main/resources/sts_x509_symmetric.wsdl

	sts_x509_symmetric.wsdl revision 4cc414596f330cc595f62252d964ef97b3795056
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington<?xml version="1.0" encoding="UTF-8"?>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<!--
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms of the Common Development and
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Distribution License (the License). You may not use this file except in compliance with the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * specific language governing permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Software, include this CDDL Header Notice in each file and include
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header, with the fields enclosed by brackets [] replaced by your own identifying
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * information: "Portions Copyrighted [year] [name of copyright owner]".
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster *
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright 2013-2014 ForgeRock AS. All rights reserved.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster-->
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<wsdl:definitions
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        targetNamespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        xmlns:tns="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        xmlns:wstrust="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        xmlns:wsp="http://www.w3.org/ns/ws-policy"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
7b07aea90aa914516cc214e14bf19ed60a1a6c76Peter Major
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington    <wsdl:import location="ws-trust-1.4-service.wsdl"   namespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    <wsdl:binding name="x509_token_symmetric_policy" type="wstrust:STS">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        <wsp:PolicyReference URI="#x509_token_symmetric_policy" />
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden        <soap:binding style="document"
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                      transport="http://schemas.xmlsoap.org/soap/http" />
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden        <wsdl:operation name="Issue">
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden            <soap:operation
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" />
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden            <wsdl:input>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                <wsp:PolicyReference
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                        URI="#signed_body_input_policy" />
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                <soap:body use="literal" />
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden            </wsdl:input>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden            <wsdl:output>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                <wsp:PolicyReference
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                        URI="#signed_body_output_policy" />
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                <soap:body use="literal" />
1d220b52ff470e682af30735b255f1d9ab04df21tom.rumsey@forgerock.com            </wsdl:output>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        </wsdl:operation>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        <wsdl:operation name="Validate">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <soap:operation
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <wsdl:input>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <wsp:PolicyReference
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        URI="#signed_body_input_policy" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <soap:body use="literal" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsdl:input>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <wsdl:output>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <wsp:PolicyReference
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        URI="#signed_body_output_policy" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <soap:body use="literal" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsdl:output>
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington        </wsdl:operation>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        <wsdl:operation name="Cancel">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <soap:operation
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel" />
1d220b52ff470e682af30735b255f1d9ab04df21tom.rumsey@forgerock.com            <wsdl:input>
1d220b52ff470e682af30735b255f1d9ab04df21tom.rumsey@forgerock.com                <wsp:PolicyReference
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                        URI="#signed_body_input_policy" />
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington                <soap:body use="literal" />
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden            </wsdl:input>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden            <wsdl:output>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                <wsp:PolicyReference
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        URI="#signed_body_output_policy" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <soap:body use="literal" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsdl:output>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        </wsdl:operation>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        <wsdl:operation name="Renew">
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden            <soap:operation
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <wsdl:input>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <wsp:PolicyReference
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        URI="#signed_body_input_policy" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <soap:body use="literal" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsdl:input>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <wsdl:output>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <wsp:PolicyReference
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        URI="#signed_body_output_policy" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <soap:body use="literal" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsdl:output>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        </wsdl:operation>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        <wsdl:operation name="KeyExchangeToken">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <soap:operation
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <wsdl:input>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <wsp:PolicyReference
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        URI="#signed_body_input_policy" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <soap:body use="literal" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsdl:input>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <wsdl:output>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <wsp:PolicyReference
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        URI="#signed_body_output_policy" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <soap:body use="literal" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsdl:output>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        </wsdl:operation>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        <wsdl:operation name="RequestCollection">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <soap:operation
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection" />
7b07aea90aa914516cc214e14bf19ed60a1a6c76Peter Major            <wsdl:input>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <wsp:PolicyReference
7b07aea90aa914516cc214e14bf19ed60a1a6c76Peter Major                        URI="#signed_body_input_policy" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <soap:body use="literal" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsdl:input>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <wsdl:output>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <wsp:PolicyReference
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        URI="#signed_body_output_policy" />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <soap:body use="literal" />
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden            </wsdl:output>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden        </wsdl:operation>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    </wsdl:binding>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden
6a9f31289c0fb913776bb573106ed6332365bc1cTony Bamford    <!-- 2.2.4 (WSS1.1) Mutual Authentication with X.509 Certificates, Sign, Encrypt -->
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    <wsp:Policy wsu:Id="x509_token_symmetric_policy">
1d220b52ff470e682af30735b255f1d9ab04df21tom.rumsey@forgerock.com        <wsp:ExactlyOne>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <wsp:All>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <sp:SymmetricBinding>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    <wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:ProtectionToken>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                            <wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                <sp:X509Token
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                        sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                    <wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                        <sp:RequireDerivedKeys/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                        <sp:RequireThumbprintReference />
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                        <sp:WssX509V3Token11/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                    </wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                </sp:X509Token>
1d220b52ff470e682af30735b255f1d9ab04df21tom.rumsey@forgerock.com                            </wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        </sp:ProtectionToken>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:AlgorithmSuite>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                            <wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                <sp:Basic128/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                            </wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        </sp:AlgorithmSuite>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:Layout>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                            <wsp:Policy>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                                <sp:Strict/>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                            </wsp:Policy>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                        </sp:Layout>
ce4d3fddc8fe2eddd68a20af9570b3cc63ece5abNeil Madden                        <sp:IncludeTimestamp/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:OnlySignEntireHeadersAndBody/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    </wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                </sp:SymmetricBinding>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <sp:EndorsingSupportingTokens>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    <wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                            <wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                <sp:RequireThumbprintReference/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                                <sp:WssX509V3Token11/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                            </wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        </sp:X509Token>
1d220b52ff470e682af30735b255f1d9ab04df21tom.rumsey@forgerock.com                    </wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                </sp:EndorsingSupportingTokens>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <sp:Wss11>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    <wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:MustSupportRefKeyIdentifier/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:MustSupportRefIssuerSerial/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:MustSupportRefThumbprint/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:MustSupportRefEncryptedKey/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:RequireSignatureConfirmation/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    </wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                </sp:Wss11>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsp:All>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        </wsp:ExactlyOne>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    </wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    <wsp:Policy wsu:Id="signed_body_input_policy">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        <wsp:ExactlyOne>
6a9f31289c0fb913776bb573106ed6332365bc1cTony Bamford            <wsp:All>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <sp:SignedParts>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    <sp:Body/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                </sp:SignedParts>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <!--    <sp:EncryptedParts>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:Body/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    </sp:EncryptedParts> -->
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsp:All>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        </wsp:ExactlyOne>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    </wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    <wsp:Policy wsu:Id="signed_body_output_policy">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        <wsp:ExactlyOne>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            <wsp:All>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <sp:SignedParts>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    <sp:Body/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                </sp:SignedParts>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                <!--    <sp:EncryptedParts>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                        <sp:Body/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster                    </sp:EncryptedParts> -->
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster            </wsp:All>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        </wsp:ExactlyOne>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    </wsp:Policy>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
6a9f31289c0fb913776bb573106ed6332365bc1cTony Bamford    <wsdl:service name="sts_service">
6a9f31289c0fb913776bb573106ed6332365bc1cTony Bamford        <wsdl:port name="sts_service_port" binding="tns:x509_token_symmetric_policy">
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington            <soap:address location=""/>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        </wsdl:port>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster    </wsdl:service>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster</wsdl:definitions>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster