axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d...@apache.org
Subject svn commit: r652665 [28/45] - in /webservices/axis2/site: ./ 1_4/ 1_4/adb/ 1_4/adb/images/ 1_4/images/ 1_4/images/archi-guide/ 1_4/images/userguide/ 1_4/jibx/ 1_4/src/ css/ download/0_9/ download/0_91/ download/0_92/ download/0_93/ download/0_94/ downl...
Date Thu, 01 May 2008 21:20:38 GMT
Modified: webservices/axis2/site/modules/rampart/1_3/sec-conf/sample-services.html
URL: http://svn.apache.org/viewvc/webservices/axis2/site/modules/rampart/1_3/sec-conf/sample-services.html?rev=652665&r1=652664&r2=652665&view=diff
==============================================================================
--- webservices/axis2/site/modules/rampart/1_3/sec-conf/sample-services.html (original)
+++ webservices/axis2/site/modules/rampart/1_3/sec-conf/sample-services.html Thu May  1 14:20:27 2008
@@ -9,9 +9,10 @@
 
 
 
-<html>
+
+<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
-    <title>Apache Axis2 - </title>
+    <title>Maven - </title>
     <style type="text/css" media="all">
       @import url("../../../../css/maven-base.css");
       @import url("../../../../css/maven-theme.css");
@@ -29,7 +30,7 @@
             </a>
                           <span id="bannerRight">
     
-                                    <img src="http://ws.apache.org/axis2/images/axis.jpg" alt="" />
+                                            <img src="../../../../../images/axis.jpg" alt="" />
     
             </span>
             <div class="clear">
@@ -44,23 +45,25 @@
     
   
   
+    
             <div class="xleft">
-        Last Published: 08/13/2007
+        Last Published: 2008-05-01
                       </div>
-            <div class="xright">      <a href="../../../../index.html">Axis2/Java</a>
-          |
-          <a href="http://ws.apache.org/axis2/c">Axis2/C</a>
-          |
-          <a href="../../../../../../">Apache WS</a>
-          |
-          <a href="http://www.apache.org">Apache</a>
-          
+            <div class="xright">            <a href="../../../../index.html">Axis2/Java</a>
+            |
+                <a href="../../../../../c">Axis2/C</a>
+            |
+                <a href="../../../../../..">Apache WS</a>
+            |
+                <a href="http://www.apache.org" class="externalLink">Apache</a>
+            
   
 
   
     
   
   
+    
   </div>
       <div class="clear">
         <hr/>
@@ -75,30 +78,31 @@
     
   
   
+    
                    <h5>Axis2/Java</h5>
-        <ul>
+            <ul>
               
     <li class="none">
-              <a href="../../../../index.html">Home</a>
-        </li>
+                    <a href="../../../../index.html">Home</a>
+          </li>
           </ul>
-          <h5>Downloads</h5>
-        <ul>
+              <h5>Downloads</h5>
+            <ul>
               
     <li class="none">
-              <a href="../../../../download.cgi">Releases</a>
-        </li>
+                    <a href="../../../../download.cgi">Releases</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../modules/index.html">Modules</a>
-        </li>
+                    <a href="../../../../modules/index.html">Modules</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../tools/index.html">Tools</a>
-        </li>
+                    <a href="../../../../tools/index.html">Tools</a>
+          </li>
           </ul>
-          <h5>Documentation</h5>
-        <ul>
+              <h5>Documentation</h5>
+            <ul>
               
           
               
@@ -117,147 +121,157 @@
       
             
       
+            
+      
               
         <li class="expanded">
-              <a href="../../../../1_3/contents.html">Version 1.3</a>
-                <ul>
+                    <a href="../../../../1_4/contents.html">Version 1.4</a>
+                  <ul>
                   
     <li class="none">
-              <a href="../../../../1_3/toc.html">Table of Contents</a>
-        </li>
+                    <a href="../../../../1_4/toc.html">Table of Contents</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../../1_3/installationguide.html">Installation Guide</a>
-        </li>
+                    <a href="../../../../1_4/installationguide.html">Installation Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../../1_3/quickstartguide.html">QuickStart Guide</a>
-        </li>
+                    <a href="../../../../1_4/quickstartguide.html">QuickStart Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../../1_3/userguide.html">User Guide</a>
-        </li>
+                    <a href="../../../../1_4/userguide.html">User Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../../1_3/pojoguide.html">POJO Guide</a>
-        </li>
+                    <a href="../../../../1_4/jaxws-guide.html">JAXWS Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../../1_3/spring.html">Spring Guide</a>
-        </li>
+                    <a href="../../../../1_4/pojoguide.html">POJO Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../../1_3/webadminguide.html">Web Administrator's Guide</a>
-        </li>
+                    <a href="../../../../1_4/spring.html">Spring Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../../1_3/migration.html">Migration Guide (from Axis1)</a>
-        </li>
+                    <a href="../../../../1_4/webadminguide.html">Web Administrator's Guide</a>
+          </li>
+                  
+    <li class="none">
+                    <a href="../../../../1_4/migration.html">Migration Guide (from Axis1)</a>
+          </li>
               </ul>
         </li>
               
     <li class="none">
-              <a href="../../../../1_2/contents.html">Version 1.2</a>
-        </li>
+                    <a href="../../../../1_3/contents.html">Version 1.3</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../1_1_1/contents.html">Version 1.1.1</a>
-        </li>
+                    <a href="../../../../1_2/contents.html">Version 1.2</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../1_1/contents.html">Version 1.1</a>
-        </li>
+                    <a href="../../../../1_1_1/contents.html">Version 1.1.1</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../1_0/index.html">Version 1.0</a>
-        </li>
+                    <a href="../../../../1_1/contents.html">Version 1.1</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../0_95/index.html">Version 0.95</a>
-        </li>
+                    <a href="../../../../1_0/index.html">Version 1.0</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../0_94/index.html">Version 0.94</a>
-        </li>
+                    <a href="../../../../0_95/index.html">Version 0.95</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../0_93/index.html">Version 0.93</a>
-        </li>
+                    <a href="../../../../0_94/index.html">Version 0.94</a>
+          </li>
+              
+    <li class="none">
+                    <a href="../../../../0_93/index.html">Version 0.93</a>
+          </li>
           </ul>
-          <h5>Resources</h5>
-        <ul>
+              <h5>Resources</h5>
+            <ul>
               
     <li class="none">
-              <a href="../../../../faq.html">FAQ</a>
-        </li>
+                    <a href="../../../../faq.html">FAQ</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../articles.html">Articles</a>
-        </li>
+                    <a href="../../../../articles.html">Articles</a>
+          </li>
               
     <li class="none">
-              <a href="http://wiki.apache.org/ws/FrontPage/Axis2/">Wiki</a>
-        </li>
+                    <a href="http://wiki.apache.org/ws/FrontPage/Axis2/" class="externalLink">Wiki</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../refLib.html">Reference Library</a>
-        </li>
+                    <a href="../../../../refLib.html">Reference Library</a>
+          </li>
               
     <li class="none">
-              <a href="http://ws.apache.org/axis2/1_3/api/index.html">Online Java Docs</a>
-        </li>
+                    <a href="../../../../../1_4/api/index.html">Online Java Docs</a>
+          </li>
           </ul>
-          <h5>Get Involved</h5>
-        <ul>
+              <h5>Get Involved</h5>
+            <ul>
               
     <li class="none">
-              <a href="../../../../overview.html">Overview</a>
-        </li>
+                    <a href="../../../../overview.html">Overview</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../svn.html">Checkout the Source</a>
-        </li>
+                    <a href="../../../../svn.html">Checkout the Source</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../mail-lists.html">Mailing Lists</a>
-        </li>
+                    <a href="../../../../mail-lists.html">Mailing Lists</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../release-process.html">Release Process</a>
-        </li>
+                    <a href="../../../../release-process.html">Release Process</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../guidelines.html">Developer Guidelines</a>
-        </li>
+                    <a href="../../../../guidelines.html">Developer Guidelines</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../siteHowTo.html">Build the Site</a>
-        </li>
+                    <a href="../../../../siteHowTo.html">Build the Site</a>
+          </li>
           </ul>
-          <h5>Project Information</h5>
-        <ul>
+              <h5>Project Information</h5>
+            <ul>
               
     <li class="none">
-              <a href="../../../../team-list.html">Project Team</a>
-        </li>
+                    <a href="../../../../team-list.html">Project Team</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../issue-tracking.html">Issue Tracking</a>
-        </li>
+                    <a href="../../../../issue-tracking.html">Issue Tracking</a>
+          </li>
               
     <li class="none">
-              <a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN">Source Code</a>
-        </li>
+                    <a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN" class="externalLink">Source Code</a>
+          </li>
               
     <li class="none">
-              <a href="../../../../thanks.html">Acknowledgements</a>
-        </li>
+                    <a href="../../../../thanks.html">Acknowledgements</a>
+          </li>
               
     <li class="none">
-              <a href="http://www.apache.org/licenses/LICENSE-2.0.html">License</a>
-        </li>
+                    <a href="http://www.apache.org/licenses/LICENSE-2.0.html" class="externalLink">License</a>
+          </li>
           </ul>
-                                       <a href="http://maven.apache.org/" title="Built by Maven" id="poweredBy">
+                                           <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
             <img alt="Built by Maven" src="../../../../images/logos/maven-feather.png"></img>
           </a>
                        
@@ -267,99 +281,12 @@
     
   
   
+    
         </div>
     </div>
     <div id="bodyColumn">
       <div id="contentBox">
-        <service name="SecureService7">
-
-	<module ref="addressing"></module>
-	<module ref="rampart"></module>
-
-	<parameter name="ServiceClass">org.apache.rampart.Service</parameter>
-
-	<operation name="echo">
-		<messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"></messageReceiver>
-		<actionMapping>urn:echo</actionMapping>
-	</operation>
-	
-	<wsp:Policy wsu:Id="SigEncrTripleDesRSA15DK" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
-	<wsp:ExactlyOne>
-		<wsp:All>
-			<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
-				<wsp:Policy>
-					<sp:InitiatorToken>
-						<wsp:Policy>
-							<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
-								<wsp:Policy>
-									<sp:RequireDerivedKeys></sp:RequireDerivedKeys>
-									<sp:WssX509V3Token10></sp:WssX509V3Token10>
-								</wsp:Policy>
-							</sp:X509Token>
-						</wsp:Policy>
-					</sp:InitiatorToken>
-					<sp:RecipientToken>
-						<wsp:Policy>
-							<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
-								<wsp:Policy>
-									<sp:RequireDerivedKeys></sp:RequireDerivedKeys>
-									<sp:WssX509V3Token10></sp:WssX509V3Token10>
-								</wsp:Policy>
-							</sp:X509Token>
-						</wsp:Policy>
-					</sp:RecipientToken>
-					<sp:AlgorithmSuite>
-						<wsp:Policy>
-							<sp:TripleDesRsa15></sp:TripleDesRsa15>
-						</wsp:Policy>
-					</sp:AlgorithmSuite>
-					<sp:Layout>
-						<wsp:Policy>
-							<sp:Strict></sp:Strict>
-						</wsp:Policy>
-					</sp:Layout>
-					<sp:IncludeTimestamp></sp:IncludeTimestamp>
-					<sp:OnlySignEntireHeadersAndBody></sp:OnlySignEntireHeadersAndBody>
-				</wsp:Policy>
-			</sp:AsymmetricBinding>
-			<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
-				<wsp:Policy>
-					<sp:MustSupportRefKeyIdentifier></sp:MustSupportRefKeyIdentifier>
-					<sp:MustSupportRefIssuerSerial></sp:MustSupportRefIssuerSerial>
-				</wsp:Policy>
-			</sp:Wss10>
-			<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
-				<sp:Body></sp:Body>
-			</sp:SignedParts>
-			<sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
-				<sp:Body></sp:Body>
-			</sp:EncryptedParts>
-
-			<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
-				<ramp:user>alice</ramp:user>
-				<ramp:encryptionUser>bob</ramp:encryptionUser>
-				<ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
-				
-				<ramp:signatureCrypto>
-					<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
-						<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
-						<ramp:property name="org.apache.ws.security.crypto.merlin.file">store.jks</ramp:property>
-						<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
-					</ramp:crypto>
-				</ramp:signatureCrypto>
-				<ramp:encryptionCypto>
-					<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
-						<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
-						<ramp:property name="org.apache.ws.security.crypto.merlin.file">store.jks</ramp:property>
-						<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
-					</ramp:crypto>
-				</ramp:encryptionCypto>
-			</ramp:RampartConfig>
-
-		</wsp:All>
-	</wsp:ExactlyOne>
-	</wsp:Policy>
-</service>
+        <service name="SecureService7"><module ref="addressing"><module ref="rampart"><parameter name="ServiceClass">org.apache.rampart.Service</parameter><operation name="echo"><messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"><actionMapping>urn:echo</actionMapping></operation><wsp:Policy wsu:Id="SigEncrTripleDesRSA15DK" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"><wsp:ExactlyOne><wsp:All><sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:InitiatorToken><wsp:Policy><sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"><wsp:Policy><sp:RequireDerivedKeys><sp:WssX509V3Token10></wsp:Policy></sp:X509Token></wsp:Policy></sp:InitiatorToken><sp:RecipientToken><wsp:Policy><sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/
 07/securitypolicy/IncludeToken/Never"><wsp:Policy><sp:RequireDerivedKeys><sp:WssX509V3Token10></wsp:Policy></sp:X509Token></wsp:Policy></sp:RecipientToken><sp:AlgorithmSuite><wsp:Policy><sp:TripleDesRsa15></wsp:Policy></sp:AlgorithmSuite><sp:Layout><wsp:Policy><sp:Strict></wsp:Policy></sp:Layout><sp:IncludeTimestamp><sp:OnlySignEntireHeadersAndBody></wsp:Policy></sp:AsymmetricBinding><sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:MustSupportRefKeyIdentifier><sp:MustSupportRefIssuerSerial></wsp:Policy></sp:Wss10><sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><sp:Body></sp:SignedParts><sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><sp:Body></sp:EncryptedParts><ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"><ramp:user>alice</ramp:user><ramp:encryptionUser>bob</ramp:encryptionUser><ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:pass
 wordCallbackClass><ramp:signatureCrypto><ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"><ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property><ramp:property name="org.apache.ws.security.crypto.merlin.file">store.jks</ramp:property><ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property></ramp:crypto></ramp:signatureCrypto><ramp:encryptionCypto><ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"><ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property><ramp:property name="org.apache.ws.security.crypto.merlin.file">store.jks</ramp:property><ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property></ramp:crypto></ramp:encryptionCypto></ramp:RampartConfig></wsp:All></wsp:ExactlyOne></wsp:Policy></service>
       </div>
     </div>
     <div class="clear">
@@ -367,7 +294,7 @@
     </div>
     <div id="footer">
       <div class="xright">&#169;  
-          2004-2007
+          2004-2008
     
           Apache Software Foundation
           
@@ -377,6 +304,7 @@
     
   
   
+    
   </div>
       <div class="clear">
         <hr/>

Modified: webservices/axis2/site/modules/rampart/1_3/security-module.html
URL: http://svn.apache.org/viewvc/webservices/axis2/site/modules/rampart/1_3/security-module.html?rev=652665&r1=652664&r2=652665&view=diff
==============================================================================
--- webservices/axis2/site/modules/rampart/1_3/security-module.html (original)
+++ webservices/axis2/site/modules/rampart/1_3/security-module.html Thu May  1 14:20:27 2008
@@ -9,9 +9,10 @@
 
 
 
-<html>
+
+<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
-    <title>Apache Axis2 - </title>
+    <title>Maven - </title>
     <style type="text/css" media="all">
       @import url("../../../css/maven-base.css");
       @import url("../../../css/maven-theme.css");
@@ -29,7 +30,7 @@
             </a>
                           <span id="bannerRight">
     
-                                    <img src="http://ws.apache.org/axis2/images/axis.jpg" alt="" />
+                                            <img src="../../../../images/axis.jpg" alt="" />
     
             </span>
             <div class="clear">
@@ -44,23 +45,25 @@
     
   
   
+    
             <div class="xleft">
-        Last Published: 08/13/2007
+        Last Published: 2008-05-01
                       </div>
-            <div class="xright">      <a href="../../../index.html">Axis2/Java</a>
-          |
-          <a href="http://ws.apache.org/axis2/c">Axis2/C</a>
-          |
-          <a href="../../../../../">Apache WS</a>
-          |
-          <a href="http://www.apache.org">Apache</a>
-          
+            <div class="xright">            <a href="../../../index.html">Axis2/Java</a>
+            |
+                <a href="../../../../c">Axis2/C</a>
+            |
+                <a href="../../../../..">Apache WS</a>
+            |
+                <a href="http://www.apache.org" class="externalLink">Apache</a>
+            
   
 
   
     
   
   
+    
   </div>
       <div class="clear">
         <hr/>
@@ -75,30 +78,31 @@
     
   
   
+    
                    <h5>Axis2/Java</h5>
-        <ul>
+            <ul>
               
     <li class="none">
-              <a href="../../../index.html">Home</a>
-        </li>
+                    <a href="../../../index.html">Home</a>
+          </li>
           </ul>
-          <h5>Downloads</h5>
-        <ul>
+              <h5>Downloads</h5>
+            <ul>
               
     <li class="none">
-              <a href="../../../download.cgi">Releases</a>
-        </li>
+                    <a href="../../../download.cgi">Releases</a>
+          </li>
               
     <li class="none">
-              <a href="../../../modules/index.html">Modules</a>
-        </li>
+                    <a href="../../../modules/index.html">Modules</a>
+          </li>
               
     <li class="none">
-              <a href="../../../tools/index.html">Tools</a>
-        </li>
+                    <a href="../../../tools/index.html">Tools</a>
+          </li>
           </ul>
-          <h5>Documentation</h5>
-        <ul>
+              <h5>Documentation</h5>
+            <ul>
               
           
               
@@ -117,147 +121,157 @@
       
             
       
+            
+      
               
         <li class="expanded">
-              <a href="../../../1_3/contents.html">Version 1.3</a>
-                <ul>
+                    <a href="../../../1_4/contents.html">Version 1.4</a>
+                  <ul>
                   
     <li class="none">
-              <a href="../../../1_3/toc.html">Table of Contents</a>
-        </li>
+                    <a href="../../../1_4/toc.html">Table of Contents</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../1_3/installationguide.html">Installation Guide</a>
-        </li>
+                    <a href="../../../1_4/installationguide.html">Installation Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../1_3/quickstartguide.html">QuickStart Guide</a>
-        </li>
+                    <a href="../../../1_4/quickstartguide.html">QuickStart Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../1_3/userguide.html">User Guide</a>
-        </li>
+                    <a href="../../../1_4/userguide.html">User Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../1_3/pojoguide.html">POJO Guide</a>
-        </li>
+                    <a href="../../../1_4/jaxws-guide.html">JAXWS Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../1_3/spring.html">Spring Guide</a>
-        </li>
+                    <a href="../../../1_4/pojoguide.html">POJO Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../1_3/webadminguide.html">Web Administrator's Guide</a>
-        </li>
+                    <a href="../../../1_4/spring.html">Spring Guide</a>
+          </li>
                   
     <li class="none">
-              <a href="../../../1_3/migration.html">Migration Guide (from Axis1)</a>
-        </li>
+                    <a href="../../../1_4/webadminguide.html">Web Administrator's Guide</a>
+          </li>
+                  
+    <li class="none">
+                    <a href="../../../1_4/migration.html">Migration Guide (from Axis1)</a>
+          </li>
               </ul>
         </li>
               
     <li class="none">
-              <a href="../../../1_2/contents.html">Version 1.2</a>
-        </li>
+                    <a href="../../../1_3/contents.html">Version 1.3</a>
+          </li>
               
     <li class="none">
-              <a href="../../../1_1_1/contents.html">Version 1.1.1</a>
-        </li>
+                    <a href="../../../1_2/contents.html">Version 1.2</a>
+          </li>
               
     <li class="none">
-              <a href="../../../1_1/contents.html">Version 1.1</a>
-        </li>
+                    <a href="../../../1_1_1/contents.html">Version 1.1.1</a>
+          </li>
               
     <li class="none">
-              <a href="../../../1_0/index.html">Version 1.0</a>
-        </li>
+                    <a href="../../../1_1/contents.html">Version 1.1</a>
+          </li>
               
     <li class="none">
-              <a href="../../../0_95/index.html">Version 0.95</a>
-        </li>
+                    <a href="../../../1_0/index.html">Version 1.0</a>
+          </li>
               
     <li class="none">
-              <a href="../../../0_94/index.html">Version 0.94</a>
-        </li>
+                    <a href="../../../0_95/index.html">Version 0.95</a>
+          </li>
               
     <li class="none">
-              <a href="../../../0_93/index.html">Version 0.93</a>
-        </li>
+                    <a href="../../../0_94/index.html">Version 0.94</a>
+          </li>
+              
+    <li class="none">
+                    <a href="../../../0_93/index.html">Version 0.93</a>
+          </li>
           </ul>
-          <h5>Resources</h5>
-        <ul>
+              <h5>Resources</h5>
+            <ul>
               
     <li class="none">
-              <a href="../../../faq.html">FAQ</a>
-        </li>
+                    <a href="../../../faq.html">FAQ</a>
+          </li>
               
     <li class="none">
-              <a href="../../../articles.html">Articles</a>
-        </li>
+                    <a href="../../../articles.html">Articles</a>
+          </li>
               
     <li class="none">
-              <a href="http://wiki.apache.org/ws/FrontPage/Axis2/">Wiki</a>
-        </li>
+                    <a href="http://wiki.apache.org/ws/FrontPage/Axis2/" class="externalLink">Wiki</a>
+          </li>
               
     <li class="none">
-              <a href="../../../refLib.html">Reference Library</a>
-        </li>
+                    <a href="../../../refLib.html">Reference Library</a>
+          </li>
               
     <li class="none">
-              <a href="http://ws.apache.org/axis2/1_3/api/index.html">Online Java Docs</a>
-        </li>
+                    <a href="../../../../1_4/api/index.html">Online Java Docs</a>
+          </li>
           </ul>
-          <h5>Get Involved</h5>
-        <ul>
+              <h5>Get Involved</h5>
+            <ul>
               
     <li class="none">
-              <a href="../../../overview.html">Overview</a>
-        </li>
+                    <a href="../../../overview.html">Overview</a>
+          </li>
               
     <li class="none">
-              <a href="../../../svn.html">Checkout the Source</a>
-        </li>
+                    <a href="../../../svn.html">Checkout the Source</a>
+          </li>
               
     <li class="none">
-              <a href="../../../mail-lists.html">Mailing Lists</a>
-        </li>
+                    <a href="../../../mail-lists.html">Mailing Lists</a>
+          </li>
               
     <li class="none">
-              <a href="../../../release-process.html">Release Process</a>
-        </li>
+                    <a href="../../../release-process.html">Release Process</a>
+          </li>
               
     <li class="none">
-              <a href="../../../guidelines.html">Developer Guidelines</a>
-        </li>
+                    <a href="../../../guidelines.html">Developer Guidelines</a>
+          </li>
               
     <li class="none">
-              <a href="../../../siteHowTo.html">Build the Site</a>
-        </li>
+                    <a href="../../../siteHowTo.html">Build the Site</a>
+          </li>
           </ul>
-          <h5>Project Information</h5>
-        <ul>
+              <h5>Project Information</h5>
+            <ul>
               
     <li class="none">
-              <a href="../../../team-list.html">Project Team</a>
-        </li>
+                    <a href="../../../team-list.html">Project Team</a>
+          </li>
               
     <li class="none">
-              <a href="../../../issue-tracking.html">Issue Tracking</a>
-        </li>
+                    <a href="../../../issue-tracking.html">Issue Tracking</a>
+          </li>
               
     <li class="none">
-              <a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN">Source Code</a>
-        </li>
+                    <a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN" class="externalLink">Source Code</a>
+          </li>
               
     <li class="none">
-              <a href="../../../thanks.html">Acknowledgements</a>
-        </li>
+                    <a href="../../../thanks.html">Acknowledgements</a>
+          </li>
               
     <li class="none">
-              <a href="http://www.apache.org/licenses/LICENSE-2.0.html">License</a>
-        </li>
+                    <a href="http://www.apache.org/licenses/LICENSE-2.0.html" class="externalLink">License</a>
+          </li>
           </ul>
-                                       <a href="http://maven.apache.org/" title="Built by Maven" id="poweredBy">
+                                           <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
             <img alt="Built by Maven" src="../../../images/logos/maven-feather.png"></img>
           </a>
                        
@@ -267,302 +281,266 @@
     
   
   
+    
         </div>
     </div>
     <div id="bodyColumn">
       <div id="contentBox">
-        <html>
-<head>
-  <meta http-equiv="content-type" content=""></meta>
-  <link href="../../../css/axis-docs.css" rel="stylesheet" type="text/css" media="all"></link>
-  Rampart : WS-Security module for Axis2
-</head>
-
-
-<h1>Securing SOAP Messages with Rampart</h1>
-
-<p>Axis2 comes with a module based on Apache WSS4J [1] to provide WS-Security
-features, called &quot;Rampart&quot;. This document explains how to engage and
-configure Rampart module.</p>
-
-<h2>Content</h2>
-<ul>
-  <li><a href="#intro">Introduction</a></li>
-    <li><a href="#1_1_config">Rampart-1.1 Configuration</a>
-	<ul>
-	<li><a href="#1_1_assetions">Rampart Specific Assertions</a></li>
-	<li><a href="#1_1_service_config">Service Configration</a></li>
-	<li><a href="#1_1_client_config">Client Confiuration</a></li>
-	</ul></li>
-  <li><a href="#1_0_config">Rampart-1.0 Configuration</a>
-  <ul>
-  <li><a href="#outflowsecurity">OutflowSecurity Parameter</a></li>
-  <li><a href="#inflowsecurity">InflowSecurity Parameter</a></li>
-  </ul></li>
-  <li><a href="#references">References</a></li>
-  <li><a href="#examples">Examples</a></li>
-</ul>
-<a name="intro"></a>
-
-<h2>Introduction</h2>
-
-Since rampart module inserts handlers in the system specific security
-phase, it must be engaged globally. These handlers can be configured 
-using WS-SecurityPolicy[2] and Rampart specific policy assertions. 
-Rampart-1.0 used two axis2 parameters for configuration and these are
-still supported in the 1.1 release as well.
-
-The rampart-1.1 release is available 
-<a href="http://www.apache.org/dyn/closer.cgi/ws/rampart/1_1">here</a>.
-
-First it should be engaged by inserting the following in the axis2.xml
-file.
-<div class="source"><pre><pre>    &lt;module ref=&quot;rampart&quot;/&gt;</pre>
-</pre></div>
-The web admin interface can be used when Axis2 is deployed in a servlet
-container such as Apache Tomcat.
-
-At the server it is possible to provide security on a per service basis.
-The configuration parameters should be set in the service.xml file of the
-service. The client side config parameters should be set in the axis2.xml of
-the client's Axis2 repository.
-<a id="1_1_config"></a>
-<h2>Rampart-1.1 Configuration</h2>
-<a id="1_1_assetions"></a>
-<h3>Rampart Specific Assertions</h3>
-
-Rampart uses the standard WS-SecurityPolicy[2] assertions and also defines its own 
-assertions to be able capture the configuration information that is not provided 
-in WS-SecurityPolicy.
-The Rampart specific assertion's xsd can be found <a href="sec-conf/rampart-config.xsd">here
-</a>.
-
-The <strong>ramp:RampartConfig</strong> assertion must be available as a one of the top 
-level assertions of the policy as shown <a href="sec-conf/sample-policy.xml">here</a>.
-<a id="1_1_service_config"></a>
-<h3>Service Configration</h3>
-
-To configure the service one will simply have to add the policy element into the 
-sevices.xml file. A sample service.xml file is available 
-<a href="sec-conf/sample-services.xml">here</a>.
-<a id="1_1_client_config"></a>
-<h3>Client Confiuration</h3>
-On the client side, a policy object should be created and loaded into options. Creating the policy object can be done using a &quot;policy.xml&quot; file as follows.
-	
-<pre>
-	//Creating the object
-  	StAXOMBuilder builder = new StAXOMBuilder(pathToPolicyfile);
-        Policy clientPolicy = PolicyEngine.getPolicy(builder.getDocumentElement());
-	//setting the object
-	Options options = new Options();
-        options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, clientPolicy);
-</pre>
-<a id="1_0_config"></a>
-<h2>Rampart-1.0 Configuration</h2>
-
-Rampart module uses two parameters:
-<ul>
-  <li><a href="outflowsecurity">OutflowSecurity</a></li>
-  <li><a href="inflowsecurity">InflowSecurity</a></li>
-</ul>
-The configuration that can go in each of these parameters are described
-below: <a name="outflowsecurity"></a>
-
-<h3>OutflowSecurity Parameter</h3>
-This parameter is used to configure the outflow security handler. The outflow
-handler can be invoked more than once in the outflow one can provide
-configuration for each of these invocations. The 'action' element describes
-one of these configurations. Therefore the 'OutflowSecurity' parameter can
-contain more than one 'action' elements. The schema of this 'action' element
-is available <a href="sec-conf/out-action.xsd">here</a>.
-
-An outflow configuration to add a timestamp, sign and encrypt the message
-once, is shown in<a href="#ex1"> Example 1</a> and <a href="#ex1"> Example
-2</a> shows how to sign the message twice by chaining the outflow handler
-(using two 'action' elements)
-
-Following is a description of the elements that can go in an 'action'
-element of the OutflowSecurity parameter
-<br></br>
-
-
-<table class="bodyTable">
-  <tbody>
-    <tr class="a">
-      <td><b>Parameter</b></td>
-      <td><b>Description</b></td>
-      <td><b>Example</b></td>
-    </tr>
-    <tr class="b">
-      <td>items</td>
-      <td>Security actions for the inflow</td>
-      <td>Add a Timestamp, Sign the SOAP body and Encrypt the SOAP body <br></br>
-        &lt;items&gt; Timestamp Signature Encrypt&lt;/items&gt;</td>
-    </tr>
-    <tr class="a">
-      <td>user</td>
-      <td>The user's name</td>
-      <td>Set alias of the key to be used to sign<br></br>
-        &lt;user&gt; bob&lt;/user&gt;</td>
-    </tr>
-    <tr class="b">
-      <td>passwordCallbackClass</td>
-      <td>Callback class used to provide the password required to create the
-        UsernameToken or to sign the message</td>
-      <td>&lt;passwordCallbackClass&gt;
-        org.apache.axis2.security.PWCallback&lt;/passwordCallbackClass&gt;</td>
-    </tr>
-    <tr class="a">
-      <td>signaturePropFile</td>
-      <td>property file used to get the signature parameters such as crypto
-        provider, keystore and its password</td>
-      <td>Set example.properties file as the signature property file<br></br>
-        &lt;signaturePropFile&gt;
-      example.properties&lt;/signaturePropFile&gt;</td>
-    </tr>
-    <tr class="b">
-      <td>signatureKeyIdentifier</td>
-      <td>Key identifier to be used in referring the key in the signature</td>
-      <td>Use the serial number of the certificate<br></br>
-        &lt;signatureKeyIdentifier&gt;
-        IssuerSerial&lt;/signatureKeyIdentifier&gt;</td>
-    </tr>
-    <tr class="a">
-      <td>encryptionKeyIdentifier</td>
-      <td>Key identifier to be used in referring the key in encryption</td>
-      <td>Use the serial number of the certificate <br></br>
-        &lt;encryptionKeyIdentifier&gt;IssuerSerial&lt;/encryptionKeyIdentifier&gt;</td>
-    </tr>
-    <tr class="b">
-      <td>encryptionUser</td>
-      <td>The user's name for encryption.</td>
-      <td><br></br>
-        &lt;encryptionUser&gt;alice&lt;/encryptionUser&gt;</td>
-    </tr>
-    <tr class="a">
-      <td>encryptionSymAlgorithm</td>
-      <td>Symmetric algorithm to be used for encryption</td>
-      <td>Use AES-128<br></br>
-        &lt;encryptionSymAlgorithm&gt;
-        http://www.w3.org/2001/04/xmlenc#aes128-cbc&lt;/encryptionSymAlgorithm&gt;</td>
-    </tr>
-    <tr class="b">
-      <td>encryptionKeyTransportAlgorithm</td>
-      <td>Key encryption algorithm</td>
-      <td>Use RSA-OAEP<br></br>
-        &lt;parameter name=&quot;encryptionSymAlgorithm&quot;&gt;
-        http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p&lt;/parameter&gt;</td>
-    </tr>
-    <tr class="a">
-      <td>signatureParts</td>
-      <td>Sign multiple parts in the SOAP message</td>
-      <td>Sign Foo and Bar elements qualified by &quot;http://app.ns/ns&quot;<br></br>
-        &lt;signatureParts&gt;
-        {Element}{http://app.ns/ns}Foo;{Element}{http://app.ns/ns}Bar
-        &lt;/signatureParts&gt;</td>
-    </tr>
-    <tr class="b">
-      <td>optimizeParts</td>
-      <td>MTOM Optimize the elements specified by the XPath query</td>
-      <td>Optimize the CipherValue<br></br>
-        &lt;optimizeParts&gt;
-        //xenc:EncryptedData/xenc:CipherData/xenc:CipherValue
-        &lt;/optimizeParts&gt;</td>
-    </tr>
-  </tbody>
-</table>
-<a name="inflowsecurity"></a>
-
-<h3>InflowSecurity Parameter</h3>
-
-<p>This parameter is used to configure the inflow security handler. The
-'action' element is used to encapsulate the configuration elements here as
-well. The schema of the 'action' element is available here. <a href="#ex3">Example 3</a> shows the configuration to decrypt, verify
-signature and validate timestamp.</p>
-
-<table class="bodyTable">
-  <tbody>
-    <tr class="a">
-      <td><b>Parameter</b></td>
-      <td><b>Description</b></td>
-      <td><b>Example</b></td>
-    </tr>
-    <tr class="b">
-      <td>items</td>
-      <td>Security actions for the inflow</td>
-      <td>first the incoming message should be decrypted and then the
-        signatures should be verified and should be checked for the
-        availability of the Timestamp <br></br>
-        &lt;items&gt; Timestamp Signature Encrypt&lt;/items&gt;</td>
-    </tr>
-    <tr class="a">
-      <td>passwordCallbackClass</td>
-      <td>Callback class used to obtain password for decryption and
-        UsernameToken verification</td>
-      <td><br></br>
-        &lt;passwordCallbackClass&gt;
-        org.apache.axis2.security.PWCallback&lt;/passwordCallbackClass&gt;</td>
-    </tr>
-    <tr class="b">
-      <td>signaturePropFile</td>
-      <td>Property file used for signature verification</td>
-      <td><br></br>
-        &lt;signaturePropFile&gt;
-      sig.properties&lt;/signaturePropFile&gt;</td>
-    </tr>
-    <tr class="a">
-      <td>decryptionPropFile</td>
-      <td>Property file used for decryption</td>
-      <td><br></br>
-        &lt;decryptionPropFile&gt;
-      dec.properties&lt;/decryptionPropFile&gt;</td>
-    </tr>
-  </tbody>
-</table>
-<br></br>
-
-
-<p>Please note that the '.properties' files used in properties such as
-OutSignaturePropFile are the same property files that are using in the WSS4J
-project. Following shows the properties defined in a sample property file</p>
-<div class="source"><pre><pre>        org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
-        org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
-        org.apache.ws.security.crypto.merlin.keystore.password=security
-        org.apache.ws.security.crypto.merlin.keystore.alias=16c73ab6-b892-458f-abf5-2f875f74882e
-        org.apache.ws.security.crypto.merlin.alias.password=security
-        org.apache.ws.security.crypto.merlin.file=keys/x509.PFX.MSFT
-    </pre>
-</pre></div>org.apache.ws.security.crypto.provider defines the implementation of
-the org.apache.ws.security.components.crypto.Crypto interface to provide the
-crypto information required by WSS4J. The other properties defined are the
-configuration properties used by the implementation class
-(org.apache.ws.security.components.crypto.Merlin). <a name="ref"></a> <a name="references"></a>
-
-<h2>References</h2>
-
-<p>1. <a href="http://ws.apache.org/wss4j">Apache WSS4J -Home</a></p>
-<a name="examples"></a>
-<p>2. <a href="http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf">ws-securitypolicy.pdf</a></p>
-<a name="examples"></a>
-
-
-<h2>Examples</h2>
-
-<p>Example 1: An outflow configuration to add a timestamp, sign and
-encrypt the message once</p>
-
-<p><img alt="" src="sec-conf/out-sample.png"></img></p>
-
-<p>Example 2: An outflow configuration to sign the message twice and
-add a timestamp</p>
-
-<p><img alt="" src="sec-conf/out-sample2.png"></img></p>
-
-<p>Example 3: An inflow configuration to decrypt, verify signature
-and validate timestamp</p>
-
-<p><img alt="" src="sec-conf/in-sample.png"></img></p>
-
+        <html><head><meta http-equiv="content-type" content=""><link href="../../../css/axis-docs.css" rel="stylesheet" type="text/css" media="all">Rampart : WS-Security module for Axis2</head><h1>Securing SOAP Messages with Rampart</h1><p>Axis2 comes with a module based on Apache WSS4J [1] to provide WS-Security
+features, called &quot;Rampart&quot;. This document explains how to engage and
+configure Rampart module.</p>
+<h2>Content</h2><ul><li><a href="#intro">Introduction</a>
+</li>
+<li><a href="#1_1_config">Rampart-1.1 Configuration</a>
+<ul><li><a href="#1_1_assetions">Rampart Specific Assertions</a>
+</li>
+<li><a href="#1_1_service_config">Service Configration</a>
+</li>
+<li><a href="#1_1_client_config">Client Confiuration</a>
+</li>
+</ul>
+</li>
+<li><a href="#1_0_config">Rampart-1.0 Configuration</a>
+<ul><li><a href="#outflowsecurity">OutflowSecurity Parameter</a>
+</li>
+<li><a href="#inflowsecurity">InflowSecurity Parameter</a>
+</li>
+</ul>
+</li>
+<li><a href="#references">References</a>
+</li>
+<li><a href="#examples">Examples</a>
+</li>
+</ul>
+<a name="intro"></a>
+<h2>Introduction</h2><p>Since rampart module inserts handlers in the system specific security
+phase, it must be engaged globally. These handlers can be configured 
+using WS-SecurityPolicy[2] and Rampart specific policy assertions. 
+Rampart-1.0 used two axis2 parameters for configuration and these are
+still supported in the 1.1 release as well.</p>
+<p>The rampart-1.1 release is available 
+<a class="externalLink" href="http://www.apache.org/dyn/closer.cgi/ws/rampart/1_1">here</a>
+.</p>
+<p>First it should be engaged by inserting the following in the axis2.xml
+file.</p>
+<div class="source"><pre><pre>    &lt;module ref=&quot;rampart&quot;/&gt;</pre></pre>
+</div>
+<p>The web admin interface can be used when Axis2 is deployed in a servlet
+container such as Apache Tomcat.</p>
+<p>At the server it is possible to provide security on a per service basis.
+The configuration parameters should be set in the service.xml file of the
+service. The client side config parameters should be set in the axis2.xml of
+the client's Axis2 repository.</p>
+<a id="1_1_config"><h2>Rampart-1.1 Configuration</h2><a id="1_1_assetions"><h3>Rampart Specific Assertions</h3><p>Rampart uses the standard WS-SecurityPolicy[2] assertions and also defines its own 
+assertions to be able capture the configuration information that is not provided 
+in WS-SecurityPolicy.</p>
+<p>The Rampart specific assertion's xsd can be found <a href="sec-conf/rampart-config.xsd">here
+</a>
+.</p>
+<p>The <strong>ramp:RampartConfig</strong> assertion must be available as a one of the top 
+level assertions of the policy as shown <a href="sec-conf/sample-policy.xml">here</a>
+.</p>
+<a id="1_1_service_config"><h3>Service Configration</h3>
+
+To configure the service one will simply have to add the policy element into the 
+sevices.xml file. A sample service.xml file is available 
+<a href="sec-conf/sample-services.xml">here</a>
+.
+<a id="1_1_client_config"><h3>Client Confiuration</h3><p>On the client side, a policy object should be created and loaded into options. Creating the policy object can be done using a &quot;policy.xml&quot; file as follows.</p>
+<pre>
+	//Creating the object
+  	StAXOMBuilder builder = new StAXOMBuilder(pathToPolicyfile);
+        Policy clientPolicy = PolicyEngine.getPolicy(builder.getDocumentElement());
+	//setting the object
+	Options options = new Options();
+        options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, clientPolicy);
+</pre><a id="1_0_config"><h2>Rampart-1.0 Configuration</h2><p>Rampart module uses two parameters:</p>
+<ul><li><a href="#outflowsecurity">OutflowSecurity</a>
+</li>
+<li><a href="#inflowsecurity">InflowSecurity</a>
+</li>
+</ul>
+
+The configuration that can go in each of these parameters are described
+below: <a name="outflowsecurity"></a>
+<h3>OutflowSecurity Parameter</h3>
+This parameter is used to configure the outflow security handler. The outflow
+handler can be invoked more than once in the outflow one can provide
+configuration for each of these invocations. The 'action' element describes
+one of these configurations. Therefore the 'OutflowSecurity' parameter can
+contain more than one 'action' elements. The schema of this 'action' element
+is available <a href="sec-conf/out-action.xsd">here</a>
+.
+
+<p>An outflow configuration to add a timestamp, sign and encrypt the message
+once, is shown in<a href="#ex1"> Example 1</a>
+ and <a href="#ex1"> Example
+2</a>
+ shows how to sign the message twice by chaining the outflow handler
+(using two 'action' elements)</p>
+<p>Following is a description of the elements that can go in an 'action'
+element of the OutflowSecurity parameter</p>
+<br />
+<table class="bodyTable"><tbody><tr class="a"><td><b>Parameter</b>
+</td>
+<td><b>Description</b>
+</td>
+<td><b>Example</b>
+</td>
+</tr>
+<tr class="b"><td>items</td>
+<td>Security actions for the inflow</td>
+<td>Add a Timestamp, Sign the SOAP body and Encrypt the SOAP body <br />
+
+        &lt;items&gt; Timestamp Signature Encrypt&lt;/items&gt;</td>
+</tr>
+<tr class="a"><td>user</td>
+<td>The user's name</td>
+<td>Set alias of the key to be used to sign<br />
+
+        &lt;user&gt; bob&lt;/user&gt;</td>
+</tr>
+<tr class="b"><td>passwordCallbackClass</td>
+<td>Callback class used to provide the password required to create the
+        UsernameToken or to sign the message</td>
+<td>&lt;passwordCallbackClass&gt;
+        org.apache.axis2.security.PWCallback&lt;/passwordCallbackClass&gt;</td>
+</tr>
+<tr class="a"><td>signaturePropFile</td>
+<td>property file used to get the signature parameters such as crypto
+        provider, keystore and its password</td>
+<td>Set example.properties file as the signature property file<br />
+
+        &lt;signaturePropFile&gt;
+      example.properties&lt;/signaturePropFile&gt;</td>
+</tr>
+<tr class="b"><td>signatureKeyIdentifier</td>
+<td>Key identifier to be used in referring the key in the signature</td>
+<td>Use the serial number of the certificate<br />
+
+        &lt;signatureKeyIdentifier&gt;
+        IssuerSerial&lt;/signatureKeyIdentifier&gt;</td>
+</tr>
+<tr class="a"><td>encryptionKeyIdentifier</td>
+<td>Key identifier to be used in referring the key in encryption</td>
+<td>Use the serial number of the certificate <br />
+
+        &lt;encryptionKeyIdentifier&gt;IssuerSerial&lt;/encryptionKeyIdentifier&gt;</td>
+</tr>
+<tr class="b"><td>encryptionUser</td>
+<td>The user's name for encryption.</td>
+<td><br />
+
+        &lt;encryptionUser&gt;alice&lt;/encryptionUser&gt;</td>
+</tr>
+<tr class="a"><td>encryptionSymAlgorithm</td>
+<td>Symmetric algorithm to be used for encryption</td>
+<td>Use AES-128<br />
+
+        &lt;encryptionSymAlgorithm&gt;
+        http://www.w3.org/2001/04/xmlenc#aes128-cbc&lt;/encryptionSymAlgorithm&gt;</td>
+</tr>
+<tr class="b"><td>encryptionKeyTransportAlgorithm</td>
+<td>Key encryption algorithm</td>
+<td>Use RSA-OAEP<br />
+
+        &lt;parameter name=&quot;encryptionSymAlgorithm&quot;&gt;
+        http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p&lt;/parameter&gt;</td>
+</tr>
+<tr class="a"><td>signatureParts</td>
+<td>Sign multiple parts in the SOAP message</td>
+<td>Sign Foo and Bar elements qualified by &quot;http://app.ns/ns&quot;<br />
+
+        &lt;signatureParts&gt;
+        {Element}{http://app.ns/ns}Foo;{Element}{http://app.ns/ns}Bar
+        &lt;/signatureParts&gt;</td>
+</tr>
+<tr class="b"><td>optimizeParts</td>
+<td>MTOM Optimize the elements specified by the XPath query</td>
+<td>Optimize the CipherValue<br />
+
+        &lt;optimizeParts&gt;
+        //xenc:EncryptedData/xenc:CipherData/xenc:CipherValue
+        &lt;/optimizeParts&gt;</td>
+</tr>
+</tbody></table>
+<a name="inflowsecurity"></a>
+<h3>InflowSecurity Parameter</h3><p>This parameter is used to configure the inflow security handler. The
+'action' element is used to encapsulate the configuration elements here as
+well. The schema of the 'action' element is available here. <a href="#ex3">Example 3</a>
+ shows the configuration to decrypt, verify
+signature and validate timestamp.</p>
+<table class="bodyTable"><tbody><tr class="a"><td><b>Parameter</b>
+</td>
+<td><b>Description</b>
+</td>
+<td><b>Example</b>
+</td>
+</tr>
+<tr class="b"><td>items</td>
+<td>Security actions for the inflow</td>
+<td>first the incoming message should be decrypted and then the
+        signatures should be verified and should be checked for the
+        availability of the Timestamp <br />
+
+        &lt;items&gt; Timestamp Signature Encrypt&lt;/items&gt;</td>
+</tr>
+<tr class="a"><td>passwordCallbackClass</td>
+<td>Callback class used to obtain password for decryption and
+        UsernameToken verification</td>
+<td><br />
+
+        &lt;passwordCallbackClass&gt;
+        org.apache.axis2.security.PWCallback&lt;/passwordCallbackClass&gt;</td>
+</tr>
+<tr class="b"><td>signaturePropFile</td>
+<td>Property file used for signature verification</td>
+<td><br />
+
+        &lt;signaturePropFile&gt;
+      sig.properties&lt;/signaturePropFile&gt;</td>
+</tr>
+<tr class="a"><td>decryptionPropFile</td>
+<td>Property file used for decryption</td>
+<td><br />
+
+        &lt;decryptionPropFile&gt;
+      dec.properties&lt;/decryptionPropFile&gt;</td>
+</tr>
+</tbody></table>
+<br />
+<p>Please note that the '.properties' files used in properties such as
+OutSignaturePropFile are the same property files that are using in the WSS4J
+project. Following shows the properties defined in a sample property file</p>
+<div class="source"><pre><pre>        org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+        org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
+        org.apache.ws.security.crypto.merlin.keystore.password=security
+        org.apache.ws.security.crypto.merlin.keystore.alias=16c73ab6-b892-458f-abf5-2f875f74882e
+        org.apache.ws.security.crypto.merlin.alias.password=security
+        org.apache.ws.security.crypto.merlin.file=keys/x509.PFX.MSFT
+    </pre></pre>
+</div>
+org.apache.ws.security.crypto.provider defines the implementation of
+the org.apache.ws.security.components.crypto.Crypto interface to provide the
+crypto information required by WSS4J. The other properties defined are the
+configuration properties used by the implementation class
+(org.apache.ws.security.components.crypto.Merlin). <a name="ref"></a>
+<a name="references"></a>
+<h2>References</h2><p>1. <a class="externalLink" href="http://ws.apache.org/wss4j">Apache WSS4J -Home</a>
+</p>
+<a name="examples"></a>
+<p>2. <a class="externalLink" href="http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf">ws-securitypolicy.pdf</a>
+</p>
+<a name="examples"></a>
+<h2>Examples</h2><p>Example 1: An outflow configuration to add a timestamp, sign and
+encrypt the message once</p>
+<p><img src="sec-conf/out-sample.png" alt="" /></p>
+<p>Example 2: An outflow configuration to sign the message twice and
+add a timestamp</p>
+<p><img src="sec-conf/out-sample2.png" alt="" /></p>
+<p>Example 3: An inflow configuration to decrypt, verify signature
+and validate timestamp</p>
+<p><img src="sec-conf/in-sample.png" alt="" /></p>
 </html>
       </div>
     </div>
@@ -571,7 +549,7 @@
     </div>
     <div id="footer">
       <div class="xright">&#169;  
-          2004-2007
+          2004-2008
     
           Apache Software Foundation
           
@@ -581,6 +559,7 @@
     
   
   
+    
   </div>
       <div class="clear">
         <hr/>

Modified: webservices/axis2/site/modules/wss4j/0_94/0.94/security-module.html
URL: http://svn.apache.org/viewvc/webservices/axis2/site/modules/wss4j/0_94/0.94/security-module.html?rev=652665&r1=652664&r2=652665&view=diff
==============================================================================
--- webservices/axis2/site/modules/wss4j/0_94/0.94/security-module.html (original)
+++ webservices/axis2/site/modules/wss4j/0_94/0.94/security-module.html Thu May  1 14:20:27 2008
@@ -1,137 +1,137 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html><head><title>Axis2/Java - The Security Module</title><style type="text/css" media="all">
-          @import url("../../../../style/maven-base.css");
-          
-			    @import url("../../../../style/maven-theme.css");</style><link rel="stylesheet" href="../../../../style/print.css" type="text/css" media="print"></link><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"></meta></head><body class="composite"><div id="banner"><a href="http://www.apache.org/" id="organizationLogo"><img alt="Apache Software Foundation" src="http://www.apache.org/images/asf-logo.gif"></img></a><a href="http://ws.apache.org/axis2/" id="projectLogo"><img alt="Apache Axis2" src="http://ws.apache.org/axis2/images/axis.jpg"></img></a><div class="clear"><hr></hr></div></div><div id="breadcrumbs"><div class="xleft">
-                	Last published: 04 May 2007
-                  | Doc for 1.2</div><div class="xright">
-        
-        <a href="../../../../index.html">Axis2/Java</a>
-      
-        
-          
-            <span class="separator">|</span>
-          
-        
-        <a href="http://ws.apache.org/axis2/c" class="externalLink" title="External Link">Axis2/C</a>
-      
-        
-          
-            <span class="separator">|</span>
-          
-        
-        <a href="http://ws.apache.org" class="externalLink" title="External Link">Apache WS</a>
-      
-        
-          
-            <span class="separator">|</span>
-          
-        
-        <a href="http://www.apache.org" class="externalLink" title="External Link">Apache </a>
-      </div><div class="clear"><hr></hr></div></div><div id="leftColumn"><div id="navcolumn"><div id="menuAxis2_Java"><h5>Axis2/Java</h5><ul><li class="none"><a href="../../../../index.html">Home</a></li></ul></div><div id="menuDownloads"><h5>Downloads</h5><ul><li class="none"><a href="../../../../download.cgi">Releases</a></li><li class="none"><a href="../../../../modules/index.html">Modules</a></li><li class="none"><a href="../../../../tools/index.html">Tools</a></li></ul></div><div id="menuDocumentation"><h5>Documentation</h5><ul><li class="expanded"><a href="../../../../1_2/contents.html">Version 1.2</a><ul><li class="none"><a href="../../../../1_2/toc.html">Table of Contents</a></li><li class="none"><a href="../../../../1_2/installationguide.html">Installation Guide</a></li><li class="none"><a href="../../../../1_2/quickstartguide.html">QuickStart Guide</a></li><li class="none"><a href="../../../../1_2/userguide.html">User Guide</a></li><li class="none"><a href="../../.
 ./../1_2/pojoguide.html">POJO Guide</a></li><li class="none"><a href="../../../../1_2/spring.html">Spring Guide</a></li><li class="none"><a href="../../../../1_2/webadminguide.html">Web Administrator's Guide</a></li><li class="none"><a href="../../../../1_2/migration.html">Migration Guide (from Axis1)</a></li></ul></li><li class="none"><a href="../../../../1_1_1/contents.html">Version 1.1.1</a></li><li class="none"><a href="../../../../1_1/contents.html">Version 1.1</a></li><li class="none"><a href="../../../../1_0/index.html">Version 1.0</a></li><li class="none"><a href="../../../../0_95/index.html">Version 0.95</a></li><li class="none"><a href="../../../../0_94/index.html">Version 0.94</a></li><li class="none"><a href="../../../../0_93/index.html">Version 0.93</a></li></ul></div><div id="menuResources"><h5>Resources</h5><ul><li class="none"><a href="../../../../faq.html">FAQ</a></li><li class="none"><a href="../../../../articles.html">Articles</a></li><li class="none"><a h
 ref="http://wiki.apache.org/ws/FrontPage/Axis2/" class="externalLink" title="External Link">Wiki</a></li><li class="none"><a href="../../../../refLib.html">Reference Library</a></li><li class="none"><a href="http://ws.apache.org/axis2/1_2/api/index.html" class="externalLink" title="External Link">Online Java Docs</a></li></ul></div><div id="menuGet_Involved"><h5>Get Involved</h5><ul><li class="none"><a href="../../../../overview.html">Overview</a></li><li class="none"><a href="../../../../svn.html">Checkout the Source</a></li><li class="none"><a href="../../../../mail-lists.html">Mailing Lists</a></li><li class="none"><a href="../../../../guidelines.html">Developer Guidelines</a></li><li class="none"><a href="../../../../siteHowTo.html">Build the Site</a></li></ul></div><div id="menuProject_Information"><h5>Project Information</h5><ul><li class="none"><a href="../../../../team-list.html">Project Team</a></li><li class="none"><a href="../../../../issue-tracking.html">Issue Tr
 acking</a></li><li class="none"><a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN" class="externalLink" title="External Link">Source Code</a></li><li class="none"><a href="../../../../thanks.html">Acknowledgements</a></li><li class="none"><a href="http://www.apache.org/licenses/LICENSE-2.0.html" class="externalLink" title="External Link">License</a></li></ul></div><a href="http://maven.apache.org/" title="Built by Maven" id="poweredBy"><img alt="Built by Maven" src="../../../../images/logos/maven-button-1.png"></img></a></div></div><div id="bodyColumn"><div class="contentBox"><div class="section"><a name="Securing_SOAP_Messages_with_WSS4J"></a><h2>Securing SOAP Messages with WSS4J</h2><p><em>-For Axis2 version 0.94</em></p><p>Axis2 comes with a module based on WSS4J [1] to provide WS-Security
-features. This section explains how to engage and configure the security
-module. Since the security module inserts handlers in the system specific
-pre-dispatch phase, it must be engaged globally. But it is possible to
-activate the security module for the inflow or the outflow when required by
-the service or the clients.</p><p>The security module (security.mar) is available in the axis2.war but it is
-not engaged by default.</p><p>First it should be engaged by inserting the following in the axis2.xml
-file.</p>
-    <div class="source"><pre><pre>        &lt;module ref="security"/&gt;</pre>
-</pre></div>
-  <p>The web admin interface can be used when Axis2 is deployed in a servlet
-container such as Apache Tomcat.</p><p>At the server it is possible to provide security on a per service basis.
-The configuration parameters should be set in the service.xml file of the
-service. The client side config parameters should be set in the axis2.xml of
-the client's Axis2 repository.</p><p>The security module uses two parameters:</p><ul>
-  <li>OutflowSecurity</li>
-  <li>InflowSecurity</li>
-</ul><p>
-The configuration that can go in each of these parameters are described below:
-
-</p><div class="subsection"><a name="OutflowSecurity_parameter"></a><h3>OutflowSecurity parameter</h3><p>
-This parameter is used to configure the outflow security handler. The outflow
-handler can be invoked more than once in the outflow one can provide
-configuration for each of these invocations. The 'action' element describes
-one of these configurations. Therefore the 'OutflowSecurity' parameter can
-contain more than one 'action' elements. The schema of this 'action' element
-is available <a href="sec-conf/out-action.xsd">here</a>.
-
-</p><p>An outflow configuration to add a timestamp, sing and encrypt the message
-once, is shown in<a href="#ex1"> Example 1</a> and <a href="#ex1"> Example
-2</a> shows how to sign the message twice by chaining the outflow handler
-(using two 'action' elements)</p><p>Following is a description of the elements that can go in an 'action'
-element of the OutflowSecurity parameter</p><br></br><table class="bodyTable"><tbody>
-    <tr class="b"><td><b>Parameter</b></td><td><b>Description</b></td><td><b>Example</b></td></tr>
-    <tr class="a"><td>items</td><td>Security actions for the inflow</td><td>Add a Timestamp, Sign the SOAP body and Encrypt the SOAP body <br></br>
-        &lt;items&gt; Timestamp Signature Encrypt&lt;/items&gt;</td></tr>
-    <tr class="b"><td>user</td><td>The user's name</td><td>Set alias of the key to be used to sign<br></br>
-        &lt;user&gt; bob&lt;/user&gt;</td></tr>
-    <tr class="a"><td>passwordCallbackClass</td><td>Callback class used to provide the password required to create the
-        UsernameToken or to sign the message</td><td>&lt;passwordCallbackClass&gt;
-        org.apache.axis2.security.PWCallback&lt;/passwordCallbackClass&gt;</td></tr>
-    <tr class="b"><td>signaturePropFile</td><td>property file used to get the signature parameters such as crypto
-        provider, keystore and its password</td><td>Set example.properties file as the signature property file<br></br>
-        &lt;signaturePropFile&gt;
-      example.properties&lt;/signaturePropFile&gt;</td></tr>
-    <tr class="a"><td>signatureKeyIdentifier</td><td>Key identifier to be used in referring the key in the signature</td><td>Use the serial number of the certificate<br></br>
-        &lt;signatureKeyIdentifier&gt;
-        IssuerSerial&lt;/signatureKeyIdentifier&gt;</td></tr>
-    <tr class="b"><td>encryptionKeyIdentifier</td><td>Key identifier to be used in referring the key in encryption</td><td>Use the serial number of the certificate <br></br>
-        &lt;encryptionKeyIdentifier&gt;IssuerSerial&lt;/encryptionKeyIdentifier&gt;</td></tr>
-    <tr class="a"><td>encryptionUser</td><td>The user's name for encryption.</td><td><br></br>
-        &lt;encryptionUser&gt;alice&lt;/encryptionUser&gt;</td></tr>
-    <tr class="b"><td>encryptionSymAlgorithm</td><td>Symmetric algorithm to be used for encryption</td><td>Use AES-128<br></br>
-        &lt;encryptionSymAlgorithm&gt;
-        http://www.w3.org/2001/04/xmlenc#aes128-cbc&lt;/encryptionSymAlgorithm&gt;</td></tr>
-    <tr class="a"><td>encryptionKeyTransportAlgorithm</td><td>Key encryption algorithm</td><td>Use RSA-OAEP<br></br>
-        &lt;parameter name="encryptionSymAlgorithm"&gt;
-        http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p&lt;/parameter&gt;</td></tr>
-    <tr class="b"><td>signatureParts</td><td>Sign multiple parts in the SOAP message</td><td>Sign Foo and Bar elements qualified by "http://app.ns/ns"<br></br>
-        &lt;signatureParts&gt;
-        {Element}{http://app.ns/ns}Foo;{Element}{http://app.ns/ns}Bar
-        &lt;/signatureParts&gt;</td></tr>
-    <tr class="a"><td>optimizeParts</td><td>MTOM Optimize the elements specified by the XPath query</td><td>Optimize the CipherValue<br></br>
-        &lt;optimizeParts&gt;
-        //xenc:EncryptedData/xenc:CipherData/xenc:CipherValue
-        &lt;/optimizeParts&gt;</td></tr>
-  </tbody></table><br></br></div><div class="subsection"><a name="InflowSecurity_parameter"></a><h3>InflowSecurity parameter</h3><p>This parameter is used to configure the inflow security handler. The
-'action' element is used to encapsulate the configuration elements here as
-well. The schema of the 'action' element is available here. <a href="#ex3">Example 3</a> shows the configuration to decrypt, verify
-signature and validate timestamp.</p><table class="bodyTable"><tbody>
-    <tr class="b"><td><b>Parameter</b></td><td><b>Description</b></td><td><b>Example</b></td></tr>
-    <tr class="a"><td>items</td><td>Security actions for the inflow</td><td>first the incoming message should be decrypted and then the
-        signatures should be verified and should be checked for the
-        availability of the Timestamp <br></br>
-        &lt;items&gt; Timestamp Signature Encrypt&lt;/items&gt;</td></tr>
-    <tr class="b"><td>passwordCallbackClass</td><td>Callback class used to obtain password for decryption and
-        UsernameToken verification</td><td><br></br>
-        &lt;passwordCallbackClass&gt;
-        org.apache.axis2.security.PWCallback&lt;/passwordCallbackClass&gt;</td></tr>
-    <tr class="a"><td>signaturePropFile</td><td>Property file used for signature verification</td><td><br></br>
-        &lt;signaturePropFile&gt;
-      sig.properties&lt;/signaturePropFile&gt;</td></tr>
-    <tr class="b"><td>decryptionPropFile</td><td>Property file used for decryption</td><td><br></br>
-        &lt;decryptionPropFile&gt;
-      dec.properties&lt;/decryptionPropFile&gt;</td></tr>
-  </tbody></table><br></br><p>Please note that the '.properties' files used in properties such as
-OutSignaturePropFile are the same property files that are using in the WSS4J
-project. Following shows the properties defined in a sample property file</p>
-    <div class="source"><pre><pre>org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
-org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
-org.apache.ws.security.crypto.merlin.keystore.password=security
-org.apache.ws.security.crypto.merlin.keystore.alias=16c73ab6-b892-458f-abf5-2f875f74882e
-org.apache.ws.security.crypto.merlin.alias.password=security
-org.apache.ws.security.crypto.merlin.file=keys/x509.PFX.MSFT</pre>
-</pre></div>
-  <p>org.apache.ws.security.crypto.provider defines the implementation of
-the org.apache.ws.security.components.crypto.Crypto interface to provide the
-crypto information required by WSS4J. The other properties defined are the
-configuration properties used by the implementation class
-(org.apache.ws.security.components.crypto.Merlin).
-
-</p></div><div class="subsection"><a name="JDK_1_5"></a><h3>JDK 1.5</h3><p>If you are using JDK1.5 make sure you add bouncycastle as a JCE provider
-of the JRE</p><p>Simply add
-<b>security.provider.X=org.bouncycastle.jce.provider.BouncyCastleProvider</b>
-entry in <b>JDK_HOME/jre/lib/security/java.security</b> file.</p><p><b>References</b></p><p>1. <a href="http://ws.apache.org/wss4j" class="externalLink" title="External Link">Apache WSS4J</a></p><br></br><p><b>Examples</b></p><p id="ex1">Example 1: An outflow configuration to add a timestamp, sing and
-encrypt the message once</p><p><img src="sec-conf/out-sample.png" alt=""></img></p><p id="ex2">Example 2: An outflow configuration to sign the message twice and
-add a timestamp</p><p><img src="sec-conf/out-sample2.png" alt=""></img></p><p id="ex3">Example 3: An inflow configuration to decrypt, verify signature
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html><head><title>Axis2/Java - The Security Module</title><style type="text/css" media="all">
+          @import url("../../../../style/maven-base.css");
+          
+			    @import url("../../../../style/maven-theme.css");</style><link rel="stylesheet" href="../../../../style/print.css" type="text/css" media="print"></link><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"></meta></head><body class="composite"><div id="banner"><a href="http://www.apache.org/" id="organizationLogo"><img alt="Apache Software Foundation" src="http://www.apache.org/images/asf-logo.gif"></img></a><a href="http://ws.apache.org/axis2/" id="projectLogo"><img alt="Apache Axis2" src="http://ws.apache.org/axis2/images/axis.jpg"></img></a><div class="clear"><hr></hr></div></div><div id="breadcrumbs"><div class="xleft">
+                	Last published: 04 May 2007
+                  | Doc for 1.2</div><div class="xright">
+        
+        <a href="../../../../index.html">Axis2/Java</a>
+      
+        
+          
+            <span class="separator">|</span>
+          
+        
+        <a href="http://ws.apache.org/axis2/c" class="externalLink" title="External Link">Axis2/C</a>
+      
+        
+          
+            <span class="separator">|</span>
+          
+        
+        <a href="http://ws.apache.org" class="externalLink" title="External Link">Apache WS</a>
+      
+        
+          
+            <span class="separator">|</span>
+          
+        
+        <a href="http://www.apache.org" class="externalLink" title="External Link">Apache </a>
+      </div><div class="clear"><hr></hr></div></div><div id="leftColumn"><div id="navcolumn"><div id="menuAxis2_Java"><h5>Axis2/Java</h5><ul><li class="none"><a href="../../../../index.html">Home</a></li></ul></div><div id="menuDownloads"><h5>Downloads</h5><ul><li class="none"><a href="../../../../download.cgi">Releases</a></li><li class="none"><a href="../../../../modules/index.html">Modules</a></li><li class="none"><a href="../../../../tools/index.html">Tools</a></li></ul></div><div id="menuDocumentation"><h5>Documentation</h5><ul><li class="expanded"><a href="../../../../1_2/contents.html">Version 1.2</a><ul><li class="none"><a href="../../../../1_2/toc.html">Table of Contents</a></li><li class="none"><a href="../../../../1_2/installationguide.html">Installation Guide</a></li><li class="none"><a href="../../../../1_2/quickstartguide.html">QuickStart Guide</a></li><li class="none"><a href="../../../../1_2/userguide.html">User Guide</a></li><li class="none"><a href="../../.
 ./../1_2/pojoguide.html">POJO Guide</a></li><li class="none"><a href="../../../../1_2/spring.html">Spring Guide</a></li><li class="none"><a href="../../../../1_2/webadminguide.html">Web Administrator's Guide</a></li><li class="none"><a href="../../../../1_2/migration.html">Migration Guide (from Axis1)</a></li></ul></li><li class="none"><a href="../../../../1_1_1/contents.html">Version 1.1.1</a></li><li class="none"><a href="../../../../1_1/contents.html">Version 1.1</a></li><li class="none"><a href="../../../../1_0/index.html">Version 1.0</a></li><li class="none"><a href="../../../../0_95/index.html">Version 0.95</a></li><li class="none"><a href="../../../../0_94/index.html">Version 0.94</a></li><li class="none"><a href="../../../../0_93/index.html">Version 0.93</a></li></ul></div><div id="menuResources"><h5>Resources</h5><ul><li class="none"><a href="../../../../faq.html">FAQ</a></li><li class="none"><a href="../../../../articles.html">Articles</a></li><li class="none"><a h
 ref="http://wiki.apache.org/ws/FrontPage/Axis2/" class="externalLink" title="External Link">Wiki</a></li><li class="none"><a href="../../../../refLib.html">Reference Library</a></li><li class="none"><a href="http://ws.apache.org/axis2/1_2/api/index.html" class="externalLink" title="External Link">Online Java Docs</a></li></ul></div><div id="menuGet_Involved"><h5>Get Involved</h5><ul><li class="none"><a href="../../../../overview.html">Overview</a></li><li class="none"><a href="../../../../svn.html">Checkout the Source</a></li><li class="none"><a href="../../../../mail-lists.html">Mailing Lists</a></li><li class="none"><a href="../../../../guidelines.html">Developer Guidelines</a></li><li class="none"><a href="../../../../siteHowTo.html">Build the Site</a></li></ul></div><div id="menuProject_Information"><h5>Project Information</h5><ul><li class="none"><a href="../../../../team-list.html">Project Team</a></li><li class="none"><a href="../../../../issue-tracking.html">Issue Tr
 acking</a></li><li class="none"><a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN" class="externalLink" title="External Link">Source Code</a></li><li class="none"><a href="../../../../thanks.html">Acknowledgements</a></li><li class="none"><a href="http://www.apache.org/licenses/LICENSE-2.0.html" class="externalLink" title="External Link">License</a></li></ul></div><a href="http://maven.apache.org/" title="Built by Maven" id="poweredBy"><img alt="Built by Maven" src="../../../../images/logos/maven-button-1.png"></img></a></div></div><div id="bodyColumn"><div class="contentBox"><div class="section"><a name="Securing_SOAP_Messages_with_WSS4J"></a><h2>Securing SOAP Messages with WSS4J</h2><p><em>-For Axis2 version 0.94</em></p><p>Axis2 comes with a module based on WSS4J [1] to provide WS-Security
+features. This section explains how to engage and configure the security
+module. Since the security module inserts handlers in the system specific
+pre-dispatch phase, it must be engaged globally. But it is possible to
+activate the security module for the inflow or the outflow when required by
+the service or the clients.</p><p>The security module (security.mar) is available in the axis2.war but it is
+not engaged by default.</p><p>First it should be engaged by inserting the following in the axis2.xml
+file.</p>
+    <div class="source"><pre><pre>        &lt;module ref="security"/&gt;</pre>
+</pre></div>
+  <p>The web admin interface can be used when Axis2 is deployed in a servlet
+container such as Apache Tomcat.</p><p>At the server it is possible to provide security on a per service basis.
+The configuration parameters should be set in the service.xml file of the
+service. The client side config parameters should be set in the axis2.xml of
+the client's Axis2 repository.</p><p>The security module uses two parameters:</p><ul>
+  <li>OutflowSecurity</li>
+  <li>InflowSecurity</li>
+</ul><p>
+The configuration that can go in each of these parameters are described below:
+
+</p><div class="subsection"><a name="OutflowSecurity_parameter"></a><h3>OutflowSecurity parameter</h3><p>
+This parameter is used to configure the outflow security handler. The outflow
+handler can be invoked more than once in the outflow one can provide
+configuration for each of these invocations. The 'action' element describes
+one of these configurations. Therefore the 'OutflowSecurity' parameter can
+contain more than one 'action' elements. The schema of this 'action' element
+is available <a href="sec-conf/out-action.xsd">here</a>.
+
+</p><p>An outflow configuration to add a timestamp, sing and encrypt the message
+once, is shown in<a href="#ex1"> Example 1</a> and <a href="#ex1"> Example
+2</a> shows how to sign the message twice by chaining the outflow handler
+(using two 'action' elements)</p><p>Following is a description of the elements that can go in an 'action'
+element of the OutflowSecurity parameter</p><br></br><table class="bodyTable"><tbody>
+    <tr class="b"><td><b>Parameter</b></td><td><b>Description</b></td><td><b>Example</b></td></tr>
+    <tr class="a"><td>items</td><td>Security actions for the inflow</td><td>Add a Timestamp, Sign the SOAP body and Encrypt the SOAP body <br></br>
+        &lt;items&gt; Timestamp Signature Encrypt&lt;/items&gt;</td></tr>
+    <tr class="b"><td>user</td><td>The user's name</td><td>Set alias of the key to be used to sign<br></br>
+        &lt;user&gt; bob&lt;/user&gt;</td></tr>
+    <tr class="a"><td>passwordCallbackClass</td><td>Callback class used to provide the password required to create the
+        UsernameToken or to sign the message</td><td>&lt;passwordCallbackClass&gt;
+        org.apache.axis2.security.PWCallback&lt;/passwordCallbackClass&gt;</td></tr>
+    <tr class="b"><td>signaturePropFile</td><td>property file used to get the signature parameters such as crypto
+        provider, keystore and its password</td><td>Set example.properties file as the signature property file<br></br>
+        &lt;signaturePropFile&gt;
+      example.properties&lt;/signaturePropFile&gt;</td></tr>
+    <tr class="a"><td>signatureKeyIdentifier</td><td>Key identifier to be used in referring the key in the signature</td><td>Use the serial number of the certificate<br></br>
+        &lt;signatureKeyIdentifier&gt;
+        IssuerSerial&lt;/signatureKeyIdentifier&gt;</td></tr>
+    <tr class="b"><td>encryptionKeyIdentifier</td><td>Key identifier to be used in referring the key in encryption</td><td>Use the serial number of the certificate <br></br>
+        &lt;encryptionKeyIdentifier&gt;IssuerSerial&lt;/encryptionKeyIdentifier&gt;</td></tr>
+    <tr class="a"><td>encryptionUser</td><td>The user's name for encryption.</td><td><br></br>
+        &lt;encryptionUser&gt;alice&lt;/encryptionUser&gt;</td></tr>
+    <tr class="b"><td>encryptionSymAlgorithm</td><td>Symmetric algorithm to be used for encryption</td><td>Use AES-128<br></br>
+        &lt;encryptionSymAlgorithm&gt;
+        http://www.w3.org/2001/04/xmlenc#aes128-cbc&lt;/encryptionSymAlgorithm&gt;</td></tr>
+    <tr class="a"><td>encryptionKeyTransportAlgorithm</td><td>Key encryption algorithm</td><td>Use RSA-OAEP<br></br>
+        &lt;parameter name="encryptionSymAlgorithm"&gt;
+        http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p&lt;/parameter&gt;</td></tr>
+    <tr class="b"><td>signatureParts</td><td>Sign multiple parts in the SOAP message</td><td>Sign Foo and Bar elements qualified by "http://app.ns/ns"<br></br>
+        &lt;signatureParts&gt;
+        {Element}{http://app.ns/ns}Foo;{Element}{http://app.ns/ns}Bar
+        &lt;/signatureParts&gt;</td></tr>
+    <tr class="a"><td>optimizeParts</td><td>MTOM Optimize the elements specified by the XPath query</td><td>Optimize the CipherValue<br></br>
+        &lt;optimizeParts&gt;
+        //xenc:EncryptedData/xenc:CipherData/xenc:CipherValue
+        &lt;/optimizeParts&gt;</td></tr>
+  </tbody></table><br></br></div><div class="subsection"><a name="InflowSecurity_parameter"></a><h3>InflowSecurity parameter</h3><p>This parameter is used to configure the inflow security handler. The
+'action' element is used to encapsulate the configuration elements here as
+well. The schema of the 'action' element is available here. <a href="#ex3">Example 3</a> shows the configuration to decrypt, verify
+signature and validate timestamp.</p><table class="bodyTable"><tbody>
+    <tr class="b"><td><b>Parameter</b></td><td><b>Description</b></td><td><b>Example</b></td></tr>
+    <tr class="a"><td>items</td><td>Security actions for the inflow</td><td>first the incoming message should be decrypted and then the
+        signatures should be verified and should be checked for the
+        availability of the Timestamp <br></br>
+        &lt;items&gt; Timestamp Signature Encrypt&lt;/items&gt;</td></tr>
+    <tr class="b"><td>passwordCallbackClass</td><td>Callback class used to obtain password for decryption and
+        UsernameToken verification</td><td><br></br>
+        &lt;passwordCallbackClass&gt;
+        org.apache.axis2.security.PWCallback&lt;/passwordCallbackClass&gt;</td></tr>
+    <tr class="a"><td>signaturePropFile</td><td>Property file used for signature verification</td><td><br></br>
+        &lt;signaturePropFile&gt;
+      sig.properties&lt;/signaturePropFile&gt;</td></tr>
+    <tr class="b"><td>decryptionPropFile</td><td>Property file used for decryption</td><td><br></br>
+        &lt;decryptionPropFile&gt;
+      dec.properties&lt;/decryptionPropFile&gt;</td></tr>
+  </tbody></table><br></br><p>Please note that the '.properties' files used in properties such as
+OutSignaturePropFile are the same property files that are using in the WSS4J
+project. Following shows the properties defined in a sample property file</p>
+    <div class="source"><pre><pre>org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
+org.apache.ws.security.crypto.merlin.keystore.password=security
+org.apache.ws.security.crypto.merlin.keystore.alias=16c73ab6-b892-458f-abf5-2f875f74882e
+org.apache.ws.security.crypto.merlin.alias.password=security
+org.apache.ws.security.crypto.merlin.file=keys/x509.PFX.MSFT</pre>
+</pre></div>
+  <p>org.apache.ws.security.crypto.provider defines the implementation of
+the org.apache.ws.security.components.crypto.Crypto interface to provide the
+crypto information required by WSS4J. The other properties defined are the
+configuration properties used by the implementation class
+(org.apache.ws.security.components.crypto.Merlin).
+
+</p></div><div class="subsection"><a name="JDK_1_5"></a><h3>JDK 1.5</h3><p>If you are using JDK1.5 make sure you add bouncycastle as a JCE provider
+of the JRE</p><p>Simply add
+<b>security.provider.X=org.bouncycastle.jce.provider.BouncyCastleProvider</b>
+entry in <b>JDK_HOME/jre/lib/security/java.security</b> file.</p><p><b>References</b></p><p>1. <a href="http://ws.apache.org/wss4j" class="externalLink" title="External Link">Apache WSS4J</a></p><br></br><p><b>Examples</b></p><p id="ex1">Example 1: An outflow configuration to add a timestamp, sing and
+encrypt the message once</p><p><img src="sec-conf/out-sample.png" alt=""></img></p><p id="ex2">Example 2: An outflow configuration to sign the message twice and
+add a timestamp</p><p><img src="sec-conf/out-sample2.png" alt=""></img></p><p id="ex3">Example 3: An inflow configuration to decrypt, verify signature
 and validate timestamp</p><p><img src="sec-conf/in-sample.png" alt=""></img></p></div></div></div></div><div class="clear"><hr></hr></div><div id="footer"><div class="xright">© 2004-2007, Apache Software Foundation</div><div class="clear"><hr></hr></div></div></body></html>
\ No newline at end of file



---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org


Mime
View raw message