseMsg" />
+        </wsdl:operation>
+        <wsdl:operation name="Validate">
+            <wsdl:input
+                wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate"
+                message="tns:RequestSecurityTokenMsg" />
+            <wsdl:output
+                wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/ValidateFinal"
+                message="tns:RequestSecurityTokenResponseMsg" />
+        </wsdl:operation>
+        <wsdl:operation name="KeyExchangeToken">
+            <wsdl:input
+                wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KET"
+                message="tns:RequestSecurityTokenMsg" />
+            <wsdl:output
+                wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/KETFinal"
+                message="tns:RequestSecurityTokenResponseMsg" />
+        </wsdl:operation>
+        <wsdl:operation name="RequestCollection">
+            <wsdl:input message="tns:RequestSecurityTokenCollectionMsg" />
+            <wsdl:output message="tns:RequestSecurityTokenResponseCollectionMsg" />
+        </wsdl:operation>
+    </wsdl:portType>
+
+
+    <wsdl:binding name="X509_Binding" type="wstrust:STS">
+        <wsp:PolicyReference URI="#X509_policy" />
+        <soap:binding style="document"
+            transport="http://schemas.xmlsoap.org/soap/http" />
+        <wsdl:operation name="Issue">
+            <soap:operation
+                soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" />
+            <wsdl:input>
+                <wsp:PolicyReference URI="#Input_policy" />
+                <soap:body use="literal" />
+            </wsdl:input>
+            <wsdl:output>
+                <wsp:PolicyReference URI="#Output_policy" />
+                <soap:body use="literal" />
+            </wsdl:output>
+        </wsdl:operation>
+        <wsdl:operation name="Validate">
+            <soap:operation
+                soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate" />
+            <wsdl:input>
+                <wsp:PolicyReference URI="#Input_policy" />
+                <soap:body use="literal" />
+            </wsdl:input>
+            <wsdl:output>
+                <wsp:PolicyReference URI="#Output_policy" />
+                <soap:body use="literal" />
+            </wsdl:output>
+        </wsdl:operation>
+        <wsdl:operation name="Cancel">
+            <soap:operation
+                soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel" />
+            <wsdl:input>
+                <soap:body use="literal" />
+            </wsdl:input>
+            <wsdl:output>
+                <soap:body use="literal" />
+            </wsdl:output>
+        </wsdl:operation>
+        <wsdl:operation name="Renew">
+            <soap:operation
+                soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew" />
+            <wsdl:input>
+                <soap:body use="literal" />
+            </wsdl:input>
+            <wsdl:output>
+                <soap:body use="literal" />
+            </wsdl:output>
+        </wsdl:operation>
+        <wsdl:operation name="KeyExchangeToken">
+            <soap:operation
+                soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken" />
+            <wsdl:input>
+                <soap:body use="literal" />
+            </wsdl:input>
+            <wsdl:output>
+                <soap:body use="literal" />
+            </wsdl:output>
+        </wsdl:operation>
+        <wsdl:operation name="RequestCollection">
+            <soap:operation
+                soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection" />
+            <wsdl:input>
+                <soap:body use="literal" />
+            </wsdl:input>
+            <wsdl:output>
+                <soap:body use="literal" />
+            </wsdl:output>
+        </wsdl:operation>
+    </wsdl:binding>
+
+    <wsp:Policy wsu:Id="X509_policy">
+        <wsp:ExactlyOne>
+            <wsp:All>
+                <wsap10:UsingAddressing />
+                <sp:AsymmetricBinding
+                    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+                    <wsp:Policy>
+                        <sp:InitiatorToken>
+                            <wsp:Policy>
+                                <sp:X509Token
+                                    sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
+                                    <wsp:Policy>
+                                        <sp:WssX509V3Token10 />
+                                    </wsp:Policy>
+                                </sp:X509Token>
+                            </wsp:Policy>
+                        </sp:InitiatorToken>
+                        <sp:RecipientToken>
+                            <wsp:Policy>
+                                <sp:X509Token
+                                    sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
+                                    <wsp:Policy>
+                                        <sp:WssX509V3Token10 />
+                                        <sp:RequireIssuerSerialReference />
+                                    </wsp:Policy>
+                                </sp:X509Token>
+                            </wsp:Policy>
+                        </sp:RecipientToken>
+                        <sp:AlgorithmSuite>
+                            <wsp:Policy>
+                                <sp:Basic256 />
+                            </wsp:Policy>
+                        </sp:AlgorithmSuite>
+                        <sp:Layout>
+                            <wsp:Policy>
+                                <sp:Lax />
+                            </wsp:Policy>
+                        </sp:Layout>
+                        <sp:IncludeTimestamp />
+                        <sp:EncryptSignature />
+                        <sp:OnlySignEntireHeadersAndBody />
+                    </wsp:Policy>
+                </sp:AsymmetricBinding>
+                <sp:Wss11
+                    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+                    <wsp:Policy>
+                        <sp:MustSupportRefKeyIdentifier />
+                        <sp:MustSupportRefIssuerSerial />
+                        <sp:MustSupportRefThumbprint />
+                        <sp:MustSupportRefEncryptedKey />
+                    </wsp:Policy>
+                </sp:Wss11>
+                <sp:Trust13
+                    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+                    <wsp:Policy>
+                        <sp:MustSupportIssuedTokens />
+                        <sp:RequireClientEntropy />
+                        <sp:RequireServerEntropy />
+                    </wsp:Policy>
+                </sp:Trust13>
+            </wsp:All>
+        </wsp:ExactlyOne>
+    </wsp:Policy>
+
+
+    <wsp:Policy wsu:Id="Input_policy">
+        <wsp:ExactlyOne>
+            <wsp:All>
+                <sp:SignedParts
+                    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+                    <sp:Body />
+                    <sp:Header Name="To"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="From"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="FaultTo"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="ReplyTo"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="MessageID"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="RelatesTo"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="Action"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                </sp:SignedParts>
+                <sp:EncryptedParts
+                    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+                    <sp:Body />
+                </sp:EncryptedParts>
+            </wsp:All>
+        </wsp:ExactlyOne>
+    </wsp:Policy>
+
+    <wsp:Policy wsu:Id="Output_policy">
+        <wsp:ExactlyOne>
+            <wsp:All>
+                <sp:SignedParts
+                    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+                    <sp:Body />
+                    <sp:Header Name="To"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="From"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="FaultTo"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="ReplyTo"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="MessageID"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="RelatesTo"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                    <sp:Header Name="Action"
+                        Namespace="http://www.w3.org/2005/08/addressing" />
+                </sp:SignedParts>
+                <sp:EncryptedParts
+                    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+                    <sp:Body />
+                </sp:EncryptedParts>
+            </wsp:All>
+        </wsp:ExactlyOne>
+    </wsp:Policy>
+
+    <wsdl:service name="SecurityTokenService">
+        <wsdl:port name="X509_Port" binding="tns:X509_Binding">
+            <soap:address location="dummy_address_actual_value_populated_when_sts_deployed" />
+        </wsdl:port>
+    </wsdl:service>
+
+</wsdl:definitions>

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-osgi/src/main/resources/stsKeystore.properties
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-osgi/src/main/resources/stsKeystore.properties b/services/sts/systests/sts-osgi/src/main/resources/stsKeystore.properties
new file mode 100644
index 0000000..2f132ea
--- /dev/null
+++ b/services/sts/systests/sts-osgi/src/main/resources/stsKeystore.properties
@@ -0,0 +1,23 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=stsspass
+org.apache.ws.security.crypto.merlin.keystore.file=stsstore.jks
+

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/sts/systests/sts-osgi/src/main/resources/stsstore.jks
----------------------------------------------------------------------
diff --git a/services/sts/systests/sts-osgi/src/main/resources/stsstore.jks b/services/sts/systests/sts-osgi/src/main/resources/stsstore.jks
new file mode 100644
index 0000000..e805906
Binary files /dev/null and b/services/sts/systests/sts-osgi/src/main/resources/stsstore.jks differ

http://git-wip-us.apache.org/repos/asf/cxf/blob/2144c1f7/services/xkms/xkms-itests/pom.xml
----------------------------------------------------------------------
diff --git a/services/xkms/xkms-itests/pom.xml b/services/xkms/xkms-itests/pom.xml
index 07d2b35..cc6bd99 100644
--- a/services/xkms/xkms-itests/pom.xml
+++ b/services/xkms/xkms-itests/pom.xml
@@ -1,14 +1,22 @@
 <?xml version="1.0"?>
-<!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor 
-    license agreements. See the NOTICE file distributed with this work for additional 
-    information regarding copyright ownership. The ASF licenses this file to 
-    you under the Apache License, Version 2.0 (the "License"); you may not use 
-    this file except in compliance with the License. You may obtain a copy of 
-    the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required 
-    by applicable law or agreed to in writing, software distributed under the 
-    License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS 
-    OF ANY KIND, either express or implied. See the License for the specific 
-    language governing permissions and limitations under the License. -->
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <groupId>org.apache.cxf.services.xkms</groupId>


Mime
View raw message