cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrei Shakirin (Confluence)" <conflue...@apache.org>
Subject [CONF] Apache CXF Documentation > XML Key Management Service (XKMS)
Date Fri, 03 Jan 2014 09:57:00 GMT
<html>
    <head>
        <meta name="viewport" content="width=device-width" />
        <base href="https://cwiki.apache.org/confluence" />
        <style type="text/css">
    body, #email-content, #email-content-inner { font-family: Arial,FreeSans,Helvetica,sans-serif; }
    body, p, blockquote, pre, code, td, th, li, dt, dd { font-size: 13px; }
    small { font-size: 11px; }

    body { width:100% !important; -webkit-font-smoothing: antialiased; }

    body,
    #email-wrapper { background-color: #f0f0f0; }
    #email-wrapper-inner { padding: 20px; text-align: center; }
    #email-content-inner { background-color: #fff; border: 1px solid #bbb; color: $menuTxtColour; padding:20px; text-align:left; }
    #email-wrapper-inner > table { width: 100%; }
    #email-wrapper-inner.thin > table { margin: 0 auto; width: 50%; }
    #email-footer { padding: 0 16px 32px 16px; margin: 0; }

    .email-indent { margin: 8px 0 16px 0; }
    .email-comment { margin: 0 0 0 56px; }
    .email-comment.removed { background-color: #ffe7e7; border: 1px solid #df9898; padding: 0 8px;}

    #email-title-avatar { text-align: left; vertical-align: top; width: 48px; padding-right: 8px; }
    #email-title-flavor { margin: 0; padding: 0 0 4px 0; }
    #email-title-heading { font-size: 16px; line-height: 20px; min-height: 20px; margin: 0; padding: 0; }
    #email-title .icon { border: 0; padding: 0 5px 0 0; text-align: left; vertical-align: middle; }

    #email-actions { border-top: 1px solid #bbb; color: #505050; margin: 8px 0 0 0; padding: 0; }
    #email-actions td { padding-top: 8px; }
    #email-actions .left { max-width: 45%; text-align: left; }
    #email-actions .right { text-align: right; }
    .email-reply-divider { border-top: 1px solid #bbb; color: #505050; margin: 32px 0 8px 0; padding: 8px 0; }
    .email-section-title { border-bottom: 1px solid #bbb; margin: 8px 0; padding: 8px 0 0 0; }

    .email-metadata { color: #505050; }

    a { color: #326ca6; text-decoration: none; }
    a:hover { color: #336ca6; text-decoration: underline; }
    a:active {color: #326ca6; }

    a.email-footer-link { color: #505050; font-size: 11px; }

    .email-item-list { list-style: none; margin: 4px 0; padding-left: 0; }
    .email-item-list li { list-style: none; margin: 0; padding: 4px 0; }
    .email-list-divider { color: #505050; padding: 0 0.35em; }
    .email-operation-icon { padding-right: 5px; }

    .avatar { -ms-interpolation-mode: bicubic; border-radius: 3px;}
    .avatar-link { margin: 2px; }

    .tableview th { border-bottom: 1px solid #69C; font-weight: bold; text-align: left; }
    .tableview td { border-bottom: 1px solid #bbbbbb; text-align: left; padding: 4px 16px 4px 0; }

    .aui-message {  margin: 1em 0; padding: 8px; }
    .aui-message.info { background-color: #e0f0ff; border: 1px solid #9eb6d4; }
    .aui-message.success { background-color: #ddfade; border: 1px solid #93c49f; }
    .aui-message.error,
    .aui-message.removed { background-color: #ffe7e7; border: 1px solid #df9898; color: #000; }

    .call-to-action-table { margin: 10px 1px 1px 1px;}
    .call-to-cancel-container, .call-to-action-container { padding: 5px 20px; }
    .call-to-cancel-container { border: 1px solid #aaa; background-color: #eee; border-radius: 3px; }
    .call-to-cancel-container a.call-to-cancel-button { background-color: #eee; font-size: 14px; line-height: 1; padding: 0; margin: 0; color: #666; font-family: sans-serif;}
    .call-to-action-container { border: 1px solid #486582;  background-color: #3068A2; border-radius: 3px; padding: 4px 10px; }
    .call-to-action-container a.call-to-action-button { background-color: #3068A2; font-size: 14px; line-height: 1; padding: 0; margin: 0; color: #fff; font-weight: bold; font-family: sans-serif; }

    /** The span around the inline task checkbox image */
    .diff-inline-task-overlay {
        display: inline-block;
        text-align: center;
        height: 1.5em;
        padding: 5px 0px 1px 5px;
        margin-right: 5px;
        /** Unfortunately, the negative margin-left is stripped out in gmail */
        margin-left: -5px;
    }

            @media handheld, only screen and (max-device-width: 480px) {
        div, a, p, td, th, li, dt, dd { -webkit-text-size-adjust: auto; }
        small, small a { -webkit-text-size-adjust: 90%; }

        td[id=email-wrapper-inner] { padding: 2px !important; }
        td[id=email-content-inner] { padding: 8px !important; }
        td[id="email-wrapper-inner"][class="thin"] > table { text-align: left !important; width: 100% !important; }
        td[id=email-footer] { padding: 8px 12px !important; }
        div[class=email-indent] { margin: 8px 0px !important; }
        div[class=email-comment] { margin: 0 !important; }

        p[id=email-title-flavor] a { display: block; } /* puts the username and the action on separate lines */
        p[id=email-permalink] { padding: 4px 0 0 0 !important; }

        table[id=email-actions] td { padding-top: 0 !important; }
        table[id=email-actions] td.right { text-align: right !important; }
        table[id=email-actions] .email-list-item { display: block; margin: 1em 0 !important; word-wrap: normal !important; }
        span[class=email-list-divider] { display: none; }
    }



        </style>
    </head>
    <body style="font-family: Arial, FreeSans, Helvetica, sans-serif; font-size: 13px; width: 100%; -webkit-font-smoothing: antialiased; background-color: #f0f0f0">
        <table id="email-wrapper" width="100%" cellspacing="0" cellpadding="0" border="0" style="background-color: #f0f0f0">
            <tbody>
                <tr valign="middle">
                    <td id="email-wrapper-inner" style="font-size: 13px; padding: 20px; text-align: center">
                        <table id="email-content" cellspacing="0" cellpadding="0" border="0" style="font-family: Arial, FreeSans, Helvetica, sans-serif; width: 100%">
                            <tbody>
                                <tr valign="top">
                                    <td id="email-content-inner" align="left" style="font-family: Arial, FreeSans, Helvetica, sans-serif; font-size: 13px; background-color: #fff; border: 1px solid #bbb; padding: 20px; text-align: left">
                                        <table id="email-title" cellpadding="0" cellspacing="0" border="0" width="100%">
                                            <tbody>
                                                <tr>
                                                    <td id="email-title-avatar" rowspan="2" style="font-size: 13px; text-align: left; vertical-align: top; width: 48px; padding-right: 8px"> <img class="avatar" src="cid:avatar_d3f34650e92c4382fb4c4dca616d06e7" border="0" height="48" width="48" style="-ms-interpolation-mode: bicubic; border-radius: 3px" /> </td>
                                                    <td valign="top" style="font-size: 13px">
                                                        <div id="email-title-flavor" class="email-metadata" style="margin: 0; padding: 0 0 4px 0; color: #505050">
                                                            <a href="    https://cwiki.apache.org/confluence/display/~ashakirin " style="color:#326ca6;text-decoration:none;; color: #326ca6; text-decoration: none">Andrei Shakirin</a> edited the page:
                                                        </div> </td>
                                                </tr>
                                                <tr>
                                                    <td valign="top" style="font-size: 13px"> <h2 id="email-title-heading" style="font-size: 16px; line-height: 20px; min-height: 20px; margin: 0; padding: 0"> <a href="https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=31820321" style="color: #326ca6; text-decoration: none"> <img class="icon" src="cid:page-icon" alt="" style="border: 0; padding: 0 5px 0 0; text-align: left; vertical-align: middle" /> <strong style="font-size:16px;line-height:20px;vertical-align:top;">XML Key Management Service (XKMS)</strong> </a> </h2> </td>
                                                </tr>
                                            </tbody>
                                        </table>
                                        <div class="email-indent" style="margin: 8px 0 16px 0">
                                            <div class="email-diff">
                                                <div id="page-diffs" class="wiki-content">
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">The XKMS SOAP interface can be used as a standard frontend to access the Public Key Infrastructure (PKI). Using XKMS message encryption scenario, the message encryption picture will change in the following way:</p>
                                                    <p class="diff-block-context" style="font-size: 13px"> <img class="confluence-embedded-image" src="/confluence/download/attachments/31820321/classic-message-encryption-PKI-XKMS.jpg?version=1&amp;modificationDate=1367579177000&amp;api=v2" data-image-src="/confluence/download/attachments/31820321/classic-message-encryption-PKI-XKMS.jpg?version=1&amp;modificationDate=1367579177000&amp;api=v2" /></p>
                                                    <p class="diff-block-target diff-block-context" style="font-size: 13px"> <span class="diff-html-added" id="added-diff-0" style="font-size: 100%; background-color: #ddfade;">Receiver X509 certificate is not saved into sender's local keystore anymore. Instead, certificate is stored into central PKI and can be located, validated and administrated using standard </span><span class="diff-html-changed" id="changed-diff-0" style="background-color: #d6f0ff;">XKMS </span><span class="diff-html-added" id="added-diff-1" style="font-size: 100%; background-color: #ddfade;">interface. This essentially improves the control on certificates in large services landscape.</span> </p>
                                                    <p class="diff-block-target diff-block-context" style="font-size: 13px"> <span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">Administrator can update, renew and revoke certificates, manage certification authorities and revocation lists.</span> </p>
                                                    <h3 id="XMLKeyManagementService(XKMS)-XKMSDesign" class="diff-block-target diff-block-context"> <span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">XKMS </span>Design</h3>
                                                    <p class="diff-block-context" style="font-size: 13px">Internal structure of XKMS service is represented in the following figure:</p>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">Currently the XKMS Service supports simple file based and LDAP backends.<br /> Sample spring configuration of XKMS handlers looks like:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-0" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;beans xmlns=&quot;http://www.springframework.org/schema/beans&quot;
    xmlns:cxf=&quot;http://cxf.apache.org/core&quot; xmlns:jaxws=&quot;http://cxf.apache.org/jaxws&quot;
    xmlns:test=&quot;http://apache.org/hello_world_soap_http&quot; xmlns:xsi=&quot;http://www.w3.org/2001/XMLSchema-instance&quot;
    xmlns:util=&quot;http://www.springframework.org/schema/util&quot;
    xsi:schemaLocation=&quot;
        http://cxf.apache.org/core
        http://cxf.apache.org/schemas/core.xsd
        http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
        http://cxf.apache.org/jaxws
        http://cxf.apache.org/schemas/jaxws.xsd
        http://www.springframework.org/schema/util
        http://www.springframework.org/schema/util/spring-util-2.0.xsd&quot;&gt;


    &lt;bean id=&quot;dateValidator&quot; class=&quot;org.apache.cxf.xkms.x509.validator.DateValidator&quot; /&gt;

    &lt;bean id=&quot;trustedAuthorityValidator&quot;
        class=&quot;org.apache.cxf.xkms.x509.validator.TrustedAuthorityValidator&quot;&gt;
        &lt;constructor-arg ref=&quot;certificateRepo&quot; /&gt;
    &lt;/bean&gt;

    &lt;bean id=&quot;x509Locator&quot; class=&quot;org.apache.cxf.xkms.x509.handlers.X509Locator&quot;&gt;
        &lt;constructor-arg ref=&quot;certificateRepo&quot; /&gt;
    &lt;/bean&gt;

    &lt;bean id=&quot;x509Register&quot;
        class=&quot;org.apache.cxf.xkms.x509.handlers.x509Register&quot;&gt;
        &lt;constructor-arg ref=&quot;certificateRepo&quot; /&gt;
    &lt;/bean&gt;


    &lt;!-- LDAP based implementation --&gt;

    &lt;bean id=&quot;certificateRepo&quot;
        class=&quot;org.apache.cxf.xkms.x509.repo.ldap.LdapCertificateRepo&quot;&gt;
        &lt;constructor-arg ref=&quot;ldapSearch&quot; /&gt;
        &lt;constructor-arg ref=&quot;ldapSchemaConfig&quot; /&gt;
        &lt;constructor-arg value=&quot;dc=example,dc=com&quot; /&gt;
    &lt;/bean&gt;

    &lt;bean id=&quot;ldapSearch&quot; class=&quot;org.apache.cxf.xkms.x509.repo.ldap.LdapSearch&quot;&gt;
        &lt;constructor-arg value=&quot;ldap://localhost:2389&quot; /&gt;
        &lt;constructor-arg value=&quot;cn=Directory Manager,dc=example,dc=com&quot; /&gt;
        &lt;constructor-arg value=&quot;test&quot; /&gt;
        &lt;constructor-arg value=&quot;2&quot; /&gt;
    &lt;/bean&gt;

    &lt;bean id=&quot;ldapSchemaConfig&quot; class=&quot;org.apache.cxf.xkms.x509.repo.ldap.LdapSchemaConfig&quot;&gt;
        &lt;property name=&quot;certObjectClass&quot; value=&quot;inetOrgPerson&quot; /&gt;
        &lt;property name=&quot;attrUID&quot; value=&quot;uid&quot; /&gt;
        &lt;property name=&quot;attrIssuerID&quot; value=&quot;manager&quot; /&gt;
        &lt;property name=&quot;attrSerialNumber&quot; value=&quot;employeeNumber&quot; /&gt;
        &lt;property name=&quot;attrCrtBinary&quot; value=&quot;userCertificate;binary&quot; /&gt;
        &lt;property name=&quot;constAttrNamesCSV&quot; value=&quot;sn&quot; /&gt;
        &lt;property name=&quot;constAttrValuesCSV&quot; value=&quot;X509 certificate&quot; /&gt;
        &lt;property name=&quot;serviceCertRDNTemplate&quot; value=&quot;cn=%s,ou=services&quot; /&gt;
        &lt;property name=&quot;serviceCertUIDTemplate&quot; value=&quot;cn=%s&quot; /&gt;
	&lt;property name=&quot;trustedAuthorityFilter&quot; value=&quot;(&amp;#038;(objectClass=inetOrgPerson)(ou:dn:=CAs))&quot; /&gt;
	&lt;property name=&quot;intermediateFilter&quot; value=&quot;(objectClass=inetOrgPerson)&quot; /&gt;
    &lt;/bean&gt;


    &lt;!-- File based implementation --&gt;

    &lt;!-- bean id=&quot;certificateRepo&quot;
        class=&quot;org.apache.cxf.xkms.x509.repo.file.FileCertificateRepo&quot;&gt;
        &lt;constructor-arg value=&quot;../conf/certs&quot; /&gt;
    &lt;/bean--&gt;

&lt;/beans&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <div class="table-wrap diff-block-target">
                                                        <table class="confluenceTable" style="border-collapse: collapse; border: 1px solid #ddd;">
                                                            <tbody>
                                                                <tr>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Property</p> </th>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Sample Value</p> </th>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Description</p> </th>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">ldapServerConfig arguments</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">&nbsp;</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">URL, baseDN and credentials of LDAP Server</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">certObjectClass</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">inetOrgPerson</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">LDAP object class used to store certificates</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">attrUID</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">uid</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Attribute containing X509 subject DN</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">attrIssuerID</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">manager</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">LDAP attribute containing X509 issuer DN</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">attrSerialNumber</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">employeeNumber</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">LDAP attribute containing X509 serial number</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" id="added-diff-2" style="font-size: 100%; background-color: #ddfade;">attrEndpoint</span></td>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">labeledURI</span></td>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">LDAP attribute containing service endpoint (used in case of endpoint based lookup)</span></td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">attrCrtBinary</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">userCertificate</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">LDAP attribute containing X509 certificate content</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">constAttrNamesCSV</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">sn</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Comma separated list of mandatory LDAP attributes</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">constAttrValuesCSV</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">X509 certificate</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Comma separated list of mandatory LDAP attributes values</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">serviceCertRDNTemplate</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">cn=%s,ou=services</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Relative distinguished name for service certificates</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">serviceCertUIDTemplate</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">cn=%s</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Template to transform service QName to DN for storing into attrUID</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">trustedAuthorityFilter</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">(&amp;(objectClass=inetOrgPerson)(ou:dn:=CAs))</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Filter to determine trusted CAs for trusted chain validation</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">intermediateFilter</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">(objectClass=inetOrgPerson)</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Filter to determine intermediate certificates for trusted chain validation</p> </td>
                                                                </tr>
                                                            </tbody>
                                                        </table>
                                                    </div>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">XKMS service endpoint is configured in the following way:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-1" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;"> </span>&lt;bean id=&quot;xkmsProviderBean&quot; class=&quot;org.apache.cxf.xkms.service.XKMSService&quot;&gt;
        &lt;property name=&quot;validators&quot;&gt;
            &lt;list&gt;
                &lt;ref bean=&quot;dateValidator&quot; /&gt;
                &lt;ref bean=&quot;trustedAuthorityValidator&quot; /&gt;
            &lt;/list&gt;
        &lt;/property&gt;
        &lt;property name=&quot;locators&quot;&gt;
            &lt;list&gt;
                &lt;ref bean=&quot;x509Locator&quot; /&gt;
            &lt;/list&gt;
        &lt;/property&gt;
        &lt;property name=&quot;keyRegisterHandlers&quot;&gt;
            &lt;list&gt;
                &lt;ref bean=&quot;x509Register&quot; /&gt;
            &lt;/list&gt;
        &lt;/property&gt;
    &lt;/bean&gt;

    &lt;jaxws:endpoint id=&quot;XKMSService&quot;
        xmlns:serviceNamespace=&quot;http://www.w3.org/2002/03/xkms#wsdl&quot;
        serviceName=&quot;serviceNamespace:XKMSService&quot; endpointName=&quot;serviceNamespace:XKMSPort&quot;
        implementor=&quot;#xkmsProviderBean&quot; address=&quot;/XKMS&quot;&gt;
    &lt;/jaxws:endpoint&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-target" style="font-size: 13px">The XKMS client can be integrated into CXF and WSS4J <span class="diff-html-added" id="added-diff-3" style="font-size: 100%; background-color: #ddfade;">in pretty elegant way </span>using a custom Crypto provider implementation. In this case, the XKMS service will be automatically invoked when WSS4J <span class="diff-html-removed" id="removed-diff-2" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">requires </span><span class="diff-html-added" id="added-diff-4" style="font-size: 100%; background-color: #ddfade;">asks for the certificates </span>or validates <span class="diff-html-removed" id="removed-diff-3" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">a certificate</span><span class="diff-html-added" id="added-diff-5" style="font-size: 100%; background-color: #ddfade;">them</span>. Details are described in this <a href="http://ashakirin.blogspot.de/2013/04/cxf-security-getting-certificates-from.html" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">blog</a>. A <span class="diff-html-removed" id="removed-diff-4" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">sample </span><span class="diff-html-added" id="added-diff-6" style="font-size: 100%; background-color: #ddfade;">basic </span>XKMS <span class="diff-html-removed" id="removed-diff-5" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">based </span>implementation of WSS4J Crypto interface is <span class="diff-html-removed" id="removed-diff-6" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">contributed into the </span><span class="diff-html-added" id="added-diff-7" style="font-size: 100%; background-color: #ddfade;">available in </span>XKMS Client component <span class="diff-html-added" id="added-diff-8" style="font-size: 100%; background-color: #ddfade;">(XKMSCryptoProvider and XKMSCryptoProviderFactory)</span>. <span class="diff-html-added" id="added-diff-9" style="font-size: 100%; background-color: #ddfade;">Implementation uses Ehcache to cache certificates received from XKMS service.</span> </p>
                                                    <h4 id="XMLKeyManagementService(XKMS)-DataFormats" class="diff-block-context">Data Formats</h4>
                                                    <p class="diff-block-context" style="font-size: 13px">Input and output data formats are specified in XML Key Management Service Specification Version 2.0 (see <a href="http://www.w3.org/TR/xkms2/" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">XKMS 2.0</a>). The XKMS service supports only a subset of the specified requests and responses.<br /> Restrictions of formats for request and responses are described in the following table:</p>
                                                    <div class="table-wrap diff-block-target">
                                                        <table class="confluenceTable" style="border-collapse: collapse; border: 1px solid #ddd;">
                                                            <tbody>
                                                                <tr>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Element XPath</p> </th>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Supporting values</p> </th>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Description</p> </th>
                                                                </tr>
                                                                <tr>
                                                                    <td rowspan="3" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px"> <span class="diff-html-changed" id="changed-diff-1" style="background-color: #d6f0ff;">RootElement/QueryKeyBinding/UseKeyWith@Application</span> </p> <p style="font-size: 13px"> <span class="diff-html-added" id="added-diff-10" style="font-size: 100%; background-color: #ddfade;">&nbsp;</span> </p> <p style="font-size: 13px"> <span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">&nbsp;</span> </p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">urn:ietf:rfc:2459</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Application specifies X509 SubjectDN in Identifier attribute. Used for normal users certificates</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px"> <span class="diff-html-removed" id="removed-diff-7" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">RootElement/QueryKeyBinding/UseKeyWith@Application </span> </p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">urn:apache:cxf:service:<span class="diff-html-removed" id="removed-diff-8" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">soap </span><span class="diff-html-added" id="added-diff-11" style="font-size: 100%; background-color: #ddfade;">name</span> </p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Application specifies <span class="diff-html-removed" id="removed-diff-9" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">Service Id </span><span class="diff-html-added" id="added-diff-12" style="font-size: 100%; background-color: #ddfade;">service name </span>in Identifier attribute as {SERVICE_ NAMESPACE}SERVICE_NAME. Used for service certificates</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" id="added-diff-13" style="font-size: 100%; background-color: #ddfade;">urn:apache:cxf:service:endpoint</span></td>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">Application specifies service endpoint in Identifier attribute</span></td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">RootElement/QueryKeyBinding/UseKeyWith@Identifier</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px">
                                                                        <ul>
                                                                            <li style="font-size: 13px"> <span class="diff-html-changed" id="changed-diff-2" style="background-color: #d6f0ff;">X509 Subject DN</span> </li>
                                                                        </ul> <span class="diff-html-removed" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;"> </span><span class="diff-html-removed" id="removed-diff-10" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">or </span>
                                                                        <ul>
                                                                            <li style="font-size: 13px"> <span class="diff-html-added" id="added-diff-14" style="font-size: 100%; background-color: #ddfade;">;</span> </li>
                                                                            <li style="font-size: 13px"> <span class="diff-html-changed" id="changed-diff-3" style="background-color: #d6f0ff;">Service name as {SERVICE_ NAMESPACE}SERVICE_NAME</span> </li>
                                                                            <li style="font-size: 13px"> <span class="diff-html-added" id="added-diff-15" style="font-size: 100%; background-color: #ddfade;">Service endpoint</span> </li>
                                                                        </ul> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Depending on Application attribute public key is identified as X509 Subject DN or Service nameservice certificates</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">RootElement/UnverifiedKeyBinding/KeyInfo</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">X509Data/X509Certificate</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Only X509Data with X509Certificate is supported</p> </td>
                                                                </tr>
                                                            </tbody>
                                                        </table>
                                                    </div>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">Sample request for Locate operation:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-11" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;soap:Envelope xmlns:soap=&quot;http://schemas.xmlsoap.org/soap/envelope/&quot;&gt;
    &lt;soap:Body&gt;
        &lt;ns2:LocateRequest xmlns=&quot;http://www.w3.org/2000/09/xmldsig#&quot;
            xmlns:ns2=&quot;http://www.w3.org/2002/03/xkms#&quot;
            xmlns:ns3=&quot;http://www.w3.org/2001/04/xmlenc#&quot;
            Id=&quot;I047257513d19456687e6b4f4a2a72606&quot; Service=&quot;http://cxf.apache.org/services/XKMS/&quot;&gt;
            &lt;ns2:QueryKeyBinding&gt;
                &lt;ns2:UseKeyWith Application=&quot;urn:ietf:rfc:2459&quot;
                    Identifier=&quot;EMAILADDRESS=client@client.com, CN=www.client.com, OU=IT Department, O=Sample Client -- NOT FOR PRODUCTION, L=Niagara Falls, ST=New York, C=US&quot; /&gt;
            &lt;/ns2:QueryKeyBinding&gt;
        &lt;/ns2:LocateRequest&gt;
    &lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">Sample response for Locate operation:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-12" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;soap:Envelope xmlns:soap=&quot;http://schemas.xmlsoap.org/soap/envelope/&quot;&gt;
    &lt;soap:Body&gt;
        &lt;ns2:LocateResult ResultMajor=&quot;http://www.w3.org/2002/03/xkms#Success&quot;
            RequestId=&quot;I047257513d19456687e6b4f4a2a72606&quot; Id=&quot;I0758390284847918129574923948&quot;
            Service=&quot;http://cxf.apache.org/services/XKMS/&quot;
            xmlns:ns2=&quot;http://www.w3.org/2002/03/xkms#&quot;
            xmlns:ns3=&quot;http://www.w3.org/2001/04/xmlenc#&quot;
            xmlns:ns4=&quot;http://www.w3.org/2000/09/xmldsig#&quot;
            xmlns:ns5=&quot;http://www.w3.org/2002/03/xkms#wsdl&quot;&gt;
            &lt;ns2:UnverifiedKeyBinding&gt;
                &lt;ns4:KeyInfo&gt;
                    &lt;ns4:X509Data&gt;
                        &lt;ns4:X509Certificate&gt;… &lt;/ns4:X509Certificate&gt;
                    &lt;/ns4:X509Data&gt;
                &lt;/ns4:KeyInfo&gt;
            &lt;/ns2:UnverifiedKeyBinding&gt;
        &lt;/ns2:LocateResult&gt;
    &lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">Sample error message:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-13" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;soap:Envelope xmlns:soap=&quot;http://schemas.xmlsoap.org/soap/envelope/&quot;&gt;
    &lt;soap:Body&gt;
        &lt;ns2:LocateResult ResultMajor=&quot;http://www.w3.org/2002/03/xkms#Receiver&quot;
            ResultMinor=&quot;http://www.w3.org/2002/03/xkms#Failure&quot;
            RequestId=&quot;I047257513d19456687e6b4f4a2a72606&quot; Id=&quot;I0758390284847918129574923948&quot;
            Service=&quot;http://cxf.apache.org/services/XKMS/&quot;
            xmlns:ns2=&quot;http://www.w3.org/2002/03/xkms#&quot;
            xmlns:ns3=&quot;http://www.w3.org/2001/04/xmlenc#&quot;
            xmlns:ns4=&quot;http://www.w3.org/2000/09/xmldsig#&quot;
            xmlns:ns5=&quot;http://www.w3.org/2002/03/xkms#wsdl&quot;&gt;

            &lt;ns2:MessageExtension xsi:type=&quot;ns5:resultDetails&quot;
                xmlns:xsi=&quot;http://www.w3.org/2001/XMLSchema-instance&quot;&gt;
                &lt;Details&gt;Search certificates failure: Application
                    identifier not supported&lt;/Details&gt;
            &lt;/ns2:MessageExtension&gt;
        &lt;/ns2:LocateResult&gt;
    &lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <ul class="diff-block-target">
                                                        <li style="font-size: 13px">only X509 certificates are supported as keys;</li>
                                                        <li style="font-size: 13px">only LDAP and File based backends are supported;</li>
                                                        <li style="font-size: 13px"> <span class="diff-html-removed" id="removed-diff-14" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">revocation lists are not implemented;</span> </li>
                                                        <li style="font-size: 13px">more integration tests are required</li>
                                                    </ul>
                                                </div>
                                            </div>
                                        </div>
                                        <table id="email-actions" class="email-metadata" cellspacing="0" cellpadding="0" border="0" width="100%" style="border-top: 1px solid #bbb; color: #505050; margin: 8px 0 0 0; padding: 0; color: #505050">
                                            <tbody>
                                                <tr>
                                                    <td class="left" valign="top" style="font-size: 13px; padding-top: 8px; max-width: 45%; text-align: left"> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=31820321" style="color: #326ca6; text-decoration: none">View Online</a> </span> <span class="email-list-divider" style="color: #505050; padding: 0 0.350em">&middot;</span> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/plugins/likes/like.action?contentId=31820321" style="color: #326ca6; text-decoration: none">Like</a> </span> <span class="email-list-divider" style="color: #505050; padding: 0 0.350em">&middot;</span> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=31820321&amp;revisedVersion=23&amp;originalVersion=22" style="color: #326ca6; text-decoration: none">View Changes</a> </span> </td>
                                                    <td class="right" width="50%" valign="top" style="font-size: 13px; padding-top: 8px; text-align: right"> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/users/removespacenotification.action?spaceKey=CXF20DOC" style="color: #326ca6; text-decoration: none">Stop watching space</a> </span> <span class="email-list-divider" style="color: #505050; padding: 0 0.350em">&middot;</span> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/users/editmyemailsettings.action" style="color: #326ca6; text-decoration: none">Manage Notifications</a> </span> </td>
                                                </tr>
                                            </tbody>
                                        </table> </td>
                                </tr>
                            </tbody>
                        </table> </td>
                </tr>
                <tr>
                    <td id="email-footer" align="center" style="font-size: 13px; padding: 0 16px 32px 16px; margin: 0"> <small style="font-size: 11px"> This message was sent by <a class="email-footer-link" style="color:#505050;font-size:11px;text-decoration:none;; color: #326ca6; text-decoration: none; color: #505050; font-size: 11px" href="http://www.atlassian.com/software/confluence">Atlassian Confluence</a> 5.0.3, <a class="email-footer-link" style="color:#505050;font-size:11px;text-decoration:none;; color: #326ca6; text-decoration: none; color: #505050; font-size: 11px" href="http://www.atlassian.com/software/confluence/overview/team-collaboration-software?utm_source=email-footer">Team Collaboration Software</a> </small> </td>
                </tr>
            </tbody>
        </table>
    </body>
</html>
Mime
View raw message