modules/rampart-integration/src/test/resources/rahas/s3-services.xml

<service name="SecureService">

	<module ref="rampart"/>
	<module ref="rahas"/>

	<parameter locked="false" name="ServiceClass">org.apache.rahas.Service</parameter>

	<operation name="echo">
		<messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
		<actionMapping>urn:echo</actionMapping>
	</operation>

    <parameter name="saml-issuer-config">
		<saml-issuer-config>
			<issuerName>Test_STS</issuerName>
			<issuerKeyAlias>ip</issuerKeyAlias>
			<issuerKeyPassword>password</issuerKeyPassword>
            <cryptoProperties>
               <crypto provider="org.apache.ws.security.components.crypto.Merlin">
                    <property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
                    <property name="org.apache.ws.security.crypto.merlin.file">rahas-sts.jks</property>
                    <property name="org.apache.ws.security.crypto.merlin.keystore.password">password</property>
                </crypto>
            </cryptoProperties>
            <timeToLive>300000</timeToLive>
			<keySize>256</keySize>
			<addRequestedAttachedRef />
			<addRequestedUnattachedRef />

            <!--
               Key computation mechanism
               1 - Use Request Entropy
               2 - Provide Entropy
               3 - Use Own Key
            -->
            <keyComputation>2</keyComputation>

            <!--
               proofKeyType element is valid only if the keyComputation is set to 3
               i.e. Use Own Key

               Valid values are: EncryptedKey & BinarySecret
            -->
            <proofKeyType>BinarySecret</proofKeyType>
            <trusted-services>
				<service alias="bob">http://localhost:5555/axis2/services/SecureService</service>
				<service alias="bob1">http://localhost:5555/axis2/services/SecureService1</service>
				<service alias="bob2">http://localhost:5555/axis2/services/SecureService2</service>
				<service alias="bob3">http://localhost:5555/axis2/services/SecureService3</service>
			</trusted-services>
		</saml-issuer-config>
    </parameter>

	<wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
	<wsp:ExactlyOne>
	  <wsp:All>
		<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
		  <wsp:Policy>
			<sp:TransportToken>
			  <wsp:Policy>
				<!--  <sp:HttpsToken RequireClientCertificate="false"/>  -->
			  </wsp:Policy>
			</sp:TransportToken>
			<sp:AlgorithmSuite>
			  <wsp:Policy>
				<sp:Basic128/>
			  </wsp:Policy>
			</sp:AlgorithmSuite>
			<sp:Layout>
			  <wsp:Policy>
				<sp:Lax/>
			  </wsp:Policy>
			</sp:Layout>
			<sp:IncludeTimestamp/>
		  </wsp:Policy>
		</sp:TransportBinding>
		<sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
			<wsp:Policy>
				<sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient" />
		  </wsp:Policy>
		</sp:SignedSupportingTokens>
		
		<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
			<ramp:user>ip</ramp:user>
			<ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
		</ramp:RampartConfig>

	  </wsp:All>
	</wsp:ExactlyOne>
	</wsp:Policy>

</service>