Author: buildbot
Date: Fri Jun 21 10:48:02 2013
New Revision: 866777
Log:
Production update by buildbot for cxf
Modified:
websites/production/cxf/content/cache/docs.pageCache
websites/production/cxf/content/docs/ws-security.html
websites/production/cxf/content/docs/xml-key-management-service-xkms.html
Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/cxf/content/docs/ws-security.html
==============================================================================
--- websites/production/cxf/content/docs/ws-security.html (original)
+++ websites/production/cxf/content/docs/ws-security.html Fri Jun 21 10:48:02
2013
@@ -25,6 +25,8 @@
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
<meta name="keywords" content="business integration, EAI, SOA, Service
Oriented Architecture, web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic
Data Interchange, standards support, integration standards, application
integration, middleware, software, solutions, services, CXF, open source">
<meta name="description" content="Apache CXF, Services Framework -
WS-Security">
+
+
<title>
Apache CXF -- WS-Security
</title>
@@ -124,7 +126,7 @@ Apache CXF -- WS-Security
<div id="ConfluenceContent"><h1><a shape="rect"
name="WS-Security-WSSecurity"></a>WS-Security</h1>
<p>WS-Security provides means to secure your services above and beyond
transport level protocols such as HTTPS. Through a number of standards such as
XML-Encryption, and headers defined in the WS-Security standard, it allows you
to:</p>
-<ul><li>Pass authentication tokens between services</li><li>Encrypt messages
or parts of messages</li><li>Sign messages</li><li>Timestamp messages</li></ul>
+<ul><li>Pass authentication tokens between services</li><li>Encrypt messages
or parts of messages</li><li>Sign messages</li><li>Timestamp
messages</li><li>Manage public keys using <a shape="rect"
href="http://cxf.apache.org/docs/xml-key-management-service-xkms.html";>XKMS</a></li></ul>
<p>CXF relies on <a shape="rect" class="external-link"
href="http://ws.apache.org/wss4j";>WSS4J</a> in large part to implement
WS-Security. Within your own services, WS-Security can be activated by using
<a shape="rect"
href="http://cxf.apache.org/docs/ws-securitypolicy.html";>WS-SecurityPolicy</a>,
which provides a comprehensive and sophisticated validation of the security
properties of a received message. A non-WS-SecurityPolicy approach is usually
also possible by way of CXF interceptors added to your service and/or client as
detailed in this article.</p>
Modified:
websites/production/cxf/content/docs/xml-key-management-service-xkms.html
==============================================================================
--- websites/production/cxf/content/docs/xml-key-management-service-xkms.html
(original)
+++ websites/production/cxf/content/docs/xml-key-management-service-xkms.html
Fri Jun 21 10:48:02 2013
@@ -246,6 +246,7 @@ Sample spring configuration of XKMS hand
</pre>
</div></div>
+
<p>dateValidator and trustedAuthorityValidator beans are implementations of
Validator interface for validity date and trusted chain validation. <br
clear="none">
x509Locator and x509Register are implementations of Locator and Register
interfaces for X509 certificates.<br clear="none">
certificateRepo is repository implementation for LDAP backend. LdapSearch and
LdapSchemaConfig contain LDAP configuration described in the following
table:</p>
@@ -262,6 +263,37 @@ certificateRepo is repository implementa
</div>
+<p>XKMS service endpoint is configured in following way:</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent
panelContent">
+<pre class="code-xml">
+ <span class="code-tag"><bean id=<span
class="code-quote">"xkmsProviderBean"</span> class=<span
class="code-quote">"org.apache.cxf.xkms.service.XKMSService"</span>></span>
+ <span class="code-tag"><property name=<span
class="code-quote">"validators"</span>></span>
+ <span class="code-tag"><list></span>
+ <span class="code-tag"><ref bean=<span
class="code-quote">"dateValidator"</span> /></span>
+ <span class="code-tag"><ref bean=<span
class="code-quote">"trustedAuthorityValidator"</span> /></span>
+ <span class="code-tag"></list></span>
+ <span class="code-tag"></property></span>
+ <span class="code-tag"><property name=<span
class="code-quote">"locators"</span>></span>
+ <span class="code-tag"><list></span>
+ <span class="code-tag"><ref bean=<span
class="code-quote">"x509Locator"</span> /></span>
+ <span class="code-tag"></list></span>
+ <span class="code-tag"></property></span>
+ <span class="code-tag"><property name=<span
class="code-quote">"keyRegisterHandlers"</span>></span>
+ <span class="code-tag"><list></span>
+ <span class="code-tag"><ref bean=<span
class="code-quote">"x509Register"</span> /></span>
+ <span class="code-tag"></list></span>
+ <span class="code-tag"></property></span>
+ <span class="code-tag"></bean></span>
+
+ <jaxws:endpoint id=<span class="code-quote">"XKMSService"</span>
+ <span class="code-keyword">xmlns:serviceNamespace</span>=<span
class="code-quote">"http://www.w3.org/2002/03/xkms#wsdl";</span>
+ serviceName=<span
class="code-quote">"serviceNamespace:XKMSService"</span> endpointName=<span
class="code-quote">"serviceNamespace:XKMSPort"</span>
+ implementor=<span class="code-quote">"#xkmsProviderBean"</span>
address=<span class="code-quote">"/XKMS"</span>>
+ <span class="code-tag"></jaxws:endpoint></span>
+</pre>
+</div></div>
+
<h4><a shape="rect"
name="XMLKeyManagementService%28XKMS%29-IntegrationXKMSclientintoCXFruntime."></a>Integration
XKMS client into CXF runtime.</h4>
<p>XKMS client can be integrated into CXF and WSS4J using custom Crypto
provider implementation. In this case XKMS service will be automatically
invoked when WSS4J requires or validates certificate. Details are described in
this <a shape="rect" class="external-link"
href="http://ashakirin.blogspot.de/2013/04/cxf-security-getting-certificates-from.html";
rel="nofollow">blog</a>. Sample XKMS based implementation of WSS4J Crypto
interface is contributed into XKMS Client component. </p>
