Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 1048ADED4 for ; Tue, 7 Aug 2012 10:59:09 +0000 (UTC) Received: (qmail 36850 invoked by uid 500); 7 Aug 2012 10:59:09 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 36734 invoked by uid 500); 7 Aug 2012 10:59:08 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 36723 invoked by uid 99); 7 Aug 2012 10:59:08 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Aug 2012 10:59:08 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Aug 2012 10:59:06 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 01CC8238897F; Tue, 7 Aug 2012 10:58:22 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1370166 - /cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Date: Tue, 07 Aug 2012 10:58:21 -0000 To: commits@cxf.apache.org From: coheigea@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20120807105822.01CC8238897F@eris.apache.org> Author: coheigea Date: Tue Aug 7 10:58:21 2012 New Revision: 1370166 URL: http://svn.apache.org/viewvc?rev=1370166&view=rev Log: Merged revisions 1370163 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/branches/2.6.x-fixes ........ r1370163 | coheigea | 2012-08-07 11:53:33 +0100 (Tue, 07 Aug 2012) | 10 lines Merged revisions 1370161 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/trunk ........ r1370161 | coheigea | 2012-08-07 11:33:02 +0100 (Tue, 07 Aug 2012) | 2 lines Updated SecurityPolicy documentation. ........ ........ Modified: cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Modified: cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=1370166&r1=1370165&r2=1370166&view=diff ============================================================================== --- cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java (original) +++ cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java Tue Aug 7 10:58:21 2012 @@ -142,7 +142,9 @@ public final class SecurityConstants { //Be default, we will encrypt as well for interop reasons. However, this //setting can be set to false to turn that off. /** - * Whether to always encrypt UsernameTokens whenever possible. The default is true. + * Whether to always encrypt UsernameTokens that are defined as a SupportingToken. The default + * is true. This should not be set to false in a production environment, as it exposes the + * password (or the digest of the password) on the wire. */ public static final String ALWAYS_ENCRYPT_UT = "ws-security.username-token.always.encrypted"; @@ -177,8 +179,8 @@ public final class SecurityConstants { // /** - * The time in seconds after Creation that an incoming Timestamp is valid for. The default - * value is 300 seconds (5 minutes). + * The time in seconds to append to the Creation value of an incoming Timestamp to determine + * whether to accept the Timestamp as valid or not. The default value is 300 seconds (5 minutes). */ public static final String TIMESTAMP_TTL = "ws-security.timestamp.timeToLive";