Author: shankar
Date: Tue Nov 24 05:02:01 2009
New Revision: 883583
URL: http://svn.apache.org/viewvc?rev=883583&view=rev
Log:
Security policy for TradeServiceWsas
Modified:
incubator/stonehenge/trunk/stocktrader/wsas/business_service/resources/META-INF/services.xml
Modified:
incubator/stonehenge/trunk/stocktrader/wsas/business_service/resources/META-INF/services.xml
URL:
http://svn.apache.org/viewvc/incubator/stonehenge/trunk/stocktrader/wsas/business_service/resources/META-INF/services.xml?rev=883583&r1=883582&r2=883583&view=diff
==============================================================================
---
incubator/stonehenge/trunk/stocktrader/wsas/business_service/resources/META-INF/services.xml
(original)
+++
incubator/stonehenge/trunk/stocktrader/wsas/business_service/resources/META-INF/services.xml
Tue Nov 24 05:02:01 2009
@@ -20,13 +20,14 @@
<!-- This file was auto-generated from WSDL -->
<!-- by the Apache Axis2 version: SNAPSHOT Built on : Jun 20, 2008 (01:53:16
IST) -->
<serviceGroup>
- <service name="TradeServiceWsas">
+ <service name="TradeServiceWsas"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex";
xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl";>
+ <module ref="rampart" />
<messageReceivers>
<messageReceiver mep="http://www.w3.org/ns/wsdl/in-only";
class="org.tempuri.TradeServiceWcfMessageReceiverInOnly"/>
<messageReceiver mep="http://www.w3.org/ns/wsdl/in-out";
class="org.tempuri.TradeServiceWcfMessageReceiverInOut"/>
</messageReceivers>
<parameter
name="ServiceClass">org.apache.stonehenge.stocktrader.services.TradeServiceImpl</parameter>
- <parameter name="useOriginalwsdl">true</parameter>
+ <!--parameter name="useOriginalwsdl">true</parameter>-->
<parameter name="modifyUserWSDLPortAddress">true</parameter>
<operation name="getProfileIdFromStsIdentifier"
mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>getProfileIdFromStsIdentifier</actionMapping>
@@ -35,73 +36,535 @@
<operation name="getHolding" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>getHolding</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/getHoldingResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_getHolding_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="register" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>register</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/registerResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_register_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="isOnline" mep="http://www.w3.org/ns/wsdl/in-only";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>isOnline</actionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_isOnline_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="logout" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>logout</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/logoutResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_logout_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="getAccountProfileData"
mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>getAccountProfileData</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/getAccountProfileDataResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_getAccountProfileData_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="getClosedOrders"
mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>getClosedOrders</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/getClosedOrdersResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_getClosedOrders_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="getHoldings" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>getHoldings</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/getHoldingsResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_getHoldings_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="buy" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>buy</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/buyResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_buy_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="login" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/login</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/loginResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_login_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="getTopOrders" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>getTopOrders</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/getTopOrdersResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_getTopOrders_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="emptyMethodAction"
mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>\"\"</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/emptyMethodActionResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_emptyMethodAction_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="getMarketSummary"
mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>getMarketSummary</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/getMarketSummaryResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_getMarketSummary_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="getAccountData"
mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>getAccountData</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/getAccountDataResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_getAccountData_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="sell" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>sell</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/sellResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_sell_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="getQuote" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/getQuote</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/getQuoteResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_getQuote_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="sellEnhanced" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>sellEnhanced</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/sellEnhancedResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_sellEnhanced_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="getOrders" mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>getOrders</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/getOrdersResponse</outputActionMapping>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_getOrders_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
</operation>
<operation name="updateAccountProfile"
mep="http://www.w3.org/ns/wsdl/in-out";
namespace="http://trade.samples.websphere.ibm.com";>
<actionMapping>updateAccountProfile</actionMapping>
<outputActionMapping>http://trade.samples.websphere.ibm.com/ITradeServices/updateAccountProfileResponse</outputActionMapping>
- </operation>
+ <!--<wsp:Policy
wsu:Id="CustomBinding_ITradeServices_updateAccountProfile_Input_policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>-->
+ </operation>
+ <wsp:Policy wsu:Id="CustomBinding_ITradeServices_policy" >
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:EndorsingSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:IssuedToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
+ <Issuer
xmlns="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <Address
xmlns="http://www.w3.org/2005/08/addressing";>
+ http://localhost:9001/tradeactivests
+ </Address>
+ <Metadata
xmlns="http://www.w3.org/2005/08/addressing";>
+ <Metadata
xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex";
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
+ <wsx:MetadataSection>
+ <wsx:MetadataReference>
+ <Address
xmlns="http://www.w3.org/2005/08/addressing";>
+
http://localhost:9001/tradeactivests/mex
+ </Address>
+ </wsx:MetadataReference>
+ </wsx:MetadataSection>
+ </Metadata>
+ </Metadata>
+ </Issuer>
+ <sp:RequestSecurityTokenTemplate>
+ <trust:TokenType
xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512";>
+
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1
+ </trust:TokenType>
+ <trust:KeyType
xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512";>
+
http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey
+ </trust:KeyType>
+ </sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:RequireInternalReference/>
+ </wsp:Policy>
+ </sp:IssuedToken>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ <sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ <sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:Wss11
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust13
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust13>
+ <rampart:RampartConfig
xmlns:rampart="http://ws.apache.org/rampart/policy";>
+
<rampart:user>pvktmp:b9f8baa4-12b4-4689-bf3a-76abcfcabe89</rampart:user>
+
<rampart:encryptionUser>pvktmp:b9f8baa4-12b4-4689-bf3a-76abcfcabe89</rampart:encryptionUser>
+
<rampart:timestampPrecisionInMilliseconds>true</rampart:timestampPrecisionInMilliseconds>
+
<rampart:timestampTTL>300</rampart:timestampTTL>
+
<rampart:timestampMaxSkew>300</rampart:timestampMaxSkew>
+ <rampart:signatureCrypto>
+ <rampart:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+
<rampart:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</rampart:property>
+
<rampart:property
name="org.apache.ws.security.crypto.merlin.file">BS.jks</rampart:property>
+
<rampart:property
name="org.apache.ws.security.crypto.merlin.keystore.password">yyy</rampart:property>
+ </rampart:crypto>
+ </rampart:signatureCrypto>
+ <rampart:encryptionCypto>
+ <rampart:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+
<rampart:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</rampart:property>
+
<rampart:property
name="org.apache.ws.security.crypto.merlin.file">BS.jks</rampart:property>
+
<rampart:property
name="org.apache.ws.security.crypto.merlin.keystore.password">yyy</rampart:property>
+ </rampart:crypto>
+ </rampart:encryptionCypto>
+
<rampart:passwordCallbackClass>org.apache.stonehenge.stocktrader.services.TradeOrderServiceClientPasswordCB</rampart:passwordCallbackClass>
+ </rampart:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
</service>
</serviceGroup>
