Repository: cxf Updated Branches: refs/heads/2.7.x-fixes 449255214 -> e5014f1be
[CXF-5810]:Empty response is returned when both security policy and handler chain are enabled Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e5014f1b Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e5014f1b Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e5014f1b Branch: refs/heads/2.7.x-fixes Commit: e5014f1beab3a430b6c9b88adb179e0fede7625b Parents: 4492552 Author: Jim Ma <e...@apache.org> Authored: Wed Jun 18 09:16:16 2014 +0800 Committer: Jim Ma <e...@apache.org> Committed: Wed Jun 18 09:16:47 2014 +0800 ---------------------------------------------------------------------- .../binding/soap/saaj/SAAJOutInterceptor.java | 6 +- .../policy/handler/CommonPasswordCallback.java | 58 +++++++++++++++ .../systest/ws/policy/handler/DummyHandler.java | 54 ++++++++++++++ .../systest/ws/policy/handler/HelloService.java | 42 +++++++++++ .../ws/policy/handler/HelloServiceImpl.java | 45 ++++++++++++ .../cxf/systest/ws/policy/handler/MyFault.java | 37 ++++++++++ .../handler/PolicyHandlerFaultResponseTest.java | 72 +++++++++++++++++++ .../cxf/systest/ws/policy/handler/Server.java | 45 ++++++++++++ .../cxf/systest/ws/policy/handler/handlers.xml | 10 +++ .../src/test/resources/alice.properties | 21 ++++++ .../src/test/resources/certs/alice.jks | Bin 0 -> 2428 bytes .../resources/handler_policies/inputPolicy.xml | 25 +++++++ .../resources/handler_policies/outputPolicy.xml | 25 +++++++ .../handler_policies/x509SecurityPolicy.xml | 61 ++++++++++++++++ 14 files changed, 499 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJOutInterceptor.java ---------------------------------------------------------------------- diff --git a/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJOutInterceptor.java b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJOutInterceptor.java index 7531b68..a6c47c6 100644 --- a/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJOutInterceptor.java +++ b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJOutInterceptor.java @@ -124,8 +124,10 @@ public class SAAJOutInterceptor extends AbstractSoapInterceptor { SOAPMessage soapMessage = factory.createMessage(); SOAPPart soapPart = soapMessage.getSOAPPart(); - - XMLStreamWriter origWriter = message.getContent(XMLStreamWriter.class); + XMLStreamWriter origWriter = (XMLStreamWriter)message.get(ORIGINAL_XML_WRITER); + if (origWriter == null) { + origWriter = message.getContent(XMLStreamWriter.class); + } message.put(ORIGINAL_XML_WRITER, origWriter); W3CDOMStreamWriter writer = new SAAJStreamWriter(soapPart); // Replace stax writer with DomStreamWriter http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/CommonPasswordCallback.java ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/CommonPasswordCallback.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/CommonPasswordCallback.java new file mode 100644 index 0000000..7f2f951 --- /dev/null +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/CommonPasswordCallback.java @@ -0,0 +1,58 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.systest.ws.policy.handler; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.UnsupportedCallbackException; + +import org.apache.ws.security.WSPasswordCallback; + +public class CommonPasswordCallback implements CallbackHandler { + + private Map<String, String> passwords = new HashMap<String, String>(); + + public CommonPasswordCallback() { + passwords.put("abc", "abc"); + passwords.put("alice", "password"); + passwords.put("bob", "password"); + } + + public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { + for (int i = 0; i < callbacks.length; i++) { + WSPasswordCallback pc = (WSPasswordCallback)callbacks[i]; + String pass = passwords.get(pc.getIdentifier()); + if (pass != null) { + pc.setPassword(pass); + return; + } + } + } + + /** + * Add an alias/password pair to the callback mechanism. + */ + public void setAliasPassword(String alias, String password) { + passwords.put(alias, password); + } +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/DummyHandler.java ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/DummyHandler.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/DummyHandler.java new file mode 100644 index 0000000..2f03300 --- /dev/null +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/DummyHandler.java @@ -0,0 +1,54 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.systest.ws.policy.handler; + +import java.util.HashSet; +import java.util.Set; + +import javax.xml.namespace.QName; +import javax.xml.ws.handler.MessageContext; +import javax.xml.ws.handler.soap.SOAPHandler; +import javax.xml.ws.handler.soap.SOAPMessageContext; + +public class DummyHandler implements SOAPHandler<SOAPMessageContext> { + + @Override + public boolean handleMessage(SOAPMessageContext context) { + return true; + } + + @Override + public boolean handleFault(SOAPMessageContext context) { + return true; + } + + @Override + public void close(MessageContext context) { + } + + @Override + public Set<QName> getHeaders() { + Set<QName> understoodHeaders = new HashSet<QName>(); + QName securityHeader = + new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";, "Security"); + understoodHeaders.add(securityHeader); + return understoodHeaders; + } + +} http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloService.java ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloService.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloService.java new file mode 100644 index 0000000..96826fb --- /dev/null +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloService.java @@ -0,0 +1,42 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.systest.ws.policy.handler; + +import javax.jws.WebMethod; +import javax.jws.WebParam; +import javax.jws.WebResult; +import javax.jws.WebService; + +import org.apache.cxf.annotations.Policies; +import org.apache.cxf.annotations.Policy; + +@WebService(serviceName = "HelloPolicyService") +@Policy(placement = Policy.Placement.BINDING, uri = "classpath:/handler_policies/x509SecurityPolicy.xml") +public interface HelloService { + + @WebMethod(action = "checkHello") + @WebResult(name = "result") + @Policies({ + @Policy(uri = "classpath:/handler_policies/inputPolicy.xml", + placement = Policy.Placement.PORT_TYPE_OPERATION_INPUT), + @Policy(uri = "classpath:/handler_policies/outputPolicy.xml", + placement = Policy.Placement.PORT_TYPE_OPERATION_OUTPUT) + }) + boolean checkHello(@WebParam(name = "input") String input) throws MyFault; +} http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java new file mode 100644 index 0000000..c93cbf2 --- /dev/null +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java @@ -0,0 +1,45 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.systest.ws.policy.handler; + +import javax.jws.HandlerChain; +import javax.jws.WebParam; +import javax.jws.WebResult; +import javax.jws.WebService; + +import org.apache.cxf.annotations.EndpointProperties; +import org.apache.cxf.annotations.EndpointProperty; + +@WebService(name = "HelloPolicyService", serviceName = "HelloPolicyService") +@EndpointProperties(value = { + @EndpointProperty(key = "ws-security.callback-handler", + value = "org.apache.cxf.systest.ws.policy.handler.CommonPasswordCallback"), + @EndpointProperty(key = "ws-security.is-bsp-compliant", value = "false"), + @EndpointProperty(key = "ws-security.signature.properties", value = "alice.properties"), + @EndpointProperty(key = "ws-security.signature.username", value = "alice") + }) +@HandlerChain(file = "handlers.xml") +public class HelloServiceImpl implements HelloService { + @Override + @WebResult(name = "result") + public boolean checkHello(@WebParam(name = "input") String input) throws MyFault { + throw new MyFault("myMessage", "myFaultInfo"); + } + +} http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/MyFault.java ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/MyFault.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/MyFault.java new file mode 100644 index 0000000..c7fc209 --- /dev/null +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/MyFault.java @@ -0,0 +1,37 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.systest.ws.policy.handler; + +import javax.xml.ws.WebFault; + +@SuppressWarnings("serial") +@WebFault +public class MyFault extends Exception { + + private String faultInfo; + + public MyFault(String message, String faultInfo) { + super(message); + this.faultInfo = faultInfo; + } + + public String getFaultInfo() { + return faultInfo; + } +} http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/PolicyHandlerFaultResponseTest.java ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/PolicyHandlerFaultResponseTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/PolicyHandlerFaultResponseTest.java new file mode 100644 index 0000000..2681829 --- /dev/null +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/PolicyHandlerFaultResponseTest.java @@ -0,0 +1,72 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.systest.ws.policy.handler; + +import java.net.URL; +import java.util.Map; + +import javax.xml.namespace.QName; +import javax.xml.ws.BindingProvider; +import javax.xml.ws.Service; +import javax.xml.ws.soap.SOAPBinding; + +import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; +import org.apache.cxf.ws.security.SecurityConstants; +import org.junit.BeforeClass; +import org.junit.Test; + +public class PolicyHandlerFaultResponseTest extends AbstractBusClientServerTestBase { + public static final String PORT = Server.PORT; + private final QName serviceName = new QName("http://handler.policy.ws.systest.cxf.apache.org/";, + "HelloPolicyService"); + + @BeforeClass + public static void startServers() throws Exception { + assertTrue("server did not launch correctly", launchServer(Server.class)); + + } + + @Test + public void testFaultResponse() throws Exception { + String address = "http://localhost:"; + PORT + "/policytest"; + URL wsdlURL = new URL(address + "?wsdl"); + + Service service = Service.create(wsdlURL, serviceName); + service + .addPort(new QName("http://handler.policy.ws.systest.cxf.apache.org/";, "HelloPolicyServicePort"), + SOAPBinding.SOAP11HTTP_BINDING, address); + HelloService port = service.getPort(new QName("http://handler.policy.ws.systest.cxf.apache.org/";, + "HelloPolicyServicePort"), HelloService.class); + Map<String, Object> context = ((BindingProvider)port).getRequestContext(); + context.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, address); + + context.put(SecurityConstants.CALLBACK_HANDLER, new CommonPasswordCallback()); + context.put(SecurityConstants.SIGNATURE_PROPERTIES, "alice.properties"); + context.put(SecurityConstants.SIGNATURE_USERNAME, "alice"); + + try { + port.checkHello("input"); + fail("Exception is expected"); + } catch (MyFault e) { + assertEquals("Fault is not expected", "myMessage", e.getMessage()); + } + + } + +} http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/Server.java ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/Server.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/Server.java new file mode 100644 index 0000000..bcd7072 --- /dev/null +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/Server.java @@ -0,0 +1,45 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.cxf.systest.ws.policy.handler; + +import javax.xml.ws.Endpoint; + +import org.apache.cxf.testutil.common.AbstractBusTestServerBase; + +public class Server extends AbstractBusTestServerBase { + public static final String PORT = allocatePort(Server.class); + protected void run() { + Object implementor = new HelloServiceImpl(); + String address = "http://localhost:"; + PORT + "/policytest"; + Endpoint.publish(address, implementor); + } + + public static void main(String args[]) { + try { + Server s = new Server(); + s.start(); + } catch (Exception ex) { + ex.printStackTrace(); + System.exit(-1); + } finally { + System.out.println("done!"); + } + } +} http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/handlers.xml ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/handlers.xml b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/handlers.xml new file mode 100644 index 0000000..8348eda --- /dev/null +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/handlers.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<handler-chains xmlns="http://java.sun.com/xml/ns/javaee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee javaee_web_services_1_2.xsd"> + <handler-chain> + <handler> + <handler-name>Dummy</handler-name> + <handler-class>org.apache.cxf.systest.ws.policy.handler.DummyHandler</handler-class> + </handler> + </handler-chain> +</handler-chains> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/resources/alice.properties ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/alice.properties b/systests/ws-security/src/test/resources/alice.properties new file mode 100644 index 0000000..1b9111d --- /dev/null +++ b/systests/ws-security/src/test/resources/alice.properties @@ -0,0 +1,21 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin +org.apache.ws.security.crypto.merlin.keystore.type=jks +org.apache.ws.security.crypto.merlin.keystore.password=password +org.apache.ws.security.crypto.merlin.keystore.alias=alice +org.apache.ws.security.crypto.merlin.keystore.file=certs/alice.jks http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/resources/certs/alice.jks ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/certs/alice.jks b/systests/ws-security/src/test/resources/certs/alice.jks new file mode 100644 index 0000000..9f47a5c Binary files /dev/null and b/systests/ws-security/src/test/resources/certs/alice.jks differ http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/resources/handler_policies/inputPolicy.xml ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/handler_policies/inputPolicy.xml b/systests/ws-security/src/test/resources/handler_policies/inputPolicy.xml new file mode 100644 index 0000000..35e6c99 --- /dev/null +++ b/systests/ws-security/src/test/resources/handler_policies/inputPolicy.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<wsp:Policy wsu:Id="Input_Security_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"; + xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> + <wsp:ExactlyOne> + <wsp:All/> + </wsp:ExactlyOne> +</wsp:Policy> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/resources/handler_policies/outputPolicy.xml ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/handler_policies/outputPolicy.xml b/systests/ws-security/src/test/resources/handler_policies/outputPolicy.xml new file mode 100644 index 0000000..4c15073 --- /dev/null +++ b/systests/ws-security/src/test/resources/handler_policies/outputPolicy.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<wsp:Policy wsu:Id="Output_Security_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"; + xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> + <wsp:ExactlyOne> + <wsp:All /> + </wsp:ExactlyOne> +</wsp:Policy> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/cxf/blob/e5014f1b/systests/ws-security/src/test/resources/handler_policies/x509SecurityPolicy.xml ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/handler_policies/x509SecurityPolicy.xml b/systests/ws-security/src/test/resources/handler_policies/x509SecurityPolicy.xml new file mode 100644 index 0000000..55ed83f --- /dev/null +++ b/systests/ws-security/src/test/resources/handler_policies/x509SecurityPolicy.xml @@ -0,0 +1,61 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<wsp:Policy wsu:Id="X509SecurityPolicy" xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"; + xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; xmlns:wsa="http://www.w3.org/2005/08/addressing"; + xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> + <wsp:ExactlyOne> + <wsp:All> + <sp:AsymmetricBinding> + <wsp:Policy> + <sp:InitiatorToken> + <wsp:Policy> + <sp:X509Token + sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> + <wsp:Policy> + <sp:WssX509V3Token10 /> + </wsp:Policy> + </sp:X509Token> + </wsp:Policy> + </sp:InitiatorToken> + <sp:RecipientToken> + <wsp:Policy> + <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";> + <wsp:Policy> + <sp:WssX509V3Token10 /> + </wsp:Policy> + </sp:X509Token> + </wsp:Policy> + </sp:RecipientToken> + <sp:AlgorithmSuite> + <wsp:Policy> + <sp:Basic128 /> + </wsp:Policy> + </sp:AlgorithmSuite> + <sp:Layout> + <wsp:Policy> + <sp:Strict /> + </wsp:Policy> + </sp:Layout> + <sp:IncludeTimestamp /> + </wsp:Policy> + </sp:AsymmetricBinding> + </wsp:All> + </wsp:ExactlyOne> +</wsp:Policy> \ No newline at end of file
