quarkus-cxf-integration-test-ws-security-policy-fips
Used in:
components
- OverviewOverview
- VersionsVersions
- DependentsDependents
- DependenciesDependencies
<dependency>
<groupId>io.quarkiverse.cxf</groupId>
<artifactId>quarkus-cxf-integration-test-ws-security-policy-fips</artifactId>
<version>3.8.1</version>
</dependency><?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>io.quarkiverse.cxf</groupId>
<artifactId>quarkus-cxf-integration-tests</artifactId>
<version>3.8.1</version>
<relativePath>../pom.xml</relativePath>
</parent>
<artifactId>quarkus-cxf-integration-test-ws-security-policy-fips</artifactId>
<name>Quarkus CXF - Integration Test - WS-SecurityPolicy FIPS</name>
<description>Tests supposed to pass on systems with FIPS assertions enabled</description>
<dependencies>
<dependency>
<groupId>io.quarkiverse.cxf</groupId>
<artifactId>quarkus-cxf</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-resteasy</artifactId>
</dependency>
<dependency>
<groupId>io.rest-assured</groupId>
<artifactId>rest-assured</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.quarkiverse.cxf</groupId>
<artifactId>quarkus-cxf-test-util</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.awaitility</groupId>
<artifactId>awaitility</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<resources>
<resource>
<directory>src/main/resources</directory>
<includes>
<include>application.properties</include>
</includes>
<filtering>true</filtering>
</resource>
<resource>
<directory>src/main/resources</directory>
<excludes>
<exclude>application.properties</exclude>
</excludes>
<filtering>false</filtering>
</resource>
</resources>
<plugins>
<plugin>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-maven-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>build</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>pkcs12</id>
<activation>
<property>
<name>!jks</name>
</property>
</activation>
<properties>
<keystore.type>pkcs12</keystore.type>
</properties>
<dependencies>
<dependency><!-- this profile tests with quarkus-cxf-bc-stub in place instead of real Bouncy Castle -->
<groupId>io.quarkiverse.cxf</groupId>
<artifactId>quarkus-cxf-rt-ws-security</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<executions>
<execution>
<id>generate-certs.sh</id>
<phase>generate-sources</phase>
<goals>
<goal>exec</goal>
</goals>
<configuration>
<executable>${basedir}/generate-certs.sh</executable>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>jks</id>
<activation>
<property>
<name>jks</name>
</property>
</activation>
<properties>
<keystore.type>jks</keystore.type>
</properties>
<dependencies>
<dependency>
<groupId>io.quarkiverse.cxf</groupId>
<artifactId>quarkus-cxf-rt-ws-security</artifactId>
<exclusions>
<exclusion><!-- This profile tests with real Bouncy Castle -->
<groupId>io.quarkiverse.cxf</groupId>
<artifactId>quarkus-cxf-bc-stub</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>keytool-maven-plugin</artifactId>
<configuration>
<validity>3650</validity>
<keyalg>RSA</keyalg>
<skip>${keytool.skip}</skip>
</configuration>
<executions>
<!-- CA -->
<execution>
<id>generate-cxfca-keypair</id>
<phase>generate-sources</phase>
<goals>
<goal>clean</goal>
<goal>generateKeyPair</goal>
</goals>
<configuration>
<alias>cxfca</alias>
<dname>CN=cxfca, OU=eng, O=apache.org</dname>
<exts>
<ext>bc:c=ca:true,pathlen:2147483647</ext>
<ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
</exts>
<keypass>cxfca-password</keypass>
<storepass>cxfca-password</storepass>
<keystore>${project.build.outputDirectory}/cxfca.jks</keystore>
</configuration>
</execution>
<execution>
<id>export-cxfca-certificate</id>
<phase>generate-sources</phase>
<goals>
<goal>exportCertificate</goal>
</goals>
<configuration>
<alias>cxfca</alias>
<keystore>${project.build.outputDirectory}/cxfca.jks</keystore>
<rfc>true</rfc>
<storepass>cxfca-password</storepass>
<file>${project.build.outputDirectory}/cxfca.pem</file>
</configuration>
</execution>
<!-- Server -->
<execution>
<id>generate-server-keypair</id>
<phase>generate-sources</phase>
<goals>
<goal>clean</goal>
<goal>generateKeyPair</goal>
</goals>
<configuration>
<alias>localhost</alias>
<dname>CN=localhost, OU=eng, O=apache.org</dname>
<exts>
<ext>bc:c=ca:true,pathlen:2147483647</ext>
<ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
</exts>
<keypass>localhost-keystore-password</keypass>
<storepass>localhost-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/localhost-keystore.jks</keystore>
</configuration>
</execution>
<execution>
<id>generate-server-certificate-request</id>
<phase>generate-sources</phase>
<goals>
<goal>generateCertificateRequest</goal>
</goals>
<configuration>
<alias>localhost</alias>
<storepass>localhost-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/localhost-keystore.jks</keystore>
<file>${project.build.outputDirectory}/server.csr</file>
</configuration>
</execution>
<execution>
<id>sign-server-certificate</id>
<phase>generate-sources</phase>
<goals>
<goal>generateCertificate</goal>
</goals>
<configuration>
<alias>cxfca</alias>
<storepass>cxfca-password</storepass>
<keystore>${project.build.outputDirectory}/cxfca.jks</keystore>
<rfc>true</rfc>
<infile>${project.build.outputDirectory}/server.csr</infile>
<outfile>${project.build.outputDirectory}/server.pem</outfile>
</configuration>
</execution>
<execution>
<id>import-cxfca-certificate-to-server-keystore</id>
<phase>generate-sources</phase>
<goals>
<goal>importCertificate</goal>
</goals>
<configuration>
<alias>cxfca</alias>
<trustcacerts>true</trustcacerts>
<noprompt>true</noprompt>
<storepass>localhost-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/localhost-keystore.jks</keystore>
<file>${project.build.outputDirectory}/cxfca.pem</file>
</configuration>
</execution>
<execution>
<id>import-signed-server-certificate-to-server-keystore</id>
<phase>generate-sources</phase>
<goals>
<goal>importCertificate</goal>
</goals>
<configuration>
<alias>localhost</alias>
<trustcacerts>true</trustcacerts>
<noprompt>true</noprompt>
<storepass>localhost-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/localhost-keystore.jks</keystore>
<file>${project.build.outputDirectory}/server.pem</file>
</configuration>
</execution>
<!-- Client -->
<execution>
<id>prepare-client-truststore-jks</id>
<phase>generate-sources</phase>
<goals>
<goal>clean</goal>
<goal>importCertificate</goal>
</goals>
<configuration>
<alias>cxfca</alias>
<trustcacerts>true</trustcacerts>
<noprompt>true</noprompt>
<storepass>client-truststore-password</storepass>
<keystore>${project.build.outputDirectory}/client-truststore.jks</keystore>
<file>${project.build.outputDirectory}/cxfca.pem</file>
</configuration>
</execution>
<!-- Encrypt/Sign -->
<!-- Alice - the client side. She signs using her private key and encrypts using Bob's public key -->
<execution>
<id>generate-alice-keypair</id>
<phase>generate-sources</phase>
<goals>
<goal>clean</goal>
<goal>generateKeyPair</goal>
</goals>
<configuration>
<alias>alice</alias>
<dname>CN=alice, OU=eng, O=apache.org</dname>
<exts>
<ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
<ext>SubjectAlternativeName=DNS:localhost,IP:127.0.0.1</ext>
</exts>
<keypass>alice-keystore-password</keypass>
<storepass>alice-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/alice-keystore.jks</keystore>
</configuration>
</execution>
<execution>
<id>generate-alice-certificate-request</id>
<phase>generate-sources</phase>
<goals>
<goal>generateCertificateRequest</goal>
</goals>
<configuration>
<alias>alice</alias>
<storepass>alice-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/alice-keystore.jks</keystore>
<file>${project.build.outputDirectory}/alice.csr</file>
</configuration>
</execution>
<execution>
<id>generate-alice-certificate</id>
<phase>generate-sources</phase>
<goals>
<goal>generateCertificate</goal>
</goals>
<configuration>
<alias>cxfca</alias>
<storepass>cxfca-password</storepass>
<keystore>${project.build.outputDirectory}/cxfca.jks</keystore>
<rfc>true</rfc>
<infile>${project.build.outputDirectory}/alice.csr</infile>
<outfile>${project.build.outputDirectory}/alice.pem</outfile>
</configuration>
</execution>
<execution>
<id>import-cxfca-certificate-to-alice</id>
<phase>generate-sources</phase>
<goals>
<goal>importCertificate</goal>
</goals>
<configuration>
<alias>cxfca</alias>
<trustcacerts>true</trustcacerts>
<noprompt>true</noprompt>
<storepass>alice-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/alice-keystore.jks</keystore>
<file>${project.build.outputDirectory}/cxfca.pem</file>
</configuration>
</execution>
<execution>
<id>import-alice-certificate</id>
<phase>generate-sources</phase>
<goals>
<goal>importCertificate</goal>
</goals>
<configuration>
<alias>alice</alias>
<trustcacerts>true</trustcacerts>
<noprompt>true</noprompt>
<storepass>alice-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/alice-keystore.jks</keystore>
<file>${project.build.outputDirectory}/alice.pem</file>
</configuration>
</execution>
<!-- Bob - the server side. He checks Alice's signature using her public key and deencrypts using his own private key -->
<execution>
<id>generate-bob-keypair</id>
<phase>generate-sources</phase>
<goals>
<goal>clean</goal>
<goal>generateKeyPair</goal>
</goals>
<configuration>
<alias>bob</alias>
<dname>CN=bob, OU=eng, O=apache.org</dname>
<exts>
<ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
<ext>SubjectAlternativeName=DNS:localhost,IP:127.0.0.1</ext>
</exts>
<keypass>bob-keystore-password</keypass>
<storepass>bob-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/bob-keystore.jks</keystore>
</configuration>
</execution>
<execution>
<id>generate-bob-certificate-request</id>
<phase>generate-sources</phase>
<goals>
<goal>generateCertificateRequest</goal>
</goals>
<configuration>
<alias>bob</alias>
<storepass>bob-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/bob-keystore.jks</keystore>
<file>${project.build.outputDirectory}/bob.csr</file>
</configuration>
</execution>
<execution>
<id>generate-bob-certificate</id>
<phase>generate-sources</phase>
<goals>
<goal>generateCertificate</goal>
</goals>
<configuration>
<alias>cxfca</alias>
<storepass>cxfca-password</storepass>
<keystore>${project.build.outputDirectory}/cxfca.jks</keystore>
<rfc>true</rfc>
<infile>${project.build.outputDirectory}/bob.csr</infile>
<outfile>${project.build.outputDirectory}/bob.pem</outfile>
</configuration>
</execution>
<execution>
<id>import-cxfca-certificate-to-bob</id>
<phase>generate-sources</phase>
<goals>
<goal>importCertificate</goal>
</goals>
<configuration>
<alias>cxfca</alias>
<trustcacerts>true</trustcacerts>
<noprompt>true</noprompt>
<storepass>bob-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/bob-keystore.jks</keystore>
<file>${project.build.outputDirectory}/cxfca.pem</file>
</configuration>
</execution>
<execution>
<id>import-bob-certificate</id>
<phase>generate-sources</phase>
<goals>
<goal>importCertificate</goal>
</goals>
<configuration>
<alias>bob</alias>
<trustcacerts>true</trustcacerts>
<noprompt>true</noprompt>
<storepass>bob-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/bob-keystore.jks</keystore>
<file>${project.build.outputDirectory}/bob.pem</file>
</configuration>
</execution>
<!-- Exchange the certs between Alice and Bob -->
<!-- Alice needs Bob's public key to be able to encrypt the messages for him -->
<!-- and to be able to validate Bob's signatureon the messages he sends back -->
<execution>
<id>import-bob-certificate-to-alice</id>
<phase>generate-sources</phase>
<goals>
<goal>importCertificate</goal>
</goals>
<configuration>
<alias>bob</alias>
<trustcacerts>true</trustcacerts>
<noprompt>true</noprompt>
<storepass>alice-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/alice-keystore.jks</keystore>
<file>${project.build.outputDirectory}/bob.pem</file>
</configuration>
</execution>
<!-- Bob needs Alice's public key to be able to validate her signature on the message she sends -->
<!-- and to be able to encrypt the messages for her -->
<execution>
<id>import-alice-certificate-to-bob</id>
<phase>generate-sources</phase>
<goals>
<goal>importCertificate</goal>
</goals>
<configuration>
<alias>alice</alias>
<trustcacerts>true</trustcacerts>
<noprompt>true</noprompt>
<storepass>bob-keystore-password</storepass>
<keystore>${project.build.outputDirectory}/bob-keystore.jks</keystore>
<file>${project.build.outputDirectory}/alice.pem</file>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>native</id>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<properties>
<quarkus.package.type>native</quarkus.package.type>
</properties>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>integration-test</goal>
<goal>verify</goal>
</goals>
<configuration>
<systemPropertyVariables>
<native.image.path>${project.build.directory}/${project.build.finalName}-runner</native.image.path>
</systemPropertyVariables>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>virtualDependencies</id>
<activation>
<property>
<name>!noVirtualDependencies</name>
</property>
</activation>
<dependencies>
<!-- The following dependencies guarantee that this module is built after them. You can update them by running `mvn process-resources -Pformat -N` from the source tree root directory -->
<dependency>
<groupId>io.quarkiverse.cxf</groupId>
<artifactId>quarkus-cxf-deployment</artifactId>
<version>${project.version}</version>
<type>pom</type>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>io.quarkiverse.cxf</groupId>
<artifactId>quarkus-cxf-rt-ws-security-deployment</artifactId>
<version>${project.version}</version>
<type>pom</type>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
</profile>
</profiles>
</project>