<wsp:Policy wsu:Id="4" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> | |
<wsp:ExactlyOne> | |
<wsp:All> | |
<sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
<wsp:Policy> | |
<sp:ProtectionToken> | |
<wsp:Policy> | |
<sp:IssuedToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> | |
<sp:RequestSecurityTokenTemplate> | |
<t:TokenType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType> | |
<t:KeyType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey</t:KeyType> | |
<t:KeySize xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">256</t:KeySize> | |
</sp:RequestSecurityTokenTemplate> | |
<wsp:Policy> | |
<sp:RequireDerivedKeys/> | |
<sp:RequireInternalReference/> | |
</wsp:Policy> | |
</sp:IssuedToken> | |
</wsp:Policy> | |
</sp:ProtectionToken> | |
<sp:AlgorithmSuite> | |
<wsp:Policy> | |
<sp:Basic256/> | |
</wsp:Policy> | |
</sp:AlgorithmSuite> | |
<sp:Layout> | |
<wsp:Policy> | |
<sp:Lax/> | |
</wsp:Policy> | |
</sp:Layout> | |
<sp:IncludeTimestamp/> | |
<sp:OnlySignEntireHeadersAndBody/> | |
</wsp:Policy> | |
</sp:SymmetricBinding> | |
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
<wsp:Policy> | |
<sp:MustSupportRefKeyIdentifier/> | |
<sp:MustSupportRefIssuerSerial/> | |
</wsp:Policy> | |
</sp:Wss10> | |
<sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
<wsp:Policy> | |
<sp:MustSupportIssuedTokens/> | |
<sp:RequireClientEntropy/> | |
<sp:RequireServerEntropy/> | |
</wsp:Policy> | |
</sp:Trust10> | |
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> | |
<ramp:user>alice</ramp:user> | |
<ramp:encryptionUser>bob</ramp:encryptionUser> | |
<ramp:passwordCallbackClass>org.apache.rahas.PWCallback</ramp:passwordCallbackClass> | |
<ramp:signatureCrypto> | |
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.file">test-resources/rahas/policy/store.jks</ramp:property> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property> | |
</ramp:crypto> | |
</ramp:signatureCrypto> | |
<ramp:encryptionCypto> | |
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.file">test-resources/rahas/policy/store.jks</ramp:property> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property> | |
</ramp:crypto> | |
</ramp:encryptionCypto> | |
</ramp:RampartConfig> | |
</wsp:All> | |
</wsp:ExactlyOne> | |
</wsp:Policy> |