cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [5/8] cxf git commit: Added some WS-Security / JMS system tests
Date Mon, 02 Nov 2015 18:34:37 GMT
Added some WS-Security / JMS system tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e5203617
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e5203617
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e5203617

Branch: refs/heads/3.0.x-fixes
Commit: e520361785f748b058107ab5290ad264026b9111
Parents: 2b3da92
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Nov 2 17:17:22 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Nov 2 17:59:01 2015 +0000

----------------------------------------------------------------------
 systests/transport-jms/pom.xml                  |   5 +
 .../systest/jms/security/JMSWSSecurityTest.java | 155 +++++++++++++
 .../jms/security/KeystorePasswordCallback.java  |  73 +++++++
 .../jms/security/SamlCallbackHandler.java       | 219 +++++++++++++++++++
 .../security/SecurityGreeterImplTwoWayJMS.java  |  30 +++
 .../apache/cxf/systest/jms/security/Server.java |  59 +++++
 .../systest/jms/security/TwoWayJMSImplBase.java | 132 +++++++++++
 .../src/test/resources/alice.properties         |  21 ++
 .../src/test/resources/bob.properties           |  21 ++
 .../src/test/resources/certs/alice.jks          | Bin 0 -> 3984 bytes
 .../src/test/resources/certs/bob.jks            | Bin 0 -> 3979 bytes
 .../src/test/resources/certs/cxfca.jks          | Bin 0 -> 891 bytes
 .../src/test/resources/logging.properties       |  74 +++++++
 13 files changed, 789 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/pom.xml
----------------------------------------------------------------------
diff --git a/systests/transport-jms/pom.xml b/systests/transport-jms/pom.xml
index 9060b51..ea72e35 100644
--- a/systests/transport-jms/pom.xml
+++ b/systests/transport-jms/pom.xml
@@ -115,6 +115,11 @@
             <version>${project.version}</version>
         </dependency>
         <dependency>
+            <groupId>org.apache.cxf</groupId>
+            <artifactId>cxf-rt-ws-security</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-servlet</artifactId>
         </dependency>

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
new file mode 100644
index 0000000..6db3729
--- /dev/null
+++ b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/JMSWSSecurityTest.java
@@ -0,0 +1,155 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jms.security;
+
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.hello_world_jms.HelloWorldPortType;
+import org.apache.cxf.hello_world_jms.HelloWorldService;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.cxf.testutil.common.EmbeddedJMSBrokerLauncher;
+import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
+import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean;
+import org.apache.wss4j.common.saml.bean.ConditionsBean;
+import org.apache.wss4j.common.saml.builder.SAML2Constants;
+import org.apache.wss4j.dom.handler.WSHandlerConstants;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+/**
+ * Some WS-Security over JMS tests
+ */
+public class JMSWSSecurityTest extends AbstractBusClientServerTestBase {
+    public static final String PORT = allocatePort(JMSWSSecurityTest.class);
+ 
+    private static EmbeddedJMSBrokerLauncher broker;
+    private List<String> wsdlStrings = new ArrayList<String>();
+    
+    @BeforeClass
+    public static void startServers() throws Exception {
+        broker = new EmbeddedJMSBrokerLauncher("tcp://localhost:" + PORT);
+        launchServer(broker);
+        launchServer(new Server(broker));
+        createStaticBus();
+    }
+    
+    @Before
+    public void setUp() throws Exception {
+        assertSame(getStaticBus(), BusFactory.getThreadDefaultBus(false));
+    }
+   
+    @After 
+    public void tearDown() throws Exception {
+        wsdlStrings.clear();
+    }
+    
+    public URL getWSDLURL(String s) throws Exception {
+        URL u = getClass().getResource(s);
+        if (u == null) {
+            throw new IllegalArgumentException("WSDL classpath resource not found " + s);
+        }
+        String wsdlString = u.toString().intern();
+        wsdlStrings.add(wsdlString);
+        broker.updateWsdl(getBus(), wsdlString);
+        return u;
+    }
+    
+    @Test
+    public void testUnsignedSAML2Token() throws Exception {
+        QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
+        QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
+        URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
+        HelloWorldService service = new HelloWorldService(wsdl, serviceName);
+
+        String response = new String("Bonjour");
+        HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class);
+        
+        SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+        callbackHandler.setSignAssertion(true);
+        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
+        
+        Map<String, Object> outProperties = new HashMap<String, Object>();
+        outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
+        
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties);
+        Client client = ClientProxy.getClient(greeter);
+        client.getOutInterceptors().add(outInterceptor);
+        
+        String reply = greeter.sayHi();
+        assertNotNull("no response received from service", reply);
+        assertEquals(response, reply);
+
+        ((java.io.Closeable)greeter).close();
+    }
+    
+    @Test
+    @org.junit.Ignore
+    public void testUnsignedSAML2AudienceRestrictionToken() throws Exception {
+        QName serviceName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldService");
+        QName portName = new QName("http://cxf.apache.org/hello_world_jms", "HelloWorldPort");
+        URL wsdl = getWSDLURL("/wsdl/jms_test.wsdl");
+        HelloWorldService service = new HelloWorldService(wsdl, serviceName);
+
+        String response = new String("Bonjour");
+        HelloWorldPortType greeter = service.getPort(portName, HelloWorldPortType.class);
+        
+        SamlCallbackHandler callbackHandler = new SamlCallbackHandler();
+        callbackHandler.setSignAssertion(true);
+        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
+        
+        ConditionsBean conditions = new ConditionsBean();
+        conditions.setTokenPeriodMinutes(5);
+        List<String> audiences = new ArrayList<>();
+        audiences.add("http://apache.org/one");
+        AudienceRestrictionBean audienceRestrictionBean = new AudienceRestrictionBean();
+        audienceRestrictionBean.setAudienceURIs(audiences);
+        conditions.setAudienceRestrictions(Collections.singletonList(audienceRestrictionBean));
+        
+        callbackHandler.setConditions(conditions);
+        
+        Map<String, Object> outProperties = new HashMap<String, Object>();
+        outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_UNSIGNED);
+        outProperties.put(WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler);
+        
+        WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(outProperties);
+        Client client = ClientProxy.getClient(greeter);
+        client.getOutInterceptors().add(outInterceptor);
+        
+        String reply = greeter.sayHi();
+        assertNotNull("no response received from service", reply);
+        assertEquals(response, reply);
+
+        ((java.io.Closeable)greeter).close();
+    }
+    
+
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/KeystorePasswordCallback.java
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/KeystorePasswordCallback.java
b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/KeystorePasswordCallback.java
new file mode 100644
index 0000000..4148115
--- /dev/null
+++ b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/KeystorePasswordCallback.java
@@ -0,0 +1,73 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jms.security;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.apache.wss4j.common.ext.WSPasswordCallback;
+
+/**
+ * A CallbackHandler implementation for keystores.
+ */
+public class KeystorePasswordCallback implements CallbackHandler {
+    
+    private Map<String, String> passwords = 
+        new HashMap<String, String>();
+    
+    public KeystorePasswordCallback() {
+        passwords.put("Alice", "abcd!1234");
+        passwords.put("alice", "password");
+        passwords.put("Bob", "abcd!1234");
+        passwords.put("bob", "password");
+        passwords.put("abcd", "dcba");
+        passwords.put("6e0e88f36ebb8744d470f62f604d03ea4ebe5094", "password");
+        passwords.put("wss40rev", "security");
+        passwords.put("morpit", "password");
+    }
+
+    /**
+     * It attempts to get the password from the private 
+     * alias/passwords map.
+     */
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
+        for (int i = 0; i < callbacks.length; i++) {
+            WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
+            if (pc.getUsage() == WSPasswordCallback.PASSWORD_ENCRYPTOR_PASSWORD) {
+                pc.setPassword("this-is-a-secret");
+            } else {
+                String pass = passwords.get(pc.getIdentifier());
+                if (pass != null) {
+                    pc.setPassword(pass);
+                    return;
+                } else {
+                    pc.setPassword("password");
+                }
+            }
+        }
+    }
+    
+
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/SamlCallbackHandler.java
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/SamlCallbackHandler.java
b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/SamlCallbackHandler.java
new file mode 100644
index 0000000..3899955
--- /dev/null
+++ b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/SamlCallbackHandler.java
@@ -0,0 +1,219 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jms.security;
+
+import java.io.IOException;
+import java.security.cert.X509Certificate;
+import java.util.Collections;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.crypto.CryptoType;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.saml.SAMLCallback;
+import org.apache.wss4j.common.saml.bean.AttributeBean;
+import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
+import org.apache.wss4j.common.saml.bean.ConditionsBean;
+import org.apache.wss4j.common.saml.bean.KeyInfoBean;
+import org.apache.wss4j.common.saml.bean.KeyInfoBean.CERT_IDENTIFIER;
+import org.apache.wss4j.common.saml.bean.SubjectBean;
+import org.apache.wss4j.common.saml.bean.Version;
+import org.apache.wss4j.common.saml.builder.SAML1Constants;
+import org.apache.wss4j.common.saml.builder.SAML2Constants;
+import org.apache.wss4j.dom.WSConstants;
+
+/**
+ * A CallbackHandler instance that is used by the STS to mock up a SAML Attribute Assertion.
+ */
+public class SamlCallbackHandler implements CallbackHandler {
+    private boolean saml2 = true;
+    private String confirmationMethod = SAML2Constants.CONF_SENDER_VOUCHES;
+    private CERT_IDENTIFIER keyInfoIdentifier = CERT_IDENTIFIER.X509_CERT;
+    private boolean signAssertion;
+    private ConditionsBean conditions;
+    private String cryptoAlias = "alice";
+    private String cryptoPassword = "password";
+    private String cryptoPropertiesFile = "alice.properties";
+    private String signatureAlgorithm = WSConstants.RSA_SHA1;
+    private String digestAlgorithm = WSConstants.SHA1;
+    
+    public SamlCallbackHandler() {
+        //
+    }
+    
+    public SamlCallbackHandler(boolean saml2) {
+        this.saml2 = saml2;
+    }
+    
+    public SamlCallbackHandler(boolean saml2, boolean signAssertion) {
+        this.saml2 = saml2;
+        this.signAssertion = signAssertion;
+    }
+    
+    public void setConfirmationMethod(String confirmationMethod) {
+        this.confirmationMethod = confirmationMethod;
+    }
+    
+    public void setKeyInfoIdentifier(CERT_IDENTIFIER keyInfoIdentifier) {
+        this.keyInfoIdentifier = keyInfoIdentifier;
+    }
+    
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof SAMLCallback) {
+                SAMLCallback callback = (SAMLCallback) callbacks[i];
+                if (saml2) {
+                    callback.setSamlVersion(Version.SAML_20);
+                } else {
+                    callback.setSamlVersion(Version.SAML_11);
+                }
+                if (conditions != null) {
+                    callback.setConditions(conditions);
+                }
+
+                callback.setIssuer("sts");
+                String subjectName = "uid=sts-client,o=mock-sts.com";
+                String subjectQualifier = "www.mock-sts.com";
+                if (!saml2 && SAML2Constants.CONF_SENDER_VOUCHES.equals(confirmationMethod))
{
+                    confirmationMethod = SAML1Constants.CONF_SENDER_VOUCHES;
+                }
+                SubjectBean subjectBean = 
+                    new SubjectBean(
+                        subjectName, subjectQualifier, confirmationMethod
+                    );
+                if (SAML2Constants.CONF_HOLDER_KEY.equals(confirmationMethod)
+                    || SAML1Constants.CONF_HOLDER_KEY.equals(confirmationMethod)) {
+                    try {
+                        KeyInfoBean keyInfo = createKeyInfo();
+                        subjectBean.setKeyInfo(keyInfo);
+                    } catch (Exception ex) {
+                        throw new IOException("Problem creating KeyInfo: " +  ex.getMessage());
+                    }
+                }
+                callback.setSubject(subjectBean);
+                
+                AttributeStatementBean attrBean = new AttributeStatementBean();
+                attrBean.setSubject(subjectBean);
+                
+                AttributeBean attributeBean = new AttributeBean();
+                if (saml2) {
+                    attributeBean.setQualifiedName("subject-role");
+                } else {
+                    attributeBean.setSimpleName("subject-role");
+                    attributeBean.setQualifiedName("http://custom-ns");
+                }
+                attributeBean.addAttributeValue("system-user");
+                attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
+                callback.setAttributeStatementData(Collections.singletonList(attrBean));
+                callback.setSignatureAlgorithm(signatureAlgorithm);
+                callback.setSignatureDigestAlgorithm(digestAlgorithm);
+                
+                try {
+                    Crypto crypto = CryptoFactory.getInstance(cryptoPropertiesFile);
+                    callback.setIssuerCrypto(crypto);
+                    callback.setIssuerKeyName(cryptoAlias);
+                    callback.setIssuerKeyPassword(cryptoPassword);
+                    callback.setSignAssertion(signAssertion);
+                } catch (WSSecurityException e) {
+                    throw new IOException(e);
+                }
+            }
+        }
+    }
+    
+    protected KeyInfoBean createKeyInfo() throws Exception {
+        Crypto crypto = 
+            CryptoFactory.getInstance(cryptoPropertiesFile);
+        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+        cryptoType.setAlias(cryptoAlias);
+        X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
+        
+        KeyInfoBean keyInfo = new KeyInfoBean();
+        keyInfo.setCertIdentifer(keyInfoIdentifier);
+        if (keyInfoIdentifier == CERT_IDENTIFIER.X509_CERT) {
+            keyInfo.setCertificate(certs[0]);
+        } else if (keyInfoIdentifier == CERT_IDENTIFIER.KEY_VALUE) {
+            keyInfo.setPublicKey(certs[0].getPublicKey());
+        }
+        
+        return keyInfo;
+    }
+
+    public boolean isSignAssertion() {
+        return signAssertion;
+    }
+
+    public void setSignAssertion(boolean signAssertion) {
+        this.signAssertion = signAssertion;
+    }
+
+    public ConditionsBean getConditions() {
+        return conditions;
+    }
+
+    public void setConditions(ConditionsBean conditions) {
+        this.conditions = conditions;
+    }
+
+    public String getCryptoAlias() {
+        return cryptoAlias;
+    }
+
+    public void setCryptoAlias(String cryptoAlias) {
+        this.cryptoAlias = cryptoAlias;
+    }
+
+    public String getCryptoPassword() {
+        return cryptoPassword;
+    }
+
+    public void setCryptoPassword(String cryptoPassword) {
+        this.cryptoPassword = cryptoPassword;
+    }
+
+    public String getCryptoPropertiesFile() {
+        return cryptoPropertiesFile;
+    }
+
+    public void setCryptoPropertiesFile(String cryptoPropertiesFile) {
+        this.cryptoPropertiesFile = cryptoPropertiesFile;
+    }
+
+    public String getSignatureAlgorithm() {
+        return signatureAlgorithm;
+    }
+
+    public void setSignatureAlgorithm(String signatureAlgorithm) {
+        this.signatureAlgorithm = signatureAlgorithm;
+    }
+
+    public String getDigestAlgorithm() {
+        return digestAlgorithm;
+    }
+
+    public void setDigestAlgorithm(String digestAlgorithm) {
+        this.digestAlgorithm = digestAlgorithm;
+    }
+    
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/SecurityGreeterImplTwoWayJMS.java
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/SecurityGreeterImplTwoWayJMS.java
b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/SecurityGreeterImplTwoWayJMS.java
new file mode 100644
index 0000000..9d7b2c7
--- /dev/null
+++ b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/SecurityGreeterImplTwoWayJMS.java
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jms.security;
+
+import javax.jws.WebService;
+
+@WebService(serviceName = "HelloWorldService", 
+            portName = "HelloWorldPort",
+            endpointInterface = "org.apache.cxf.hello_world_jms.HelloWorldPortType",
+            targetNamespace = "http://cxf.apache.org/hello_world_jms",
+            wsdlLocation = "testutils/jms_test.wsdl")
+public class SecurityGreeterImplTwoWayJMS extends TwoWayJMSImplBase {    
+    
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/Server.java
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/Server.java
b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/Server.java
new file mode 100644
index 0000000..0ed8b2b
--- /dev/null
+++ b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/Server.java
@@ -0,0 +1,59 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jms.security;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.ws.Endpoint;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+import org.apache.cxf.testutil.common.EmbeddedJMSBrokerLauncher;
+import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
+import org.apache.wss4j.dom.handler.WSHandlerConstants;
+
+public class Server extends AbstractBusTestServerBase {
+    public static final String PORT = allocatePort(Server.class);
+    
+    EmbeddedJMSBrokerLauncher broker;
+    public Server(EmbeddedJMSBrokerLauncher b) {
+        broker = b;
+    }
+    
+    protected void run()  {
+        Bus bus = BusFactory.getDefaultBus();
+        setBus(bus);
+        
+        Map<String, Object> inProperties = new HashMap<String, Object>();
+        inProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED);
+        inProperties.put(WSHandlerConstants.PW_CALLBACK_REF, new KeystorePasswordCallback());
+        inProperties.put(WSHandlerConstants.SIG_VER_PROP_FILE, "bob.properties");
+        
+        WSS4JInInterceptor inInterceptor = new WSS4JInInterceptor(inProperties);
+        
+        bus.getInInterceptors().add(inInterceptor);
+        
+        broker.updateWsdl(bus, "testutils/jms_test.wsdl");
+        
+        Endpoint.publish(null, new SecurityGreeterImplTwoWayJMS());
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/TwoWayJMSImplBase.java
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/TwoWayJMSImplBase.java
b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/TwoWayJMSImplBase.java
new file mode 100644
index 0000000..ad5e0fd
--- /dev/null
+++ b/systests/transport-jms/src/test/java/org/apache/cxf/systest/jms/security/TwoWayJMSImplBase.java
@@ -0,0 +1,132 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jms.security;
+
+import java.util.concurrent.Future;
+
+import javax.annotation.Resource;
+import javax.xml.ws.AsyncHandler;
+import javax.xml.ws.Response;
+import javax.xml.ws.WebServiceContext;
+import javax.xml.ws.handler.MessageContext;
+
+import org.apache.cxf.hello_world_jms.BadRecordLitFault;
+import org.apache.cxf.hello_world_jms.HelloWorldPortType;
+import org.apache.cxf.hello_world_jms.NoSuchCodeLitFault;
+import org.apache.cxf.hello_world_jms.types.BadRecordLit;
+import org.apache.cxf.hello_world_jms.types.ErrorCode;
+import org.apache.cxf.hello_world_jms.types.NoSuchCodeLit;
+import org.apache.cxf.hello_world_jms.types.TestRpcLitFaultResponse;
+import org.apache.cxf.transport.jms.JMSConstants;
+import org.apache.cxf.transport.jms.JMSMessageHeadersType;
+import org.apache.cxf.transport.jms.JMSPropertyType;
+
+public class TwoWayJMSImplBase implements HelloWorldPortType {
+
+    @Resource
+    protected WebServiceContext wsContext;
+    public String greetMe(String me) {
+        if (me.startsWith("PauseForTwoSecs")) {
+            try {
+                Thread.sleep(2000);
+            } catch (InterruptedException e) {
+                //ignore
+            }
+            me = me.substring("PauseForTwoSecs".length()).trim();
+        }
+        
+        MessageContext mc = wsContext.getMessageContext();
+        //JMSMessageHeadersType headers =
+        //    (JMSMessageHeadersType) mc.get(JMSConstants.JMS_SERVER_REQUEST_HEADERS);
+        //System.out.println("get the message headers JMSCorrelationID: " + headers.getJMSCorrelationID());
+        //System.out.println("Reached here :" + me);
+        
+        // set reply header custom property
+        JMSPropertyType testProperty = new JMSPropertyType();
+        testProperty.setName("Test_Prop");
+        testProperty.setValue("some return value "  + me);
+        
+        //System.out.println("found property in request headers at index: " 
+        //                   + headers.getProperty().indexOf(testProperty));
+        
+        JMSMessageHeadersType responseHeaders =
+            (JMSMessageHeadersType) mc.get(JMSConstants.JMS_SERVER_RESPONSE_HEADERS);
+        responseHeaders.getProperty().add(testProperty);
+        
+        return "Hello " + me;
+    }
+
+    public String sayHi() {        
+        return "Bonjour";
+    }
+    
+    public void greetMeOneWay(String requestType) {
+        //System.out.println("*********  greetMeOneWay: " + requestType);
+    }
+    
+    public TestRpcLitFaultResponse testRpcLitFault(String faultType) 
+        throws BadRecordLitFault, NoSuchCodeLitFault {
+        BadRecordLit badRecord = new BadRecordLit();
+        badRecord.setReason("BadRecordLitFault");
+        if (faultType.equals(BadRecordLitFault.class.getSimpleName())) {
+            throw new BadRecordLitFault("TestBadRecordLit", badRecord);
+        }
+        if (faultType.equals(NoSuchCodeLitFault.class.getSimpleName())) {
+            ErrorCode ec = new ErrorCode();
+            ec.setMajor((short)1);
+            ec.setMinor((short)1);
+            NoSuchCodeLit nscl = new NoSuchCodeLit();
+            nscl.setCode(ec);
+            throw new NoSuchCodeLitFault("TestNoSuchCodeLit", nscl);
+        }
+        
+        return new TestRpcLitFaultResponse();
+    }
+
+    public Response<String> greetMeAsync(String stringParam0) {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    public Future<?> greetMeAsync(String stringParam0, AsyncHandler<String> asyncHandler)
{
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    public Response<String> sayHiAsync() {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    public Future<?> sayHiAsync(AsyncHandler<String> asyncHandler) {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    public Response<TestRpcLitFaultResponse> testRpcLitFaultAsync(String in) {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    public Future<?> testRpcLitFaultAsync(String in, AsyncHandler<TestRpcLitFaultResponse>
asyncHandler) {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/resources/alice.properties
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/resources/alice.properties b/systests/transport-jms/src/test/resources/alice.properties
new file mode 100644
index 0000000..2cff960
--- /dev/null
+++ b/systests/transport-jms/src/test/resources/alice.properties
@@ -0,0 +1,21 @@
+#    Licensed to the Apache Software Foundation (ASF) under one
+#    or more contributor license agreements. See the NOTICE file
+#    distributed with this work for additional information
+#    regarding copyright ownership. The ASF licenses this file
+#    to you under the Apache License, Version 2.0 (the
+#    "License"); you may not use this file except in compliance
+#    with the License. You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing,
+#    software distributed under the License is distributed on an
+#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the License for the
+#    specific language governing permissions and limitations
+#    under the License.
+org.apache.wss4j.crypto.provider=org.apache.wss4j.common.crypto.Merlin
+org.apache.wss4j.crypto.merlin.keystore.type=jks
+org.apache.wss4j.crypto.merlin.keystore.password=password
+org.apache.wss4j.crypto.merlin.keystore.alias=alice
+org.apache.wss4j.crypto.merlin.keystore.file=certs/alice.jks

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/resources/bob.properties
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/resources/bob.properties b/systests/transport-jms/src/test/resources/bob.properties
new file mode 100644
index 0000000..6be229b
--- /dev/null
+++ b/systests/transport-jms/src/test/resources/bob.properties
@@ -0,0 +1,21 @@
+#    Licensed to the Apache Software Foundation (ASF) under one
+#    or more contributor license agreements. See the NOTICE file
+#    distributed with this work for additional information
+#    regarding copyright ownership. The ASF licenses this file
+#    to you under the Apache License, Version 2.0 (the
+#    "License"); you may not use this file except in compliance
+#    with the License. You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing,
+#    software distributed under the License is distributed on an
+#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the License for the
+#    specific language governing permissions and limitations
+#    under the License.
+org.apache.wss4j.crypto.provider=org.apache.wss4j.common.crypto.Merlin
+org.apache.wss4j.crypto.merlin.keystore.type=jks
+org.apache.wss4j.crypto.merlin.keystore.password=password
+org.apache.wss4j.crypto.merlin.keystore.alias=bob
+org.apache.wss4j.crypto.merlin.keystore.file=certs/bob.jks

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/resources/certs/alice.jks
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/resources/certs/alice.jks b/systests/transport-jms/src/test/resources/certs/alice.jks
new file mode 100644
index 0000000..9b8c450
Binary files /dev/null and b/systests/transport-jms/src/test/resources/certs/alice.jks differ

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/resources/certs/bob.jks
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/resources/certs/bob.jks b/systests/transport-jms/src/test/resources/certs/bob.jks
new file mode 100644
index 0000000..6744c7c
Binary files /dev/null and b/systests/transport-jms/src/test/resources/certs/bob.jks differ

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/resources/certs/cxfca.jks
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/resources/certs/cxfca.jks b/systests/transport-jms/src/test/resources/certs/cxfca.jks
new file mode 100644
index 0000000..2473611
Binary files /dev/null and b/systests/transport-jms/src/test/resources/certs/cxfca.jks differ

http://git-wip-us.apache.org/repos/asf/cxf/blob/e5203617/systests/transport-jms/src/test/resources/logging.properties
----------------------------------------------------------------------
diff --git a/systests/transport-jms/src/test/resources/logging.properties b/systests/transport-jms/src/test/resources/logging.properties
new file mode 100644
index 0000000..b2e5a79
--- /dev/null
+++ b/systests/transport-jms/src/test/resources/logging.properties
@@ -0,0 +1,74 @@
+#
+#
+#    Licensed to the Apache Software Foundation (ASF) under one
+#    or more contributor license agreements. See the NOTICE file
+#    distributed with this work for additional information
+#    regarding copyright ownership. The ASF licenses this file
+#    to you under the Apache License, Version 2.0 (the
+#    "License"); you may not use this file except in compliance
+#    with the License. You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing,
+#    software distributed under the License is distributed on an
+#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the License for the
+#    specific language governing permissions and limitations
+#    under the License.
+#
+#
+############################################################
+#  	Default Logging Configuration File
+#
+# You can use a different file by specifying a filename
+# with the java.util.logging.config.file system property.  
+# For example java -Djava.util.logging.config.file=myfile
+############################################################
+
+############################################################
+#  	Global properties
+############################################################
+
+# "handlers" specifies a comma separated list of log Handler 
+# classes.  These handlers will be installed during VM startup.
+# Note that these classes must be on the system classpath.
+# By default we only configure a ConsoleHandler, which will only
+# show messages at the INFO and above levels.
+#handlers= java.util.logging.ConsoleHandler
+
+# To also add the FileHandler, use the following line instead.
+#handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler
+
+# Default global logging level.
+# This specifies which kinds of events are logged across
+# all loggers.  For any given facility this global level
+# can be overriden by a facility specific level
+# Note that the ConsoleHandler also has a separate level
+# setting to limit messages printed to the console.
+.level= INFO
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+
+# default file output is in user's home directory.
+java.util.logging.FileHandler.pattern = %h/java%u.log
+java.util.logging.FileHandler.limit = 50000
+java.util.logging.FileHandler.count = 1
+java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
+
+# Limit the message that are printed on the console to INFO and above.
+java.util.logging.ConsoleHandler.level = INFO
+java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
+
+
+############################################################
+# Facility specific properties.
+# Provides extra control for each logger.
+############################################################
+
+# For example, set the com.xyz.foo logger to only log SEVERE
+# messages:
+#com.xyz.foo.level = SEVERE


Mime
View raw message