ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1172285 [10/48] - in /webservices/wss4j/branches/swssf: ./ cxf-integration/ cxf-integration/src/ cxf-integration/src/main/ cxf-integration/src/main/java/ cxf-integration/src/main/java/org/ cxf-integration/src/main/java/org/swssf/ cxf-integ...
Date Sun, 18 Sep 2011 13:51:36 GMT
Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/WSS10Builder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/WSS10Builder.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/WSS10Builder.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/WSS10Builder.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.policy.secpolicybuilder;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.neethi.Assertion;
+import org.apache.neethi.AssertionBuilderFactory;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyEngine;
+import org.apache.neethi.builders.AssertionBuilder;
+import org.swssf.policy.secpolicy.*;
+import org.swssf.policy.secpolicy.model.Wss10;
+
+import javax.xml.namespace.QName;
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * class lent from apache rampart
+ */
+public class WSS10Builder implements AssertionBuilder {
+
+    private static final QName[] KNOWN_ELEMENTS = new QName[]{
+            SP11Constants.WSS10,
+            SP12Constants.WSS10,
+            SP13Constants.WSS10
+    };
+
+    public Assertion build(OMElement element, AssertionBuilderFactory factory)
+            throws IllegalArgumentException {
+
+        SPConstants spConstants = PolicyUtil.getSPVersion(element.getQName().getNamespaceURI());
+
+        Wss10 wss10 = new Wss10(spConstants);
+
+        Policy policy = PolicyEngine.getPolicy(element.getFirstElement());
+        policy = (Policy) policy.normalize(false);
+
+        for (Iterator iterator = policy.getAlternatives(); iterator.hasNext(); ) {
+            processAlternative((List) iterator.next(), wss10, spConstants);
+            /*
+             * since there should be only one alternative
+             */
+            break;
+        }
+
+        return wss10;
+    }
+
+    public QName[] getKnownElements() {
+        return KNOWN_ELEMENTS;
+    }
+
+    private void processAlternative(List assertions, Wss10 parent, SPConstants spConstants) {
+
+        Assertion assertion;
+        QName name;
+
+        for (Iterator iterator = assertions.iterator(); iterator.hasNext(); ) {
+            assertion = (Assertion) iterator.next();
+            name = assertion.getName();
+
+            if (spConstants.getMustSupportRefKeyIdentifier().equals(name)) {
+                parent.setMustSupportRefKeyIdentifier(true);
+
+            } else if (spConstants.getMustSupportRefIssuerSerial().equals(name)) {
+                parent.setMustSupportRefIssuerSerial(true);
+
+            } else if (spConstants.getMustSupportRefExternalUri().equals(name)) {
+                parent.setMustSupportRefExternalURI(true);
+
+            } else if (spConstants.getMustSupportRefEmbeddedToken().equals(name)) {
+                parent.setMustSupportRefEmbeddedToken(true);
+            }
+        }
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/WSS10Builder.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/WSS11Builder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/WSS11Builder.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/WSS11Builder.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/WSS11Builder.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,102 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.policy.secpolicybuilder;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.neethi.Assertion;
+import org.apache.neethi.AssertionBuilderFactory;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyEngine;
+import org.apache.neethi.builders.AssertionBuilder;
+import org.swssf.policy.secpolicy.*;
+import org.swssf.policy.secpolicy.model.Wss11;
+
+import javax.xml.namespace.QName;
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * class lent from apache rampart
+ */
+public class WSS11Builder implements AssertionBuilder {
+
+    private static final QName[] KNOWN_ELEMENTS = new QName[]{
+            SP11Constants.WSS11,
+            SP12Constants.WSS11,
+            SP13Constants.WSS11
+    };
+
+    public Assertion build(OMElement element, AssertionBuilderFactory factory)
+            throws IllegalArgumentException {
+
+        SPConstants spConstants = PolicyUtil.getSPVersion(element.getQName().getNamespaceURI());
+
+        Wss11 wss11 = new Wss11(spConstants);
+
+        Policy policy = PolicyEngine.getPolicy(element.getFirstElement());
+        policy = (Policy) policy.normalize(false);
+
+        for (Iterator iterator = policy.getAlternatives(); iterator.hasNext(); ) {
+            processAlternative((List) iterator.next(), wss11, spConstants);
+            /*
+             * since there should be only one alternative
+             */
+            break;
+        }
+
+        return wss11;
+    }
+
+    public QName[] getKnownElements() {
+        return KNOWN_ELEMENTS;
+    }
+
+    private void processAlternative(List assertions, Wss11 parent, SPConstants spConstants) {
+
+        Assertion assertion;
+        QName name;
+
+        for (Iterator iterator = assertions.iterator(); iterator.hasNext(); ) {
+            assertion = (Assertion) iterator.next();
+            name = assertion.getName();
+
+            if (spConstants.getMustSupportRefKeyIdentifier().equals(name)) {
+                parent.setMustSupportRefKeyIdentifier(true);
+
+            } else if (spConstants.getMustSupportRefIssuerSerial().equals(name)) {
+                parent.setMustSupportRefIssuerSerial(true);
+
+            } else if (spConstants.getMustSupportRefExternalUri().equals(name)) {
+                parent.setMustSupportRefExternalURI(true);
+
+            } else if (spConstants.getMustSupportRefEmbeddedToken().equals(name)) {
+                parent.setMustSupportRefEmbeddedToken(true);
+
+            } else if (spConstants.getMustSupportRefThumbprint().equals(name)) {
+                parent.setMustSupportRefThumbprint(true);
+
+            } else if (spConstants.getMustSupportRefEncryptedKey().equals(name)) {
+                parent.setMustSupportRefEncryptedKey(true);
+
+            } else if (spConstants.getRequireSignatureConfirmation().equals(name)) {
+                parent.setRequireSignatureConfirmation(true);
+            }
+        }
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/WSS11Builder.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/X509TokenBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/X509TokenBuilder.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/X509TokenBuilder.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/X509TokenBuilder.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,146 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.policy.secpolicybuilder;
+
+import org.apache.axiom.om.OMAttribute;
+import org.apache.axiom.om.OMElement;
+import org.apache.neethi.Assertion;
+import org.apache.neethi.AssertionBuilderFactory;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyEngine;
+import org.apache.neethi.builders.AssertionBuilder;
+import org.swssf.policy.secpolicy.*;
+import org.swssf.policy.secpolicy.model.X509Token;
+
+import javax.xml.namespace.QName;
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * class lent from apache rampart
+ */
+public class X509TokenBuilder implements AssertionBuilder {
+
+    private static final QName[] KNOWN_ELEMENTS = new QName[]{
+            SP11Constants.X509_TOKEN,
+            SP12Constants.X509_TOKEN,
+            SP13Constants.X509_TOKEN
+    };
+
+    public Assertion build(OMElement element, AssertionBuilderFactory factory)
+            throws IllegalArgumentException {
+
+        SPConstants spConstants = PolicyUtil.getSPVersion(element.getQName().getNamespaceURI());
+
+        X509Token x509Token = new X509Token(spConstants);
+
+        OMElement issuer = element.getFirstChildWithName(spConstants.getIssuer());
+        if (issuer != null) {
+            x509Token.setIssuer(issuer.getText());
+        }
+
+        OMElement issuerName = element.getFirstChildWithName(spConstants.getIssuerName());
+        if (issuerName != null) {
+            x509Token.setIssuerName(issuerName.getText());
+        }
+
+        //Process token inclusion
+        OMAttribute includeAttr = element.getAttribute(spConstants.getIncludeToken());
+        if (includeAttr != null) {
+            SPConstants.IncludeTokenType inclusion = spConstants.getInclusionFromAttributeValue(includeAttr.getAttributeValue());
+            x509Token.setInclusion(inclusion);
+        }
+
+        Policy policy = PolicyEngine.getPolicy(element.getFirstChildWithName(SPConstants.POLICY));
+        policy = (Policy) policy.normalize(false);
+
+        for (Iterator iterator = policy.getAlternatives(); iterator
+                .hasNext(); ) {
+            processAlternative((List) iterator.next(), x509Token, spConstants);
+
+            /*
+            * since there should be only one alternative
+            */
+            break;
+        }
+
+        return x509Token;
+    }
+
+    private void processAlternative(List assertions, X509Token parent, SPConstants spConstants) {
+        Assertion assertion;
+        QName name;
+
+        for (Iterator iterator = assertions.iterator(); iterator.hasNext(); ) {
+            assertion = (Assertion) iterator.next();
+            name = assertion.getName();
+
+            if (spConstants.getRequiredDerivedKeys().equals(name)) {
+                parent.setDerivedKeys(true);
+
+            } else if (spConstants.getRequireImpliedDerivedKeys().equals(name)) {
+                parent.setImpliedDerivedKeys(true);
+
+            } else if (spConstants.getRequireExplicitDerivedKeys().equals(name)) {
+                parent.setExplicitDerivedKeys(true);
+
+            } else if (spConstants.getRequireKeyIdentifireReference().equals(name)) {
+                parent.setRequireKeyIdentifierReference(true);
+
+            } else if (spConstants.getRequireIssuerSerialReference().equals(name)) {
+                parent.setRequireIssuerSerialReference(true);
+
+            } else if (spConstants.getRequireEmbeddedTokenReference().equals(name)) {
+                parent.setRequireEmbeddedTokenReference(true);
+
+            } else if (spConstants.getRequireThumbprintReference().equals(name)) {
+                parent.setRequireThumbprintReference(true);
+
+            } else if (spConstants.getWssX509V1Token10().equals(name)) {
+                parent.setTokenVersionAndType(SPConstants.WSS_X509_V1_TOKEN10);
+
+            } else if (spConstants.getWssX509V1Token11().equals(name)) {
+                parent.setTokenVersionAndType(SPConstants.WSS_X509_V1_TOKEN11);
+
+            } else if (spConstants.getWssX509V3Token10().equals(name)) {
+                parent.setTokenVersionAndType(SPConstants.WSS_X509_V3_TOKEN10);
+
+            } else if (spConstants.getWssX509V3Token11().equals(name)) {
+                parent.setTokenVersionAndType(SPConstants.WSS_X509_V3_TOKEN11);
+
+            } else if (spConstants.getWssX509Pkcs7Token10().equals(name)) {
+                parent.setTokenVersionAndType(SPConstants.WSS_X509_PKCS7_TOKEN10);
+
+            } else if (spConstants.getWssX509Pkcs7Token11().equals(name)) {
+                parent.setTokenVersionAndType(SPConstants.WSS_X509_PKCS7_TOKEN11);
+
+            } else if (spConstants.getWssX509PkiPathV1Token10().equals(name)) {
+                parent.setTokenVersionAndType(SPConstants.WSS_X509_PKI_PATH_V1_TOKEN10);
+
+            } else if (spConstants.getWssX509PkiPathV1Token11().equals(name)) {
+                parent.setTokenVersionAndType(SPConstants.WSS_X509_PKI_PATH_V1_TOKEN11);
+
+            }
+        }
+    }
+
+    public QName[] getKnownElements() {
+        return KNOWN_ELEMENTS;
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/secpolicybuilder/X509TokenBuilder.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/test/policy/PolicyTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/test/policy/PolicyTest.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/test/policy/PolicyTest.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/test/policy/PolicyTest.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,460 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.test.policy;
+
+import org.swssf.ext.Constants;
+import org.swssf.ext.SecurePart;
+import org.swssf.ext.SecurityProperties;
+import org.swssf.impl.securityToken.HttpsSecurityToken;
+import org.swssf.policy.PolicyEnforcer;
+import org.swssf.policy.PolicyEnforcerFactory;
+import org.swssf.policy.PolicyInputProcessor;
+import org.swssf.policy.PolicyViolationException;
+import org.swssf.securityEvent.HttpsTokenSecurityEvent;
+import org.swssf.securityEvent.SecurityEvent;
+import org.swssf.test.AbstractTestBase;
+import org.swssf.test.CallbackHandlerImpl;
+import org.testng.Assert;
+import org.testng.annotations.Test;
+import org.w3c.dom.Document;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+import java.io.*;
+
+/**
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class PolicyTest extends AbstractTestBase {
+
+    @Test
+    public void testAsymmetricBindingIncludeTimestampPolicy() throws Exception {
+
+        SecurityProperties outSecurityProperties = new SecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Created.getLocalPart(), Constants.TAG_wsu_Created.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Expires.getLocalPart(), Constants.TAG_wsu_Expires.getNamespaceURI(), SecurePart.Modifier.Content));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Content));
+        Constants.Action[] actions = new Constants.Action[]{Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+        SecurityProperties inSecurityProperties = new SecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+        PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(this.getClass().getClassLoader().getResource("testdata/wsdl/testAsymmetricBindingIncludeTimestampPolicy.wsdl"));
+        PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer(null);
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+
+        //read the whole stream:
+        Transformer transformer = TransformerFactory.newInstance().newTransformer();
+        transformer.transform(new DOMSource(document), new StreamResult(
+                new OutputStream() {
+                    @Override
+                    public void write(int b) throws IOException {
+                        // > /dev/null
+                    }
+                }
+        ));
+    }
+
+    @Test
+    public void testAsymmetricBindingIncludeTimestampPolicyNegativeTest() throws Exception {
+
+        SecurityProperties outSecurityProperties = new SecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Created.getLocalPart(), Constants.TAG_wsu_Created.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Expires.getLocalPart(), Constants.TAG_wsu_Expires.getNamespaceURI(), SecurePart.Modifier.Content));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Content));
+        Constants.Action[] actions = new Constants.Action[]{Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+        SecurityProperties inSecurityProperties = new SecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+        PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(this.getClass().getClassLoader().getResource("testdata/wsdl/testAsymmetricBindingIncludeTimestampPolicyNegativeTest.wsdl"));
+        PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer(null);
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+        try {
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+
+            //read the whole stream:
+            Transformer transformer = TransformerFactory.newInstance().newTransformer();
+            transformer.transform(new DOMSource(document), new StreamResult(
+                    new OutputStream() {
+                        @Override
+                        public void write(int b) throws IOException {
+                            // > /dev/null
+                        }
+                    }
+            ));
+        } catch (XMLStreamException e) {
+            Assert.assertTrue(e.getCause() instanceof PolicyViolationException);
+            Assert.assertEquals(e.getCause().getMessage(), "No policy alternative could be satisfied");
+        }
+    }
+
+    @Test
+    public void testAsymmetricBindingIncludeTimestampAndSignedUsernameSupportingTokenPolicy() throws Exception {
+
+        SecurityProperties outSecurityProperties = new SecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.setTokenUser("transmitter");
+        outSecurityProperties.setUsernameTokenPasswordType(Constants.UsernameTokenPasswordType.PASSWORD_NONE);
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsse_UsernameToken.getLocalPart(), Constants.TAG_wsse_UsernameToken.getNamespaceURI(), SecurePart.Modifier.Element));
+        //outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Created.getLocalPart(), Constants.TAG_wsu_Created.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Expires.getLocalPart(), Constants.TAG_wsu_Expires.getNamespaceURI(), SecurePart.Modifier.Content));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Content));
+        Constants.Action[] actions = new Constants.Action[]{Constants.Action.USERNAMETOKEN, Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+        SecurityProperties inSecurityProperties = new SecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+        PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(this.getClass().getClassLoader().getResource("testdata/wsdl/testAsymmetricBindingIncludeTimestampAndSignedUsernameSupportingTokenPolicy.wsdl"));
+        PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer(null);
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+
+        //read the whole stream:
+        Transformer transformer = TransformerFactory.newInstance().newTransformer();
+        transformer.transform(new DOMSource(document), new StreamResult(
+                new OutputStream() {
+                    @Override
+                    public void write(int b) throws IOException {
+                        // > /dev/null
+                    }
+                }
+        ));
+    }
+
+    @Test
+    public void testAsymmetricBindingIncludeTimestampAndSignedUsernameSupportingTokenPolicyNegativeTest() throws Exception {
+
+        SecurityProperties outSecurityProperties = new SecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.setTokenUser("transmitter");
+        outSecurityProperties.setUsernameTokenPasswordType(Constants.UsernameTokenPasswordType.PASSWORD_NONE);
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Element));
+        //outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsse_UsernameToken.getLocalPart(), Constants.TAG_wsse_UsernameToken.getNamespaceURI(), SecurePart.Modifier.Element));
+        //outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Created.getLocalPart(), Constants.TAG_wsu_Created.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Expires.getLocalPart(), Constants.TAG_wsu_Expires.getNamespaceURI(), SecurePart.Modifier.Content));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Content));
+        Constants.Action[] actions = new Constants.Action[]{Constants.Action.USERNAMETOKEN, Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+        SecurityProperties inSecurityProperties = new SecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+        PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(this.getClass().getClassLoader().getResource("testdata/wsdl/testAsymmetricBindingIncludeTimestampAndSignedUsernameSupportingTokenPolicy.wsdl"));
+        PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer(null);
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+        try {
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+
+            //read the whole stream:
+            Transformer transformer = TransformerFactory.newInstance().newTransformer();
+            transformer.transform(new DOMSource(document), new StreamResult(
+                    new OutputStream() {
+                        @Override
+                        public void write(int b) throws IOException {
+                            // > /dev/null
+                        }
+                    }
+            ));
+        } catch (XMLStreamException e) {
+            Assert.assertTrue(e.getCause() instanceof PolicyViolationException);
+            Assert.assertEquals(e.getCause().getMessage(), "No policy alternative could be satisfied");
+        }
+    }
+
+    @Test
+    public void testAsymmetricBindingIncludeTimestampAndProtectionOrderSignBeforeEncryptAndSignedUsernameSupportingTokenPolicyNegativeTest() throws Exception {
+
+        SecurityProperties outSecurityProperties = new SecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.setTokenUser("transmitter");
+        outSecurityProperties.setUsernameTokenPasswordType(Constants.UsernameTokenPasswordType.PASSWORD_NONE);
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsse_UsernameToken.getLocalPart(), Constants.TAG_wsse_UsernameToken.getNamespaceURI(), SecurePart.Modifier.Element));
+        //outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        //outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Created.getLocalPart(), Constants.TAG_wsu_Created.getNamespaceURI(), SecurePart.Modifier.Element));
+        //outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Expires.getLocalPart(), Constants.TAG_wsu_Expires.getNamespaceURI(), SecurePart.Modifier.Content));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Content));
+        Constants.Action[] actions = new Constants.Action[]{Constants.Action.USERNAMETOKEN, Constants.Action.TIMESTAMP, Constants.Action.ENCRYPT, Constants.Action.SIGNATURE};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+        SecurityProperties inSecurityProperties = new SecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+        PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(this.getClass().getClassLoader().getResource("testdata/wsdl/testAsymmetricBindingIncludeTimestampAndProtectionOrderSignBeforeEncryptAndSignedUsernameSupportingTokenPolicyNegativeTest.wsdl"));
+        PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer(null);
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+
+        //read the whole stream:
+        Transformer transformer = TransformerFactory.newInstance().newTransformer();
+        transformer.transform(new DOMSource(document), new StreamResult(
+                new OutputStream() {
+                    @Override
+                    public void write(int b) throws IOException {
+                        // > /dev/null
+                    }
+                }
+        ));
+    }
+
+    @Test
+    public void testTransportBindingBasicAuthenticationIncludeTimestampAndSignedUsernameSupportingTokenPolicy() throws Exception {
+
+        SecurityProperties outSecurityProperties = new SecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.setTokenUser("transmitter");
+        outSecurityProperties.setUsernameTokenPasswordType(Constants.UsernameTokenPasswordType.PASSWORD_NONE);
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Element));
+        //outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsse_UsernameToken.getLocalPart(), Constants.TAG_wsse_UsernameToken.getNamespaceURI(), SecurePart.Modifier.Element));
+        //outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Created.getLocalPart(), Constants.TAG_wsu_Created.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Expires.getLocalPart(), Constants.TAG_wsu_Expires.getNamespaceURI(), SecurePart.Modifier.Content));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Content));
+        Constants.Action[] actions = new Constants.Action[]{Constants.Action.USERNAMETOKEN, Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+        SecurityProperties inSecurityProperties = new SecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+        PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(this.getClass().getClassLoader().getResource("testdata/wsdl/testTransportBindingBasicAuthenticationIncludeTimestampAndSignedUsernameSupportingTokenPolicy.wsdl"));
+        PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer(null);
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+        HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent(SecurityEvent.Event.TransportToken);
+        httpsTokenSecurityEvent.setIssuerName("transmitter");
+        httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
+        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "transmitter"));
+        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+
+        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+
+        //read the whole stream:
+        Transformer transformer = TransformerFactory.newInstance().newTransformer();
+        transformer.transform(new DOMSource(document), new StreamResult(
+                new OutputStream() {
+                    @Override
+                    public void write(int b) throws IOException {
+                        // > /dev/null
+                    }
+                }
+        ));
+    }
+
+    @Test
+    public void testTransportBindingBasicAuthenticationIncludeTimestampAndSignedUsernameSupportingTokenPolicyNegativeTest() throws Exception {
+
+        SecurityProperties outSecurityProperties = new SecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.setTokenUser("transmitter");
+        outSecurityProperties.setUsernameTokenPasswordType(Constants.UsernameTokenPasswordType.PASSWORD_NONE);
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Element));
+        //outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsse_UsernameToken.getLocalPart(), Constants.TAG_wsse_UsernameToken.getNamespaceURI(), SecurePart.Modifier.Element));
+        //outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Created.getLocalPart(), Constants.TAG_wsu_Created.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Expires.getLocalPart(), Constants.TAG_wsu_Expires.getNamespaceURI(), SecurePart.Modifier.Content));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Content));
+        Constants.Action[] actions = new Constants.Action[]{Constants.Action.USERNAMETOKEN, Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+        SecurityProperties inSecurityProperties = new SecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+        PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(this.getClass().getClassLoader().getResource("testdata/wsdl/testTransportBindingBasicAuthenticationIncludeTimestampAndSignedUsernameSupportingTokenPolicy.wsdl"));
+        PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer(null);
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+/*
+        HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent(SecurityEvent.Event.TransportToken);
+        httpsTokenSecurityEvent.setIssuerName("CN=transmitter,OU=swssf,C=CH");
+        httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpBasicAuthentication);
+        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken((X509Certificate)outSecurityProperties.getSignatureKeyStore().getCertificate("transmitter")));
+        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+*/
+
+        try {
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+
+            //read the whole stream:
+            Transformer transformer = TransformerFactory.newInstance().newTransformer();
+            transformer.transform(new DOMSource(document), new StreamResult(
+                    new OutputStream() {
+                        @Override
+                        public void write(int b) throws IOException {
+                            // > /dev/null
+                        }
+                    }
+            ));
+        } catch (XMLStreamException e) {
+            Assert.assertTrue(e.getCause() instanceof PolicyViolationException);
+            Assert.assertEquals(e.getCause().getMessage(), "No policy alternative could be satisfied");
+        }
+    }
+
+    @Test
+    public void testTransportBindingHttpsClientAuthenticationIncludeTimestampAndSignedUsernameSupportingTokenPolicy() throws Exception {
+
+        SecurityProperties outSecurityProperties = new SecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.setTokenUser("transmitter");
+        outSecurityProperties.setUsernameTokenPasswordType(Constants.UsernameTokenPasswordType.PASSWORD_NONE);
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Element));
+        //outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsse_UsernameToken.getLocalPart(), Constants.TAG_wsse_UsernameToken.getNamespaceURI(), SecurePart.Modifier.Element));
+        //outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Created.getLocalPart(), Constants.TAG_wsu_Created.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_wsu_Expires.getLocalPart(), Constants.TAG_wsu_Expires.getNamespaceURI(), SecurePart.Modifier.Content));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Content));
+        Constants.Action[] actions = new Constants.Action[]{Constants.Action.USERNAMETOKEN, Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+        SecurityProperties inSecurityProperties = new SecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+        PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(this.getClass().getClassLoader().getResource("testdata/wsdl/testTransportBindingHttpsClientAuthenticationIncludeTimestampAndSignedUsernameSupportingTokenPolicy.wsdl"));
+        PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer(null);
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+        HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent(SecurityEvent.Event.TransportToken);
+        httpsTokenSecurityEvent.setIssuerName("CN=transmitter,OU=swssf,C=CH");
+        httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpsClientCertificateAuthentication);
+        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityToken(true, "CN=transmitter,OU=swssf,C=CH"));
+        policyEnforcer.registerSecurityEvent(httpsTokenSecurityEvent);
+
+        Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+
+        //read the whole stream:
+        Transformer transformer = TransformerFactory.newInstance().newTransformer();
+        transformer.transform(new DOMSource(document), new StreamResult(
+                new OutputStream() {
+                    @Override
+                    public void write(int b) throws IOException {
+                        // > /dev/null
+                    }
+                }
+        ));
+    }
+}

Propchange: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/test/policy/PolicyTest.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision

Added: webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/test/policy/VulnerabliltyVectorsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/test/policy/VulnerabliltyVectorsTest.java?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/test/policy/VulnerabliltyVectorsTest.java (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-policy/src/test/java/org/swssf/test/policy/VulnerabliltyVectorsTest.java Sun Sep 18 13:51:23 2011
@@ -0,0 +1,142 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.test.policy;
+
+import org.apache.ws.security.handler.WSHandlerConstants;
+import org.swssf.ext.Constants;
+import org.swssf.ext.SecurePart;
+import org.swssf.ext.SecurityProperties;
+import org.swssf.ext.WSSecurityException;
+import org.swssf.policy.PolicyEnforcer;
+import org.swssf.policy.PolicyEnforcerFactory;
+import org.swssf.policy.PolicyInputProcessor;
+import org.swssf.policy.secpolicy.WSSPolicyException;
+import org.swssf.test.AbstractTestBase;
+import org.swssf.test.CallbackHandlerImpl;
+import org.testng.Assert;
+import org.testng.annotations.Test;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import javax.xml.stream.XMLStreamException;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathExpression;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+import java.util.Properties;
+
+/**
+ * @author $Author: giger $
+ * @version $Revision: 1168553 $ $Date: 2011-08-21 12:41:49 +0200 (Sun, 21 Aug 2011) $
+ */
+public class VulnerabliltyVectorsTest extends AbstractTestBase {
+
+    /**
+     * Tests what happens when an soapAction from an other operation is provided.
+     * Can the policy framework be bypassed?
+     */
+    @Test
+    public void testSOAPActionSpoofing() throws Exception {
+        SecurityProperties outSecurityProperties = new SecurityProperties();
+        outSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        outSecurityProperties.setEncryptionUser("receiver");
+        outSecurityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+        outSecurityProperties.setSignatureUser("transmitter");
+        outSecurityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
+
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_wsu_Timestamp.getLocalPart(), Constants.TAG_wsu_Timestamp.getNamespaceURI(), SecurePart.Modifier.Element));
+        outSecurityProperties.addSignaturePart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Element));
+        outSecurityProperties.addEncryptionPart(new SecurePart(Constants.TAG_soap_Body_LocalName, Constants.NS_SOAP11, SecurePart.Modifier.Content));
+        Constants.Action[] actions = new Constants.Action[]{Constants.Action.TIMESTAMP, Constants.Action.SIGNATURE, Constants.Action.ENCRYPT};
+        outSecurityProperties.setOutAction(actions);
+
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+        ByteArrayOutputStream baos = doOutboundSecurity(outSecurityProperties, sourceDocument);
+
+
+        SecurityProperties inSecurityProperties = new SecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+        PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(this.getClass().getClassLoader().getResource("testdata/wsdl/actionSpoofing.wsdl"));
+        PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer("emptyPolicy");
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+        try {
+            Document document = doInboundSecurity(inSecurityProperties, new ByteArrayInputStream(baos.toByteArray()), policyEnforcer);
+            Assert.fail("Expected XMLStreamException");
+        } catch (XMLStreamException e) {
+            Throwable throwable = e.getCause();
+            Assert.assertNotNull(throwable);
+            Assert.assertTrue(throwable instanceof WSSecurityException);
+            Assert.assertEquals(throwable.getMessage(), "SOAPAction (emptyPolicyOperation) does not match with the current Operation: {http://schemas.xmlsoap.org/wsdl/}definitions");
+        }
+    }
+
+    @Test
+    public void testSignedBodyRelocationToHeader() throws Exception {
+        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
+
+        String action = WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT;
+        Properties properties = new Properties();
+        properties.setProperty(WSHandlerConstants.SIGNATURE_PARTS, "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
+        properties.setProperty(WSHandlerConstants.ENC_SYM_ALGO, "http://www.w3.org/2001/04/xmlenc#aes256-cbc");
+        Document securedDocument = doOutboundSecurityWithWSS4J(sourceDocument, action, properties);
+
+        XPathExpression xPathExpression = getXPath("/env:Envelope/env:Body");
+        Element bodyElement = (Element) xPathExpression.evaluate(securedDocument, XPathConstants.NODE);
+        Element soapEnvElement = (Element) bodyElement.getParentNode();
+        soapEnvElement.removeChild(bodyElement);
+
+        Element newBody = securedDocument.createElementNS(Constants.NS_SOAP11, Constants.TAG_soap_Body_LocalName);
+        soapEnvElement.appendChild(newBody);
+
+        xPathExpression = getXPath("/env:Envelope/env:Header");
+        Element headerElement = (Element) xPathExpression.evaluate(securedDocument, XPathConstants.NODE);
+        headerElement.appendChild(bodyElement);
+
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+        javax.xml.transform.Transformer transformer = TRANSFORMER_FACTORY.newTransformer();
+        transformer.transform(new DOMSource(securedDocument), new StreamResult(baos));
+
+        SecurityProperties inSecurityProperties = new SecurityProperties();
+        inSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
+        inSecurityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+        inSecurityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
+
+        PolicyEnforcerFactory policyEnforcerFactory = PolicyEnforcerFactory.newInstance(this.getClass().getClassLoader().getResource("testdata/wsdl/actionSpoofing.wsdl"));
+        PolicyEnforcer policyEnforcer = policyEnforcerFactory.newPolicyEnforcer("goodPolicy");
+        inSecurityProperties.addInputProcessor(new PolicyInputProcessor(policyEnforcer, null));
+
+        try {
+            Document document = doInboundSecurity(inSecurityProperties, xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray())), policyEnforcer);
+            Assert.fail("Expected XMLStreamException");
+        } catch (XMLStreamException e) {
+            Throwable throwable = e.getCause();
+            Assert.assertNotNull(throwable);
+            Assert.assertTrue(throwable instanceof WSSPolicyException);
+            Assert.assertEquals(throwable.getMessage(), "No policy alternative could be satisfied");
+        }
+    }
+}

Added: webservices/wss4j/branches/swssf/streaming-ws-security/pom.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/pom.xml?rev=1172285&view=auto
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-ws-security/pom.xml (added)
+++ webservices/wss4j/branches/swssf/streaming-ws-security/pom.xml Sun Sep 18 13:51:23 2011
@@ -0,0 +1,302 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>org.swssf</groupId>
+        <artifactId>swssf</artifactId>
+        <version>1.0.0</version>
+    </parent>
+    <groupId>org.swssf</groupId>
+    <artifactId>streaming-ws-security</artifactId>
+    <version>1.0.0</version>
+    <name>Streaming WebService Security</name>
+
+    <properties>
+        <bcprov.version>1.45</bcprov.version>
+        <opensaml.version>2.4.1</opensaml.version>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.codehaus.woodstox</groupId>
+            <artifactId>wstx-asl</artifactId>
+            <version>3.2.9</version>
+        </dependency>
+        <dependency>
+            <groupId>commons-logging</groupId>
+            <artifactId>commons-logging</artifactId>
+            <version>1.1.1</version>
+        </dependency>
+        <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>1.4</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.neethi</groupId>
+            <artifactId>neethi</artifactId>
+            <version>2.0.4</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.codehaus.woodstox</groupId>
+                    <artifactId>wstx-asl</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.santuario</groupId>
+            <artifactId>xmlsec</artifactId>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.opensaml</groupId>
+            <artifactId>opensaml</artifactId>
+            <version>${opensaml.version}</version>
+            <scope>compile</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>velocity</groupId>
+                    <artifactId>velocity</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>log4j-over-slf4j</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>jcl-over-slf4j</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>jul-to-slf4j</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bcprov-ext-jdk15</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bcprov-jdk15</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>ca.juliusdavies</groupId>
+                    <artifactId>not-yet-commons-ssl</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>net.jcip</groupId>
+                    <artifactId>jcip-annotations</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>xml-resolver</groupId>
+                    <artifactId>xml-resolver</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>xerces</groupId>
+                    <artifactId>xercesImpl</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>xalan</groupId>
+                    <artifactId>xalan</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>commons-codec</groupId>
+                    <artifactId>commons-codec</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>commons-httpclient</groupId>
+                    <artifactId>commons-httpclient</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>commons-lang</groupId>
+                    <artifactId>commons-lang</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>commons-collections</groupId>
+                    <artifactId>commons-collections</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.apache.santuario</groupId>
+                    <artifactId>xmlsec</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>jcs</groupId>
+            <artifactId>jcs</artifactId>
+            <version>1.3</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>javax.sql</groupId>
+                    <artifactId>jdbc-stdext</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>commons-dbcp</groupId>
+                    <artifactId>commons-dbcp</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>commons-pool</groupId>
+                    <artifactId>commons-pool</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>mysql</groupId>
+                    <artifactId>mysql-connector-java</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>hsqldb</groupId>
+                    <artifactId>hsqldb</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>log4j</groupId>
+                    <artifactId>log4j</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>servletapi</groupId>
+                    <artifactId>servletapi</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>tomcat</groupId>
+                    <artifactId>tomcat-util</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>velocity</groupId>
+                    <artifactId>velocity</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>junit</groupId>
+                    <artifactId>junit</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>xmlrpc</groupId>
+                    <artifactId>xmlrpc</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>xerces</groupId>
+                    <artifactId>xerces</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>xml-apis</groupId>
+                    <artifactId>xml-apis</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>berkeleydb</groupId>
+                    <artifactId>berkeleydb</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <dependency>
+            <groupId>log4j</groupId>
+            <artifactId>log4j</artifactId>
+            <version>1.2.14</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.testng</groupId>
+            <artifactId>testng</artifactId>
+            <version>5.14.2</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.ws.security</groupId>
+            <artifactId>wss4j</artifactId>
+            <version>1.6.0</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>javax.xml</groupId>
+            <artifactId>jaxrpc-api</artifactId>
+            <version>1.1</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>xalan</groupId>
+            <artifactId>xalan</artifactId>
+            <version>2.7.1</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>xalan</groupId>
+            <artifactId>serializer</artifactId>
+            <version>2.7.1</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.jvnet.jaxb2.maven2</groupId>
+                <artifactId>maven-jaxb2-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <phase>generate-sources</phase>
+                        <goals>
+                            <goal>generate</goal>
+                        </goals>
+                    </execution>
+                </executions>
+                <configuration>
+                    <includeSchemas>
+                        <includeSchema>security-config.xsd</includeSchema>
+                    </includeSchemas>
+                    <readOnly>true</readOnly>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <groups>${test.groups}</groups>
+                    <argLine>-Xmx2000m</argLine>
+                    <excludes>
+                        <exclude>**/ProfilingTest.java</exclude>
+                        <exclude>**/PerformanceMemoryTest.java</exclude>
+                        <exclude>**/PerformanceTimingTest.java</exclude>
+                    </excludes>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>test-jar</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+    <profiles>
+        <profile>
+            <id>jdk15</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+                <jdk>1.5</jdk>
+            </activation>
+            <dependencies>
+                <dependency>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bcprov-jdk15</artifactId>
+                    <version>${bcprov.version}</version>
+                </dependency>
+            </dependencies>
+        </profile>
+        <profile>
+            <id>jdk16</id>
+            <activation>
+                <jdk>1.6</jdk>
+            </activation>
+            <dependencies>
+                <dependency>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bcprov-jdk16</artifactId>
+                    <version>${bcprov.version}</version>
+                </dependency>
+            </dependencies>
+        </profile>
+    </profiles>
+</project>



Mime
View raw message