This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch 3.6.x-fixes in repository https://gitbox.apache.org/repos/asf/cxf.git
commit b7a5571fdbd659b54c22a278a0f73ef8f14c55fb Author: Colm O hEigeartaigh <[email protected]> AuthorDate: Thu Nov 13 16:26:29 2025 +0000 Removing ws-security keys from samples, using testutils instead (cherry picked from commit 465b7706bc165e34304ec1280468048a9ad68825) (cherry picked from commit 707cfad13b8dfbc6eddabdb7dca63b14b982fbb4) --- .../release/samples/ws_security/sign_enc/pom.xml | 6 ++++++ .../main/resources/etc/Client_Encrypt.properties | 2 +- .../src/main/resources/etc/Client_Sign.properties | 2 +- .../main/resources/etc/Server_Decrypt.properties | 2 +- .../main/resources/etc/Server_SignVerf.properties | 2 +- .../sign_enc/src/main/resources/keystore/Bethal.jks | Bin 2202 -> 0 bytes .../sign_enc/src/main/resources/keystore/Morpit.jks | Bin 2221 -> 0 bytes .../src/main/resources/keystore/Truststore.jks | Bin 4447 -> 0 bytes .../samples/ws_security/sign_enc_policy/pom.xml | 6 ++++++ .../main/resources/etc/Client_Encrypt.properties | 2 +- .../main/resources/etc/Server_Decrypt.properties | 2 +- .../src/main/resources/keystore/Morpit.jks | Bin 2221 -> 0 bytes .../src/main/resources/keystore/Truststore.jks | Bin 4447 -> 0 bytes .../release/samples/ws_security/ut_policy/pom.xml | 6 ++++++ .../ut_policy/src/main/config/KeyREADME.txt | 20 -------------------- .../ut_policy/src/main/config/clientKeystore.jks | Bin 4559 -> 0 bytes .../ut_policy/src/main/config/serviceKeystore.jks | Bin 3475 -> 0 bytes .../ut_policy/src/main/config/stsstore.jks | Bin 4557 -> 0 bytes .../ut_policy/src/main/resources/ClientConfig.xml | 8 ++++---- .../src/main/resources/ClientConfigStax.xml | 8 ++++---- .../ut_policy/src/main/resources/ServiceConfig.xml | 8 ++++---- .../src/main/resources/ServiceConfigStax.xml | 8 ++++---- 22 files changed, 40 insertions(+), 42 deletions(-) diff --git a/distribution/src/main/release/samples/ws_security/sign_enc/pom.xml b/distribution/src/main/release/samples/ws_security/sign_enc/pom.xml index 36099c5e6f..56d1ef7c81 100644 --- a/distribution/src/main/release/samples/ws_security/sign_enc/pom.xml +++ b/distribution/src/main/release/samples/ws_security/sign_enc/pom.xml @@ -198,6 +198,12 @@ <artifactId>cxf-rt-ws-policy</artifactId> <version>3.6.10-SNAPSHOT</version> </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-testutils</artifactId> + <version>4.1.5-SNAPSHOT</version> + <classifier>keys</classifier> + </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-context</artifactId> diff --git a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Client_Encrypt.properties b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Client_Encrypt.properties index a4b4e17334..9490f03714 100644 --- a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Client_Encrypt.properties +++ b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Client_Encrypt.properties @@ -1,4 +1,4 @@ org.apache.ws.security.crypto.provider=org.apache.wss4j.common.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=password -org.apache.ws.security.crypto.merlin.keystore.file=keystore/Truststore.jks +org.apache.ws.security.crypto.merlin.keystore.file=keys/Truststore.jks diff --git a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Client_Sign.properties b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Client_Sign.properties index 52200f1041..062695fb05 100644 --- a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Client_Sign.properties +++ b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Client_Sign.properties @@ -1,5 +1,5 @@ org.apache.ws.security.crypto.provider=org.apache.wss4j.common.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=password -org.apache.ws.security.crypto.merlin.keystore.file=keystore/Bethal.jks +org.apache.ws.security.crypto.merlin.keystore.file=keys/Bethal.jks diff --git a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Server_Decrypt.properties b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Server_Decrypt.properties index 6501e7a206..3fc4d918d5 100644 --- a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Server_Decrypt.properties +++ b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Server_Decrypt.properties @@ -1,4 +1,4 @@ org.apache.ws.security.crypto.provider=org.apache.wss4j.common.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=password -org.apache.ws.security.crypto.merlin.keystore.file=keystore/Morpit.jks +org.apache.ws.security.crypto.merlin.keystore.file=keys/Morpit.jks diff --git a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Server_SignVerf.properties b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Server_SignVerf.properties index a4b4e17334..9490f03714 100644 --- a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Server_SignVerf.properties +++ b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/etc/Server_SignVerf.properties @@ -1,4 +1,4 @@ org.apache.ws.security.crypto.provider=org.apache.wss4j.common.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=password -org.apache.ws.security.crypto.merlin.keystore.file=keystore/Truststore.jks +org.apache.ws.security.crypto.merlin.keystore.file=keys/Truststore.jks diff --git a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/keystore/Bethal.jks b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/keystore/Bethal.jks deleted file mode 100644 index 8da2ad06ee..0000000000 Binary files a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/keystore/Bethal.jks and /dev/null differ diff --git a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/keystore/Morpit.jks b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/keystore/Morpit.jks deleted file mode 100644 index b179baf29f..0000000000 Binary files a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/keystore/Morpit.jks and /dev/null differ diff --git a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/keystore/Truststore.jks b/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/keystore/Truststore.jks deleted file mode 100644 index 0abd848d28..0000000000 Binary files a/distribution/src/main/release/samples/ws_security/sign_enc/src/main/resources/keystore/Truststore.jks and /dev/null differ diff --git a/distribution/src/main/release/samples/ws_security/sign_enc_policy/pom.xml b/distribution/src/main/release/samples/ws_security/sign_enc_policy/pom.xml index 0863dd1fc3..85a8d9ce93 100644 --- a/distribution/src/main/release/samples/ws_security/sign_enc_policy/pom.xml +++ b/distribution/src/main/release/samples/ws_security/sign_enc_policy/pom.xml @@ -191,6 +191,12 @@ <artifactId>cxf-rt-ws-policy</artifactId> <version>${project.version}</version> </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-testutils</artifactId> + <version>4.1.5-SNAPSHOT</version> + <classifier>keys</classifier> + </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-context</artifactId> diff --git a/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/etc/Client_Encrypt.properties b/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/etc/Client_Encrypt.properties index a4b4e17334..9490f03714 100644 --- a/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/etc/Client_Encrypt.properties +++ b/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/etc/Client_Encrypt.properties @@ -1,4 +1,4 @@ org.apache.ws.security.crypto.provider=org.apache.wss4j.common.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=password -org.apache.ws.security.crypto.merlin.keystore.file=keystore/Truststore.jks +org.apache.ws.security.crypto.merlin.keystore.file=keys/Truststore.jks diff --git a/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/etc/Server_Decrypt.properties b/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/etc/Server_Decrypt.properties index 6501e7a206..3fc4d918d5 100644 --- a/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/etc/Server_Decrypt.properties +++ b/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/etc/Server_Decrypt.properties @@ -1,4 +1,4 @@ org.apache.ws.security.crypto.provider=org.apache.wss4j.common.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=password -org.apache.ws.security.crypto.merlin.keystore.file=keystore/Morpit.jks +org.apache.ws.security.crypto.merlin.keystore.file=keys/Morpit.jks diff --git a/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/keystore/Morpit.jks b/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/keystore/Morpit.jks deleted file mode 100644 index b179baf29f..0000000000 Binary files a/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/keystore/Morpit.jks and /dev/null differ diff --git a/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/keystore/Truststore.jks b/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/keystore/Truststore.jks deleted file mode 100644 index 0abd848d28..0000000000 Binary files a/distribution/src/main/release/samples/ws_security/sign_enc_policy/src/main/resources/keystore/Truststore.jks and /dev/null differ diff --git a/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml b/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml index 495c43770e..6e9f3e15a8 100644 --- a/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml +++ b/distribution/src/main/release/samples/ws_security/ut_policy/pom.xml @@ -219,6 +219,12 @@ <artifactId>cxf-rt-ws-policy</artifactId> <version>${project.version}</version> </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-testutils</artifactId> + <version>4.1.5-SNAPSHOT</version> + <classifier>keys</classifier> + </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-context</artifactId> diff --git a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/KeyREADME.txt b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/KeyREADME.txt deleted file mode 100644 index edeb2ca8e0..0000000000 --- a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/KeyREADME.txt +++ /dev/null @@ -1,20 +0,0 @@ -# The below scripts show the commands used to generate the self-signed keys for this sample. -# If you use the below script to create your own keys be sure to change the passwords used here -# DO NOT USE THE SUPPLIED KEYS IN PRODUCTION--everyone has them!! -# For production recommended to use keys signed by a third-party certificate authority (CA) - -# Create the combination keystore/truststore for the client and service. -# Note you can create separate keystores/truststores for both if desired -keytool -genkeypair -validity 730 -alias myservicekey -keystore serviceKeystore.jks -dname "cn=localhost" -keypass skpass -storepass sspass -keytool -genkeypair -validity 730 -alias myclientkey -keystore clientKeystore.jks -keypass ckpass -storepass cspass - -# Place server public cert in client key/truststore -keytool -export -rfc -keystore serviceKeystore.jks -alias myservicekey -file MyService.cer -storepass sspass -keytool -import -noprompt -trustcacerts -file MyService.cer -alias myservicekey -keystore clientKeystore.jks -storepass cspass - -# Place client public cert in service key/truststore -# Note this needs to be done only if you're requiring client authentication -# as configured in resources/ServerConfig.xml -keytool -export -rfc -keystore clientKeystore.jks -alias myclientkey -file MyClient.cer -storepass cspass -keytool -import -noprompt -trustcacerts -file MyClient.cer -alias myclientkey -keystore serviceKeystore.jks -storepass sspass - diff --git a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/clientKeystore.jks b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/clientKeystore.jks deleted file mode 100644 index f734f87b3a..0000000000 Binary files a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/clientKeystore.jks and /dev/null differ diff --git a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/serviceKeystore.jks b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/serviceKeystore.jks deleted file mode 100644 index 999ee824c3..0000000000 Binary files a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/serviceKeystore.jks and /dev/null differ diff --git a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/stsstore.jks b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/stsstore.jks deleted file mode 100644 index 51f131f223..0000000000 Binary files a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/config/stsstore.jks and /dev/null differ diff --git a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ClientConfig.xml b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ClientConfig.xml index 12babae313..bfcb89fb6d 100644 --- a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ClientConfig.xml +++ b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ClientConfig.xml @@ -34,11 +34,11 @@ </cxf:bus> <http:conduit name="{http://apache.org/hello_world_soap_http}SoapPort.http-conduit";> <http:tlsClientParameters disableCNCheck="true"> - <sec:keyManagers keyPassword="ckpass"> - <sec:keyStore file="src/main/config/clientKeystore.jks" password="cspass" type="JKS"/> + <sec:keyManagers keyPassword="cspass"> + <sec:keyStore resource="keys/clientstore.jks" password="cspass" type="JKS"/> </sec:keyManagers> <sec:trustManagers> - <sec:keyStore file="src/main/config/stsstore.jks" password="stsspass" type="JKS"/> + <sec:keyStore resource="keys/stsstore.jks" password="stsspass" type="JKS"/> </sec:trustManagers> </http:tlsClientParameters> </http:conduit> @@ -48,4 +48,4 @@ <entry key="security.callback-handler" value="demo.wssec.client.UTPasswordCallback"/> </jaxws:properties> </jaxws:client> -</beans> \ No newline at end of file +</beans> diff --git a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ClientConfigStax.xml b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ClientConfigStax.xml index b1fc8fb607..c1e3fd946c 100644 --- a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ClientConfigStax.xml +++ b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ClientConfigStax.xml @@ -34,11 +34,11 @@ </cxf:bus> <http:conduit name="{http://apache.org/hello_world_soap_http}SoapPort.http-conduit";> <http:tlsClientParameters disableCNCheck="true"> - <sec:keyManagers keyPassword="ckpass"> - <sec:keyStore file="src/main/config/clientKeystore.jks" password="cspass" type="JKS"/> + <sec:keyManagers keyPassword="cspass"> + <sec:keyStore resource="keys/clientstore.jks" password="cspass" type="JKS"/> </sec:keyManagers> <sec:trustManagers> - <sec:keyStore file="src/main/config/stsstore.jks" password="stsspass" type="JKS"/> + <sec:keyStore resource="keys/stsstore.jks" password="stsspass" type="JKS"/> </sec:trustManagers> </http:tlsClientParameters> </http:conduit> @@ -49,4 +49,4 @@ <entry key="ws-security.enable.streaming" value="true"/> </jaxws:properties> </jaxws:client> -</beans> \ No newline at end of file +</beans> diff --git a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ServiceConfig.xml b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ServiceConfig.xml index 999f3ba549..261f74cb71 100644 --- a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ServiceConfig.xml +++ b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ServiceConfig.xml @@ -52,14 +52,14 @@ <httpj:engine-factory id="ClientAuthHttpsSettings"> <httpj:engine port="9001"> <httpj:tlsServerParameters> - <sec:keyManagers keyPassword="skpass"> - <sec:keyStore file="src/main/config/serviceKeystore.jks" password="sspass" type="JKS"/> + <sec:keyManagers keyPassword="sspass"> + <sec:keyStore resource="keys/servicestore.jks" password="sspass" type="JKS"/> </sec:keyManagers> <sec:trustManagers> - <sec:keyStore file="src/main/config/stsstore.jks" password="stsspass" type="JKS"/> + <sec:keyStore resource="keys/stsstore.jks" password="stsspass" type="JKS"/> </sec:trustManagers> <sec:clientAuthentication want="true" required="true"/> </httpj:tlsServerParameters> </httpj:engine> </httpj:engine-factory> -</beans> \ No newline at end of file +</beans> diff --git a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ServiceConfigStax.xml b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ServiceConfigStax.xml index 25cbca1d15..ccc99b33d8 100644 --- a/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ServiceConfigStax.xml +++ b/distribution/src/main/release/samples/ws_security/ut_policy/src/main/resources/ServiceConfigStax.xml @@ -53,14 +53,14 @@ <httpj:engine-factory id="ClientAuthHttpsSettings"> <httpj:engine port="9001"> <httpj:tlsServerParameters> - <sec:keyManagers keyPassword="skpass"> - <sec:keyStore file="src/main/config/serviceKeystore.jks" password="sspass" type="JKS"/> + <sec:keyManagers keyPassword="sspass"> + <sec:keyStore resource="keys/servicestore.jks" password="sspass" type="JKS"/> </sec:keyManagers> <sec:trustManagers> - <sec:keyStore file="src/main/config/stsstore.jks" password="stsspass" type="JKS"/> + <sec:keyStore resource="keys/stsstore.jks" password="stsspass" type="JKS"/> </sec:trustManagers> <sec:clientAuthentication want="true" required="true"/> </httpj:tlsServerParameters> </httpj:engine> </httpj:engine-factory> -</beans> \ No newline at end of file +</beans>
