| <?xml version="1.0" encoding="ASCII"?> | |
| <!-- | |
| * Licensed to the Apache Software Foundation (ASF) under one | |
| * or more contributor license agreements. See the NOTICE file | |
| * distributed with this work for additional information | |
| * regarding copyright ownership. The ASF licenses this file | |
| * to you under the Apache License, Version 2.0 (the | |
| * "License"); you may not use this file except in compliance | |
| * with the License. You may obtain a copy of the License at | |
| * | |
| * http://www.apache.org/licenses/LICENSE-2.0 | |
| * | |
| * Unless required by applicable law or agreed to in writing, | |
| * software distributed under the License is distributed on an | |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
| * KIND, either express or implied. See the License for the | |
| * specific language governing permissions and limitations | |
| * under the License. | |
| --> | |
| <sca:definitions xmlns="http://www.osoa.org/xmlns/sca/1.0" | |
| targetNamespace="http://helloworld" | |
| xmlns:sca="http://www.osoa.org/xmlns/sca/1.0" | |
| xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0" | |
| xmlns:hw="http://helloworld"> | |
| <!-- WS Security POLICY SETS --> | |
| <sca:policySet name="wsClientAuthenticationPolicy" | |
| provides="authentication" | |
| appliesTo="sca:reference/sca:binding.ws"> | |
| <tuscany:wsConfigParam> | |
| <parameter name="OutflowSecurity"> | |
| <action> | |
| <items>UsernameToken</items> | |
| <user>TuscanyWsUser</user> | |
| <passwordCallbackClass>helloworld.ClientPWCBHandler</passwordCallbackClass>" + | |
| <passwordType>PasswordText</passwordType> | |
| </action> | |
| </parameter> | |
| </tuscany:wsConfigParam> | |
| </sca:policySet> | |
| <!-- A policyset that uses WS Policy --> | |
| <sca:policySet name="wsSecurityPolicyForIntegrity" | |
| provides="integrity" | |
| appliesTo="sca:reference/sca:binding.ws"> | |
| <wsp:Policy wsu:Id="SignOnly" | |
| xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" | |
| xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> | |
| <wsp:ExactlyOne> | |
| <wsp:All> | |
| <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
| <wsp:Policy> | |
| <sp:InitiatorToken> | |
| <wsp:Policy> | |
| <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> | |
| <wsp:Policy> | |
| <sp:WssX509V3Token10/> | |
| </wsp:Policy> | |
| </sp:X509Token> | |
| </wsp:Policy> | |
| </sp:InitiatorToken> | |
| <sp:RecipientToken> | |
| <wsp:Policy> | |
| <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> | |
| <wsp:Policy> | |
| <sp:WssX509V3Token10/> | |
| </wsp:Policy> | |
| </sp:X509Token> | |
| </wsp:Policy> | |
| </sp:RecipientToken> | |
| <sp:AlgorithmSuite> | |
| <wsp:Policy> | |
| <sp:TripleDesRsa15/> | |
| </wsp:Policy> | |
| </sp:AlgorithmSuite> | |
| <sp:Layout> | |
| <wsp:Policy> | |
| <sp:Strict/> | |
| </wsp:Policy> | |
| </sp:Layout> | |
| <sp:IncludeTimestamp/> | |
| <sp:OnlySignEntireHeadersAndBody/> | |
| </wsp:Policy> | |
| </sp:AsymmetricBinding> | |
| <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
| <wsp:Policy> | |
| <sp:MustSupportRefKeyIdentifier/> | |
| <sp:MustSupportRefIssuerSerial/> | |
| </wsp:Policy> | |
| </sp:Wss10> | |
| <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
| <sp:Body/> | |
| </sp:SignedParts> | |
| <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> | |
| <ramp:user>TuscanyWsUser</ramp:user> | |
| <ramp:encryptionUser>TuscanyWsUser</ramp:encryptionUser> | |
| <ramp:passwordCallbackClass>helloworld.ClientPWCBHandler</ramp:passwordCallbackClass> | |
| <ramp:signatureCrypto> | |
| <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> | |
| <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> | |
| <ramp:property name="org.apache.ws.security.crypto.merlin.file">helloworldKeys.jks</ramp:property> | |
| <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">TuscanyWsUserPasswd</ramp:property> | |
| </ramp:crypto> | |
| </ramp:signatureCrypto> | |
| </ramp:RampartConfig> | |
| </wsp:All> | |
| </wsp:ExactlyOne> | |
| </wsp:Policy> | |
| </sca:policySet> | |
| <!-- Policysets for unit tests that use the testHelloworldws.composite --> | |
| <!-- Since we use the helloworld-ws-service for the unit testing we need to | |
| declare these policy sets and with the 'provides' set to the intents that the | |
| composite in the helloworld-ws-service uses. --> | |
| <sca:policySet name="wsAuthenticationPolicy" | |
| provides="authentication" | |
| appliesTo="sca:service/sca:binding.ws" | |
| > | |
| <tuscany:wsConfigParam> | |
| <parameter name="InflowSecurity"> | |
| <action> | |
| <items>UsernameToken</items> | |
| <passwordCallbackClass>helloworld.ServerPWCBHandler</passwordCallbackClass> | |
| </action> | |
| </parameter> | |
| </tuscany:wsConfigParam> | |
| </sca:policySet> | |
| <sca:policySet name="wsServerSecurityPolicyForIntegrity" | |
| provides="integrity" | |
| appliesTo="sca:service/sca:binding.ws"> | |
| <wsp:Policy wsu:Id="SignOnly" | |
| xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" | |
| xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> | |
| <wsp:ExactlyOne> | |
| <wsp:All> | |
| <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
| <wsp:Policy> | |
| <sp:InitiatorToken> | |
| <wsp:Policy> | |
| <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> | |
| <wsp:Policy> | |
| <sp:WssX509V3Token10/> | |
| </wsp:Policy> | |
| </sp:X509Token> | |
| </wsp:Policy> | |
| </sp:InitiatorToken> | |
| <sp:RecipientToken> | |
| <wsp:Policy> | |
| <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> | |
| <wsp:Policy> | |
| <sp:WssX509V3Token10/> | |
| </wsp:Policy> | |
| </sp:X509Token> | |
| </wsp:Policy> | |
| </sp:RecipientToken> | |
| <sp:AlgorithmSuite> | |
| <wsp:Policy> | |
| <sp:TripleDesRsa15/> | |
| </wsp:Policy> | |
| </sp:AlgorithmSuite> | |
| <sp:Layout> | |
| <wsp:Policy> | |
| <sp:Strict/> | |
| </wsp:Policy> | |
| </sp:Layout> | |
| <sp:IncludeTimestamp/> | |
| <sp:OnlySignEntireHeadersAndBody/> | |
| </wsp:Policy> | |
| </sp:AsymmetricBinding> | |
| <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
| <wsp:Policy> | |
| <sp:MustSupportRefKeyIdentifier/> | |
| <sp:MustSupportRefIssuerSerial/> | |
| </wsp:Policy> | |
| </sp:Wss10> | |
| <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> | |
| <sp:Body/> | |
| </sp:SignedParts> | |
| <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> | |
| <ramp:user>TuscanyWsUser</ramp:user> | |
| <ramp:encryptionUser>TuscanyWsUser</ramp:encryptionUser> | |
| <ramp:passwordCallbackClass>helloworld.ServerPWCBHandler</ramp:passwordCallbackClass> | |
| <ramp:signatureCrypto> | |
| <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> | |
| <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> | |
| <ramp:property name="org.apache.ws.security.crypto.merlin.file">helloworldKeys.jks</ramp:property> | |
| <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">TuscanyWsUserPasswd</ramp:property> | |
| </ramp:crypto> | |
| </ramp:signatureCrypto> | |
| </ramp:RampartConfig> | |
| </wsp:All> | |
| </wsp:ExactlyOne> | |
| </wsp:Policy> | |
| </sca:policySet> | |
| </sca:definitions> |