cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf-fediz git commit: Fixing last commit
Date Thu, 26 Jan 2017 12:04:31 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master 307bf80a1 -> 83746b8cc


Fixing last commit


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/83746b8c
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/83746b8c
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/83746b8c

Branch: refs/heads/master
Commit: 83746b8cc0542633052a8d08907bbedd8815b9a0
Parents: 307bf80
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Jan 26 12:04:23 2017 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Jan 26 12:04:23 2017 +0000

----------------------------------------------------------------------
 systests/custom/pom.xml                         | 283 +++++++++++++++++++
 .../src/test/java/custom/CustomUTValidator.java |  76 +++++
 .../systests/custom/CustomParametersTest.java   | 208 ++++++++++++++
 systests/custom/src/test/resources/file.xml     |  66 +++++
 .../src/test/resources/logging.properties       |  54 ++++
 .../resources/realma/security-up-config.xml     |  98 +++++++
 systests/idp/pom.xml                            |  57 ----
 .../src/test/java/custom/CustomUTValidator.java |  76 -----
 .../apache/cxf/fediz/systests/idp/IdpTest.java  |  62 ----
 systests/idp/src/test/resources/file.xml        |  66 -----
 .../resources/realma/security-up-config.xml     |  98 -------
 systests/pom.xml                                |   1 +
 12 files changed, 786 insertions(+), 359 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/custom/pom.xml
----------------------------------------------------------------------
diff --git a/systests/custom/pom.xml b/systests/custom/pom.xml
new file mode 100644
index 0000000..e80d836
--- /dev/null
+++ b/systests/custom/pom.xml
@@ -0,0 +1,283 @@
+<?xml version="1.0"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.apache.cxf.fediz</groupId>
+        <artifactId>fediz-systests</artifactId>
+        <version>1.4.0-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+    <groupId>org.apache.cxf.fediz.systests</groupId>
+    <artifactId>fediz-systests-custom</artifactId>
+    <name>Apache Fediz Custom Systests</name>
+    <packaging>jar</packaging>
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+    </properties>
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.tomcat.embed</groupId>
+            <artifactId>tomcat-embed-core</artifactId>
+            <version>${tomcat7.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.tomcat.embed</groupId>
+            <artifactId>tomcat-embed-logging-juli</artifactId>
+            <version>${tomcat7.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jdt.core.compiler</groupId>
+            <artifactId>ecj</artifactId>
+            <version>${ecj.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.tomcat.embed</groupId>
+            <artifactId>tomcat-embed-jasper</artifactId>
+            <version>${tomcat7.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>${junit.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf.fediz</groupId>
+            <artifactId>fediz-tomcat7</artifactId>
+            <version>${project.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf</groupId>
+            <artifactId>cxf-rt-bindings-soap</artifactId>
+            <version>${cxf.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf.fediz.systests</groupId>
+            <artifactId>fediz-systests-tests</artifactId>
+            <version>${project.version}</version>
+            <type>test-jar</type>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf.fediz.systests</groupId>
+            <artifactId>fediz-systests-tests</artifactId>
+            <version>${project.version}</version>
+            <classifier>tests</classifier>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-jdk14</artifactId>
+            <version>${slf4j.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.hsqldb</groupId>
+            <artifactId>hsqldb</artifactId>
+            <version>${hsqldb.version}</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>build-helper-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>reserve-network-port</id>
+                        <goals>
+                            <goal>reserve-network-port</goal>
+                        </goals>
+                        <phase>initialize</phase>
+                        <configuration>
+                            <portNames>
+                                <portName>idp.https.port</portName>
+                                <portName>rp.https.port</portName>
+                            </portNames>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>copy-idp-sts</id>
+                        <phase>generate-resources</phase>
+                        <goals>
+                            <goal>unpack</goal>
+                        </goals>
+                        <configuration>
+                            <artifactItems>
+                                <artifactItem>
+                                    <groupId>org.apache.cxf.fediz</groupId>
+                                    <artifactId>fediz-idp</artifactId>
+                                    <version>${project.version}</version>
+                                    <type>war</type>
+                                    <overWrite>true</overWrite>
+                                    <outputDirectory>target/tomcat/idp/webapps/fediz-idp</outputDirectory>
+                                </artifactItem>
+                                <artifactItem>
+                                    <groupId>org.apache.cxf.fediz</groupId>
+                                    <artifactId>fediz-idp-sts</artifactId>
+                                    <version>${project.version}</version>
+                                    <type>war</type>
+                                    <overWrite>true</overWrite>
+                                    <outputDirectory>target/tomcat/idp/webapps/fediz-idp-sts</outputDirectory>
+                                </artifactItem>
+                                <artifactItem>
+                                    <groupId>org.apache.cxf.fediz.systests</groupId>
+                                    <artifactId>fediz-systests-tests</artifactId>
+                                    <version>${project.version}</version>
+                                    <classifier>tests</classifier>
+                                    <type>jar</type>
+                                    <overWrite>true</overWrite>
+                                    <outputDirectory>target/test-classes</outputDirectory>
+                                    <includes>**/*.jks</includes>
+                                </artifactItem>
+                            </artifactItems>
+                            <outputAbsoluteArtifactFilename>true</outputAbsoluteArtifactFilename>
+                            <overWriteSnapshots>true</overWriteSnapshots>
+                            <overWriteIfNewer>true</overWriteIfNewer>
+                            <stripVersion>true</stripVersion>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <artifactId>maven-resources-plugin</artifactId>
+                <version>2.7</version>
+                <executions>
+                    <execution>
+                        <id>copy-customised-spring-sec-to-idp</id>
+                        <phase>generate-test-sources</phase>
+                        <goals>
+                            <goal>copy-resources</goal>
+                        </goals>
+                        <configuration>
+                            <outputDirectory>${basedir}/target/tomcat/idp/webapps/fediz-idp/WEB-INF/config</outputDirectory>
+                            <resources>          
+                                <resource>
+                                    <directory>${basedir}/src/test/resources/realma</directory>
+                                    <includes>
+                                        <include>security-up-config.xml</include>
+                                    </includes>
+                                    <filtering>false</filtering>
+                                </resource>
+                            </resources>              
+                        </configuration>            
+                    </execution>
+                    <execution>
+                        <id>copy-customised-sts-config</id>
+                        <phase>generate-test-sources</phase>
+                        <goals>
+                            <goal>copy-resources</goal>
+                        </goals>
+                        <configuration>
+                            <outputDirectory>${basedir}/target/tomcat/idp/webapps/fediz-idp-sts/WEB-INF/endpoints</outputDirectory>
+                            <resources>          
+                                <resource>
+                                    <directory>${basedir}/src/test/resources</directory>
+                                    <includes>
+                                        <include>file.xml</include>
+                                    </includes>
+                                    <filtering>false</filtering>
+                                </resource>
+                            </resources>              
+                        </configuration>            
+                    </execution>
+                    <execution>
+                        <id>copy-custom-validator</id>
+                        <phase>process-test-classes</phase>
+                        <goals>
+                            <goal>copy-resources</goal>
+                        </goals>
+                        <configuration>
+                            <outputDirectory>${basedir}/target/tomcat/idp/webapps/fediz-idp-sts/WEB-INF/classes/custom</outputDirectory>
+                            <resources>          
+                                <resource>
+                                    <directory>${basedir}/target/test-classes/custom</directory>
+                                    <includes>
+                                        <include>CustomUTValidator.class</include>
+                                    </includes>
+                                    <filtering>false</filtering>
+                                </resource>
+                            </resources>              
+                        </configuration>            
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <artifactId>maven-failsafe-plugin</artifactId>
+                <inherited>true</inherited>
+                <executions>
+                    <execution>
+                        <id>integration-test</id>
+                        <phase>integration-test</phase>
+                        <goals>
+                            <goal>integration-test</goal>
+                        </goals>
+                        <configuration>
+                            <skip>${skipTests}</skip>
+                            <systemPropertyVariables>
+                                <wt.headless>true</wt.headless>
+                                <idp.https.port>${idp.https.port}</idp.https.port>
+                                <rp.https.port>${rp.https.port}</rp.https.port>
+                                <java.util.logging.config.file>${basedir}/target/test-classes/logging.properties</java.util.logging.config.file>
+                            </systemPropertyVariables>
+                            <includes>
+                                <include>**/idp/**</include>
+                            </includes>
+                            <argLine>-Xms512m -Xmx1024m -XX:MaxPermSize=256m </argLine>
+                            <!--argLine>-Xms512m -Xmx1024m -XX:MaxPermSize=256m -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=y</argLine-->
+                        </configuration>
+                    </execution>
+                    <execution>
+                        <id>verify</id>
+                        <phase>verify</phase>
+                        <goals>
+                            <goal>verify</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <inherited>true</inherited>
+                <configuration>
+                    <excludes>
+                        <exclude>**/custom/**</exclude>
+                    </excludes>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/custom/src/test/java/custom/CustomUTValidator.java
----------------------------------------------------------------------
diff --git a/systests/custom/src/test/java/custom/CustomUTValidator.java b/systests/custom/src/test/java/custom/CustomUTValidator.java
new file mode 100644
index 0000000..a623411
--- /dev/null
+++ b/systests/custom/src/test/java/custom/CustomUTValidator.java
@@ -0,0 +1,76 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package custom;
+
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPMessage;
+
+import org.w3c.dom.Element;
+
+import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
+import org.apache.cxf.binding.soap.saaj.SAAJUtils;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.XMLUtils;
+import org.apache.wss4j.dom.handler.RequestData;
+import org.apache.wss4j.dom.validate.Credential;
+import org.apache.wss4j.dom.validate.UsernameTokenValidator;
+import org.apache.wss4j.dom.validate.Validator;
+
+/**
+ * A Validator that checks for a custom "realm" parameter in the RST request and only allows 
+ * authentication if the value is equal to "custom-realm".
+ */
+public class CustomUTValidator implements Validator {
+
+    public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
+        if (credential == null || credential.getUsernametoken() == null) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential");
+        }
+        
+        // Need to use SAAJ to get the SOAP Body as we are just using the UsernameTokenInterceptor
+        SOAPMessage soapMessage = getSOAPMessage((SoapMessage)data.getMsgContext());
+        try {
+            Element soapBody = SAAJUtils.getBody(soapMessage);
+        
+            if (soapBody != null) {
+                // Find custom Element in the SOAP Body
+                Element realm = XMLUtils.findElement(soapBody, "realm", "http://cxf.apache.org/custom");
+                if (realm != null) {
+                    String realmStr = realm.getTextContent();
+                    if ("custom-realm".equals(realmStr)) {
+        
+                        UsernameTokenValidator validator = new UsernameTokenValidator();
+                        return validator.validate(credential, data);
+                    }
+                }
+            }
+        } catch (SOAPException ex) {
+            // ignore
+        }
+        
+        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential");
+    }
+
+    private SOAPMessage getSOAPMessage(SoapMessage msg) {
+        SAAJInInterceptor.INSTANCE.handleMessage(msg);
+        return msg.getContent(SOAPMessage.class);
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/custom/src/test/java/org/apache/cxf/fediz/systests/custom/CustomParametersTest.java
----------------------------------------------------------------------
diff --git a/systests/custom/src/test/java/org/apache/cxf/fediz/systests/custom/CustomParametersTest.java b/systests/custom/src/test/java/org/apache/cxf/fediz/systests/custom/CustomParametersTest.java
new file mode 100644
index 0000000..9a33dc7
--- /dev/null
+++ b/systests/custom/src/test/java/org/apache/cxf/fediz/systests/custom/CustomParametersTest.java
@@ -0,0 +1,208 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.systests.custom;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.URLEncoder;
+
+import javax.servlet.ServletException;
+
+import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
+import com.gargoylesoftware.htmlunit.WebClient;
+import com.gargoylesoftware.htmlunit.html.DomElement;
+import com.gargoylesoftware.htmlunit.html.DomNodeList;
+import com.gargoylesoftware.htmlunit.html.HtmlPage;
+
+import org.apache.catalina.LifecycleException;
+import org.apache.catalina.LifecycleState;
+import org.apache.catalina.connector.Connector;
+import org.apache.catalina.startup.Tomcat;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.wss4j.dom.engine.WSSConfig;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+
+/**
+ * Some tests invoking directly on the IdP and sending custom parameters
+ */
+public class CustomParametersTest {
+
+    static String idpHttpsPort;
+    static String rpHttpsPort;
+
+    private static Tomcat idpServer;
+
+    @BeforeClass
+    public static void init() throws Exception {
+        System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.SimpleLog");
+        System.setProperty("org.apache.commons.logging.simplelog.showdatetime", "true");
+        System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire", "info");
+        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient", "info");
+        System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.webflow", "info");
+        System.setProperty("org.apache.commons.logging.simplelog.log.org.springframework.security.web", "info");
+        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf.fediz", "info");
+        System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.cxf", "info");
+
+        idpHttpsPort = System.getProperty("idp.https.port");
+        Assert.assertNotNull("Property 'idp.https.port' null", idpHttpsPort);
+        rpHttpsPort = System.getProperty("rp.https.port");
+        Assert.assertNotNull("Property 'rp.https.port' null", rpHttpsPort);
+
+        idpServer = startServer(true, idpHttpsPort);
+
+        WSSConfig.init();
+    }
+
+    private static Tomcat startServer(boolean idp, String port) 
+        throws ServletException, LifecycleException, IOException {
+        Tomcat server = new Tomcat();
+        server.setPort(0);
+        String currentDir = new File(".").getCanonicalPath();
+        String baseDir = currentDir + File.separator + "target";
+        server.setBaseDir(baseDir);
+
+        server.getHost().setAppBase("tomcat/idp/webapps");
+        server.getHost().setAutoDeploy(true);
+        server.getHost().setDeployOnStartup(true);
+
+        Connector httpsConnector = new Connector();
+        httpsConnector.setPort(Integer.parseInt(port));
+        httpsConnector.setSecure(true);
+        httpsConnector.setScheme("https");
+        //httpsConnector.setAttribute("keyAlias", keyAlias);
+        httpsConnector.setAttribute("keystorePass", "tompass");
+        httpsConnector.setAttribute("keystoreFile", "test-classes/server.jks");
+        httpsConnector.setAttribute("truststorePass", "tompass");
+        httpsConnector.setAttribute("truststoreFile", "test-classes/server.jks");
+        httpsConnector.setAttribute("clientAuth", "want");
+        // httpsConnector.setAttribute("clientAuth", "false");
+        httpsConnector.setAttribute("sslProtocol", "TLS");
+        httpsConnector.setAttribute("SSLEnabled", true);
+
+        server.getService().addConnector(httpsConnector);
+
+        File stsWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(), "fediz-idp-sts");
+        server.addWebapp("/fediz-idp-sts", stsWebapp.getAbsolutePath());
+
+        File idpWebapp = new File(baseDir + File.separator + server.getHost().getAppBase(), "fediz-idp");
+        server.addWebapp("/fediz-idp", idpWebapp.getAbsolutePath());
+
+        server.start();
+
+        return server;
+    }
+
+    @AfterClass
+    public static void cleanup() {
+        shutdownServer(idpServer);
+    }
+    
+    private static void shutdownServer(Tomcat server) {
+        try {
+            if (server != null && server.getServer() != null
+                && server.getServer().getState() != LifecycleState.DESTROYED) {
+                if (server.getServer().getState() != LifecycleState.STOPPED) {
+                    server.stop();
+                }
+                server.destroy();
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+
+    public String getIdpHttpsPort() {
+        return idpHttpsPort;
+    }
+
+    public String getRpHttpsPort() {
+        return rpHttpsPort;
+    }
+
+    public String getServletContextName() {
+        return "fedizhelloworld";
+    }
+
+    // Test a custom parameter that gets passed through to the STS
+    @org.junit.Test
+    public void testCustomParameter() throws Exception {
+        String url = "https://localhost:" + getIdpHttpsPort() + "/fediz-idp/federation?";
+        url += "wa=wsignin1.0";
+        url += "&whr=urn:org:apache:cxf:fediz:idp:realm-A";
+        url += "&wtrealm=urn:org:apache:cxf:fediz:fedizhelloworld";
+        String wreply = "https://localhost:" + getRpHttpsPort() + "/" + getServletContextName() + "/secure/fedservlet";
+        url += "&wreply=" + wreply;
+
+        String user = "alice";
+        String password = "ecila";
+
+        // Successful test
+        WebClient webClient = new WebClient();
+        webClient.getOptions().setUseInsecureSSL(true);
+        webClient.getCredentialsProvider().setCredentials(
+            new AuthScope("localhost", Integer.parseInt(getIdpHttpsPort())),
+            new UsernamePasswordCredentials(user, password));
+
+        webClient.getOptions().setJavaScriptEnabled(false);
+        
+        String authUrl = url + "&auth_realm=" 
+            + URLEncoder.encode("<realm xmlns=\"http://cxf.apache.org/custom\">custom-realm</realm>", "UTF-8");
+        HtmlPage idpPage = webClient.getPage(authUrl);
+        webClient.getOptions().setJavaScriptEnabled(true);
+        Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText());
+
+        // Parse the form to get the token (wresult)
+        DomNodeList<DomElement> results = idpPage.getElementsByTagName("input");
+
+        String wresult = null;
+        for (DomElement result : results) {
+            if ("wresult".equals(result.getAttributeNS(null, "name"))) {
+                wresult = result.getAttributeNS(null, "value");
+                break;
+            }
+        }
+
+        Assert.assertNotNull(wresult);
+        
+        webClient.close();
+        
+        // Unsuccessful test
+        webClient = new WebClient();
+        webClient.getOptions().setUseInsecureSSL(true);
+        webClient.getCredentialsProvider().setCredentials(
+            new AuthScope("localhost", Integer.parseInt(getIdpHttpsPort())),
+            new UsernamePasswordCredentials(user, password));
+
+        webClient.getOptions().setJavaScriptEnabled(false);
+        authUrl = url + "&auth_realm=" 
+            + URLEncoder.encode("<realm xmlns=\"http://cxf.apache.org/custom\">unknown-realm</realm>", "UTF-8");
+        try {
+            webClient.getPage(authUrl);
+            Assert.fail("Failure expected on a bad auth_realm value");
+        } catch (FailingHttpStatusCodeException ex) {
+            Assert.assertEquals(ex.getStatusCode(), 401);
+        }
+
+        webClient.close();
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/custom/src/test/resources/file.xml
----------------------------------------------------------------------
diff --git a/systests/custom/src/test/resources/file.xml b/systests/custom/src/test/resources/file.xml
new file mode 100644
index 0000000..d532aee
--- /dev/null
+++ b/systests/custom/src/test/resources/file.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns:util="http://www.springframework.org/schema/util"
+    xmlns:jaxws="http://cxf.apache.org/jaxws"
+    xsi:schemaLocation="
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-4.3.xsd
+        http://cxf.apache.org/jaxws
+        http://cxf.apache.org/schemas/jaxws.xsd">
+
+    <import resource="../data/userClaims.xml" />
+    <import resource="../data/passwords.xml" />
+
+    <bean id="upCallBackHandlerRealmA"
+        class="org.apache.cxf.fediz.service.sts.UsernamePasswordCallbackHandler">
+        <property name="passwords" ref="REALMA" />
+    </bean>
+
+    <bean id="upCallBackHandlerRealmB"
+        class="org.apache.cxf.fediz.service.sts.UsernamePasswordCallbackHandler">
+        <property name="passwords" ref="REALMB" />
+    </bean>
+
+    <jaxws:endpoint id="transportSTSRealmAUT"
+        implementor="#transportSTSProviderBean" address="/REALMA/STSServiceTransportUT"
+        wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
+        xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+        serviceName="ns1:SecurityTokenService" endpointName="ns1:TransportUT_Port">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value-ref="upCallBackHandlerRealmA" />
+            <entry key="ws-security.ut.validator" value="custom.CustomUTValidator"/>
+        </jaxws:properties>
+    </jaxws:endpoint>
+
+    <jaxws:endpoint id="transportSTSRealmBUT"
+        implementor="#transportSTSProviderBean" address="/REALMB/STSServiceTransportUT"
+        wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
+        xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
+        serviceName="ns1:SecurityTokenService" endpointName="ns1:TransportUT_Port">
+        <jaxws:properties>
+            <entry key="ws-security.callback-handler" value-ref="upCallBackHandlerRealmB" />
+        </jaxws:properties>
+    </jaxws:endpoint>
+
+</beans>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/custom/src/test/resources/logging.properties
----------------------------------------------------------------------
diff --git a/systests/custom/src/test/resources/logging.properties b/systests/custom/src/test/resources/logging.properties
new file mode 100644
index 0000000..0d8d902
--- /dev/null
+++ b/systests/custom/src/test/resources/logging.properties
@@ -0,0 +1,54 @@
+############################################################
+#   Default Logging Configuration File
+#
+# You can use a different file by specifying a filename
+# with the java.util.logging.config.file system property.  
+# For example java -Djava.util.logging.config.file=myfile
+############################################################
+
+############################################################
+#   Global properties
+############################################################
+
+# "handlers" specifies a comma separated list of log Handler 
+# classes.  These handlers will be installed during VM startup.
+# Note that these classes must be on the system classpath.
+# By default we only configure a ConsoleHandler, which will only
+# show messages at the WARNING and above levels.
+#handlers= java.util.logging.ConsoleHandler
+#handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler
+
+# Default global logging level.
+# This specifies which kinds of events are logged across
+# all loggers.  For any given facility this global level
+# can be overridden by a facility specific level
+# Note that the ConsoleHandler also has a separate level
+# setting to limit messages printed to the console.
+.level= INFO
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+
+# default file output is in user's home directory.
+java.util.logging.FileHandler.pattern = %h/java%u.log
+java.util.logging.FileHandler.limit = 50000
+java.util.logging.FileHandler.count = 1
+java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
+
+# Limit the message that are printed on the console to WARNING and above.
+java.util.logging.ConsoleHandler.level = WARNING
+java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
+
+
+############################################################
+# Facility specific properties.
+# Provides extra control for each logger.
+############################################################
+
+# For example, set the com.xyz.foo logger to only log SEVERE
+# messages:
+#com.xyz.foo.level = SEVERE
+org.apache.ws.security.level = FINEST
+org.apache.cxf.fediz.level = FINEST

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/custom/src/test/resources/realma/security-up-config.xml
----------------------------------------------------------------------
diff --git a/systests/custom/src/test/resources/realma/security-up-config.xml b/systests/custom/src/test/resources/realma/security-up-config.xml
new file mode 100644
index 0000000..5227fd2
--- /dev/null
+++ b/systests/custom/src/test/resources/realma/security-up-config.xml
@@ -0,0 +1,98 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+ 
+  http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns:security="http://www.springframework.org/schema/security"
+    xmlns:context="http://www.springframework.org/schema/context"
+    xmlns:util="http://www.springframework.org/schema/util"
+    xsi:schemaLocation="
+        http://www.springframework.org/schema/beans
+        http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+        http://www.springframework.org/schema/context
+        http://www.springframework.org/schema/context/spring-context-4.3.xsd
+        http://www.springframework.org/schema/security
+        http://www.springframework.org/schema/security/spring-security-3.2.xsd
+        http://www.springframework.org/schema/util
+        http://www.springframework.org/schema/util/spring-util-4.3.xsd
+        ">
+
+    <!-- DISABLE in production as it might log confidential information about the user -->
+    <!-- <security:debug /> -->
+    
+    <bean id="requestContextFilter" class="org.springframework.web.filter.RequestContextFilter"/>
+    
+    <!-- HTTP/BA entry point for WS-Federation -->
+    <security:http pattern="/federation/up/**" use-expressions="true">
+		<security:intercept-url requires-channel="https" pattern="/federation/up/login*" access="isAnonymous() or isAuthenticated()" />
+        <security:custom-filter after="CHANNEL_FILTER" ref="stsUPPortFilter" />
+        <security:custom-filter after="SERVLET_API_SUPPORT_FILTER" ref="entitlementsEnricher" />
+        <security:custom-filter before="BASIC_AUTH_FILTER" ref="requestContextFilter"/>
+
+        <security:http-basic />
+	<!--security:form-login login-page='/federation/up/login'
+		login-processing-url="/federation/up/login.do"
+		authentication-failure-url="/federation/up/login?error" 
+		default-target-url="/"
+		username-parameter="username" 
+		password-parameter="password"
+	/-->
+	<security:logout logout-url="/federation/up/logout" 
+		logout-success-url="/federation/up/login?out" 
+		delete-cookies="FEDIZ_HOME_REALM,JSESSIONID" 
+		invalidate-session="true" 
+	/>
+    </security:http>
+    
+    <!-- HTTP/BA entry point for SAML SSO -->
+    <security:http pattern="/saml/up/**" use-expressions="true">
+		<security:intercept-url requires-channel="https" pattern="/saml/up/login*" access="isAnonymous() or isAuthenticated()" />
+        <security:custom-filter after="CHANNEL_FILTER" ref="stsUPPortFilter" />
+        <security:custom-filter after="SERVLET_API_SUPPORT_FILTER" ref="entitlementsEnricher" />
+
+        <security:http-basic />
+	<!--security:form-login login-page='/federation/up/login'
+		login-processing-url="/federation/up/login.do"
+		authentication-failure-url="/federation/up/login?error" 
+		default-target-url="/"
+		username-parameter="username" 
+		password-parameter="password"
+	/-->
+	<security:logout logout-url="/saml/up/logout" 
+		logout-success-url="/saml/up/login?out" 
+		delete-cookies="FEDIZ_HOME_REALM,JSESSIONID" 
+		invalidate-session="true" 
+	/>
+    </security:http>
+    
+    <bean id="stsUPPortFilter" class="org.apache.cxf.fediz.service.idp.STSPortFilter">
+        <property name="authenticationProvider" ref="stsUPAuthProvider" />
+    </bean>
+    
+    <!-- U/P Authentication Provider -->
+    <bean id="stsUPAuthProvider" class="org.apache.cxf.fediz.service.idp.STSUPAuthenticationProvider">
+        <property name="wsdlLocation" value="https://localhost:0/fediz-idp-sts/${realm.STS_URI}/STSServiceTransportUT?wsdl" />
+        <property name="wsdlEndpoint" value="TransportUT_Port" />
+        <property name="wsdlService" value="SecurityTokenService" />
+        <property name="appliesTo" value="urn:fediz:idp" />
+        <property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" />
+        <property name="customSTSParameter" value="auth_realm" />
+    </bean>
+    
+</beans>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/idp/pom.xml
----------------------------------------------------------------------
diff --git a/systests/idp/pom.xml b/systests/idp/pom.xml
index 15e8e58..64ea5e5 100644
--- a/systests/idp/pom.xml
+++ b/systests/idp/pom.xml
@@ -194,63 +194,6 @@
                             </resources>              
                         </configuration>            
                     </execution>
-                    <execution>
-                        <id>copy-customised-spring-sec-to-idp</id>
-                        <phase>generate-test-sources</phase>
-                        <goals>
-                            <goal>copy-resources</goal>
-                        </goals>
-                        <configuration>
-                            <outputDirectory>${basedir}/target/tomcat/idp/webapps/fediz-idp/WEB-INF/config</outputDirectory>
-                            <resources>          
-                                <resource>
-                                    <directory>${basedir}/src/test/resources/realma</directory>
-                                    <includes>
-                                        <include>security-up-config.xml</include>
-                                    </includes>
-                                    <filtering>false</filtering>
-                                </resource>
-                            </resources>              
-                        </configuration>            
-                    </execution>
-                    <execution>
-                        <id>copy-customised-sts-configp</id>
-                        <phase>generate-test-sources</phase>
-                        <goals>
-                            <goal>copy-resources</goal>
-                        </goals>
-                        <configuration>
-                            <outputDirectory>${basedir}/target/tomcat/idp/webapps/fediz-idp-sts/WEB-INF/endpoints</outputDirectory>
-                            <resources>          
-                                <resource>
-                                    <directory>${basedir}/src/test/resources</directory>
-                                    <includes>
-                                        <include>file.xml</include>
-                                    </includes>
-                                    <filtering>false</filtering>
-                                </resource>
-                            </resources>              
-                        </configuration>            
-                    </execution>
-                    <execution>
-                        <id>copy-custom-validator</id>
-                        <phase>process-test-classes</phase>
-                        <goals>
-                            <goal>copy-resources</goal>
-                        </goals>
-                        <configuration>
-                            <outputDirectory>${basedir}/target/tomcat/idp/webapps/fediz-idp-sts/WEB-INF/classes/custom</outputDirectory>
-                            <resources>          
-                                <resource>
-                                    <directory>${basedir}/target/test-classes/custom</directory>
-                                    <includes>
-                                        <include>CustomUTValidator.class</include>
-                                    </includes>
-                                    <filtering>false</filtering>
-                                </resource>
-                            </resources>              
-                        </configuration>            
-                    </execution>
                 </executions>
             </plugin>
             <plugin>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/idp/src/test/java/custom/CustomUTValidator.java
----------------------------------------------------------------------
diff --git a/systests/idp/src/test/java/custom/CustomUTValidator.java b/systests/idp/src/test/java/custom/CustomUTValidator.java
deleted file mode 100644
index a623411..0000000
--- a/systests/idp/src/test/java/custom/CustomUTValidator.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package custom;
-
-import javax.xml.soap.SOAPException;
-import javax.xml.soap.SOAPMessage;
-
-import org.w3c.dom.Element;
-
-import org.apache.cxf.binding.soap.SoapMessage;
-import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
-import org.apache.cxf.binding.soap.saaj.SAAJUtils;
-import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.util.XMLUtils;
-import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.validate.Credential;
-import org.apache.wss4j.dom.validate.UsernameTokenValidator;
-import org.apache.wss4j.dom.validate.Validator;
-
-/**
- * A Validator that checks for a custom "realm" parameter in the RST request and only allows 
- * authentication if the value is equal to "custom-realm".
- */
-public class CustomUTValidator implements Validator {
-
-    public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
-        if (credential == null || credential.getUsernametoken() == null) {
-            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential");
-        }
-        
-        // Need to use SAAJ to get the SOAP Body as we are just using the UsernameTokenInterceptor
-        SOAPMessage soapMessage = getSOAPMessage((SoapMessage)data.getMsgContext());
-        try {
-            Element soapBody = SAAJUtils.getBody(soapMessage);
-        
-            if (soapBody != null) {
-                // Find custom Element in the SOAP Body
-                Element realm = XMLUtils.findElement(soapBody, "realm", "http://cxf.apache.org/custom");
-                if (realm != null) {
-                    String realmStr = realm.getTextContent();
-                    if ("custom-realm".equals(realmStr)) {
-        
-                        UsernameTokenValidator validator = new UsernameTokenValidator();
-                        return validator.validate(credential, data);
-                    }
-                }
-            }
-        } catch (SOAPException ex) {
-            // ignore
-        }
-        
-        throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "noCredential");
-    }
-
-    private SOAPMessage getSOAPMessage(SoapMessage msg) {
-        SAAJInInterceptor.INSTANCE.handleMessage(msg);
-        return msg.getContent(SOAPMessage.class);
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java
----------------------------------------------------------------------
diff --git a/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java b/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java
index 3b05f09..5330c4f 100644
--- a/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java
+++ b/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java
@@ -915,66 +915,4 @@ public class IdpTest {
         webClient.close();
     }
     
-    // Test a custom parameter that gets passed through to the STS
-    @org.junit.Test
-    public void testCustomParameter() throws Exception {
-        String url = "https://localhost:" + getIdpHttpsPort() + "/fediz-idp/federation?";
-        url += "wa=wsignin1.0";
-        url += "&whr=urn:org:apache:cxf:fediz:idp:realm-A";
-        url += "&wtrealm=urn:org:apache:cxf:fediz:fedizhelloworld";
-        String wreply = "https://localhost:" + getRpHttpsPort() + "/" + getServletContextName() + "/secure/fedservlet";
-        url += "&wreply=" + wreply;
-
-        String user = "alice";
-        String password = "ecila";
-
-        // Successful test
-        WebClient webClient = new WebClient();
-        webClient.getOptions().setUseInsecureSSL(true);
-        webClient.getCredentialsProvider().setCredentials(
-            new AuthScope("localhost", Integer.parseInt(getIdpHttpsPort())),
-            new UsernamePasswordCredentials(user, password));
-
-        webClient.getOptions().setJavaScriptEnabled(false);
-        
-        String authUrl = url + "&auth_realm=" 
-            + URLEncoder.encode("<realm xmlns=\"http://cxf.apache.org/custom\">custom-realm</realm>", "UTF-8");
-        HtmlPage idpPage = webClient.getPage(authUrl);
-        webClient.getOptions().setJavaScriptEnabled(true);
-        Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText());
-
-        // Parse the form to get the token (wresult)
-        DomNodeList<DomElement> results = idpPage.getElementsByTagName("input");
-
-        String wresult = null;
-        for (DomElement result : results) {
-            if ("wresult".equals(result.getAttributeNS(null, "name"))) {
-                wresult = result.getAttributeNS(null, "value");
-                break;
-            }
-        }
-
-        Assert.assertNotNull(wresult);
-        
-        webClient.close();
-        
-        // Unsuccessful test
-        webClient = new WebClient();
-        webClient.getOptions().setUseInsecureSSL(true);
-        webClient.getCredentialsProvider().setCredentials(
-            new AuthScope("localhost", Integer.parseInt(getIdpHttpsPort())),
-            new UsernamePasswordCredentials(user, password));
-
-        webClient.getOptions().setJavaScriptEnabled(false);
-        authUrl = url + "&auth_realm=" 
-            + URLEncoder.encode("<realm xmlns=\"http://cxf.apache.org/custom\">unknown-realm</realm>", "UTF-8");
-        try {
-            webClient.getPage(authUrl);
-            Assert.fail("Failure expected on a bad auth_realm value");
-        } catch (FailingHttpStatusCodeException ex) {
-            Assert.assertEquals(ex.getStatusCode(), 401);
-        }
-
-        webClient.close();
-    }
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/idp/src/test/resources/file.xml
----------------------------------------------------------------------
diff --git a/systests/idp/src/test/resources/file.xml b/systests/idp/src/test/resources/file.xml
deleted file mode 100644
index d532aee..0000000
--- a/systests/idp/src/test/resources/file.xml
+++ /dev/null
@@ -1,66 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements. See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership. The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License. You may obtain a copy of the License at
- 
-  http://www.apache.org/licenses/LICENSE-2.0
- 
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied. See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xmlns:util="http://www.springframework.org/schema/util"
-    xmlns:jaxws="http://cxf.apache.org/jaxws"
-    xsi:schemaLocation="
-        http://www.springframework.org/schema/beans
-        http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
-        http://www.springframework.org/schema/util
-        http://www.springframework.org/schema/util/spring-util-4.3.xsd
-        http://cxf.apache.org/jaxws
-        http://cxf.apache.org/schemas/jaxws.xsd">
-
-    <import resource="../data/userClaims.xml" />
-    <import resource="../data/passwords.xml" />
-
-    <bean id="upCallBackHandlerRealmA"
-        class="org.apache.cxf.fediz.service.sts.UsernamePasswordCallbackHandler">
-        <property name="passwords" ref="REALMA" />
-    </bean>
-
-    <bean id="upCallBackHandlerRealmB"
-        class="org.apache.cxf.fediz.service.sts.UsernamePasswordCallbackHandler">
-        <property name="passwords" ref="REALMB" />
-    </bean>
-
-    <jaxws:endpoint id="transportSTSRealmAUT"
-        implementor="#transportSTSProviderBean" address="/REALMA/STSServiceTransportUT"
-        wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
-        xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
-        serviceName="ns1:SecurityTokenService" endpointName="ns1:TransportUT_Port">
-        <jaxws:properties>
-            <entry key="ws-security.callback-handler" value-ref="upCallBackHandlerRealmA" />
-            <entry key="ws-security.ut.validator" value="custom.CustomUTValidator"/>
-        </jaxws:properties>
-    </jaxws:endpoint>
-
-    <jaxws:endpoint id="transportSTSRealmBUT"
-        implementor="#transportSTSProviderBean" address="/REALMB/STSServiceTransportUT"
-        wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl"
-        xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
-        serviceName="ns1:SecurityTokenService" endpointName="ns1:TransportUT_Port">
-        <jaxws:properties>
-            <entry key="ws-security.callback-handler" value-ref="upCallBackHandlerRealmB" />
-        </jaxws:properties>
-    </jaxws:endpoint>
-
-</beans>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/idp/src/test/resources/realma/security-up-config.xml
----------------------------------------------------------------------
diff --git a/systests/idp/src/test/resources/realma/security-up-config.xml b/systests/idp/src/test/resources/realma/security-up-config.xml
deleted file mode 100644
index 5227fd2..0000000
--- a/systests/idp/src/test/resources/realma/security-up-config.xml
+++ /dev/null
@@ -1,98 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements. See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership. The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License. You may obtain a copy of the License at
- 
-  http://www.apache.org/licenses/LICENSE-2.0
- 
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied. See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xmlns:security="http://www.springframework.org/schema/security"
-    xmlns:context="http://www.springframework.org/schema/context"
-    xmlns:util="http://www.springframework.org/schema/util"
-    xsi:schemaLocation="
-        http://www.springframework.org/schema/beans
-        http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
-        http://www.springframework.org/schema/context
-        http://www.springframework.org/schema/context/spring-context-4.3.xsd
-        http://www.springframework.org/schema/security
-        http://www.springframework.org/schema/security/spring-security-3.2.xsd
-        http://www.springframework.org/schema/util
-        http://www.springframework.org/schema/util/spring-util-4.3.xsd
-        ">
-
-    <!-- DISABLE in production as it might log confidential information about the user -->
-    <!-- <security:debug /> -->
-    
-    <bean id="requestContextFilter" class="org.springframework.web.filter.RequestContextFilter"/>
-    
-    <!-- HTTP/BA entry point for WS-Federation -->
-    <security:http pattern="/federation/up/**" use-expressions="true">
-		<security:intercept-url requires-channel="https" pattern="/federation/up/login*" access="isAnonymous() or isAuthenticated()" />
-        <security:custom-filter after="CHANNEL_FILTER" ref="stsUPPortFilter" />
-        <security:custom-filter after="SERVLET_API_SUPPORT_FILTER" ref="entitlementsEnricher" />
-        <security:custom-filter before="BASIC_AUTH_FILTER" ref="requestContextFilter"/>
-
-        <security:http-basic />
-	<!--security:form-login login-page='/federation/up/login'
-		login-processing-url="/federation/up/login.do"
-		authentication-failure-url="/federation/up/login?error" 
-		default-target-url="/"
-		username-parameter="username" 
-		password-parameter="password"
-	/-->
-	<security:logout logout-url="/federation/up/logout" 
-		logout-success-url="/federation/up/login?out" 
-		delete-cookies="FEDIZ_HOME_REALM,JSESSIONID" 
-		invalidate-session="true" 
-	/>
-    </security:http>
-    
-    <!-- HTTP/BA entry point for SAML SSO -->
-    <security:http pattern="/saml/up/**" use-expressions="true">
-		<security:intercept-url requires-channel="https" pattern="/saml/up/login*" access="isAnonymous() or isAuthenticated()" />
-        <security:custom-filter after="CHANNEL_FILTER" ref="stsUPPortFilter" />
-        <security:custom-filter after="SERVLET_API_SUPPORT_FILTER" ref="entitlementsEnricher" />
-
-        <security:http-basic />
-	<!--security:form-login login-page='/federation/up/login'
-		login-processing-url="/federation/up/login.do"
-		authentication-failure-url="/federation/up/login?error" 
-		default-target-url="/"
-		username-parameter="username" 
-		password-parameter="password"
-	/-->
-	<security:logout logout-url="/saml/up/logout" 
-		logout-success-url="/saml/up/login?out" 
-		delete-cookies="FEDIZ_HOME_REALM,JSESSIONID" 
-		invalidate-session="true" 
-	/>
-    </security:http>
-    
-    <bean id="stsUPPortFilter" class="org.apache.cxf.fediz.service.idp.STSPortFilter">
-        <property name="authenticationProvider" ref="stsUPAuthProvider" />
-    </bean>
-    
-    <!-- U/P Authentication Provider -->
-    <bean id="stsUPAuthProvider" class="org.apache.cxf.fediz.service.idp.STSUPAuthenticationProvider">
-        <property name="wsdlLocation" value="https://localhost:0/fediz-idp-sts/${realm.STS_URI}/STSServiceTransportUT?wsdl" />
-        <property name="wsdlEndpoint" value="TransportUT_Port" />
-        <property name="wsdlService" value="SecurityTokenService" />
-        <property name="appliesTo" value="urn:fediz:idp" />
-        <property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" />
-        <property name="customSTSParameter" value="auth_realm" />
-    </bean>
-    
-</beans>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/83746b8c/systests/pom.xml
----------------------------------------------------------------------
diff --git a/systests/pom.xml b/systests/pom.xml
index bda108c..e3d651e 100644
--- a/systests/pom.xml
+++ b/systests/pom.xml
@@ -33,6 +33,7 @@
    <modules>
       <module>tests</module>
       <module>idp</module>
+      <module>custom</module>
       <module>webapps</module>
       <module>jetty8</module>
       <module>jetty9</module>


Mime
View raw message