Changeset 5655 for TI12-security


Ignore:
Timestamp:
21/08/09 15:20:23 (10 years ago)
Author:
pjkersha
Message:

Updated integration tests. These test various configurations of the security middleware:

  • authz_lite: security services running in a separate stack to the application being protected. Services include OpenID and the Attribute Authority. No Session Manager is used
  • openidrelyingparty: a standalone OpenID Relying Party
  • openidrelyingparty_withapp: OpenID Relying Party running in the same middleware stack as the application rather than in the separate security services stack.
Location:
TI12-security/trunk/python
Files:
9 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/authn.py

    r5555 r5655  
    332332         
    333333        if self.signoutPath and self.pathInfo == self.signoutPath: 
    334             log.debug("SessionHandlerMiddleware__call__: caught sign out " 
     334            log.debug("SessionHandlerMiddleware.__call__: caught sign out " 
    335335                      "path [%s]", self.signoutPath) 
    336336             
  • TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/openid/relyingparty/signin_interface/buffet/templates/signin.kid

    r5565 r5655  
    11<html py:extends="'ndgpage.kid'" xmlns="http://www.w3.org/1999/xhtml" xmlns:py="http://purl.org/kid/ns#"> 
    22        <div py:def="openIDSignin()" class="openIDSignin" style="text-indent:5px"> 
    3                 <form action="$c.verifyPath" method="post"> 
     3                <form action="$c.baseURL/verify" method="post"> 
    44                        <table cellspacing="0" border="0" cellpadding="5" style="align: left"> 
    55                            <tr align="left"> 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/__init__.py

    r5555 r5655  
    2424        <p>These tests use require the security services application to be 
    2525        running.  See securityserviceapp.py and securityservices.ini in the  
    26         authz_lite/ integration test directory.</p> 
     26        integration test directory.</p> 
    2727        <h2>To Run:</h2> 
    2828        <p>Try any of the links below.  When prompt for username and password, 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/authz_lite/securityservices.ini

    r5648 r5655  
    2323testConfigDir = %(here)s/../../config 
    2424beakerSessionKeyName = beaker.session.ndg.security.services 
    25  
    26 #______________________________________________________________________________ 
    27 # Attribute Authority settings 
    28 # 'name' setting MUST agree with map config file 'thisHost' name attribute 
    29 attributeAuthority.name: Site A 
    30  
    31 # Lifetime is measured in seconds 
    32 attributeAuthority.attCertLifetime: 28800  
    33  
    34 # Allow an offset for clock skew between servers running  
    35 # security services. NB, measured in seconds - use a minus sign for time in the 
    36 # past 
    37 attributeAuthority.attCertNotBeforeOff: 0 
    38  
    39 # All Attribute Certificates issued are recorded in this dir 
    40 attributeAuthority.attCertDir: %(testConfigDir)s/attributeauthority/sitea/attributeCertificateLog 
    41  
    42 # Files in attCertDir are stored using a rotating file handler 
    43 # attCertFileLogCnt sets the max number of files created before the first is  
    44 # overwritten 
    45 attributeAuthority.attCertFileName: ac.xml 
    46 attributeAuthority.attCertFileLogCnt: 16 
    47 attributeAuthority.dnSeparator:/ 
    48  
    49 # Location of role mapping file 
    50 attributeAuthority.mapConfigFilePath: %(testConfigDir)s/attributeauthority/sitea/siteAMapConfig.xml 
    51  
    52 # Settings for custom AttributeInterface derived class to get user roles for given  
    53 # user ID 
    54 #attributeAuthority.attributeInterface.modFilePath: %(testConfigDir)s/attributeauthority/sitea 
    55 attributeAuthority.attributeInterface.modName: ndg.security.test.integration.authz.attributeinterface 
    56 attributeAuthority.attributeInterface.className: TestUserRoles 
    57  
    58 # Config for XML signature of Attribute Certificate 
    59 attributeAuthority.signingPriKeyFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.key 
    60 attributeAuthority.signingCertFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.crt 
    61 attributeAuthority.caCertFilePathList: %(testConfigDir)s/ca/ndg-test-ca.crt 
    6225 
    6326[server:main] 
     
    235198paste.filter_app_factory = ndg.security.server.wsgi.zsi:SOAPBindingMiddleware 
    236199 
    237 # Use this ZSI generated SOAP service interface class to handle i/o for this 
    238 # filter 
    239 ServiceSOAPBindingClass = ndg.security.server.zsi.attributeauthority.AttributeAuthorityWS 
    240  
    241 # SOAP Binding Class specific keywords are in this section identified by this 
    242 # prefix: 
    243 ServiceSOAPBindingPropPrefix = AttributeAuthority 
    244  
    245 # The AttributeAuthority class has settings in the default section above  
    246 # identified by this prefix: 
    247 AttributeAuthority.propPrefix = attributeAuthority 
    248 AttributeAuthority.propFilePath = %(here)s/securityservices.ini 
    249 AttributeAuthority.wsseSignatureVerificationFilterID = filter:wsseSignatureVerificationFilter 
    250  
    251200# Provide an identifier for this filter so that main WSGI app  
    252201# CombinedServicesWSGI Session Manager filter can call this Attribute Authority 
     
    272221filterID = %(__name__)s 
    273222 
     223# Use this ZSI generated SOAP service interface class to handle i/o for this 
     224# filter 
     225ServiceSOAPBindingClass = ndg.security.server.zsi.attributeauthority.AttributeAuthorityWS 
     226 
     227# SOAP Binding Class specific keywords are in this section identified by this 
     228# prefix: 
     229ServiceSOAPBindingPropPrefix = attributeAuthority 
     230 
     231attributeAuthority.wsseSignatureVerificationFilterID = filter:wsseSignatureVerificationFilter 
     232 
     233# Attribute Authority settings 
     234# 'name' setting MUST agree with map config file 'thisHost' name attribute 
     235attributeAuthority.name: Site A 
     236 
     237# Lifetime is measured in seconds 
     238attributeAuthority.attCertLifetime: 28800  
     239 
     240# Allow an offset for clock skew between servers running  
     241# security services. NB, measured in seconds - use a minus sign for time in the 
     242# past 
     243attributeAuthority.attCertNotBeforeOff: 0 
     244 
     245# All Attribute Certificates issued are recorded in this dir 
     246attributeAuthority.attCertDir: %(testConfigDir)s/attributeauthority/sitea/attributeCertificateLog 
     247 
     248# Files in attCertDir are stored using a rotating file handler 
     249# attCertFileLogCnt sets the max number of files created before the first is  
     250# overwritten 
     251attributeAuthority.attCertFileName: ac.xml 
     252attributeAuthority.attCertFileLogCnt: 16 
     253attributeAuthority.dnSeparator:/ 
     254 
     255# Location of role mapping file 
     256attributeAuthority.mapConfigFilePath: %(testConfigDir)s/attributeauthority/sitea/siteAMapConfig.xml 
     257 
     258# Settings for custom AttributeInterface derived class to get user roles for given  
     259# user ID 
     260#attributeAuthority.attributeInterface.modFilePath: %(testConfigDir)s/attributeauthority/sitea 
     261attributeAuthority.attributeInterface.modName: ndg.security.test.integration.authz.attributeinterface 
     262attributeAuthority.attributeInterface.className: TestUserRoles 
     263 
     264# Config for XML signature of Attribute Certificate 
     265attributeAuthority.signingPriKeyFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.key 
     266attributeAuthority.signingCertFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.crt 
     267attributeAuthority.caCertFilePathList: %(testConfigDir)s/ca/ndg-test-ca.crt 
     268 
     269 
    274270#______________________________________________________________________________ 
    275271# WS-Security Signature Verification 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/openidrelyingparty/securedapp.ini

    r5039 r5655  
    55# 
    66[DEFAULT] 
     7testConfigDir = %(here)s/../../config 
     8beakerSessionKeyName = beaker.session.ndg.security 
    79 
    810[server:main] 
     
    1214 
    1315[pipeline:main] 
    14 pipeline = SessionMiddlewareFilter 
     16pipeline = BeakerSessionFilter  
    1517                   AuthenticationFilter 
    1618           SecuredApp 
     
    1921paste.app_factory = ndg.security.test.integration.openidrelyingparty.securedapp:TestOpenIDRelyingPartyMiddleware 
    2022 
    21 #______________________________________________________________________________ 
    22 # Beaker Session Middleware (used by Authentication Filter) 
    23 [filter:SessionMiddlewareFilter] 
    24 paste.filter_app_factory=beaker.middleware:SessionMiddleware 
    25 #beaker.session.key = sso 
    26 beaker.session.secret = somesecret 
    2723 
    28 # If you'd like to fine-tune the individual locations of the cache data dirs 
    29 # for the Cache data, or the Session saves, un-comment the desired settings 
    30 # here: 
    31 beaker.cache.data_dir = %(here)s/beaker/cache 
    32 beaker.session.data_dir = %(here)s/beaker/sessions 
     24[filter:BeakerSessionFilter] 
     25paste.filter_app_factory = beaker.middleware:SessionMiddleware 
     26 
     27# Cookie name 
     28beaker.session.key = ndg.security.session 
     29 
     30# WSGI environ key name 
     31environ_key = %(beakerSessionKeyName)s 
     32beaker.session.secret = rBIvKXLa+REYB8pM/8pdPoorVpKQuaOW 
     33beaker.cache.data_dir = %(here)s/authn/beaker/cache 
     34beaker.session.data_dir = %(here)s/authn/beaker/sessions 
     35 
    3336 
    3437[filter:AuthenticationFilter] 
    35 paste.filter_app_factory = ndg.security.server.wsgi.authn:AuthNRedirectHandlerMiddleware 
     38paste.filter_app_factory = ndg.security.server.wsgi.authn:AuthenticationMiddleware 
    3639prefix = authN. 
    3740 
     
    4144# AuthKit Set-up 
    4245authkit.setup.method=cookie 
    43 authkit.cookie.secret=secret encryption string 
     46 
     47# This cookie name and secret MUST agree with the name used by the security web 
     48# services app 
     49authkit.cookie.name=ndg.security.auth 
     50authkit.cookie.secret=9wvZObs9anUEhSIAnJNoY2iJq59FfYZr 
    4451authkit.cookie.signoutpath = /logout 
     52 
     53# Disable inclusion of client IP address from cookie signature due to  
     54# suspected problem with AuthKit setting it when a HTTP Proxy is in place 
     55authkit.cookie.includeip = False 
     56 
     57# environ key name for beaker session 
     58authkit.session.middleware = %(beakerSessionKeyName)s 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/openidrelyingparty/securedapp.py

    r5038 r5655  
    44        
    55    def __init__(self, app_conf, **local_conf): 
    6         pass 
     6        self.beakerSessionKeyName = app_conf['beakerSessionKeyName'] 
    77     
    88    def __call__(self, environ, start_response): 
    99         
    10         if 'REMOTE_USER' in environ: 
     10        username = environ[self.beakerSessionKeyName].get('username') 
     11        if username: 
    1112            response = """<html> 
    1213    <head/> 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/openidrelyingparty/securityservices.ini

    r5038 r5655  
    1414 
    1515[DEFAULT] 
     16portNum = 6443 
     17hostname = localhost 
     18scheme = http 
     19baseURI = %(scheme)s://%(hostname)s:%(portNum)s 
     20testConfigDir = %(here)s/../../config 
     21beakerSessionKeyName = beaker.session.ndg.security.services 
    1622 
    1723[server:main] 
    1824use = egg:Paste#http 
    1925host = 0.0.0.0 
    20 port = 6443 
     26port = %(portNum)s 
    2127 
    2228[pipeline:main] 
     
    3743beaker.session.data_dir = %(here)s/beaker/sessions 
    3844 
     45# Key name for keying into environ dictionary 
     46environ_key = %(beakerSessionKeyName)s 
     47 
    3948[app:OpenIDRelyingPartyApp] 
    4049paste.app_factory =  
    4150        ndg.security.server.wsgi.openid.relyingparty:OpenIDRelyingPartyMiddleware.app_factory 
    4251 
    43 openid.relyingparty.sessionKey = beaker.session 
    4452openid.relyingparty.baseURL = %(authkit.openid.baseurl)s 
     53openid.relyingparty.certFilePath = %(testConfigDir)s/pki/localhost.crt 
     54openid.relyingparty.priKeyFilePath = %(testConfigDir)s/pki/localhost.key 
     55openid.relyingparty.priKeyPwd =  
     56openid.relyingparty.caCertDirPath = %(testConfigDir)s/ca 
     57openid.relyingparty.providerWhitelistFilePath = 
    4558openid.relyingparty.signinInterfaceMiddlewareClass = ndg.security.server.wsgi.openid.relyingparty.signin_interface.buffet.BuffetSigninTemplate 
    4659openid.relyingparty.signinInterface.templatePackage = ndg.security.server.wsgi.openid.relyingparty.signin_interface.buffet.templates 
     
    6073# AuthKit Set-up 
    6174authkit.setup.method=openid, cookie 
    62 authkit.cookie.secret=secret encryption string 
     75 
     76# This cookie name and secret MUST agree with the name used by the  
     77# Authentication Filter used to secure a given app 
     78authkit.cookie.name=ndg.security.auth 
     79 
     80authkit.cookie.secret=9wvZObs9anUEhSIAnJNoY2iJq59FfYZr 
    6381authkit.cookie.signoutpath = /logout 
     82 
     83# Disable inclusion of client IP address from cookie signature due to  
     84# suspected problem with AuthKit setting it when a HTTP Proxy is in place 
     85authkit.cookie.includeip = False 
     86 
    6487authkit.openid.path.signedin=/ 
    6588authkit.openid.store.type=file 
    66 authkit.openid.store.config=%(here)s/data/openid 
     89authkit.openid.store.config=%(here)s/openidrelyingparty/store 
    6790authkit.openid.session.key = authkit_openid 
    6891authkit.openid.session.secret = random string 
    6992 
    70 authkit.openid.baseurl = http://localhost:6443 
     93# Key name for dereferencing beaker.session object held in environ 
     94authkit.openid.session.middleware = %(beakerSessionKeyName)s 
     95 
     96authkit.openid.baseurl = %(baseURI)s 
    7197 
    7298# Template for signin 
     
    75101# Handler for parsing OpenID and creating a session from it 
    76102#authkit.openid.urltouser =  
     103 
     104#[app:OpenIDRelyingPartyApp] 
     105#paste.app_factory =  
     106#       ndg.security.server.wsgi.openid.relyingparty:OpenIDRelyingPartyMiddleware.app_factory 
     107# 
     108#openid.relyingparty.baseURL = %(authkit.openid.baseurl)s 
     109#openid.relyingparty.certFilePath = %(testConfigDir)s/pki/localhost.crt 
     110#openid.relyingparty.priKeyFilePath = %(testConfigDir)s/pki/localhost.key 
     111#openid.relyingparty.priKeyPwd =  
     112#openid.relyingparty.caCertDirPath = %(testConfigDir)s/ca 
     113#openid.relyingparty.signinInterfaceMiddlewareClass = ndg.security.server.wsgi.openid.relyingparty.signin_interface.buffet.BuffetSigninTemplate 
     114#openid.relyingparty.signinInterface.templatePackage = ndg.security.server.wsgi.openid.relyingparty.signin_interface.buffet.templates 
     115#openid.relyingparty.signinInterface.staticContentRootDir = %(here)s/openidrelyingparty/public 
     116#openid.relyingparty.signinInterface.baseURL = %(openid.relyingparty.baseURL)s 
     117#openid.relyingparty.signinInterface.leftLogo = %(openid.relyingparty.signinInterface.baseURL)s/layout/NERC_Logo.gif 
     118#openid.relyingparty.signinInterface.leftAlt = Natural Environment Research Council 
     119#openid.relyingparty.signinInterface.ndgLink = http://ndg.nerc.ac.uk/ 
     120#openid.relyingparty.signinInterface.ndgImage = %(openid.relyingparty.signinInterface.baseURL)s/layout/ndg_logo_circle.gif 
     121#openid.relyingparty.signinInterface.disclaimer = This site is for test purposes only and is under active development. 
     122#openid.relyingparty.signinInterface.stfcLink = http://www.stfc.ac.uk/ 
     123#openid.relyingparty.signinInterface.stfcImage = %(openid.relyingparty.signinInterface.baseURL)s/layout/stfc-circle-sm.gif 
     124#openid.relyingparty.signinInterface.helpIcon = %(openid.relyingparty.signinInterface.baseURL)s/layout/icons/help.png 
     125# 
     126#cache_dir = %(here)s/data 
     127# 
     128## AuthKit Set-up 
     129#authkit.setup.method=openid, cookie 
     130# 
     131## This cookie name and secret MUST agree with the name used by the  
     132## Authentication Filter used to secure a given app 
     133#authkit.cookie.name=ndg.security.auth 
     134#authkit.cookie.secret=9wvZObs9anUEhSIAnJNoY2iJq59FfYZr 
     135# 
     136#authkit.cookie.signoutpath = /logout 
     137#authkit.openid.path.signedin=/ 
     138#authkit.openid.store.type=file 
     139#authkit.openid.store.config=%(here)s/data/openid 
     140#authkit.openid.session.key = authkit_openid 
     141#authkit.openid.session.secret = random string 
     142# 
     143#authkit.openid.baseurl = http://localhost:6443 
     144# 
     145## Key name for dereferencing beaker.session object held in environ 
     146#authkit.openid.session.middleware = %(beakerSessionKeyName)s 
    77147 
    78148 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/openidrelyingparty_withapp/README

    r5541 r5655  
    1 Integration Tests to test NDG Authorisation without a Session Manager 
    2 ===================================================================== 
    3 In the authz integration test parallel to this directory, a Session Manager is 
    4 included in the security services paster application.  This service caches 
    5 security credentials for efficiency.  It is queried by the  
    6 AuthorizationFilter's Policy Information Point in order to retrieve user 
    7 attribute certificates.  In this configuration, the PIP contacts the  
    8 Attribute Authority directly to retrieving Attribute Certificates rather than 
    9 going via the Session Manager intermediary.  This simplifies the configuration 
    10 but with a possible performance penalty. 
     1Authorisation Integration Tests with the OpenID Relying Party running in the 
     2============================================================================ 
     3Application Stack 
     4================= 
     5In this test, the OpenID Relying Party Middleware is configured to run in the 
     6same WSGI stack as the application being protected.  This ensures that the 
     7two are in the same cookie domain but if the application is running over HTTP 
     8then the RP will likewise.  The alternative is to run the OpenID RP in the  
     9security services middleware stack together with the OpenID Provider and  
     10Attribute Authority.  This enables the RP to run over HTTPS but it also  
     11involves a redirect from the app to the RP on signin which may itself be a  
     12security weakness. 
    1113 
    1214To run, 
  • TI12-security/trunk/python/ndg_security_test/ndg/security/test/integration/openidrelyingparty_withapp/securityservices.ini

    r5648 r5655  
    2323testConfigDir = %(here)s/../../config 
    2424beakerSessionKeyName = beaker.session.ndg.security.services 
    25  
    26 #______________________________________________________________________________ 
    27 # Attribute Authority settings 
    28 # 'name' setting MUST agree with map config file 'thisHost' name attribute 
    29 attributeAuthority.name: Site A 
    30  
    31 # Lifetime is measured in seconds 
    32 attributeAuthority.attCertLifetime: 28800  
    33  
    34 # Allow an offset for clock skew between servers running  
    35 # security services. NB, measured in seconds - use a minus sign for time in the 
    36 # past 
    37 attributeAuthority.attCertNotBeforeOff: 0 
    38  
    39 # All Attribute Certificates issued are recorded in this dir 
    40 attributeAuthority.attCertDir: %(testConfigDir)s/attributeauthority/sitea/attributeCertificateLog 
    41  
    42 # Files in attCertDir are stored using a rotating file handler 
    43 # attCertFileLogCnt sets the max number of files created before the first is  
    44 # overwritten 
    45 attributeAuthority.attCertFileName: ac.xml 
    46 attributeAuthority.attCertFileLogCnt: 16 
    47 attributeAuthority.dnSeparator:/ 
    48  
    49 # Location of role mapping file 
    50 attributeAuthority.mapConfigFilePath: %(testConfigDir)s/attributeauthority/sitea/siteAMapConfig.xml 
    51  
    52 # Settings for custom AttributeInterface derived class to get user roles for given  
    53 # user ID 
    54 #attributeAuthority.attributeInterface.modFilePath: %(testConfigDir)s/attributeauthority/sitea 
    55 attributeAuthority.attributeInterface.modName: ndg.security.test.integration.authz.attributeinterface 
    56 attributeAuthority.attributeInterface.className: TestUserRoles 
    57  
    58 # Config for XML signature of Attribute Certificate 
    59 attributeAuthority.signingPriKeyFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.key 
    60 attributeAuthority.signingCertFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.crt 
    61 attributeAuthority.caCertFilePathList: %(testConfigDir)s/ca/ndg-test-ca.crt 
    6225 
    6326[server:main] 
     
    188151# SOAP Binding Class specific keywords are in this section identified by this 
    189152# prefix: 
    190 ServiceSOAPBindingPropPrefix = AttributeAuthority 
    191  
    192 # The AttributeAuthority class has settings in the default section above  
    193 # identified by this prefix: 
    194 AttributeAuthority.propPrefix = attributeAuthority 
    195 AttributeAuthority.propFilePath = %(here)s/securityservices.ini 
    196 AttributeAuthority.wsseSignatureVerificationFilterID = filter:wsseSignatureVerificationFilter 
     153ServiceSOAPBindingPropPrefix = attributeAuthority 
     154 
     155attributeAuthority.wsseSignatureVerificationFilterID = filter:wsseSignatureVerificationFilter 
    197156 
    198157# Provide an identifier for this filter so that main WSGI app  
     
    219178filterID = %(__name__)s 
    220179 
     180# Attribute Authority settings 
     181# 'name' setting MUST agree with map config file 'thisHost' name attribute 
     182attributeAuthority.name: Site A 
     183 
     184# Lifetime is measured in seconds 
     185attributeAuthority.attCertLifetime: 28800  
     186 
     187# Allow an offset for clock skew between servers running  
     188# security services. NB, measured in seconds - use a minus sign for time in the 
     189# past 
     190attributeAuthority.attCertNotBeforeOff: 0 
     191 
     192# All Attribute Certificates issued are recorded in this dir 
     193attributeAuthority.attCertDir: %(testConfigDir)s/attributeauthority/sitea/attributeCertificateLog 
     194 
     195# Files in attCertDir are stored using a rotating file handler 
     196# attCertFileLogCnt sets the max number of files created before the first is  
     197# overwritten 
     198attributeAuthority.attCertFileName: ac.xml 
     199attributeAuthority.attCertFileLogCnt: 16 
     200attributeAuthority.dnSeparator:/ 
     201 
     202# Location of role mapping file 
     203attributeAuthority.mapConfigFilePath: %(testConfigDir)s/attributeauthority/sitea/siteAMapConfig.xml 
     204 
     205# Settings for custom AttributeInterface derived class to get user roles for given  
     206# user ID 
     207#attributeAuthority.attributeInterface.modFilePath: %(testConfigDir)s/attributeauthority/sitea 
     208attributeAuthority.attributeInterface.modName: ndg.security.test.integration.authz.attributeinterface 
     209attributeAuthority.attributeInterface.className: TestUserRoles 
     210 
     211# Config for XML signature of Attribute Certificate 
     212attributeAuthority.signingPriKeyFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.key 
     213attributeAuthority.signingCertFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.crt 
     214attributeAuthority.caCertFilePathList: %(testConfigDir)s/ca/ndg-test-ca.crt 
     215 
     216 
    221217#______________________________________________________________________________ 
    222218# WS-Security Signature Verification 
Note: See TracChangeset for help on using the changeset viewer.