Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 51911CAA5 for ; Mon, 24 Jun 2013 17:13:25 +0000 (UTC) Received: (qmail 58336 invoked by uid 500); 24 Jun 2013 17:13:09 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 57871 invoked by uid 500); 24 Jun 2013 17:13:03 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 57440 invoked by uid 99); 24 Jun 2013 17:12:55 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 24 Jun 2013 17:12:55 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 24 Jun 2013 17:12:49 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id DBA752388C9C for ; Mon, 24 Jun 2013 17:11:18 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r867253 [36/46] - in /websites/production/cxf/content: ./ 2008/04/28/ 2008/06/20/ 2009/02/10/ 2009/08/04/ cache/ docs/ docs/cxf-architecture.thumbs/ docs/cxf-dependency-graphs.thumbs/ docs/logbrowser-configuration.thumbs/ docs/logbrowser-so... Date: Mon, 24 Jun 2013 17:10:57 -0000 To: commits@cxf.apache.org From: dkulp@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130624171118.DBA752388C9C@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Modified: websites/production/cxf/content/docs/security.html ============================================================================== --- websites/production/cxf/content/docs/security.html (original) +++ websites/production/cxf/content/docs/security.html Mon Jun 24 17:10:51 2013 @@ -25,6 +25,18 @@ + + + + + + + + + Apache CXF -- Security @@ -42,19 +54,15 @@ Apache CXF -- Security     -
- +

+
@@ -94,7 +102,7 @@ Apache CXF -- Security
-
  • Search +
    • Search
      @@ -159,38 +167,38 @@ Apache CXF -- Security

      Example :

      -
      -<jaxws:endpoint address="/soapService">
- <jaxws:inInterceptors>
-   <ref bean="authenticationInterceptor"/>
- </jaxws:inInterceptors>
-</jaxws:endpoint>
-
-<bean id="authenticationInterceptor" class="org.apache.cxf.interceptor.security.JAASLoginInterceptor">
-   <property name="contextName" value="jaasContext"/>
-   <property name="roleClassifier" value="ROLE_"/>
+

      The JAAS authenticator is configured with the name of the JAAS login context (the one usually specified in the JAAS configuration resource which the server is aware of). It is also configured with an optional "roleClassifier" property which is needed by the CXF SecurityContext in order to differentiate between user and role Principals. By default CXF will assume that role Principals are represented by javax.security.acl.Group instances.

      In some cases objects representing a user principal and roles are implementing the same marker interface such as Principal. That can be handled like this:

      -
      -<bean id="authenticationInterceptor" class="org.apache.cxf.interceptor.security.JAASLoginInterceptor">
-   <property name="contextName" value="jaasContext"/>
-   <property name="roleClassifier" value="RolePrincipal"/>
-   <property name="roleClassifierType" value="classname"/>
-</bean>
-<!-- Similarly for JAX-RS endpoints -->
-
      +

      In this case JAASLoginInterceptor will know that the roles are represented by a class whose simple name is RolePrincipal. Note that full class names are also supported.

      @@ -216,39 +224,39 @@ Apache CXF -- Security

      Example :

      -
      -<jaxws:endpoint id="endpoint1" address="/soapService1">
- <jaxws:inInterceptors>
-   <ref bean="authorizationInterceptor"/>
- </jaxws:inInterceptors>
-</jaxws:endpoint>
-
-<bean id="authorizationInterceptor" class="org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor">
-   <property name="methodRolesMap">
-      <map>
-        <!-- no wildcard support, names need to match exactly -->
-        <entry key="addNumbers" value="ROLE_USER ROLE_ADMIN"/>
-        <entry key="divideNumbers" value="ROLE_ADMIN"/>
-      </map>
-   </property>
-   <!-- its possible to define global roles that apply to all WSDL operations not listed above -->
-   <property name="globalRoles" value="ROLE_ADMIN"/>
-</bean>
-
-<jaxws:endpoint id="endpoint2" address="/soapService2" implementor="#secureBean">
- <jaxws:inInterceptors>
-   <ref bean="authorizationInterceptor2"/>
- </jaxws:inInterceptors>
-</jaxws:endpoint>
-
-<!-- This bean is annotated with secure annotations such as RolesAllowed -->
-<bean id="secureBean" class="org.apache.cxf.tests.security.SecureService"/>
-
-<bean id="authorizationInterceptor2" class="org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor">
-   <property name="securedObject" ref="secureBean"/>
-</bean>
+

      Controlling Large Request Payloads

      @@ -259,32 +267,32 @@ Apache CXF -- Security

      The complete number of XML elements, the number of immediate children of a given XML element may contain and the stack depth of the payload can be restricted, for example:

      -
      -<bean id="depthInterceptor" class="org.apache.cxf.interceptor.security.DepthRestrictingStreamInterceptor">
-  <!-- Total number of elements in the XML payload -->
-  <property name="elementCountThreshold" value="5000"/>
-
-  <!-- Total number of child elements for XML elements -->
-  <property name="innerElementCountThreshold" value="3000"/>
-
-  <!-- Maximum stack depth of the XML payload -->
-  <property name="innerElementLevelThreshold" value="20"/>
-
-</bean>
-
-<jaxws:endpoint>
-  <jaxws:inInterceptors>
-   <ref bean="depthInterceptor"/>
- </jaxws:inInterceptors>
-<jaxws:endpoint>
-
-<jaxrs:server>
-  <jaxrs:inInterceptors>
-   <ref bean="depthInterceptor"/>
- </jaxrs:inInterceptors>
-<jaxrs:server>
+

      When one of the limits is reached, the error is returned. JAX-WS consumers will receive 500, JAX-RS/HTTP consumers: 413.

      Modified: websites/production/cxf/content/docs/server-http-transport.html ============================================================================== --- websites/production/cxf/content/docs/server-http-transport.html (original) +++ websites/production/cxf/content/docs/server-http-transport.html Mon Jun 24 17:10:51 2013 @@ -25,6 +25,17 @@ + + + + + + + + Apache CXF -- Server HTTP Transport @@ -42,19 +53,15 @@ Apache CXF -- Server HTTP Transport
    -
- +

+
@@ -94,7 +101,7 @@ Apache CXF -- Server HTTP Transport
-
  • Search +
    • Search
      @@ -136,15 +143,15 @@ Apache CXF -- Server HTTP Transport

      The elements used to configure an HTTP provider endpoint are defined in the namespace http://cxf.apache.org/transports/http/configuration. It is commonly referred to using the prefix http-conf. In order to use the HTTP configuration elements you will need to add the lines shown below to the beans element of your endpoint's configuration file. In addition, you will need to add the configuration elements' namespace to the xsi:schemaLocation attribute.

      Adding the Configuration Namespace
      -
      +

      The destination element

      @@ -152,14 +159,14 @@ Apache CXF -- Server HTTP Transport

      You configure an HTTP server endpoint using the http-conf:destination element and its children. The http-conf:destination element takes a single attribute, name, the specifies the WSDL port element that corresponds to the endpoint. The value for the name attribute takes the form portQName.http-destination. The example below shows the http-conf:destination element that would be used to add configuration for an endpoint that was specified by the WSDL fragment <port binding="widgetSOAPBinding" name="widgetSOAPPort> if the endpoint's target namespace was http://widgets.widgetvendor.net.

      http-conf:destination Element
      -
      +

      The http-conf:destination element has a number of child elements that specify configuration information. They are described below.

      @@ -182,23 +189,23 @@ Apache CXF -- Server HTTP Transport

      The example below shows a the configuration for an HTTP service provider endpoint that honors keep alive requests and suppresses all communication errors.

      HTTP Service Provider Endpoint Configuration
      -
      -<beans xmlns="http://www.springframework.org/schema/beans"
-       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
-       xsi:schemaLocation="http://cxf.apache.org/transports/http/configuration
-           http://cxf.apache.org/schemas/configuration/http-conf.xsd
-           http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans.xsd">
-   
+

      Using WSDL

      @@ -207,10 +214,10 @@ Apache CXF -- Server HTTP Transport

      The WSDL extension elements used to configure an HTTP server endpoint are defined in the namespace http://cxf.apache.org/transports/http/configuration. It is commonly refered to using the prefix http-conf. In order to use the HTTP configuration elements you will need to add the line shown below to the definitions element of your endpoint's WSDL document.

      HTTP Provider WSDL Element's Namespace
      -
      +

      The server element

      @@ -222,14 +229,14 @@ Apache CXF -- Server HTTP Transport

      The example below shows a WSDL fragment that configures an HTTP server endpoint to specify that it will not interact with caches.

      WSDL to Configure an HTTP Service Provider Endpoint
      -
      +

      Server Cache Control Directives

      Modified: websites/production/cxf/content/docs/server-service-and-client-factorybeans.html ============================================================================== --- websites/production/cxf/content/docs/server-service-and-client-factorybeans.html (original) +++ websites/production/cxf/content/docs/server-service-and-client-factorybeans.html Mon Jun 24 17:10:51 2013 @@ -25,6 +25,17 @@ + + + + + + + + Apache CXF -- Server, Service, and Client FactoryBeans @@ -42,19 +53,15 @@ Apache CXF -- Server, Service, and Clien
    -
- +

+
@@ -94,7 +101,7 @@ Apache CXF -- Server, Service, and Clien
-
  • Search +
    • Search
      @@ -141,18 +148,18 @@ Apache CXF -- Server, Service, and Clien

      To add your own service configuration:

      -
      -MyServiceConfiguration config = new AbstractServiceConfiguration() {
-... // your implementation
-};
-ReflectionServiceFactoryBean serviceFactory = new ReflectionServiceFactoryBean();
+
      Modified: websites/production/cxf/content/docs/service-routing.html ============================================================================== --- websites/production/cxf/content/docs/service-routing.html (original) +++ websites/production/cxf/content/docs/service-routing.html Mon Jun 24 17:10:51 2013 @@ -25,6 +25,18 @@ + + + + + + + + + Apache CXF -- Service Routing @@ -42,19 +54,15 @@ Apache CXF -- Service Routing
    -
- +

+
@@ -94,7 +102,7 @@ Apache CXF -- Service Routing
-
  • Search +
    • Search
      @@ -130,18 +138,18 @@ Apache CXF -- Service Routing

      One common practice to version web services is using XML namespaces to clearly delineate the versions of a document that are compatible. For example:

      -
      -<wsdl:types>
+

      Among many different possible implementations of service routing, one simple way ("simple" in terms of amount of code you have to write, but it does require a certain extent of familiarity with CXF internal architecture) to do this is by writing a CXF interceptor that acts as a routing mediator.

      @@ -151,156 +159,156 @@ Apache CXF -- Service Routing

      Lets see the code:

      Example 1: The server - this server has three endpoints: one endpoint for the dummy service, another two endpoints are different versions of Greeter service
      -
      +
      Example 2: The intermediary interceptor
      -
      -import java.io.BufferedInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.List;
-
-import javax.xml.stream.XMLInputFactory;
-import javax.xml.stream.XMLStreamConstants;
-import javax.xml.stream.XMLStreamException;
-import javax.xml.stream.XMLStreamReader;
-
-import org.apache.cxf.Bus;
-import org.apache.cxf.binding.soap.SoapMessage;
-import org.apache.cxf.binding.soap.SoapVersion;
-import org.apache.cxf.binding.soap.SoapVersionFactory;
-import org.apache.cxf.bus.CXFBusFactory;
-import org.apache.cxf.endpoint.Server;
-import org.apache.cxf.endpoint.ServerRegistry;
-import org.apache.cxf.interceptor.InterceptorChain;
-import org.apache.cxf.interceptor.StaxInInterceptor;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.phase.AbstractPhaseInterceptor;
-import org.apache.cxf.phase.Phase;
-import org.apache.cxf.staxutils.DepthXMLStreamReader;
-import org.apache.cxf.staxutils.StaxUtils;
-import org.apache.cxf.transport.MessageObserver;
+
      Modified: websites/production/cxf/content/docs/servlet-transport.html ============================================================================== --- websites/production/cxf/content/docs/servlet-transport.html (original) +++ websites/production/cxf/content/docs/servlet-transport.html Mon Jun 24 17:10:51 2013 @@ -25,6 +25,18 @@ + + + + + + + + + Apache CXF -- Servlet Transport @@ -42,19 +54,15 @@ Apache CXF -- Servlet Transport
    -
- +

+
@@ -94,7 +102,7 @@ Apache CXF -- Servlet Transport
-
  • Search +
    • Search
      @@ -132,83 +140,83 @@ Apache CXF -- Servlet Transport

      Next, you'll need to add CXFServlet to your web.xml:

      -
      -<?xml version="1.0" encoding="ISO-8859-1"?>
+

      Alternatively, you can point to the configuration file using a CXFServlet init parameter :

      -
      -<?xml version="1.0" encoding="ISO-8859-1"?>
+

      The next step is to actually write the configuration file:

      -
      -<beans xmlns="http://www.springframework.org/schema/beans"
-      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-      xmlns:jaxws="http://cxf.apache.org/jaxws"
-      xmlns:jaxrs="http://cxf.apache.org/jaxrs"
+

      Here we're creating a JAX-WS endpoint based on our implementation class, GreeterImpl.

      @@ -271,42 +279,42 @@ Apache CXF -- Servlet Transport

      Option1. Delegating to Default Servlet

      -
      -<servlet>
-   <servlet-name>CXFServlet</servlet-name>
-   <display-name>CXF Servlet</display-name>
-   <servlet-class>
+

      Note that the redirects-list parameter has two space separated values, "/" and "index.html". The request attribute 'javax.servlet.include.request_uri' might need to be set for the underlying container like Jetty to successfully read "index.html".

      @@ -314,28 +322,28 @@ Apache CXF -- Servlet Transport

      Option2. Using CXFServlet itself to read index.html

      -
      -<servlet>
-   <servlet-name>CXFServlet</servlet-name>
-   <display-name>CXF Servlet</display-name>
-   <servlet-class>
+
      @@ -343,18 +351,18 @@ Apache CXF -- Servlet Transport

      Once your Servlet is registered in your web.xml, you should set the default bus with CXFServlet's bus to make sure that CXF uses it as its HTTP Transport. Simply publish with the related path "Greeter" and your service should appear at the address you specify:

      -
      -import javax.xml.ws.Endpoint;
-import org.apache.cxf.Bus;
-import org.apache.cxf.BusFactory;
-import org.apache.cxf.transport.servlet.CXFServlet;
+

      The one thing you must ensure is that your CXFServlet is set up to listen on that path. Otherwise the CXFServlet will never receive the requests.

      @@ -369,73 +377,73 @@ Endpoint.publish(
      -
      -import javax.xml.ws.Endpoint;
+

      If you are using the Jetty as the embedded servlet engine, you could publish endpoint like this:

      -
      -import javax.xml.ws.Endpoint;
+

      Accessing the MessageContext and/or HTTP Request and Response

      @@ -444,18 +452,18 @@ Endpoint.publish(WebServiceContext in your service implementation, and annotate it as a resource:

      -
      +

      Then, within your implementing methods, you can access the MessageContext, HttpServletRequest, and HttpServletResponse as follows:

      -
      -import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.ws.handler.MessageContext;
-import org.apache.cxf.transport.http.AbstractHTTPDestination;
+

      Of course, it is always a good idea to program defensively if using transport-specific entities like the HttpServletRequest and HttpServletResponse. If the transport were changed (for instance to the JMS transport), then these values would likely be null.