cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r814223 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-data-bindings.html docs/security.html docs/transformationfeature.html
Date Tue, 24 Apr 2012 10:48:20 GMT
Author: buildbot
Date: Tue Apr 24 10:48:19 2012
New Revision: 814223

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/docs.pageCache
    websites/production/cxf/content/docs/jax-rs-data-bindings.html
    websites/production/cxf/content/docs/security.html
    websites/production/cxf/content/docs/transformationfeature.html

Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/docs/jax-rs-data-bindings.html
==============================================================================
--- websites/production/cxf/content/docs/jax-rs-data-bindings.html (original)
+++ websites/production/cxf/content/docs/jax-rs-data-bindings.html Tue Apr 24 10:48:19 2012
@@ -590,7 +590,7 @@ Typically one would delegate to a super 
   <span class="code-tag">&lt;/jaxrs:serviceBeans&gt;</span>
   <span class="code-tag">&lt;jaxrs:providers&gt;</span>
     <span class="code-tag">&lt;ref bean=<span class="code-quote">"jaxbProvider"</span>/&gt;</span>
-    <span class="code-tag">&lt;ref bean=<span class="code-quote">"sonProvider"</span>/&gt;</span>
+    <span class="code-tag">&lt;ref bean=<span class="code-quote">"jsonProvider"</span>/&gt;</span>
   <span class="code-tag">&lt;/jaxrs:providers&gt;</span>
 <span class="code-tag">&lt;/jaxrs:server&gt;</span>
 

Modified: websites/production/cxf/content/docs/security.html
==============================================================================
--- websites/production/cxf/content/docs/security.html (original)
+++ websites/production/cxf/content/docs/security.html Tue Apr 24 10:48:19 2012
@@ -124,7 +124,7 @@ Apache CXF -- Security
 <div id="ConfluenceContent"><p><span style="font-size:2em;font-weight:bold">
Securing CXF Services </span></p>
 
 <div>
-<ul><li><a shape="rect" href="#Security-Securetransports">Secure transports</a></li><ul><li><a
shape="rect" href="#Security-HTTPS">HTTPS</a></li></ul><li><a
shape="rect" href="#Security-WSSecurity">WS-* Security</a></li><li><a
shape="rect" href="#Security-Authentication">Authentication</a></li><li><a
shape="rect" href="#Security-WSSecurityUsernameTokenandCustomAuthentication">WS-Security
UsernameToken and Custom Authentication</a></li><li><a shape="rect" href="#Security-Authorization">Authorization</a></li><li><a
shape="rect" href="#Security-ControllingLargeRequestPayloads">Controlling Large Request
Payloads</a></li><ul><li><a shape="rect" href="#Security-XML">XML</a></li><li><a
shape="rect" href="#Security-Multiparts">Multiparts</a></li></ul></ul></div>
+<ul><li><a shape="rect" href="#Security-Securetransports">Secure transports</a></li><ul><li><a
shape="rect" href="#Security-HTTPS">HTTPS</a></li></ul><li><a
shape="rect" href="#Security-WSSecurity">WS-* Security</a></li><li><a
shape="rect" href="#Security-WSTrust%2CSTS%2CSSO">WS-Trust, STS, SSO</a></li><li><a
shape="rect" href="#Security-WSSecurityUsernameTokenandCustomAuthentication">WS-Security
UsernameToken and Custom Authentication</a></li><li><a shape="rect" href="#Security-OAuth">OAuth</a></li><li><a
shape="rect" href="#Security-Authentication">Authentication</a></li><li><a
shape="rect" href="#Security-Authorization">Authorization</a></li><li><a
shape="rect" href="#Security-ControllingLargeRequestPayloads">Controlling Large Request
Payloads</a></li><ul><li><a shape="rect" href="#Security-XML">XML</a></li><li><a
shape="rect" href="#Security-Multiparts">Multiparts</a></li></ul></ul></div>
 
 <h1><a shape="rect" name="Security-Securetransports"></a>Secure transports</h1>
 
@@ -136,6 +136,22 @@ Apache CXF -- Security
 
 <p>Please see the <a shape="rect" href="http://cxf.apache.org/docs/ws-support.html">WS-*
Support</a> page for more information.</p>
 
+<h1><a shape="rect" name="Security-WSTrust%2CSTS%2CSSO"></a>WS-Trust, STS,
SSO</h1>
+
+<p>Please follow these blogs for the up-to-date information about the support for these
technologies in CXF:<br clear="none">
+<a shape="rect" class="external-link" href="http://coheigea.blogspot.com/" rel="nofollow">http://coheigea.blogspot.com/</a><br
clear="none">
+<a shape="rect" class="external-link" href="http://owulff.blogspot.com/" rel="nofollow">http://owulff.blogspot.com/</a></p>
+
+<h1><a shape="rect" name="Security-WSSecurityUsernameTokenandCustomAuthentication"></a>WS-Security
UsernameToken and Custom Authentication</h1>
+
+<p>If needed, one may want to configure a jaxws:endpoint with a "ws-security.ut.no-callbacks"
property set to true and register a custom org.apache.cxf.interceptor.security.AbstractUsernameTokenInInterceptor
implementation for using a WSS4J UsernameToken wrapped in a CXF specific UsernameToken for
the custom authentication and Subject creation. JAASLoginInterceptor will also recognize a
CXF UsernameToken and thus can be used instead of the custom org.apache.cxf.interceptor.security.AbstractUsernameTokenInterceptor.</p>
+
+<p>Note that the "ws-security.ut.no-callbacks" property has been renamed to "ws-security.validate.token"
in CXF 2.4.0. The name of the property is 'positive' thus one will need to set this property
to false in order to postpone the validation of the token.</p>
+
+<h1><a shape="rect" name="Security-OAuth"></a>OAuth</h1>
+
+<p>Please check <a shape="rect" href="http://cxf.apache.org/docs/jax-rs-oauth2.html">OAuth2.0</a>
and <a shape="rect" href="http://cxf.apache.org/docs/jax-rs-oauth.html">OAuth1.0</a>
pages for the information about the support for OAuth 2.0 and OAuth 1.0 in CXF.</p>
+
 <h1><a shape="rect" name="Security-Authentication"></a>Authentication</h1>
 
 <p>Container or Spring Security managed authentication as well as the custom authentication
are all the viable options used by CXF developers.</p>
@@ -161,7 +177,11 @@ Apache CXF -- Security
    <span class="code-tag">&lt;property name=<span class="code-quote">"roleClassifier"</span>
value=<span class="code-quote">"ROLE_"</span>/&gt;</span>
 
 <span class="code-tag">&lt;/bean&gt;</span>
-<span class="code-tag"><span class="code-comment">&lt;!-- Similarly for JAX-RS
endpoints --&gt;</span></span>
+&lt;!-- 
+  Similarly for JAX-RS endpoints.
+  Note that org.apache.cxf.jaxrs.security.JAASAuthenticationFilter 
+  can be registered as jaxrs:provider instead
+--&gt;
 </pre>
 </div></div> 
 
@@ -183,13 +203,6 @@ Apache CXF -- Security
 
 <p>In this case JAASLoginInterceptor will know that the roles are represented by a
class whose simple name is RolePrincipal. Note that full class names are also supported.</p>
 
-
-<h1><a shape="rect" name="Security-WSSecurityUsernameTokenandCustomAuthentication"></a>WS-Security
UsernameToken and Custom Authentication</h1>
-
-<p>If needed, one may want to configure a jaxws:endpoint with a "ws-security.ut.no-callbacks"
property set to true and register a custom org.apache.cxf.interceptor.security.AbstractUsernameTokenInInterceptor
implementation for using a WSS4J UsernameToken wrapped in a CXF specific UsernameToken for
the custom authentication and Subject creation. JAASLoginInterceptor will also recognize a
CXF UsernameToken and thus can be used instead of the custom org.apache.cxf.interceptor.security.AbstractUsernameTokenInterceptor.</p>
-
-<p>Note that the "ws-security.ut.no-callbacks" property has been renamed to "ws-security.validate.token"
in CXF 2.4.0. The name of the property is 'positive' thus one will need to set this property
to false in order to postpone the validation of the token.</p>
-
 <h1><a shape="rect" name="Security-Authorization"></a>Authorization</h1>
 
 <p>Container or Spring Security managed authorization as well as the custom authorization
are all the viable options used by CXF developers.</p>
@@ -272,8 +285,11 @@ Apache CXF -- Security
 
 <p>The following system properties can also be set up for JAX-WS endpoints: "org.apache.cxf.staxutils.innerElementCountThreshold"
and "org.apache.cxf.staxutils.innerElementLevelThreshold".</p>
 
+<p>Please check this <a shape="rect" class="external-link" href="https://cwiki.apache.org/confluence/display/CXF20DOC/JAX-RS+Data+Bindings#JAX-RSDataBindings-ControllingLargeJAXBXMLandJSONinputpayloads">section</a>
for the additional information on how JAX-RS JAXB-based providers can be configured.</p>
+
 <h2><a shape="rect" name="Security-Multiparts"></a>Multiparts</h2>
-</div>
+
+<p>The "org.apache.cxf.io.CachedOutputStream.MaxSize" system property or "attachment-max-size"
per-endpoint contextual property can be used to control the size of large attachments. When
the limits is reached, the error is returned. JAX-WS consumers will receive 500, JAX-RS/HTTP
consumers: 413.</p></div>
            </div>
            <!-- Content -->
          </td>

Modified: websites/production/cxf/content/docs/transformationfeature.html
==============================================================================
--- websites/production/cxf/content/docs/transformationfeature.html (original)
+++ websites/production/cxf/content/docs/transformationfeature.html Tue Apr 24 10:48:19 2012
@@ -124,7 +124,7 @@ Apache CXF -- TransformationFeature
 <div id="ConfluenceContent"><p><span style="font-size:2em;font-weight:bold">
Transformation Feature </span></p>
 
 <div>
-<ul><li><a shape="rect" href="#TransformationFeature-Springconfiguration">Spring
configuration</a></li><ul><li><a shape="rect" href="#TransformationFeature-Changinginputandoutputelementnamesandnamespaces">Changing
input and output element names and namespaces</a></li><li><a shape="rect"
href="#TransformationFeature-Appendingnewinputandoutputelements">Appending new input and
output elements</a></li><ul><li><a shape="rect" href="#TransformationFeature-AppendPreWrap">Append-Pre-Wrap</a></li><li><a
shape="rect" href="#TransformationFeature-AppendPostWrap">Append-Post-Wrap</a></li><li><a
shape="rect" href="#TransformationFeature-AppendPreInclude">Append-Pre-Include</a></li><li><a
shape="rect" href="#TransformationFeature-AppendPostInclude">Append-Post-Include</a></li></ul><li><a
shape="rect" href="#TransformationFeature-Replacingtextcontent">Replacing text content</a></li><li><a
shape="rect" href="#TransformationFeature-Droppingoutputandinputelements">Dropping output
and input el
 ements</a></li><li><a shape="rect" href="#TransformationFeature-Convertingattributestoelements">Converting
attributes to elements</a></li></ul><li><a shape="rect" href="#TransformationFeature-InputTransformationandRedirection">Input
Transformation and Redirection</a></li><li><a shape="rect" href="#TransformationFeature-Configuringthefeaturefromthecode">Configuring
the feature from the code</a></li><ul><li><a shape="rect" href="#TransformationFeature-JAXWS">JAX-WS</a></li><li><a
shape="rect" href="#TransformationFeature-JAXRS">JAX-RS</a></li></ul></ul></div>
+<ul><li><a shape="rect" href="#TransformationFeature-Springconfiguration">Spring
configuration</a></li><ul><li><a shape="rect" href="#TransformationFeature-Changinginputandoutputelementnamesandnamespaces">Changing
input and output element names and namespaces</a></li><li><a shape="rect"
href="#TransformationFeature-Appendingnewinputandoutputelements">Appending new input and
output elements</a></li><ul><li><a shape="rect" href="#TransformationFeature-AppendPreWrap">Append-Pre-Wrap</a></li><li><a
shape="rect" href="#TransformationFeature-AppendPostWrap">Append-Post-Wrap</a></li><li><a
shape="rect" href="#TransformationFeature-AppendPreInclude">Append-Pre-Include</a></li><li><a
shape="rect" href="#TransformationFeature-AppendPostInclude">Append-Post-Include</a></li></ul><li><a
shape="rect" href="#TransformationFeature-Replacingtextcontent">Replacing text content</a></li><li><a
shape="rect" href="#TransformationFeature-Droppingoutputandinputelements">Dropping output
and input el
 ements</a></li><li><a shape="rect" href="#TransformationFeature-Convertingattributestoelements">Converting
attributes to elements</a></li></ul><li><a shape="rect" href="#TransformationFeature-InputTransformationandRedirection">Input
Transformation and Redirection</a></li><li><a shape="rect" href="#TransformationFeature-Configuringthefeaturefromthecode">Configuring
the feature from the code</a></li><ul><li><a shape="rect" href="#TransformationFeature-JAXWS">JAX-WS</a></li><li><a
shape="rect" href="#TransformationFeature-JAXRS">JAX-RS</a></li></ul><li><a
shape="rect" href="#TransformationFeature-Transforminterceptorsandphases">Transform interceptors
and phases</a></li><li><a shape="rect" href="#TransformationFeature-Defaultnamespaceontheoutput">Default
namespace on the output</a></li></ul></div>
 
 <p>The CXF Transformation feature provides for a flexible and fast way to do the dynamic
transformations of the inbound and/or outbound XML messages. </p>
 
@@ -371,7 +371,17 @@ config.getOutInterceptors().add(transfor
 transformInInterceptor.setInTransformElements(inTransformMap);
 config.getInInterceptors().add(transformInInterceptor);
 </pre>
-</div></div></div>
+</div></div>
+
+<h1><a shape="rect" name="TransformationFeature-Transforminterceptorsandphases"></a>Transform
interceptors and phases</h1>
+
+<p>TransformInInterceptor and TransformOutInterceptor interceptors run in POST_STREAM
and PRE_STREAM phases. <br clear="none">
+In some cases it may be needed to change the phase, for example, the in transformation has
to be applied after the encrypted payload has been decrypted and its signature checked. For
such transformations to succeed TransformInInterceptor will need to be created with a constructor
accepting a 'phase' String parameter, for the interceptor to run after the decrypption and
signature validation actions have been performed.</p>
+
+<h1><a shape="rect" name="TransformationFeature-Defaultnamespaceontheoutput"></a>Default
namespace on the output</h1>
+
+<p>The 'outDefaultNamespace' feature property can be used to enforce the default namespace
declaration. The value of this property has to match one of the out namespaces.</p>
+</div>
            </div>
            <!-- Content -->
          </td>



Mime
View raw message