cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject svn commit: r815904 - in /websites/production/cxf/content: cache/docs.pageCache docs/ws-security.html
Date Sat, 05 May 2012 16:48:36 GMT
Author: buildbot
Date: Sat May  5 16:48:35 2012
New Revision: 815904

Production update by buildbot for cxf


Modified: websites/production/cxf/content/cache/docs.pageCache
Binary files - no diff available.

Modified: websites/production/cxf/content/docs/ws-security.html
--- websites/production/cxf/content/docs/ws-security.html (original)
+++ websites/production/cxf/content/docs/ws-security.html Sat May  5 16:48:35 2012
@@ -480,6 +480,10 @@ outProps.put(WSHandlerConstants.ACTION, 
 <p><a shape="rect" class="external-link" href=""
rel="nofollow">Here is an example</a> of WS-Security implemented using annotations
for interceptors (uses UsernameToken).</p>
+<h3><a shape="rect" name="WS-Security-WSSecurityUsernameTokenandCustomAuthentication"></a>WS-Security
UsernameToken and Custom Authentication</h3>
+<p>If needed, one may want to configure a jaxws:endpoint with a "ws-security.validate.token"
property set to false and register a custom
implementation for using a WSS4J UsernameToken wrapped in a CXF specific UsernameToken for
the custom authentication and Subject creation. The JAASLoginInterceptor will also recognize
a CXF UsernameToken and thus can be used instead of the custom
 (Prior to CXF 2.4.0, use "" instead of "ws-security.validate.token"
with the value of true instead of false to  postpone the validation of the token.)</p>
 <h2><a shape="rect" name="WS-Security-UsingX.509Certificates"></a>Using
X.509 Certificates</h2>
 <p>The X.509 Certificate Token Profile (<a shape="rect" class="external-link" href=""
rel="nofollow">pdf</a>) provides another option for implementing WS-Security.  For
the Signature and Encryption actions, you'll need to create a public &amp; private key
for the entities involved.  You can generate a self-signed key pair for your development environment
via the following steps.  Keep in mind these will not be signed by an external authority like
Verisign, so are inappropriate for production use.</p>

View raw message