cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: svn commit: r1291166 - in /cxf/trunk: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/ r
Date Mon, 20 Feb 2012 10:06:06 GMT
Hi Freeman,

I'm -1 to the way you are configuring this patch. WSS10 and WSS11 are
standard policies defined in the WS-SP 1.3 spec, and so it's not a
good idea to add a custom policy for these.

The best way to configure it is to define a (boolean) tag in
SecurityConstants so that it can be set as a JAX-WS property.

Colm.

On Mon, Feb 20, 2012 at 9:51 AM,  <ffang@apache.org> wrote:
> Author: ffang
> Date: Mon Feb 20 09:51:20 2012
> New Revision: 1291166
>
> URL: http://svn.apache.org/viewvc?rev=1291166&view=rev
> Log:
> [CXF-4119]support Certificates revocation check before encrypt when use CXF WS-SecurityPolicy
>
> Added:
>    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties
>    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks
  (with props)
>    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem
>    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks
  (with props)
> Modified:
>    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
>    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java
>    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java
>    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java
>    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java
>    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
>    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java
>    cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
>    cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl
>
> Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
> URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java?rev=1291166&r1=1291165&r2=1291166&view=diff
> ==============================================================================
> --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
(original)
> +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SPConstants.java
Mon Feb 20 09:51:20 2012
> @@ -386,6 +386,8 @@ public abstract class SPConstants {
>
>     public static final String MUST_SUPPORT_ISSUED_TOKENS = "MustSupportIssuedTokens";
>
> +    public static final String ENABLE_REVOCATION = "EnableRevocation";
> +
>     public static final String REQUIRE_REQUEST_SECURITY_TOKEN_COLLECTION
>         = "RequireRequestSecurityTokenCollection";
>
>
> Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java
> URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java?rev=1291166&r1=1291165&r2=1291166&view=diff
> ==============================================================================
> --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java
(original)
> +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS10Builder.java
Mon Feb 20 09:51:20 2012
> @@ -65,6 +65,8 @@ public class WSS10Builder implements Ass
>                     parent.setMustSupportRefExternalURI(true);
>                 } else if (SPConstants.MUST_SUPPORT_REF_EMBEDDED_TOKEN.equals(name))
{
>                     parent.setMustSupportRefEmbeddedToken(true);
> +                } else if (SPConstants.ENABLE_REVOCATION.equals(name)) {
> +                    parent.setEnableRevocation(true);
>                 }
>                 child = DOMUtils.getNextElement(child);
>             }
>
> Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java
> URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java?rev=1291166&r1=1291165&r2=1291166&view=diff
> ==============================================================================
> --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java
(original)
> +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/WSS11Builder.java
Mon Feb 20 09:51:20 2012
> @@ -75,6 +75,8 @@ public class WSS11Builder implements Ass
>
>                 } else if (SPConstants.REQUIRE_SIGNATURE_CONFIRMATION.equals(name))
{
>                     parent.setRequireSignatureConfirmation(true);
> +                } else if (SPConstants.ENABLE_REVOCATION.equals(name)) {
> +                    parent.setEnableRevocation(true);
>                 }
>                 child = DOMUtils.getNextElement(child);
>             }
>
> Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java
> URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java?rev=1291166&r1=1291165&r2=1291166&view=diff
> ==============================================================================
> --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java
(original)
> +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss10.java
Mon Feb 20 09:51:20 2012
> @@ -31,6 +31,7 @@ public class Wss10 extends AbstractSecur
>     private boolean mustSupportRefIssuerSerial;
>     private boolean mustSupportRefExternalURI;
>     private boolean mustSupportRefEmbeddedToken;
> +    private boolean enableRevocation;
>
>     public Wss10(SPConstants version) {
>         super(version);
> @@ -91,6 +92,20 @@ public class Wss10 extends AbstractSecur
>     public void setMustSupportRefKeyIdentifier(boolean mustSupportRefKeyIdentifier)
{
>         this.mustSupportRefKeyIdentifier = mustSupportRefKeyIdentifier;
>     }
> +
> +    /**
> +     * @return Returns the enableRevocation.
> +     */
> +    public boolean isEnableRevocation() {
> +        return enableRevocation;
> +    }
> +
> +    /**
> +     * @param enableRevocation The enableRevocation to set.
> +     */
> +    public void setEnableRevocation(boolean enableRevocation) {
> +        this.enableRevocation = enableRevocation;
> +    }
>
>     public QName getRealName() {
>         return constants.getWSS10();
> @@ -150,6 +165,13 @@ public class Wss10 extends AbstractSecur
>             writer.writeEndElement();
>
>         }
> +
> +        if (isEnableRevocation()) {
> +            // <sp:EnableRevocation />
> +            writer.writeStartElement(prefix, SPConstants.ENABLE_REVOCATION, namespaceURI);
> +            writer.writeEndElement();
> +
> +        }
>
>         // </wsp:Policy>
>         writer.writeEndElement();
>
> Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java
> URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java?rev=1291166&r1=1291165&r2=1291166&view=diff
> ==============================================================================
> --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java
(original)
> +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/model/Wss11.java
Mon Feb 20 09:51:20 2012
> @@ -151,6 +151,13 @@ public class Wss11 extends Wss10 {
>             writer.writeStartElement(prefix, SPConstants.REQUIRE_SIGNATURE_CONFIRMATION,
namespaceURI);
>             writer.writeEndElement();
>         }
> +
> +        if (isEnableRevocation()) {
> +            // <sp:EnableRevocation />
> +            writer.writeStartElement(prefix, SPConstants.ENABLE_REVOCATION, namespaceURI);
> +            writer.writeEndElement();
> +
> +        }
>
>         // </wsp:Policy>
>         writer.writeEndElement();
>
> Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
> URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1291166&r1=1291165&r2=1291166&view=diff
> ==============================================================================
> --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
(original)
> +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
Mon Feb 20 09:51:20 2012
> @@ -108,6 +108,7 @@ import org.apache.ws.security.WSSecurity
>  import org.apache.ws.security.WSUsernameTokenPrincipal;
>  import org.apache.ws.security.components.crypto.Crypto;
>  import org.apache.ws.security.components.crypto.CryptoFactory;
> +import org.apache.ws.security.components.crypto.CryptoType;
>  import org.apache.ws.security.conversation.ConversationConstants;
>  import org.apache.ws.security.conversation.ConversationException;
>  import org.apache.ws.security.handler.WSHandlerConstants;
> @@ -1371,9 +1372,28 @@ public abstract class AbstractBindingBui
>
>
>     public Crypto getEncryptionCrypto(TokenWrapper wrapper) throws WSSecurityException
{
> -        return getCrypto(wrapper,
> -                         SecurityConstants.ENCRYPT_CRYPTO,
> -                         SecurityConstants.ENCRYPT_PROPERTIES);
> +        Crypto crypto = getCrypto(wrapper, SecurityConstants.ENCRYPT_CRYPTO,
> +                                  SecurityConstants.ENCRYPT_PROPERTIES);
> +        Wss10 wss10 = getWss10();
> +        boolean enableRevocation = wss10.isEnableRevocation();
> +        if (enableRevocation && crypto != null) {
> +            CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
> +            String encrUser = (String)message.getContextualProperty(SecurityConstants.ENCRYPT_USERNAME);
> +            if (crypto != null && encrUser == null) {
> +                try {
> +                    encrUser = crypto.getDefaultX509Identifier();
> +                } catch (WSSecurityException e1) {
> +                    throw new Fault(e1);
> +                }
> +            }
> +            cryptoType.setAlias(encrUser);
> +            X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
> +            if (certs != null && certs.length > 0) {
> +                crypto.verifyTrust(certs, enableRevocation);
> +            }
> +        }
> +        return crypto;
> +
>     }
>
>     public Crypto getCrypto(
>
> Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java
> URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java?rev=1291166&r1=1291165&r2=1291166&view=diff
> ==============================================================================
> --- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java
(original)
> +++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/KeystorePasswordCallback.java
Mon Feb 20 09:51:20 2012
> @@ -39,6 +39,7 @@ public class KeystorePasswordCallback im
>     public KeystorePasswordCallback() {
>         passwords.put("alice", "password");
>         passwords.put("bob", "password");
> +        passwords.put("wss40rev", "security");
>     }
>
>     /**
>
> Modified: cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
> URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java?rev=1291166&r1=1291165&r2=1291166&view=diff
> ==============================================================================
> --- cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
(original)
> +++ cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/SecurityPolicyTest.java
Mon Feb 20 09:51:20 2012
> @@ -489,4 +489,42 @@ public class SecurityPolicyTest extends
>         di.setNumberToDouble(5);
>         assertEquals(10, pt.doubleIt(di, 1).getDoubledNumber());
>     }
> +
> +    @Test
> +    public void testCXF4119() throws Exception {
> +        SpringBusFactory bf = new SpringBusFactory();
> +
> +        Bus bus = bf.createBus();
> +        SpringBusFactory.setDefaultBus(bus);
> +        SpringBusFactory.setThreadDefaultBus(bus);
> +
> +        URL wsdl = SecurityPolicyTest.class.getResource("DoubleIt.wsdl");
> +        Service service = Service.create(wsdl, SERVICE_QNAME);
> +
> +        DoubleItPortTypeHeader pt;
> +
> +        QName portQName = new QName(NAMESPACE, "DoubleItPortCXF4119");
> +        pt = service.getPort(portQName, DoubleItPortTypeHeader.class);
> +
> +        updateAddressPort(pt, PORT);
> +        ((BindingProvider)pt).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER,
> +                                                      new
KeystorePasswordCallback());
> +        ((BindingProvider)pt).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,
> +                                                      getClass().getResource("alice.properties"));
> +        ((BindingProvider)pt).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES,
> +                                                      getClass().getResource("revocation.properties"));
> +
> +        DoubleIt di = new DoubleIt();
> +        di.setNumberToDouble(5);
> +        try {
> +            pt.doubleIt(di, 1);
> +            fail("Failure expected on a revoked certificate");
> +        } catch (Exception ex) {
> +            String errorMessage = ex.getMessage();
> +            // Different errors using different JDKs...
> +            assertTrue(errorMessage.contains("Certificate has been revoked")
> +                       || errorMessage.contains("Certificate revocation")
> +                       || errorMessage.contains("Error during certificate
path validation"));
> +        }
> +    }
>  }
>
> Modified: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl
> URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl?rev=1291166&r1=1291165&r2=1291166&view=diff
> ==============================================================================
> --- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl
(original)
> +++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/DoubleIt.wsdl
Mon Feb 20 09:51:20 2012
> @@ -205,6 +205,24 @@
>             </wsdl:fault>
>         </wsdl:operation>
>     </wsdl:binding>
> +    <wsdl:binding name="DoubleItBindingCXF4119" type="tns:DoubleItPortType">
> +        <wsp:PolicyReference URI="#CXF4119" />
> +        <soap:binding style="document"
> +          transport="http://schemas.xmlsoap.org/soap/http" />
> +        <wsdl:operation name="DoubleIt">
> +            <soap:operation soapAction="" />
> +            <wsdl:input>
> +                <soap:body use="literal" />
> +            </wsdl:input>
> +            <wsdl:output>
> +                <soap:body use="literal" />
> +            </wsdl:output>
> +            <wsdl:fault name="DoubleItFault">
> +                <soap:body use="literal" name="DoubleItFault" />
> +            </wsdl:fault>
> +        </wsdl:operation>
> +    </wsdl:binding>
> +
>
>
>     <wsdl:service name="DoubleItService">
> @@ -241,6 +259,9 @@
>         <wsdl:port name="DoubleItPortCXF3452" binding="tns:DoubleItBindingCXF3452">
>             <soap:address location="http://localhost:9010/SecPolTestCXF3452"
/>
>         </wsdl:port>
> +        <wsdl:port name="DoubleItPortCXF4119" binding="tns:DoubleItBindingCXF4119">
> +            <soap:address location="http://localhost:9010/SecPolTestCXF4119"
/>
> +        </wsdl:port>
>     </wsdl:service>
>
>     <wsp:Policy wsu:Id="DoubleItBindingPolicy">
> @@ -785,5 +806,63 @@
>             <sp:Header Namespace="http://cxf.apache.org/policytest/DoubleIt"/>
>         </sp:SignedParts>
>     </wsp:Policy>
> -
> +    <wsp:Policy wsu:Id="CXF4119">
> +        <wsp:ExactlyOne>
> +            <wsp:All>
> +                <sp:AsymmetricBinding
> +                  xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> +                    <wsp:Policy>
> +                        <sp:InitiatorToken>
> +                            <wsp:Policy>
> +                                <sp:X509Token
> +                                  sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> +                                    <wsp:Policy>
> +                                        <sp:WssX509V1Token11
/>
> +                                    </wsp:Policy>
> +                                </sp:X509Token>
> +                            </wsp:Policy>
> +                        </sp:InitiatorToken>
> +                        <sp:RecipientToken>
> +                            <wsp:Policy>
> +                                <sp:X509Token
> +                                  sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> +                                    <wsp:Policy>
> +                                        <sp:WssX509V1Token11
/>
> +                                    </wsp:Policy>
> +                                </sp:X509Token>
> +                            </wsp:Policy>
> +                        </sp:RecipientToken>
> +                        <sp:AlgorithmSuite>
> +                            <wsp:Policy>
> +                                <sp:TripleDesRsa15 />
> +                            </wsp:Policy>
> +                        </sp:AlgorithmSuite>
> +                        <sp:Layout>
> +                            <wsp:Policy>
> +                                <sp:Lax />
> +                            </wsp:Policy>
> +                        </sp:Layout>
> +                        <sp:IncludeTimestamp />
> +                        <sp:EncryptSignature />
> +                        <sp:OnlySignEntireHeadersAndBody />
> +                        <sp:EncryptBeforeSigning />
> +                    </wsp:Policy>
> +                </sp:AsymmetricBinding>
> +                <sp:SignedParts
> +                  xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> +                    <sp:Body />
> +                </sp:SignedParts>
> +                <sp:EncryptedParts
> +                  xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> +                    <sp:Body />
> +                </sp:EncryptedParts>
> +                <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> +                    <wsp:Policy>
> +                        <sp:MustSupportRefIssuerSerial />
> +                        <sp:EnableRevocation/>
> +                    </wsp:Policy>
> +                </sp:Wss10>
> +            </wsp:All>
> +        </wsp:ExactlyOne>
> +    </wsp:Policy>
>  </wsdl:definitions>
>
> Added: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties
> URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties?rev=1291166&view=auto
> ==============================================================================
> --- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties
(added)
> +++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/revocation.properties
Mon Feb 20 09:51:20 2012
> @@ -0,0 +1,26 @@
> +#
> +#    Licensed to the Apache Software Foundation (ASF) under one
> +#    or more contributor license agreements. See the NOTICE file
> +#    distributed with this work for additional information
> +#    regarding copyright ownership. The ASF licenses this file
> +#    to you under the Apache License, Version 2.0 (the
> +#    "License"); you may not use this file except in compliance
> +#    with the License. You may obtain a copy of the License at
> +#
> +#    http://www.apache.org/licenses/LICENSE-2.0
> +#
> +#    Unless required by applicable law or agreed to in writing,
> +#    software distributed under the License is distributed on an
> +#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> +#    KIND, either express or implied. See the License for the
> +#    specific language governing permissions and limitations
> +#    under the License.
> +#
> +org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> +org.apache.ws.security.crypto.merlin.keystore.type=jks
> +org.apache.ws.security.crypto.merlin.keystore.password=security
> +org.apache.ws.security.crypto.merlin.keystore.alias=wss40rev
> +org.apache.ws.security.crypto.merlin.keystore.file=org/apache/cxf/systest/ws/security/wss40rev.jks
> +org.apache.ws.security.crypto.merlin.truststore.password=security
> +org.apache.ws.security.crypto.merlin.truststore.file=org/apache/cxf/systest/ws/security/wss40CA.jks
> +org.apache.ws.security.crypto.merlin.x509crl.file=org/apache/cxf/systest/ws/security/wss40CACRL.pem
>
> Added: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks
> URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks?rev=1291166&view=auto
> ==============================================================================
> Binary file - no diff available.
>
> Propchange: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CA.jks
> ------------------------------------------------------------------------------
>    svn:mime-type = application/octet-stream
>
> Added: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem
> URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem?rev=1291166&view=auto
> ==============================================================================
> --- cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem
(added)
> +++ cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40CACRL.pem
Mon Feb 20 09:51:20 2012
> @@ -0,0 +1,9 @@
> +-----BEGIN X509 CRL-----
> +MIIBQTCBqzANBgkqhkiG9w0BAQQFADBmMQswCQYDVQQGEwJERTEPMA0GA1UECBMG
> +QmF5ZXJuMQ8wDQYDVQQHEwZNdW5pY2gxDTALBgNVBAoTBEhvbWUxFTATBgNVBAsT
> +DEFwYWNoZSBXU1M0SjEPMA0GA1UEAxMGV2VybmVyFw0xMTA1MzAxMTU0MzFaFw0y
> +MTA1MjcxMTU0MzFaMBQwEgIBGRcNMTEwNTMwMTE1MzU3WjANBgkqhkiG9w0BAQQF
> +AAOBgQB0fgOhsp2l0wL/TYiXJqXuKbkhmzQv8LFXmKKCpLSVktrXvVNCBAM9TWVJ
> +35SrZ9eqjoI1sQPsbWSDp+QSieasQf9VgC3P4SFhki6ZupeXqrFgdbzOsXEm0FIR
> +uY1WJGFrF0Co/YUM00ee8jy89jX2rDCgmonKHrKBf7CkD+R2bw==
> +-----END X509 CRL-----
>
> Added: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks
> URL: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks?rev=1291166&view=auto
> ==============================================================================
> Binary file - no diff available.
>
> Propchange: cxf/trunk/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/security/wss40rev.jks
> ------------------------------------------------------------------------------
>    svn:mime-type = application/octet-stream
>
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
View raw message