package org.apache.cxf.systest.ws.security;

import java.io.Closeable;
import java.io.IOException;
import java.io.StringReader;
import java.net.URL;
import java.util.HashMap;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.namespace.QName;
import javax.xml.transform.Source;
import javax.xml.transform.stream.StreamSource;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Dispatch;
import javax.xml.ws.Endpoint;
import javax.xml.ws.Provider;
import javax.xml.ws.Service;
import javax.xml.ws.ServiceMode;
import javax.xml.ws.WebServiceProvider;
import javax.xml.xpath.XPathConstants;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.helpers.XMLUtils;
import org.apache.cxf.helpers.XPathUtils;
import org.apache.cxf.interceptor.LoggingOutInterceptor;
import org.apache.cxf.jaxws.EndpointImpl;
import org.apache.cxf.service.model.EndpointInfo;
import org.apache.cxf.systest.ws.common.DoubleItImpl;
import org.apache.cxf.systest.ws.common.SecurityTestUtil;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.ws.policy.PolicyEngine;
import org.apache.ws.security.WSPasswordCallback;
import org.example.contract.doubleit.DoubleItPortType;
import org.example.contract.doubleit.DoubleItPortTypeHeader;
import org.example.schema.doubleit.DoubleIt;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Node;

/* loaded from: input_file:org/apache/cxf/systest/ws/security/SecurityPolicyTest.class */
public class SecurityPolicyTest extends AbstractBusClientServerTestBase {
    public static final String PORT = allocatePort(SecurityPolicyTest.class);
    public static final String SSL_PORT = allocatePort(SecurityPolicyTest.class, 1);
    public static final String POLICY_ADDRESS = "http://localhost:" + PORT + "/SecPolTest";
    public static final String POLICY_HTTPS_ADDRESS = "https://localhost:" + SSL_PORT + "/SecPolTest";
    public static final String POLICY_ENCSIGN_ADDRESS = "http://localhost:" + PORT + "/SecPolTestEncryptThenSign";
    public static final String POLICY_SIGNENC_ADDRESS = "http://localhost:" + PORT + "/SecPolTestSignThenEncrypt";
    public static final String POLICY_SIGNENC_PROVIDER_ADDRESS = "http://localhost:" + PORT + "/SecPolTestSignThenEncryptProvider";
    public static final String POLICY_SIGN_ADDRESS = "http://localhost:" + PORT + "/SecPolTestSign";
    public static final String POLICY_XPATH_ADDRESS = "http://localhost:" + PORT + "/SecPolTestXPath";
    public static final String POLICY_SIGNONLY_ADDRESS = "http://localhost:" + PORT + "/SecPolTestSignedOnly";
    public static final String POLICY_CXF3041_ADDRESS = "http://localhost:" + PORT + "/SecPolTestCXF3041";
    public static final String POLICY_CXF3042_ADDRESS = "http://localhost:" + PORT + "/SecPolTestCXF3042";
    public static final String POLICY_CXF3452_ADDRESS = "http://localhost:" + PORT + "/SecPolTestCXF3452";
    public static final String POLICY_CXF4122_ADDRESS = "http://localhost:" + PORT + "/SecPolTestCXF4122";
    private static final String NAMESPACE = "http://www.example.org/contract/DoubleIt";
    private static final QName SERVICE_QNAME = new QName(NAMESPACE, "DoubleItService");

    @ServiceMode(Service.Mode.PAYLOAD)
    @WebServiceProvider(targetNamespace = SecurityPolicyTest.NAMESPACE, portName = "DoubleItPortSignThenEncrypt", serviceName = "DoubleItService", wsdlLocation = "classpath:/org/apache/cxf/systest/ws/security/DoubleIt.wsdl")
    /* loaded from: input_file:org/apache/cxf/systest/ws/security/SecurityPolicyTest$DoubleItProvider.class */
    public static class DoubleItProvider implements Provider<Source> {
        public Source invoke(Source source) {
            try {
                Node fromSource = XMLUtils.fromSource(source);
                if (fromSource instanceof Document) {
                    fromSource = ((Document) fromSource).getDocumentElement();
                }
                HashMap hashMap = new HashMap();
                hashMap.put("ns2", "http://www.example.org/schema/DoubleIt");
                return new StreamSource(new StringReader("<ns2:DoubleItResponse xmlns:ns2=\"http://www.example.org/schema/DoubleIt\"><doubledNumber>" + Integer.toString(Integer.parseInt((String) new XPathUtils(hashMap).getValue("//ns2:DoubleIt/numberToDouble", fromSource, XPathConstants.STRING)) * 2) + "</doubledNumber></ns2:DoubleItResponse>"));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    }

    /* loaded from: input_file:org/apache/cxf/systest/ws/security/SecurityPolicyTest$ServerPasswordCallback.class */
    public static class ServerPasswordCallback implements CallbackHandler {
        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            WSPasswordCallback wSPasswordCallback = (WSPasswordCallback) callbackArr[0];
            if (wSPasswordCallback.getIdentifier().equals("bob")) {
                wSPasswordCallback.setPassword("pwd");
            }
        }
    }

    @BeforeClass
    public static void init() throws Exception {
        URL resource = SecurityPolicyTest.class.getResource("DoubleIt.wsdl");
        ((PolicyEngine) createStaticBus(SecurityPolicyTest.class.getResource("https_config.xml").toString()).getExtension(PolicyEngine.class)).setEnabled(true);
        getStaticBus().getOutInterceptors().add(new LoggingOutInterceptor());
        EndpointImpl create = Endpoint.create(new DoubleItImpl());
        create.setEndpointName(new QName(NAMESPACE, "DoubleItPortHttps"));
        create.setWsdlLocation(resource.getPath());
        create.setAddress(POLICY_HTTPS_ADDRESS);
        create.publish();
        create.getServer().getEndpoint().getEndpointInfo().setProperty("ws-security.callback-handler", new ServerPasswordCallback());
        Endpoint.publish(POLICY_ADDRESS, new DoubleItImpl());
        EndpointImpl create2 = Endpoint.create(new DoubleItImpl());
        create2.setEndpointName(new QName(NAMESPACE, "DoubleItPortEncryptThenSign"));
        create2.setWsdlLocation(resource.getPath());
        create2.setAddress(POLICY_ENCSIGN_ADDRESS);
        create2.publish();
        setCryptoProperties(create2.getServer().getEndpoint().getEndpointInfo(), "bob.properties", "alice.properties");
        EndpointImpl create3 = Endpoint.create(new DoubleItImpl());
        create3.setEndpointName(new QName(NAMESPACE, "DoubleItPortSignThenEncrypt"));
        create3.setWsdlLocation(resource.getPath());
        create3.setAddress(POLICY_SIGNENC_ADDRESS);
        create3.publish();
        setCryptoProperties(create3.getServer().getEndpoint().getEndpointInfo(), "bob.properties", "alice.properties");
        EndpointImpl create4 = Endpoint.create(new DoubleItImpl());
        create4.setEndpointName(new QName(NAMESPACE, "DoubleItPortSign"));
        create4.setWsdlLocation(resource.getPath());
        create4.setAddress(POLICY_SIGN_ADDRESS);
        create4.publish();
        setCryptoProperties(create4.getServer().getEndpoint().getEndpointInfo(), "bob.properties", "alice.properties");
        EndpointImpl create5 = Endpoint.create(new DoubleItImpl());
        create5.setEndpointName(new QName(NAMESPACE, "DoubleItPortXPath"));
        create5.setWsdlLocation(resource.getPath());
        create5.setAddress(POLICY_XPATH_ADDRESS);
        create5.publish();
        setCryptoProperties(create5.getServer().getEndpoint().getEndpointInfo(), "alice.properties", "bob.properties");
        setCryptoProperties(Endpoint.publish(POLICY_SIGNENC_PROVIDER_ADDRESS, new DoubleItProvider()).getServer().getEndpoint().getEndpointInfo(), "bob.properties", "alice.properties");
        EndpointImpl create6 = Endpoint.create(new DoubleItImpl());
        create6.setEndpointName(new QName(NAMESPACE, "DoubleItPortSignedOnly"));
        create6.setWsdlLocation(resource.getPath());
        create6.setAddress(POLICY_SIGNONLY_ADDRESS);
        create6.publish();
        setCryptoProperties(create6.getServer().getEndpoint().getEndpointInfo(), "bob.properties", "alice.properties");
        EndpointImpl create7 = Endpoint.create(new DoubleItImpl());
        create7.setEndpointName(new QName(NAMESPACE, "DoubleItPortCXF3041"));
        create7.setWsdlLocation(resource.getPath());
        create7.setAddress(POLICY_CXF3041_ADDRESS);
        create7.publish();
        setCryptoProperties(create7.getServer().getEndpoint().getEndpointInfo(), "bob.properties", "alice.properties");
        EndpointImpl create8 = Endpoint.create(new DoubleItImpl());
        create8.setEndpointName(new QName(NAMESPACE, "DoubleItPortCXF3042"));
        create8.setWsdlLocation(resource.getPath());
        create8.setAddress(POLICY_CXF3042_ADDRESS);
        create8.publish();
        setCryptoProperties(create8.getServer().getEndpoint().getEndpointInfo(), "alice.properties", "alice.properties");
        EndpointImpl create9 = Endpoint.create(new DoubleItImpl());
        create9.setEndpointName(new QName(NAMESPACE, "DoubleItPortCXF3452"));
        create9.setWsdlLocation(resource.getPath());
        create9.setAddress(POLICY_CXF3452_ADDRESS);
        create9.publish();
        EndpointInfo endpointInfo = create9.getServer().getEndpoint().getEndpointInfo();
        setCryptoProperties(endpointInfo, "alice.properties", "alice.properties");
        endpointInfo.setProperty("schema-validation-enabled", Boolean.TRUE);
    }

    @AfterClass
    public static void cleanup() throws Exception {
        SecurityTestUtil.cleanup();
        stopAllServers();
    }

    private static void setCryptoProperties(EndpointInfo endpointInfo, String str, String str2) {
        endpointInfo.setProperty("ws-security.callback-handler", new KeystorePasswordCallback());
        endpointInfo.setProperty("ws-security.signature.properties", SecurityPolicyTest.class.getResource(str).toString());
        endpointInfo.setProperty("ws-security.encryption.properties", SecurityPolicyTest.class.getResource(str2).toString());
    }

    @Test
    public void testPolicy() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(SecurityPolicyTest.class.getResource("https_config_client.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        Service create = Service.create(SecurityPolicyTest.class.getResource("DoubleIt.wsdl"), SERVICE_QNAME);
        Closeable closeable = (DoubleItPortType) create.getPort(new QName(NAMESPACE, "DoubleItPortXPath"), DoubleItPortType.class);
        updateAddressPort(closeable, PORT);
        ((BindingProvider) closeable).getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        ((BindingProvider) closeable).getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        ((BindingProvider) closeable).getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        assertEquals(10L, closeable.doubleIt(5));
        closeable.close();
        Closeable closeable2 = (DoubleItPortType) create.getPort(new QName(NAMESPACE, "DoubleItPortEncryptThenSign"), DoubleItPortType.class);
        updateAddressPort(closeable2, PORT);
        ((BindingProvider) closeable2).getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        ((BindingProvider) closeable2).getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        ((BindingProvider) closeable2).getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        closeable2.doubleIt(5);
        closeable2.close();
        Closeable closeable3 = (DoubleItPortType) create.getPort(new QName(NAMESPACE, "DoubleItPortSign"), DoubleItPortType.class);
        updateAddressPort(closeable3, PORT);
        ((BindingProvider) closeable3).getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        ((BindingProvider) closeable3).getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        ((BindingProvider) closeable3).getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        closeable3.doubleIt(5);
        closeable3.close();
        Closeable closeable4 = (DoubleItPortType) create.getPort(new QName(NAMESPACE, "DoubleItPortSignThenEncrypt"), DoubleItPortType.class);
        updateAddressPort(closeable4, PORT);
        ((BindingProvider) closeable4).getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        ((BindingProvider) closeable4).getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        ((BindingProvider) closeable4).getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        closeable4.doubleIt(5);
        ((BindingProvider) closeable4).getRequestContext().put("javax.xml.ws.service.endpoint.address", POLICY_SIGNENC_PROVIDER_ADDRESS);
        assertEquals(10L, closeable4.doubleIt(5));
        closeable4.close();
        DoubleItPortType doubleItPortType = (DoubleItPortType) create.getPort(new QName(NAMESPACE, "DoubleItPortHttps"), DoubleItPortType.class);
        updateAddressPort(doubleItPortType, SSL_PORT);
        try {
            doubleItPortType.doubleIt(25);
        } catch (Exception e) {
            if (!e.getMessage().contains("sername")) {
                throw e;
            }
        }
        ((BindingProvider) doubleItPortType).getRequestContext().put("ws-security.username", "bob");
        ((BindingProvider) doubleItPortType).getRequestContext().put("ws-security.signature.username", "bob");
        ((BindingProvider) doubleItPortType).getRequestContext().put("ws-security.password", "pwd");
        doubleItPortType.doubleIt(25);
        ((Closeable) doubleItPortType).close();
        try {
            doubleItPortType = (DoubleItPortType) create.getPort(new QName(NAMESPACE, "DoubleItPortHttp"), DoubleItPortType.class);
            updateAddressPort(doubleItPortType, PORT);
            doubleItPortType.doubleIt(25);
            fail("https policy should have triggered");
        } catch (Exception e2) {
            if (!e2.getMessage().contains("HttpsToken")) {
                throw e2;
            }
        }
        ((Closeable) doubleItPortType).close();
        createBus.shutdown(true);
    }

    @Test
    public void testSignedOnlyWithUnsignedMessage() throws Exception {
        Bus createBus = new SpringBusFactory().createBus();
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        Service create = Service.create(SecurityPolicyTest.class.getResource("DoubleIt.wsdl"), SERVICE_QNAME);
        Closeable closeable = (DoubleItPortType) create.getPort(new QName(NAMESPACE, "DoubleItPortSignedOnly"), DoubleItPortType.class);
        updateAddressPort(closeable, PORT);
        ((BindingProvider) closeable).getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        ((BindingProvider) closeable).getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        ((BindingProvider) closeable).getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        assertEquals(10L, closeable.doubleIt(5));
        closeable.close();
        Closeable closeable2 = (DoubleItPortType) create.getPort(new QName(NAMESPACE, "DoubleItPortTimestampOnly"), DoubleItPortType.class);
        ((BindingProvider) closeable2).getRequestContext().put("javax.xml.ws.service.endpoint.address", POLICY_SIGNONLY_ADDRESS);
        try {
            closeable2.doubleIt(5);
            fail("should have had a security/policy exception as the body wasn't signed");
        } catch (Exception e) {
            assertTrue(e.getMessage().contains("policy alternatives"));
        }
        closeable2.close();
        createBus.shutdown(true);
    }

    @Test
    public void testDispatchClient() throws Exception {
        Bus createBus = new SpringBusFactory().createBus();
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        Dispatch createDispatch = Service.create(SecurityPolicyTest.class.getResource("DoubleIt.wsdl"), SERVICE_QNAME).createDispatch(new QName(NAMESPACE, "DoubleItPortEncryptThenSign"), Source.class, Service.Mode.PAYLOAD);
        createDispatch.getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        createDispatch.getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        createDispatch.getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        updateAddressPort(createDispatch, PORT);
        Node fromSource = XMLUtils.fromSource((Source) createDispatch.invoke(new StreamSource(new StringReader("<ns2:DoubleIt xmlns:ns2=\"http://www.example.org/schema/DoubleIt\"><numberToDouble>25</numberToDouble></ns2:DoubleIt>"))));
        if (fromSource instanceof Document) {
            fromSource = ((Document) fromSource).getDocumentElement();
        }
        HashMap hashMap = new HashMap();
        hashMap.put("ns2", "http://www.example.org/schema/DoubleIt");
        assertEquals(XMLUtils.toString(fromSource), "50", new XPathUtils(hashMap).getValue("//ns2:DoubleItResponse/doubledNumber", fromSource, XPathConstants.STRING));
        createBus.shutdown(true);
    }

    @Test
    public void testCXF3041() throws Exception {
        Bus createBus = new SpringBusFactory().createBus();
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        Closeable closeable = (DoubleItPortType) Service.create(SecurityPolicyTest.class.getResource("DoubleIt.wsdl"), SERVICE_QNAME).getPort(new QName(NAMESPACE, "DoubleItPortCXF3041"), DoubleItPortType.class);
        updateAddressPort(closeable, PORT);
        ((BindingProvider) closeable).getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        ((BindingProvider) closeable).getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        ((BindingProvider) closeable).getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        assertEquals(10L, closeable.doubleIt(5));
        closeable.close();
        createBus.shutdown(true);
    }

    @Test
    public void testCXF3042() throws Exception {
        Bus createBus = new SpringBusFactory().createBus();
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        Closeable closeable = (DoubleItPortType) Service.create(SecurityPolicyTest.class.getResource("DoubleIt.wsdl"), SERVICE_QNAME).getPort(new QName(NAMESPACE, "DoubleItPortCXF3042"), DoubleItPortType.class);
        updateAddressPort(closeable, PORT);
        ((BindingProvider) closeable).getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        ((BindingProvider) closeable).getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        ((BindingProvider) closeable).getRequestContext().put("ws-security.encryption.properties", getClass().getResource("alice.properties"));
        assertEquals(10L, closeable.doubleIt(5));
        closeable.close();
        createBus.shutdown(true);
    }

    @Test
    public void testCXF3452() throws Exception {
        Bus createBus = new SpringBusFactory().createBus();
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        Closeable closeable = (DoubleItPortTypeHeader) Service.create(SecurityPolicyTest.class.getResource("DoubleIt.wsdl"), SERVICE_QNAME).getPort(new QName(NAMESPACE, "DoubleItPortCXF3452"), DoubleItPortTypeHeader.class);
        updateAddressPort(closeable, PORT);
        ((BindingProvider) closeable).getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        ((BindingProvider) closeable).getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        ((BindingProvider) closeable).getRequestContext().put("ws-security.encryption.properties", getClass().getResource("alice.properties"));
        new DoubleIt().setNumberToDouble(5);
        assertEquals(10L, closeable.doubleIt(r0, 1).getDoubledNumber());
        closeable.close();
        createBus.shutdown(true);
    }

    @Test
    public void testCXF4119() throws Exception {
        Bus createBus = new SpringBusFactory().createBus();
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        Closeable closeable = (DoubleItPortTypeHeader) Service.create(SecurityPolicyTest.class.getResource("DoubleIt.wsdl"), SERVICE_QNAME).getPort(new QName(NAMESPACE, "DoubleItPortCXF4119"), DoubleItPortTypeHeader.class);
        updateAddressPort(closeable, PORT);
        ((BindingProvider) closeable).getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        ((BindingProvider) closeable).getRequestContext().put("ws-security.signature.properties", getClass().getResource("alice.properties"));
        ((BindingProvider) closeable).getRequestContext().put("ws-security.encryption.properties", getClass().getResource("revocation.properties"));
        ((BindingProvider) closeable).getRequestContext().put("ws-security.enableRevocation", "true");
        DoubleIt doubleIt = new DoubleIt();
        doubleIt.setNumberToDouble(5);
        try {
            closeable.doubleIt(doubleIt, 1);
            fail("Failure expected on a revoked certificate");
        } catch (Exception e) {
            String message = e.getMessage();
            assertTrue(message.contains("Certificate has been revoked") || message.contains("Certificate revocation") || message.contains("Error during certificate path validation"));
        }
        closeable.close();
        createBus.shutdown(true);
    }

    @Test
    public void testCXF4122() throws Exception {
        Bus createBus = BusFactory.newInstance().createBus();
        BusFactory.setDefaultBus(createBus);
        URL resource = SecurityPolicyTest.class.getResource("DoubleIt.wsdl");
        EndpointImpl create = Endpoint.create(new DoubleItImpl());
        create.setEndpointName(new QName(NAMESPACE, "DoubleItPortCXF4122"));
        create.setWsdlLocation(resource.getPath());
        create.setAddress(POLICY_CXF4122_ADDRESS);
        create.publish();
        EndpointInfo endpointInfo = create.getServer().getEndpoint().getEndpointInfo();
        setCryptoProperties(endpointInfo, "bob.properties", "revocation.properties");
        endpointInfo.setProperty("ws-security.enableRevocation", Boolean.TRUE);
        Bus createBus2 = new SpringBusFactory().createBus();
        SpringBusFactory.setDefaultBus(createBus2);
        SpringBusFactory.setThreadDefaultBus(createBus2);
        Closeable closeable = (DoubleItPortType) Service.create(resource, SERVICE_QNAME).getPort(new QName(NAMESPACE, "DoubleItPortCXF4122"), DoubleItPortType.class);
        updateAddressPort(closeable, PORT);
        ((BindingProvider) closeable).getRequestContext().put("ws-security.callback-handler", new KeystorePasswordCallback());
        ((BindingProvider) closeable).getRequestContext().put("ws-security.signature.properties", getClass().getResource("revocation.properties"));
        ((BindingProvider) closeable).getRequestContext().put("ws-security.encryption.properties", getClass().getResource("bob.properties"));
        try {
            closeable.doubleIt(5);
            fail("should fail on server side when do signature validation due the revoked certificates");
        } catch (Exception e) {
            String message = e.getMessage();
            assertTrue(message.contains("Certificate has been revoked") || message.contains("Certificate revocation") || message.contains("Error during certificate path validation"));
        }
        closeable.close();
        create.stop();
        createBus.shutdown(true);
        createBus2.shutdown(true);
    }
}
