modules/rampart-samples/policy/sample05/services.xml - axis-axis2-java-rampart - Git at Google

 <?xml version="1.0" encoding="UTF-8"?>
 <!--
  !
  ! Copyright 2006 The Apache Software Foundation.
  !
  ! Licensed under the Apache License, Version 2.0 (the "License");
  ! you may not use this file except in compliance with the License.
  ! You may obtain a copy of the License at
  !
  !      http://www.apache.org/licenses/LICENSE-2.0
  !
  ! Unless required by applicable law or agreed to in writing, software
  ! distributed under the License is distributed on an "AS IS" BASIS,
  ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  ! See the License for the specific language governing permissions and
  ! limitations under the License.
  !-->
 <!-- services.xml of sample-1 : UsernameToken-->
 <service>
 	<!--operation name="echo">
 		<messageReceiver class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
 	</operation>
 	<parameter name="ServiceClass" locked="false">org.apache.rampart.samples.policy.sample01.SimpleService</parameter-->

 	<module ref="rampart" />
 	<module ref="addressing" />
 	<module ref="rahas" />
 	<parameter name="saml-issuer-config">
 		<saml-issuer-config>
 			<issuerName>SAMPLE_STS</issuerName>
 			<issuerKeyAlias>service</issuerKeyAlias>
 			<issuerKeyPassword>apache</issuerKeyPassword>
             		<cryptoProperties>
                			<crypto provider="org.apache.ws.security.components.crypto.Merlin">
                     		<property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
                     		<property name="org.apache.ws.security.crypto.merlin.file">service.jks</property>
                     		<property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</property>
                 		</crypto>
             		</cryptoProperties>
             		<timeToLive>300000</timeToLive>
 			<keySize>256</keySize>
 			<addRequestedAttachedRef />
 			<addRequestedUnattachedRef />

             <!--
                Key computation mechanism
                1 - Use Request Entropy
                2 - Provide Entropy
                3 - Use Own Key
             -->
             	<keyComputation>2</keyComputation>

             <!--
                proofKeyType element is valid only if the keyComputation is set to 3
                i.e. Use Own Key

                Valid values are: EncryptedKey & BinarySecret
             -->
             		<proofKeyType>BinarySecret</proofKeyType>
             		<trusted-services>
 				<service alias="client">http://localhost:8080/axis2/services/SimpleService</service>
 			</trusted-services>
 		</saml-issuer-config>
     		</parameter>

 	<wsp:Policy wsu:Id="SigOnly" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
 		<wsp:ExactlyOne>
 		  <wsp:All>
 				<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 					<wsp:Policy>
 						<sp:InitiatorToken>
 							<wsp:Policy>
 								<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
 									<wsp:Policy>
 										<sp:WssX509V3Token10/>
 									</wsp:Policy>
 								</sp:X509Token>
 							</wsp:Policy>
 						</sp:InitiatorToken>
 						<sp:RecipientToken>
 							<wsp:Policy>
 								<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
 									<wsp:Policy>
 										<sp:WssX509V3Token10/>
 									</wsp:Policy>
 								</sp:X509Token>
 							</wsp:Policy>
 						</sp:RecipientToken>
 						<sp:AlgorithmSuite>
 							<wsp:Policy>
 								<sp:TripleDesRsa15/>
 							</wsp:Policy>
 						</sp:AlgorithmSuite>
 						<sp:Layout>
 							<wsp:Policy>
 								<sp:Strict/>
 							</wsp:Policy>
 						</sp:Layout>
 						<sp:IncludeTimestamp/>
 						<sp:OnlySignEntireHeadersAndBody/>
 					</wsp:Policy>
 				</sp:AsymmetricBinding>
 				<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 					<wsp:Policy>
 						<sp:MustSupportRefKeyIdentifier/>
 						<sp:MustSupportRefIssuerSerial/>
 					</wsp:Policy>
 				</sp:Wss10>
 				<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 					<sp:Body/>
 				</sp:SignedParts>

 				<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
 					<ramp:user>service</ramp:user>
 					<ramp:encryptionUser>client</ramp:encryptionUser>
 					<ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample05.PWCBHandler</ramp:passwordCallbackClass>

 					<ramp:signatureCrypto>
 						<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
 							<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
 							<ramp:property name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property>
 							<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
 						</ramp:crypto>
 					</ramp:signatureCrypto>


 		</ramp:RampartConfig>

 		  </wsp:All>
 		</wsp:ExactlyOne>
 	</wsp:Policy>


 </service>
	<?xml version="1.0" encoding="UTF-8"?>
	<!--
	!
	! Copyright 2006 The Apache Software Foundation.
	!
	! Licensed under the Apache License, Version 2.0 (the "License");
	! you may not use this file except in compliance with the License.
	! You may obtain a copy of the License at
	!
	! http://www.apache.org/licenses/LICENSE-2.0
	!
	! Unless required by applicable law or agreed to in writing, software
	! distributed under the License is distributed on an "AS IS" BASIS,
	! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	! See the License for the specific language governing permissions and
	! limitations under the License.
	!-->
	<!-- services.xml of sample-1 : UsernameToken-->
	<service>
	<!--operation name="echo">
	<messageReceiver class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
	</operation>
	<parameter name="ServiceClass" locked="false">org.apache.rampart.samples.policy.sample01.SimpleService</parameter-->

	<module ref="rampart" />
	<module ref="addressing" />
	<module ref="rahas" />
	<parameter name="saml-issuer-config">
	<saml-issuer-config>
	<issuerName>SAMPLE_STS</issuerName>
	<issuerKeyAlias>service</issuerKeyAlias>
	<issuerKeyPassword>apache</issuerKeyPassword>
	<cryptoProperties>
	<crypto provider="org.apache.ws.security.components.crypto.Merlin">
	<property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
	<property name="org.apache.ws.security.crypto.merlin.file">service.jks</property>
	<property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</property>
	</crypto>
	</cryptoProperties>
	<timeToLive>300000</timeToLive>
	<keySize>256</keySize>
	<addRequestedAttachedRef />
	<addRequestedUnattachedRef />

	<!--
	Key computation mechanism
	1 - Use Request Entropy
	2 - Provide Entropy
	3 - Use Own Key
	-->
	<keyComputation>2</keyComputation>

	<!--
	proofKeyType element is valid only if the keyComputation is set to 3
	i.e. Use Own Key

	Valid values are: EncryptedKey & BinarySecret
	-->
	<proofKeyType>BinarySecret</proofKeyType>
	<trusted-services>
	<service alias="client">http://localhost:8080/axis2/services/SimpleService</service>
	</trusted-services>
	</saml-issuer-config>
	</parameter>

	<wsp:Policy wsu:Id="SigOnly" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
	<wsp:ExactlyOne>
	<wsp:All>
	<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
	<wsp:Policy>
	<sp:InitiatorToken>
	<wsp:Policy>
	<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
	<wsp:Policy>
	<sp:WssX509V3Token10/>
	</wsp:Policy>
	</sp:X509Token>
	</wsp:Policy>
	</sp:InitiatorToken>
	<sp:RecipientToken>
	<wsp:Policy>
	<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
	<wsp:Policy>
	<sp:WssX509V3Token10/>
	</wsp:Policy>
	</sp:X509Token>
	</wsp:Policy>
	</sp:RecipientToken>
	<sp:AlgorithmSuite>
	<wsp:Policy>
	<sp:TripleDesRsa15/>
	</wsp:Policy>
	</sp:AlgorithmSuite>
	<sp:Layout>
	<wsp:Policy>
	<sp:Strict/>
	</wsp:Policy>
	</sp:Layout>
	<sp:IncludeTimestamp/>
	<sp:OnlySignEntireHeadersAndBody/>
	</wsp:Policy>
	</sp:AsymmetricBinding>
	<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
	<wsp:Policy>
	<sp:MustSupportRefKeyIdentifier/>
	<sp:MustSupportRefIssuerSerial/>
	</wsp:Policy>
	</sp:Wss10>
	<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
	<sp:Body/>
	</sp:SignedParts>

	<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
	<ramp:user>service</ramp:user>
	<ramp:encryptionUser>client</ramp:encryptionUser>
	<ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample05.PWCBHandler</ramp:passwordCallbackClass>

	<ramp:signatureCrypto>
	<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
	<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
	<ramp:property name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property>
	<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
	</ramp:crypto>
	</ramp:signatureCrypto>


	</ramp:RampartConfig>

	</wsp:All>
	</wsp:ExactlyOne>
	</wsp:Policy>


	</service>