main.pageCache fediz-configuration.html

buildbot Mon, 04 Jun 2012 12:48:44 -0700

Author: buildbot
Date: Mon Jun  4 19:48:17 2012
New Revision: 820261

Log:
Production update by buildbot for cxf


Modified:
    websites/production/cxf/content/cache/main.pageCache
    websites/production/cxf/content/fediz-configuration.html

Modified: websites/production/cxf/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/fediz-configuration.html
==============================================================================
--- websites/production/cxf/content/fediz-configuration.html (original)
+++ websites/production/cxf/content/fediz-configuration.html Mon Jun  4 
19:48:17 2012
@@ -151,11 +151,11 @@ Apache CXF -- Fediz Configuration
         <span class="code-tag">&lt;audienceUris&gt;</span>
             <span 
class="code-tag">&lt;audienceItem&gt;</span>https://localhost:8443/fedizhelloworld<span
 class="code-tag">&lt;/audienceItem&gt;</span>
         <span class="code-tag">&lt;/audienceUris&gt;</span>
-        <span class="code-tag">&lt;certificateStore&gt;</span>
+        <span class="code-tag">&lt;certificateStores&gt;</span>
             <span class="code-tag">&lt;trustManager&gt;</span>
                 <span class="code-tag">&lt;keyStore file=<span 
class="code-quote">"conf/stsstore.jks"</span> password=<span 
class="code-quote">"stsspass"</span> type=<span class="code-quote">"JKS"</span> 
/&gt;</span>
             <span class="code-tag">&lt;/trustManager&gt;</span>
-        <span class="code-tag">&lt;/certificateStore&gt;</span>
+        <span class="code-tag">&lt;/certificateStores&gt;</span>
         <span class="code-tag">&lt;trustedIssuers&gt;</span>
             <span class="code-tag">&lt;issuer name=<span 
class="code-quote">"issuer 1"</span> certificateValidation=<span 
class="code-quote">"ChainTrust"</span> subject=<span 
class="code-quote">".*CN=www.sts.com.*"</span> /&gt;</span>
         <span class="code-tag">&lt;/trustedIssuers&gt;</span>
@@ -175,7 +175,7 @@ Finally, the audience URI is validated a
 <h3><a shape="rect" 
name="FedizConfiguration-Configurationreference"></a>Configuration 
reference</h3>
 
 <div class="table-wrap">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" 
class="confluenceTh">XML element </th><th colspan="1" rowspan="1" 
class="confluenceTh">Name </th><th colspan="1" rowspan="1" 
class="confluenceTh">Use </th><th colspan="1" rowspan="1" 
class="confluenceTh">Description</th></tr><tr><td colspan="1" rowspan="1" 
class="confluenceTd"> audienceUris </td><td colspan="1" rowspan="1" 
class="confluenceTd"> Audience URI </td><td colspan="1" rowspan="1" 
class="confluenceTd"> Required </td><td colspan="1" rowspan="1" 
class="confluenceTd"> The values of the list of audience URIs are verified 
against the element <tt>AudienceRestriction</tt> in the SAML token 
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> 
certificateStore </td><td colspan="1" rowspan="1" class="confluenceTd"> Trusted 
certificate store </td><td colspan="1" rowspan="1" class="confluenceTd"> 
Required </td><td colspan="1" rowspan="1" class="confluenceTd"> The list of 
keystores (JKS, PEM) includ
 es at least the certificate of the Certificate Authorities (CA) which signed 
the certificate which is used to sign the SAML token.<br clear="none">
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" 
class="confluenceTh">XML element </th><th colspan="1" rowspan="1" 
class="confluenceTh">Name </th><th colspan="1" rowspan="1" 
class="confluenceTh">Use </th><th colspan="1" rowspan="1" 
class="confluenceTh">Description</th></tr><tr><td colspan="1" rowspan="1" 
class="confluenceTd"> audienceUris </td><td colspan="1" rowspan="1" 
class="confluenceTd"> Audience URI </td><td colspan="1" rowspan="1" 
class="confluenceTd"> Required </td><td colspan="1" rowspan="1" 
class="confluenceTd"> The values of the list of audience URIs are verified 
against the element <tt>AudienceRestriction</tt> in the SAML token 
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> 
certificateStores </td><td colspan="1" rowspan="1" class="confluenceTd"> 
Trusted certificate store </td><td colspan="1" rowspan="1" 
class="confluenceTd"> Required </td><td colspan="1" rowspan="1" 
class="confluenceTd"> The list of keystores (JKS, PEM) inclu
 des at least the certificate of the Certificate Authorities (CA) which signed 
the certificate which is used to sign the SAML token.<br clear="none">
 If the file location is not fully qualified it's relative to the Container 
home directory </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> 
trustedIssuers </td><td colspan="1" rowspan="1" class="confluenceTd"> Trusted 
Issuers </td><td colspan="1" rowspan="1" class="confluenceTd"> Required 
</td><td colspan="1" rowspan="1" class="confluenceTd"> There are two ways to 
configure a trusted issuer (IDP). Either you configure the subject name and the 
CA(s) who signed the certificate of the IDP 
(<tt>certificateValidation=ChainTrust</tt>) or you configure the certificate of 
the IDP and the CA(s) who signed it 
(<tt>certificateValidation=PeerTrust</tt>)</td></tr><tr><td colspan="1" 
rowspan="1" class="confluenceTd"> maximumClockSkew </td><td colspan="1" 
rowspan="1" class="confluenceTd"> Maximum Clock Skew </td><td colspan="1" 
rowspan="1" class="confluenceTd"> Optional </td><td colspan="1" rowspan="1" 
class="confluenceTd"> Maximum allowable time difference between the system
  clocks of the IDP and RP.<br clear="none">
 Default 5 seconds. </td></tr></tbody></table>
 </div>
@@ -216,9 +216,9 @@ The WS-Federation standard defines a lis
         <span class="code-tag">&lt;audienceUris&gt;</span>
             <span 
class="code-tag">&lt;audienceItem&gt;</span>https://localhost:8443/fedizhelloworld<span
 class="code-tag">&lt;/audienceItem&gt;</span>
         <span class="code-tag">&lt;/audienceUris&gt;</span>
-        <span class="code-tag">&lt;certificateStore&gt;</span>
-            <span class="code-tag">&lt;keyStore file=<span 
class="code-quote">"/projects/fediz/tomcat-rp2/conf/stsstore.jks"</span> 
password=<span class="code-quote">"stsspass"</span> type=<span 
class="code-quote">"file"</span> /&gt;</span>
-        <span class="code-tag">&lt;/certificateStore&gt;</span>
+        <span class="code-tag">&lt;certificateStores&gt;</span>
+            <span class="code-tag">&lt;keyStore file=<span 
class="code-quote">"conf/stsstore.jks"</span> password=<span 
class="code-quote">"stsspass"</span> type=<span 
class="code-quote">"file"</span> /&gt;</span>
+        <span class="code-tag">&lt;/certificateStores&gt;</span>
         <span class="code-tag">&lt;maximumClockSkew&gt;</span>10<span 
class="code-tag">&lt;/maximumClockSkew&gt;</span>
         <span class="code-tag">&lt;trustedIssuers&gt;</span>
             <span class="code-tag">&lt;issuer name=<span 
class="code-quote">"issuer 1"</span> certificateValidation=<span 
class="code-quote">"ChainTrust"</span> subject=<span 
class="code-quote">".*CN=www.sts.com.*"</span> /&gt;</span>

svn commit: r820261 - in /websites/production/cxf/content: cache/main.pageCache fediz-configuration.html

Reply via email to