cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [3/3] cxf git commit: Fixing merge
Date Thu, 24 Sep 2015 14:03:35 GMT
Fixing merge


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6ecda528
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6ecda528
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6ecda528

Branch: refs/heads/3.0.x-fixes
Commit: 6ecda528558e1ea408f79657e0ffe0e30f86ad59
Parents: 9a40532
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Sep 24 15:03:18 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Sep 24 15:03:18 2015 +0100

----------------------------------------------------------------------
 .../IssuedTokenInterceptorProvider.java         |   5 +-
 .../ws/security/trust/STSTokenRetriever.java    | 479 -------------------
 .../apache/cxf/systest/sts/renew/cxf-client.xml |  16 +-
 .../cxf/systest/sts/renew/cxf-service.xml       |   4 +-
 4 files changed, 14 insertions(+), 490 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/6ecda528/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
index cfb1ab4..a27493a 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
@@ -524,7 +524,10 @@ public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorPro
                         handleDelegation(
                             message, onBehalfOfToken, actAsToken, appliesTo, enableAppliesTo
                         );
-                    if (secToken == null) {
+                    if (secToken != null) {
+                        // Check to see whether the delegated token needs to be renewed
+                        secToken = renewToken(message, aim, itok, secToken);
+                    } else {
                         secToken = getTokenFromSTS(message, client, aim, maps, itok, appliesTo);
                     }
                     storeDelegationTokens(

http://git-wip-us.apache.org/repos/asf/cxf/blob/6ecda528/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenRetriever.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenRetriever.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenRetriever.java
deleted file mode 100644
index 3b57bda..0000000
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenRetriever.java
+++ /dev/null
@@ -1,479 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.ws.security.trust;
-
-import java.util.HashMap;
-import java.util.Map;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import org.w3c.dom.Element;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.interceptor.Fault;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.rt.security.utils.SecurityUtils;
-import org.apache.cxf.ws.addressing.AddressingProperties;
-import org.apache.cxf.ws.security.SecurityConstants;
-import org.apache.cxf.ws.security.tokenstore.SecurityToken;
-import org.apache.cxf.ws.security.tokenstore.TokenStore;
-import org.apache.cxf.ws.security.tokenstore.TokenStoreUtils;
-import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.saml.SamlAssertionWrapper;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.policy.model.Trust10;
-import org.apache.wss4j.policy.model.Trust13;
-
-/**
- * A Helper utility class to cache STS token and issue or renew the token from STS.
- */
-public final class STSTokenRetriever {
-    private static final Logger LOG = LogUtils.getL7dLogger(STSTokenRetriever.class);
-    private static final String ASSOCIATED_TOKEN =
-        STSTokenRetriever.class.getName() + "-" + "Associated_Token";
-    
-    private STSTokenRetriever() {
-    }
-
-    public static SecurityToken getToken(Message message, TokenRequestParams params) {
-        SecurityToken tok = retrieveCachedToken(message);
-        if (tok == null) {
-            tok = issueToken(message, params);
-        } else {
-            tok = renewToken(message, tok, params);
-        }
-
-        boolean cacheIssuedToken =
-            SecurityUtils.getSecurityPropertyBoolean(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT,
-                                              message,
-                                              true)
-                && !isOneTimeUse(tok);
-        if (cacheIssuedToken) {
-            message.getExchange().getEndpoint().put(SecurityConstants.TOKEN, tok);
-            message.getExchange().put(SecurityConstants.TOKEN, tok);
-            message.put(SecurityConstants.TOKEN_ELEMENT, tok.getToken());
-            message.getExchange().put(SecurityConstants.TOKEN_ID, tok.getId());
-            message.getExchange().getEndpoint().put(SecurityConstants.TOKEN_ID,
-                                                          tok.getId());
-        } else {
-            message.put(SecurityConstants.TOKEN, tok);
-            message.put(SecurityConstants.TOKEN_ID, tok.getId());
-            message.put(SecurityConstants.TOKEN_ELEMENT, tok.getToken());
-        }
-        // ?
-        TokenStoreUtils.getTokenStore(message).add(tok);
-
-        return tok;
-    }
-
-    private static SecurityToken retrieveCachedToken(Message message) {
-        boolean cacheIssuedToken =
-            SecurityUtils.getSecurityPropertyBoolean(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT,
-                                              message,
-                                              true);
-        SecurityToken tok = null;
-        if (cacheIssuedToken) {
-            tok = (SecurityToken)message.getContextualProperty(SecurityConstants.TOKEN);
-            if (tok == null) {
-                String tokId = (String)message.getContextualProperty(SecurityConstants.TOKEN_ID);
-                if (tokId != null) {
-                    tok = TokenStoreUtils.getTokenStore(message).getToken(tokId);
-                }
-            }
-        } else {
-            tok = (SecurityToken)message.get(SecurityConstants.TOKEN);
-            if (tok == null) {
-                String tokId = (String)message.get(SecurityConstants.TOKEN_ID);
-                if (tokId != null) {
-                    tok = TokenStoreUtils.getTokenStore(message).getToken(tokId);
-                }
-            }
-        }
-        return tok;
-    }
-
-    private static SecurityToken issueToken(Message message, TokenRequestParams params) {
-        AddressingProperties maps =
-            (AddressingProperties)message
-                .get("javax.xml.ws.addressing.context.outbound");
-        if (maps == null) {
-            maps = (AddressingProperties)message
-                .get("javax.xml.ws.addressing.context");
-        }
-        STSClient client = STSUtils.getClientWithIssuer(message, "sts", params.getIssuer());
-        synchronized (client) {
-            try {
-                // Transpose ActAs/OnBehalfOf info from original request to the STS client.
-                Object token =
-                    SecurityUtils.getSecurityPropertyValue(SecurityConstants.STS_TOKEN_ACT_AS,
message);
-                if (token != null) {
-                    client.setActAs(token);
-                }
-                token =
-                    SecurityUtils.getSecurityPropertyValue(SecurityConstants.STS_TOKEN_ON_BEHALF_OF,
message);
-                if (token != null) {
-                    client.setOnBehalfOf(token);
-                }
-                Map<String, Object> ctx = client.getRequestContext();
-                mapSecurityProps(message, ctx);
-
-                Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.STS_APPLIES_TO,
message);
-                String appliesTo = o == null ? null : o.toString();
-                appliesTo = appliesTo == null
-                    ? message.getContextualProperty(Message.ENDPOINT_ADDRESS).toString()
-                    : appliesTo;
-                boolean enableAppliesTo = client.isEnableAppliesTo();
-
-                client.setMessage(message);
-                Element onBehalfOfToken = client.getOnBehalfOfToken();
-                Element actAsToken = client.getActAsToken();
-
-                SecurityToken secToken =
-                    handleDelegation(
-                                     message, onBehalfOfToken, actAsToken, appliesTo,
-                                     enableAppliesTo
-                    );
-                if (secToken != null) {
-                    // Check to see whether the delegated token needs to be renewed
-                    secToken = renewToken(message, secToken, params);
-                } else {
-                    secToken = getTokenFromSTS(message, client, maps, appliesTo, params);
-                }
-                storeDelegationTokens(
-                                      message, secToken, onBehalfOfToken, actAsToken, appliesTo,
-                                      enableAppliesTo);
-                return secToken;
-            } catch (RuntimeException e) {
-                throw e;
-            } catch (Exception e) {
-                throw new Fault(e);
-            } finally {
-                client.setTrust((Trust10)null);
-                client.setTrust((Trust13)null);
-                client.setTemplate(null);
-                client.setAddressingNamespace(null);
-            }
-        }
-    }
-
-    private static SecurityToken renewToken(
-                                     Message message,
-                                     SecurityToken tok,
-                                     TokenRequestParams params) {
-        String imminentExpiryValue =
-            (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.STS_TOKEN_IMMINENT_EXPIRY_VALUE,

-                                                           message);
-        long imminentExpiry = 10L;
-        if (imminentExpiryValue != null) {
-            imminentExpiry = Long.parseLong(imminentExpiryValue);
-        }
-
-        // If the token has not expired then we don't need to renew it
-        if (!(tok.isExpired() || tok.isAboutToExpire(imminentExpiry))) {
-            return tok;
-        }
-
-        // Remove token from cache
-        message.getExchange().getEndpoint().remove(SecurityConstants.TOKEN);
-        message.getExchange().getEndpoint().remove(SecurityConstants.TOKEN_ID);
-        message.getExchange().remove(SecurityConstants.TOKEN_ID);
-        message.getExchange().remove(SecurityConstants.TOKEN);
-        TokenStoreUtils.getTokenStore(message).remove(tok.getId());
-
-        // If the user has explicitly disabled Renewing then we can't renew a token,
-        // so just get a new one
-        STSClient client = STSUtils.getClientWithIssuer(message, "sts", params.getIssuer());
-        if (!client.isAllowRenewing()) {
-            return issueToken(message, params);
-        }
-
-        AddressingProperties maps =
-            (AddressingProperties)message
-                .get("javax.xml.ws.addressing.context.outbound");
-        if (maps == null) {
-            maps = (AddressingProperties)message
-                .get("javax.xml.ws.addressing.context");
-        }
-        synchronized (client) {
-            try {
-                Map<String, Object> ctx = client.getRequestContext();
-                mapSecurityProps(message, ctx);
-
-                client.setMessage(message);
-
-                if (maps != null) {
-                    client.setAddressingNamespace(maps.getNamespaceURI());
-                }
-
-                client.setTrust(params.getTrust10());
-                client.setTrust(params.getTrust13());
-
-                client.setTemplate(params.getTokenTemplate());
-                return client.renewSecurityToken(tok);
-            } catch (RuntimeException ex) {
-                LOG.log(Level.WARNING, "Error renewing a token", ex);
-                boolean issueAfterFailedRenew =
-                    SecurityUtils.getSecurityPropertyBoolean(
-                                              SecurityConstants.STS_ISSUE_AFTER_FAILED_RENEW,
message, true);
-                if (issueAfterFailedRenew) {
-                    // Perhaps the STS does not support renewing, so try to issue a new token
-                    return issueToken(message, params);
-                } else {
-                    throw ex;
-                }
-            } catch (Exception ex) {
-                LOG.log(Level.WARNING, "Error renewing a token", ex);
-                boolean issueAfterFailedRenew =
-                    SecurityUtils.getSecurityPropertyBoolean(
-                                              SecurityConstants.STS_ISSUE_AFTER_FAILED_RENEW,
message, true);
-                if (issueAfterFailedRenew) {
-                    // Perhaps the STS does not support renewing, so try to issue a new token
-                    return issueToken(message, params);
-                } else {
-                    throw new Fault(ex);
-                }
-            } finally {
-                client.setTrust((Trust10)null);
-                client.setTrust((Trust13)null);
-                client.setTemplate(null);
-                client.setAddressingNamespace(null);
-            }
-        }
-    }
-
-    // Check to see if the received token is a SAML2 Token with "OneTimeUse" set. If so,
-    // it should not be cached on the endpoint, but only on the message.
-    private static boolean isOneTimeUse(SecurityToken issuedToken) {
-        Element token = issuedToken.getToken();
-        if (token != null && "Assertion".equals(token.getLocalName())
-            && WSConstants.SAML2_NS.equals(token.getNamespaceURI())) {
-            try {
-                SamlAssertionWrapper assertion = new SamlAssertionWrapper(token);
-
-                if (assertion.getSaml2().getConditions() != null
-                    && assertion.getSaml2().getConditions().getOneTimeUse() != null)
{
-                    return true;
-                }
-            } catch (WSSecurityException ex) {
-                throw new Fault(ex);
-            }
-        }
-
-        return false;
-    }
-
-    private static void mapSecurityProps(Message message, Map<String, Object> ctx)
{
-        for (String s : SecurityConstants.ALL_PROPERTIES) {
-            Object v = message.getContextualProperty(s + ".it");
-            if (v == null) {
-                v = message.getContextualProperty(s);
-            }
-            if (!ctx.containsKey(s) && v != null) {
-                ctx.put(s, v);
-            }
-        }
-    }
-
-    /**
-     * Parse ActAs/OnBehalfOf appropriately. See if the required token is stored in the cache.
-     */
-    private static SecurityToken handleDelegation(
-                                           Message message,
-                                           Element onBehalfOfToken,
-                                           Element actAsToken,
-                                           String appliesTo,
-                                           boolean enableAppliesTo) throws Exception {
-        TokenStore tokenStore = TokenStoreUtils.getTokenStore(message);
-        String key = appliesTo;
-        if (!enableAppliesTo || key == null || "".equals(key)) {
-            key = ASSOCIATED_TOKEN;
-        }
-        // See if the token corresponding to the OnBehalfOf Token is stored in the cache
-        // and if it points to an issued token
-        if (onBehalfOfToken != null) {
-            String id = getIdFromToken(onBehalfOfToken);
-            SecurityToken cachedToken = tokenStore.getToken(id);
-            if (cachedToken != null) {
-                Map<String, Object> properties = cachedToken.getProperties();
-                if (properties != null && properties.containsKey(key)) {
-                    String associatedToken = (String)properties.get(key);
-                    SecurityToken issuedToken = tokenStore.getToken(associatedToken);
-                    if (issuedToken != null) {
-                        return issuedToken;
-                    }
-                }
-            }
-        }
-
-        // See if the token corresponding to the ActAs Token is stored in the cache
-        // and if it points to an issued token
-        if (actAsToken != null) {
-            String id = getIdFromToken(actAsToken);
-            SecurityToken cachedToken = tokenStore.getToken(id);
-            if (cachedToken != null) {
-                Map<String, Object>  properties = cachedToken.getProperties();
-                if (properties != null && properties.containsKey(key)) {
-                    String associatedToken = (String)properties.get(key);
-                    SecurityToken issuedToken = tokenStore.getToken(associatedToken);
-                    if (issuedToken != null) {
-                        return issuedToken;
-                    }
-                }
-            }
-        }
-        return null;
-    }
-
-    private static String getIdFromToken(Element token) {
-        if (token != null) {
-            // Try to find the "Id" on the token.
-            if (token.hasAttributeNS(WSConstants.WSU_NS, "Id")) {
-                return token.getAttributeNS(WSConstants.WSU_NS, "Id");
-            } else if (token.hasAttributeNS(null, "ID")) {
-                return token.getAttributeNS(null, "ID");
-            } else if (token.hasAttributeNS(null, "AssertionID")) {
-                return token.getAttributeNS(null, "AssertionID");
-            }
-        }
-        return "";
-    }
-
-    private static void storeDelegationTokens(
-                                       Message message,
-                                       SecurityToken issuedToken,
-                                       Element onBehalfOfToken,
-                                       Element actAsToken,
-                                       String appliesTo,
-                                       boolean enableAppliesTo) throws Exception {
-        if (issuedToken == null) {
-            return;
-        }
-        TokenStore tokenStore = TokenStoreUtils.getTokenStore(message);
-        String key = appliesTo;
-        if (!enableAppliesTo || key == null || "".equals(key)) {
-            key = ASSOCIATED_TOKEN;
-        }
-        if (onBehalfOfToken != null) {
-            String id = getIdFromToken(onBehalfOfToken);
-            SecurityToken cachedToken = tokenStore.getToken(id);
-            if (cachedToken == null) {
-                cachedToken = new SecurityToken(id);
-                cachedToken.setToken(onBehalfOfToken);
-            }
-            Map<String, Object> properties = cachedToken.getProperties();
-            if (properties == null) {
-                properties = new HashMap<>();
-                cachedToken.setProperties(properties);
-            }
-            properties.put(key, issuedToken.getId());
-            tokenStore.add(cachedToken);
-        }
-        if (actAsToken != null) {
-            String id = getIdFromToken(actAsToken);
-            SecurityToken cachedToken = tokenStore.getToken(id);
-            if (cachedToken == null) {
-                cachedToken = new SecurityToken(id);
-                cachedToken.setToken(actAsToken);
-            }
-            Map<String, Object>  properties = cachedToken.getProperties();
-            if (properties == null) {
-                properties = new HashMap<>();
-                cachedToken.setProperties(properties);
-            }
-            properties.put(key, issuedToken.getId());
-            tokenStore.add(cachedToken);
-        }
-    }
-
-    private static SecurityToken getTokenFromSTS(Message message, STSClient client,
-                                          AddressingProperties maps, String appliesTo,
-                                          TokenRequestParams params) throws Exception {
-        client.setTrust(params.getTrust10());
-        client.setTrust(params.getTrust13());
-        client.setTemplate(params.getTokenTemplate());
-        if (params.getWspNamespace() != null) {
-            client.setWspNamespace(params.getWspNamespace());
-        }
-        if (maps != null && maps.getNamespaceURI() != null) {
-            client.setAddressingNamespace(maps.getNamespaceURI());
-        }
-        if (params.getClaims() != null) {
-            client.setClaims(params.getClaims());
-        }
-        return client.requestSecurityToken(appliesTo);
-    }
-
-    public static class TokenRequestParams {
-        private Element issuer;
-        private Trust10 trust10;
-        private Trust13 trust13;
-        private Element tokenTemplate;
-        private String wspNamespace;
-        private Element claims;
-
-        public Element getIssuer() {
-            return issuer;
-        }
-
-        public void setIssuer(Element issuer) {
-            this.issuer = issuer;
-        }
-
-        public Trust10 getTrust10() {
-            return trust10;
-        }
-
-        public void setTrust10(Trust10 trust10) {
-            this.trust10 = trust10;
-        }
-
-        public Trust13 getTrust13() {
-            return trust13;
-        }
-
-        public void setTrust13(Trust13 trust13) {
-            this.trust13 = trust13;
-        }
-
-        public Element getTokenTemplate() {
-            return tokenTemplate;
-        }
-
-        public void setTokenTemplate(Element tokenTemplate) {
-            this.tokenTemplate = tokenTemplate;
-        }
-
-        public String getWspNamespace() {
-            return wspNamespace;
-        }
-
-        public void setWspNamespace(String wspNamespace) {
-            this.wspNamespace = wspNamespace;
-        }
-
-        public Element getClaims() {
-            return claims;
-        }
-
-        public void setClaims(Element claims) {
-            this.claims = claims;
-        }
-    }
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/6ecda528/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-client.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-client.xml
b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-client.xml
index 9e36aa3..60b94df 100644
--- a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-client.xml
+++ b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-client.xml
@@ -136,20 +136,20 @@
         <property name="onBehalfOf" ref="delegationCallbackHandler"/>
         <property name="properties">
             <map>
-                <entry key="security.sts.token.username" value="myclientkey"/>
-                <entry key="security.sts.token.properties" value="clientKeystore.properties"/>
-                <entry key="security.sts.token.usecert" value="true"/>
+                <entry key="ws-security.sts.token.username" value="myclientkey"/>
+                <entry key="ws-security.sts.token.properties" value="clientKeystore.properties"/>
+                <entry key="ws-security.sts.token.usecert" value="true"/>
             </map>
         </property>
     </bean>
     
     <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItTransportSaml2IntermediaryPort"
createdFromAPI="true">
         <jaxws:properties>
-            <entry key="security.username" value="alice"/>
-            <entry key="security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
-            <entry key="security.signature.properties" value="clientKeystore.properties"/>
-            <entry key="security.signature.username" value="myclientkey"/>
-            <entry key="security.sts.client" value-ref="saml2STSIntermediaryClient" />
+            <entry key="ws-security.username" value="alice"/>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+            <entry key="ws-security.signature.properties" value="clientKeystore.properties"/>
+            <entry key="ws-security.signature.username" value="myclientkey"/>
+            <entry key="ws-security.sts.client" value-ref="saml2STSIntermediaryClient"
/>
             <entry key="ws-security.cache.issued.token.in.endpoint" value="false"/>
         </jaxws:properties>
     </jaxws:client>

http://git-wip-us.apache.org/repos/asf/cxf/blob/6ecda528/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-service.xml
----------------------------------------------------------------------
diff --git a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-service.xml
b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-service.xml
index bfc7b09..2a22b02 100644
--- a/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-service.xml
+++ b/services/sts/systests/advanced/src/test/resources/org/apache/cxf/systest/sts/renew/cxf-service.xml
@@ -50,8 +50,8 @@
     </jaxws:endpoint>
     <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt" id="doubleittransportsaml2intermediary"
implementor="org.apache.cxf.systest.sts.common.DoubleItPortTypeImpl" endpointName="s:DoubleItTransportSaml2IntermediaryPort"
serviceName="s:DoubleItService" depends-on="ClientAuthHttpsSettings" address="https://localhost:${testutil.ports.renew.Server}/doubleit/services/doubleittransportsaml2intermediary"
wsdlLocation="org/apache/cxf/systest/sts/renew/DoubleIt.wsdl">
         <jaxws:properties>
-            <entry key="security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
-            <entry key="security.signature.properties" value="serviceKeystore.properties"/>
+            <entry key="ws-security.callback-handler" value="org.apache.cxf.systest.sts.common.CommonCallbackHandler"/>
+            <entry key="ws-security.signature.properties" value="serviceKeystore.properties"/>
         </jaxws:properties>
     </jaxws:endpoint>
     <httpj:engine-factory id="ClientAuthHttpsSettings" bus="cxf">


Mime
View raw message