| <service name="SecureService"> |
| |
| <module ref="rampart"/> |
| <module ref="rahas"/> |
| |
| <parameter locked="false" name="ServiceClass">org.apache.axis2.security.sc.Service</parameter> |
| |
| <operation name="echo"> |
| <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/> |
| <actionMapping>urn:echo</actionMapping> |
| </operation> |
| |
| <parameter name="saml-issuer-config"> |
| <saml-issuer-config> |
| <issuerName>Test_STS</issuerName> |
| <issuerKeyAlias>ip</issuerKeyAlias> |
| <issuerKeyPassword>password</issuerKeyPassword> |
| <cryptoProperties> |
| <crypto provider="org.apache.ws.security.components.crypto.Merlin"> |
| <property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property> |
| <property name="org.apache.ws.security.crypto.merlin.file">rahas-sts.jks</property> |
| <property name="org.apache.ws.security.crypto.merlin.keystore.password">password</property> |
| </crypto> |
| </cryptoProperties> |
| <timeToLive>300000</timeToLive> |
| <keySize>256</keySize> |
| <addRequestedAttachedRef /> |
| <addRequestedUnattachedRef /> |
| |
| <!-- |
| Key computation mechanism |
| 1 - Use Request Entropy |
| 2 - Provide Entropy |
| 3 - Use Own Key |
| --> |
| <keyComputation>2</keyComputation> |
| |
| <!-- |
| proofKeyType element is valid only if the keyComputation is set to 3 |
| i.e. Use Own Key |
| |
| Valid values are: EncryptedKey & BinarySecret |
| --> |
| <proofKeyType>BinarySecret</proofKeyType> |
| <trusted-services> |
| <service alias="bob">http://localhost:5555/axis2/services/SecureService</service> |
| <service alias="bob1">http://localhost:5555/axis2/services/SecureService1</service> |
| <service alias="bob2">http://localhost:5555/axis2/services/SecureService2</service> |
| <service alias="bob3">http://localhost:5555/axis2/services/SecureService3</service> |
| </trusted-services> |
| </saml-issuer-config> |
| </parameter> |
| |
| <parameter name="InflowSecurity"> |
| <action> |
| <items>UsernameToken Timestamp</items> |
| <passwordCallbackClass xmlns="">org.apache.rahas.PWCallback</passwordCallbackClass> |
| </action> |
| </parameter> |
| |
| <parameter name="OutflowSecurity"> |
| <action> |
| <items>Timestamp</items> |
| <user>ip</user> |
| <passwordCallbackClass xmlns="">org.apache.rahas.PWCallback</passwordCallbackClass> |
| <enableSignatureConfirmation>false</enableSignatureConfirmation> |
| </action> |
| </parameter> |
| |
| </service> |