<?xml version="1.0" encoding="utf-8"?>
<wsdl20:description targetNamespace="http://example.com/ws/2004/09/policy"
  xmlns:tns="http://example.com/ws/2004/09/policy" xmlns:xs="http://www.w3.org/2001/XMLSchema"
  xmlns:wsdl20="http://www.w3.org/ns/wsdl" xmlns:wsoap="http://www.w3.org/ns/wsdl/soap"
  xmlns:wsp="http://www.w3.org/ns/ws-policy"
  xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
  xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.w3.org/2001/XMLSchema http://www.w3.org/2001/XMLSchema.xsd
  http://www.w3.org/ns/wsdl http://www.w3.org/2006/03/wsdl/wsdl20.xsd
  http://www.w3.org/ns/wsdl/soap http://www.w3.org/2006/03/wsdl/soap.xsd
  http://www.w3.org/ns/ws-policy http://www.w3.org/2002/ws/policy/ns/ws-policy">
  
  <wsp:Policy wsu:Id="T1Endpoint">
    <!-- Policy alternative T1 - Anonymous client -->
    <sp:TransportBinding>
      <wsp:Policy>
        <sp:TransportToken>
          <wsp:Policy>
            <sp:HttpsToken>
              <wsp:Policy />
            </sp:HttpsToken>
          </wsp:Policy>
        </sp:TransportToken>
        <sp:AlgorithmSuite>
          <wsp:Policy>
            <sp:Basic256Rsa15/>
          </wsp:Policy>
        </sp:AlgorithmSuite>
        <sp:Layout>
          <wsp:Policy>
            <sp:Lax/>
          </wsp:Policy>
        </sp:Layout>
        <sp:IncludeTimestamp/>
      </wsp:Policy>
    </sp:TransportBinding>
  </wsp:Policy>
  <wsp:Policy wsu:Id="T3Endpoint">
    <!-- Policy alternative T3 - Authenticated client with username/password token -->
    <sp:TransportBinding>
      <wsp:Policy>
        <sp:TransportToken>
          <wsp:Policy>
            <sp:HttpsToken>
              <wsp:Policy />
            </sp:HttpsToken>
          </wsp:Policy>
        </sp:TransportToken>
        <sp:AlgorithmSuite>
          <wsp:Policy>
            <sp:Basic256Rsa15/>
          </wsp:Policy>
        </sp:AlgorithmSuite>
        <sp:Layout>
          <wsp:Policy>
            <sp:Lax/>
          </wsp:Policy>
        </sp:Layout>
        <sp:IncludeTimestamp/>
      </wsp:Policy>
    </sp:TransportBinding>
    <sp:SignedSupportingTokens>
      <wsp:Policy>
        <sp:UsernameToken
          sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToRecipient">
          <wsp:Policy>
            <sp:WssUsernameToken10/>
          </wsp:Policy>
        </sp:UsernameToken>
      </wsp:Policy>
    </sp:SignedSupportingTokens>
    <sp:Wss10>
      <wsp:Policy>
        <sp:MustSupportRefKeyIdentifier/>
        <sp:MustSupportRefIssuerSerial/>
      </wsp:Policy>
    </sp:Wss10>
  </wsp:Policy>
  <wsp:Policy wsu:Id="A11Endpoint">
    <!-- Asymmetric Policy A11 - X509 with mutual authentication and AES 256 -->
    <sp:AsymmetricBinding>
      <wsp:Policy>
        <sp:RecipientToken>
          <wsp:Policy>
            <sp:X509Token
              sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/Never">
              <wsp:Policy>
                <sp:WssX509V3Token10/>
              </wsp:Policy>
            </sp:X509Token>
          </wsp:Policy>
        </sp:RecipientToken>
        <sp:InitiatorToken>
          <wsp:Policy>
            <sp:X509Token
              sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToRecipient">
              <wsp:Policy>
                <sp:WssX509V3Token10/>
              </wsp:Policy>
            </sp:X509Token>
          </wsp:Policy>
        </sp:InitiatorToken>
        <sp:AlgorithmSuite>
          <wsp:Policy>
            <sp:Basic256Rsa15/>
          </wsp:Policy>
        </sp:AlgorithmSuite>
        <sp:Layout>
          <wsp:Policy>
            <sp:Lax/>
          </wsp:Policy>
        </sp:Layout>
        <sp:IncludeTimestamp/>
        <sp:OnlySignEntireHeadersAndBody/>
      </wsp:Policy>
    </sp:AsymmetricBinding>
    <sp:Wss10>
      <wsp:Policy>
        <sp:MustSupportRefKeyIdentifier/>
        <sp:MustSupportRefIssuerSerial/>
      </wsp:Policy>
    </sp:Wss10>
  </wsp:Policy>
  <wsp:Policy wsu:Id="A12Endpoint">
    <!-- Asymmetric Policy A12 - X509 with mutual authentication and 3DES -->
    <sp:AsymmetricBinding>
      <wsp:Policy>
        <sp:RecipientToken>
          <wsp:Policy>
            <sp:X509Token
              sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/Never">
              <wsp:Policy>
                <sp:WssX509V3Token10/>
              </wsp:Policy>
            </sp:X509Token>
          </wsp:Policy>
        </sp:RecipientToken>
        <sp:InitiatorToken>
          <wsp:Policy>
            <sp:X509Token
              sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToRecipient">
              <wsp:Policy>
                <sp:WssX509V3Token10/>
              </wsp:Policy>
            </sp:X509Token>
          </wsp:Policy>
        </sp:InitiatorToken>
        <sp:AlgorithmSuite>
          <wsp:Policy>
            <sp:TripleDesRsa15/>
          </wsp:Policy>
        </sp:AlgorithmSuite>
        <sp:Layout>
          <wsp:Policy>
            <sp:Lax/>
          </wsp:Policy>
        </sp:Layout>
        <sp:IncludeTimestamp/>
        <sp:OnlySignEntireHeadersAndBody/>
      </wsp:Policy>
    </sp:AsymmetricBinding>
    <sp:Wss10>
      <wsp:Policy>
        <sp:MustSupportRefKeyIdentifier/>
        <sp:MustSupportRefIssuerSerial/>
      </wsp:Policy>
    </sp:Wss10>
  </wsp:Policy>
  <wsp:Policy wsu:Id="AMessage">
    <sp:SignedParts>
      <sp:Body/>
    </sp:SignedParts>
    <sp:EncryptedParts>
      <sp:Body/>
    </sp:EncryptedParts>
  </wsp:Policy>
  
  <wsdl20:types>
    <xs:schema targetNamespace="http://example.com/ws/2004/09/policy" blockDefault="#all"
      elementFormDefault="qualified">
      <xs:element name="EchoRequest" type="xs:string"/>
      <xs:element name="EchoResponse" type="xs:string"/>
    </xs:schema>
  </wsdl20:types>
  
  <wsdl20:interface name="Test">
    <wsdl20:operation name="Echo" pattern="http://www.w3.org/ns/wsdl/in-out">
      <wsdl20:input element="tns:EchoRequest" />
      <wsdl20:output element="tns:EchoResponse" />
    </wsdl20:operation>
  </wsdl20:interface>
  
  <wsdl20:binding name="NoSecurityBinding" interface="tns:Test"
    type="http://www.w3.org/ns/wsdl/soap"
    wsoap:protocol="http://www.w3.org/2003/05/soap/bindings/HTTP/">
    <wsdl20:operation ref="tns:Echo" wsoap:action="http://example.com/ws/2004/09/policy/Test/EchoRequest">
      <wsdl20:input> </wsdl20:input>
      <wsdl20:output> </wsdl20:output>
    </wsdl20:operation>
  </wsdl20:binding>
  
  <wsdl20:binding name="T1Binding" interface="tns:Test" type="http://www.w3.org/ns/wsdl/soap"
    wsoap:protocol="http://www.w3.org/2003/05/soap/bindings/HTTP/">
    <wsp:PolicyReference URI="#T1Endpoint" wsdl20:required="true"/>
    <wsdl20:operation ref="tns:Echo" wsoap:action="http://example.com/ws/2004/09/policy/Test/EchoRequest">
      <wsdl20:input> </wsdl20:input>
      <wsdl20:output> </wsdl20:output>
    </wsdl20:operation>
  </wsdl20:binding>
  
  <wsdl20:binding name="T3Binding" interface="tns:Test" type="http://www.w3.org/ns/wsdl/soap"
    wsoap:protocol="http://www.w3.org/2003/05/soap/bindings/HTTP/">
    <wsp:PolicyReference URI="#T3Endpoint" wsdl20:required="true"/>
    <wsdl20:operation ref="tns:Echo" wsoap:action="http://example.com/ws/2004/09/policy/Test/EchoRequest">
      <wsdl20:input> </wsdl20:input>
      <wsdl20:output> </wsdl20:output>
    </wsdl20:operation>
  </wsdl20:binding>
  
  <wsdl20:binding name="A11Binding" interface="tns:Test"
    type="http://www.w3.org/ns/wsdl/soap"
    wsoap:protocol="http://www.w3.org/2003/05/soap/bindings/HTTP/">
    <wsp:PolicyReference URI="#A11Endpoint" wsdl20:required="true"/>
    <wsdl20:operation ref="tns:Echo" wsoap:action="http://example.com/ws/2004/09/policy/Test/EchoRequest">
      <wsdl20:input>
        <wsp:PolicyReference URI="#AMessage" wsdl20:required="true"/>
      </wsdl20:input>
      <wsdl20:output>
        <wsp:PolicyReference URI="#AMessage" wsdl20:required="true"/>
      </wsdl20:output>
    </wsdl20:operation>
  </wsdl20:binding>
  
  <wsdl20:binding name="A12Binding" interface="tns:Test"
    type="http://www.w3.org/ns/wsdl/soap"
    wsoap:protocol="http://www.w3.org/2003/05/soap/bindings/HTTP/">
    <wsp:PolicyReference URI="#A12Endpoint" wsdl20:required="true"/>
    <wsdl20:operation ref="tns:Echo" wsoap:action="http://example.com/ws/2004/09/policy/Test/EchoRequest">
      <wsdl20:input>
        <wsp:PolicyReference URI="#AMessage" wsdl20:required="true"/>
      </wsdl20:input>
      <wsdl20:output>
        <wsp:PolicyReference URI="#AMessage" wsdl20:required="true"/>
      </wsdl20:output>
    </wsdl20:operation>
  </wsdl20:binding>
  
  <wsdl20:service name="Test" interface="tns:Test">
    <wsdl20:endpoint name="NoSecurityPort" binding="tns:NoSecurityBinding" address="http://www.soaphub.org/wspolicy/services/T0-2"> </wsdl20:endpoint>
    <wsdl20:endpoint name="T1Port" binding="tns:T1Binding" address="https://www.soaphub.org/wspolicy/services/T1-2"> </wsdl20:endpoint>
    <wsdl20:endpoint name="T3Port" binding="tns:T3Binding" address="https://www.soaphub.org/wspolicy/services/T3-2"> </wsdl20:endpoint>
    <wsdl20:endpoint name="A11Port" binding="tns:A11Binding" address="http://www.soaphub.org/wspolicy/services/A11-2"> </wsdl20:endpoint>
    <wsdl20:endpoint name="A12Port" binding="tns:A12Binding" address="http://www.soaphub.org/wspolicy/services/A12-2"> </wsdl20:endpoint>
  </wsdl20:service>
  
</wsdl20:description>
