cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [5/5] cxf-fediz git commit: Folded SAML SSO federation tests in with WS-Federation
Date Thu, 03 Nov 2016 17:30:05 GMT
Folded SAML SSO federation tests in with WS-Federation


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6fef44bb
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6fef44bb
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6fef44bb

Branch: refs/heads/master
Commit: 6fef44bb12531ca8de279275ed2d33fdbe50e3a2
Parents: ce2cc78
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Nov 3 17:29:40 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Nov 3 17:29:40 2016 +0000

----------------------------------------------------------------------
 systests/federation/pom.xml                     |   1 -
 systests/federation/samlsso/pom.xml             | 330 ------------
 .../cxf/fediz/integrationtests/SAMLSSOTest.java | 382 --------------
 .../src/test/resources/entities-realma.xml      | 518 -------------------
 .../test/resources/fediz_config_saml_sso.xml    | 116 -----
 .../test/resources/realmb/entities-realmb.xml   | 423 ---------------
 .../src/test/resources/realmb/idp-servlet.xml   | 120 -----
 .../resources/realmb/persistence.properties     |  15 -
 .../src/test/resources/realmb/realm.properties  |   6 -
 .../test/resources/realmb/security-config.xml   | 135 -----
 systests/federation/wsfed/pom.xml               |  10 +
 .../cxf/fediz/integrationtests/WSFedTest.java   | 225 +++++++-
 .../src/test/resources/fediz_config_wsfed.xml   |  92 +++-
 .../test/resources/realma/entities-realma.xml   |  61 ++-
 .../test/resources/realmb/entities-realmb.xml   |   8 +-
 .../src/test/resources/realmb/idp-servlet.xml   |   4 +
 .../test/resources/realmb/security-config.xml   |  26 +
 17 files changed, 409 insertions(+), 2063 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6fef44bb/systests/federation/pom.xml
----------------------------------------------------------------------
diff --git a/systests/federation/pom.xml b/systests/federation/pom.xml
index 26a0549..b158064 100644
--- a/systests/federation/pom.xml
+++ b/systests/federation/pom.xml
@@ -33,7 +33,6 @@
     <modules>
         <module>samlIdpWebapp</module>
         <module>oidcIdpWebapp</module>
-        <module>samlsso</module>
         <module>oidc</module>
         <module>wsfed</module>
     </modules>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6fef44bb/systests/federation/samlsso/pom.xml
----------------------------------------------------------------------
diff --git a/systests/federation/samlsso/pom.xml b/systests/federation/samlsso/pom.xml
deleted file mode 100644
index da610a7..0000000
--- a/systests/federation/samlsso/pom.xml
+++ /dev/null
@@ -1,330 +0,0 @@
-<?xml version="1.0"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements. See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership. The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License. You may obtain a copy of the License at
- 
-  http://www.apache.org/licenses/LICENSE-2.0
- 
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied. See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <parent>
-        <groupId>org.apache.cxf.fediz.systests</groupId>
-        <artifactId>fediz-systests-federation</artifactId>
-        <version>1.3.2-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
-    </parent>
-    <groupId>org.apache.cxf.fediz.systests.federation</groupId>
-    <artifactId>fediz-systests-federation-samlsso</artifactId>
-    <name>Apache Fediz Federation Systests Tomcat 7 SAML SSO</name>
-    <packaging>jar</packaging>
-    <properties>
-        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-    </properties>
-    <dependencies>
-        <dependency>
-            <groupId>org.apache.tomcat.embed</groupId>
-            <artifactId>tomcat-embed-core</artifactId>
-            <version>${tomcat7.version}</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.tomcat.embed</groupId>
-            <artifactId>tomcat-embed-logging-juli</artifactId>
-            <version>${tomcat7.version}</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.jdt.core.compiler</groupId>
-            <artifactId>ecj</artifactId>
-            <version>${ecj.version}</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.tomcat.embed</groupId>
-            <artifactId>tomcat-embed-jasper</artifactId>
-            <version>${tomcat7.version}</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
-            <version>${junit.version}</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.cxf.fediz</groupId>
-            <artifactId>fediz-tomcat7</artifactId>
-            <version>${project.version}</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.cxf.fediz.systests</groupId>
-            <artifactId>fediz-systests-tests</artifactId>
-            <version>${project.version}</version>
-            <type>test-jar</type>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-api</artifactId>
-            <version>${slf4j.version}</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-jdk14</artifactId>
-            <version>${slf4j.version}</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.hsqldb</groupId>
-            <artifactId>hsqldb</artifactId>
-            <version>${hsqldb.version}</version>
-            <scope>test</scope>
-        </dependency>
-    </dependencies>
-    <build>
-        <testResources>
-            <testResource>
-                <directory>src/test/resources</directory>
-                <filtering>true</filtering>
-                <includes>
-                    <include>**/fediz_config*.xml</include>
-                </includes>
-            </testResource>
-            <testResource>
-                <directory>src/test/resources</directory>
-                <filtering>false</filtering>
-                <excludes>
-                    <exclude>**/fediz_config*.xml</exclude>
-                </excludes>
-            </testResource>
-        </testResources>
-        <plugins>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>build-helper-maven-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>reserve-network-port</id>
-                        <goals>
-                            <goal>reserve-network-port</goal>
-                        </goals>
-                        <phase>initialize</phase>
-                        <configuration>
-                            <portNames>
-                                <portName>idp.https.port</portName>
-                                <portName>idp.samlsso.https.port</portName>
-                                <portName>idp.realmb.https.port</portName>
-                                <portName>rp.https.port</portName>
-                            </portNames>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-dependency-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <id>copy-idp-sts</id>
-                        <phase>generate-resources</phase>
-                        <goals>
-                            <goal>unpack</goal>
-                        </goals>
-                        <configuration>
-                            <artifactItems>
-                                <artifactItem>
-                                    <groupId>org.apache.cxf.fediz</groupId>
-                                    <artifactId>fediz-idp</artifactId>
-                                    <version>${project.version}</version>
-                                    <type>war</type>
-                                    <overWrite>true</overWrite>
-                                    <outputDirectory>target/tomcat/idp/webapps/fediz-idp</outputDirectory>
-                                </artifactItem>
-                                <artifactItem>
-                                    <groupId>org.apache.cxf.fediz</groupId>
-                                    <artifactId>fediz-idp-sts</artifactId>
-                                    <version>${project.version}</version>
-                                    <type>war</type>
-                                    <overWrite>true</overWrite>
-                                    <outputDirectory>target/tomcat/idp/webapps/fediz-idp-sts</outputDirectory>
-                                </artifactItem>
-                                <artifactItem>
-                                    <groupId>org.apache.cxf.fediz.systests.federation</groupId>
-                                    <artifactId>fediz-systests-federation-samlIdpWebapp</artifactId>
-                                    <version>${project.version}</version>
-                                    <type>war</type>
-                                    <overWrite>true</overWrite>
-                                    <outputDirectory>target/tomcat/idpsamlsso/webapps/idpsaml</outputDirectory>
-                                </artifactItem>
-                                <artifactItem>
-                                    <groupId>org.apache.cxf.fediz.systests.webapps</groupId>
-                                    <artifactId>fediz-systests-webapps-simple</artifactId>
-                                    <version>${project.version}</version>
-                                    <type>war</type>
-                                    <overWrite>true</overWrite>
-                                    <outputDirectory>target/tomcat/rp/webapps/simpleWebapp</outputDirectory>
-                                </artifactItem>
-                                <artifactItem>
-                                    <groupId>org.apache.cxf.fediz</groupId>
-                                    <artifactId>fediz-idp</artifactId>
-                                    <version>${project.version}</version>
-                                    <type>war</type>
-                                    <overWrite>true</overWrite>
-                                    <outputDirectory>target/tomcat/idprealmb/webapps/fediz-idp-realmb</outputDirectory>
-                                </artifactItem>
-                                <artifactItem>
-                                    <groupId>org.apache.cxf.fediz</groupId>
-                                    <artifactId>fediz-idp-sts</artifactId>
-                                    <version>${project.version}</version>
-                                    <type>war</type>
-                                    <overWrite>true</overWrite>
-                                    <outputDirectory>target/tomcat/idprealmb/webapps/fediz-idp-sts-realmb</outputDirectory>
-                                </artifactItem>
-                                <artifactItem>
-                                    <groupId>org.apache.cxf.fediz.systests</groupId>
-                                    <artifactId>fediz-systests-tests</artifactId>
-                                    <version>${project.version}</version>
-                                    <classifier>tests</classifier>
-                                    <type>jar</type>
-                                    <overWrite>true</overWrite>
-                                    <outputDirectory>target/test-classes</outputDirectory>
-                                    <includes>**/*.jks</includes>
-                                </artifactItem>
-                            </artifactItems>
-                            <outputAbsoluteArtifactFilename>true</outputAbsoluteArtifactFilename>
-                            <overWriteSnapshots>true</overWriteSnapshots>
-                            <overWriteIfNewer>true</overWriteIfNewer>
-                            <stripVersion>true</stripVersion>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <artifactId>maven-resources-plugin</artifactId>
-                <version>2.7</version>
-                <executions>
-                    <execution>
-                        <id>copy-entities-to-idp</id>
-                        <phase>generate-test-sources</phase>
-                        <goals>
-                            <goal>copy-resources</goal>
-                        </goals>
-                        <configuration>
-                            <outputDirectory>${basedir}/target/tomcat/idp/webapps/fediz-idp/WEB-INF/classes</outputDirectory>
-                            <resources>          
-                                <resource>
-                                    <directory>${basedir}/src/test/resources</directory>
-                                    <includes>
-                                        <include>entities-realma.xml</include>
-                                    </includes>
-                                    <filtering>true</filtering>
-                                </resource>
-                            </resources>              
-                        </configuration>            
-                    </execution>
-                    <execution>
-                        <id>copy-entities-to-remote-idp</id>
-                        <phase>generate-test-sources</phase>
-                        <goals>
-                            <goal>copy-resources</goal>
-                        </goals>
-                        <configuration>
-                            <outputDirectory>${basedir}/target/tomcat/idprealmb/webapps/fediz-idp-realmb/WEB-INF/classes</outputDirectory>
-                            <resources>          
-                                <resource>
-                                    <directory>${basedir}/src/test/resources/realmb</directory>
-                                    <includes>
-                                        <include>entities-realmb.xml</include>
-                                        <include>realm.properties</include>
-                                        <include>persistence.properties</include>
-                                    </includes>
-                                    <filtering>true</filtering>
-                                </resource>
-                            </resources>              
-                        </configuration>            
-                    </execution>
-                    <execution>
-                        <id>copy-entities-to-remote-idp2</id>
-                        <phase>generate-test-sources</phase>
-                        <goals>
-                            <goal>copy-resources</goal>
-                        </goals>
-                        <configuration>
-                            <outputDirectory>${basedir}/target/tomcat/idprealmb/webapps/fediz-idp-realmb/WEB-INF</outputDirectory>
-                            <resources>          
-                                <resource>
-                                    <directory>${basedir}/src/test/resources/realmb</directory>
-                                    <includes>
-                                        <include>idp-servlet.xml</include>
-                                        <include>security-config.xml</include>
-                                    </includes>
-                                    <filtering>true</filtering>
-                                </resource>
-                            </resources>              
-                        </configuration>            
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <artifactId>maven-failsafe-plugin</artifactId>
-                <inherited>true</inherited>
-                <executions>
-                    <execution>
-                        <id>integration-test</id>
-                        <phase>integration-test</phase>
-                        <goals>
-                            <goal>integration-test</goal>
-                        </goals>
-                        <configuration>
-                            <skip>${skipTests}</skip>
-                            <systemPropertyVariables>
-                                <wt.headless>true</wt.headless>
-                                <idp.https.port>${idp.https.port}</idp.https.port>
-                                <idp.samlsso.https.port>${idp.samlsso.https.port}</idp.samlsso.https.port>
-                                <idp.realmb.https.port>${idp.realmb.https.port}</idp.realmb.https.port>
-                                <rp.https.port>${rp.https.port}</rp.https.port>
-                            </systemPropertyVariables>
-                            <includes>
-                                <include>**/integrationtests/**</include>
-                            </includes>
-                            <argLine>-Xms512m -Xmx1024m
-                                -XX:MaxPermSize=256m</argLine>
-                        </configuration>
-                    </execution>
-                    <execution>
-                        <id>verify</id>
-                        <phase>verify</phase>
-                        <goals>
-                            <goal>verify</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-surefire-plugin</artifactId>
-                <inherited>true</inherited>
-                <configuration>
-                    <excludes>
-                        <exclude>**/integrationtests/**</exclude>
-                    </excludes>
-                </configuration>
-            </plugin>
-        </plugins>
-    </build>
-</project>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6fef44bb/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java
----------------------------------------------------------------------
diff --git a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java
deleted file mode 100644
index 0f67fc7..0000000
--- a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java
+++ /dev/null
@@ -1,382 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.fediz.integrationtests;
-
-
-import java.io.File;
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-
-import com.gargoylesoftware.htmlunit.CookieManager;
-import com.gargoylesoftware.htmlunit.WebClient;
-import com.gargoylesoftware.htmlunit.html.HtmlForm;
-import com.gargoylesoftware.htmlunit.html.HtmlPage;
-import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput;
-import com.gargoylesoftware.htmlunit.xml.XmlPage;
-
-import org.apache.catalina.Context;
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.LifecycleState;
-import org.apache.catalina.connector.Connector;
-import org.apache.catalina.startup.Tomcat;
-import org.apache.cxf.fediz.core.ClaimTypes;
-import org.apache.cxf.fediz.core.util.DOMUtils;
-import org.apache.cxf.fediz.tomcat7.FederationAuthenticator;
-import org.apache.http.auth.AuthScope;
-import org.apache.http.auth.UsernamePasswordCredentials;
-import org.apache.xml.security.keys.KeyInfo;
-import org.apache.xml.security.signature.XMLSignature;
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-/**
- * This is a test for federation using SAML SSO in the IdP. The RP application is configured to use a home realm
- * which is different to that of the IdP ("realm a"). The IdP for realm "a" then redirects the client to the
- * relevant IdP, which is a SAML SSO IdP. Two different third party IdPs are used - a mock SAML SSO IdP, which 
- * supports both the redirect and POST bindings, as well as the Fediz IdP itself.
- */
-public class SAMLSSOTest {
-
-    static String idpHttpsPort;
-    static String idpSamlSSOHttpsPort;
-    static String rpHttpsPort;
-    static String idpRealmbHttpsPort;
-    
-    private static Tomcat idpServer;
-    private static Tomcat idpSamlSSOServer;
-    private static Tomcat idpRealmbServer;
-    private static Tomcat rpServer;
-    
-    @BeforeClass
-    public static void init() throws Exception {
-        System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.SimpleLog");
-        System.setProperty("org.apache.commons.logging.simplelog.showdatetime", "true");
-        System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire", "info");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient", "info");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.webflow", "info");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.security.web", "info");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf.fediz", "info");
-        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf", "info");  
-        
-        idpHttpsPort = System.getProperty("idp.https.port");
-        Assert.assertNotNull("Property 'idp.https.port' null", idpHttpsPort);
-        idpSamlSSOHttpsPort = System.getProperty("idp.samlsso.https.port");
-        Assert.assertNotNull("Property 'idp.samlsso.https.port' null", idpSamlSSOHttpsPort);
-        idpRealmbHttpsPort = System.getProperty("idp.realmb.https.port");
-        Assert.assertNotNull("Property 'idp.realmb.https.port' null", idpRealmbHttpsPort);
-        rpHttpsPort = System.getProperty("rp.https.port");
-        Assert.assertNotNull("Property 'rp.https.port' null", rpHttpsPort);
-
-        idpServer = startServer(true, false, false, idpHttpsPort);
-        idpSamlSSOServer = startServer(false, true, false, idpSamlSSOHttpsPort);
-        idpRealmbServer = startServer(false, false, true, idpRealmbHttpsPort);
-        rpServer = startServer(false, false, false, rpHttpsPort);
-    }
-    
-    private static Tomcat startServer(boolean idp, boolean samlSSOIdP, boolean realmb, String port) 
-        throws ServletException, LifecycleException, IOException {
-        Tomcat server = new Tomcat();
-        server.setPort(0);
-        String currentDir = new File(".").getCanonicalPath();
-        String baseDir = currentDir + File.separator + "target";
-        server.setBaseDir(baseDir);
-
-        if (idp) {
-            server.getHost().setAppBase("tomcat/idp/webapps");
-        } else if (samlSSOIdP) {
-            server.getHost().setAppBase("tomcat/idpsamlsso/webapps");
-        } else if (realmb) {
-            server.getHost().setAppBase("tomcat/idprealmb/webapps");
-        } else {
-            server.getHost().setAppBase("tomcat/rp/webapps");
-        }
-        server.getHost().setAutoDeploy(true);
-        server.getHost().setDeployOnStartup(true);
-
-        Connector httpsConnector = new Connector();
-        httpsConnector.setPort(Integer.parseInt(port));
-        httpsConnector.setSecure(true);
-        httpsConnector.setScheme("https");
-        //httpsConnector.setAttribute("keyAlias", keyAlias);
-        httpsConnector.setAttribute("keystorePass", "tompass");
-        httpsConnector.setAttribute("keystoreFile", "test-classes/server.jks");
-        httpsConnector.setAttribute("truststorePass", "tompass");
-        httpsConnector.setAttribute("truststoreFile", "test-classes/server.jks");
-        httpsConnector.setAttribute("clientAuth", "want");
-        // httpsConnector.setAttribute("clientAuth", "false");
-        httpsConnector.setAttribute("sslProtocol", "TLS");
-        httpsConnector.setAttribute("SSLEnabled", true);
-
-        server.getService().addConnector(httpsConnector);
-
-        if (idp) {
-            File stsWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(), "fediz-idp-sts");
-            server.addWebapp("/fediz-idp-sts", stsWebapp.getAbsolutePath());
-    
-            File idpWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(), "fediz-idp");
-            server.addWebapp("/fediz-idp", idpWebapp.getAbsolutePath());
-        } else if (samlSSOIdP) {
-            File idpWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(), "idpsaml");
-            server.addWebapp("/idp", idpWebapp.getAbsolutePath());
-        } else if (realmb) {
-            File stsWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(), "fediz-idp-sts-realmb");
-            server.addWebapp("/fediz-idp-sts-realmb", stsWebapp.getAbsolutePath());
-    
-            File idpWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(), "fediz-idp-realmb");
-            server.addWebapp("/fediz-idp-realmb", idpWebapp.getAbsolutePath());
-        } else {
-            File rpWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(), "simpleWebapp");
-            Context cxt = server.addWebapp("/fedizhelloworld", rpWebapp.getAbsolutePath());
-            
-            FederationAuthenticator fa = new FederationAuthenticator();
-            fa.setConfigFile(currentDir + File.separator + "target" + File.separator
-                             + "test-classes" + File.separator + "fediz_config_saml_sso.xml");
-            cxt.getPipeline().addValve(fa);
-            
-            File rpWebapp2 = new File(baseDir + File.separator + server.getHost().getAppBase(), "simpleWebapp");
-            cxt = server.addWebapp("/fedizhelloworld-post-binding", rpWebapp2.getAbsolutePath());
-            cxt.getPipeline().addValve(fa);
-            
-            File rpWebapp3 = new File(baseDir + File.separator + server.getHost().getAppBase(), "simpleWebapp");
-            cxt = server.addWebapp("/fedizhelloworld3", rpWebapp3.getAbsolutePath());
-            cxt.getPipeline().addValve(fa);
-        }
-
-        server.start();
-
-        return server;
-    }
-    
-    
-    @AfterClass
-    public static void cleanup() {
-        shutdownServer(idpServer);
-        shutdownServer(idpSamlSSOServer);
-        shutdownServer(idpRealmbServer);
-        shutdownServer(rpServer);
-    }
-    
-    private static void shutdownServer(Tomcat server) {
-        try {
-            if (server != null && server.getServer() != null
-                && server.getServer().getState() != LifecycleState.DESTROYED) {
-                if (server.getServer().getState() != LifecycleState.STOPPED) {
-                    server.stop();
-                }
-                server.destroy();
-            }
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-    }
-
-    public String getIdpHttpsPort() {
-        return idpHttpsPort;
-    }
-
-    public String getRpHttpsPort() {
-        return rpHttpsPort;
-    }
-    
-    public String getServletContextName() {
-        return "fedizhelloworld";
-    }
-    
-    public String getIdpRealmbHttpsPort() {
-        return idpRealmbHttpsPort;
-    }
-    
-    @org.junit.Test
-    public void testSAMLSSO() throws Exception {
-        String url = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet";
-        // System.out.println("URL: " + url);
-        // Thread.sleep(60 * 2 * 1000);
-        String user = "ALICE";  // realm b credentials
-        String password = "ECILA";
-        
-        final String bodyTextContent = 
-            login(url, user, password, idpSamlSSOHttpsPort, idpHttpsPort, false);
-        
-        Assert.assertTrue("Principal not alice",
-                          bodyTextContent.contains("userPrincipal=alice"));
-        Assert.assertTrue("User " + user + " does not have role Admin",
-                          bodyTextContent.contains("role:Admin=false"));
-        Assert.assertTrue("User " + user + " does not have role Manager",
-                          bodyTextContent.contains("role:Manager=false"));
-        Assert.assertTrue("User " + user + " must have role User",
-                          bodyTextContent.contains("role:User=true"));
-
-        String claim = ClaimTypes.FIRSTNAME.toString();
-        Assert.assertTrue("User " + user + " claim " + claim + " is not 'Alice'",
-                          bodyTextContent.contains(claim + "=Alice"));
-        claim = ClaimTypes.LASTNAME.toString();
-        Assert.assertTrue("User " + user + " claim " + claim + " is not 'Smith'",
-                          bodyTextContent.contains(claim + "=Smith"));
-        claim = ClaimTypes.EMAILADDRESS.toString();
-        Assert.assertTrue("User " + user + " claim " + claim + " is not 'alice@realma.org'",
-                          bodyTextContent.contains(claim + "=alice@realma.org"));
-    }
-    
-    @org.junit.Test
-    public void testSAMLSSOPostBinding() throws Exception {
-        String url = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld-post-binding/secure/fedservlet";
-        // System.out.println("URL: " + url);
-        // Thread.sleep(60 * 2 * 1000);
-        String user = "ALICE";  // realm b credentials
-        String password = "ECILA";
-        
-        final String bodyTextContent = 
-            login(url, user, password, idpSamlSSOHttpsPort, idpHttpsPort, true);
-        
-        Assert.assertTrue("Principal not alice",
-                          bodyTextContent.contains("userPrincipal=alice"));
-        Assert.assertTrue("User " + user + " does not have role Admin",
-                          bodyTextContent.contains("role:Admin=false"));
-        Assert.assertTrue("User " + user + " does not have role Manager",
-                          bodyTextContent.contains("role:Manager=false"));
-        Assert.assertTrue("User " + user + " must have role User",
-                          bodyTextContent.contains("role:User=true"));
-
-        String claim = ClaimTypes.FIRSTNAME.toString();
-        Assert.assertTrue("User " + user + " claim " + claim + " is not 'Alice'",
-                          bodyTextContent.contains(claim + "=Alice"));
-        claim = ClaimTypes.LASTNAME.toString();
-        Assert.assertTrue("User " + user + " claim " + claim + " is not 'Smith'",
-                          bodyTextContent.contains(claim + "=Smith"));
-        claim = ClaimTypes.EMAILADDRESS.toString();
-        Assert.assertTrue("User " + user + " claim " + claim + " is not 'alice@realma.org'",
-                          bodyTextContent.contains(claim + "=alice@realma.org"));
-    }
-    
-    @Test
-    public void testIdPServiceMetadata() throws Exception {
-        String url = "https://localhost:" + getIdpHttpsPort()
-            + "/fediz-idp/metadata/urn:org:apache:cxf:fediz:idp:realm-B";
-
-        final WebClient webClient = new WebClient();
-        webClient.getOptions().setUseInsecureSSL(true);
-        webClient.getOptions().setSSLClientCertificate(
-            this.getClass().getClassLoader().getResource("client.jks"), "storepass", "jks");
-
-        final XmlPage rpPage = webClient.getPage(url);
-        final String xmlContent = rpPage.asXml();
-        Assert.assertTrue(xmlContent.startsWith("<md:EntityDescriptor"));
-
-        // Now validate the Signature
-        Document doc = rpPage.getXmlDocument();
-
-        doc.getDocumentElement().setIdAttributeNS(null, "ID", true);
-
-        Node signatureNode =
-            DOMUtils.getChild(doc.getDocumentElement(), "Signature");
-        Assert.assertNotNull(signatureNode);
-
-        XMLSignature signature = new XMLSignature((Element)signatureNode, "");
-        KeyInfo ki = signature.getKeyInfo();
-        Assert.assertNotNull(ki);
-        Assert.assertNotNull(ki.getX509Certificate());
-
-        Assert.assertTrue(signature.checkSignatureValue(ki.getX509Certificate()));
-
-        webClient.close();
-    }
-    
-    @org.junit.Test
-    public void testSAMLSSOFedizIdP() throws Exception {
-        String url = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld3/secure/fedservlet";
-        // System.out.println(url);
-        // Thread.sleep(60 * 2 * 1000);
-        String user = "ALICE";  // realm b credentials
-        String password = "ECILA";
-        
-        final String bodyTextContent = 
-            login(url, user, password, getIdpRealmbHttpsPort(), getIdpHttpsPort(), true);
-        
-        Assert.assertTrue("Principal not alice",
-                          bodyTextContent.contains("userPrincipal=alice"));
-        Assert.assertTrue("User " + user + " does not have role Admin",
-                          bodyTextContent.contains("role:Admin=false"));
-        Assert.assertTrue("User " + user + " does not have role Manager",
-                          bodyTextContent.contains("role:Manager=false"));
-        Assert.assertTrue("User " + user + " must have role User",
-                          bodyTextContent.contains("role:User=true"));
-
-        String claim = ClaimTypes.FIRSTNAME.toString();
-        Assert.assertTrue("User " + user + " claim " + claim + " is not 'Alice'",
-                          bodyTextContent.contains(claim + "=Alice"));
-        claim = ClaimTypes.LASTNAME.toString();
-        Assert.assertTrue("User " + user + " claim " + claim + " is not 'Smith'",
-                          bodyTextContent.contains(claim + "=Smith"));
-        claim = ClaimTypes.EMAILADDRESS.toString();
-        Assert.assertTrue("User " + user + " claim " + claim + " is not 'alice@realma.org'",
-                          bodyTextContent.contains(claim + "=alice@realma.org"));
-    }
-    
-    private static String login(String url, String user, String password, 
-                                String idpPort, String rpIdpPort, boolean postBinding) throws IOException {
-        //
-        // Access the RP + get redirected to the IdP for "realm a". Then get redirected to the IdP for
-        // "realm b".
-        //
-        final WebClient webClient = new WebClient();
-        CookieManager cookieManager = new CookieManager();
-        webClient.setCookieManager(cookieManager);
-        webClient.getOptions().setUseInsecureSSL(true);
-        webClient.getCredentialsProvider().setCredentials(
-            new AuthScope("localhost", Integer.parseInt(idpPort)),
-            new UsernamePasswordCredentials(user, password));
-
-        webClient.getOptions().setJavaScriptEnabled(false);
-        HtmlPage idpPage = webClient.getPage(url);
-        
-        if (postBinding) {
-            Assert.assertTrue("SAML IDP Response Form".equals(idpPage.getTitleText())
-                                || "IDP SignIn Response Form".equals(idpPage.getTitleText()));
-            for (HtmlForm form : idpPage.getForms()) {
-                String name = form.getAttributeNS(null, "name");
-                if ("signinresponseform".equals(name) || "samlsigninresponseform".equals(name)) {
-                    final HtmlSubmitInput button = form.getInputByName("_eventId_submit");
-                    idpPage = button.click();
-                }
-            }
-        }
-        
-        Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText());
-
-        // Now redirect back to the RP
-        final HtmlForm form = idpPage.getFormByName("signinresponseform");
-
-        final HtmlSubmitInput button = form.getInputByName("_eventId_submit");
-
-        final HtmlPage rpPage = button.click();
-        Assert.assertEquals("WS Federation Systests Examples", rpPage.getTitleText());
-
-        webClient.close();
-        return rpPage.getBody().getTextContent();
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6fef44bb/systests/federation/samlsso/src/test/resources/entities-realma.xml
----------------------------------------------------------------------
diff --git a/systests/federation/samlsso/src/test/resources/entities-realma.xml b/systests/federation/samlsso/src/test/resources/entities-realma.xml
deleted file mode 100644
index d6965d0..0000000
--- a/systests/federation/samlsso/src/test/resources/entities-realma.xml
+++ /dev/null
@@ -1,518 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements. See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership. The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License. You may obtain a copy of the License at
- 
-  http://www.apache.org/licenses/LICENSE-2.0
- 
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied. See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xmlns:util="http://www.springframework.org/schema/util"
-    xsi:schemaLocation="
-        http://www.springframework.org/schema/beans
-        http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
-        http://www.springframework.org/schema/util
-        http://www.springframework.org/schema/util/spring-util-2.0.xsd">
-
-    <bean id="idp-realmA" class="org.apache.cxf.fediz.service.idp.service.jpa.IdpEntity">
-        <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-A" />
-        <property name="uri" value="realma" />
-        <property name="provideIdpList" value="true" />
-        <property name="useCurrentIdp" value="true" />
-        <property name="certificate" value="stsKeystoreA.properties" />
-        <property name="certificatePassword" value="realma" />
-        <property name="stsUrl" value="https://localhost:${idp.https.port}/fediz-idp-sts/REALMA" />
-        <property name="idpUrl" value="https://localhost:${idp.https.port}/fediz-idp/federation" />
-        <property name="rpSingleSignOutConfirmation" value="true"/>
-        <property name="supportedProtocols">
-            <util:list>
-                <value>http://docs.oasis-open.org/wsfed/federation/200706
-                </value>
-                <value>http://docs.oasis-open.org/ws-sx/ws-trust/200512
-                </value>
-            </util:list>
-        </property>
-        <property name="tokenTypesOffered">
-            <util:list>
-                <value>urn:oasis:names:tc:SAML:1.0:assertion</value>
-                <value>urn:oasis:names:tc:SAML:2.0:assertion</value>
-            </util:list>
-        </property>
-        <property name="authenticationURIs">
-            <util:map>
-                <entry key="default" value="federation/up" />
-                <entry key="http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/SslAndKey" 
-                       value="federation/krb" />
-                <entry key="http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/default"
-                       value="federation/up" />
-                <entry key="http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/Ssl"
-                       value="federation/clientcert" />
-            </util:map>
-        </property>
-        <property name="serviceDisplayName" value="REALM A" />
-        <property name="serviceDescription" value="IDP of Realm A" />
-        <property name="applications">
-            <util:list>
-                <ref bean="srv-fedizhelloworld" />
-            </util:list>
-        </property>
-        <property name="trustedIdps">
-            <util:list>
-                <ref bean="trusted-idp-realmB" />
-                <ref bean="trusted-idp-realmC" />
-                <ref bean="trusted-idp-realmD" />
-            </util:list>
-        </property>
-        <property name="claimTypesOffered">
-            <util:list>
-                <ref bean="claim_role" />
-                <ref bean="claim_surname" />
-                <ref bean="claim_givenname" />
-                <ref bean="claim_email" />
-            </util:list>
-        </property>
-    </bean>
-
-    <bean id="trusted-idp-realmB"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.TrustedIdpEntity">
-        <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-B" />
-        <property name="cacheTokens" value="true" />
-        <property name="url" value="https://localhost:${idp.samlsso.https.port}/idp/samlsso?binding=REDIRECT" />
-        <property name="certificate" value="realmb.cert" />
-        <property name="trustType" value="PEER_TRUST" />
-        <property name="protocol" value="urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser" />
-        <property name="federationType" value="FEDERATE_IDENTITY" />
-        <property name="name" value="Realm B" />
-        <property name="description" value="Realm B description" />
-        <property name="parameters">
-            <util:map>
-                <entry key="sign.request" value="true" />
-                <entry key="support.deflate.encoding" value="true" />
-            </util:map>
-        </property>
-    </bean>
-    
-    <bean id="trusted-idp-realmC"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.TrustedIdpEntity">
-        <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-C" />
-        <property name="cacheTokens" value="true" />
-        <property name="url" value="https://localhost:${idp.samlsso.https.port}/idp/samlsso" />
-        <property name="certificate" value="realmb.cert" />
-        <property name="trustType" value="PEER_TRUST" />
-        <property name="protocol" value="urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser" />
-        <property name="federationType" value="FEDERATE_IDENTITY" />
-        <property name="name" value="Realm C" />
-        <property name="description" value="SAML Web Profile - Response POST Binding" />
-        <property name="parameters">
-            <util:map>
-                <entry key="sign.request" value="true" />
-            </util:map>
-        </property>
-    </bean>
-    
-    <bean id="trusted-idp-realmD"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.TrustedIdpEntity">
-        <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-D" />
-        <property name="issuer" value="urn:org:apache:cxf:fediz:idp:realm-B" />
-        <property name="cacheTokens" value="true" />
-        <property name="url" value="https://localhost:${idp.realmb.https.port}/fediz-idp-realmb/saml/up" />
-        <property name="certificate" value="realmb.cert" />
-        <property name="trustType" value="PEER_TRUST" />
-        <property name="protocol" value="urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser" />
-        <property name="federationType" value="FEDERATE_IDENTITY" />
-        <property name="name" value="Realm B" />
-        <property name="description" value="Realm B description" />
-        <property name="parameters">
-            <util:map>
-                <entry key="sign.request" value="true" />
-            </util:map>
-        </property>
-    </bean>
-
-    <bean id="srv-fedizhelloworld" class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationEntity">
-        <property name="realm" value="urn:org:apache:cxf:fediz:fedizhelloworld" />
-        <property name="protocol" value="http://docs.oasis-open.org/wsfed/federation/200706" />
-        <property name="serviceDisplayName" value="Fedizhelloworld" />
-        <property name="serviceDescription" value="Web Application to illustrate WS-Federation" />
-        <property name="role" value="ApplicationServiceType" />
-        <property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" />
-        <property name="lifeTime" value="3600" />
-        <property name="passiveRequestorEndpointConstraint" 
-                  value="https://localhost:(\d)*/(\w)*helloworld.*/secure/.*" />
-    </bean>
-    
-    <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
-        <property name="application" ref="srv-fedizhelloworld" />
-        <property name="claim" ref="claim_role" />
-        <property name="optional" value="false" />
-    </bean>
-    <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
-        <property name="application" ref="srv-fedizhelloworld" />
-        <property name="claim" ref="claim_givenname" />
-        <property name="optional" value="false" />
-    </bean>
-    <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
-        <property name="application" ref="srv-fedizhelloworld" />
-        <property name="claim" ref="claim_surname" />
-        <property name="optional" value="false" />
-    </bean>
-    <bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
-        <property name="application" ref="srv-fedizhelloworld" />
-        <property name="claim" ref="claim_email" />
-        <property name="optional" value="false" />
-    </bean>
-    
-    <bean id="claim_role"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
-        <property name="claimType"
-            value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role" />
-        <property name="displayName"
-            value="role" />
-        <property name="description"
-            value="Description for role" />
-    </bean>
-    <bean id="claim_givenname"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
-        <property name="claimType"
-            value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" />
-        <property name="displayName"
-            value="firstname" />
-        <property name="description"
-            value="Description for firstname" />
-    </bean>
-    <bean id="claim_surname"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
-        <property name="claimType"
-            value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" />
-        <property name="displayName"
-            value="lastname" />
-        <property name="description"
-            value="Description for lastname" />
-    </bean>
-    <bean id="claim_email"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
-        <property name="claimType"
-            value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
-        <property name="displayName"
-            value="email" />
-        <property name="description"
-            value="Description for email" />
-    </bean>
-    
-    
-    <bean id="entitlement_claim_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="CLAIM_LIST" />
-        <property name="description"
-            value="Description for CLAIM_LIST" />
-    </bean>
-    <bean id="entitlement_claim_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="CLAIM_CREATE" />
-        <property name="description"
-            value="Description for CLAIM_CREATE" />
-    </bean>
-    <bean id="entitlement_claim_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="CLAIM_READ" />
-        <property name="description"
-            value="Description for CLAIM_READ" />
-    </bean>
-    <bean id="entitlement_claim_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="CLAIM_UPDATE" />
-        <property name="description"
-            value="Description for CLAIM_UPDATE" />
-    </bean>
-    <bean id="entitlement_claim_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="CLAIM_DELETE" />
-        <property name="description"
-            value="Description for CLAIM_DELETE" />
-    </bean>
-
-    <bean id="entitlement_application_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="APPLICATION_LIST" />
-        <property name="description"
-            value="Description for APPLICATION_LIST" />
-    </bean>
-    <bean id="entitlement_application_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="APPLICATION_CREATE" />
-        <property name="description"
-            value="Description for APPLICATION_CREATE" />
-    </bean>
-    <bean id="entitlement_application_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="APPLICATION_READ" />
-        <property name="description"
-            value="Description for APPLICATION_READ" />
-    </bean>
-    <bean id="entitlement_application_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="APPLICATION_UPDATE" />
-        <property name="description"
-            value="Description for APPLICATION_UPDATE" />
-    </bean>
-    <bean id="entitlement_application_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="APPLICATION_DELETE" />
-        <property name="description"
-            value="Description for APPLICATION_DELETE" />
-    </bean>
-    
-    <bean id="entitlement_trustedidp_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="TRUSTEDIDP_LIST" />
-        <property name="description"
-            value="Description for TRUSTEDIDP_LIST" />
-    </bean>
-    <bean id="entitlement_trustedidp_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="TRUSTEDIDP_CREATE" />
-        <property name="description"
-            value="Description for TRUSTEDIDP_CREATE" />
-    </bean>
-    <bean id="entitlement_trustedidp_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="TRUSTEDIDP_READ" />
-        <property name="description"
-            value="Description for TRUSTEDIDP_READ" />
-    </bean>
-    <bean id="entitlement_trustedidp_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="TRUSTEDIDP_UPDATE" />
-        <property name="description"
-            value="Description for TRUSTEDIDP_UPDATE" />
-    </bean>
-    <bean id="entitlement_trustedidp_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="TRUSTEDIDP_DELETE" />
-        <property name="description"
-            value="Description for TRUSTEDIDP_DELETE" />
-    </bean>
-
-    <bean id="entitlement_idp_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="IDP_LIST" />
-        <property name="description"
-            value="Description for IDP_LIST" />
-    </bean>
-    <bean id="entitlement_idp_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="IDP_CREATE" />
-        <property name="description"
-            value="Description for IDP_CREATE" />
-    </bean>
-    <bean id="entitlement_idp_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="IDP_READ" />
-        <property name="description"
-            value="Description for IDP_READ" />
-    </bean>
-    <bean id="entitlement_idp_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="IDP_UPDATE" />
-        <property name="description"
-            value="Description for IDP_UPDATE" />
-    </bean>
-    <bean id="entitlement_idp_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="IDP_DELETE" />
-        <property name="description"
-            value="Description for IDP_DELETE" />
-    </bean>
-    
-    <bean id="entitlement_role_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ROLE_LIST" />
-        <property name="description"
-            value="Description for ROLE_LIST" />
-    </bean>
-    <bean id="entitlement_role_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ROLE_CREATE" />
-        <property name="description"
-            value="Description for ROLE_CREATE" />
-    </bean>
-    <bean id="entitlement_role_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ROLE_READ" />
-        <property name="description"
-            value="Description for ROLE_READ" />
-    </bean>
-    <bean id="entitlement_role_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ROLE_UPDATE" />
-        <property name="description"
-            value="Description for ROLE_UPDATE" />
-    </bean>
-    <bean id="entitlement_role_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ROLE_DELETE" />
-        <property name="description"
-            value="Description for ROLE_DELETE" />
-    </bean>
-    
-    <bean id="entitlement_entitlement_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ENTITLEMENT_LIST" />
-        <property name="description"
-            value="Description for ENTITLEMENT_LIST" />
-    </bean>
-    <bean id="entitlement_entitlement_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ENTITLEMENT_CREATE" />
-        <property name="description"
-            value="Description for ENTITLEMENT_CREATE" />
-    </bean>
-    <bean id="entitlement_entitlement_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ENTITLEMENT_READ" />
-        <property name="description"
-            value="Description for ENTITLEMENT_READ" />
-    </bean>
-    <bean id="entitlement_entitlement_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ENTITLEMENT_UPDATE" />
-        <property name="description"
-            value="Description for ENTITLEMENT_UPDATE" />
-    </bean>
-    <bean id="entitlement_entitlement_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ENTITLEMENT_DELETE" />
-        <property name="description"
-            value="Description for ENTITLEMENT_DELETE" />
-    </bean>
-    
-    <bean id="role_admin"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.RoleEntity">
-        <property name="name"
-            value="ADMIN" />
-        <property name="description"
-            value="This is the administrator role with full access" />
-        <property name="entitlements">
-            <util:list>
-                <ref bean="entitlement_claim_list" />
-                <ref bean="entitlement_claim_create" />
-                <ref bean="entitlement_claim_read" />
-                <ref bean="entitlement_claim_update" />
-                <ref bean="entitlement_claim_delete" />
-                <ref bean="entitlement_idp_list" />
-                <ref bean="entitlement_idp_create" />
-                <ref bean="entitlement_idp_read" />
-                <ref bean="entitlement_idp_update" />
-                <ref bean="entitlement_idp_delete" />
-                <ref bean="entitlement_trustedidp_list" />
-                <ref bean="entitlement_trustedidp_create" />
-                <ref bean="entitlement_trustedidp_read" />
-                <ref bean="entitlement_trustedidp_update" />
-                <ref bean="entitlement_trustedidp_delete" />
-                <ref bean="entitlement_application_list" />
-                <ref bean="entitlement_application_create" />
-                <ref bean="entitlement_application_read" />
-                <ref bean="entitlement_application_update" />
-                <ref bean="entitlement_application_delete" />
-                <ref bean="entitlement_role_list" />
-                <ref bean="entitlement_role_create" />
-                <ref bean="entitlement_role_read" />
-                <ref bean="entitlement_role_update" />
-                <ref bean="entitlement_role_delete" />
-                <ref bean="entitlement_entitlement_list" />
-                <ref bean="entitlement_entitlement_create" />
-                <ref bean="entitlement_entitlement_read" />
-                <ref bean="entitlement_entitlement_update" />
-                <ref bean="entitlement_entitlement_delete" />
-            </util:list>
-        </property>
-    </bean>
-    <bean id="role_user"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.RoleEntity">
-        <property name="name"
-            value="USER" />
-        <property name="description"
-            value="This is the user role with read access" />
-        <property name="entitlements">
-            <util:list>
-                <ref bean="entitlement_claim_list" />
-                <ref bean="entitlement_claim_read" />
-                <ref bean="entitlement_idp_list" />
-                <ref bean="entitlement_idp_read" />
-                <ref bean="entitlement_trustedidp_list" />
-                <ref bean="entitlement_trustedidp_read" />
-                <ref bean="entitlement_application_list" />
-                <ref bean="entitlement_application_read" />
-                <ref bean="entitlement_role_list" />
-                <ref bean="entitlement_role_read" />
-                <ref bean="entitlement_entitlement_list" />
-                <ref bean="entitlement_entitlement_read" />
-            </util:list>
-        </property>
-    </bean>
-    <bean id="role_idp_login"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.RoleEntity">
-        <property name="name"
-            value="IDP_LOGIN" />
-        <property name="description"
-            value="This is the IDP login role which is applied to Users during the IDP SSO" />
-        <property name="entitlements">
-            <util:list>
-                <ref bean="entitlement_claim_list" />
-                <ref bean="entitlement_claim_read" />
-                <ref bean="entitlement_idp_list" />
-                <ref bean="entitlement_idp_read" />
-                <ref bean="entitlement_trustedidp_list" />
-                <ref bean="entitlement_trustedidp_read" />
-                <ref bean="entitlement_application_list" />
-                <ref bean="entitlement_application_read" />
-            </util:list>
-        </property>
-    </bean>
-    
-
-
-</beans>
-

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6fef44bb/systests/federation/samlsso/src/test/resources/fediz_config_saml_sso.xml
----------------------------------------------------------------------
diff --git a/systests/federation/samlsso/src/test/resources/fediz_config_saml_sso.xml b/systests/federation/samlsso/src/test/resources/fediz_config_saml_sso.xml
deleted file mode 100644
index 5109172..0000000
--- a/systests/federation/samlsso/src/test/resources/fediz_config_saml_sso.xml
+++ /dev/null
@@ -1,116 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements. See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership. The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License. You may obtain a copy of the License at
- 
-  http://www.apache.org/licenses/LICENSE-2.0
- 
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied. See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-<!-- Place in Tomcat conf folder or other location as designated in this sample's webapp/META-INF/context.xml file. 
-     Keystore referenced below must have IDP STS' public cert included in it.  This example re-uses the Tomcat SSL 
-     keystore (tomcat-rp.jks) for this task; alternatively you may wish to use a Fediz-specific keystore instead. 
--->
-<FedizConfig>
-    <contextConfig name="/fedizhelloworld">
-        <audienceUris>
-            <audienceItem>urn:org:apache:cxf:fediz:fedizhelloworld</audienceItem>
-        </audienceUris>
-        <certificateStores>
-            <trustManager>
-                <keyStore file="test-classes/clienttrust.jks"
-                          password="storepass" type="JKS" />
-            </trustManager>
-        </certificateStores>
-        <trustedIssuers>
-            <issuer certificateValidation="PeerTrust" />
-        </trustedIssuers>
-        <maximumClockSkew>1000</maximumClockSkew>
-        <protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-            xsi:type="federationProtocolType" version="1.0.0">
-            <realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
-            <issuer>https://localhost:${idp.https.port}/fediz-idp/federation</issuer>
-            <roleDelimiter>,</roleDelimiter>
-            <roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
-            <freshness>10</freshness>
-            <homeRealm type="String">urn:org:apache:cxf:fediz:idp:realm-B</homeRealm>
-            <claimTypesRequested>
-                <claimType type="a particular claim type"
-                           optional="true" />
-            </claimTypesRequested>
-        </protocol>
-        <logoutURL>/secure/logout</logoutURL>
-        <logoutRedirectTo>/index.html</logoutRedirectTo>
-    </contextConfig>
-    <contextConfig name="/fedizhelloworld-post-binding">
-        <audienceUris>
-            <audienceItem>urn:org:apache:cxf:fediz:fedizhelloworld</audienceItem>
-        </audienceUris>
-        <certificateStores>
-            <trustManager>
-                <keyStore file="test-classes/clienttrust.jks"
-                          password="storepass" type="JKS" />
-            </trustManager>
-        </certificateStores>
-        <trustedIssuers>
-            <issuer certificateValidation="PeerTrust" />
-        </trustedIssuers>
-        <maximumClockSkew>1000</maximumClockSkew>
-        <protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-            xsi:type="federationProtocolType" version="1.0.0">
-            <realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
-            <issuer>https://localhost:${idp.https.port}/fediz-idp/federation</issuer>
-            <roleDelimiter>,</roleDelimiter>
-            <roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
-            <freshness>10</freshness>
-            <homeRealm type="String">urn:org:apache:cxf:fediz:idp:realm-C</homeRealm>
-            <claimTypesRequested>
-                <claimType type="a particular claim type"
-                           optional="true" />
-            </claimTypesRequested>
-        </protocol>
-        <logoutURL>/secure/logout</logoutURL>
-        <logoutRedirectTo>/index.html</logoutRedirectTo>
-    </contextConfig>
-    <contextConfig name="/fedizhelloworld3">
-        <audienceUris>
-            <audienceItem>urn:org:apache:cxf:fediz:fedizhelloworld</audienceItem>
-        </audienceUris>
-        <certificateStores>
-            <trustManager>
-                <keyStore file="test-classes/clienttrust.jks"
-                          password="storepass" type="JKS" />
-            </trustManager>
-        </certificateStores>
-        <trustedIssuers>
-            <issuer certificateValidation="PeerTrust" />
-        </trustedIssuers>
-        <maximumClockSkew>1000</maximumClockSkew>
-        <protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-            xsi:type="federationProtocolType" version="1.0.0">
-            <realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
-            <issuer>https://localhost:${idp.https.port}/fediz-idp/federation</issuer>
-            <roleDelimiter>,</roleDelimiter>
-            <roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
-            <freshness>10</freshness>
-            <homeRealm type="String">urn:org:apache:cxf:fediz:idp:realm-D</homeRealm>
-            <claimTypesRequested>
-                <claimType type="a particular claim type"
-                           optional="true" />
-            </claimTypesRequested>
-        </protocol>
-        <logoutURL>/secure/logout</logoutURL>
-        <logoutRedirectTo>/index.html</logoutRedirectTo>
-    </contextConfig>
-</FedizConfig>
-

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6fef44bb/systests/federation/samlsso/src/test/resources/realmb/entities-realmb.xml
----------------------------------------------------------------------
diff --git a/systests/federation/samlsso/src/test/resources/realmb/entities-realmb.xml b/systests/federation/samlsso/src/test/resources/realmb/entities-realmb.xml
deleted file mode 100644
index 9984af1..0000000
--- a/systests/federation/samlsso/src/test/resources/realmb/entities-realmb.xml
+++ /dev/null
@@ -1,423 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements. See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership. The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License. You may obtain a copy of the License at
- 
-  http://www.apache.org/licenses/LICENSE-2.0
- 
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied. See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xmlns:util="http://www.springframework.org/schema/util"
-    xsi:schemaLocation="
-        http://www.springframework.org/schema/beans
-        http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
-        http://www.springframework.org/schema/util
-        http://www.springframework.org/schema/util/spring-util-2.0.xsd">
-
-    <bean id="idp-realmB" class="org.apache.cxf.fediz.service.idp.service.jpa.IdpEntity">
-        <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-B" />
-        <property name="uri" value="realmb" />
-        <property name="provideIdpList" value="false" />
-        <property name="useCurrentIdp" value="true" />
-        <property name="certificate" value="stsKeystoreB.properties" />
-        <property name="certificatePassword" value="realmb" />
-        <property name="stsUrl" value="https://localhost:${idp.realmb.https.port}/fediz-idp-sts-realmb/REALMB" />
-        <property name="idpUrl" value="https://localhost:${idp.realmb.https.port}/fediz-idp-realmb/saml" />
-        <property name="supportedProtocols">
-            <util:list>
-                <value>urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser
-                </value>
-                <value>http://docs.oasis-open.org/ws-sx/ws-trust/200512
-                </value>
-            </util:list>
-        </property>
-        <property name="tokenTypesOffered">
-            <util:list>
-                <value>urn:oasis:names:tc:SAML:1.0:assertion</value>
-                <value>urn:oasis:names:tc:SAML:2.0:assertion</value>
-            </util:list>
-        </property>
-        <property name="authenticationURIs">
-            <util:map>
-                <entry key="default" value="saml/up" />
-            </util:map>
-        </property>
-        <property name="serviceDisplayName" value="REALM B" />
-        <property name="serviceDescription" value="IDP of Realm B" />
-        <property name="applications">
-            <util:list>
-                <ref bean="idp-realmA" />
-            </util:list>
-        </property>
-        <property name="claimTypesOffered">
-            <util:list>
-                <ref bean="claim_role" />
-                <ref bean="claim_surname" />
-                <ref bean="claim_givenname" />
-                <ref bean="claim_email" />
-            </util:list>
-        </property>
-    </bean>
-
-    <bean id="idp-realmA" class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationEntity">
-        <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-A" />
-        <property name="protocol" value="http://docs.oasis-open.org/wsfed/federation/200706" />
-        <property name="serviceDisplayName" value="Resource IDP Realm A" />
-        <property name="serviceDescription" value="Resource IDP Realm A" />
-        <property name="role" value="SecurityTokenServiceType" />
-        <property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" />
-        <property name="lifeTime" value="3600" />
-        <property name="validatingCertificate" value="realma.cert" />
-    </bean>
-    
-    <bean id="claim_role"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
-        <property name="claimType"
-            value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role" />
-        <property name="displayName"
-            value="role" />
-        <property name="description"
-            value="Description for role" />
-    </bean>
-    <bean id="claim_givenname"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
-        <property name="claimType"
-            value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" />
-        <property name="displayName"
-            value="firstname" />
-        <property name="description"
-            value="Description for firstname" />
-    </bean>
-    <bean id="claim_surname"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
-        <property name="claimType"
-            value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" />
-        <property name="displayName"
-            value="lastname" />
-        <property name="description"
-            value="Description for lastname" />
-    </bean>
-    <bean id="claim_email"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.ClaimEntity">
-        <property name="claimType"
-            value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
-        <property name="displayName"
-            value="email" />
-        <property name="description"
-            value="Description for email" />
-    </bean>
-
-    <bean id="entitlement_claim_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="CLAIM_LIST" />
-        <property name="description"
-            value="Description for CLAIM_LIST" />
-    </bean>
-    <bean id="entitlement_claim_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="CLAIM_CREATE" />
-        <property name="description"
-            value="Description for CLAIM_CREATE" />
-    </bean>
-    <bean id="entitlement_claim_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="CLAIM_READ" />
-        <property name="description"
-            value="Description for CLAIM_READ" />
-    </bean>
-    <bean id="entitlement_claim_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="CLAIM_UPDATE" />
-        <property name="description"
-            value="Description for CLAIM_UPDATE" />
-    </bean>
-    <bean id="entitlement_claim_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="CLAIM_DELETE" />
-        <property name="description"
-            value="Description for CLAIM_DELETE" />
-    </bean>
-
-    <bean id="entitlement_application_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="APPLICATION_LIST" />
-        <property name="description"
-            value="Description for APPLICATION_LIST" />
-    </bean>
-    <bean id="entitlement_application_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="APPLICATION_CREATE" />
-        <property name="description"
-            value="Description for APPLICATION_CREATE" />
-    </bean>
-    <bean id="entitlement_application_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="APPLICATION_READ" />
-        <property name="description"
-            value="Description for APPLICATION_READ" />
-    </bean>
-    <bean id="entitlement_application_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="APPLICATION_UPDATE" />
-        <property name="description"
-            value="Description for APPLICATION_UPDATE" />
-    </bean>
-    <bean id="entitlement_application_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="APPLICATION_DELETE" />
-        <property name="description"
-            value="Description for APPLICATION_DELETE" />
-    </bean>
-    
-    <bean id="entitlement_trustedidp_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="TRUSTEDIDP_LIST" />
-        <property name="description"
-            value="Description for TRUSTEDIDP_LIST" />
-    </bean>
-    <bean id="entitlement_trustedidp_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="TRUSTEDIDP_CREATE" />
-        <property name="description"
-            value="Description for TRUSTEDIDP_CREATE" />
-    </bean>
-    <bean id="entitlement_trustedidp_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="TRUSTEDIDP_READ" />
-        <property name="description"
-            value="Description for TRUSTEDIDP_READ" />
-    </bean>
-    <bean id="entitlement_trustedidp_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="TRUSTEDIDP_UPDATE" />
-        <property name="description"
-            value="Description for TRUSTEDIDP_UPDATE" />
-    </bean>
-    <bean id="entitlement_trustedidp_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="TRUSTEDIDP_DELETE" />
-        <property name="description"
-            value="Description for TRUSTEDIDP_DELETE" />
-    </bean>
-
-    <bean id="entitlement_idp_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="IDP_LIST" />
-        <property name="description"
-            value="Description for IDP_LIST" />
-    </bean>
-    <bean id="entitlement_idp_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="IDP_CREATE" />
-        <property name="description"
-            value="Description for IDP_CREATE" />
-    </bean>
-    <bean id="entitlement_idp_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="IDP_READ" />
-        <property name="description"
-            value="Description for IDP_READ" />
-    </bean>
-    <bean id="entitlement_idp_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="IDP_UPDATE" />
-        <property name="description"
-            value="Description for IDP_UPDATE" />
-    </bean>
-    <bean id="entitlement_idp_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="IDP_DELETE" />
-        <property name="description"
-            value="Description for IDP_DELETE" />
-    </bean>
-    
-    <bean id="entitlement_role_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ROLE_LIST" />
-        <property name="description"
-            value="Description for ROLE_LIST" />
-    </bean>
-    <bean id="entitlement_role_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ROLE_CREATE" />
-        <property name="description"
-            value="Description for ROLE_CREATE" />
-    </bean>
-    <bean id="entitlement_role_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ROLE_READ" />
-        <property name="description"
-            value="Description for ROLE_READ" />
-    </bean>
-    <bean id="entitlement_role_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ROLE_UPDATE" />
-        <property name="description"
-            value="Description for ROLE_UPDATE" />
-    </bean>
-    <bean id="entitlement_role_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ROLE_DELETE" />
-        <property name="description"
-            value="Description for ROLE_DELETE" />
-    </bean>
-    
-    <bean id="entitlement_entitlement_list"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ENTITLEMENT_LIST" />
-        <property name="description"
-            value="Description for ENTITLEMENT_LIST" />
-    </bean>
-    <bean id="entitlement_entitlement_create"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ENTITLEMENT_CREATE" />
-        <property name="description"
-            value="Description for ENTITLEMENT_CREATE" />
-    </bean>
-    <bean id="entitlement_entitlement_read"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ENTITLEMENT_READ" />
-        <property name="description"
-            value="Description for ENTITLEMENT_READ" />
-    </bean>
-    <bean id="entitlement_entitlement_update"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ENTITLEMENT_UPDATE" />
-        <property name="description"
-            value="Description for ENTITLEMENT_UPDATE" />
-    </bean>
-    <bean id="entitlement_entitlement_delete"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.EntitlementEntity">
-        <property name="name"
-            value="ENTITLEMENT_DELETE" />
-        <property name="description"
-            value="Description for ENTITLEMENT_DELETE" />
-    </bean>
-    
-    <bean id="role_admin"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.RoleEntity">
-        <property name="name"
-            value="ADMIN" />
-        <property name="description"
-            value="This is the administrator role with full access" />
-        <property name="entitlements">
-            <util:list>
-                <ref bean="entitlement_claim_list" />
-                <ref bean="entitlement_claim_create" />
-                <ref bean="entitlement_claim_read" />
-                <ref bean="entitlement_claim_update" />
-                <ref bean="entitlement_claim_delete" />
-                <ref bean="entitlement_idp_list" />
-                <ref bean="entitlement_idp_create" />
-                <ref bean="entitlement_idp_read" />
-                <ref bean="entitlement_idp_update" />
-                <ref bean="entitlement_idp_delete" />
-                <ref bean="entitlement_trustedidp_list" />
-                <ref bean="entitlement_trustedidp_create" />
-                <ref bean="entitlement_trustedidp_read" />
-                <ref bean="entitlement_trustedidp_update" />
-                <ref bean="entitlement_trustedidp_delete" />
-                <ref bean="entitlement_application_list" />
-                <ref bean="entitlement_application_create" />
-                <ref bean="entitlement_application_read" />
-                <ref bean="entitlement_application_update" />
-                <ref bean="entitlement_application_delete" />
-                <ref bean="entitlement_role_list" />
-                <ref bean="entitlement_role_create" />
-                <ref bean="entitlement_role_read" />
-                <ref bean="entitlement_role_update" />
-                <ref bean="entitlement_role_delete" />
-                <ref bean="entitlement_entitlement_list" />
-                <ref bean="entitlement_entitlement_create" />
-                <ref bean="entitlement_entitlement_read" />
-                <ref bean="entitlement_entitlement_update" />
-                <ref bean="entitlement_entitlement_delete" />
-            </util:list>
-        </property>
-    </bean>
-    <bean id="role_user"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.RoleEntity">
-        <property name="name"
-            value="USER" />
-        <property name="description"
-            value="This is the user role with read access" />
-        <property name="entitlements">
-            <util:list>
-                <ref bean="entitlement_claim_list" />
-                <ref bean="entitlement_claim_read" />
-                <ref bean="entitlement_idp_list" />
-                <ref bean="entitlement_idp_read" />
-                <ref bean="entitlement_trustedidp_list" />
-                <ref bean="entitlement_trustedidp_read" />
-                <ref bean="entitlement_application_list" />
-                <ref bean="entitlement_application_read" />
-                <ref bean="entitlement_role_list" />
-                <ref bean="entitlement_role_read" />
-                <ref bean="entitlement_entitlement_list" />
-                <ref bean="entitlement_entitlement_read" />
-            </util:list>
-        </property>
-    </bean>
-    <bean id="role_idp_login"
-        class="org.apache.cxf.fediz.service.idp.service.jpa.RoleEntity">
-        <property name="name"
-            value="IDP_LOGIN" />
-        <property name="description"
-            value="This is the IDP login role which is applied to Users during the IDP SSO" />
-        <property name="entitlements">
-            <util:list>
-                <ref bean="entitlement_claim_list" />
-                <ref bean="entitlement_claim_read" />
-                <ref bean="entitlement_idp_list" />
-                <ref bean="entitlement_idp_read" />
-                <ref bean="entitlement_trustedidp_list" />
-                <ref bean="entitlement_trustedidp_read" />
-                <ref bean="entitlement_application_list" />
-                <ref bean="entitlement_application_read" />
-            </util:list>
-        </property>
-    </bean>
-
-</beans>
-


Mime
View raw message