META-INF.spring.cxf-endpoints.xml Maven / Gradle / Ivy
<?xml version="1.0" encoding="UTF-8"?>
<!--
Unless explicitly acquired and licensed from Licensor under another license, the contents of
this file are subject to the Reciprocal Public License ("RPL") Version 1.5, or subsequent
versions as allowed by the RPL, and You may not copy or use this file in either source code
or executable form, except in compliance with the terms and conditions of the RPL
All software distributed under the RPL is provided strictly on an "AS IS" basis, WITHOUT
WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, AND LICENSOR HEREBY DISCLAIMS ALL SUCH
WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE, QUIET ENJOYMENT, OR NON-INFRINGEMENT. See the RPL for specific language
governing rights and limitations under the RPL.
http://opensource.org/licenses/RPL-1.5
Copyright 2012-2015 Open Justice Broker Consortium
-->
<!-- Configures the Camel Context-->
<!-- These are common endpoints which are used by all member implementations -->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cxf="http://camel.apache.org/schema/cxf"
xmlns:wsa="http://cxf.apache.org/ws/addressing"
xmlns:wsp="http://www.w3.org/2006/07/ws-policy"
xmlns:policy="http://cxf.apache.org/policy"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xsi:schemaLocation="
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd
http://www.w3.org/2006/07/ws-policy http://www.w3.org/2006/07/ws-policy.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
http://cxf.apache.org/ws/addressing http://cxf.apache.org/schemas/ws-addr-conf.xsd
http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
">
<!-- Firearms Query Request Service, hosted by broker, called by requesting application (usually a portal) address is static-->
<cxf:cxfEndpoint
id="firearmRegistrationQueryRequestService"
address="${federatedQuery.firearms.firearmRegistrationQueryOJBEndpoint}"
wsdlURL="classpath:ssp/Firearm_Registration_Query_Request/schema/SIP_WS_1.2/Firearm_Registration_Query_Request_Service.wsdl"
serviceName="ojbc:Firearm_Registration_Query_Request_Service_Service"
endpointName="ojbc:Firearm_Registration_Query_Request_Secure_Service"
xmlns:ojbc="http://ojbc.org/Services/WSDL/FirearmRegistrationQueryRequestService/1.0"
>
<cxf:properties>
<entry key="ws-security.callback-handler" value-ref="passwordCallbackHandler" />
<entry key="ws-security.signature.properties" value-ref="firearmsRequestKeystoreProperties" />
<entry key="ws-security.signature.username" value="${federatedQuery.firearms.keystoreCertificateAlias}" />
<entry key="ws-security.saml2.validator" value-ref="OJBSimpleWSPSamlTokenValidator" />
<entry key="ws-security.validate.audience-restriction" value="false" />
</cxf:properties>
</cxf:cxfEndpoint>
<!-- Firearms Query Results handler, hosted by broker, called by adapter, address is static -->
<cxf:cxfEndpoint
id="firearmRegistrationQueryResultsHandlerService"
address="${federatedQuery.firearms.firearmRegistrationQueryResultsHandlerEndpoint}"
wsdlURL="classpath:ssp/Firearm_Registration_Query_Results/schema/SIP_WS_1.2/Firearm_Registration_Query_Results_Service.wsdl"
serviceName="ojbc:Firearm_Registration_Query_Results_Service_Service"
endpointName="ojbc:Firearm_Registration_Query_Results_Secure_Service"
xmlns:ojbc="http://ojbc.org/Services/WSDL/FirearmRegistrationQueryResultsService/1.0"
>
<cxf:features>
<policy:policies>
<wsp:Policy xmlns:wsam="http://www.w3.org/2007/02/addressing/metadata">
<wsam:Addressing>
<wsp:Policy/>
</wsam:Addressing>
</wsp:Policy>
</policy:policies>
</cxf:features>
</cxf:cxfEndpoint>
<!-- Firearms Query Request Service Adapter, hosted by adapter, called by broker, address set dynamically -->
<cxf:cxfEndpoint id="firearmRegistrationQueryRequestServiceAdapter"
wsdlURL="classpath:ssp/Firearm_Registration_Query_Request/schema/SIP_WS_1.2/Firearm_Registration_Query_Request_Service.wsdl"
serviceName="ojbc:Firearm_Registration_Query_Request_Service_Service"
endpointName="ojbc:Firearm_Registration_Query_Request_Secure_Service"
xmlns:ojbc="http://ojbc.org/Services/WSDL/FirearmRegistrationQueryRequestService/1.0">
<cxf:properties>
<entry key="ws-security.saml-callback-handler" value-ref="ojbSamlCallbackHandler"/>
<entry key="ws-security.callback-handler" value-ref="passwordCallbackHandler" />
<entry key="ws-security.signature.properties" value-ref="firearmsRequestKeystoreProperties" />
<entry key="ws-security.signature.username" value="${federatedQuery.firearms.keystoreCertificateAlias}" />
</cxf:properties>
</cxf:cxfEndpoint>
<!-- Present Firearm Query Query Results typically hosted by a Web App, called by broker, address set dynamically-->
<cxf:cxfEndpoint
id="presentFirearmRegistrationQueryResultsService"
address="${federatedQuery.firearms.presentFirearmRegistrationQueryResultsEndpoint}"
wsdlURL="classpath:ssp/Firearm_Registration_Query_Results/schema/SIP_WS_1.2/Firearm_Registration_Query_Results_Service.wsdl"
serviceName="ojbc:Firearm_Registration_Query_Results_Service_Service"
endpointName="ojbc:Firearm_Registration_Query_Results_Secure_Service"
xmlns:ojbc="http://ojbc.org/Services/WSDL/FirearmRegistrationQueryResultsService/1.0"
>
<cxf:features>
<policy:policies>
<wsp:Policy xmlns:wsam="http://www.w3.org/2007/02/addressing/metadata">
<wsam:Addressing>
<wsp:Policy/>
</wsam:Addressing>
</wsp:Policy>
</policy:policies>
</cxf:features>
</cxf:cxfEndpoint>
<!-- Used for SSL/TLS Connection. No CCA, just SSL. -->
<http:conduit
name="https://.*">
<http:tlsClientParameters disableCNCheck="true">
<sec:trustManagers>
<sec:keyStore type="JKS"
password="${federatedQuery.firearms.truststorePassword}"
file="${federatedQuery.firearms.truststoreLocation}" />
</sec:trustManagers>
<sec:cipherSuitesFilter>
<!-- these filters ensure that a strong ciphersuite will be used -->
<sec:include>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</sec:include>
<sec:include>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</sec:include>
<sec:include>TLS_RSA_WITH_AES_128_CBC_SHA</sec:include>
<sec:include>SSL_RSA_WITH_3DES_EDE_CBC_SHA</sec:include>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
<http:client AutoRedirect="true" Connection="Keep-Alive" />
</http:conduit>
<bean id="passwordCallbackHandler" class="org.ojbc.util.ws.security.ClientCallbackMap">
<property name="passwords">
<map>
<entry key="${federatedQuery.firearms.keystoreCertificateAlias}" value="${federatedQuery.firearms.keyPassword}"/>
</map>
</property>
</bean>
<bean id="OJBSimpleWSPSamlTokenValidator" class="org.ojbc.util.validator.OJBSimpleWSPSamlTokenValidator"/>
<util:properties id="firearmsRequestKeystoreProperties">
<prop key="org.apache.ws.security.crypto.provider">org.apache.ws.security.components.crypto.Merlin</prop>
<prop key="org.apache.ws.security.crypto.merlin.keystore.type">jks</prop>
<prop key="org.apache.ws.security.crypto.merlin.keystore.password">${federatedQuery.firearms.keystorePassword}</prop>
<prop key="org.apache.ws.security.crypto.merlin.keystore.alias">${federatedQuery.firearms.keystoreCertificateAlias}</prop>
<prop key="org.apache.ws.security.crypto.merlin.keystore.file">${federatedQuery.firearms.keystoreLocation}</prop>
</util:properties>
</beans>