| <?xml version="1.0" encoding="ASCII"?> |
| <!-- |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| --> |
| <definitions xmlns="http://docs.oasis-open.org/ns/opencsa/sca/200912" targetNamespace="http://test" |
| xmlns:test="http://test" xmlns:sca="http://docs.oasis-open.org/ns/opencsa/sca/200912"> |
| |
| <!-- Extension Types Metadata --> |
| <implementationType type="sca:implementation.java" alwaysProvides="test:logging" mayProvide="test:tracing" /> |
| <bindingType type="sca:binding.ws" alwaysProvides="test:confidentiality" mayProvide="test:integrity" /> |
| |
| <!-- Intents and Policysets to assume targetnamespace --> |
| <intent name="TestIntentOne" constrains="sca:binding"> |
| <description> |
| Test Intent |
| </description> |
| </intent> |
| |
| <intent name="TestIntentTwo" constrains="sca:binding" requires="test:TestIntentOne"> |
| <description> |
| Protect messages from unauthorized reading or modification |
| </description> |
| </intent> |
| |
| <policySet name="TestPolicySetOne" provides="test:TestIntentOne" appliesTo="sca:binding.ws" |
| attachTo = "//sca:component[@name='CalculatorServiceComponent']/sca:reference[@name='addService']" |
| xmlns="http://docs.oasis-open.org/ns/opencsa/sca/200912" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> |
| <wsp:PolicyAttachment> |
| <!-- policy expression and policy subject for |
| "basic authentication" --> |
| </wsp:PolicyAttachment> |
| <wsp:PolicyAttachment> |
| <!-- policy expression and policy subject for |
| "reliability" --> |
| </wsp:PolicyAttachment> |
| </policySet> |
| |
| <!-- POLICY SETS --> |
| <policySet name="SecureReliablePolicy" provides="test:confidentiality.transport test:integrity" appliesTo="sca:binding.ws" |
| xmlns="http://docs.oasis-open.org/ns/opencsa/sca/200912" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> |
| <wsp:PolicyAttachment> |
| <!-- policy expression and policy subject for |
| "basic authentication" --> |
| </wsp:PolicyAttachment> |
| <wsp:PolicyAttachment> |
| <!-- policy expression and policy subject for |
| "reliability" --> |
| </wsp:PolicyAttachment> |
| </policySet> |
| |
| <policySet name="SecureMessagingPolicies" provides="test:confidentiality" appliesTo="binding.ws" |
| xmlns="http://docs.oasis-open.org/ns/opencsa/sca/200912" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> |
| <intentMap provides="test:confidentiality"> |
| <qualifier name="transport"> |
| <wsp:PolicyAttachment> |
| <!-- policy expression and policy subject for "transport" alternative --> |
| </wsp:PolicyAttachment> |
| <wsp:PolicyAttachment>...</wsp:PolicyAttachment> |
| </qualifier> |
| <qualifier name="message"> |
| <wsp:PolicyAttachment> |
| <!-- policy expression and policy subject for "message" alternative" --> |
| </wsp:PolicyAttachment> |
| </qualifier> |
| </intentMap> |
| </policySet> |
| |
| <policySet name="SecurityPolicy" provides="test:confidentiality" appliesTo="binding.ws" |
| xmlns="http://docs.oasis-open.org/ns/opencsa/sca/200912" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> |
| <intentMap provides="test:confidentiality"> |
| <qualifier name="message"> |
| <wsp:PolicyAttachment> |
| <!-- policy attachment for body encryption --> |
| </wsp:PolicyAttachment> |
| </qualifier> |
| <qualifier name="transport"> |
| <wsp:PolicyAttachment> |
| <!-- policy attachment for transport encryption --> |
| </wsp:PolicyAttachment> |
| </qualifier> |
| </intentMap> |
| </policySet> |
| |
| <policySet name="BasicAuthMsgProtSecurity" provides="test:authentication test:confidentiality" appliesTo="binding.ws" |
| xmlns="http://docs.oasis-open.org/ns/opencsa/sca/200912"> |
| <policySetReference name="test:AuthenticationPolicies" /> |
| <policySetReference name="test:ConfidentialityPolicies" /> |
| </policySet> |
| |
| <policySet name="AuthenticationPolicies" provides="test:authentication" appliesTo="binding.ws" |
| xmlns="http://docs.oasis-open.org/ns/opencsa/sca/200912" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> |
| <wsp:PolicyAttachment> |
| <!-- policy expression and policy subject for "basic |
| authentication" --> |
| </wsp:PolicyAttachment> |
| </policySet> |
| |
| <policySet name="ConfidentialityPolicies" provides="test:confidentiality" appliesTo="binding.ws" |
| xmlns="http://docs.oasis-open.org/ns/opencsa/sca/200912" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> |
| <intentMap provides="test:confidentiality"> |
| <qualifier name="transport"> |
| <wsp:PolicyAttachment> |
| <!-- policy expression and policy subject for "transport" |
| alternative --> |
| </wsp:PolicyAttachment> |
| <wsp:PolicyAttachment>...</wsp:PolicyAttachment> |
| </qualifier> |
| <qualifier name="message"> |
| <wsp:PolicyAttachment> |
| <!-- policy expression and policy subject for "message" |
| alternative" --> |
| ... |
| </wsp:PolicyAttachment> |
| </qualifier> |
| </intentMap> |
| </policySet> |
| |
| <policySet name="SecureWSPolicy" provides="test:confidentiality" appliesTo="sca:binding.ws" |
| xmlns="http://docs.oasis-open.org/ns/opencsa/sca/200912" xmlns:sp="http://schemas.xmlsoap.org/ws/2002/12/secext" |
| xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> |
| <wsp:Policy> |
| <wsp:ExactlyOne> |
| <wsp:All> |
| <sp:SecurityToken> |
| <sp:TokenType>sp:X509v3</sp:TokenType> |
| </sp:SecurityToken> |
| <sp:UsernameToken /> |
| <sp:SignedParts /> |
| <sp:EncryptedParts> |
| <sp:Body /> |
| </sp:EncryptedParts> |
| <sp:TransportBinding> |
| <sp:IncludeTimeStamp /> |
| </sp:TransportBinding> |
| </wsp:All> |
| </wsp:ExactlyOne> |
| </wsp:Policy> |
| </policySet> |
| |
| <!-- profile intent --> |
| <intent name="reliableMessageProtection" constrains="sca:binding" requires="test:messageProtection"> |
| <description> |
| Protect messages from unauthorized reading or modification |
| </description> |
| </intent> |
| |
| <intent name="messageProtection" constrains="sca:binding" requires="test:confidentiality test:integrity"> |
| <description> |
| Protect messages from unauthorized reading or modification |
| </description> |
| </intent> |
| |
| <!-- simple intent --> |
| <intent name="confidentiality" constrains="sca:binding"> |
| <description> |
| Communitcation thro this binding must prevent |
| unauthorized users from reading the messages. |
| </description> |
| <qualifier name="transport" /> |
| <qualifier name="message" default="true" /> |
| </intent> |
| |
| <intent name="integrity" constrains="sca:binding"> |
| <description> |
| Communitcation thro this binding must prevent |
| unauthorized modification of the messages. |
| </description> |
| </intent> |
| |
| <intent name="authentication" constrains="sca:binding"> |
| <description> |
| Communitcation thro this binding required |
| Authentication. |
| </description> |
| </intent> |
| |
| <intent name="logging" constrains="sca:implementation"> |
| <description> |
| All messages to and from this implementation must be logged |
| </description> |
| </intent> |
| |
| <intent name="tracing" constrains="sca:implementation.java"> |
| <description> |
| Need to figure out some description for this |
| </description> |
| </intent> |
| |
| <externalAttachment policySets="test:TestPolicySetOne" attachTo="IntentRefs('test:testIntentOne')"/> |
| |
| </definitions> |