diff --git a/modules/testsuite/cxf-tests/pom.xml b/modules/testsuite/cxf-tests/pom.xml
index 4b981c554..2df8daa66 100644
--- a/modules/testsuite/cxf-tests/pom.xml
+++ b/modules/testsuite/cxf-tests/pom.xml
@@ -376,6 +376,94 @@
+
+ elytron
+
+
+ elytron
+
+
+
+
+
+ org.codehaus.gmaven
+ gmaven-plugin
+
+
+ elytron-testsuite-default
+ pre-integration-test
+
+ execute
+
+
+
+
+ ${jboss.home}/standalone/configuration/standalone-elytron.xml
+ ${jboss.home}/standalone/configuration/jbws-testsuite-default.xml
+ jbws-testsuite-default.log
+ ${project.build.directory}/test-classes/jbossws-users.properties
+ ${project.build.directory}/test-classes/jbossws-roles.properties
+ ${project.build.directory}/test-classes/test.keystore
+ ${project.build.directory}/test-resources
+
+
+
+
+
+
+
+
+
diff --git a/modules/testsuite/cxf-tests/src/test/etc/jbossws-users.properties b/modules/testsuite/cxf-tests/src/test/etc/jbossws-users.properties
index 1f3533572..bf690840c 100644
--- a/modules/testsuite/cxf-tests/src/test/etc/jbossws-users.properties
+++ b/modules/testsuite/cxf-tests/src/test/etc/jbossws-users.properties
@@ -1,2 +1,4 @@
# A sample users.properties file for use with the UsersRolesLoginModule
-kermit=thefrog
\ No newline at end of file
+#Elytron requires this
+#$REALM_NAME=JBOSSWS$ This line is used by the add-user utility to identify the realm name already used in this file.
+kermit=thefrog
diff --git a/modules/testsuite/cxf-tests/src/test/resources/jaxws/cxf/httpauth/WEB-INF/ws-digest-users.properties b/modules/testsuite/cxf-tests/src/test/resources/jaxws/cxf/httpauth/WEB-INF/ws-digest-users.properties
new file mode 100644
index 000000000..c3284a233
--- /dev/null
+++ b/modules/testsuite/cxf-tests/src/test/resources/jaxws/cxf/httpauth/WEB-INF/ws-digest-users.properties
@@ -0,0 +1,2 @@
+#$REALM_NAME=ws-digest-domain$ This line is used by the add-user utility to identify the realm name already used in this file.
+jbossws=148f15e82b7877e306261fff94a6ee16
diff --git a/modules/testsuite/cxf-tests/src/test/resources/jaxws/cxf/httpauth/WEB-INF/ws-users.properties b/modules/testsuite/cxf-tests/src/test/resources/jaxws/cxf/httpauth/WEB-INF/ws-users.properties
index 019cb36f3..5af6e013c 100644
--- a/modules/testsuite/cxf-tests/src/test/resources/jaxws/cxf/httpauth/WEB-INF/ws-users.properties
+++ b/modules/testsuite/cxf-tests/src/test/resources/jaxws/cxf/httpauth/WEB-INF/ws-users.properties
@@ -1 +1,2 @@
+#$REALM_NAME=ws-basic-domain$ This line is used by the add-user utility to identify the realm name already used in this file.
jbossws=jbossws
diff --git a/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaas/auth/WEB-INF/jboss-web.xml b/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaas/auth/WEB-INF/jboss-web.xml
index 6b1986017..c6520023b 100644
--- a/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaas/auth/WEB-INF/jboss-web.xml
+++ b/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/jaas/auth/WEB-INF/jboss-web.xml
@@ -3,5 +3,5 @@
- java:/jaas/JBossWS
+ java:/jaas/JAASJBossWS
diff --git a/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default-elytron.groovy b/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default-elytron.groovy
new file mode 100644
index 000000000..92cd0180b
--- /dev/null
+++ b/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default-elytron.groovy
@@ -0,0 +1,350 @@
+def root = new XmlParser().parse(project.properties['inputFile'])
+
+/**
+ * Fix logging: optionally remove CONSOLE handler and set a specific log file
+ *
+ */
+
+def logHandlers = root.profile.subsystem.'root-logger'.handlers[0]
+def consoleHandler = logHandlers.find{it.@name == 'CONSOLE'}
+if (!project.properties['enableServerLoggingToConsole']) logHandlers.remove(consoleHandler)
+def file = root.profile.subsystem.'periodic-rotating-file-handler'.file[0]
+file.attributes()['path'] = project.properties['serverLog']
+
+/**
+ * Add a security-domain block like this:
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+
+def securityDomains = root.profile.subsystem.'security-domains'[0]
+def securityDomain = securityDomains.appendNode('security-domain', ['name':'JBossWS','default-realm':'JBossWS','permission-mapper':'default-permission-mapper'])
+def realm = securityDomain.appendNode('realm',['name':'JBossWS','role-decoder':'groups-to-roles'])
+
+def basicsecurityDomain = securityDomains.appendNode('security-domain', ['name':'ws-basic-domain','default-realm':'ws-basic-domain','permission-mapper':'default-permission-mapper'])
+def basicrealm = basicsecurityDomain.appendNode('realm',['name':'ws-basic-domain','role-decoder':'groups-to-roles'])
+
+
+def digestDomain = securityDomains.appendNode('security-domain', ['name':'ws-digest-domain','default-realm':'ws-digest-domain','permission-mapper':'default-permission-mapper'])
+def digestRefRealm = digestDomain.appendNode('realm',['name':'ws-digest-domain','role-decoder':'groups-to-roles'])
+
+
+def legacyDomain = securityDomains.appendNode('security-domain', ['name':'JAASJBossWS','default-realm':'JAASJBossWSRealm','permission-mapper':'default-permission-mapper'])
+def jaasJBossWSRealm = legacyDomain.appendNode('realm',['name':'JAASJBossWSRealm'])
+
+def legacyDigestDomain = securityDomains.appendNode('security-domain', ['name':'JBossWSDigest','default-realm':'JAASJBossWSDigestRealm','permission-mapper':'default-permission-mapper'])
+def jaasJBossWDigestRealm = legacyDigestDomain.appendNode('realm',['name':'JAASJBossWSDigestRealm'])
+
+
+
+/**
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+def securityRealms = root.profile.subsystem.'security-realms'[0]
+def propertiesRealm = securityRealms.appendNode('properties-realm', ['name':'JBossWS', 'plain-text':'true'])
+def usersProperties = propertiesRealm.appendNode('users-properties',['path':project.properties['usersPropFile']])
+def groupsProperties = propertiesRealm.appendNode('groups-properties',['path':project.properties['rolesPropFile']])
+
+
+def basicPropertiesRealm = securityRealms.appendNode('properties-realm', ['name':'ws-basic-domain','plain-text':'true'])
+def basicUsersProperties = basicPropertiesRealm.appendNode('users-properties',['path': project.properties['testResourcesDir'] + '/jaxws/cxf/httpauth/WEB-INF/ws-users.properties'])
+def basicGroupsProperties = basicPropertiesRealm.appendNode('groups-properties',['path': project.properties['testResourcesDir'] + '/jaxws/cxf/httpauth/WEB-INF/ws-roles.properties'])
+
+
+def digestRealm = securityRealms.appendNode('properties-realm', ['name':'ws-digest-domain'])
+def digestUserProperties = digestRealm.appendNode('users-properties',['path': project.properties['testResourcesDir'] + '/jaxws/cxf/httpauth/WEB-INF/ws-digest-users.properties'])
+def digestGroupsProperties = digestRealm.appendNode('groups-properties',['path': project.properties['testResourcesDir'] + '/jaxws/cxf/httpauth/WEB-INF/ws-roles.properties'])
+
+
+
+
+/**
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+
+def httpAuthen = root.profile.subsystem.'http'[0]
+def httpAuthenticationFactory = httpAuthen.appendNode('http-authentication-factory', ['name':'JBossWS','http-server-mechanism-factory':'global', 'security-domain':'JBossWS'])
+def mechanismConfiguration = httpAuthenticationFactory.appendNode('mechanism-configuration')
+def mechanism = mechanismConfiguration.appendNode('mechanism',['mechanism-name':'BASIC'])
+def mechanismRealm=mechanism.appendNode('mechanism-realm',['realm-name':'JBossWS'])
+
+
+def basicHttpAuthenticationFactory = httpAuthen.appendNode('http-authentication-factory', ['name':'ws-basic-domain','http-server-mechanism-factory':'global', 'security-domain':'ws-basic-domain'])
+def basicMechanismConfiguration = basicHttpAuthenticationFactory.appendNode('mechanism-configuration')
+def basicMechanism = basicMechanismConfiguration.appendNode('mechanism',['mechanism-name':'BASIC'])
+def basicmechanismRealm = basicMechanism.appendNode('mechanism-realm',['realm-name':'ws-basic-domain'])
+
+
+
+def digestHttpAuthenticationFactory = httpAuthen.appendNode('http-authentication-factory', ['name':'ws-digest-domain','http-server-mechanism-factory':'global', 'security-domain':'ws-digest-domain'])
+def digestMechanismConfiguration = digestHttpAuthenticationFactory.appendNode('mechanism-configuration')
+def digestMechanism = digestMechanismConfiguration.appendNode('mechanism',['mechanism-name':'DIGEST'])
+def digestMechanismRealm = digestMechanism.appendNode('mechanism-realm',['realm-name':'ws-digest-domain'])
+
+
+
+
+/**
+ *
+ *
+ *
+
+ *
+ */
+//add this to ejb
+def ejbSecurityDomains = root.profile.subsystem.'application-security-domains'[0]
+def ejbSecurityDomain1 = ejbSecurityDomains.appendNode('application-security-domain', ['name':'JBossWS','security-domain':'JBossWS'])
+def ejbSecurityDomain2 = ejbSecurityDomains.appendNode('application-security-domain', ['name':'JAASJBossWS','security-domain':'JAASJBossWS'])
+def ejbSecurityDomain3 = ejbSecurityDomains.appendNode('application-security-domain', ['name':'ws-basic-domain','security-domain':'ws-basic-domain'])
+def ejbSecurityDomain4 = ejbSecurityDomains.appendNode('application-security-domain', ['name':'JBossWSDigest','security-domain':'JBossWSDigest'])
+
+//add to undertow
+def appSecurityDomains = root.profile.subsystem.'application-security-domains'[1]
+def appSecurityDomain = appSecurityDomains.appendNode('application-security-domain', ['name':'JBossWS','http-authentication-factory':'JBossWS'])
+def basicAppSecurityDomain = appSecurityDomains.appendNode('application-security-domain', ['name':'ws-basic-domain','http-authentication-factory':'ws-basic-domain'])
+def digestAppSecurityDomain = appSecurityDomains.appendNode('application-security-domain', ['name':'ws-digest-domain','http-authentication-factory':'ws-digest-domain'])
+
+
+//Add jaas picketbox security domain
+securityDomains = root.profile.subsystem.'security-domains'[1]
+/**
+ * Add a security-domain block like this:
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+
+securityDomain = securityDomains.appendNode('security-domain', ['name':'JAASJBossWS','cache-type':'default'])
+authentication = securityDomain.appendNode('authentication')
+loginModule = authentication.appendNode('login-module', ['code':'UsersRoles','flag':'required'])
+loginModule.appendNode('module-option', ['name':'unauthenticatedIdentity','value':'anonymous'])
+loginModule.appendNode('module-option', ['name':'usersProperties','value':project.properties['usersPropFile']])
+loginModule.appendNode('module-option', ['name':'rolesProperties','value':project.properties['rolesPropFile']])
+
+/**
+ * Add a security-domain block like this:
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+
+def securityDomainSts = securityDomains.appendNode('security-domain', ['name':'JBossWS-trust-sts','cache-type':'default'])
+def authenticationSts = securityDomainSts.appendNode('authentication')
+def loginModuleSts = authenticationSts.appendNode('login-module', ['code':'UsersRoles','flag':'required'])
+loginModuleSts.appendNode('module-option', ['name':'unauthenticatedIdentity','value':'anonymous'])
+loginModuleSts.appendNode('module-option', ['name':'usersProperties','value':project.properties['testResourcesDir'] + '/jaxws/samples/wsse/policy/trust/WEB-INF/jbossws-users.properties'])
+loginModuleSts.appendNode('module-option', ['name':'rolesProperties','value':project.properties['testResourcesDir'] + '/jaxws/samples/wsse/policy/trust/WEB-INF/jbossws-roles.properties'])
+
+
+/**
+ * Add a security-domain block like this:
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+
+def securityDomainDigest = securityDomains.appendNode('security-domain', ['name':'JBossWSDigest','cache-type':'default'])
+def authenticationDigest = securityDomainDigest.appendNode('authentication')
+def loginModuleDigest = authenticationDigest.appendNode('login-module', ['code':'UsersRoles','flag':'required'])
+loginModuleDigest.appendNode('module-option', ['name':'hashUserPassword','value':'false'])
+loginModuleDigest.appendNode('module-option', ['name':'hashCharset','value':'UTF-8'])
+loginModuleDigest.appendNode('module-option', ['name':'hashAlgorithm','value':'SHA'])
+loginModuleDigest.appendNode('module-option', ['name':'hashEncoding','value':'BASE64'])
+loginModuleDigest.appendNode('module-option', ['name':'storeDigestCallback','value':'org.jboss.wsf.stack.cxf.security.authentication.callback.UsernameTokenCallback'])
+loginModuleDigest.appendNode('module-option', ['name':'hashStorePassword','value':'true'])
+loginModuleDigest.appendNode('module-option', ['name':'unauthenticatedIdentity','value':'anonymous'])
+loginModuleDigest.appendNode('module-option', ['name':'usersProperties','value':project.properties['testResourcesDir'] + '/jaxws/samples/wsse/policy/jaas/digest/WEB-INF/jbossws-users.properties'])
+loginModuleDigest.appendNode('module-option', ['name':'rolesProperties','value':project.properties['testResourcesDir'] + '/jaxws/samples/wsse/policy/jaas/digest/WEB-INF/jbossws-roles.properties'])
+
+/**
+ * Add a security-domain block like this:
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+
+def securityDomainDigestAuth = securityDomains.appendNode('security-domain', ['name':'ws-digest-domain','cache-type':'default'])
+def authenticationDigestAuth = securityDomainDigestAuth.appendNode('authentication')
+def loginModuleDigestAuth = authenticationDigestAuth.appendNode('login-module', ['code':'UsersRoles','flag':'required'])
+loginModuleDigestAuth.appendNode('module-option', ['name':'hashUserPassword','value':'false'])
+loginModuleDigestAuth.appendNode('module-option', ['name':'usersProperties','value':project.properties['testResourcesDir'] + '/jaxws/cxf/httpauth/WEB-INF/ws-users.properties'])
+loginModuleDigestAuth.appendNode('module-option', ['name':'hashAlgorithm','value':'MD5'])
+loginModuleDigestAuth.appendNode('module-option', ['name':'hashEncoding','value':'RFC2617'])
+loginModuleDigestAuth.appendNode('module-option', ['name':'rolesProperties','value':project.properties['testResourcesDir'] + '/jaxws/cxf/httpauth/WEB-INF/ws-roles.properties'])
+loginModuleDigestAuth.appendNode('module-option', ['name':'storeDigestCallback','value':'org.jboss.security.auth.callback.RFC2617Digest'])
+loginModuleDigestAuth.appendNode('module-option', ['name':'hashStorePassword','value':'true'])
+
+
+/**
+ * Add two security-domain blocks for JASPI tests as below:
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+
+def securityDomainJaspi = securityDomains.appendNode('security-domain', ['name':'jaspi'])
+def authenticationJaspi = securityDomainJaspi.appendNode('authentication-jaspi')
+def loginModuleStack = authenticationJaspi.appendNode('login-module-stack', ['name':'jaas-lm-stack'])
+def loginModuleJaspi = loginModuleStack.appendNode('login-module', ['code':'UsersRoles','flag':'required'])
+loginModuleJaspi.appendNode('module-option', ['name':'usersProperties','value':project.properties['usersPropFile']])
+loginModuleJaspi.appendNode('module-option', ['name':'rolesProperties','value':project.properties['rolesPropFile']])
+authenticationJaspi.appendNode('auth-module', ['code':'org.jboss.wsf.stack.cxf.jaspi.module.UsernameTokenServerAuthModule','login-module-stack-ref':'jaas-lm-stack'])
+
+def securityDomainJaspiClient = securityDomains.appendNode('security-domain', ['name':'clientJaspi'])
+def authenticationJaspiClient = securityDomainJaspiClient.appendNode('authentication-jaspi')
+def loginModuleStackClient = authenticationJaspiClient.appendNode('login-module-stack', ['name':'jaas-lm-stack'])
+def loginModuleJaspiClient = loginModuleStackClient.appendNode('login-module', ['code':'UsersRoles','flag':'required'])
+loginModuleJaspiClient.appendNode('module-option', ['name':'usersProperties','value':project.properties['usersPropFile']])
+loginModuleJaspiClient.appendNode('module-option', ['name':'rolesProperties','value':project.properties['rolesPropFile']])
+authenticationJaspiClient.appendNode('auth-module', ['code':'org.jboss.wsf.stack.cxf.jaspi.client.module.SOAPClientAuthModule','login-module-stack-ref':'jaas-lm-stack'])
+
+
+
+def jbossDomainSecurity3_0 = securityDomains.parent()
+elytronIntegration = jbossDomainSecurity3_0.appendNode('elytron-integration')
+elytronRealms = elytronIntegration.appendNode('security-realms')
+elytronRealms.appendNode('elytron-realm', ['name':'JAASJBossWSRealm','legacy-jaas-config':'JAASJBossWS'])
+elytronRealms.appendNode('elytron-realm', ['name':'JAASJBossWSDigestRealm','legacy-jaas-config':'JBossWSDigest'])
+
+
+/**
+ * Add a https connector like this:
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+
+def rootsecurityRealms = root.management.'security-realms'[0]
+def rootsecurityRealm = rootsecurityRealms.appendNode('security-realm', ['name':'jbws-test-https-realm'])
+def serverIdentities = rootsecurityRealm.appendNode('server-identities')
+def ssl = serverIdentities.appendNode('ssl')
+ssl.appendNode('keystore', ['path':project.properties['keystorePath'],'keystore-password':'changeit','alias':'tomcat'])
+
+def server = root.profile.subsystem.server[0]
+def curHttpsListener = server.'https-listener'[0]
+if (curHttpsListener != null) server.remove(curHttpsListener)
+server.appendNode('https-listener', ['name':'jbws-test-https-listener','socket-binding':'https','security-realm':'jbws-test-https-realm'])
+
+
+/**
+ *
+ * Add a system property for JBWS-3628 testcase
+ */
+root.children().add(1, new Node(null, 'system-properties', null)) //add system-properties node after the extensions
+def systemProperties = root.'system-properties'[0]
+systemProperties.appendNode('property', ['name':'org.jboss.wsf.test.JBWS3628TestCase.policy','value':'WS-Addressing_policy'])
+
+
+/**
+ * Save the configuration to a new file
+ */
+
+def writer = new StringWriter()
+writer.println('')
+new XmlNodePrinter(new PrintWriter(writer)).print(root)
+def f = new File(project.properties['outputFile'])
+f.write(writer.toString())
diff --git a/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default.groovy b/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default.groovy
index da7c7581b..c7555ebcb 100644
--- a/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default.groovy
+++ b/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default.groovy
@@ -13,7 +13,7 @@ file.attributes()['path'] = project.properties['serverLog']
/**
* Add a security-domain block like this:
*
- *
+ *
*
*
*
@@ -26,13 +26,36 @@ file.attributes()['path'] = project.properties['serverLog']
*/
def securityDomains = root.profile.subsystem.'security-domains'[0]
-def securityDomain = securityDomains.appendNode('security-domain', ['name':'JBossWS','cache-type':'default'])
+def securityDomain = securityDomains.appendNode('security-domain', ['name':'JAASJBossWS','cache-type':'default'])
def authentication = securityDomain.appendNode('authentication')
def loginModule = authentication.appendNode('login-module', ['code':'UsersRoles','flag':'required'])
loginModule.appendNode('module-option', ['name':'unauthenticatedIdentity','value':'anonymous'])
loginModule.appendNode('module-option', ['name':'usersProperties','value':project.properties['usersPropFile']])
loginModule.appendNode('module-option', ['name':'rolesProperties','value':project.properties['rolesPropFile']])
+
+/**
+ * Add a security-domain block like this:
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+
+def jbsecurityDomain = securityDomains.appendNode('security-domain', ['name':'JBossWS','cache-type':'default'])
+def jbauthentication = jbsecurityDomain.appendNode('authentication')
+def jbloginModule = jbauthentication.appendNode('login-module', ['code':'UsersRoles','flag':'required'])
+jbloginModule.appendNode('module-option', ['name':'unauthenticatedIdentity','value':'anonymous'])
+jbloginModule.appendNode('module-option', ['name':'usersProperties','value':project.properties['usersPropFile']])
+jbloginModule.appendNode('module-option', ['name':'rolesProperties','value':project.properties['rolesPropFile']])
+
/**
* Add a security-domain block like this:
*
diff --git a/modules/testsuite/shared-tests/pom.xml b/modules/testsuite/shared-tests/pom.xml
index e5d97f275..5559aa5ad 100644
--- a/modules/testsuite/shared-tests/pom.xml
+++ b/modules/testsuite/shared-tests/pom.xml
@@ -272,6 +272,76 @@
+
+
+ elytron
+
+
+ elytron
+
+
+
+
+
+ org.codehaus.gmaven
+ gmaven-plugin
+
+
+ testsuite-default
+ pre-integration-test
+
+ execute
+
+
+
+
+ ${jboss.home}/standalone/configuration/standalone-elytron.xml
+ ${jboss.home}/standalone/configuration/jbws-testsuite-shared-default.xml
+ jbws-testsuite-shared-default.log
+ ${project.build.directory}/test-classes/jbossws-users.properties
+ ${project.build.directory}/test-classes/jbossws-roles.properties
+ ${project.build.directory}/test-classes/test.keystore
+ ${project.build.directory}/test-resources
+
+
+
+
+ testsuite-default-config-tests
+ pre-integration-test
+
+ execute
+
+
+
+
+ ${jboss.home}/standalone/configuration/standalone.xml
+ ${jboss.home}/standalone/configuration/jbws-testsuite-shared-default-config-tests.xml
+ jbws-testsuite-shared-default-config-tests.log
+
+
+
+
+ testsuite-address-rewrite
+ pre-integration-test
+
+ execute
+
+
+
+
+ ${jboss.home}/standalone/configuration/standalone.xml
+ ${jboss.home}/standalone/configuration/jbws-testsuite-shared-address-rewrite.xml
+ jbws-testsuite-shared-address-rewrite.log
+ ${project.build.directory}/test-classes/test.keystore
+
+
+
+
+
+
+
+
+
diff --git a/modules/testsuite/shared-tests/src/test/etc/jbossws-users.properties b/modules/testsuite/shared-tests/src/test/etc/jbossws-users.properties
index 1f3533572..bf690840c 100644
--- a/modules/testsuite/shared-tests/src/test/etc/jbossws-users.properties
+++ b/modules/testsuite/shared-tests/src/test/etc/jbossws-users.properties
@@ -1,2 +1,4 @@
# A sample users.properties file for use with the UsersRolesLoginModule
-kermit=thefrog
\ No newline at end of file
+#Elytron requires this
+#$REALM_NAME=JBOSSWS$ This line is used by the add-user utility to identify the realm name already used in this file.
+kermit=thefrog
diff --git a/modules/testsuite/shared-tests/src/test/resources/jaxws/handlerauth/jbossws-users.properties b/modules/testsuite/shared-tests/src/test/resources/jaxws/handlerauth/jbossws-users.properties
index 05c8fa690..9877b6859 100644
--- a/modules/testsuite/shared-tests/src/test/resources/jaxws/handlerauth/jbossws-users.properties
+++ b/modules/testsuite/shared-tests/src/test/resources/jaxws/handlerauth/jbossws-users.properties
@@ -1,3 +1,5 @@
# A sample users.properties file for use with the UsersRolesLoginModule
+#Elytron requires this
+#$REALM_NAME=handlerauth-security-domain$ This line is used by the add-user utility to identify the realm name already used in this file.
John=foo
Bob=bar
\ No newline at end of file
diff --git a/modules/testsuite/shared-tests/src/test/resources/jaxws/samples/securityDomain/jbossws-users.properties b/modules/testsuite/shared-tests/src/test/resources/jaxws/samples/securityDomain/jbossws-users.properties
index 6167d2dd8..ca37e9de1 100644
--- a/modules/testsuite/shared-tests/src/test/resources/jaxws/samples/securityDomain/jbossws-users.properties
+++ b/modules/testsuite/shared-tests/src/test/resources/jaxws/samples/securityDomain/jbossws-users.properties
@@ -1,4 +1,6 @@
# A sample users.properties file for use with the UsersRolesLoginModule
+#Elytron requires this
+#$REALM_NAME=JBossWSSecurityDomainTest$ This line is used by the add-user utility to identify the realm name already used in this file.
bob=foo
john=bar
kate=theprincess
\ No newline at end of file
diff --git a/modules/testsuite/shared-tests/src/test/scripts/jbws-testsuite-shared-default-elytron.groovy b/modules/testsuite/shared-tests/src/test/scripts/jbws-testsuite-shared-default-elytron.groovy
new file mode 100644
index 000000000..c5d12cfe9
--- /dev/null
+++ b/modules/testsuite/shared-tests/src/test/scripts/jbws-testsuite-shared-default-elytron.groovy
@@ -0,0 +1,141 @@
+def root = new XmlParser().parse(project.properties['inputFile'])
+
+/**
+ * Fix logging: optionally remove CONSOLE handler and set a specific log file
+ *
+ */
+def logHandlers = root.profile.subsystem.'root-logger'.handlers[0]
+def consoleHandler = logHandlers.find{it.@name == 'CONSOLE'}
+if (!project.properties['enableServerLoggingToConsole']) logHandlers.remove(consoleHandler)
+def file = root.profile.subsystem.'periodic-rotating-file-handler'.file[0]
+file.attributes()['path'] = project.properties['serverLog']
+
+
+/**
+ Elytron security domian
+**/
+def securityDomains = root.profile.subsystem.'security-domains'[0]
+def securityDomain = securityDomains.appendNode('security-domain', ['name':'JBossWS','default-realm':'JBossWS','permission-mapper':'default-permission-mapper'])
+def realm = securityDomain.appendNode('realm',['name':'JBossWS','role-decoder':'groups-to-roles'])
+
+def securityDomain2 = securityDomains.appendNode('security-domain', ['name':'handlerauth-security-domain','default-realm':'handlerauth-security-domain','permission-mapper':'default-permission-mapper'])
+def realm2 = securityDomain2.appendNode('realm',['name':'handlerauth-security-domain','role-decoder':'groups-to-roles'])
+
+def securityDomain3 = securityDomains.appendNode('security-domain', ['name':'JBossWSSecurityDomainPermitAllTest','default-realm':'JBossWSSecurityDomainPermitAllTest','permission-mapper':'default-permission-mapper'])
+def realm3 = securityDomain3.appendNode('realm',['name':'JBossWSSecurityDomainPermitAllTest','role-decoder':'groups-to-roles'])
+
+def securityDomain4 = securityDomains.appendNode('security-domain', ['name':'JBossWSSecurityDomainTest','default-realm':'JBossWSSecurityDomainTest','permission-mapper':'default-permission-mapper'])
+def realm4 = securityDomain4.appendNode('realm',['name':'JBossWSSecurityDomainTest','role-decoder':'groups-to-roles'])
+
+
+
+/**
+ Elytron security realm
+**/
+
+def securityRealms = root.profile.subsystem.'security-realms'[0]
+def propertiesRealm = securityRealms.appendNode('properties-realm', ['name':'JBossWS', 'plain-text':'true'])
+def usersProperties = propertiesRealm.appendNode('users-properties',['path':project.properties['usersPropFile']])
+def groupsProperties = propertiesRealm.appendNode('groups-properties',['path':project.properties['rolesPropFile']])
+
+
+def propertiesRealm2 = securityRealms.appendNode('properties-realm', ['name':'handlerauth-security-domain', 'plain-text':'true'])
+def usersProperties2 = propertiesRealm2.appendNode('users-properties',['path':project.properties['testResourcesDir'] + '/jaxws/handlerauth/jbossws-users.properties'])
+def groupsProperties2 = propertiesRealm2.appendNode('groups-properties',['path':project.properties['testResourcesDir'] + '/jaxws/handlerauth/jbossws-roles.properties'])
+
+
+def propertiesRealm3 = securityRealms.appendNode('properties-realm', ['name':'JBossWSSecurityDomainPermitAllTest', 'plain-text':'true'])
+def usersProperties3 = propertiesRealm3.appendNode('users-properties',['path':project.properties['testResourcesDir'] + '/jaxws/samples/securityDomain/jbossws-users.properties'])
+def groupsProperties3 = propertiesRealm3.appendNode('groups-properties',['path':project.properties['testResourcesDir'] + '/jaxws/samples/securityDomain/jbossws-roles.properties'])
+
+def propertiesRealm4 = securityRealms.appendNode('properties-realm', ['name':'JBossWSSecurityDomainTest', 'plain-text':'true'])
+def usersProperties4 = propertiesRealm4.appendNode('users-properties',['path':project.properties['testResourcesDir'] + '/jaxws/samples/securityDomain/jbossws-users.properties'])
+def groupsProperties4 = propertiesRealm4.appendNode('groups-properties',['path':project.properties['testResourcesDir'] + '/jaxws/samples/securityDomain/jbossws-roles.properties'])
+
+
+
+/**
+ HttpAuthentication Factory
+**/
+
+def httpAuthen = root.profile.subsystem.'http'[0]
+
+def httpAuthenticationFactory = httpAuthen.appendNode('http-authentication-factory', ['name':'JBossWS','http-server-mechanism-factory':'global', 'security-domain':'JBossWS'])
+def mechanismConfiguration = httpAuthenticationFactory.appendNode('mechanism-configuration')
+def mechanism = mechanismConfiguration.appendNode('mechanism',['mechanism-name':'BASIC'])
+def mechanismRealm=mechanism.appendNode('mechanism-realm',['realm-name':'JBossWS'])
+
+
+def httpAuthenticationFactory2 = httpAuthen.appendNode('http-authentication-factory', ['name':'handlerauth-security-domain','http-server-mechanism-factory':'global', 'security-domain':'handlerauth-security-domain'])
+def mechanismConfiguration2 = httpAuthenticationFactory2.appendNode('mechanism-configuration')
+def mechanism2 = mechanismConfiguration2.appendNode('mechanism',['mechanism-name':'BASIC'])
+def mechanismRealm2=mechanism2.appendNode('mechanism-realm',['realm-name':'handlerauth-security-domain'])
+
+def httpAuthenticationFactory3 = httpAuthen.appendNode('http-authentication-factory', ['name':'JBossWSSecurityDomainPermitAllTest','http-server-mechanism-factory':'global', 'security-domain':'JBossWSSecurityDomainPermitAllTest'])
+def mechanismConfiguration3 = httpAuthenticationFactory3.appendNode('mechanism-configuration')
+def mechanism3 = mechanismConfiguration3.appendNode('mechanism',['mechanism-name':'BASIC'])
+def mechanismRealm3=mechanism3.appendNode('mechanism-realm',['realm-name':'JBossWSSecurityDomainPermitAllTest'])
+
+
+def httpAuthenticationFactory4 = httpAuthen.appendNode('http-authentication-factory', ['name':'JBossWSSecurityDomainTest','http-server-mechanism-factory':'global', 'security-domain':'JBossWSSecurityDomainTest'])
+def mechanismConfiguration4 = httpAuthenticationFactory4.appendNode('mechanism-configuration')
+def mechanism4 = mechanismConfiguration4.appendNode('mechanism',['mechanism-name':'BASIC'])
+def mechanismRealm4=mechanism4.appendNode('mechanism-realm',['realm-name':'JBossWSSecurityDomainTest'])
+
+
+/**
+ Ejb security domain
+**/
+
+//add this to ejb
+def ejbSecurityDomains = root.profile.subsystem.'application-security-domains'[0]
+def ejbSecurityDomain1 = ejbSecurityDomains.appendNode('application-security-domain', ['name':'JBossWS','security-domain':'JBossWS'])
+def ejbSecurityDomain2 = ejbSecurityDomains.appendNode('application-security-domain', ['name':'handlerauth-security-domain','security-domain':'handlerauth-security-domain'])
+def ejbSecurityDomain3 = ejbSecurityDomains.appendNode('application-security-domain', ['name':'JBossWSSecurityDomainPermitAllTest','security-domain':'JBossWSSecurityDomainPermitAllTest'])
+def ejbSecurityDomain4 = ejbSecurityDomains.appendNode('application-security-domain', ['name':'JBossWSSecurityDomainTest','security-domain':'JBossWSSecurityDomainTest'])
+
+
+/**
+ Undertow security domain
+**/
+def appSecurityDomains = root.profile.subsystem.'application-security-domains'[1]
+def appSecurityDomain = appSecurityDomains.appendNode('application-security-domain', ['name':'JBossWS','http-authentication-factory':'JBossWS'])
+def basicAppSecurityDomain = appSecurityDomains.appendNode('application-security-domain', ['name':'handlerauth-security-domain','http-authentication-factory':'handlerauth-security-domain'])
+def basicAppSecurityDomain2 = appSecurityDomains.appendNode('application-security-domain', ['name':'JBossWSSecurityDomainPermitAllTest','http-authentication-factory':'JBossWSSecurityDomainPermitAllTest'])
+def basicAppSecurityDomain3 = appSecurityDomains.appendNode('application-security-domain', ['name':'JBossWSSecurityDomainTest','http-authentication-factory':'JBossWSSecurityDomainTest'])
+
+
+
+/**
+ * Add a https connector like this:
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ *
+ */
+
+def rootsecurityRealms = root.management.'security-realms'[0]
+def rootsecurityRealm = rootsecurityRealms.appendNode('security-realm', ['name':'jbws-test-https-realm'])
+def serverIdentities = rootsecurityRealm.appendNode('server-identities')
+def ssl = serverIdentities.appendNode('ssl')
+ssl.appendNode('keystore', ['path':project.properties['keystorePath'],'keystore-password':'changeit','alias':'tomcat'])
+
+def server = root.profile.subsystem.server[0]
+def curHttpsListener = server.'https-listener'[0]
+if (curHttpsListener != null) server.remove(curHttpsListener)
+server.appendNode('https-listener', ['name':'jbws-test-https-listener','socket-binding':'https','security-realm':'jbws-test-https-realm'])
+
+/**
+ * Save the configuration to a new file
+ */
+
+def writer = new StringWriter()
+writer.println('')
+new XmlNodePrinter(new PrintWriter(writer)).print(root)
+def f = new File(project.properties['outputFile'])
+f.write(writer.toString())