cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Simplifying JWS JSON filter consumers to validate a single signature only same as JWE JSON decrypts a single entry only, the extra entries will be available for further processing as needed
Date Wed, 02 Mar 2016 16:27:26 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 585927421 -> 163f9b259


Simplifying JWS JSON filter consumers to validate a single signature only same as JWE JSON
decrypts a single entry only, the extra entries will be available for further processing as
needed


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/163f9b25
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/163f9b25
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/163f9b25

Branch: refs/heads/3.1.x-fixes
Commit: 163f9b259a49df73f0e2652440f6187fa40247db
Parents: 5859274
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Mar 2 16:26:12 2016 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Mar 2 16:27:05 2016 +0000

----------------------------------------------------------------------
 .../jaxrs/AbstractJwsJsonReaderProvider.java    | 74 ++++++--------------
 .../jose/jaxrs/JwsJsonClientResponseFilter.java |  5 +-
 .../jaxrs/JwsJsonContainerRequestFilter.java    |  9 +--
 .../rs/security/jose/jws/JwsJsonConsumer.java   | 63 +++++++++++------
 .../security/jose/jws/JwsJsonConsumerTest.java  | 18 -----
 .../security/jose/jwejws/JAXRSJwsJsonTest.java  | 12 +++-
 .../security/jose/jwejws/serverJwsJson.xml      |  4 +-
 7 files changed, 80 insertions(+), 105 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/163f9b25/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonReaderProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonReaderProvider.java
b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonReaderProvider.java
index 5b328e4..8555006 100644
--- a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonReaderProvider.java
+++ b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonReaderProvider.java
@@ -18,18 +18,13 @@
  */
 package org.apache.cxf.rs.security.jose.jaxrs;
 
-import java.util.Arrays;
 import java.util.Collections;
-import java.util.LinkedList;
 import java.util.List;
+import java.util.Map;
 import java.util.logging.Logger;
 
 import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.message.MessageUtils;
-import org.apache.cxf.rs.security.jose.common.JoseConstants;
 import org.apache.cxf.rs.security.jose.jws.JwsException;
 import org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer;
 import org.apache.cxf.rs.security.jose.jws.JwsJsonSignatureEntry;
@@ -39,49 +34,21 @@ import org.apache.cxf.rs.security.jose.jws.JwsUtils;
 public class AbstractJwsJsonReaderProvider {
     protected static final Logger LOG = LogUtils.getL7dLogger(AbstractJwsJsonReaderProvider.class);
     
-    private List<JwsSignatureVerifier> sigVerifiers;
+    private JwsSignatureVerifier sigVerifier;
     private String defaultMediaType;
-    private boolean strictVerification;
+    private Map<String, Object> entryProps;
     
     public void setSignatureVerifier(JwsSignatureVerifier signatureVerifier) {
-        setSignatureVerifiers(Collections.singletonList(signatureVerifier));
-    }
-    public void setSignatureVerifiers(List<JwsSignatureVerifier> signatureVerifiers)
{
-        this.sigVerifiers = signatureVerifiers;
+        this.sigVerifier = signatureVerifier;
     }
 
-    @SuppressWarnings("deprecation")
-    protected List<JwsSignatureVerifier> getInitializedSigVerifiers() {
-        if (sigVerifiers != null) {
-            return sigVerifiers;    
-        }
-        Message m = JAXRSUtils.getCurrentMessage();
-        Object propLocsProp = 
-            MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_SIGNATURE_IN_PROPS,

-                                               JoseConstants.RSSEC_SIGNATURE_PROPS);
-        if (propLocsProp == null) {
-            propLocsProp = 
-                MessageUtils.getContextualProperty(m, JoseConstants.DEP_RSSEC_SIGNATURE_IN_LIST_PROPS,

-                                               JoseConstants.DEP_RSSEC_SIGNATURE_LIST_PROPS);
-        }
-        if (propLocsProp == null) {
-            LOG.warning("JWS JSON init properties resource is not identified");
-            throw new JwsException(JwsException.Error.NO_INIT_PROPERTIES);
-        }
-        List<String> propLocs = null;
-        if (propLocsProp instanceof String) { 
-            String[] props = ((String)propLocsProp).split(",");
-            propLocs = Arrays.asList(props);
-        } else {
-            propLocs = CastUtils.cast((List<?>)propLocsProp);
-        }
-        List<JwsSignatureVerifier> theSigVerifiers = new LinkedList<JwsSignatureVerifier>();
-        for (String propLoc : propLocs) {
-            theSigVerifiers.addAll(JwsUtils.loadSignatureVerifiers(propLoc, m));
-        }
-        return theSigVerifiers;
+    protected JwsSignatureVerifier getInitializedSigVerifier() {
+        if (sigVerifier != null) {
+            return sigVerifier;    
+        } 
+        return JwsUtils.loadSignatureVerifier(null, true);
     }
-
+    
     public String getDefaultMediaType() {
         return defaultMediaType;
     }
@@ -89,21 +56,24 @@ public class AbstractJwsJsonReaderProvider {
     public void setDefaultMediaType(String defaultMediaType) {
         this.defaultMediaType = defaultMediaType;
     }
-    public boolean isStrictVerification() {
-        return strictVerification;
-    }
-    public void setStrictVerification(boolean strictVerification) {
-        this.strictVerification = strictVerification;
-    }
     
-    protected void validate(JwsJsonConsumer c, List<JwsSignatureVerifier> theSigVerifiers)
throws JwsException {
+    
+    protected void validate(JwsJsonConsumer c, JwsSignatureVerifier theSigVerifier) throws
JwsException {
         
-        List<JwsJsonSignatureEntry> remaining = c.verifyAndGetNonValidated(theSigVerifiers,
-                                                                           isStrictVerification());
+        List<JwsJsonSignatureEntry> remaining = 
+            c.verifyAndGetNonValidated(Collections.singletonList(theSigVerifier), entryProps);
         if (!remaining.isEmpty()) {
             JAXRSUtils.getCurrentMessage().put("jws.json.remaining.entries", remaining);
         }
         JAXRSUtils.getCurrentMessage().put(JwsJsonConsumer.class, c);
     }
+
+    public Map<String, Object> getEntryProps() {
+        return entryProps;
+    }
+
+    public void setEntryProps(Map<String, Object> entryProps) {
+        this.entryProps = entryProps;
+    }
     
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/163f9b25/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonClientResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonClientResponseFilter.java
b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonClientResponseFilter.java
index dc9a352..e342577 100644
--- a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonClientResponseFilter.java
+++ b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonClientResponseFilter.java
@@ -20,7 +20,6 @@ package org.apache.cxf.rs.security.jose.jaxrs;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
-import java.util.List;
 
 import javax.annotation.Priority;
 import javax.ws.rs.client.ClientRequestContext;
@@ -37,9 +36,9 @@ import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
 public class JwsJsonClientResponseFilter extends AbstractJwsJsonReaderProvider implements
ClientResponseFilter {
     @Override
     public void filter(ClientRequestContext req, ClientResponseContext res) throws IOException
{
-        List<JwsSignatureVerifier> theSigVerifiers = getInitializedSigVerifiers();
+        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier();
         JwsJsonConsumer c = new JwsJsonConsumer(IOUtils.readStringFromStream(res.getEntityStream()));
-        validate(c, theSigVerifiers);
+        validate(c, theSigVerifier);
         byte[] bytes = c.getDecodedJwsPayloadBytes();
         res.setEntityStream(new ByteArrayInputStream(bytes));
         res.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));

http://git-wip-us.apache.org/repos/asf/cxf/blob/163f9b25/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonContainerRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonContainerRequestFilter.java
b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonContainerRequestFilter.java
index 3b705a3..56cf430 100644
--- a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonContainerRequestFilter.java
+++ b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonContainerRequestFilter.java
@@ -20,7 +20,6 @@ package org.apache.cxf.rs.security.jose.jaxrs;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
-import java.util.List;
 
 import javax.annotation.Priority;
 import javax.ws.rs.HttpMethod;
@@ -44,14 +43,10 @@ public class JwsJsonContainerRequestFilter extends AbstractJwsJsonReaderProvider
         if (HttpMethod.GET.equals(context.getMethod())) {
             return;
         }
-        List<JwsSignatureVerifier> theSigVerifiers = getInitializedSigVerifiers();
-        if (theSigVerifiers.isEmpty()) {
-            context.abortWith(JAXRSUtils.toResponse(400));
-            return;
-        }
+        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier();
         JwsJsonConsumer c = new JwsJsonConsumer(IOUtils.readStringFromStream(context.getEntityStream()));
         try {
-            validate(c, theSigVerifiers);
+            validate(c, theSigVerifier);
         } catch (JwsException ex) {
             context.abortWith(JAXRSUtils.toResponse(400));
             return;

http://git-wip-us.apache.org/repos/asf/cxf/blob/163f9b25/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
index e8d9a41..22e781f 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
@@ -123,10 +123,17 @@ public class JwsJsonConsumer {
         return JwsUtils.getJwsJsonSignatureMap(signatures);
     }
     public boolean verifySignatureWith(JwsSignatureVerifier validator) {
+        return verifySignatureWith(validator, null);
+    }
+    public boolean verifySignatureWith(JwsSignatureVerifier validator, Map<String, Object>
entryProps) {
         List<JwsJsonSignatureEntry> theSignatureEntries = 
             getSignatureEntryMap().get(validator.getAlgorithm());
         if (theSignatureEntries != null) {
             for (JwsJsonSignatureEntry signatureEntry : theSignatureEntries) {
+                if (entryProps != null 
+                    && !signatureEntry.getUnionHeader().asMap().entrySet().containsAll(entryProps.entrySet()))
{
+                    continue;
+                }
                 if (signatureEntry.verifySignatureWith(validator)) {
                     return true;
                 }
@@ -135,40 +142,56 @@ public class JwsJsonConsumer {
         return false;
     }
     public boolean verifySignatureWith(PublicKey key, SignatureAlgorithm algo) {
-        return verifySignatureWith(JwsUtils.getPublicKeySignatureVerifier(key, algo));
+        return verifySignatureWith(key, algo, null);
+    }
+    public boolean verifySignatureWith(PublicKey key, SignatureAlgorithm algo, Map<String,
Object> entryProps) {
+        return verifySignatureWith(JwsUtils.getPublicKeySignatureVerifier(key, algo), entryProps);
     }
     public boolean verifySignatureWith(byte[] key, SignatureAlgorithm algo) {
-        return verifySignatureWith(JwsUtils.getHmacSignatureVerifier(key, algo));
+        return verifySignatureWith(key, algo, null);
+    }
+    public boolean verifySignatureWith(byte[] key, SignatureAlgorithm algo, Map<String,
Object> entryProps) {
+        return verifySignatureWith(JwsUtils.getHmacSignatureVerifier(key, algo), entryProps);
+    }
+    public boolean verifySignatureWith(JsonWebKey key) {
+        return verifySignatureWith(JwsUtils.getSignatureVerifier(key));
+    }
+    public boolean verifySignatureWith(JsonWebKey key, SignatureAlgorithm algo) {
+        return verifySignatureWith(key, algo, null);
+    }
+    public boolean verifySignatureWith(JsonWebKey key, SignatureAlgorithm algo, Map<String,
Object> entryProps) {
+        return verifySignatureWith(JwsUtils.getSignatureVerifier(key, algo), entryProps);
     }
-    
     public boolean verifySignatureWith(List<JwsSignatureVerifier> validators) {
-        return verifySignatureWith(validators, false);
+        return verifySignatureWith(validators, null);
     }
     
-    public boolean verifySignatureWith(List<JwsSignatureVerifier> validators, 
-                                       boolean validateAll) {
+    public boolean verifySignatureWith(List<JwsSignatureVerifier> validators, Map<String,
Object> entryProps) {
         try {
-            verifyAndGetNonValidated(validators, validateAll);
+            verifyAndGetNonValidated(validators, entryProps);
         } catch (JwsException ex) {
             LOG.warning("One of JSON JWS signatures is invalid");
             return false;
         }
         return true;
     }
-    
+        
     public List<JwsJsonSignatureEntry> verifyAndGetNonValidated(List<JwsSignatureVerifier>
validators) {
-        return verifyAndGetNonValidated(validators, false);
+        return verifyAndGetNonValidated(validators, null);
     }
     
-        
-    public List<JwsJsonSignatureEntry> verifyAndGetNonValidated(List<JwsSignatureVerifier>
validators,
-                                                                boolean validateAll) {  
 
+    public List<JwsJsonSignatureEntry> verifyAndGetNonValidated(List<JwsSignatureVerifier>
validators, 
+                                                                Map<String, Object>
entryProps) {    
         List<JwsJsonSignatureEntry> validatedSignatures = new LinkedList<JwsJsonSignatureEntry>();
         for (JwsSignatureVerifier validator : validators) {
             List<JwsJsonSignatureEntry> theSignatureEntries = 
                 getSignatureEntryMap().get(validator.getAlgorithm());
             if (theSignatureEntries != null) {
                 for (JwsJsonSignatureEntry sigEntry : theSignatureEntries) {
+                    if (entryProps != null 
+                        && !sigEntry.getUnionHeader().asMap().entrySet().containsAll(entryProps.entrySet()))
{
+                        continue;
+                    }
                     if (sigEntry.verifySignatureWith(validator)) {     
                         validatedSignatures.add(sigEntry);
                         break;
@@ -185,13 +208,14 @@ public class JwsJsonConsumer {
                 nonValidatedSignatures.add(sigEntry);
             }
         }
-        if (validateAll && !nonValidatedSignatures.isEmpty()) {
-            throw new JwsException(JwsException.Error.INVALID_SIGNATURE);    
-        }
         return nonValidatedSignatures;
     }
     public String verifyAndProduce(List<JwsSignatureVerifier> validators) {
-        List<JwsJsonSignatureEntry> nonValidated = verifyAndGetNonValidated(validators,
false);
+        return verifyAndProduce(validators, null);
+        
+    }
+    public String verifyAndProduce(List<JwsSignatureVerifier> validators, Map<String,
Object> entryProps) {
+        List<JwsJsonSignatureEntry> nonValidated = verifyAndGetNonValidated(validators,
entryProps);
         if (!nonValidated.isEmpty()) {
             JwsJsonProducer producer = new JwsJsonProducer(getDecodedJwsPayload());
             producer.getSignatureEntries().addAll(nonValidated);
@@ -200,11 +224,6 @@ public class JwsJsonConsumer {
             return null;
         }
     }
-    public boolean verifySignatureWith(JsonWebKey key) {
-        return verifySignatureWith(JwsUtils.getSignatureVerifier(key));
-    }
-    public boolean verifySignatureWith(JsonWebKey key, SignatureAlgorithm algo) {
-        return verifySignatureWith(JwsUtils.getSignatureVerifier(key, algo));
-    }
+    
     
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/163f9b25/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumerTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumerTest.java
b/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumerTest.java
index 642e2ce..4d72182 100644
--- a/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumerTest.java
+++ b/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumerTest.java
@@ -108,24 +108,6 @@ public class JwsJsonConsumerTest extends Assert {
         assertEquals(KID_OF_THE_SECOND_SIGNER, remainingEntries.get(0).getKeyId());
         
     }
-    
-    @Test(expected = JwsException.class)
-    public void testFailVerifyAllWithSingleValidator() throws Exception {
-        JwsJsonConsumer consumer = new JwsJsonConsumer(DUAL_SIGNED_DOCUMENT); 
-        JsonWebKeys jwks = readKeySet("jwkPublicJsonConsumerSet.txt");
-        
-        List<JwsJsonSignatureEntry> sigEntries = consumer.getSignatureEntries();
-        assertEquals(2, sigEntries.size());
-        // 1st signature
-        String firstKid = (String)sigEntries.get(0).getKeyId();
-        assertEquals(KID_OF_THE_FIRST_SIGNER, firstKid);
-        JsonWebKey rsaKey = jwks.getKey(firstKid);
-        assertNotNull(rsaKey);
-        JwsSignatureVerifier jws = JwsUtils.getSignatureVerifier(rsaKey);
-        assertTrue(consumer.verifySignatureWith(jws));
-        consumer.verifyAndGetNonValidated(Collections.singletonList(jws), true);
-        fail();
-    }
     public JsonWebKeys readKeySet(String fileName) throws Exception {
         InputStream is = JwsJsonConsumerTest.class.getResourceAsStream(fileName);
         return JwkUtils.readJwkSet(is);

http://git-wip-us.apache.org/repos/asf/cxf/blob/163f9b25/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JAXRSJwsJsonTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JAXRSJwsJsonTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JAXRSJwsJsonTest.java
index a556420..0089bb7 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JAXRSJwsJsonTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JAXRSJwsJsonTest.java
@@ -115,7 +115,11 @@ public class JAXRSJwsJsonTest extends AbstractBusClientServerTestBase
{
         List<String> properties = new ArrayList<String>();
         properties.add("org/apache/cxf/systest/jaxrs/security/secret.jwk.properties");
         properties.add("org/apache/cxf/systest/jaxrs/security/secret.jwk.hmac.properties");
-        BookStore bs = createBookStore(address, properties, null);
+        Map<String, Object> map = new HashMap<String, Object>();
+        map.put(JoseConstants.RSSEC_SIGNATURE_OUT_PROPS, properties);
+        map.put(JoseConstants.RSSEC_SIGNATURE_IN_PROPS, 
+                "org/apache/cxf/systest/jaxrs/security/secret.jwk.hmac.properties");
+        BookStore bs = createBookStore(address, map, null);
         Book book = bs.echoBook(new Book("book", 123L));
         assertEquals("book", book.getName());
         assertEquals(123L, book.getId());
@@ -126,7 +130,11 @@ public class JAXRSJwsJsonTest extends AbstractBusClientServerTestBase
{
         String address = "https://localhost:" + PORT + "/jwsjsonhmac2";
         List<String> properties = new ArrayList<String>();
         properties.add("org/apache/cxf/systest/jaxrs/security/secret.jwk.hmac2.properties");
-        BookStore bs = createBookStore(address, properties, null);
+        Map<String, Object> map = new HashMap<String, Object>();
+        map.put(JoseConstants.RSSEC_SIGNATURE_OUT_PROPS, properties);
+        map.put(JoseConstants.RSSEC_SIGNATURE_IN_PROPS, 
+                "org/apache/cxf/systest/jaxrs/security/secret.jwk.properties");
+        BookStore bs = createBookStore(address, map, null);
         Book book = bs.echoBook2(new Book("book", 123L));
         assertEquals("book", book.getName());
         assertEquals(123L, book.getId());

http://git-wip-us.apache.org/repos/asf/cxf/blob/163f9b25/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwejws/serverJwsJson.xml
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwejws/serverJwsJson.xml
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwejws/serverJwsJson.xml
index 1cf78c8..840dfbd 100644
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwejws/serverJwsJson.xml
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwejws/serverJwsJson.xml
@@ -82,7 +82,9 @@ under the License.
             <ref bean="jwsOutFilter"/>
         </jaxrs:providers>
         <jaxrs:properties>
-            <entry key="rs.security.signature.properties" 
+            <entry key="rs.security.signature.in.properties" 
+            value="org/apache/cxf/systest/jaxrs/security/secret.jwk.hmac.properties"/>
+            <entry key="rs.security.signature.out.properties" 
             value="org/apache/cxf/systest/jaxrs/security/secret.jwk.properties,org/apache/cxf/systest/jaxrs/security/secret.jwk.hmac.properties"/>
         </jaxrs:properties>
     </jaxrs:server>


Mime
View raw message