Repository: cxf-fediz Updated Branches: refs/heads/master 3d732f516 -> 3610309d1
More STS config work Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/3610309d Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/3610309d Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/3610309d Branch: refs/heads/master Commit: 3610309d1fecbf9b06b8d09001285ab78e1d47bb Parents: 3d732f5 Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Thu Sep 15 16:10:49 2016 +0100 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Thu Sep 15 16:10:49 2016 +0100 ---------------------------------------------------------------------- .../sts/src/main/webapp/WEB-INF/kerberos.xml | 10 - .../WEB-INF/wsdl/ws-trust-1.4-service.wsdl | 465 +------------------ 2 files changed, 5 insertions(+), 470 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3610309d/services/sts/src/main/webapp/WEB-INF/kerberos.xml ---------------------------------------------------------------------- diff --git a/services/sts/src/main/webapp/WEB-INF/kerberos.xml b/services/sts/src/main/webapp/WEB-INF/kerberos.xml index 86765e0..aaab490 100644 --- a/services/sts/src/main/webapp/WEB-INF/kerberos.xml +++ b/services/sts/src/main/webapp/WEB-INF/kerberos.xml @@ -46,14 +46,4 @@ </jaxws:properties> </jaxws:endpoint> - <jaxws:endpoint id="transportSTSRealmBKerberos" - implementor="#transportSTSProviderBean" address="/REALMB/STSServiceTransportKerberos" - wsdlLocation="/WEB-INF/wsdl/ws-trust-1.4-service.wsdl" - xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200512/" - serviceName="ns1:SecurityTokenService" endpointName="ns1:TransportKerberos_Port"> - <jaxws:properties> - <entry key="ws-security.bst.validator" value-ref="kerberosValidator"/> - </jaxws:properties> - </jaxws:endpoint> - </beans> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3610309d/services/sts/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl ---------------------------------------------------------------------- diff --git a/services/sts/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl b/services/sts/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl index 9840239..ab3044f 100644 --- a/services/sts/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl +++ b/services/sts/src/main/webapp/WEB-INF/wsdl/ws-trust-1.4-service.wsdl @@ -11,228 +11,6 @@ <wsdl:import namespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/" location="ws-trust-1.4.wsdl"/> - <wsdl:binding name="UT_Binding" type="tns:STS"> - <wsp:PolicyReference URI="#UT_policy" /> - <soap:binding style="document" - transport="http://schemas.xmlsoap.org/soap/http" /> - <wsdl:operation name="Issue"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" /> - <wsdl:input> - <wsp:PolicyReference - URI="#Input_policy" /> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <wsp:PolicyReference - URI="#Output_policy" /> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="Validate"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate" /> - <wsdl:input> - <wsp:PolicyReference - URI="#Input_policy" /> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <wsp:PolicyReference - URI="#Output_policy" /> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="Cancel"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="Renew"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="KeyExchangeToken"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="RequestCollection"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - </wsdl:binding> - - <wsdl:binding name="UTEncrypted_Binding" type="tns:STS"> - <wsp:PolicyReference URI="#UTEncrypted_policy" /> - <soap:binding style="document" - transport="http://schemas.xmlsoap.org/soap/http" /> - <wsdl:operation name="Issue"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" /> - <wsdl:input> - <wsp:PolicyReference - URI="#Input_policy" /> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <wsp:PolicyReference - URI="#Output_policy" /> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="Validate"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate" /> - <wsdl:input> - <wsp:PolicyReference - URI="#Input_policy" /> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <wsp:PolicyReference - URI="#Output_policy" /> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="Cancel"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="Renew"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="KeyExchangeToken"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="RequestCollection"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - </wsdl:binding> - - <wsdl:binding name="X509_Binding" type="tns:STS"> - <wsp:PolicyReference URI="#X509_policy" /> - <soap:binding style="document" - transport="http://schemas.xmlsoap.org/soap/http" /> - <wsdl:operation name="Issue"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" /> - <wsdl:input> - <wsp:PolicyReference - URI="#Input_policy" /> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <wsp:PolicyReference - URI="#Output_policy" /> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="Validate"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate" /> - <wsdl:input> - <wsp:PolicyReference - URI="#Input_policy" /> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <wsp:PolicyReference - URI="#Output_policy" /> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="Cancel"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="Renew"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="KeyExchangeToken"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - <wsdl:operation name="RequestCollection"> - <soap:operation - soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection" /> - <wsdl:input> - <soap:body use="literal" /> - </wsdl:input> - <wsdl:output> - <soap:body use="literal" /> - </wsdl:output> - </wsdl:operation> - </wsdl:binding> - <wsdl:binding name="Transport_Binding" type="tns:STS"> <wsp:PolicyReference URI="#Transport_policy" /> <soap:binding style="document" @@ -306,6 +84,7 @@ </wsdl:output> </wsdl:operation> </wsdl:binding> + <wsdl:binding name="TransportUT_Binding" type="tns:STS"> <wsp:PolicyReference URI="#TransportUT_policy" /> <soap:binding style="document" @@ -379,6 +158,7 @@ </wsdl:output> </wsdl:operation> </wsdl:binding> + <wsdl:binding name="TransportKerberos_Binding" type="tns:STS"> <wsp:PolicyReference URI="#TransportKerberos_policy" /> <soap:binding style="document" @@ -452,6 +232,7 @@ </wsdl:output> </wsdl:operation> </wsdl:binding> + <wsdl:binding name="TransportSaml_Binding" type="tns:STS"> <wsp:PolicyReference URI="#TransportSaml_policy" /> <soap:binding style="document" @@ -525,19 +306,11 @@ </wsdl:output> </wsdl:operation> </wsdl:binding> + <wsdl:service name="SecurityTokenService"> - <wsdl:port name="UT_Port" binding="tns:UT_Binding"> - <soap:address location="http://localhost:8080/jaxws-sts/sts" /> - </wsdl:port> - <wsdl:port name="X509_Port" binding="tns:X509_Binding"> - <soap:address location="http://localhost:8080/jaxws-sts/sts" /> - </wsdl:port> <wsdl:port name="Transport_Port" binding="tns:Transport_Binding"> <soap:address location="http://localhost:8080/jaxws-sts/sts" /> </wsdl:port> - <wsdl:port name="UTEncrypted_Port" binding="tns:UTEncrypted_Binding"> - <soap:address location="http://localhost:8080/jaxws-sts/sts" /> - </wsdl:port> <wsdl:port name="TransportUT_Port" binding="tns:TransportUT_Binding"> <soap:address location="http://localhost:8080/jaxws-sts/sts" /> </wsdl:port> @@ -549,206 +322,9 @@ </wsdl:port> </wsdl:service> - <wsp:Policy wsu:Id="UT_policy"> - <wsp:ExactlyOne> - <wsp:All> - <wsap10:UsingAddressing/> - <sp:SymmetricBinding - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:ProtectionToken> - <wsp:Policy> - <sp:X509Token - sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never"> - <wsp:Policy> - <sp:RequireDerivedKeys /> - <sp:RequireThumbprintReference /> - <sp:WssX509V3Token10 /> - </wsp:Policy> - </sp:X509Token> - </wsp:Policy> - </sp:ProtectionToken> - <sp:AlgorithmSuite> - <wsp:Policy> - <sp:Basic256 /> - </wsp:Policy> - </sp:AlgorithmSuite> - <sp:Layout> - <wsp:Policy> - <sp:Lax /> - </wsp:Policy> - </sp:Layout> - <sp:IncludeTimestamp /> - <sp:EncryptSignature /> - <sp:OnlySignEntireHeadersAndBody /> - </wsp:Policy> - </sp:SymmetricBinding> - <sp:SignedSupportingTokens - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:UsernameToken - sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"> - <wsp:Policy> - <sp:WssUsernameToken10 /> - </wsp:Policy> - </sp:UsernameToken> - </wsp:Policy> - </sp:SignedSupportingTokens> - <sp:Wss11 - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:MustSupportRefKeyIdentifier /> - <sp:MustSupportRefIssuerSerial /> - <sp:MustSupportRefThumbprint /> - <sp:MustSupportRefEncryptedKey /> - </wsp:Policy> - </sp:Wss11> - <sp:Trust13 - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:MustSupportIssuedTokens /> - <sp:RequireClientEntropy /> - <sp:RequireServerEntropy /> - </wsp:Policy> - </sp:Trust13> - </wsp:All> - </wsp:ExactlyOne> - </wsp:Policy> - - <wsp:Policy wsu:Id="UTEncrypted_policy"> + <wsp:Policy wsu:Id="Transport_policy"> <wsp:ExactlyOne> <wsp:All> - <wsap10:UsingAddressing/> - <sp:SymmetricBinding - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:ProtectionToken> - <wsp:Policy> - <sp:X509Token - sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never"> - <wsp:Policy> - <sp:RequireDerivedKeys /> - <sp:RequireThumbprintReference /> - <sp:WssX509V3Token10 /> - </wsp:Policy> - </sp:X509Token> - </wsp:Policy> - </sp:ProtectionToken> - <sp:AlgorithmSuite> - <wsp:Policy> - <sp:Basic256 /> - </wsp:Policy> - </sp:AlgorithmSuite> - <sp:Layout> - <wsp:Policy> - <sp:Lax /> - </wsp:Policy> - </sp:Layout> - <sp:IncludeTimestamp /> - <sp:EncryptSignature /> - <sp:OnlySignEntireHeadersAndBody /> - </wsp:Policy> - </sp:SymmetricBinding> - <sp:SignedSupportingTokens - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:UsernameToken - sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"> - <wsp:Policy> - <sp:WssUsernameToken10 /> - </wsp:Policy> - </sp:UsernameToken> - </wsp:Policy> - </sp:SignedSupportingTokens> - <sp:Wss11 - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:MustSupportRefKeyIdentifier /> - <sp:MustSupportRefIssuerSerial /> - <sp:MustSupportRefThumbprint /> - <sp:MustSupportRefEncryptedKey /> - </wsp:Policy> - </sp:Wss11> - <sp:Trust13 - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:MustSupportIssuedTokens /> - <sp:RequireClientEntropy /> - <sp:RequireServerEntropy /> - </wsp:Policy> - </sp:Trust13> - </wsp:All> - </wsp:ExactlyOne> - </wsp:Policy> - - <wsp:Policy wsu:Id="X509_policy"> - <wsp:ExactlyOne> - <wsp:All> - <wsap10:UsingAddressing/> - <sp:AsymmetricBinding - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:InitiatorToken> - <wsp:Policy> - <sp:X509Token - sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"> - <wsp:Policy> - <sp:WssX509V3Token10 /> - </wsp:Policy> - </sp:X509Token> - </wsp:Policy> - </sp:InitiatorToken> - <sp:RecipientToken> - <wsp:Policy> - <sp:X509Token - sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never"> - <wsp:Policy> - <sp:WssX509V3Token10 /> - <sp:RequireIssuerSerialReference /> - </wsp:Policy> - </sp:X509Token> - </wsp:Policy> - </sp:RecipientToken> - <sp:AlgorithmSuite> - <wsp:Policy> - <sp:TripleDes /> - </wsp:Policy> - </sp:AlgorithmSuite> - <sp:Layout> - <wsp:Policy> - <sp:Lax /> - </wsp:Policy> - </sp:Layout> - <sp:IncludeTimestamp /> - <sp:EncryptSignature /> - <sp:OnlySignEntireHeadersAndBody /> - </wsp:Policy> - </sp:AsymmetricBinding> - <sp:Wss11 - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:MustSupportRefKeyIdentifier /> - <sp:MustSupportRefIssuerSerial /> - <sp:MustSupportRefThumbprint /> - <sp:MustSupportRefEncryptedKey /> - </wsp:Policy> - </sp:Wss11> - <sp:Trust13 - xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> - <wsp:Policy> - <sp:MustSupportIssuedTokens /> - <sp:RequireClientEntropy /> - <sp:RequireServerEntropy /> - </wsp:Policy> - </sp:Trust13> - </wsp:All> - </wsp:ExactlyOne> - </wsp:Policy> - - <wsp:Policy wsu:Id="Transport_policy"> - <wsp:ExactlyOne> - <wsp:All> - <!--<wsap10:UsingAddressing/>--> <sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <wsp:Policy> @@ -798,7 +374,6 @@ <wsp:Policy wsu:Id="TransportUT_policy"> <wsp:ExactlyOne> <wsp:All> - <!--<wsap10:UsingAddressing/>--> <sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <wsp:Policy> @@ -857,7 +432,6 @@ <wsp:Policy wsu:Id="TransportKerberos_policy"> <wsp:ExactlyOne> <wsp:All> - <!--<wsap10:UsingAddressing/>--> <sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <wsp:Policy> @@ -914,7 +488,6 @@ </wsp:ExactlyOne> </wsp:Policy> - <wsp:Policy wsu:Id="TransportSaml_policy"> <wsp:ExactlyOne> <wsp:All> @@ -970,20 +543,6 @@ <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <sp:Body /> - <sp:Header Name="To" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="From" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="FaultTo" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="ReplyTo" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="MessageID" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="RelatesTo" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="Action" - Namespace="http://www.w3.org/2005/08/addressing" /> </sp:SignedParts> <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> @@ -999,20 +558,6 @@ <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <sp:Body /> - <sp:Header Name="To" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="From" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="FaultTo" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="ReplyTo" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="MessageID" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="RelatesTo" - Namespace="http://www.w3.org/2005/08/addressing" /> - <sp:Header Name="Action" - Namespace="http://www.w3.org/2005/08/addressing" /> </sp:SignedParts> <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">