cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r826334 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-oauth.html docs/jax-rs-oauth2.html
Date Thu, 19 Jul 2012 16:47:50 GMT
Author: buildbot
Date: Thu Jul 19 16:47:50 2012
New Revision: 826334

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/docs.pageCache
    websites/production/cxf/content/docs/jax-rs-oauth.html
    websites/production/cxf/content/docs/jax-rs-oauth2.html

Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/docs/jax-rs-oauth.html
==============================================================================
--- websites/production/cxf/content/docs/jax-rs-oauth.html (original)
+++ websites/production/cxf/content/docs/jax-rs-oauth.html Thu Jul 19 16:47:50 2012
@@ -125,7 +125,7 @@ Apache CXF -- JAX-RS OAuth
 
 
 <div>
-<ul><li><a shape="rect" href="#JAX-RSOAuth-Introduction">Introduction</a></li><li><a
shape="rect" href="#JAX-RSOAuth-Mavendependencies">Maven dependencies</a></li><li><a
shape="rect" href="#JAX-RSOAuth-DevelopingOAuth1.0Servers">Developing OAuth 1.0 Servers</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth-RequestTokenService">RequestTokenService</a></li><li><a
shape="rect" href="#JAX-RSOAuth-AuthorizationRequestService">AuthorizationRequestService</a></li><li><a
shape="rect" href="#JAX-RSOAuth-AccessTokenService">AccessTokenService</a></li><li><a
shape="rect" href="#JAX-RSOAuth-WritingOAuthDataProvider">Writing OAuthDataProvider</a></li><li><a
shape="rect" href="#JAX-RSOAuth-OAuthServerJAXRSendpoints">OAuth Server JAX-RS endpoints</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth-ProtectingresourceswithOAuthfilters">Protecting resources
with OAuth filters</a></li><li><a shape="rect" href="#JAX-RSOAuth-Howtogettheuserloginname">How
to get the user login name</a></li><li><
 a shape="rect" href="#JAX-RSOAuth-Clientsidesupport">Client-side support</a></li><li><a
shape="rect" href="#JAX-RSOAuth-2legOAuthFlow">2-leg OAuth Flow</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth-ClientrequestsPreAuthorizedRequestToken">Client requests
PreAuthorized RequestToken</a></li><li><a shape="rect" href="#JAX-RSOAuth-SignaturewithConsumerKeyandSecret">Signature
with Consumer Key and Secret</a></li><li><a shape="rect" href="#JAX-RSOAuth-OnlyConsumerKeyandSecretinAuthorizationheader">Only
Consumer Key and Secret in Authorization header</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth-OAuthWithoutaBrowser">OAuth Without a Browser</a></li><li><a
shape="rect" href="#JAX-RSOAuth-Designconsiderations">Design considerations</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth-ControllingtheAccesstoResourceServer">Controlling the Access
to Resource Server</a></li><ul><li><a shape="rect" href="#JAX-RSOAuth-Sharingthesameaccesspathbetweenendusersandconsumers">Sharing
th
 e same access path between end users and consumers</a></li><li><a shape="rect"
href="#JAX-RSOAuth-Providingdifferentaccesspointstoendusersandconsumers">Providing different
access points to end users and consumers</a></li></ul><li><a shape="rect"
href="#JAX-RSOAuth-SingleSignOn">Single Sign On</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth-WhatIsNext">What Is Next</a></li></ul></div>
+<ul><li><a shape="rect" href="#JAX-RSOAuth-Introduction">Introduction</a></li><li><a
shape="rect" href="#JAX-RSOAuth-Mavendependencies">Maven dependencies</a></li><li><a
shape="rect" href="#JAX-RSOAuth-DevelopingOAuth1.0Servers">Developing OAuth 1.0 Servers</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth-RequestTokenService">RequestTokenService</a></li><li><a
shape="rect" href="#JAX-RSOAuth-AuthorizationRequestService">AuthorizationRequestService</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth-OOBcallbacks">OOB callbacks</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth-AccessTokenService">AccessTokenService</a></li><li><a
shape="rect" href="#JAX-RSOAuth-WritingOAuthDataProvider">Writing OAuthDataProvider</a></li><li><a
shape="rect" href="#JAX-RSOAuth-OAuthServerJAXRSendpoints">OAuth Server JAX-RS endpoints</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth-ProtectingresourceswithOAuthfilters">Protecting resources
with OAuth filters</a></li><li><a shape="rect" href=
 "#JAX-RSOAuth-Howtogettheuserloginname">How to get the user login name</a></li><li><a
shape="rect" href="#JAX-RSOAuth-Clientsidesupport">Client-side support</a></li><li><a
shape="rect" href="#JAX-RSOAuth-2legOAuthFlow">2-leg OAuth Flow</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth-ClientrequestsPreAuthorizedRequestToken">Client requests
PreAuthorized RequestToken</a></li><li><a shape="rect" href="#JAX-RSOAuth-SignaturewithConsumerKeyandSecret">Signature
with Consumer Key and Secret</a></li><li><a shape="rect" href="#JAX-RSOAuth-OnlyConsumerKeyandSecretinAuthorizationheader">Only
Consumer Key and Secret in Authorization header</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth-OAuthWithoutaBrowser">OAuth Without a Browser</a></li><li><a
shape="rect" href="#JAX-RSOAuth-Reportingtheerrordetails">Reporting the error details</a></li><li><a
shape="rect" href="#JAX-RSOAuth-Designconsiderations">Design considerations</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth-Controlli
 ngtheAccesstoResourceServer">Controlling the Access to Resource Server</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth-Sharingthesameaccesspathbetweenendusersandconsumers">Sharing
the same access path between end users and consumers</a></li><li><a shape="rect"
href="#JAX-RSOAuth-Providingdifferentaccesspointstoendusersandconsumers">Providing different
access points to end users and consumers</a></li></ul><li><a shape="rect"
href="#JAX-RSOAuth-SingleSignOn">Single Sign On</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth-WhatIsNext">What Is Next</a></li></ul></div>
 
 <h1><a shape="rect" name="JAX-RSOAuth-Introduction"></a>Introduction</h1>
 
@@ -354,6 +354,38 @@ Referer=[http:<span class="code-comment"
 
 <p>Assuming the decision was "allow", the consumer has now received back the request
token and its verifier and is ready to exchange this pair for an access token.</p>
 
+<h3><a shape="rect" name="JAX-RSOAuth-OOBcallbacks"></a>OOB callbacks</h3>
+
+<p>The OAuth 1.0 mentions so called "oob" (out-of-band) callbacks. If the third-party
client is not running as a web application or if it is known it can not receive the redirect
response from AuthorizationRequestService for whatever reasons, then a callback URI can be
set to "oob", when a request token is <br clear="none">
+requested:  </p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+Address: http://localhost:8080/services/oauth/initiate
+Encoding: ISO-8859-1
+Http-Method: POST
+Content-Type: */*
+Headers: {
+Accept=[application/x-www-form-urlencoded], 
+
+Content-Length=[0],
+
+Authorization=[OAuth oauth_callback=<span class="code-quote">"oob"</span>, 
+                     oauth_nonce=<span class="code-quote">"e365fa02-772e-4e33-900d-00a766ccadf8"</span>,

+                     oauth_consumer_key=<span class="code-quote">"123456789"</span>,

+                     oauth_signature_method=<span class="code-quote">"HMAC-SHA1"</span>,

+                     oauth_timestamp=<span class="code-quote">"1320748683"</span>,

+                     oauth_version=<span class="code-quote">"1.0"</span>, 
+                     oauth_signature=<span class="code-quote">"ztTQuqaJS7L6dNQwn%2Fqi1MdaqQQ%3D"</span>]

+}
+</pre>
+</div></div>
+
+<p>RequestTokenService will only accept the "oob" value if a client callbackURI property
has been set to "oob" during the client application registration process. Specifically, RequestTokenService
will expect that a <a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Client.java">Client</a>
bean will have its callbackURI property being set to "oob".</p>
+
+<p>When a callback URI is set to "oob", it means that a user decision response needs
to be presented directly to the current user - which will then make the request token and
verifier info somehow available to the client application. In case of "oob", AuthorizationRequestService,
instead of redirecting the user back to the callback URI as shown earlier on, will simply
return an instance of <a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/OOBAuthorizationResponse.java">OOBAuthorizationResponse</a>.
RequestDispatcherProvider will need to be used for redirecting this data to the view handler
exactly how it is done when a user is asked to authorize the client application, with the
view handler formatting the data and actually returning it to the user </p>
+
+
 <h2><a shape="rect" name="JAX-RSOAuth-AccessTokenService"></a>AccessTokenService
</h2>
 
 <p>The role of AccessTokenService is to exchange an authorized request token for a
new access token which will be used by the consumer to access the end user's resources. <br
clear="none">
@@ -690,6 +722,26 @@ However, supporting other types of end u
 
 <p>Also note that AuthorizationRequestService can return XML or JSON <a shape="rect"
class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthAuthorizationData.java">OAuthAuthorizationData</a>
representations. That makes it easy for a client code to get OAuthAuthorizationData and offer
a pop-up window or get the input from the command-line. Authorizing the third-party application
might even be automated in this case - which can lead to a complete 3-leg OAuth flow implemented
without a human user being involved.</p>
 
+<h1><a shape="rect" name="JAX-RSOAuth-Reportingtheerrordetails"></a>Reporting
the error details</h1>
+
+<p>CXF OAuth 1.0 services will report only HTTP status code in case of various OAuth-related
errors to minimize the information about the actual cause of the failure and will log the
details locally. If providing the extra error information can help with debugging 3rd-party
applications or if such application can indeed recover from the failures based on such details,
then setting a contextual "report.failure.details" property to "true" will get the error messages
available in the response body. Some OAuth1.0 implementers have chosen to return a custom
"oauth_problem" HTTP header instead - this option can be supported by additionally setting
a contextual "report.failure.details.as.header" property to "true", for example:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+<span class="code-tag">&lt;jaxrs:server id=<span class="code-quote">"oauthServer"</span>
address=<span class="code-quote">"/initiate"</span>&gt;</span>
+        <span class="code-tag">&lt;jaxrs:serviceBeans&gt;</span>
+            <span class="code-tag">&lt;bean class=<span class="code-quote">"org.apache.cxf.rs.security.oauth.services.RequestTokenService"</span>/&gt;</span>
+        <span class="code-tag">&lt;/jaxrs:serviceBeans&gt;</span>
+        <span class="code-tag">&lt;jaxrs:properties&gt;</span>
+           <span class="code-tag">&lt;entry key=<span class="code-quote">"report.failure.details"</span>
value=<span class="code-quote">"true"</span>/&gt;</span>
+           <span class="code-tag">&lt;entry key=<span class="code-quote">"report.failure.details.as.header"</span>
value=<span class="code-quote">"true"</span>/&gt;</span>
+        <span class="code-tag">&lt;/jaxrs:properties&gt;</span>
+<span class="code-tag">&lt;/jaxrs:server&gt;</span>
+
+</pre>
+</div></div>
+
+
 <h1><a shape="rect" name="JAX-RSOAuth-Designconsiderations"></a>Design
considerations</h1>
 
 <p>This section will talk about various design considerations one need to take into
account when deploying OAuth-based solutions.</p>
@@ -781,7 +833,7 @@ For example, consider the following JAX-
 
 <h2><a shape="rect" name="JAX-RSOAuth-SingleSignOn"></a>Single Sign On</h2>
 
-<p>When dealing with authenticating the end users, having an SSO solution in place
is very handy. This is because the end user interacts with both the third-party and its resource
server web applications and is also redirected from the consumer application to the resource
server and back again. OpenID or say a WebBrowser SSO profile can help - CXF may offer some
support in this area. </p>
+<p>When dealing with authenticating the end users, having an SSO solution in place
is very handy. This is because the end user interacts with both the third-party and its resource
server web applications and is also redirected from the consumer application to the resource
server and back again. OpenID or say a <a shape="rect" href="http://cxf.apache.org/docs/saml-web-sso.html">WebBrowser
SSO profile</a> can help. </p>
 
 <h1><a shape="rect" name="JAX-RSOAuth-WhatIsNext"></a>What Is Next</h1>
 

Modified: websites/production/cxf/content/docs/jax-rs-oauth2.html
==============================================================================
--- websites/production/cxf/content/docs/jax-rs-oauth2.html (original)
+++ websites/production/cxf/content/docs/jax-rs-oauth2.html Thu Jul 19 16:47:50 2012
@@ -125,14 +125,15 @@ Apache CXF -- JAX-RS OAuth2
 
 
 <div>
-<ul><li><a shape="rect" href="#JAX-RSOAuth2-Introduction">Introduction</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-Mavendependencies">Maven dependencies</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-DevelopingOAuth2Servers">Developing OAuth2 Servers</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-AuthorizationService">Authorization Service</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-AccessTokenService">AccessTokenService</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-AccessTokenValidationService">AccessTokenValidationService</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth2-WritingOAuthDataProvider">Writing OAuthDataProvider</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-OAuthServerJAXRSendpoints">OAuth Server JAX-RS endpoints</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth2-ProtectingresourceswithOAuthfilters">Protecting resources
with OAuth filters</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Howtogettheuserloginname">How
to get the user login
  name</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Clientsidesupport">Client-side
support</a></li><li><a shape="rect" href="#JAX-RSOAuth2-OAuth2withouttheExplicitAuthorization">OAuth2
without the Explicit Authorization</a></li><li><a shape="rect" href="#JAX-RSOAuth2-OAuthWithoutaBrowser">OAuth
Without a Browser</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Designconsiderations">Design
considerations</a></li><ul><li><a shape="rect" href="#JAX-RSOAuth2-ControllingtheAccesstoResourceServer">Controlling
the Access to Resource Server</a></li><ul><li><a shape="rect" href="#JAX-RSOAuth2-Sharingthesameaccesspathbetweenendusersandclients">Sharing
the same access path between end users and clients</a></li><li><a shape="rect"
href="#JAX-RSOAuth2-Providingdifferentaccesspointstoendusersandclients">Providing different
access points to end users and clients</a></li></ul><li><a shape="rect"
href="#JAX-RSOAuth2-SingleSignOn">Single Sign On</a></li></ul><li><a
shape="rect" href="#JAX-RS
 OAuth2-WhatIsNext">What Is Next</a></li></ul></div>
+<ul><li><a shape="rect" href="#JAX-RSOAuth2-Introduction">Introduction</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-Mavendependencies">Maven dependencies</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-DevelopingOAuth2Servers">Developing OAuth2 Servers</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-AuthorizationService">Authorization Service</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-AccessTokenService">AccessTokenService</a></li><ul><li><a
shape="rect" href="#JAX-RSOAuth2-AccessTokenValidationService">AccessTokenValidationService</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth2-WritingOAuthDataProvider">Writing OAuthDataProvider</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-OAuthServerJAXRSendpoints">OAuth Server JAX-RS endpoints</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth2-ProtectingresourceswithOAuthfilters">Protecting resources
with OAuth filters</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Howtogettheuserloginname">How
to get the user login
  name</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Clientsidesupport">Client-side
support</a></li><li><a shape="rect" href="#JAX-RSOAuth2-OAuth2withouttheExplicitAuthorization">OAuth2
without the Explicit Authorization</a></li><li><a shape="rect" href="#JAX-RSOAuth2-OAuthWithoutaBrowser">OAuth
Without a Browser</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Reportingerrordetails">Reporting
error details</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Designconsiderations">Design
considerations</a></li><ul><li><a shape="rect" href="#JAX-RSOAuth2-ControllingtheAccesstoResourceServer">Controlling
the Access to Resource Server</a></li><ul><li><a shape="rect" href="#JAX-RSOAuth2-Sharingthesameaccesspathbetweenendusersandclients">Sharing
the same access path between end users and clients</a></li><li><a shape="rect"
href="#JAX-RSOAuth2-Providingdifferentaccesspointstoendusersandclients">Providing different
access points to end users and clients</a></li></ul><li><a shape="rect"

 href="#JAX-RSOAuth2-SingleSignOn">Single Sign On</a></li></ul><li><a
shape="rect" href="#JAX-RSOAuth2-WhatIsNext">What Is Next</a></li></ul></div>
 
 <h1><a shape="rect" name="JAX-RSOAuth2-Introduction"></a>Introduction</h1>
 
 <p>CXF 2.6.0 provides an initial implementation of <a shape="rect" class="external-link"
href="http://tools.ietf.org/html/draft-ietf-oauth-v2" rel="nofollow">OAuth 2.0</a>.
See also the <a shape="rect" href="jax-rs-oauth.html" title="JAX-RS OAuth">JAX-RS OAuth</a>
page for information about OAuth 1.0.</p>
 
-<p>Authorization Code, Implicit and Client Credentials grants are currently supported
with other grant handlers to be added later.<br clear="none">
-Custom grant handlers can be registered.</p>
+<p>Authorization Code, Implicit, Client Credentials and Resource Owner Password Credentials
grants are currently supported with other grant handlers to be added later.</p>
+
+<p>Custom grant handlers can be registered.</p>
 
 <p>OAuth2 is a new protocol which offers a complex yet elegant solution toward helping
end users (resource owners) authorize third-party providers to access their resources.</p>
 
@@ -649,6 +650,22 @@ However, supporting other types of end u
 
 <p>Also note that AuthorizationCodeGrantService can return XML or JSON <a shape="rect"
class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthAuthorizationData.java">OAuthAuthorizationData</a>
representations. That makes it easy for a client code to get OAuthAuthorizationData and offer
a pop-up window or get the input from the command-line. Authorizing the third-party application
might even be automated in this case - which can lead to a complete 3-leg OAuth flow implemented
without a human user being involved.</p>
 
+<h1><a shape="rect" name="JAX-RSOAuth2-Reportingerrordetails"></a>Reporting
error details</h1>
+
+<p>This <a shape="rect" class="external-link" href="http://tools.ietf.org/html/draft-ietf-oauth-v2-30#section-5.2"
rel="nofollow">section</a> lists all the error properties that can be returned to
the client application. CXF OAuth2 services will always report a required 'error' property
but will omit the optional error properties by default (for example, in case of access token
grant handlers throwing <a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServiceException.java">OAuthServiceException</a>
initialized with <a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthError.java">OAuthError</a>
which may have the optional properties set).<br clear="none">
+When reporting the optional error properties is actually needed then setting a 'writeCustomErrors'
property to 'true' will help:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+<span class="code-tag">&lt;bean id=<span class="code-quote">"oauthProvider"</span>
class=<span class="code-quote">"oauth2.manager.OAuthManager"</span>/&gt;</span>
+
+<span class="code-tag">&lt;bean id=<span class="code-quote">"accessTokenService"</span>
class=<span class="code-quote">"org.apache.cxf.rs.security.oauth2.services.AccessTokenService"</span>&gt;</span>
+    <span class="code-tag">&lt;property name=<span class="code-quote">"dataProvider"</span>
ref=<span class="code-quote">"oauthProvider"</span>/&gt;</span>
+    <span class="code-tag">&lt;property name=<span class="code-quote">"writeCustomErrors"</span>
value=<span class="code-quote">"true"</span>/&gt;</span>
+<span class="code-tag">&lt;/bean&gt;</span>
+</pre>
+</div></div> 
+
 <h1><a shape="rect" name="JAX-RSOAuth2-Designconsiderations"></a>Design
considerations</h1>
 
 <p>This section will talk about various design considerations one need to take into
account when deploying OAuth-based solutions.</p>
@@ -742,7 +759,7 @@ For example, consider the following JAX-
 
 <p>When dealing with authenticating the end users, having an SSO solution in place
is very handy. This is because the end user interacts with both the third-party and its resource
server web applications and is also redirected from the client application to the resource
server and back again. Additionally, the end user may need to authenticate with Authorization
service if it is not collocated with the application endpoints. OpenID or say a WebBrowser
SSO profile can help. </p>
 
-<p>CXF 2.6.1 provides an initial support for a SAML2 SSO profile. This will make it
easier to minimize a number of sign ins to a single attempt and run OAuth2 Authorization servers
separately from the application endpoints. </p>
+<p>CXF 2.6.1 provides an initial support for a <a shape="rect" href="http://cxf.apache.org/docs/saml-web-sso.html">SAML2
SSO profile</a>. This will make it easier to minimize a number of sign ins to a single
attempt and run OAuth2 Authorization servers separately from the application endpoints. </p>
 
 <h1><a shape="rect" name="JAX-RSOAuth2-WhatIsNext"></a>What Is Next</h1>
 



Mime
View raw message