Author: sergeyb
Date: Tue Aug 16 08:56:49 2011
New Revision: 1158157
URL: http://svn.apache.org/viewvc?rev=1158157&view=rev
Log:
[CXF-3587] Adding a test for SAML token included in the form request
Added:
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java
(with props)
Modified:
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlOutInterceptor.java
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlHeaderOutInterceptor.java
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/server.xml
Modified:
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java?rev=1158157&r1=1158156&r2=1158157&view=diff
==============================================================================
---
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
(original)
+++
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
Tue Aug 16 08:56:49 2011
@@ -77,17 +77,20 @@ public final class FormUtils {
if (!StringUtils.isEmpty(postBody)) {
List<String> parts = Arrays.asList(postBody.split("&"));
for (String part : parts) {
- String[] keyValue = part.split("=");
- // Change to add blank string if key but not value is specified
+ String[] keyValue = new String[2];
+ int index = part.indexOf("=");
+ if (index != -1) {
+ keyValue[0] = part.substring(0, index);
+ keyValue[1] = index + 1 < part.length() ?
part.substring(index + 1) : "";
+ } else {
+ keyValue[0] = part;
+ keyValue[1] = "";
+ }
String name = HttpUtils.urlDecode(keyValue[0]);
- if (keyValue.length == 2) {
- if (decode) {
- params.add(name, HttpUtils.urlDecode(keyValue[1]));
- } else {
- params.add(name, keyValue[1]);
- }
+ if (decode) {
+ params.add(name, HttpUtils.urlDecode(keyValue[1]));
} else {
- params.add(name, "");
+ params.add(name, keyValue[1]);
}
}
} else if (request != null) {
Modified:
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlOutInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlOutInterceptor.java?rev=1158157&r1=1158156&r2=1158157&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlOutInterceptor.java
(original)
+++
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlOutInterceptor.java
Tue Aug 16 08:56:49 2011
@@ -20,11 +20,14 @@ package org.apache.cxf.rs.security.saml;
import java.io.PrintWriter;
import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
import java.util.logging.Logger;
import javax.security.auth.callback.CallbackHandler;
import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.util.Base64Exception;
+import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
@@ -35,6 +38,7 @@ import org.apache.cxf.rs.security.common
import org.apache.cxf.rs.security.common.SecurityUtils;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.ws.security.WSPasswordCallback;
+import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.saml.ext.AssertionWrapper;
import org.apache.ws.security.saml.ext.SAMLParms;
@@ -43,10 +47,19 @@ public abstract class AbstractSamlOutInt
private static final Logger LOG =
LogUtils.getL7dLogger(AbstractSamlOutInterceptor.class);
+ static {
+ WSSConfig.init();
+ }
+
+ private boolean useDeflateEncoding = true;
+
protected AbstractSamlOutInterceptor() {
- super(Phase.PRE_MARSHAL);
+ super(Phase.WRITE);
}
+ public void setUseDeflateEncoding(boolean deflate) {
+ useDeflateEncoding = deflate;
+ }
protected AssertionWrapper createAssertion(Message message) throws Fault {
CallbackHandler handler = SecurityUtils.getCallbackHandler(
@@ -86,5 +99,18 @@ public abstract class AbstractSamlOutInt
}
-
+ protected String encodeToken(String assertion) throws Base64Exception {
+ byte[] tokenBytes = null;
+ try {
+ tokenBytes = assertion.getBytes("UTF-8");
+ } catch (UnsupportedEncodingException ex) {
+ // won't happen
+ }
+ if (useDeflateEncoding) {
+ tokenBytes = new DeflateEncoderDecoder().deflateToken(tokenBytes);
+ }
+ StringWriter writer = new StringWriter();
+ Base64Utility.encode(tokenBytes, 0, tokenBytes.length, writer);
+ return writer.toString();
+ }
}
Added:
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java?rev=1158157&view=auto
==============================================================================
---
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java
(added)
+++
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java
Tue Aug 16 08:56:49 2011
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.saml;
+
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.util.logging.Logger;
+
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.jaxrs.ext.form.Form;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageContentsList;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
+
+public class SamlFormOutInterceptor extends AbstractSamlOutInterceptor {
+ private static final Logger LOG =
+ LogUtils.getL7dLogger(SamlFormOutInterceptor.class);
+ private static final String SAML_ELEMENT = "SAMLToken";
+
+ public void handleMessage(Message message) throws Fault {
+ Form form = getRequestForm(message);
+ if (form == null) {
+ return;
+ }
+ AssertionWrapper assertionWrapper = createAssertion(message);
+ try {
+
+ String encodedToken =
encodeToken(assertionWrapper.assertionToString());
+
+ form.set(SAML_ELEMENT, encodedToken);
+ } catch (Exception ex) {
+ StringWriter sw = new StringWriter();
+ ex.printStackTrace(new PrintWriter(sw));
+ LOG.warning(sw.toString());
+ throw new Fault(new RuntimeException(ex.getMessage() + ",
stacktrace: " + sw.toString()));
+ }
+
+ }
+
+ @SuppressWarnings("unchecked")
+ private Form getRequestForm(Message message) {
+ Object ct = message.get(Message.CONTENT_TYPE);
+ if (ct == null ||
!MediaType.APPLICATION_FORM_URLENCODED.equalsIgnoreCase(ct.toString())) {
+ return null;
+ }
+ MessageContentsList objs =
MessageContentsList.getContentsList(message);
+ if (objs != null && objs.size() == 1) {
+ Object obj = objs.get(0);
+ if (obj instanceof Form) {
+ return (Form)obj;
+ } else if (obj instanceof MultivaluedMap) {
+ return new Form((MultivaluedMap)obj);
+ }
+ }
+ return null;
+ }
+}
Propchange:
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified:
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlHeaderOutInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlHeaderOutInterceptor.java?rev=1158157&r1=1158156&r2=1158157&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlHeaderOutInterceptor.java
(original)
+++
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlHeaderOutInterceptor.java
Tue Aug 16 08:56:49 2011
@@ -20,7 +20,6 @@ package org.apache.cxf.rs.security.saml;
import java.io.PrintWriter;
import java.io.StringWriter;
-import java.io.UnsupportedEncodingException;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
@@ -28,33 +27,15 @@ import java.util.Map;
import java.util.logging.Logger;
import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.Base64Exception;
-import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
-import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.saml.ext.AssertionWrapper;
-import org.apache.ws.security.saml.ext.OpenSAMLUtil;
public class SamlHeaderOutInterceptor extends AbstractSamlOutInterceptor {
private static final Logger LOG =
LogUtils.getL7dLogger(SamlHeaderOutInterceptor.class);
- static {
- WSSConfig.init();
- OpenSAMLUtil.initSamlEngine();
- }
-
- private boolean useDeflateEncoding = true;
-
- public SamlHeaderOutInterceptor() {
- }
-
- public void setUseDeflateEncoding(boolean deflate) {
- useDeflateEncoding = deflate;
- }
-
public void handleMessage(Message message) throws Fault {
AssertionWrapper assertionWrapper = createAssertion(message);
try {
@@ -86,18 +67,5 @@ public class SamlHeaderOutInterceptor ex
return headers;
}
- private String encodeToken(String assertion) throws Base64Exception {
- byte[] tokenBytes = null;
- try {
- tokenBytes = assertion.getBytes("UTF-8");
- } catch (UnsupportedEncodingException ex) {
- // won't happen
- }
- if (useDeflateEncoding) {
- tokenBytes = new DeflateEncoderDecoder().deflateToken(tokenBytes);
- }
- StringWriter writer = new StringWriter();
- Base64Utility.encode(tokenBytes, 0, tokenBytes.length, writer);
- return writer.toString();
- }
+
}
Modified:
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java?rev=1158157&r1=1158156&r2=1158157&view=diff
==============================================================================
---
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java
(original)
+++
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/BookStore.java
Tue Aug 16 08:56:49 2011
@@ -21,11 +21,13 @@ package org.apache.cxf.systest.jaxrs.sec
import javax.ws.rs.Consumes;
+import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
@Path("/bookstore")
public class BookStore {
@@ -47,6 +49,14 @@ public class BookStore {
public Book addBook(Book book) {
return book;
}
+
+ @POST
+ @Path("/books")
+ @Produces("application/xml")
+ @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+ public Book addBookForm(@FormParam("name") String name, @FormParam("id")
long id) {
+ return new Book(name, id);
+ }
}
Modified:
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java?rev=1158157&r1=1158156&r2=1158157&view=diff
==============================================================================
---
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java
(original)
+++
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/BookServerSaml.java
Tue Aug 16 08:56:49 2011
@@ -19,17 +19,9 @@
package org.apache.cxf.systest.jaxrs.security.saml;
-import java.util.HashMap;
-import java.util.Map;
-
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.jaxrs.JAXRSServerFactoryBean;
-import org.apache.cxf.jaxrs.lifecycle.SingletonResourceProvider;
-
-import org.apache.cxf.rs.security.saml.SamlHeaderInHandler;
-import org.apache.cxf.systest.jaxrs.security.BookStore;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
import org.apache.cxf.testutil.common.TestUtil;
@@ -42,25 +34,13 @@ public class BookServerSaml extends Abst
SpringBusFactory bf = new SpringBusFactory();
Bus springBus = bf.createBus(SERVER_CONFIG_FILE);
BusFactory.setDefaultBus(springBus);
+ setBus(springBus);
- JAXRSServerFactoryBean sf = new JAXRSServerFactoryBean();
-
- sf.setResourceClasses(BookStore.class);
-
- sf.setProvider(new SamlHeaderInHandler());
-
- sf.setResourceProvider(BookStore.class,
- new SingletonResourceProvider(new BookStore(),
true));
- sf.setAddress("https://localhost:" + PORT + "/");
-
- Map<String, Object> properties = new HashMap<String, Object>();
- properties.put("ws-security.callback-handler",
-
"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
- properties.put("ws-security.signature.properties",
-
"org/apache/cxf/systest/jaxrs/security/alice.properties");
- sf.setProperties(properties);
-
- sf.create();
+ try {
+ new BookServerSaml();
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
}
public static void main(String[] args) {
Modified:
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java?rev=1158157&r1=1158156&r2=1158157&view=diff
==============================================================================
---
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java
(original)
+++
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java
Tue Aug 16 08:56:49 2011
@@ -23,16 +23,22 @@ import java.net.URL;
import java.util.HashMap;
import java.util.Map;
+import javax.ws.rs.core.MediaType;
+
import org.apache.cxf.Bus;
import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.interceptor.Interceptor;
import org.apache.cxf.jaxrs.client.ClientWebApplicationException;
import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
import org.apache.cxf.jaxrs.client.ServerWebApplicationException;
import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.jaxrs.ext.form.Form;
+import org.apache.cxf.jaxrs.provider.FormEncodingProvider;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.rs.security.saml.SamlFormOutInterceptor;
import org.apache.cxf.rs.security.saml.SamlHeaderOutInterceptor;
import org.apache.cxf.systest.jaxrs.security.Book;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
-
import org.junit.BeforeClass;
import org.junit.Test;
@@ -47,7 +53,53 @@ public class JAXRSSamlTest extends Abstr
@Test
public void testGetBookSAMLTokenAsHeader() throws Exception {
- String address = "https://localhost:" + PORT + "/bookstore/books/123";
+ String address = "https://localhost:" + PORT +
"/samlheader/bookstore/books/123";
+
+ WebClient wc = createWebClient(address, new
SamlHeaderOutInterceptor(), null);
+
+ try {
+ Book book = wc.get(Book.class);
+ assertEquals(123L, book.getId());
+ } catch (ServerWebApplicationException ex) {
+ fail(ex.getMessage());
+ } catch (ClientWebApplicationException ex) {
+ if (ex.getCause() != null && ex.getCause().getMessage() != null) {
+ fail(ex.getCause().getMessage());
+ } else {
+ fail(ex.getMessage());
+ }
+ }
+
+ }
+
+ @Test
+ public void testGetBookSAMLTokenInForm() throws Exception {
+ String address = "https://localhost:" + PORT +
"/samlform/bookstore/books";
+ FormEncodingProvider formProvider = new FormEncodingProvider();
+ formProvider.setExpectedEncoded(true);
+ WebClient wc = createWebClient(address, new SamlFormOutInterceptor(),
+ formProvider);
+
+
wc.type(MediaType.APPLICATION_FORM_URLENCODED).accept(MediaType.APPLICATION_XML);
+ try {
+ Book book = wc.post(new Form().set("name", "CXF").set("id", 125),
+ Book.class);
+ assertEquals(125L, book.getId());
+ } catch (ServerWebApplicationException ex) {
+ fail(ex.getMessage());
+ } catch (ClientWebApplicationException ex) {
+ if (ex.getCause() != null && ex.getCause().getMessage() != null) {
+ fail(ex.getCause().getMessage());
+ } else {
+ fail(ex.getMessage());
+ }
+ }
+
+ }
+
+ private WebClient createWebClient(String address,
+ Interceptor<Message> outInterceptor,
+ Object provider) {
JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
bean.setAddress(address);
@@ -66,24 +118,11 @@ public class JAXRSSamlTest extends Abstr
"org/apache/cxf/systest/jaxrs/security/alice.properties");
properties.put("ws-security.self-sign-saml-assertion", "true");
bean.setProperties(properties);
- bean.getOutInterceptors().add(new SamlHeaderOutInterceptor());
-
- WebClient wc = bean.createWebClient();
- try {
- Book book = wc.get(Book.class);
- assertEquals(123L, book.getId());
- } catch (ServerWebApplicationException ex) {
- fail(ex.getMessage());
- } catch (ClientWebApplicationException ex) {
- if (ex.getCause() != null && ex.getCause().getMessage() != null) {
- fail(ex.getCause().getMessage());
- } else {
- fail(ex.getMessage());
- }
+ bean.getOutInterceptors().add(outInterceptor);
+ if (provider != null) {
+ bean.setProvider(provider);
}
-
+ return bean.createWebClient();
}
-
-
}
Modified:
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/server.xml
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/server.xml?rev=1158157&r1=1158156&r2=1158157&view=diff
==============================================================================
---
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/server.xml
(original)
+++
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/server.xml
Tue Aug 16 08:56:49 2011
@@ -23,7 +23,9 @@ under the License.
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:cxf="http://cxf.apache.org/core"
+ xmlns:jaxrs="http://cxf.apache.org/jaxrs"
xsi:schemaLocation="
+ http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd
http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
@@ -62,4 +64,39 @@ under the License.
</httpj:engine>
</httpj:engine-factory>
+ <bean id="serviceBean"
class="org.apache.cxf.systest.jaxrs.security.BookStore"/>
+ <bean id="samlHeaderHandler"
class="org.apache.cxf.rs.security.saml.SamlHeaderInHandler"/>
+ <bean id="samlFormHandler"
class="org.apache.cxf.rs.security.saml.SamlFormInHandler"/>
+
+ <jaxrs:server
+ address="https://localhost:${testutil.ports.jaxrs-saml}/samlheader">
+ <jaxrs:serviceBeans>
+ <ref bean="serviceBean"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="samlHeaderHandler"/>
+ </jaxrs:providers>
+
+ <jaxrs:properties>
+ <entry key="ws-security.signature.properties"
+
value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
+ </jaxrs:properties>
+
+ </jaxrs:server>
+
+ <jaxrs:server
+ address="https://localhost:${testutil.ports.jaxrs-saml}/samlform">
+ <jaxrs:serviceBeans>
+ <ref bean="serviceBean"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="samlFormHandler"/>
+ </jaxrs:providers>
+
+ <jaxrs:properties>
+ <entry key="ws-security.signature.properties"
+
value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
+ </jaxrs:properties>
+
+ </jaxrs:server>
</beans>