http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/java/org/apache/cxf/systest/https/constraints/CertConstraintsTest.java ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/constraints/CertConstraintsTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/constraints/CertConstraintsTest.java new file mode 100644 index 0000000..8aa5730 --- /dev/null +++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/constraints/CertConstraintsTest.java @@ -0,0 +1,163 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.cxf.systest.https.constraints; + +import java.net.URL; + +import javax.xml.ws.BindingProvider; + +import org.apache.cxf.BusFactory; +import org.apache.cxf.configuration.Configurer; +import org.apache.cxf.systest.https.BusServer; +import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; +import org.apache.hello_world.Greeter; +import org.apache.hello_world.services.SOAPService; +import org.junit.BeforeClass; +import org.junit.Test; + +/** + * This test is meant to run against a spring-loaded HTTP/S service. It tests the certificate + * constraints logic. + */ +public class CertConstraintsTest extends AbstractBusClientServerTestBase { + // + // data + // + + @BeforeClass + public static void allocatePorts() { + BusServer.resetPortMap(); + } + + /** + * the package path used to locate resources specific to this test + */ + private void setTheConfiguration(String config) { + //System.setProperty("javax.net.debug", "all"); + try { + System.setProperty( + Configurer.USER_CFG_FILE_PROPERTY_URL, + CertConstraintsTest.class.getResource(config).toString() + ); + } catch (final Exception e) { + e.printStackTrace(); + } + } + + public void startServers() throws Exception { + assertTrue( + "Server failed to launch", + // run the server in the same process + // set this to false to fork a new process + launchServer(BusServer.class, true) + ); + } + + + public void stopServers() throws Exception { + stopAllServers(); + System.clearProperty(Configurer.USER_CFG_FILE_PROPERTY_URL); + BusFactory.setDefaultBus(null); + BusFactory.setThreadDefaultBus(null); + } + + + // + // tests + // + public final void testSuccessfulCall(String address) throws Exception { + URL url = SOAPService.WSDL_LOCATION; + SOAPService service = new SOAPService(url, SOAPService.SERVICE); + assertNotNull("Service is null", service); + final Greeter port = service.getHttpsPort(); + assertNotNull("Port is null", port); + + BindingProvider provider = (BindingProvider)port; + provider.getRequestContext().put( + BindingProvider.ENDPOINT_ADDRESS_PROPERTY, + address); + + assertEquals(port.greetMe("Kitty"), "Hello Kitty"); + } + + public final void testFailedCall(String address) throws Exception { + URL url = SOAPService.WSDL_LOCATION; + SOAPService service = new SOAPService(url, SOAPService.SERVICE); + assertNotNull("Service is null", service); + final Greeter port = service.getHttpsPort(); + assertNotNull("Port is null", port); + + BindingProvider provider = (BindingProvider)port; + provider.getRequestContext().put( + BindingProvider.ENDPOINT_ADDRESS_PROPERTY, + address); + + try { + assertEquals(port.greetMe("Kitty"), "Hello Kitty"); + fail("Failure expected"); + } catch (javax.xml.ws.soap.SOAPFaultException ex) { + // expected + } catch (javax.xml.ws.WebServiceException ex) { + // expected + } + } + + @Test + public final void testCertConstraints() throws Exception { + setTheConfiguration("jaxws-server-constraints.xml"); + startServers(); + + // + // Good Subject DN + // + testSuccessfulCall("https://localhost:" + BusServer.getPort(0) + "/SoapContext/HttpsPort"); + // + // Bad Subject DN + // + testFailedCall("https://localhost:" + BusServer.getPort(1) + "/SoapContext/HttpsPort"); + // + // Mixed Subject DN (ALL) + // + testFailedCall("https://localhost:" + BusServer.getPort(2) + "/SoapContext/HttpsPort"); + // + // Mixed Subject DN (ANY) + // + testSuccessfulCall("https://localhost:" + BusServer.getPort(3) + "/SoapContext/HttpsPort"); + // + // Mixed Issuer DN (ALL) + // + testFailedCall("https://localhost:" + BusServer.getPort(4) + "/SoapContext/HttpsPort"); + // + // Mixed Issuer DN (ANY) + // + testSuccessfulCall("https://localhost:" + BusServer.getPort(5) + "/SoapContext/HttpsPort"); + // + // Bad server Subject DN + // + testFailedCall("https://localhost:" + BusServer.getPort(6) + "/SoapContext/HttpsPort"); + // + // Bad server Issuer DN + // + testFailedCall("https://localhost:" + BusServer.getPort(7) + "/SoapContext/HttpsPort"); + + stopServers(); + } + +}
http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/java/org/apache/cxf/systest/https/ssl3/SSLv3Server.java ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/ssl3/SSLv3Server.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/ssl3/SSLv3Server.java new file mode 100644 index 0000000..d8a70d5 --- /dev/null +++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/ssl3/SSLv3Server.java @@ -0,0 +1,47 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.cxf.systest.https.ssl3; + +import java.net.URL; + +import org.apache.cxf.Bus; +import org.apache.cxf.BusFactory; +import org.apache.cxf.bus.spring.SpringBusFactory; +import org.apache.cxf.testutil.common.AbstractBusTestServerBase; + +public class SSLv3Server extends AbstractBusTestServerBase { + + public SSLv3Server() { + + } + + protected void run() { + URL busFile = SSLv3Server.class.getResource("sslv3-server.xml"); + Bus busLocal = new SpringBusFactory().createBus(busFile); + BusFactory.setDefaultBus(busLocal); + setBus(busLocal); + + try { + new SSLv3Server(); + } catch (Exception e) { + e.printStackTrace(); + } + } +} http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/java/org/apache/cxf/systest/https/ssl3/SSLv3Test.java ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/ssl3/SSLv3Test.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/ssl3/SSLv3Test.java new file mode 100644 index 0000000..9259420 --- /dev/null +++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/ssl3/SSLv3Test.java @@ -0,0 +1,204 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.cxf.systest.https.ssl3; + +import java.io.IOException; +import java.net.URL; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; +import javax.xml.ws.BindingProvider; + +import org.apache.cxf.Bus; +import org.apache.cxf.bus.spring.SpringBusFactory; +import org.apache.cxf.common.logging.LogUtils; +import org.apache.cxf.configuration.jsse.SSLUtils; +import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; +import org.apache.hello_world.Greeter; +import org.apache.hello_world.services.SOAPService; +import org.junit.AfterClass; +import org.junit.BeforeClass; + +/** + * A set of tests SSL v3 protocol support. It should be disallowed by default on both the + * (Jetty) server and CXF client side. + */ +public class SSLv3Test extends AbstractBusClientServerTestBase { + static final String PORT = allocatePort(SSLv3Server.class); + static final String PORT2 = allocatePort(SSLv3Server.class, 2); + static final String PORT3 = allocatePort(SSLv3Server.class, 3); + + @BeforeClass + public static void startServers() throws Exception { + assertTrue( + "Server failed to launch", + // run the server in the same process + // set this to false to fork + launchServer(SSLv3Server.class, true) + ); + } + + @AfterClass + public static void cleanup() throws Exception { + stopAllServers(); + } + + @org.junit.Test + public void testSSLv3ServerNotAllowedByDefault() throws Exception { + + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = SSLv3Test.class.getResource("sslv3-client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + System.setProperty("https.protocols", "SSLv3"); + + URL service = new URL("https://localhost:" + PORT); + HttpsURLConnection connection = (HttpsURLConnection) service.openConnection(); + + connection.setHostnameVerifier(new DisableCNCheckVerifier()); + + SSLContext sslContext = SSLContext.getInstance("SSL"); + URL keystore = SSLv3Test.class.getResource("../../../../../../keys/Truststore.jks"); + TrustManager[] trustManagers = + SSLUtils.getTrustStoreManagers(false, "jks", keystore.getPath(), + "PKIX", LogUtils.getL7dLogger(SSLv3Test.class)); + sslContext.init(null, trustManagers, new java.security.SecureRandom()); + + connection.setSSLSocketFactory(sslContext.getSocketFactory()); + + try { + connection.connect(); + fail("Failure expected on an SSLv3 connection attempt"); + } catch (IOException ex) { + // expected + } + + System.clearProperty("https.protocols"); + + bus.shutdown(true); + } + + @org.junit.Test + public void testSSLv3ServerAllowed() throws Exception { + + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = SSLv3Test.class.getResource("sslv3-client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + System.setProperty("https.protocols", "SSLv3"); + + URL service = new URL("https://localhost:" + PORT2); + HttpsURLConnection connection = (HttpsURLConnection) service.openConnection(); + + connection.setHostnameVerifier(new DisableCNCheckVerifier()); + + SSLContext sslContext = SSLContext.getInstance("SSL"); + URL keystore = SSLv3Test.class.getResource("../../../../../../keys/Truststore.jks"); + TrustManager[] trustManagers = + SSLUtils.getTrustStoreManagers(false, "jks", keystore.getPath(), + "PKIX", LogUtils.getL7dLogger(SSLv3Test.class)); + sslContext.init(null, trustManagers, new java.security.SecureRandom()); + + connection.setSSLSocketFactory(sslContext.getSocketFactory()); + + connection.connect(); + + connection.disconnect(); + + System.clearProperty("https.protocols"); + + bus.shutdown(true); + } + + @org.junit.Test + public void testClientSSL3NotAllowed() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = SSLv3Test.class.getResource("sslv3-client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + URL url = SOAPService.WSDL_LOCATION; + SOAPService service = new SOAPService(url, SOAPService.SERVICE); + assertNotNull("Service is null", service); + final Greeter port = service.getHttpsPort(); + assertNotNull("Port is null", port); + + BindingProvider provider = (BindingProvider)port; + provider.getRequestContext().put("use.async.http.conduit", Boolean.FALSE); + + updateAddressPort(port, PORT3); + + try { + port.greetMe("Kitty"); + fail("Failure expected on the client not supporting SSLv3 by default"); + } catch (Exception ex) { + // expected + } + + ((java.io.Closeable)port).close(); + bus.shutdown(true); + } + + @org.junit.Test + public void testClientSSL3Allowed() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = SSLv3Test.class.getResource("sslv3-client-allow.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + URL url = SOAPService.WSDL_LOCATION; + SOAPService service = new SOAPService(url, SOAPService.SERVICE); + assertNotNull("Service is null", service); + final Greeter port = service.getHttpsPort(); + assertNotNull("Port is null", port); + + BindingProvider provider = (BindingProvider)port; + provider.getRequestContext().put("use.async.http.conduit", Boolean.FALSE); + + updateAddressPort(port, PORT3); + + assertEquals(port.greetMe("Kitty"), "Hello Kitty"); + + ((java.io.Closeable)port).close(); + bus.shutdown(true); + } + + private static final class DisableCNCheckVerifier implements HostnameVerifier { + + @Override + public boolean verify(String arg0, SSLSession arg1) { + return true; + } + + }; +} http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/Bethal.cxf ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Bethal.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Bethal.cxf deleted file mode 100644 index 2700d2a..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Bethal.cxf +++ /dev/null @@ -1,72 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> - -<!-- - ** This file configures the Bethal Server. - ** It is an https server that conditionally responds - ** with 401s. - --> - -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:cxf="http://cxf.apache.org/core" - xmlns:sec="http://cxf.apache.org/configuration/security" - xmlns:http="http://cxf.apache.org/transports/http/configuration" - xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" - xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" - xsi:schemaLocation=" - http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd - http://cxf.apache.org/configuration/security - http://cxf.apache.org/schemas/configuration/security.xsd - http://cxf.apache.org/transports/http/configuration - http://cxf.apache.org/schemas/configuration/http-conf.xsd - http://cxf.apache.org/transports/http-jetty/configuration - http://cxf.apache.org/schemas/configuration/http-jetty.xsd - http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd"> - <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> - - <http:destination - name="{http://apache.org/hello_world}Bethal.http-destination"> - </http:destination> - - <httpj:engine-factory bus="cxf"> - <httpj:engine port="${testutil.ports.BusServer.4}"> - <httpj:tlsServerParameters> - <sec:keyManagers keyPassword="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v"> - <sec:keyStore type="JKS" password="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v" - resource="keys/Bethal.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="JKS" password="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v" - resource="keys/Truststore.jks"/> - </sec:trustManagers> - <sec:clientAuthentication want="true" required="true"/> - </httpj:tlsServerParameters> - </httpj:engine> - </httpj:engine-factory> - - <cxf:bus> - <cxf:inInterceptors> - <bean class="org.apache.cxf.systest.https.PushBack401"/> - </cxf:inInterceptors> - </cxf:bus> - -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientBeans.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientBeans.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientBeans.xml deleted file mode 100644 index a012a45..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientBeans.xml +++ /dev/null @@ -1,24 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> -<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xs d"> - <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> - <import resource="classpath:org/apache/cxf/systest/https/BethalClientConfig.cxf"/> - <jaxws:client xmlns:s="http://apache.org/hello_world" id="Bethal" serviceClass="org.apache.hello_world.Greeter" serviceName="s:SOAPService" endpointName="s:Bethal" address="https://localhost:${testutil.ports.BusServer.4}/Bethal"/> -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientConfig.cxf ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientConfig.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientConfig.cxf deleted file mode 100644 index 47e7dfe..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/BethalClientConfig.cxf +++ /dev/null @@ -1,57 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:sec="http://cxf.apache.org/configuration/security" - xmlns:http="http://cxf.apache.org/transports/http/configuration" - xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" - xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" - xsi:schemaLocation=" - http://cxf.apache.org/configuration/security - http://cxf.apache.org/schemas/configuration/security.xsd - http://cxf.apache.org/transports/http/configuration - http://cxf.apache.org/schemas/configuration/http-conf.xsd - http://cxf.apache.org/transports/http-jetty/configuration - http://cxf.apache.org/schemas/configuration/http-jetty.xsd - http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd"> - <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> - - <http:conduit name="{http://apache.org/hello_world}Bethal.http-conduit"> - - <http:tlsClientParameters disableCNCheck="true"> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="JKS" password="password" - resource="keys/Morpit.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="JKS" password="password" - resource="keys/Truststore.jks"/> - </sec:trustManagers> - </http:tlsClientParameters> - <http:authorization> - <sec:UserName>Betty</sec:UserName> - <sec:Password>password</sec:Password> - </http:authorization> - <http:client AutoRedirect="true" Connection="Keep-Alive"/> - - </http:conduit> - -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/Gordy.cxf ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Gordy.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Gordy.cxf deleted file mode 100644 index 61a59dd..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Gordy.cxf +++ /dev/null @@ -1,65 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> - -<!-- - ** This file configures the Gordy Server. - ** It is an https server that redirects to Bethal. - --> - - -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:sec="http://cxf.apache.org/configuration/security" - xmlns:http="http://cxf.apache.org/transports/http/configuration" - xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" - xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" - xsi:schemaLocation=" - http://cxf.apache.org/configuration/security - http://cxf.apache.org/schemas/configuration/security.xsd - http://cxf.apache.org/transports/http/configuration - http://cxf.apache.org/schemas/configuration/http-conf.xsd - http://cxf.apache.org/transports/http-jetty/configuration - http://cxf.apache.org/schemas/configuration/http-jetty.xsd - http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd"> - <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> - - <http:destination - name="{http://apache.org/hello_world}Gordy.http-destination"> - <http:server RedirectURL="https://localhost:${testutil.ports.BusServer.4}/Bethal"/> - </http:destination> - - <httpj:engine-factory bus="cxf"> - <httpj:engine port="${testutil.ports.BusServer.3}"> - <httpj:tlsServerParameters> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="JKS" password="password" - resource="keys/Gordy.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="JKS" password="password" - resource="keys/Truststore.jks"/> - </sec:trustManagers> - <sec:clientAuthentication want="true" required="true"/> - </httpj:tlsServerParameters> - </httpj:engine> - </httpj:engine-factory> - -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/Morpit.cxf ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Morpit.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Morpit.cxf deleted file mode 100644 index e6db5ff..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Morpit.cxf +++ /dev/null @@ -1,63 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> - -<!-- - ** This file configures the Morpit Server. It is just an - ** Https server with a name that will kick in the HostnameVerifier. - --> - - -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:sec="http://cxf.apache.org/configuration/security" - xmlns:http="http://cxf.apache.org/transports/http/configuration" - xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" - xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" - xsi:schemaLocation=" - http://cxf.apache.org/configuration/security - http://cxf.apache.org/schemas/configuration/security.xsd - http://cxf.apache.org/transports/http/configuration - http://cxf.apache.org/schemas/configuration/http-conf.xsd - http://cxf.apache.org/transports/http-jetty/configuration - http://cxf.apache.org/schemas/configuration/http-jetty.xsd - http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd"> - <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> - - <http:destination name="{http://apache.org/hello_world}GreeterImplPort.http-destination"> - </http:destination> - - <httpj:engine-factory bus="cxf"> - <httpj:engine port="${testutil.ports.BusServer.5}"> - <httpj:tlsServerParameters> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="JKS" password="password" - resource="keys/Morpit.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="JKS" password="password" - resource="keys/Truststore.jks"/> - </sec:trustManagers> - <sec:clientAuthentication want="true" required="true"/> - </httpj:tlsServerParameters> - </httpj:engine> - </httpj:engine-factory> - -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/Mortimer.cxf ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Mortimer.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Mortimer.cxf deleted file mode 100644 index 4a26c85..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Mortimer.cxf +++ /dev/null @@ -1,47 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> - -<!-- - ** This file configures the Mortimer Server. - ** It is an http server. - --> - - -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:sec="http://cxf.apache.org/configuration/security" - xmlns:http="http://cxf.apache.org/transports/http/configuration" - xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" - xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" - xsi:schemaLocation=" - http://cxf.apache.org/configuration/security - http://cxf.apache.org/schemas/configuration/security.xsd - http://cxf.apache.org/transports/http/configuration - http://cxf.apache.org/schemas/configuration/http-conf.xsd - http://cxf.apache.org/transports/http-jetty/configuration - http://cxf.apache.org/schemas/configuration/http-jetty.xsd - http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd"> - - <http:destination name="{http://apache.org/hello_world}Mortimer.http-destination"> - <!-- Nothing to Configure here for Mortimer --> - </http:destination> - -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/Poltim.cxf ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Poltim.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Poltim.cxf deleted file mode 100644 index 090418d..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Poltim.cxf +++ /dev/null @@ -1,65 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> - -<!-- - ** This file configures the Poltim Server. - ** It is an https server that redirects to Mortimer. - --> - - -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:sec="http://cxf.apache.org/configuration/security" - xmlns:http="http://cxf.apache.org/transports/http/configuration" - xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" - xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" - xsi:schemaLocation=" - http://cxf.apache.org/configuration/security - http://cxf.apache.org/schemas/configuration/security.xsd - http://cxf.apache.org/transports/http/configuration - http://cxf.apache.org/schemas/configuration/http-conf.xsd - http://cxf.apache.org/transports/http-jetty/configuration - http://cxf.apache.org/schemas/configuration/http-jetty.xsd - http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd"> - - <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> - - <http:destination name="{http://apache.org/hello_world}Poltim.http-destination"> - <http:server RedirectURL="http://localhost:${testutil.ports.BusServer.0}/Mortimer"/> - </http:destination> - - <httpj:engine-factory bus="cxf"> - <httpj:engine port="${testutil.ports.BusServer.2}"> - <httpj:tlsServerParameters> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="JKS" password="password" - resource="keys/Poltim.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="JKS" password="password" - resource="keys/Truststore.jks"/> - </sec:trustManagers> - <sec:clientAuthentication want="true" required="true"/> - </httpj:tlsServerParameters> - </httpj:engine> - </httpj:engine-factory> - -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/Tarpin.cxf ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Tarpin.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/Tarpin.cxf deleted file mode 100644 index 00d5c20..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/Tarpin.cxf +++ /dev/null @@ -1,65 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> - -<!-- - ** This file configures the Tarpin Server. - ** It is an https server that redirects to Gordy. - --> - - -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xmlns:sec="http://cxf.apache.org/configuration/security" - xmlns:http="http://cxf.apache.org/transports/http/configuration" - xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" - xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" - xsi:schemaLocation=" - http://cxf.apache.org/configuration/security - http://cxf.apache.org/schemas/configuration/security.xsd - http://cxf.apache.org/transports/http/configuration - http://cxf.apache.org/schemas/configuration/http-conf.xsd - http://cxf.apache.org/transports/http-jetty/configuration - http://cxf.apache.org/schemas/configuration/http-jetty.xsd - http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd"> - - <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> - - <http:destination name="{http://apache.org/hello_world}Tarpin.http-destination"> - <http:server RedirectURL="https://localhost:${testutil.ports.BusServer.3}/Gordy"/> - </http:destination> - - <httpj:engine-factory bus="cxf"> - <httpj:engine port="${testutil.ports.BusServer.1}"> - <httpj:tlsServerParameters> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="JKS" password="password" - file="src/test/resources/keys/Tarpin.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="JKS" password="password" - file="src/test/resources/keys/Truststore.jks"/> - </sec:trustManagers> - <sec:clientAuthentication want="true" required="true"/> - </httpj:tlsServerParameters> - </httpj:engine> - </httpj:engine-factory> - -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-chain.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-chain.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-chain.xml deleted file mode 100644 index 68b0b46..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-chain.xml +++ /dev/null @@ -1,37 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> -<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli cy.xsd"> - - <cxf:bus> - <cxf:features> - <cxf:logging/> - </cxf:features> - </cxf:bus> - <http:conduit name="https://localhost:.*"> - <http:tlsClientParameters disableCNCheck="true"> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="jks" password="password" resource="keys/alice.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="jks" password="password" resource="keys/cxfca.jks"/> - </sec:trustManagers> - </http:tlsClientParameters> - </http:conduit> -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-invalid.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-invalid.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-invalid.xml deleted file mode 100644 index 132c550..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-invalid.xml +++ /dev/null @@ -1,36 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> -<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli cy.xsd"> - <cxf:bus> - <cxf:features> - <cxf:logging/> - </cxf:features> - </cxf:bus> - <http:conduit name="https://localhost:.*"> - <http:tlsClientParameters disableCNCheck="true"> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="jks" password="password" resource="keys/alice.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="jks" password="password" resource="keys/Truststore.jks"/> - </sec:trustManagers> - </http:tlsClientParameters> - </http:conduit> -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-invalid2.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-invalid2.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-invalid2.xml deleted file mode 100644 index 5937fa2..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-invalid2.xml +++ /dev/null @@ -1,36 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> -<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli cy.xsd"> - <cxf:bus> - <cxf:features> - <cxf:logging/> - </cxf:features> - </cxf:bus> - <http:conduit name="https://localhost:.*"> - <http:tlsClientParameters disableCNCheck="true"> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="jks" password="password" resource="keys/Morpit.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="jks" password="password" resource="keys/cxfca.jks"/> - </sec:trustManagers> - </http:tlsClientParameters> - </http:conduit> -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-server.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-server.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-server.xml deleted file mode 100644 index 9b632da..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth-server.xml +++ /dev/null @@ -1,72 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> -<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apa che.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd "> - <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> - <cxf:bus> - <cxf:features> - <cxf:logging/> - </cxf:features> - </cxf:bus> - - <httpj:engine-factory id="direct-trust-tls-settings"> - <httpj:engine port="${testutil.ports.ClientAuthServer}"> - <httpj:tlsServerParameters> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="jks" password="password" resource="keys/Bethal.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="jks" password="password" resource="keys/Truststore.jks"/> - </sec:trustManagers> - <sec:clientAuthentication want="true" required="true"/> - </httpj:tlsServerParameters> - </httpj:engine> - </httpj:engine-factory> - - <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" - xmlns:s="http://apache.org/hello_world/services" - id="DirectTrustServer" - implementor="org.apache.cxf.systest.http.GreeterImpl" - address="https://localhost:${testutil.ports.ClientAuthServer}/SoapContext/HttpsPort" - serviceName="s:SOAPService" - endpointName="e:HttpsPort" depends-on="direct-trust-tls-settings"/> - - <httpj:engine-factory id="chain-trust-tls-settings"> - <httpj:engine port="${testutil.ports.ClientAuthServer.2}"> - <httpj:tlsServerParameters> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="jks" password="password" resource="keys/bob.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="jks" password="password" resource="keys/cxfca.jks"/> - </sec:trustManagers> - <sec:clientAuthentication want="true" required="true"/> - </httpj:tlsServerParameters> - </httpj:engine> - </httpj:engine-factory> - - <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" - xmlns:s="http://apache.org/hello_world/services" - id="ChainTrustServer" - implementor="org.apache.cxf.systest.http.GreeterImpl" - address="https://localhost:${testutil.ports.ClientAuthServer.2}/SoapContext/HttpsPort" - serviceName="s:SOAPService" - endpointName="e:HttpsPort" depends-on="chain-trust-tls-settings"/> - -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth.xml deleted file mode 100644 index 8020e3e..0000000 --- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/client-auth.xml +++ /dev/null @@ -1,37 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> -<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli cy.xsd"> - - <cxf:bus> - <cxf:features> - <cxf:logging/> - </cxf:features> - </cxf:bus> - <http:conduit name="https://localhost:.*"> - <http:tlsClientParameters disableCNCheck="true"> - <sec:keyManagers keyPassword="password"> - <sec:keyStore type="jks" password="password" resource="keys/Morpit.jks"/> - </sec:keyManagers> - <sec:trustManagers> - <sec:keyStore type="jks" password="password" resource="keys/Truststore.jks"/> - </sec:trustManagers> - </http:tlsClientParameters> - </http:conduit> -</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-chain.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-chain.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-chain.xml new file mode 100644 index 0000000..68b0b46 --- /dev/null +++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-chain.xml @@ -0,0 +1,37 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli cy.xsd"> + + <cxf:bus> + <cxf:features> + <cxf:logging/> + </cxf:features> + </cxf:bus> + <http:conduit name="https://localhost:.*"> + <http:tlsClientParameters disableCNCheck="true"> + <sec:keyManagers keyPassword="password"> + <sec:keyStore type="jks" password="password" resource="keys/alice.jks"/> + </sec:keyManagers> + <sec:trustManagers> + <sec:keyStore type="jks" password="password" resource="keys/cxfca.jks"/> + </sec:trustManagers> + </http:tlsClientParameters> + </http:conduit> +</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-invalid.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-invalid.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-invalid.xml new file mode 100644 index 0000000..132c550 --- /dev/null +++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-invalid.xml @@ -0,0 +1,36 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli cy.xsd"> + <cxf:bus> + <cxf:features> + <cxf:logging/> + </cxf:features> + </cxf:bus> + <http:conduit name="https://localhost:.*"> + <http:tlsClientParameters disableCNCheck="true"> + <sec:keyManagers keyPassword="password"> + <sec:keyStore type="jks" password="password" resource="keys/alice.jks"/> + </sec:keyManagers> + <sec:trustManagers> + <sec:keyStore type="jks" password="password" resource="keys/Truststore.jks"/> + </sec:trustManagers> + </http:tlsClientParameters> + </http:conduit> +</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-invalid2.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-invalid2.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-invalid2.xml new file mode 100644 index 0000000..5937fa2 --- /dev/null +++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-invalid2.xml @@ -0,0 +1,36 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli cy.xsd"> + <cxf:bus> + <cxf:features> + <cxf:logging/> + </cxf:features> + </cxf:bus> + <http:conduit name="https://localhost:.*"> + <http:tlsClientParameters disableCNCheck="true"> + <sec:keyManagers keyPassword="password"> + <sec:keyStore type="jks" password="password" resource="keys/Morpit.jks"/> + </sec:keyManagers> + <sec:trustManagers> + <sec:keyStore type="jks" password="password" resource="keys/cxfca.jks"/> + </sec:trustManagers> + </http:tlsClientParameters> + </http:conduit> +</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-server.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-server.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-server.xml new file mode 100644 index 0000000..9b632da --- /dev/null +++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth-server.xml @@ -0,0 +1,72 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apa che.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd "> + <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> + <cxf:bus> + <cxf:features> + <cxf:logging/> + </cxf:features> + </cxf:bus> + + <httpj:engine-factory id="direct-trust-tls-settings"> + <httpj:engine port="${testutil.ports.ClientAuthServer}"> + <httpj:tlsServerParameters> + <sec:keyManagers keyPassword="password"> + <sec:keyStore type="jks" password="password" resource="keys/Bethal.jks"/> + </sec:keyManagers> + <sec:trustManagers> + <sec:keyStore type="jks" password="password" resource="keys/Truststore.jks"/> + </sec:trustManagers> + <sec:clientAuthentication want="true" required="true"/> + </httpj:tlsServerParameters> + </httpj:engine> + </httpj:engine-factory> + + <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" + xmlns:s="http://apache.org/hello_world/services" + id="DirectTrustServer" + implementor="org.apache.cxf.systest.http.GreeterImpl" + address="https://localhost:${testutil.ports.ClientAuthServer}/SoapContext/HttpsPort" + serviceName="s:SOAPService" + endpointName="e:HttpsPort" depends-on="direct-trust-tls-settings"/> + + <httpj:engine-factory id="chain-trust-tls-settings"> + <httpj:engine port="${testutil.ports.ClientAuthServer.2}"> + <httpj:tlsServerParameters> + <sec:keyManagers keyPassword="password"> + <sec:keyStore type="jks" password="password" resource="keys/bob.jks"/> + </sec:keyManagers> + <sec:trustManagers> + <sec:keyStore type="jks" password="password" resource="keys/cxfca.jks"/> + </sec:trustManagers> + <sec:clientAuthentication want="true" required="true"/> + </httpj:tlsServerParameters> + </httpj:engine> + </httpj:engine-factory> + + <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" + xmlns:s="http://apache.org/hello_world/services" + id="ChainTrustServer" + implementor="org.apache.cxf.systest.http.GreeterImpl" + address="https://localhost:${testutil.ports.ClientAuthServer.2}/SoapContext/HttpsPort" + serviceName="s:SOAPService" + endpointName="e:HttpsPort" depends-on="chain-trust-tls-settings"/> + +</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth.xml new file mode 100644 index 0000000..8020e3e --- /dev/null +++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/clientauth/client-auth.xml @@ -0,0 +1,37 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:cxf="http://cxf.apache.org/core" xmlns:p="http://cxf.apache.org/policy" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli cy.xsd"> + + <cxf:bus> + <cxf:features> + <cxf:logging/> + </cxf:features> + </cxf:bus> + <http:conduit name="https://localhost:.*"> + <http:tlsClientParameters disableCNCheck="true"> + <sec:keyManagers keyPassword="password"> + <sec:keyStore type="jks" password="password" resource="keys/Morpit.jks"/> + </sec:keyManagers> + <sec:trustManagers> + <sec:keyStore type="jks" password="password" resource="keys/Truststore.jks"/> + </sec:trustManagers> + </http:tlsClientParameters> + </http:conduit> +</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/Bethal.cxf ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/Bethal.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/Bethal.cxf new file mode 100644 index 0000000..c1a0d65 --- /dev/null +++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/Bethal.cxf @@ -0,0 +1,72 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<!-- + ** This file configures the Bethal Server. + ** It is an https server that conditionally responds + ** with 401s. + --> + +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:cxf="http://cxf.apache.org/core" + xmlns:sec="http://cxf.apache.org/configuration/security" + xmlns:http="http://cxf.apache.org/transports/http/configuration" + xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" + xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" + xsi:schemaLocation=" + http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd + http://cxf.apache.org/configuration/security + http://cxf.apache.org/schemas/configuration/security.xsd + http://cxf.apache.org/transports/http/configuration + http://cxf.apache.org/schemas/configuration/http-conf.xsd + http://cxf.apache.org/transports/http-jetty/configuration + http://cxf.apache.org/schemas/configuration/http-jetty.xsd + http://www.springframework.org/schema/beans + http://www.springframework.org/schema/beans/spring-beans.xsd"> + <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> + + <http:destination + name="{http://apache.org/hello_world}Bethal.http-destination"> + </http:destination> + + <httpj:engine-factory bus="cxf"> + <httpj:engine port="${testutil.ports.BusServer.4}"> + <httpj:tlsServerParameters> + <sec:keyManagers keyPassword="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v"> + <sec:keyStore type="JKS" password="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v" + resource="keys/Bethal.jks"/> + </sec:keyManagers> + <sec:trustManagers> + <sec:keyStore type="JKS" password="OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v" + resource="keys/Truststore.jks"/> + </sec:trustManagers> + <sec:clientAuthentication want="true" required="true"/> + </httpj:tlsServerParameters> + </httpj:engine> + </httpj:engine-factory> + + <cxf:bus> + <cxf:inInterceptors> + <bean class="org.apache.cxf.systest.https.conduit.PushBack401"/> + </cxf:inInterceptors> + </cxf:bus> + +</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/BethalClientBeans.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/BethalClientBeans.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/BethalClientBeans.xml new file mode 100644 index 0000000..7bfa859 --- /dev/null +++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/BethalClientBeans.xml @@ -0,0 +1,24 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xs d"> + <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> + <import resource="classpath:org/apache/cxf/systest/https/conduit/BethalClientConfig.cxf"/> + <jaxws:client xmlns:s="http://apache.org/hello_world" id="Bethal" serviceClass="org.apache.hello_world.Greeter" serviceName="s:SOAPService" endpointName="s:Bethal" address="https://localhost:${testutil.ports.BusServer.4}/Bethal"/> +</beans> http://git-wip-us.apache.org/repos/asf/cxf/blob/5e97d1e2/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/BethalClientConfig.cxf ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/BethalClientConfig.cxf b/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/BethalClientConfig.cxf new file mode 100644 index 0000000..47e7dfe --- /dev/null +++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/conduit/BethalClientConfig.cxf @@ -0,0 +1,57 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:sec="http://cxf.apache.org/configuration/security" + xmlns:http="http://cxf.apache.org/transports/http/configuration" + xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration" + xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" + xsi:schemaLocation=" + http://cxf.apache.org/configuration/security + http://cxf.apache.org/schemas/configuration/security.xsd + http://cxf.apache.org/transports/http/configuration + http://cxf.apache.org/schemas/configuration/http-conf.xsd + http://cxf.apache.org/transports/http-jetty/configuration + http://cxf.apache.org/schemas/configuration/http-jetty.xsd + http://www.springframework.org/schema/beans + http://www.springframework.org/schema/beans/spring-beans.xsd"> + <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/> + + <http:conduit name="{http://apache.org/hello_world}Bethal.http-conduit"> + + <http:tlsClientParameters disableCNCheck="true"> + <sec:keyManagers keyPassword="password"> + <sec:keyStore type="JKS" password="password" + resource="keys/Morpit.jks"/> + </sec:keyManagers> + <sec:trustManagers> + <sec:keyStore type="JKS" password="password" + resource="keys/Truststore.jks"/> + </sec:trustManagers> + </http:tlsClientParameters> + <http:authorization> + <sec:UserName>Betty</sec:UserName> + <sec:Password>password</sec:Password> + </http:authorization> + <http:client AutoRedirect="true" Connection="Keep-Alive"/> + + </http:conduit> + +</beans>