List of usage examples for java.security.cert X509Certificate getEncoded
public abstract byte[] getEncoded() throws CertificateEncodingException;
From source file:org.cesecore.certificates.certificate.CertificateCreateSessionBean.java
private void addCTLoggingCallback(CertificateGenerationParams certGenParams, final String authTokenName) { if (certGenParams != null) { certGenParams.setCTAuditLogCallback(new CTAuditLogCallback() { @Override//from ww w . ja va 2s . co m public void logPreCertSubmission(X509CA issuer, EndEntityInformation subject, X509Certificate precert, boolean success) { // Mostly the same info is logged as in CertificateCreateSessionBean.createCertificate final Map<String, Object> issuedetails = new LinkedHashMap<String, Object>(); issuedetails.put("ctprecert", true); issuedetails.put("msg", intres.getLocalizedMessage( success ? "createcert.ctlogsubmissionsuccessful" : "createcert.ctlogsubmissionfailed")); issuedetails.put("subjectdn", CertTools.getSubjectDN(precert)); issuedetails.put("certprofile", subject.getCertificateProfileId()); try { issuedetails.put("cert", new String(Base64.encode(precert.getEncoded(), false))); } catch (CertificateEncodingException e) { log.warn("Could not encode cert", e); } logSession.log(EventTypes.CERT_CTPRECERT_SUBMISSION, success ? EventStatus.SUCCESS : EventStatus.FAILURE, ModuleTypes.CERTIFICATE, ServiceTypes.CORE, authTokenName, String.valueOf(issuer.getCAId()), CertTools.getSerialNumberAsString(precert), subject.getUsername(), issuedetails); } }); } }
From source file:org.codice.ddf.security.idp.server.IdpEndpoint.java
@GET @Path("/login/metadata") @Produces("application/xml") public Response retrieveMetadata() throws WSSecurityException, CertificateEncodingException { List<String> nameIdFormats = new ArrayList<>(); nameIdFormats.add(SAML2Constants.NAMEID_FORMAT_PERSISTENT); nameIdFormats.add(SAML2Constants.NAMEID_FORMAT_UNSPECIFIED); nameIdFormats.add(SAML2Constants.NAMEID_FORMAT_X509_SUBJECT_NAME); CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS); cryptoType.setAlias(systemCrypto.getSignatureCrypto().getDefaultX509Identifier()); X509Certificate[] certs = systemCrypto.getSignatureCrypto().getX509Certificates(cryptoType); X509Certificate issuerCert = null; if (certs != null && certs.length > 0) { issuerCert = certs[0];//from ww w .jav a2 s .c o m } cryptoType = new CryptoType(CryptoType.TYPE.ALIAS); cryptoType.setAlias(systemCrypto.getEncryptionCrypto().getDefaultX509Identifier()); certs = systemCrypto.getEncryptionCrypto().getX509Certificates(cryptoType); X509Certificate encryptionCert = null; if (certs != null && certs.length > 0) { encryptionCert = certs[0]; } EntityDescriptor entityDescriptor = SamlProtocol.createIdpMetadata( SystemBaseUrl.constructUrl("/idp/login", true), Base64.getEncoder().encodeToString(issuerCert != null ? issuerCert.getEncoded() : new byte[0]), Base64.getEncoder() .encodeToString(encryptionCert != null ? encryptionCert.getEncoded() : new byte[0]), nameIdFormats, SystemBaseUrl.constructUrl("/idp/login", true), SystemBaseUrl.constructUrl("/idp/login", true), SystemBaseUrl.constructUrl("/idp/logout", true)); Document doc = DOMUtils.createDocument(); doc.appendChild(doc.createElement("root")); return Response.ok(DOM2Writer.nodeToString(OpenSAMLUtil.toDom(entityDescriptor, doc, false))).build(); }
From source file:org.wso2.carbon.mex.MexGetService.java
public OMElement requestPost(OMElement element) throws MexException { if (log.isDebugEnabled()) { log.debug("---------------Begin Mex-UT Endpoint Request--------------------"); }/*from ww w .j a va 2 s .c o m*/ MessageContext msgCtx = MessageContext.getCurrentMessageContext(); String service = msgCtx.getAxisService().getName(); if (StringUtils.isEmpty(service)) { throw new MexException("Service Mex-UT hasn't registered successfully"); } String CarbonserviceURL = IdentityUtil.getServerURL("", true, true); X509Certificate cert; String encodedCertificate = null; try { cert = KeyUtil.getCertificateToIncludeInMex(service); byte[] byteArray = cert.getEncoded(); encodedCertificate = Base64.encode(byteArray); } catch (KeyStoreException e) { throw new MexException("Error on retrieving the Keystore for Mex-UT endpoint", e); } catch (IOException e) { throw new MexException("Error on retrieving the Keystore File for Mex-UT endpoint", e); } catch (CertificateException e) { throw new MexException("Error on retrieving the Certificate for Mex-UT endpoint", e); } catch (NoSuchAlgorithmException e) { throw new MexException("Error on loading the Certificate for Mex-UT endpoint", e); } if (StringUtils.isEmpty(encodedCertificate)) { throw new MexException(" Certificate value hasn't successfully encoded for Mex-UT endpoint"); } if (log.isDebugEnabled()) { log.debug("Encoded Certificate value: " + encodedCertificate); } String stsEndpointUrl = CarbonserviceURL + MexGetService.SERVICE_URL + MexGetService.STS_END_POINT; if (StringUtils.isBlank(stsEndpointUrl)) { throw new MexException("Cannot retrieve the STS endpoint"); } if (log.isDebugEnabled()) { log.debug("stsEndpointUrl:=> " + stsEndpointUrl); } String response = "<Metadata xmlns=\"http://schemas.xmlsoap.org/ws/2004/09/mex\" xmlns:wsx=\"http://schemas.xmlsoap.org/ws/2004/09/mex\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n" + " <wsx:MetadataSection xmlns=\"\" Dialect=\"http://schemas.xmlsoap.org/wsdl/\" Identifier=\"http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice\">\n" + " <wsdl:definitions xmlns:wsdl=\"http://schemas.xmlsoap.org/wsdl/\" xmlns:msc=\"http://schemas.microsoft.com/ws/2005/12/wsdl/contract\" xmlns:soap=\"http://schemas.xmlsoap.org/wsdl/soap/\" xmlns:soap12=\"http://schemas.xmlsoap.org/wsdl/soap12/\" xmlns:soapenc=\"http://schemas.xmlsoap.org/soap/encoding/\" xmlns:t=\"http://schemas.xmlsoap.org/ws/2005/02/trust\" xmlns:tns=\"http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice\" xmlns:trust=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512\" xmlns:wsa=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\" xmlns:wsa10=\"http://www.w3.org/2005/08/addressing\" xmlns:wsam=\"http://www.w3.org/2007/05/addressing/metadata\" xmlns:wsap=\"http://schemas.xmlsoap.org/ws/2004/08/addressing/policy\" xmlns:wsaw=\"http://www.w3.org/2006/05/addressing/wsdl\" xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" name=\"SecurityTokenService\" targetNamespace=\"http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice\">\n" + " <wsp:Policy wsu:Id=\"CustomBinding_IWSTrustFeb2005Async_policy\">\n" + " <wsp:ExactlyOne>\n" + " <wsp:All>\n" + " <msis:DomainInternet xmlns:msis=\"http://schemas.microsoft.com/ws/2009/12/identityserver/\" />\n" + " <http:NegotiateAuthentication xmlns:http=\"http://schemas.microsoft.com/ws/06/2004/policy/http\" />\n" + " <sp:TransportBinding xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:TransportToken>\n" + " <wsp:Policy>\n" + " <sp:HttpsToken RequireClientCertificate=\"false\" />\n" + " </wsp:Policy>\n" + " </sp:TransportToken>\n" + " <sp:AlgorithmSuite>\n" + " <wsp:Policy>\n" + " <sp:Basic256 />\n" + " </wsp:Policy>\n" + " </sp:AlgorithmSuite>\n" + " <sp:Layout>\n" + " <wsp:Policy>\n" + " <sp:Strict />\n" + " </wsp:Policy>\n" + " </sp:Layout>\n" + " </wsp:Policy>\n" + " </sp:TransportBinding>\n" + " <wsaw:UsingAddressing />\n" + " </wsp:All>\n" + " </wsp:ExactlyOne>\n" + " </wsp:Policy>\n" + " <wsp:Policy wsu:Id=\"CertificateWSTrustBinding_IWSTrustFeb2005Async_policy\">\n" + " <wsp:ExactlyOne>\n" + " <wsp:All>\n" + " <sp:TransportBinding xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:TransportToken>\n" + " <wsp:Policy>\n" + " <sp:HttpsToken RequireClientCertificate=\"false\" />\n" + " </wsp:Policy>\n" + " </sp:TransportToken>\n" + " <sp:AlgorithmSuite>\n" + " <wsp:Policy>\n" + " <sp:Basic256 />\n" + " </wsp:Policy>\n" + " </sp:AlgorithmSuite>\n" + " <sp:Layout>\n" + " <wsp:Policy>\n" + " <sp:Strict />\n" + " </wsp:Policy>\n" + " </sp:Layout>\n" + " <sp:IncludeTimestamp />\n" + " </wsp:Policy>\n" + " </sp:TransportBinding>\n" + " <sp:EndorsingSupportingTokens xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:X509Token sp:IncludeToken=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient\">\n" + " <wsp:Policy>\n" + " <sp:RequireThumbprintReference />\n" + " <sp:WssX509V3Token10 />\n" + " </wsp:Policy>\n" + " </sp:X509Token>\n" + " <mssp:RsaToken xmlns:mssp=\"http://schemas.microsoft.com/ws/2005/07/securitypolicy\" sp:IncludeToken=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never\" wsp:Optional=\"true\" />\n" + " <sp:SignedParts>\n" + " <sp:Header Name=\"To\" Namespace=\"http://www.w3.org/2005/08/addressing\" />\n" + " </sp:SignedParts>\n" + " </wsp:Policy>\n" + " </sp:EndorsingSupportingTokens>\n" + " <sp:Wss11 xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:MustSupportRefThumbprint />\n" + " </wsp:Policy>\n" + " </sp:Wss11>\n" + " <sp:Trust10 xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:MustSupportIssuedTokens />\n" + " <sp:RequireClientEntropy />\n" + " <sp:RequireServerEntropy />\n" + " </wsp:Policy>\n" + " </sp:Trust10>\n" + " <wsaw:UsingAddressing />\n" + " </wsp:All>\n" + " </wsp:ExactlyOne>\n" + " </wsp:Policy>\n" + " <wsp:Policy wsu:Id=\"CertificateWSTrustBinding_IWSTrustFeb2005Async1_policy\">\n" + " <wsp:ExactlyOne>\n" + " <wsp:All>\n" + " <sp:TransportBinding xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:TransportToken>\n" + " <wsp:Policy>\n" + " <sp:HttpsToken RequireClientCertificate=\"true\" />\n" + " </wsp:Policy>\n" + " </sp:TransportToken>\n" + " <sp:AlgorithmSuite>\n" + " <wsp:Policy>\n" + " <sp:Basic256 />\n" + " </wsp:Policy>\n" + " </sp:AlgorithmSuite>\n" + " <sp:Layout>\n" + " <wsp:Policy>\n" + " <sp:Strict />\n" + " </wsp:Policy>\n" + " </sp:Layout>\n" + " </wsp:Policy>\n" + " </sp:TransportBinding>\n" + " <wsaw:UsingAddressing />\n" + " </wsp:All>\n" + " </wsp:ExactlyOne>\n" + " </wsp:Policy>\n" + " <wsp:Policy wsu:Id=\"UserNameWSTrustBinding_IWSTrustFeb2005Async_policy\">\n" + " <wsp:ExactlyOne>\n" + " <wsp:All>\n" + " <sp:TransportBinding xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:TransportToken>\n" + " <wsp:Policy>\n" + " <sp:HttpsToken RequireClientCertificate=\"false\" />\n" + " </wsp:Policy>\n" + " </sp:TransportToken>\n" + " <sp:AlgorithmSuite>\n" + " <wsp:Policy>\n" + " <sp:Basic256 />\n" + " </wsp:Policy>\n" + " </sp:AlgorithmSuite>\n" + " <sp:Layout>\n" + " <wsp:Policy>\n" + " <sp:Strict />\n" + " </wsp:Policy>\n" + " </sp:Layout>\n" + " <sp:IncludeTimestamp />\n" + " </wsp:Policy>\n" + " </sp:TransportBinding>\n" + " <sp:SignedSupportingTokens xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:UsernameToken sp:IncludeToken=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient\">\n" + " <wsp:Policy>\n" + " <sp:WssUsernameToken10 />\n" + " </wsp:Policy>\n" + " </sp:UsernameToken>\n" + " </wsp:Policy>\n" + " </sp:SignedSupportingTokens>\n" + " <sp:EndorsingSupportingTokens xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <mssp:RsaToken xmlns:mssp=\"http://schemas.microsoft.com/ws/2005/07/securitypolicy\" sp:IncludeToken=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never\" wsp:Optional=\"true\" />\n" + " <sp:SignedParts>\n" + " <sp:Header Name=\"To\" Namespace=\"http://www.w3.org/2005/08/addressing\" />\n" + " </sp:SignedParts>\n" + " </wsp:Policy>\n" + " </sp:EndorsingSupportingTokens>\n" + " <sp:Wss11 xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy />\n" + " </sp:Wss11>\n" + " <sp:Trust10 xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:MustSupportIssuedTokens />\n" + " <sp:RequireClientEntropy />\n" + " <sp:RequireServerEntropy />\n" + " </wsp:Policy>\n" + " </sp:Trust10>\n" + " <wsaw:UsingAddressing />\n" + " </wsp:All>\n" + " </wsp:ExactlyOne>\n" + " </wsp:Policy>\n" + " <wsp:Policy wsu:Id=\"IssuedTokenWSTrustBinding_IWSTrustFeb2005Async_policy\">\n" + " <wsp:ExactlyOne>\n" + " <wsp:All>\n" + " <sp:TransportBinding xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:TransportToken>\n" + " <wsp:Policy>\n" + " <sp:HttpsToken RequireClientCertificate=\"false\" />\n" + " </wsp:Policy>\n" + " </sp:TransportToken>\n" + " <sp:AlgorithmSuite>\n" + " <wsp:Policy>\n" + " <sp:Basic256 />\n" + " </wsp:Policy>\n" + " </sp:AlgorithmSuite>\n" + " <sp:Layout>\n" + " <wsp:Policy>\n" + " <sp:Strict />\n" + " </wsp:Policy>\n" + " </sp:Layout>\n" + " <sp:IncludeTimestamp />\n" + " </wsp:Policy>\n" + " </sp:TransportBinding>\n" + " <sp:EndorsingSupportingTokens xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:IssuedToken sp:IncludeToken=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient\">\n" + " <sp:RequestSecurityTokenTemplate>\n" + " <t:KeyType>http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey</t:KeyType>\n" + " <t:EncryptWith>http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</t:EncryptWith>\n" + " <t:SignatureAlgorithm>http://www.w3.org/2000/09/xmldsig#rsa-sha1</t:SignatureAlgorithm>\n" + " <t:CanonicalizationAlgorithm>http://www.w3.org/2001/10/xml-exc-c14n#</t:CanonicalizationAlgorithm>\n" + " <t:EncryptionAlgorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:EncryptionAlgorithm>\n" + " </sp:RequestSecurityTokenTemplate>\n" + " <wsp:Policy>\n" + " <sp:RequireInternalReference />\n" + " </wsp:Policy>\n" + " </sp:IssuedToken>\n" + " <mssp:RsaToken xmlns:mssp=\"http://schemas.microsoft.com/ws/2005/07/securitypolicy\" sp:IncludeToken=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never\" wsp:Optional=\"true\" />\n" + " <sp:SignedParts>\n" + " <sp:Header Name=\"To\" Namespace=\"http://www.w3.org/2005/08/addressing\" />\n" + " </sp:SignedParts>\n" + " </wsp:Policy>\n" + " </sp:EndorsingSupportingTokens>\n" + " <sp:Wss11 xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy />\n" + " </sp:Wss11>\n" + " <sp:Trust10 xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:MustSupportIssuedTokens />\n" + " <sp:RequireClientEntropy />\n" + " <sp:RequireServerEntropy />\n" + " </wsp:Policy>\n" + " </sp:Trust10>\n" + " <wsaw:UsingAddressing />\n" + " </wsp:All>\n" + " </wsp:ExactlyOne>\n" + " </wsp:Policy>\n" + " <wsp:Policy wsu:Id=\"IssuedTokenWSTrustBinding_IWSTrustFeb2005Async1_policy\">\n" + " <wsp:ExactlyOne>\n" + " <wsp:All>\n" + " <sp:TransportBinding xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:TransportToken>\n" + " <wsp:Policy>\n" + " <sp:HttpsToken RequireClientCertificate=\"false\" />\n" + " </wsp:Policy>\n" + " </sp:TransportToken>\n" + " <sp:AlgorithmSuite>\n" + " <wsp:Policy>\n" + " <sp:Basic256 />\n" + " </wsp:Policy>\n" + " </sp:AlgorithmSuite>\n" + " <sp:Layout>\n" + " <wsp:Policy>\n" + " <sp:Strict />\n" + " </wsp:Policy>\n" + " </sp:Layout>\n" + " <sp:IncludeTimestamp />\n" + " </wsp:Policy>\n" + " </sp:TransportBinding>\n" + " <sp:EndorsingSupportingTokens xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:IssuedToken sp:IncludeToken=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient\">\n" + " <sp:RequestSecurityTokenTemplate>\n" + " <t:KeyType>http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey</t:KeyType>\n" + " <t:KeySize>256</t:KeySize>\n" + " <t:EncryptWith>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:EncryptWith>\n" + " <t:SignatureAlgorithm>http://www.w3.org/2000/09/xmldsig#hmac-sha1</t:SignatureAlgorithm>\n" + " <t:CanonicalizationAlgorithm>http://www.w3.org/2001/10/xml-exc-c14n#</t:CanonicalizationAlgorithm>\n" + " <t:EncryptionAlgorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:EncryptionAlgorithm>\n" + " </sp:RequestSecurityTokenTemplate>\n" + " <wsp:Policy>\n" + " <sp:RequireInternalReference />\n" + " </wsp:Policy>\n" + " </sp:IssuedToken>\n" + " <mssp:RsaToken xmlns:mssp=\"http://schemas.microsoft.com/ws/2005/07/securitypolicy\" sp:IncludeToken=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never\" wsp:Optional=\"true\" />\n" + " <sp:SignedParts>\n" + " <sp:Header Name=\"To\" Namespace=\"http://www.w3.org/2005/08/addressing\" />\n" + " </sp:SignedParts>\n" + " </wsp:Policy>\n" + " </sp:EndorsingSupportingTokens>\n" + " <sp:Wss11 xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy />\n" + " </sp:Wss11>\n" + " <sp:Trust10 xmlns:sp=\"http://schemas.xmlsoap.org/ws/2005/07/securitypolicy\">\n" + " <wsp:Policy>\n" + " <sp:MustSupportIssuedTokens />\n" + " <sp:RequireClientEntropy />\n" + " <sp:RequireServerEntropy />\n" + " </wsp:Policy>\n" + " </sp:Trust10>\n" + " <wsaw:UsingAddressing />\n" + " </wsp:All>\n" + " </wsp:ExactlyOne>\n" + " </wsp:Policy>\n" + " <wsp:Policy wsu:Id=\"CertificateWSTrustBinding_IWSTrust13Async_policy\">\n" + " <wsp:ExactlyOne>\n" + " <wsp:All>\n" + " <sp:TransportBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:TransportToken>\n" + " <wsp:Policy>\n" + " <sp:HttpsToken />\n" + " </wsp:Policy>\n" + " </sp:TransportToken>\n" + " <sp:AlgorithmSuite>\n" + " <wsp:Policy>\n" + " <sp:Basic256 />\n" + " </wsp:Policy>\n" + " </sp:AlgorithmSuite>\n" + " <sp:Layout>\n" + " <wsp:Policy>\n" + " <sp:Strict />\n" + " </wsp:Policy>\n" + " </sp:Layout>\n" + " <sp:IncludeTimestamp />\n" + " </wsp:Policy>\n" + " </sp:TransportBinding>\n" + " <sp:EndorsingSupportingTokens xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:X509Token sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" + " <wsp:Policy>\n" + " <sp:RequireThumbprintReference />\n" + " <sp:WssX509V3Token10 />\n" + " </wsp:Policy>\n" + " </sp:X509Token>\n" + " <sp:KeyValueToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\" wsp:Optional=\"true\" />\n" + " <sp:SignedParts>\n" + " <sp:Header Name=\"To\" Namespace=\"http://www.w3.org/2005/08/addressing\" />\n" + " </sp:SignedParts>\n" + " </wsp:Policy>\n" + " </sp:EndorsingSupportingTokens>\n" + " <sp:Wss11 xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:MustSupportRefThumbprint />\n" + " </wsp:Policy>\n" + " </sp:Wss11>\n" + " <sp:Trust13 xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:MustSupportIssuedTokens />\n" + " <sp:RequireClientEntropy />\n" + " <sp:RequireServerEntropy />\n" + " </wsp:Policy>\n" + " </sp:Trust13>\n" + " <wsaw:UsingAddressing />\n" + " </wsp:All>\n" + " </wsp:ExactlyOne>\n" + " </wsp:Policy>\n" + " <wsp:Policy wsu:Id=\"UserNameWSTrustBinding_IWSTrust13Async_policy\">\n" + " <wsp:ExactlyOne>\n" + " <wsp:All>\n" + " <sp:TransportBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:TransportToken>\n" + " <wsp:Policy>\n" + " <sp:HttpsToken />\n" + " </wsp:Policy>\n" + " </sp:TransportToken>\n" + " <sp:AlgorithmSuite>\n" + " <wsp:Policy>\n" + " <sp:Basic256 />\n" + " </wsp:Policy>\n" + " </sp:AlgorithmSuite>\n" + " <sp:Layout>\n" + " <wsp:Policy>\n" + " <sp:Strict />\n" + " </wsp:Policy>\n" + " </sp:Layout>\n" + " <sp:IncludeTimestamp />\n" + " </wsp:Policy>\n" + " </sp:TransportBinding>\n" + " <sp:SignedEncryptedSupportingTokens xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:UsernameToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" + " <wsp:Policy>\n" + " <sp:WssUsernameToken10 />\n" + " </wsp:Policy>\n" + " </sp:UsernameToken>\n" + " </wsp:Policy>\n" + " </sp:SignedEncryptedSupportingTokens>\n" + " <sp:EndorsingSupportingTokens xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:KeyValueToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\" wsp:Optional=\"true\" />\n" + " <sp:SignedParts>\n" + " <sp:Header Name=\"To\" Namespace=\"http://www.w3.org/2005/08/addressing\" />\n" + " </sp:SignedParts>\n" + " </wsp:Policy>\n" + " </sp:EndorsingSupportingTokens>\n" + " <sp:Wss11 xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy />\n" + " </sp:Wss11>\n" + " <sp:Trust13 xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:MustSupportIssuedTokens />\n" + " <sp:RequireClientEntropy />\n" + " <sp:RequireServerEntropy />\n" + " </wsp:Policy>\n" + " </sp:Trust13>\n" + " <wsaw:UsingAddressing />\n" + " </wsp:All>\n" + " </wsp:ExactlyOne>\n" + " </wsp:Policy>\n" + " <wsp:Policy wsu:Id=\"IssuedTokenWSTrustBinding_IWSTrust13Async_policy\">\n" + " <wsp:ExactlyOne>\n" + " <wsp:All>\n" + " <sp:TransportBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:TransportToken>\n" + " <wsp:Policy>\n" + " <sp:HttpsToken />\n" + " </wsp:Policy>\n" + " </sp:TransportToken>\n" + " <sp:AlgorithmSuite>\n" + " <wsp:Policy>\n" + " <sp:Basic256 />\n" + " </wsp:Policy>\n" + " </sp:AlgorithmSuite>\n" + " <sp:Layout>\n" + " <wsp:Policy>\n" + " <sp:Strict />\n" + " </wsp:Policy>\n" + " </sp:Layout>\n" + " <sp:IncludeTimestamp />\n" + " </wsp:Policy>\n" + " </sp:TransportBinding>\n" + " <sp:EndorsingSupportingTokens xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:IssuedToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" + " <sp:RequestSecurityTokenTemplate>\n" + " <trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</trust:KeyType>\n" + " <trust:KeyWrapAlgorithm>http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</trust:KeyWrapAlgorithm>\n" + " <trust:EncryptWith>http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</trust:EncryptWith>\n" + " <trust:SignatureAlgorithm>http://www.w3.org/2000/09/xmldsig#rsa-sha1</trust:SignatureAlgorithm>\n" + " <trust:CanonicalizationAlgorithm>http://www.w3.org/2001/10/xml-exc-c14n#</trust:CanonicalizationAlgorithm>\n" + " <trust:EncryptionAlgorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</trust:EncryptionAlgorithm>\n" + " </sp:RequestSecurityTokenTemplate>\n" + " <wsp:Policy>\n" + " <sp:RequireInternalReference />\n" + " </wsp:Policy>\n" + " </sp:IssuedToken>\n" + " <sp:KeyValueToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\" wsp:Optional=\"true\" />\n" + " <sp:SignedParts>\n" + " <sp:Header Name=\"To\" Namespace=\"http://www.w3.org/2005/08/addressing\" />\n" + " </sp:SignedParts>\n" + " </wsp:Policy>\n" + " </sp:EndorsingSupportingTokens>\n" + " <sp:Wss11 xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy />\n" + " </sp:Wss11>\n" + " <sp:Trust13 xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:MustSupportIssuedTokens />\n" + " <sp:RequireClientEntropy />\n" + " <sp:RequireServerEntropy />\n" + " </wsp:Policy>\n" + " </sp:Trust13>\n" + " <wsaw:UsingAddressing />\n" + " </wsp:All>\n" + " </wsp:ExactlyOne>\n" + " </wsp:Policy>\n" + " <wsp:Policy wsu:Id=\"IssuedTokenWSTrustBinding_IWSTrust13Async1_policy\">\n" + " <wsp:ExactlyOne>\n" + " <wsp:All>\n" + " <sp:TransportBinding xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:TransportToken>\n" + " <wsp:Policy>\n" + " <sp:HttpsToken />\n" + " </wsp:Policy>\n" + " </sp:TransportToken>\n" + " <sp:AlgorithmSuite>\n" + " <wsp:Policy>\n" + " <sp:Basic256 />\n" + " </wsp:Policy>\n" + " </sp:AlgorithmSuite>\n" + " <sp:Layout>\n" + " <wsp:Policy>\n" + " <sp:Strict />\n" + " </wsp:Policy>\n" + " </sp:Layout>\n" + " <sp:IncludeTimestamp />\n" + " </wsp:Policy>\n" + " </sp:TransportBinding>\n" + " <sp:EndorsingSupportingTokens xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:IssuedToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient\">\n" + " <sp:RequestSecurityTokenTemplate>\n" + " <trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</trust:KeyType>\n" + " <trust:KeySize>256</trust:KeySize>\n" + " <trust:KeyWrapAlgorithm>http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</trust:KeyWrapAlgorithm>\n" + " <trust:EncryptWith>http://www.w3.org/2001/04/xmlenc#aes256-cbc</trust:EncryptWith>\n" + " <trust:SignatureAlgorithm>http://www.w3.org/2000/09/xmldsig#hmac-sha1</trust:SignatureAlgorithm>\n" + " <trust:CanonicalizationAlgorithm>http://www.w3.org/2001/10/xml-exc-c14n#</trust:CanonicalizationAlgorithm>\n" + " <trust:EncryptionAlgorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</trust:EncryptionAlgorithm>\n" + " </sp:RequestSecurityTokenTemplate>\n" + " <wsp:Policy>\n" + " <sp:RequireInternalReference />\n" + " </wsp:Policy>\n" + " </sp:IssuedToken>\n" + " <sp:KeyValueToken sp:IncludeToken=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never\" wsp:Optional=\"true\" />\n" + " <sp:SignedParts>\n" + " <sp:Header Name=\"To\" Namespace=\"http://www.w3.org/2005/08/addressing\" />\n" + " </sp:SignedParts>\n" + " </wsp:Policy>\n" + " </sp:EndorsingSupportingTokens>\n" + " <sp:Wss11 xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy />\n" + " </sp:Wss11>\n" + " <sp:Trust13 xmlns:sp=\"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702\">\n" + " <wsp:Policy>\n" + " <sp:MustSupportIssuedTokens />\n" + " <sp:RequireClientEntropy />\n" + " <sp:RequireServerEntropy />\n" + " </wsp:Policy>\n" + " </sp:Trust13>\n" + " <wsaw:UsingAddressing />\n" + " </wsp:All>\n" + " </wsp:ExactlyOne>\n" + " </wsp:Policy>\n" + " <wsdl:types>\n" + " <xsd:schema targetNamespace=\"http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice/Imports\">\n" + " <xsd:import namespace=\"http://schemas.microsoft.com/Message\" />\n" + " <xsd:import namespace=\"http://schemas.xmlsoap.org/ws/2005/02/trust\" />\n" + " <xsd:import namespace=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512\" />\n" + " </xsd:schema>\n" + " </wsdl:types>\n" + " <wsdl:message name=\"IWSTrustFeb2005Async_TrustFeb2005IssueAsync_InputMessage\">\n" + " <wsdl:part name=\"request\" element=\"t:RequestSecurityToken\" />\n" + " </wsdl:message>\n" + " <wsdl:message name=\"IWSTrustFeb2005Async_TrustFeb2005IssueAsync_OutputMessage\">\n" + " <wsdl:part name=\"TrustFeb2005IssueAsyncResult\" element=\"t:RequestSecurityTokenResponse\" />\n" + " </wsdl:message>\n" + " <wsdl:message name=\"IWSTrust13Async_Trust13IssueAsync_InputMessage\">\n" + " <wsdl:part name=\"request\" element=\"trust:RequestSecurityToken\" />\n" + " </wsdl:message>\n" + " <wsdl:message name=\"IWSTrust13Async_Trust13IssueAsync_OutputMessage\">\n" + " <wsdl:part name=\"Trust13IssueAsyncResult\" element=\"trust:RequestSecurityTokenResponseCollection\" />\n" + " </wsdl:message>\n" + " <wsdl:portType name=\"IWSTrustFeb2005Async\">\n" + " <wsdl:operation name=\"TrustFeb2005IssueAsync\">\n" + " <wsdl:input wsaw:Action=\"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue\" message=\"tns:IWSTrustFeb2005Async_TrustFeb2005IssueAsync_InputMessage\" />\n" + " <wsdl:output wsaw:Action=\"http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue\" message=\"tns:IWSTrustFeb2005Async_TrustFeb2005IssueAsync_OutputMessage\" />\n" + " </wsdl:operation>\n" + " </wsdl:portType>\n" + " <wsdl:portType name=\"IWSTrust13Async\">\n" + " <wsdl:operation name=\"Trust13IssueAsync\">\n" + " <wsdl:input wsaw:Action=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue\" message=\"tns:IWSTrust13Async_Trust13IssueAsync_InputMessage\" />\n" + " <wsdl:output wsaw:Action=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal\" message=\"tns:IWSTrust13Async_Trust13IssueAsync_OutputMessage\" />\n" + " </wsdl:operation>\n" + " </wsdl:portType>\n" + " <wsdl:binding name=\"CustomBinding_IWSTrustFeb2005Async\" type=\"tns:IWSTrustFeb2005Async\">\n" + " <wsp:PolicyReference URI=\"#CustomBinding_IWSTrustFeb2005Async_policy\" />\n" + " <soap12:binding transport=\"http://schemas.xmlsoap.org/soap/http\" />\n" + " <wsdl:operation name=\"TrustFeb2005IssueAsync\">\n" + " <soap12:operation soapAction=\"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue\" style=\"document\" />\n" + " <wsdl:input>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:input>\n" + " <wsdl:output>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:output>\n" + " </wsdl:operation>\n" + " </wsdl:binding>\n" + " <wsdl:binding name=\"CertificateWSTrustBinding_IWSTrustFeb2005Async\" type=\"tns:IWSTrustFeb2005Async\">\n" + " <wsp:PolicyReference URI=\"#CertificateWSTrustBinding_IWSTrustFeb2005Async_policy\" />\n" + " <soap12:binding transport=\"http://schemas.xmlsoap.org/soap/http\" />\n" + " <wsdl:operation name=\"TrustFeb2005IssueAsync\">\n" + " <soap12:operation soapAction=\"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue\" style=\"document\" />\n" + " <wsdl:input>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:input>\n" + " <wsdl:output>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:output>\n" + " </wsdl:operation>\n" + " </wsdl:binding>\n" + " <wsdl:binding name=\"CertificateWSTrustBinding_IWSTrustFeb2005Async1\" type=\"tns:IWSTrustFeb2005Async\">\n" + " <wsp:PolicyReference URI=\"#CertificateWSTrustBinding_IWSTrustFeb2005Async1_policy\" />\n" + " <soap12:binding transport=\"http://schemas.xmlsoap.org/soap/http\" />\n" + " <wsdl:operation name=\"TrustFeb2005IssueAsync\">\n" + " <soap12:operation soapAction=\"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue\" style=\"document\" />\n" + " <wsdl:input>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:input>\n" + " <wsdl:output>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:output>\n" + " </wsdl:operation>\n" + " </wsdl:binding>\n" + " <wsdl:binding name=\"UserNameWSTrustBinding_IWSTrustFeb2005Async\" type=\"tns:IWSTrustFeb2005Async\">\n" + " <wsp:PolicyReference URI=\"#UserNameWSTrustBinding_IWSTrustFeb2005Async_policy\" />\n" + " <soap12:binding transport=\"http://schemas.xmlsoap.org/soap/http\" />\n" + " <wsdl:operation name=\"TrustFeb2005IssueAsync\">\n" + " <soap12:operation soapAction=\"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue\" style=\"document\" />\n" + " <wsdl:input>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:input>\n" + " <wsdl:output>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:output>\n" + " </wsdl:operation>\n" + " </wsdl:binding>\n" + " <wsdl:binding name=\"IssuedTokenWSTrustBinding_IWSTrustFeb2005Async\" type=\"tns:IWSTrustFeb2005Async\">\n" + " <wsp:PolicyReference URI=\"#IssuedTokenWSTrustBinding_IWSTrustFeb2005Async_policy\" />\n" + " <soap12:binding transport=\"http://schemas.xmlsoap.org/soap/http\" />\n" + " <wsdl:operation name=\"TrustFeb2005IssueAsync\">\n" + " <soap12:operation soapAction=\"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue\" style=\"document\" />\n" + " <wsdl:input>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:input>\n" + " <wsdl:output>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:output>\n" + " </wsdl:operation>\n" + " </wsdl:binding>\n" + " <wsdl:binding name=\"IssuedTokenWSTrustBinding_IWSTrustFeb2005Async1\" type=\"tns:IWSTrustFeb2005Async\">\n" + " <wsp:PolicyReference URI=\"#IssuedTokenWSTrustBinding_IWSTrustFeb2005Async1_policy\" />\n" + " <soap12:binding transport=\"http://schemas.xmlsoap.org/soap/http\" />\n" + " <wsdl:operation name=\"TrustFeb2005IssueAsync\">\n" + " <soap12:operation soapAction=\"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue\" style=\"document\" />\n" + " <wsdl:input>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:input>\n" + " <wsdl:output>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:output>\n" + " </wsdl:operation>\n" + " </wsdl:binding>\n" + " <wsdl:binding name=\"CertificateWSTrustBinding_IWSTrust13Async\" type=\"tns:IWSTrust13Async\">\n" + " <wsp:PolicyReference URI=\"#CertificateWSTrustBinding_IWSTrust13Async_policy\" />\n" + " <soap12:binding transport=\"http://schemas.xmlsoap.org/soap/http\" />\n" + " <wsdl:operation name=\"Trust13IssueAsync\">\n" + " <soap12:operation soapAction=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue\" style=\"document\" />\n" + " <wsdl:input>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:input>\n" + " <wsdl:output>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:output>\n" + " </wsdl:operation>\n" + " </wsdl:binding>\n" + " <wsdl:binding name=\"UserNameWSTrustBinding_IWSTrust13Async\" type=\"tns:IWSTrust13Async\">\n" + " <wsp:PolicyReference URI=\"#UserNameWSTrustBinding_IWSTrust13Async_policy\" />\n" + " <soap12:binding transport=\"http://schemas.xmlsoap.org/soap/http\" />\n" + " <wsdl:operation name=\"Trust13IssueAsync\">\n" + " <soap12:operation soapAction=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue\" style=\"document\" />\n" + " <wsdl:input>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:input>\n" + " <wsdl:output>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:output>\n" + " </wsdl:operation>\n" + " </wsdl:binding>\n" + " <wsdl:binding name=\"IssuedTokenWSTrustBinding_IWSTrust13Async\" type=\"tns:IWSTrust13Async\">\n" + " <wsp:PolicyReference URI=\"#IssuedTokenWSTrustBinding_IWSTrust13Async_policy\" />\n" + " <soap12:binding transport=\"http://schemas.xmlsoap.org/soap/http\" />\n" + " <wsdl:operation name=\"Trust13IssueAsync\">\n" + " <soap12:operation soapAction=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue\" style=\"document\" />\n" + " <wsdl:input>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:input>\n" + " <wsdl:output>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:output>\n" + " </wsdl:operation>\n" + " </wsdl:binding>\n" + " <wsdl:binding name=\"IssuedTokenWSTrustBinding_IWSTrust13Async1\" type=\"tns:IWSTrust13Async\">\n" + " <wsp:PolicyReference URI=\"#IssuedTokenWSTrustBinding_IWSTrust13Async1_policy\" />\n" + " <soap12:binding transport=\"http://schemas.xmlsoap.org/soap/http\" />\n" + " <wsdl:operation name=\"Trust13IssueAsync\">\n" + " <soap12:operation soapAction=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue\" style=\"document\" />\n" + " <wsdl:input>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:input>\n" + " <wsdl:output>\n" + " <soap12:body use=\"literal\" />\n" + " </wsdl:output>\n" + " </wsdl:operation>\n" + " </wsdl:binding>\n" + " <wsdl:service name=\"SecurityTokenService\">\n" + " <wsdl:port name=\"UserNameWSTrustBinding_IWSTrustFeb2005Async\" binding=\"tns:UserNameWSTrustBinding_IWSTrustFeb2005Async\">\n" + " <soap12:address location=\"$params1\"/>\n" + " <wsa10:EndpointReference>\n" + " <wsa10:Address>$params1</wsa10:Address>\n" + " </wsa10:EndpointReference>\n" + " </wsdl:port>\n" + " <wsdl:port name=\"UserNameWSTrustBinding_IWSTrust13Async\" binding=\"tns:UserNameWSTrustBinding_IWSTrust13Async\">\n" + " <soap12:address location=\"$params1\"/>\n" + " <wsa10:EndpointReference>\n" + " <wsa10:Address>$params1</wsa10:Address>\n" + " </wsa10:EndpointReference>\n" + " </wsdl:port>\n" + " </wsdl:service>\n" + " </wsdl:definitions>\n" + " </wsx:MetadataSection>\n" + " <wsx:MetadataSection xmlns=\"\" Dialect=\"http://www.w3.org/2001/XMLSchema\" Identifier=\"http://schemas.microsoft.com/Message\">\n" + " <xs:schema xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:tns=\"http://schemas.microsoft.com/Message\" elementFormDefault=\"qualified\" targetNamespace=\"http://schemas.microsoft.com/Message\">\n" + " <xs:complexType name=\"MessageBody\">\n" + " <xs:sequence>\n" + " <xs:any minOccurs=\"0\" maxOccurs=\"unbounded\" namespace=\"##any\" />\n" + " </xs:sequence>\n" + " </xs:complexType>\n" + " </xs:schema>\n" + " </wsx:MetadataSection>\n" + " <wsx:MetadataSection xmlns=\"\" Dialect=\"http://www.w3.org/2001/XMLSchema\" Identifier=\"http://schemas.xmlsoap.org/ws/2005/02/trust\">\n" + " <xs:schema xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:wst=\"http://schemas.xmlsoap.org/ws/2005/02/trust\" elementFormDefault=\"qualified\" targetNamespace=\"http://schemas.xmlsoap.org/ws/2005/02/trust\">\n" + " <xs:element name=\"RequestSecurityToken\" type=\"wst:RequestSecurityTokenType\" />\n" + " <xs:complexType name=\"RequestSecurityTokenType\">\n" + " <xs:choice minOccurs=\"0\" maxOccurs=\"unbounded\">\n" + " <xs:any minOccurs=\"0\" maxOccurs=\"unbounded\" namespace=\"##any\" processContents=\"lax\" />\n" + " </xs:choice>\n" + " <xs:attribute name=\"Context\" type=\"xs:anyURI\" use=\"optional\" />\n" + " <xs:anyAttribute namespace=\"##other\" processContents=\"lax\" />\n" + " </xs:complexType>\n" + " <xs:element name=\"RequestSecurityTokenResponse\" type=\"wst:RequestSecurityTokenResponseType\" />\n" + " <xs:complexType name=\"RequestSecurityTokenResponseType\">\n" + " <xs:choice minOccurs=\"0\" maxOccurs=\"unbounded\">\n" + " <xs:any minOccurs=\"0\" maxOccurs=\"unbounded\" namespace=\"##any\" processContents=\"lax\" />\n" + " </xs:choice>\n" + " <xs:attribute name=\"Context\" type=\"xs:anyURI\" use=\"optional\" />\n" + " <xs:anyAttribute namespace=\"##other\" processContents=\"lax\" />\n" + " </xs:complexType>\n" + " </xs:schema>\n" + " </wsx:MetadataSection>\n" + " <wsx:MetadataSection xmlns=\"\" Dialect=\"http://www.w3.org/2001/XMLSchema\" Identifier=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512\">\n" + " <xs:schema xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:trust=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512\" elementFormDefault=\"qualified\" targetNamespace=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512\">\n" + " <xs:element name=\"RequestSecurityToken\" type=\"trust:RequestSecurityTokenType\" />\n" + " <xs:complexType name=\"RequestSecurityTokenType\">\n" + " <xs:choice minOccurs=\"0\" maxOccurs=\"unbounded\">\n" + " <xs:any minOccurs=\"0\" maxOccurs=\"unbounded\" namespace=\"##any\" processContents=\"lax\" />\n" + " </xs:choice>\n" + " <xs:attribute name=\"Context\" type=\"xs:anyURI\" use=\"optional\" />\n" + " <xs:anyAttribute namespace=\"##other\" processContents=\"lax\" />\n" + " </xs:complexType>\n" + " <xs:element name=\"RequestSecurityTokenResponse\" type=\"trust:RequestSecurityTokenResponseType\" />\n" + " <xs:complexType name=\"RequestSecurityTokenResponseType\">\n" + " <xs:choice minOccurs=\"0\" maxOccurs=\"unbounded\">\n" + " <xs:any minOccurs=\"0\" maxOccurs=\"unbounded\" namespace=\"##any\" processContents=\"lax\" />\n" + " </xs:choice>\n" + " <xs:attribute name=\"Context\" type=\"xs:anyURI\" use=\"optional\" />\n" + " <xs:anyAttribute namespace=\"##other\" processContents=\"lax\" />\n" + " </xs:complexType>\n" + " <xs:element name=\"RequestSecurityTokenResponseCollection\" type=\"trust:RequestSecurityTokenResponseCollectionType\" />\n" + " <xs:complexType name=\"RequestSecurityTokenResponseCollectionType\">\n" + " <xs:sequence>\n" + " <xs:element minOccurs=\"1\" maxOccurs=\"unbounded\" ref=\"trust:RequestSecurityTokenResponse\" />\n" + " </xs:sequence>\n" + " <xs:anyAttribute namespace=\"##other\" processContents=\"lax\" />\n" + " </xs:complexType>\n" + " </xs:schema>\n" + " </wsx:MetadataSection>\n" + " </Metadata>"; response = response.replace("$params1", stsEndpointUrl); OMElement omBody = null; try { omBody = AXIOMUtil.stringToOM(response); } catch (XMLStreamException e) { throw new MexException("Error on transforming the Mex response", e); } if (log.isDebugEnabled()) { log.debug("Mex-Endpoint-Response => " + response); } return omBody; }
From source file:view.CertificatePropertiesDialog.java
private void export(X509Certificate x509c) { try {// w w w.j a va 2s .c om JFileChooser fileChooser = new JFileChooser(); fileChooser.setDialogTitle(Bundle.getBundle().getString("title.saveAs")); FileNameExtensionFilter cerFilter = new FileNameExtensionFilter( Bundle.getBundle().getString("filter.certificateFiles") + " (*.cer)", "cer"); fileChooser.setFileFilter(cerFilter); File preferedFile = new File(getCertificateCN(x509c) + ".cer"); fileChooser.setSelectedFile(preferedFile); int userSelection = fileChooser.showSaveDialog(this); if (userSelection == JFileChooser.APPROVE_OPTION) { String dest = fileChooser.getSelectedFile().getAbsolutePath(); File file = new File(dest); byte[] buf = x509c.getEncoded(); FileOutputStream os = new FileOutputStream(file); os.write(buf); os.close(); Writer wr = new OutputStreamWriter(os, Charset.forName("UTF-8")); wr.write(new sun.misc.BASE64Encoder().encode(buf)); JOptionPane.showMessageDialog(this, Bundle.getBundle().getString("certSuccessfullyExported"), "", JOptionPane.INFORMATION_MESSAGE); } } catch (CertificateEncodingException ex) { JOptionPane.showMessageDialog(this, Bundle.getBundle().getString("certExportFailed") + "\n" + Bundle.getBundle().getString("certInvalidEncoding"), "", JOptionPane.ERROR_MESSAGE); //Logger.getLogger(CertificatePropertiesDialog.class.getName()).log(Level.SEVERE, null, ex); } catch (FileNotFoundException ex) { JOptionPane.showMessageDialog(this, Bundle.getBundle().getString("certExportFailed") + "\n" + Bundle.getBundle().getString("noWritePermissions"), "", JOptionPane.ERROR_MESSAGE); //Logger.getLogger(CertificatePropertiesDialog.class.getName()).log(Level.SEVERE, null, ex); export(x509c); } catch (IOException ex) { JOptionPane.showMessageDialog(this, Bundle.getBundle().getString("certExportFailed") + "\n" + Bundle.getBundle().getString("errorCreatingOutputFile"), "", JOptionPane.ERROR_MESSAGE); //Logger.getLogger(CertificatePropertiesDialog.class.getName()).log(Level.SEVERE, null, ex); export(x509c); } }
From source file:se.leap.bitmaskclient.ProviderAPI.java
private boolean validCertificate(String cert_string) { boolean result = false; if (!ConfigHelper.checkErroneousDownload(cert_string)) { X509Certificate certificate = ConfigHelper.parseX509CertificateFromString(cert_string); try {//ww w. ja v a 2s . co m if (certificate != null) { JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); String fingerprint = provider_json.getString(Provider.CA_CERT_FINGERPRINT); String encoding = fingerprint.split(":")[0]; String expected_fingerprint = fingerprint.split(":")[1]; String real_fingerprint = base64toHex(Base64.encodeToString( MessageDigest.getInstance(encoding).digest(certificate.getEncoded()), Base64.DEFAULT)); result = real_fingerprint.trim().equalsIgnoreCase(expected_fingerprint.trim()); } else result = false; } catch (JSONException e) { result = false; } catch (NoSuchAlgorithmException e) { result = false; } catch (CertificateEncodingException e) { result = false; } } return result; }
From source file:be.fedict.eid.dss.protocol.simple.SimpleDSSProtocolService.java
public BrowserPOSTResponse handleResponse(SignatureStatus signatureStatus, byte[] signedDocument, String artifact, X509Certificate signerCertificate, HttpSession httpSession, HttpServletRequest request, HttpServletResponse response) throws Exception { LOG.debug("handleResponse"); String target = retrieveTarget(httpSession); BrowserPOSTResponse browserPOSTResponse = new BrowserPOSTResponse(target); browserPOSTResponse.addAttribute("SignatureStatus", signatureStatus.getStatus()); /*/*from w w w .ja va 2 s . c o m*/ * Add RelayState if available */ String relayState = retrieveRelayState(httpSession); if (null != relayState) { browserPOSTResponse.addAttribute("RelayState", relayState); } if (SignatureStatus.OK == signatureStatus) { String signatureRequest = retrieveSignatureRequest(httpSession); String signatureRequestId = retrieveSignatureRequestId(httpSession); String encodedSignedDocument = Base64.encodeBase64String(signedDocument); if (null != signatureRequest) { browserPOSTResponse.addAttribute("SignatureResponse", encodedSignedDocument); } else { browserPOSTResponse.addAttribute("SignatureResponseId", artifact); } byte[] derSignerCertificate = signerCertificate.getEncoded(); String encodedSignatureCertificate = Base64.encodeBase64String(derSignerCertificate); browserPOSTResponse.addAttribute("SignatureCertificate", encodedSignatureCertificate); KeyStore.PrivateKeyEntry identityPrivateKeyEntry = this.dssContext.getIdentity(); if (null != identityPrivateKeyEntry) { LOG.debug("signing the response"); if (null != signatureRequest) { browserPOSTResponse.addAttribute("ServiceSigned", URLEncoder.encode( "target,SignatureRequest," + "SignatureResponse," + "SignatureCertificate", "UTF-8")); } else { browserPOSTResponse.addAttribute("ServiceSigned", URLEncoder.encode( "target,SignatureRequestId," + "SignatureResponseId," + "SignatureCertificate", "UTF-8")); } // service signature Signature serviceSignature = Signature.getInstance("SHA1withRSA"); serviceSignature.initSign(identityPrivateKeyEntry.getPrivateKey()); serviceSignature.update(target.getBytes()); if (null != signatureRequest) { serviceSignature.update(signatureRequest.getBytes()); serviceSignature.update(encodedSignedDocument.getBytes()); } else { serviceSignature.update(signatureRequestId.getBytes()); serviceSignature.update(artifact.getBytes()); } serviceSignature.update(encodedSignatureCertificate.getBytes()); byte[] serviceSignatureValue = serviceSignature.sign(); String encodedServiceSignature = Base64.encodeBase64String(serviceSignatureValue); browserPOSTResponse.addAttribute("ServiceSignature", encodedServiceSignature); // service certificate chain Certificate[] serviceCertificateChain = identityPrivateKeyEntry.getCertificateChain(); browserPOSTResponse.addAttribute("ServiceCertificateChainSize", Integer.toString(serviceCertificateChain.length)); for (int certIdx = 0; certIdx < serviceCertificateChain.length; certIdx++) { Certificate certificate = serviceCertificateChain[certIdx]; String encodedServiceCertificate = Base64.encodeBase64String(certificate.getEncoded()); browserPOSTResponse.addAttribute("ServiceCertificate." + (certIdx + 1), encodedServiceCertificate); } } } return browserPOSTResponse; }
From source file:org.wso2.carbon.identity.sts.mex.MexGetService.java
/** * This method adds EndPointReference element into Port element of the WSDL *//*from w ww .j av a 2 s . c o m*/ private void addIIdentityAddressing(OMElement portElem, X509Certificate cert) throws AxisFault { if (log.isDebugEnabled()) { log.debug("addIIdentityAddressing - port Element found"); } try { Iterator ite = portElem.getChildElements(); String address = null; while (ite.hasNext()) { OMElement elem = (OMElement) ite.next(); if ("address".equals(elem.getLocalName())) { address = elem.getAttributeValue(new QName("", "location")); break; // only one address element } } if (address == null) { throw new AxisFault("Address inside Port Element is null"); } EndpointReference ref = new EndpointReference(address); OMFactory factory = portElem.getOMFactory(); // this is an OM bug // OMFactory factory = OMAbstractFactory.getOMFactory(); OMElement identityElem = factory .createOMElement(new QName(IdentityConstants.IDENTITY_ADDRESSING_NS, IDENTITY_LN)); OMNamespace ns = factory.createOMNamespace(XMLSignature.XMLNS, "dsig"); OMElement keyInfoElem = factory.createOMElement(KEY_INFO_LN, ns); OMElement X509DataElem = factory.createOMElement(X509DATA_LN, ns); OMElement X509CertElem = factory.createOMElement(X509CERT_LN, ns); byte[] byteArray = cert.getEncoded(); X509CertElem.setText(Base64.encode(byteArray)); X509DataElem.addChild(X509CertElem); keyInfoElem.addChild(X509DataElem); identityElem.addChild(keyInfoElem); ArrayList lst = new ArrayList(); lst.add(identityElem); ref.setExtensibleElements(lst); QName qname = new QName(AddressingConstants.Final.WSA_NAMESPACE, "EndpointReference", WSA_PREFIX); OMElement refElem = EndpointReferenceHelper.toOM(factory, ref, qname, AddressingConstants.Final.WSA_NAMESPACE); portElem.addChild(refElem); } catch (Exception e) { throw new AxisFault(e.getMessage(), e); } }
From source file:com.codedx.burp.security.InvalidCertificateDialogStrategy.java
@Override public CertificateAcceptance checkAcceptance(Certificate genericCert, CertificateException certError) { if (genericCert instanceof X509Certificate && defaultHostVerifier instanceof DefaultHostnameVerifier) { X509Certificate cert = (X509Certificate) genericCert; DefaultHostnameVerifier verifier = (DefaultHostnameVerifier) defaultHostVerifier; JPanel message = new JPanel(new GridBagLayout()); GridBagConstraints gbc = new GridBagConstraints(); gbc.gridwidth = 2;//from w ww. j a va2 s. c o m gbc.insets = new Insets(0, 0, 10, 0); gbc.anchor = GridBagConstraints.WEST; message.add( new JLabel("Unable to establish a secure connection because the certificate is not trusted"), gbc); gbc = new GridBagConstraints(); gbc.gridy = 2; gbc.insets = new Insets(2, 0, 2, 0); gbc.anchor = GridBagConstraints.WEST; JLabel issuer = new JLabel("Issuer: "); Font defaultFont = issuer.getFont(); Font bold = new Font(defaultFont.getName(), Font.BOLD, defaultFont.getSize()); issuer.setFont(bold); message.add(issuer, gbc); gbc.gridx = 1; message.add(new JLabel(cert.getIssuerDN().toString()), gbc); try { JLabel fingerprint = new JLabel("Thumbprint: "); fingerprint.setFont(bold); gbc.gridx = 0; gbc.gridy += 1; message.add(fingerprint, gbc); gbc.gridx = 1; message.add(new JLabel(toHexString(getSHA1(cert.getEncoded()), " ")), gbc); } catch (CertificateEncodingException e) { // this shouldn't actually ever happen } try { verifier.verify(host, cert); } catch (SSLException e) { String cn = getCN(cert); JLabel mismatch = new JLabel("Host Mismatch: "); mismatch.setFont(bold); gbc.gridx = 0; gbc.gridy += 1; message.add(mismatch, gbc); String msg; if (cn != null) { msg = String.format("Expected '%s', but the certificate is for '%s'.", host, cn); } else { msg = e.getMessage(); } gbc.gridx = 1; message.add(new JLabel(msg), gbc); } // Open the dialog, and return its result int choice = JOptionPane.showOptionDialog(burpExtender.getUiComponent(), message, dialogTitle, JOptionPane.YES_NO_CANCEL_OPTION, JOptionPane.PLAIN_MESSAGE, null, dialogButtons, null); switch (choice) { case (0): return CertificateAcceptance.REJECT; case (1): return CertificateAcceptance.ACCEPT_TEMPORARILY; case (2): return CertificateAcceptance.ACCEPT_PERMANENTLY; } } return CertificateAcceptance.REJECT; }
From source file:ee.signwise.sdk.service.SignWiseConnection.java
/** * Writes the cert to pem (base64 format) * @param cert certificate/*from w w w . j a v a 2 s. c o m*/ * @param certFile certificates file name * @return true for success */ private byte[] writeCertToPem(X509Certificate cert) throws IOException, CertificateEncodingException { ByteArrayOutputStream bos = null; byte[] data = null; try { bos = new ByteArrayOutputStream(); bos.write(PEM_HDR1.getBytes()); bos.write(Base64.encodeBase64(cert.getEncoded())); /*byte[] cdata = Base64.encodeBase64(cert.getEncoded()); for(int i = 0; i < cdata.length; i += 64) { int j = 64; if(i + j > cdata.length) j = cdata.length - i; bos.write(cdata, i, j); bos.write("\r\n".getBytes()); }*/ bos.write(PEM_HDR2.getBytes()); data = bos.toByteArray(); bos.close(); bos = null; } catch (IOException ex) { //DigiDocException.handleException(ex, DigiDocException.ERR_READ_FILE); } finally { if (bos != null) { try { bos.close(); } catch (Exception ex2) { m_logger.error("Error closing streams: " + ex2); } } } return data; }
From source file:org.signserver.server.log.SystemLoggingTest.java
@Test public void test01LogCertChainInstalled() throws Exception { LOG.info(">test01LogCertChainInstalled"); int linesBefore = readEntriesCount(auditLogFile); // Test with uploadSignerCertificateChain method (global scope) KeyPair issuerKeyPair = CryptoUtils.generateRSA(512); final X509Certificate issuerCert = new JcaX509CertificateConverter().getCertificate( new CertBuilder().setSelfSignKeyPair(issuerKeyPair).setSubject("CN=Issuer, C=SE").build()); final X509Certificate cert = new JcaX509CertificateConverter() .getCertificate(new CertBuilder().setIssuerPrivateKey(issuerKeyPair.getPrivate()) .setSubject("CN=Signer,C=SE").setIssuer("CN=Issuer, C=SE").build()); workerSession.uploadSignerCertificateChain(signerId, Arrays.asList(cert.getEncoded(), issuerCert.getEncoded()), GlobalConfiguration.SCOPE_GLOBAL); List<String> lines = readEntries(auditLogFile, linesBefore, 2); LOG.info(lines);/*w w w .ja v a2s . c o m*/ String line = getTheLineContaining(lines, "EVENT: SET_WORKER_CONFIG"); assertNotNull("Contains event", line); assertTrue("Contains module", line.contains("MODULE: WORKER_CONFIG")); assertTrue("Contains worker id", line.contains("WORKER_ID: " + signerId)); line = getTheLineContaining(lines, "EVENT: CERTCHAININSTALLED"); assertNotNull("Contains event", line); assertTrue("Contains module", line.contains("MODULE: WORKER_CONFIG")); assertTrue("Contains worker id", line.contains("WORKER_ID: " + signerId)); assertTrue("Contains certificate", line.contains( new String(CertTools.getPEMFromCerts(Arrays.asList(cert, issuerCert))).replace("\r\n", "\n"))); assertTrue("Contains scope", line.contains("SCOPE: GLOBAL")); // Test removeProperty if (!workerSession.removeWorkerProperty(signerId, "SIGNERCERTCHAIN")) { throw new Exception("Property could not be removed"); } lines = readEntries(auditLogFile, linesBefore + 2, 2); LOG.info(lines); line = getTheLineContaining(lines, "EVENT: CERTCHAININSTALLED"); assertNotNull("Contains event", line); assertTrue("Contains module", line.contains("MODULE: WORKER_CONFIG")); assertTrue("Contains worker id", line.contains("WORKER_ID: " + signerId)); assertTrue("Contains empty certificate chain", line.contains("CERTIFICATECHAIN: ;")); assertTrue("Contains scope", line.contains("SCOPE: GLOBAL")); line = getTheLineContaining(lines, "EVENT: SET_WORKER_CONFIG"); assertNotNull("Contains event", line); assertTrue("Contains module", line.contains("MODULE: WORKER_CONFIG")); assertTrue("Contains worker id", line.contains("WORKER_ID: " + signerId)); // Test with uploadSignerCertificateChain method (node scope) linesBefore = readEntriesCount(auditLogFile); workerSession.uploadSignerCertificateChain(signerId, Arrays.asList(cert.getEncoded(), issuerCert.getEncoded()), GlobalConfiguration.SCOPE_NODE); lines = readEntries(auditLogFile, linesBefore, 2); LOG.info(lines); line = getTheLineContaining(lines, "EVENT: SET_WORKER_CONFIG"); assertNotNull("Contains event", line); assertTrue("Contains module", line.contains("MODULE: WORKER_CONFIG")); assertTrue("Contains worker id", line.contains("WORKER_ID: " + signerId)); line = getTheLineContaining(lines, "EVENT: CERTCHAININSTALLED"); assertNotNull("Contains event", line); assertTrue("Contains module", line.contains("MODULE: WORKER_CONFIG")); assertTrue("Contains worker id", line.contains("WORKER_ID: " + signerId)); assertTrue("Contains certificate", line.contains( new String(CertTools.getPEMFromCerts(Arrays.asList(cert, issuerCert))).replace("\r\n", "\n"))); assertTrue("Contains scope", line.contains("SCOPE: NODE")); assertTrue("Contains node", line.contains("NODE: " + WorkerConfig.getNodeId())); // Remove the property workerSession.removeWorkerProperty(signerId, "SIGNERCERTCHAIN"); // Test when setting the property manually (global scope) linesBefore = readEntriesCount(auditLogFile); workerSession.setWorkerProperty(signerId, "SIGNERCERTCHAIN", new String(CertTools.getPEMFromCerts(Arrays.asList(cert, issuerCert))).replace("\r\n", "\n")); lines = readEntries(auditLogFile, linesBefore, 2); LOG.info(lines); line = getTheLineContaining(lines, "EVENT: SET_WORKER_CONFIG"); assertNotNull("Contains event", line); assertTrue("Contains module", line.contains("MODULE: WORKER_CONFIG")); assertTrue("Contains worker id", line.contains("WORKER_ID: " + signerId)); line = getTheLineContaining(lines, "EVENT: CERTCHAININSTALLED"); assertNotNull("Contains event", line); assertTrue("Contains module", line.contains("MODULE: WORKER_CONFIG")); assertTrue("Contains worker id", line.contains("WORKER_ID: " + signerId)); assertTrue("Contains certificate", line.contains( new String(CertTools.getPEMFromCerts(Arrays.asList(cert, issuerCert))).replace("\r\n", "\n"))); assertTrue("Contains scope", line.contains("SCOPE: GLOBAL")); // Remove the property if (!workerSession.removeWorkerProperty(signerId, "SIGNERCERTCHAIN")) { throw new Exception("Could not remove property"); } // Test when setting the property manually (node scope) linesBefore = readEntriesCount(auditLogFile); workerSession.setWorkerProperty(signerId, "NODE47.SIGNERCERTCHAIN", new String(CertTools.getPEMFromCerts(Arrays.asList(cert, issuerCert))).replace("\r\n", "\n")); lines = readEntries(auditLogFile, linesBefore, 2); LOG.info(lines); line = getTheLineContaining(lines, "EVENT: SET_WORKER_CONFIG"); assertNotNull("Contains event", line); assertTrue("Contains module", line.contains("MODULE: WORKER_CONFIG")); assertTrue("Contains worker id", line.contains("WORKER_ID: " + signerId)); line = getTheLineContaining(lines, "EVENT: CERTCHAININSTALLED"); assertNotNull("Contains event", line); assertTrue("Contains module", line.contains("MODULE: WORKER_CONFIG")); assertTrue("Contains worker id", line.contains("WORKER_ID: " + signerId)); assertTrue("Contains certificate", line.contains( new String(CertTools.getPEMFromCerts(Arrays.asList(cert, issuerCert))).replace("\r\n", "\n"))); assertTrue("Contains scope", line.contains("SCOPE: NODE")); assertTrue("Contains node", line.contains("NODE: NODE47")); // Remove the property workerSession.removeWorkerProperty(signerId, "NODE47.SIGNERCERTCHAIN"); }