main/resources/sts_x509_asymmetric.wsdl

	sts_x509_asymmetric.wsdl revision 436f7e7486ac9ffbc8e0f41255533b1a77ca1d3a
<wsdl:definitions
        targetNamespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
        xmlns:tns="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
        xmlns:wstrust="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
        xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
        xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
        xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
        xmlns:wsp="http://www.w3.org/ns/ws-policy"
        xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">

    <wsdl:import location="ws-trust-1.4-service.wsdl"   namespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"/>

    <wsdl:binding name="x509_token_asymmetric_binding" type="wstrust:STS">
        <wsp:PolicyReference URI="#x509_token_asymmetric_policy" />
        <soap:binding style="document"
                      transport="http://schemas.xmlsoap.org/soap/http" />
        <wsdl:operation name="Issue">
            <soap:operation
                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" />
            <wsdl:input>
                <wsp:PolicyReference
                        URI="#signed_body_input_policy" />
                <soap:body use="literal" />
            </wsdl:input>
            <wsdl:output>
                <wsp:PolicyReference
                        URI="#signed_body_output_policy" />
                <soap:body use="literal" />
            </wsdl:output>
        </wsdl:operation>
        <wsdl:operation name="Validate">
            <soap:operation
                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate" />
            <wsdl:input>
                <wsp:PolicyReference
                        URI="#signed_body_input_policy" />
                <soap:body use="literal" />
            </wsdl:input>
            <wsdl:output>
                <wsp:PolicyReference
                        URI="#signed_body_output_policy" />
                <soap:body use="literal" />
            </wsdl:output>
        </wsdl:operation>
        <wsdl:operation name="Cancel">
            <soap:operation
                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel" />
            <wsdl:input>
                <wsp:PolicyReference
                        URI="#signed_body_input_policy" />
                <soap:body use="literal" />
            </wsdl:input>
            <wsdl:output>
                <wsp:PolicyReference
                        URI="#signed_body_output_policy" />
                <soap:body use="literal" />
            </wsdl:output>
        </wsdl:operation>
        <wsdl:operation name="Renew">
            <soap:operation
                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew" />
            <wsdl:input>
                <wsp:PolicyReference
                        URI="#signed_body_input_policy" />
                <soap:body use="literal" />
            </wsdl:input>
            <wsdl:output>
                <wsp:PolicyReference
                        URI="#signed_body_output_policy" />
                <soap:body use="literal" />
            </wsdl:output>
        </wsdl:operation>
        <wsdl:operation name="KeyExchangeToken">
            <soap:operation
                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken" />
            <wsdl:input>
                <wsp:PolicyReference
                        URI="#signed_body_input_policy" />
                <soap:body use="literal" />
            </wsdl:input>
            <wsdl:output>
                <wsp:PolicyReference
                        URI="#signed_body_output_policy" />
                <soap:body use="literal" />
            </wsdl:output>
        </wsdl:operation>
        <wsdl:operation name="RequestCollection">
            <soap:operation
                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection" />
            <wsdl:input>
                <wsp:PolicyReference
                        URI="#signed_body_input_policy" />
                <soap:body use="literal" />
            </wsdl:input>
            <wsdl:output>
                <wsp:PolicyReference
                        URI="#signed_body_output_policy" />
                <soap:body use="literal" />
            </wsdl:output>
        </wsdl:operation>
    </wsdl:binding>

    <!-- 2.2.2 (WSS1.0) Mutual Authentication with X.509 Certificates, Sign, Encrypt -->
    <wsp:Policy wsu:Id="x509_token_asymmetric_policy">
        <wsp:ExactlyOne>
            <wsp:All>
                <sp:AsymmetricBinding>
                    <wsp:Policy>
                        <sp:InitiatorToken>
                            <wsp:Policy>
                                <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
                                    <wsp:Policy>
                                        <sp:WssX509V3Token10/>
                                    </wsp:Policy>
                                </sp:X509Token>
                            </wsp:Policy>
                        </sp:InitiatorToken>
                        <sp:RecipientToken>
                            <wsp:Policy>
                                <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
                                    <wsp:Policy>
                                        <sp:WssX509V3Token10/>
                                    </wsp:Policy>
                                </sp:X509Token>
                            </wsp:Policy>
                        </sp:RecipientToken>
                        <sp:AlgorithmSuite>
                            <wsp:Policy>
                                <sp:Basic128/>
                            </wsp:Policy>
                        </sp:AlgorithmSuite>
                        <sp:Layout>
                            <wsp:Policy>
                                <sp:Strict/>
                            </wsp:Policy>
                        </sp:Layout>
                        <sp:IncludeTimestamp/>
                        <sp:ProtectTokens/>
                        <sp:OnlySignEntireHeadersAndBody/>
                    </wsp:Policy>
                </sp:AsymmetricBinding>
                <sp:Wss10>
                    <wsp:Policy>
                        <sp:MustSupportRefKeyIdentifier/>
                    </wsp:Policy>
                </sp:Wss10>
            </wsp:All>
        </wsp:ExactlyOne>
    </wsp:Policy>
    <wsp:Policy wsu:Id="signed_body_input_policy">
        <wsp:ExactlyOne>
            <wsp:All>
                <sp:SignedParts>
                    <sp:Body/>
                </sp:SignedParts>
                <!--    <sp:EncryptedParts>
                        <sp:Body/>
                    </sp:EncryptedParts> -->
            </wsp:All>
        </wsp:ExactlyOne>
    </wsp:Policy>

    <wsp:Policy wsu:Id="signed_body_output_policy">
        <wsp:ExactlyOne>
            <wsp:All>
                <sp:SignedParts>
                    <sp:Body/>
                </sp:SignedParts>
                <!--    <sp:EncryptedParts>
                        <sp:Body/>
                    </sp:EncryptedParts> -->
            </wsp:All>
        </wsp:ExactlyOne>
    </wsp:Policy>

    <wsdl:service name="x509_asymmetric_sts_service">
        <wsdl:port name="x509_asymmetric_sts_service_port" binding="tns:x509_token_asymmetric_binding">
            <soap:address location=""/>
        </wsdl:port>
    </wsdl:service>
</wsdl:definitions>