<?xml version="1.0" encoding="ASCII"?> | |
<!-- | |
* Licensed to the Apache Software Foundation (ASF) under one | |
* or more contributor license agreements. See the NOTICE file | |
* distributed with this work for additional information | |
* regarding copyright ownership. The ASF licenses this file | |
* to you under the Apache License, Version 2.0 (the | |
* "License"); you may not use this file except in compliance | |
* with the License. You may obtain a copy of the License at | |
* | |
* http://www.apache.org/licenses/LICENSE-2.0 | |
* | |
* Unless required by applicable law or agreed to in writing, | |
* software distributed under the License is distributed on an | |
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
* KIND, either express or implied. See the License for the | |
* specific language governing permissions and limitations | |
* under the License. | |
--> | |
<sca:definitions xmlns="http://www.osoa.org/xmlns/sca/1.0" | |
targetNamespace="http://helloworld" | |
xmlns:sca="http://www.osoa.org/xmlns/sca/1.0" | |
xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0" | |
xmlns:hw="http://helloworld"> | |
<!-- WS Security POLICY SETS --> | |
<sca:policySet name="wsClientAuthenticationPolicy" | |
provides="authentication" | |
appliesTo="sca:reference/sca:binding.ws"> | |
<tuscany:wsConfigParam> | |
<parameter name="OutflowSecurity"> | |
<action> | |
<items>UsernameToken</items> | |
<user>TuscanyWsUser</user> | |
<passwordCallbackClass>helloworld.ClientPWCBHandler</passwordCallbackClass>" + | |
<passwordType>PasswordText</passwordType> | |
</action> | |
</parameter> | |
</tuscany:wsConfigParam> | |
</sca:policySet> | |
<!-- A policyset that uses WS Policy --> | |
<sca:policySet name="wsSecurityPolicyForIntegrity" | |
provides="integrity" | |
appliesTo="sca:reference/sca:binding.ws"> | |
<wsp:Policy wsu:Id="SignOnly" | |
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" | |
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> | |
<wsp:ExactlyOne> | |
<wsp:All> | |
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
<wsp:Policy> | |
<sp:InitiatorToken> | |
<wsp:Policy> | |
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> | |
<wsp:Policy> | |
<sp:WssX509V3Token10/> | |
</wsp:Policy> | |
</sp:X509Token> | |
</wsp:Policy> | |
</sp:InitiatorToken> | |
<sp:RecipientToken> | |
<wsp:Policy> | |
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> | |
<wsp:Policy> | |
<sp:WssX509V3Token10/> | |
</wsp:Policy> | |
</sp:X509Token> | |
</wsp:Policy> | |
</sp:RecipientToken> | |
<sp:AlgorithmSuite> | |
<wsp:Policy> | |
<sp:TripleDesRsa15/> | |
</wsp:Policy> | |
</sp:AlgorithmSuite> | |
<sp:Layout> | |
<wsp:Policy> | |
<sp:Strict/> | |
</wsp:Policy> | |
</sp:Layout> | |
<sp:IncludeTimestamp/> | |
<sp:OnlySignEntireHeadersAndBody/> | |
</wsp:Policy> | |
</sp:AsymmetricBinding> | |
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
<wsp:Policy> | |
<sp:MustSupportRefKeyIdentifier/> | |
<sp:MustSupportRefIssuerSerial/> | |
</wsp:Policy> | |
</sp:Wss10> | |
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
<sp:Body/> | |
</sp:SignedParts> | |
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> | |
<ramp:user>TuscanyWsUser</ramp:user> | |
<ramp:encryptionUser>TuscanyWsUser</ramp:encryptionUser> | |
<ramp:passwordCallbackClass>helloworld.ClientPWCBHandler</ramp:passwordCallbackClass> | |
<ramp:signatureCrypto> | |
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.file">helloworldKeys.jks</ramp:property> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">TuscanyWsUserPasswd</ramp:property> | |
</ramp:crypto> | |
</ramp:signatureCrypto> | |
</ramp:RampartConfig> | |
</wsp:All> | |
</wsp:ExactlyOne> | |
</wsp:Policy> | |
</sca:policySet> | |
<!-- Policysets for unit tests that use the testHelloworldws.composite --> | |
<!-- Since we use the helloworld-ws-service for the unit testing we need to | |
declare these policy sets and with the 'provides' set to the intents that the | |
composite in the helloworld-ws-service uses. --> | |
<sca:policySet name="wsAuthenticationPolicy" | |
provides="authentication" | |
appliesTo="sca:service/sca:binding.ws" | |
> | |
<tuscany:wsConfigParam> | |
<parameter name="InflowSecurity"> | |
<action> | |
<items>UsernameToken</items> | |
<passwordCallbackClass>helloworld.ServerPWCBHandler</passwordCallbackClass> | |
</action> | |
</parameter> | |
</tuscany:wsConfigParam> | |
</sca:policySet> | |
<sca:policySet name="wsServerSecurityPolicyForIntegrity" | |
provides="integrity" | |
appliesTo="sca:service/sca:binding.ws"> | |
<wsp:Policy wsu:Id="SignOnly" | |
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" | |
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> | |
<wsp:ExactlyOne> | |
<wsp:All> | |
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
<wsp:Policy> | |
<sp:InitiatorToken> | |
<wsp:Policy> | |
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> | |
<wsp:Policy> | |
<sp:WssX509V3Token10/> | |
</wsp:Policy> | |
</sp:X509Token> | |
</wsp:Policy> | |
</sp:InitiatorToken> | |
<sp:RecipientToken> | |
<wsp:Policy> | |
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> | |
<wsp:Policy> | |
<sp:WssX509V3Token10/> | |
</wsp:Policy> | |
</sp:X509Token> | |
</wsp:Policy> | |
</sp:RecipientToken> | |
<sp:AlgorithmSuite> | |
<wsp:Policy> | |
<sp:TripleDesRsa15/> | |
</wsp:Policy> | |
</sp:AlgorithmSuite> | |
<sp:Layout> | |
<wsp:Policy> | |
<sp:Strict/> | |
</wsp:Policy> | |
</sp:Layout> | |
<sp:IncludeTimestamp/> | |
<sp:OnlySignEntireHeadersAndBody/> | |
</wsp:Policy> | |
</sp:AsymmetricBinding> | |
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
<wsp:Policy> | |
<sp:MustSupportRefKeyIdentifier/> | |
<sp:MustSupportRefIssuerSerial/> | |
</wsp:Policy> | |
</sp:Wss10> | |
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
<sp:Body/> | |
</sp:SignedParts> | |
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> | |
<ramp:user>TuscanyWsUser</ramp:user> | |
<ramp:encryptionUser>TuscanyWsUser</ramp:encryptionUser> | |
<ramp:passwordCallbackClass>helloworld.ServerPWCBHandler</ramp:passwordCallbackClass> | |
<ramp:signatureCrypto> | |
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.file">helloworldKeys.jks</ramp:property> | |
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">TuscanyWsUserPasswd</ramp:property> | |
</ramp:crypto> | |
</ramp:signatureCrypto> | |
</ramp:RampartConfig> | |
</wsp:All> | |
</wsp:ExactlyOne> | |
</wsp:Policy> | |
</sca:policySet> | |
</sca:definitions> |