cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r866777 - in /websites/production/cxf/content: cache/docs.pageCache docs/ws-security.html docs/xml-key-management-service-xkms.html
Date Fri, 21 Jun 2013 10:48:03 GMT
Author: buildbot
Date: Fri Jun 21 10:48:02 2013
New Revision: 866777

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/docs.pageCache
    websites/production/cxf/content/docs/ws-security.html
    websites/production/cxf/content/docs/xml-key-management-service-xkms.html

Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/docs/ws-security.html
==============================================================================
--- websites/production/cxf/content/docs/ws-security.html (original)
+++ websites/production/cxf/content/docs/ws-security.html Fri Jun 21 10:48:02 2013
@@ -25,6 +25,8 @@
 <meta http-equiv="Content-type" content="text/html;charset=UTF-8">
 <meta name="keywords" content="business integration, EAI, SOA, Service Oriented Architecture,
web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support,
integration standards, application integration, middleware, software, solutions, services,
CXF, open source">
 <meta name="description" content="Apache CXF, Services Framework - WS-Security">
+
+
     <title>
 Apache CXF -- WS-Security
     </title>
@@ -124,7 +126,7 @@ Apache CXF -- WS-Security
 <div id="ConfluenceContent"><h1><a shape="rect" name="WS-Security-WSSecurity"></a>WS-Security</h1>
 
 <p>WS-Security provides means to secure your services above and beyond transport level
protocols such as HTTPS. Through a number of standards such as XML-Encryption, and headers
defined in the WS-Security standard, it allows you to:</p>
-<ul><li>Pass authentication tokens between services</li><li>Encrypt
messages or parts of messages</li><li>Sign messages</li><li>Timestamp
messages</li></ul>
+<ul><li>Pass authentication tokens between services</li><li>Encrypt
messages or parts of messages</li><li>Sign messages</li><li>Timestamp
messages</li><li>Manage public keys using <a shape="rect" href="http://cxf.apache.org/docs/xml-key-management-service-xkms.html">XKMS</a></li></ul>
 
 
 <p>CXF relies on <a shape="rect" class="external-link" href="http://ws.apache.org/wss4j">WSS4J</a>
in large part to implement WS-Security.  Within your own services, WS-Security can be activated
by using <a shape="rect" href="http://cxf.apache.org/docs/ws-securitypolicy.html">WS-SecurityPolicy</a>,
which provides a comprehensive and sophisticated validation of the security properties of
a received message.  A non-WS-SecurityPolicy approach is usually also possible by way of CXF
interceptors added to your service and/or client as detailed in this article.</p>

Modified: websites/production/cxf/content/docs/xml-key-management-service-xkms.html
==============================================================================
--- websites/production/cxf/content/docs/xml-key-management-service-xkms.html (original)
+++ websites/production/cxf/content/docs/xml-key-management-service-xkms.html Fri Jun 21 10:48:02
2013
@@ -246,6 +246,7 @@ Sample spring configuration of XKMS hand
 </pre>
 </div></div>
 
+
 <p>dateValidator and trustedAuthorityValidator beans are implementations of Validator
interface for validity date and trusted chain validation. <br clear="none">
 x509Locator and x509Register are implementations of Locator and Register interfaces for X509
certificates.<br clear="none">
 certificateRepo is repository implementation for LDAP backend. LdapSearch and LdapSchemaConfig
contain LDAP configuration described in the following table:</p>
@@ -262,6 +263,37 @@ certificateRepo is repository implementa
 </div>
 
 
+<p>XKMS service endpoint is configured in following way:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<pre class="code-xml">
+    <span class="code-tag">&lt;bean id=<span class="code-quote">"xkmsProviderBean"</span>
class=<span class="code-quote">"org.apache.cxf.xkms.service.XKMSService"</span>&gt;</span>
+        <span class="code-tag">&lt;property name=<span class="code-quote">"validators"</span>&gt;</span>
+            <span class="code-tag">&lt;list&gt;</span>
+                <span class="code-tag">&lt;ref bean=<span class="code-quote">"dateValidator"</span>
/&gt;</span>
+                <span class="code-tag">&lt;ref bean=<span class="code-quote">"trustedAuthorityValidator"</span>
/&gt;</span>
+            <span class="code-tag">&lt;/list&gt;</span>
+        <span class="code-tag">&lt;/property&gt;</span>
+        <span class="code-tag">&lt;property name=<span class="code-quote">"locators"</span>&gt;</span>
+            <span class="code-tag">&lt;list&gt;</span>
+                <span class="code-tag">&lt;ref bean=<span class="code-quote">"x509Locator"</span>
/&gt;</span>
+            <span class="code-tag">&lt;/list&gt;</span>
+        <span class="code-tag">&lt;/property&gt;</span>
+        <span class="code-tag">&lt;property name=<span class="code-quote">"keyRegisterHandlers"</span>&gt;</span>
+            <span class="code-tag">&lt;list&gt;</span>
+                <span class="code-tag">&lt;ref bean=<span class="code-quote">"x509Register"</span>
/&gt;</span>
+            <span class="code-tag">&lt;/list&gt;</span>
+        <span class="code-tag">&lt;/property&gt;</span>
+    <span class="code-tag">&lt;/bean&gt;</span>
+
+    &lt;jaxws:endpoint id=<span class="code-quote">"XKMSService"</span>
+        <span class="code-keyword">xmlns:serviceNamespace</span>=<span class="code-quote">"http://www.w3.org/2002/03/xkms#wsdl"</span>
+        serviceName=<span class="code-quote">"serviceNamespace:XKMSService"</span>
endpointName=<span class="code-quote">"serviceNamespace:XKMSPort"</span>
+        implementor=<span class="code-quote">"#xkmsProviderBean"</span> address=<span
class="code-quote">"/XKMS"</span>&gt;
+    <span class="code-tag">&lt;/jaxws:endpoint&gt;</span>
+</pre>
+</div></div>
+
 <h4><a shape="rect" name="XMLKeyManagementService%28XKMS%29-IntegrationXKMSclientintoCXFruntime."></a>Integration
XKMS client into CXF runtime.</h4>
 
 <p>XKMS client can be integrated into CXF and WSS4J using custom Crypto provider implementation.
In this case XKMS service will be automatically invoked when WSS4J requires or validates certificate.
Details are described in this <a shape="rect" class="external-link" href="http://ashakirin.blogspot.de/2013/04/cxf-security-getting-certificates-from.html"
rel="nofollow">blog</a>. Sample XKMS based implementation of WSS4J Crypto interface
is contributed into XKMS Client component. </p>



Mime
View raw message