Author: svkrish
Date: Sun Oct 21 02:55:07 2007
New Revision: 586880
URL: http://svn.apache.org/viewvc?rev=586880&view=rev
Log:
included a service that exercises integrity intent specified by a ws-policy
Added:
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/helloworldKeys.jks
(with props)
Modified:
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/definitions.xml
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/helloworldws.composite
Modified:
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/definitions.xml
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/definitions.xml?rev=586880&r1=586879&r2=586880&view=diff
==============================================================================
---
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/definitions.xml
(original)
+++
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/definitions.xml
Sun Oct 21 02:55:07 2007
@@ -102,51 +102,76 @@
</tuscany:wsConfigParam>
</sca:policySet>
- <sca:policySet name="wsIntegrityPolicy"
+ <!-- A policyset that uses WS Policy -->
+ <sca:policySet name="wsSecurityPolicyForIntegrity"
provides="integrity"
appliesTo="sca:binding.ws">
- <tuscany:wsConfigParam>
- <parameter name="InflowSecurity">
- <action>
- <items>Timestamp Signature</items>
-
<signaturePropFile>org/apache/tuscany/sca/binding/ws/axis2/itests/policy/security.properties</signaturePropFile>
- </action>
- </parameter>
- <parameter name="OutflowSecurity">
- <action>
- <items>Timestamp Signature</items>
- <user>TuscanyWsUser</user>
-
<signaturePropFile>security.properties</signaturePropFile>
-
<passwordCallbackClass>org.apache.tuscany.sca.binding.ws.axis2.itests.policy.IntegrityPWCBHandler</passwordCallbackClass>"
+
-
<signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
- </action>
- </parameter>
- </tuscany:wsConfigParam>
- </sca:policySet>
-
- <sca:policySet name="wsConfidentialityPolicy"
- provides="confidentiality"
- appliesTo="sca:binding.ws">
- <tuscany:wsConfigParam>
- <parameter name="InflowSecurity">
- <action>
- <items>Timestamp Signature Encrypt</items>
-
<passwordCallbackClass>org.apache.tuscany.sca.binding.ws.axis2.itests.policy.IntegrityPWCBHandler</passwordCallbackClass>
-
<signaturePropFile>org/apache/tuscany/sca/binding/ws/axis2/itests/policy/security.properties</signaturePropFile>
- </action>
- </parameter>
- <parameter name="OutflowSecurity">
- <action>
- <items>Timestamp Signature Encrypt</items>
- <user>TuscanyWsUser</user>
- <encryptionUser>TuscanyWsUser</encryptionUser>
-
<passwordCallbackClass>org.apache.tuscany.sca.binding.ws.axis2.itests.policy.IntegrityPWCBHandler</passwordCallbackClass>
-
<signaturePropFile>org/apache/tuscany/sca/binding/ws/axis2/itests/policy/security.properties</signaturePropFile>
-
<signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
-
<encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
- </action>
- </parameter>
- </tuscany:wsConfigParam>
+ <wsp:Policy wsu:Id="SignOnly"
+
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+
<wsp:Policy>
+
<sp:WssX509V3Token10/>
+
</wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+
<sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+
<sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:Policy>
+
<sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <sp:Body/>
+ </sp:SignedParts>
+
+ <ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
+ <ramp:user>TuscanyWsUser</ramp:user>
+
<ramp:encryptionUser>TuscanyWsUser</ramp:encryptionUser>
+
<ramp:passwordCallbackClass>helloworld.ServerPWCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.file">helloworldKeys.jks</ramp:property>
+ <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">TuscanyWsUserPasswd</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ </ramp:RampartConfig>
+
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
</sca:policySet>
</sca:definitions>
Added:
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/helloworldKeys.jks
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/helloworldKeys.jks?rev=586880&view=auto
==============================================================================
Binary file - no diff available.
Propchange:
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/helloworldKeys.jks
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Modified:
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/helloworldws.composite
URL:
http://svn.apache.org/viewvc/incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/helloworldws.composite?rev=586880&r1=586879&r2=586880&view=diff
==============================================================================
---
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/helloworldws.composite
(original)
+++
incubator/tuscany/java/sca/samples/helloworld-ws-service-secure/src/main/resources/helloworldws.composite
Sun Oct 21 02:55:07 2007
@@ -22,12 +22,19 @@
xmlns:hw="http://helloworld";
name="helloworldws">
+ <service name="HelloWorldService" requires="authentication"
promote="HelloWorldServiceComponent/HelloWorldService">
+ <interface.wsdl
interface="http://helloworld#wsdl.interface(HelloWorld)" />
+ <binding.ws uri="http://localhost:8085/HelloWorldService"/>
+ </service>
+
+ <service name="HelloWorldWsPolicyService"
promote="HelloWorldServiceComponent/HelloWorldService"
+ policySets="wsSecurityPolicyForIntegrity">
+ <interface.wsdl
interface="http://helloworld#wsdl.interface(HelloWorld)" />
+ <binding.ws uri="http://localhost:8085/HelloWorldWsPolicyService"/>
+ </service>
+
<component name="HelloWorldServiceComponent">
<implementation.java class="helloworld.HelloWorldImpl" />
- <service name="HelloWorldService" requires="authentication">
- <interface.wsdl
interface="http://helloworld#wsdl.interface(HelloWorld)" />
- <binding.ws uri="http://localhost:8085/HelloWorldService"/>
- </service>
</component>
</composite>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
