Modified: websites/production/cxf/content/docs/jaxrs-oauth2-assertions.html
==============================================================================
--- websites/production/cxf/content/docs/jaxrs-oauth2-assertions.html (original)
+++ websites/production/cxf/content/docs/jaxrs-oauth2-assertions.html Fri Dec
19 19:09:46 2014
@@ -118,11 +118,11 @@ Apache CXF -- JAXRS OAuth2 Assertions
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><h1
id="JAXRSOAuth2Assertions-JAXRS:OAuth2Assertions">JAXRS: OAuth2
Assertions</h1><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1400600784110 {padding: 0px;}
-div.rbtoc1400600784110 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1400600784110 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015905232 {padding: 0px;}
+div.rbtoc1419015905232 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015905232 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1400600784110">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015905232">
<ul class="toc-indentation"><li><a shape="rect"
href="#JAXRSOAuth2Assertions-JAXRS:OAuth2Assertions">JAXRS: OAuth2
Assertions</a></li><li><a shape="rect"
href="#JAXRSOAuth2Assertions-Introduction">Introduction</a></li><li><a
shape="rect" href="#JAXRSOAuth2Assertions-Mavendependencies">Maven
dependencies</a></li><li><a shape="rect"
href="#JAXRSOAuth2Assertions-SAML2Bearer">SAML2 Bearer</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#JAXRSOAuth2Assertions-AccessTokenGrant">Access Token Grant</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#JAXRSOAuth2Assertions-Clientcode">Client code</a></li><li><a
shape="rect" href="#JAXRSOAuth2Assertions-AccessTokenService">Access Token
Service</a></li></ul>
Modified: websites/production/cxf/content/docs/jaxrs-services-configuration.html
==============================================================================
--- websites/production/cxf/content/docs/jaxrs-services-configuration.html
(original)
+++ websites/production/cxf/content/docs/jaxrs-services-configuration.html Fri
Dec 19 19:09:46 2014
@@ -118,11 +118,11 @@ Apache CXF -- JAXRS Services Configurati
<!-- Content -->
<div class="wiki-content">
<div
id="ConfluenceContent"><p> </p><p> </p><p> </p><p> <span
class="inline-first-p" style="font-size:2em;font-weight:bold">JAX-RS : Services
Configuration</span> </p><p> </p><p> </p><p> </p><p><style
type="text/css">/*<![CDATA[*/
-div.rbtoc1410745583534 {padding: 0px;}
-div.rbtoc1410745583534 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1410745583534 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015907816 {padding: 0px;}
+div.rbtoc1419015907816 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015907816 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1410745583534">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015907816">
<ul class="toc-indentation"><li><a shape="rect"
href="#JAXRSServicesConfiguration-ConfiguringJAX-RSservicesprogrammatically">Configuring
JAX-RS services programmatically</a></li><li><a shape="rect"
href="#JAXRSServicesConfiguration-OSGI">OSGI</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#JAXRSServicesConfiguration-Blueprint">Blueprint</a></li><li><a
shape="rect" href="#JAXRSServicesConfiguration-Spring">Spring</a></li></ul>
</li><li><a shape="rect"
href="#JAXRSServicesConfiguration-ConfiguringJAX-RSendpointsprogrammaticallywithoutSpring">Configuring
JAX-RS endpoints programmatically without Spring</a></li><li><a shape="rect"
href="#JAXRSServicesConfiguration-ConfiguringJAX-RSservicesincontainerwithSpringconfigurationfile.">Configuring
JAX-RS services in container with Spring configuration file.</a>
Modified: websites/production/cxf/content/docs/jaxrs-services-description.html
==============================================================================
--- websites/production/cxf/content/docs/jaxrs-services-description.html
(original)
+++ websites/production/cxf/content/docs/jaxrs-services-description.html Fri
Dec 19 19:09:46 2014
@@ -118,11 +118,11 @@ Apache CXF -- JAXRS Services Description
<!-- Content -->
<div class="wiki-content">
<div
id="ConfluenceContent"><p> </p><p> </p><p> </p><p> <span
class="inline-first-p" style="font-size:2em;font-weight:bold">JAX-RS Services
Description</span> </p><p> </p><p> </p><p> </p><p><style
type="text/css">/*<![CDATA[*/
-div.rbtoc1409175994143 {padding: 0px;}
-div.rbtoc1409175994143 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1409175994143 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015837746 {padding: 0px;}
+div.rbtoc1419015837746 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015837746 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1409175994143">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015837746">
<ul class="toc-indentation"><li><a shape="rect"
href="#JAXRSServicesDescription-WADLoverview">WADL overview</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#JAXRSServicesDescription-Basicexample">Basic example</a></li><li><a
shape="rect" href="#JAXRSServicesDescription-WADLwithreferences">WADL with
references</a></li><li><a shape="rect"
href="#JAXRSServicesDescription-SharingdeclarationsbetweenmultipleWADLs">Sharing
declarations between multiple WADLs</a></li></ul>
</li><li><a shape="rect"
href="#JAXRSServicesDescription-WADL-firstDevelopment">WADL-first
Development</a>
Modified: websites/production/cxf/content/docs/jaxrs-testing.html
==============================================================================
--- websites/production/cxf/content/docs/jaxrs-testing.html (original)
+++ websites/production/cxf/content/docs/jaxrs-testing.html Fri Dec 19 19:09:46
2014
@@ -118,11 +118,11 @@ Apache CXF -- JAXRS Testing
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><p><span class="inline-first-p"
style="font-size:2em;font-weight:bold"> JAX-RS
Testing</span></p><p> </p><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1408383989523 {padding: 0px;}
-div.rbtoc1408383989523 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1408383989523 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015822800 {padding: 0px;}
+div.rbtoc1419015822800 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015822800 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1408383989523">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015822800">
<ul class="toc-indentation"><li><a shape="rect"
href="#JAXRSTesting-EmbeddedJetty">Embedded Jetty</a></li><li><a shape="rect"
href="#JAXRSTesting-LocalTransport">Local Transport</a></li></ul>
</div><p>JAX-RS endpoints can be easily tested using the embedded Jetty or CXF
Local Transport.</p><h1 id="JAXRSTesting-EmbeddedJetty">Embedded Jetty</h1><div
class="code panel pdl" style="border-width: 1px;"><div class="codeHeader
panelHeader pdl" style="border-bottom-width: 1px;"><b>Maven
Dependency</b></div><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false"
type="syntaxhighlighter"><![CDATA[<dependency>
Modified: websites/production/cxf/content/docs/jmx-management.html
==============================================================================
--- websites/production/cxf/content/docs/jmx-management.html (original)
+++ websites/production/cxf/content/docs/jmx-management.html Fri Dec 19
19:09:46 2014
@@ -190,11 +190,11 @@ Starting from 2.5.0, if a MBeanServ
<p>To test the configuration start up your service and connect to it by using
JConsole from the JDK.<br clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/70534/jconsole_connect2.png?version=1&modificationDate=1194657533000&api=v2";
data-image-src="/confluence/download/attachments/70534/jconsole_connect2.png?version=1&modificationDate=1194657533000&api=v2"><br
clear="none">
+<img class="confluence-embedded-image"
src="jmx-management.data/jconsole_connect2.png"
data-image-src="/confluence/download/attachments/70534/jconsole_connect2.png?version=1&modificationDate=1194657533000&api=v2"><br
clear="none">
 <br clear="none">
Then you can browse to your endpoint:<br clear="none">
 <br clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/70534/jconsole_service_endpoint.png?version=1&modificationDate=1194657339000&api=v2";
data-image-src="/confluence/download/attachments/70534/jconsole_service_endpoint.png?version=1&modificationDate=1194657339000&api=v2"><br
clear="none">
+<img class="confluence-embedded-image"
src="jmx-management.data/jconsole_service_endpoint.png"
data-image-src="/confluence/download/attachments/70534/jconsole_service_endpoint.png?version=1&modificationDate=1194657339000&api=v2"><br
clear="none">
 </p>
<p><span class="confluence-anchor-link"
id="JMXManagement-cxf_in_servicemix"></span></p>
Modified: websites/production/cxf/content/docs/saml-web-sso.html
==============================================================================
--- websites/production/cxf/content/docs/saml-web-sso.html (original)
+++ websites/production/cxf/content/docs/saml-web-sso.html Fri Dec 19 19:09:46
2014
@@ -118,11 +118,11 @@ Apache CXF -- SAML Web SSO
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><p><span class="inline-first-p"
style="font-size:2em;font-weight:bold"> JAX-RS: SAML Web
SSO</span></p><p></p><p> </p><p> </p><p><style
type="text/css">/*<![CDATA[*/
-div.rbtoc1408383989451 {padding: 0px;}
-div.rbtoc1408383989451 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1408383989451 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015874171 {padding: 0px;}
+div.rbtoc1419015874171 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015874171 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1408383989451">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015874171">
<ul class="toc-indentation"><li><a shape="rect"
href="#SAMLWebSSO-Introduction">Introduction</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#SAMLWebSSO-TypicalFlow">Typical Flow</a></li></ul>
</li><li><a shape="rect" href="#SAMLWebSSO-Mavendependencies">Maven
dependencies</a></li><li><a shape="rect"
href="#SAMLWebSSO-IdentityProvider">Identity Provider</a></li><li><a
shape="rect" href="#SAMLWebSSO-ServiceProviderSecurityFilter">Service Provider
Security Filter</a>
Modified: websites/production/cxf/content/docs/secure-jax-rs-services.html
==============================================================================
--- websites/production/cxf/content/docs/secure-jax-rs-services.html (original)
+++ websites/production/cxf/content/docs/secure-jax-rs-services.html Fri Dec 19
19:09:46 2014
@@ -118,11 +118,11 @@ Apache CXF -- Secure JAX-RS Services
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><p> </p><p> </p><p> </p><p><span
class="inline-first-p" style="font-size:2em;font-weight:bold"> JAX-RS: Security
</span></p><p> </p><p> </p><p> </p><p><style
type="text/css">/*<![CDATA[*/
-div.rbtoc1408383989006 {padding: 0px;}
-div.rbtoc1408383989006 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1408383989006 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015881052 {padding: 0px;}
+div.rbtoc1419015881052 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015881052 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1408383989006">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015881052">
<ul class="toc-indentation"><li><a shape="rect"
href="#SecureJAX-RSServices-HTTPS">HTTPS</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#SecureJAX-RSServices-Configuringendpoints">Configuring
endpoints</a></li><li><a shape="rect"
href="#SecureJAX-RSServices-Configuringclients">Configuring
clients</a></li></ul>
</li><li><a shape="rect"
href="#SecureJAX-RSServices-Authentication">Authentication</a></li><li><a
shape="rect"
href="#SecureJAX-RSServices-Authorization">Authorization</a></li><li><a
shape="rect" href="#SecureJAX-RSServices-WS-Trustintegration">WS-Trust
integration</a>
Modified: websites/production/cxf/content/docs/security.html
==============================================================================
--- websites/production/cxf/content/docs/security.html (original)
+++ websites/production/cxf/content/docs/security.html Fri Dec 19 19:09:46 2014
@@ -117,11 +117,11 @@ Apache CXF -- Security
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><h1 id="Security-SecuringCXFServices">Securing CXF
Services</h1><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1396468201553 {padding: 0px;}
-div.rbtoc1396468201553 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1396468201553 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015810660 {padding: 0px;}
+div.rbtoc1419015810660 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015810660 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1396468201553">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015810660">
<ul class="toc-indentation"><li><a shape="rect"
href="#Security-SecuringCXFServices">Securing CXF Services</a></li><li><a
shape="rect" href="#Security-Securetransports">Secure transports</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#Security-HTTPS">HTTPS</a></li></ul>
</li><li><a shape="rect"
href="#Security-WS-*Security(includingUsernameTokenandX.509Tokenprofiles)">WS-*
Security (including UsernameToken and X.509 Token profiles)</a></li><li><a
shape="rect" href="#Security-WS-Trust,STS">WS-Trust, STS</a></li><li><a
shape="rect" href="#Security-SAMLWebSSO">SAML Web SSO</a></li><li><a
shape="rect" href="#Security-OAuth">OAuth</a></li><li><a shape="rect"
href="#Security-Authentication">Authentication</a>
Modified: websites/production/cxf/content/docs/tls-configuration.html
==============================================================================
--- websites/production/cxf/content/docs/tls-configuration.html (original)
+++ websites/production/cxf/content/docs/tls-configuration.html Fri Dec 19
19:09:46 2014
@@ -117,11 +117,11 @@ Apache CXF -- TLS Configuration
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1418229989438 {padding: 0px;}
-div.rbtoc1418229989438 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1418229989438 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015829500 {padding: 0px;}
+div.rbtoc1419015829500 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015829500 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1418229989438">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015829500">
<ul class="toc-indentation"><li><a shape="rect"
href="#TLSConfiguration-TLSParameterscommontobothClientsandServers">TLS
Parameters common to both Clients and Servers</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#TLSConfiguration-KeyManagers">Key Managers</a></li><li><a shape="rect"
href="#TLSConfiguration-TrustManagers">Trust Managers</a></li><li><a
shape="rect" href="#TLSConfiguration-CipherSuitesFilter">CipherSuites
Filter</a></li><li><a shape="rect"
href="#TLSConfiguration-CertConstraints">Cert Constraints</a></li></ul>
</li><li><a shape="rect" href="#TLSConfiguration-ClientTLSParameters">Client
TLS Parameters</a>
Modified: websites/production/cxf/content/docs/transformationfeature.html
==============================================================================
--- websites/production/cxf/content/docs/transformationfeature.html (original)
+++ websites/production/cxf/content/docs/transformationfeature.html Fri Dec 19
19:09:46 2014
@@ -118,11 +118,11 @@ Apache CXF -- TransformationFeature
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><h1
id="TransformationFeature-TransformationFeature">Transformation
Feature</h1><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1405946789260 {padding: 0px;}
-div.rbtoc1405946789260 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1405946789260 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015799005 {padding: 0px;}
+div.rbtoc1419015799005 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015799005 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1405946789260">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015799005">
<ul class="toc-indentation"><li><a shape="rect"
href="#TransformationFeature-TransformationFeature">Transformation
Feature</a></li><li><a shape="rect"
href="#TransformationFeature-Springconfiguration">Spring configuration</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#TransformationFeature-Changinginputandoutputelementnamesandnamespaces">Changing
input and output element names and namespaces</a></li><li><a shape="rect"
href="#TransformationFeature-Appendingnewinputandoutputelements">Appending new
input and output elements</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#TransformationFeature-Append-Pre-Wrap">Append-Pre-Wrap</a></li><li><a
shape="rect"
href="#TransformationFeature-Append-Post-Wrap">Append-Post-Wrap</a></li><li><a
shape="rect"
href="#TransformationFeature-Append-Pre-Include">Append-Pre-Include</a></li><li><a
shape="rect"
href="#TransformationFeature-Append-Post-Include">Append-Post-Include</a></li><li><a
shape="rect" href="#TransformationFeature-Comparingfourappendmodes">Comparing
four append modes</a></li></ul>
Modified:
websites/production/cxf/content/docs/using-cxf-jca-rar-in-application-server.html
==============================================================================
---
websites/production/cxf/content/docs/using-cxf-jca-rar-in-application-server.html
(original)
+++
websites/production/cxf/content/docs/using-cxf-jca-rar-in-application-server.html
Fri Dec 19 19:09:46 2014
@@ -121,11 +121,11 @@ Apache CXF -- Using CXF-JCA RAR in Appli
<p>cxf-integration-jca module has implemented the JCA1.5 outbound connection.
You can see samples in $CXF_HOME/samples/integration/jca.</p>
<style type="text/css">/*<![CDATA[*/
-div.rbtoc1396468199498 {padding: 0px;}
-div.rbtoc1396468199498 ul {list-style: disc;margin-left: 0px;padding-left:
20px;}
-div.rbtoc1396468199498 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015791195 {padding: 0px;}
+div.rbtoc1419015791195 ul {list-style: disc;margin-left: 0px;padding-left:
20px;}
+div.rbtoc1419015791195 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style><div class="toc-macro rbtoc1396468199498">
+/*]]>*/</style><div class="toc-macro rbtoc1419015791195">
<ul class="toc-indentation"><li><a shape="rect"
href="#UsingCXF-JCARARinApplicationServer-DeployCXF-JCARAR.">Deploy CXF-JCA
RAR.</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#UsingCXF-JCARARinApplicationServer-BuildCXF-JCARAR">Build CXF-JCA
RAR</a></li><li><a shape="rect"
href="#UsingCXF-JCARARinApplicationServer-DeployRARtoJBOSS.">Deploy RAR to
JBOSS.</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#UsingCXF-JCARARinApplicationServer-DeploythestandaloneRAR.">Deploy the
standalone RAR.</a></li><li><a shape="rect"
href="#UsingCXF-JCARARinApplicationServer-DeploytheRARinEAR.">Deploy the RAR in
EAR.</a></li></ul>
Modified: websites/production/cxf/content/docs/validationfeature.html
==============================================================================
--- websites/production/cxf/content/docs/validationfeature.html (original)
+++ websites/production/cxf/content/docs/validationfeature.html Fri Dec 19
19:09:46 2014
@@ -118,11 +118,11 @@ Apache CXF -- ValidationFeature
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><h1
id="ValidationFeature-BeanValidationFeature">Bean Validation
Feature</h1><p> </p><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1398170820735 {padding: 0px;}
-div.rbtoc1398170820735 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1398170820735 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015827279 {padding: 0px;}
+div.rbtoc1419015827279 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015827279 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1398170820735">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015827279">
<ul class="toc-indentation"><li><a shape="rect"
href="#ValidationFeature-BeanValidationFeature">Bean Validation
Feature</a></li><li><a shape="rect"
href="#ValidationFeature-Introduction">Introduction</a></li><li><a shape="rect"
href="#ValidationFeature-Dependencies">Dependencies</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#ValidationFeature-UsingHibernateValidatorasbeanvalidationprovider">Using
Hibernate Validator as bean validation provider</a></li><li><a shape="rect"
href="#ValidationFeature-UsingApacheBValasbeanvalidationprovider">Using Apache
BVal as bean validation provider</a></li></ul>
</li><li><a shape="rect"
href="#ValidationFeature-CommonBeanValidation1.1Interceptors">Common Bean
Validation 1.1 Interceptors</a>
Modified: websites/production/cxf/content/docs/xfire-migration-guide.html
==============================================================================
--- websites/production/cxf/content/docs/xfire-migration-guide.html (original)
+++ websites/production/cxf/content/docs/xfire-migration-guide.html Fri Dec 19
19:09:46 2014
@@ -118,11 +118,11 @@ Apache CXF -- XFire Migration Guide
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><style type="text/css">/*<![CDATA[*/
-div.rbtoc1396468206837 {padding: 0px;}
-div.rbtoc1396468206837 ul {list-style: disc;margin-left: 0px;padding-left:
20px;}
-div.rbtoc1396468206837 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015853244 {padding: 0px;}
+div.rbtoc1419015853244 ul {list-style: disc;margin-left: 0px;padding-left:
20px;}
+div.rbtoc1419015853244 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style><div class="toc-macro rbtoc1396468206837">
+/*]]>*/</style><div class="toc-macro rbtoc1419015853244">
<ul class="toc-indentation"><li><a shape="rect"
href="#XFireMigrationGuide-CompletedFunctionalityandCXFanalogues">Completed
Functionality and CXF analogues</a></li><li><a shape="rect"
href="#XFireMigrationGuide-ShouldIMigrateYet?">Should I Migrate Yet?</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#XFireMigrationGuide-Whoshouldnotmigrate">Who should not
migrate</a></li></ul>
</li><li><a shape="rect" href="#XFireMigrationGuide-ServiceFactories">Service
Factories</a>
Modified:
websites/production/cxf/content/docs/xml-key-management-service-xkms.html
==============================================================================
--- websites/production/cxf/content/docs/xml-key-management-service-xkms.html
(original)
+++ websites/production/cxf/content/docs/xml-key-management-service-xkms.html
Fri Dec 19 19:09:46 2014
@@ -116,7 +116,7 @@ Apache CXF -- XML Key Management Service
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1
id="XMLKeyManagementService(XKMS)-XMLKeyManagementService(XKMS)">XML Key
Management Service (XKMS)</h1><p>Available since CXF 2.7.7.</p><h2
id="XMLKeyManagementService(XKMS)-Usecase">Use case</h2><p>CXF uses asymmetric
algorithms for different purposes: encryption of symmetric keys and payloads,
signing security tokens and messages, proof of possession, etc.<br
clear="none"> Normally the public keys (in the form of X509 certificates) are
stored in java keystores.</p><p>For example, if the sender encrypts the message
payload sending to the receiver, he should have access to the receiver
certificate saved in the local keystore. <br clear="none"> The sender uses this
certificate for message encryption and receiver decrypts the request with the
corresponding private key:</p><p><img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/31820321/classic-message-encryption.jpg?version=1&modificationDate=136742231
2000&api=v2"
data-image-src="/confluence/download/attachments/31820321/classic-message-encryption.jpg?version=1&modificationDate=1367422312000&api=v2"></p><p>Seems
to be OK? Imagine now that you have a production environment with 100
different clients of this service and the service certificate is expired. You
should reissue and replace the certificate in ALL client keystores! Even more,
if keystores are packaged into war files or OSGi bundles – they should be
unpackaged and updated. Not really acceptable for enterprise
environments.</p><p>Therefore large service landscapes support central
certificates management. It means that X509 certificates are not stored locally
in keystores, but are provided and administrated centrally.</p><p>Normally it
is a responsibility of <a shape="rect" class="external-link"
href="http://en.wikipedia.org/wiki/Public-key_infrastructure";
rel="nofollow">Public Key Infrastructure</a> (PKI) established in the
organization. PKI is responsibl
e to create, manage, store, distribute, synchronize and revoke public
certificates and certification authorities (CAs).</p><h2
id="XMLKeyManagementService(XKMS)-XKMSSpecification">XKMS
Specification</h2><p>W3C specifies a protocol to distribute and register public
keys, certificates and CAs that can be used for XML-based cryptography,
including signature and encryption: <a shape="rect" class="external-link"
href="http://www.w3.org/TR/xkms2/"; rel="nofollow">XML Key Management
Specification</a> (XKMS 2.0). <br clear="none"> The XKMS Specification
comprises two parts – the XML Key Information Service Specification
(XKISS) describing the runtime aspects of key lookup and certificate
validation, and the XML Key Registration Service Specification (XKRSS)
describing the administrative aspects of registering, renewing, revoking and
recovering certificates. <br clear="none"> The XKMS Service implements both
parts of specification.</p><p>The XKMS SOAP interface can be used as a standard
frontend to access the Public Key Infrastructure (PKI). Using XKMS message
encryption scenario, the message encryption picture will change in the
following way:</p><p><img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/31820321/classic-message-encryption-PKI-XKMS.jpg?version=1&modificationDate=1367579177000&api=v2";
data-image-src="/confluence/download/attachments/31820321/classic-message-encryption-PKI-XKMS.jpg?version=1&modificationDate=1367579177000&api=v2"></p><p>Receiver
X509 certificate is not saved into sender's local keystore anymore. Instead,
certificate is stored into central PKI and can be located, validated and
administrated using standard XKMS interface. This essentially improves the
control on certificates in large services landscape.</p><p>Administrator can
update, renew and revoke certificates, manage certification authorities and
revocation lists.</p><h3 id="XMLKeyManagementService(XKMS)-Integratingthe
XKMSclientintotheCXFruntime">Integrating the XKMS client into the CXF
runtime</h3><p>The XKMS client can be integrated into CXF and WSS4J in pretty
elegant way using a custom Crypto provider implementation. In this case, the
XKMS service will be automatically invoked when WSS4J asks for the certificates
or validates them. Details are described in this <a shape="rect"
class="external-link"
href="http://ashakirin.blogspot.de/2013/04/cxf-security-getting-certificates-from.html";
rel="nofollow">blog</a>. A basic XKMS implementation of WSS4J Crypto interface
is available in XKMS Client component (XKMSCryptoProvider and
XKMSCryptoProviderFactory). Implementation uses Ehcache to cache certificates
received from XKMS service.</p><h3
id="XMLKeyManagementService(XKMS)-XKMSServiceDesign">XKMS Service
Design</h3><p>Internal structure of XKMS service is represented in the
following figure:</p><p><img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/3
1820321/XKMS-cxf.jpg?version=1&modificationDate=1367497945000&api=v2"
data-image-src="/confluence/download/attachments/31820321/XKMS-cxf.jpg?version=1&modificationDate=1367497945000&api=v2"></p><p>The
XKMS Service exposes a SOAP interface specified in <a shape="rect"
class="external-link" href="http://www.w3.org/TR/xkms2/"; rel="nofollow">XKMS
2.0</a>. <br clear="none"> The XKMS implementation realizes <a shape="rect"
class="external-link"
href="http://en.wikipedia.org/wiki/Chain-of-responsibility_pattern";
rel="nofollow">chain of responsibility design pattern </a>.<br clear="none">
Each XKMS operation defines a handler interface and provides one or more
implementations of this interface. Handler implementations are connected into a
chain. <br clear="none"> Operation implementation invokes handlers one after
another from the pre-configured chain until either all handlers will be
processed or a critical error will occur. <br clear="none"> This design makes
the XKMS inte
rnal implementation quite flexible: it is easy to add/remove handlers, change
their order, introduce handlers supporting new backends, etc. <br clear="none">
For example, a certificate can be searched firstly in the LDAP repository by
LDAP lookup handler and, if it is not found there, additionally looked for in a
remote PKI using an appropriate lookup handler. Validation operation logic is
organized in a chain is well: first validation handler checks format and expiry
date of the X509 certificate, next one checks the certificate trust
chain.</p><p>Currently the XKMS Service supports simple file based and LDAP
backends.<br clear="none"> Sample spring configuration of XKMS handlers looks
like:</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
+<div id="ConfluenceContent"><h1
id="XMLKeyManagementService(XKMS)-XMLKeyManagementService(XKMS)">XML Key
Management Service (XKMS)</h1><p>Available since CXF 2.7.7.</p><h2
id="XMLKeyManagementService(XKMS)-Usecase">Use case</h2><p>CXF uses asymmetric
algorithms for different purposes: encryption of symmetric keys and payloads,
signing security tokens and messages, proof of possession, etc.<br
clear="none"> Normally the public keys (in the form of X509 certificates) are
stored in java keystores.</p><p>For example, if the sender encrypts the message
payload sending to the receiver, he should have access to the receiver
certificate saved in the local keystore. <br clear="none"> The sender uses this
certificate for message encryption and receiver decrypts the request with the
corresponding private key:</p><p><img class="confluence-embedded-image"
src="xml-key-management-service-xkms.data/classic-message-encryption.jpg"
data-image-src="/confluence/download/attachments/31820321/classic-me
ssage-encryption.jpg?version=1&modificationDate=1367422312000&api=v2"></p><p>Seems
to be OK? Imagine now that you have a production environment with 100
different clients of this service and the service certificate is expired. You
should reissue and replace the certificate in ALL client keystores! Even more,
if keystores are packaged into war files or OSGi bundles – they should be
unpackaged and updated. Not really acceptable for enterprise
environments.</p><p>Therefore large service landscapes support central
certificates management. It means that X509 certificates are not stored locally
in keystores, but are provided and administrated centrally.</p><p>Normally it
is a responsibility of <a shape="rect" class="external-link"
href="http://en.wikipedia.org/wiki/Public-key_infrastructure";
rel="nofollow">Public Key Infrastructure</a> (PKI) established in the
organization. PKI is responsible to create, manage, store, distribute,
synchronize and revoke public certificates an
d certification authorities (CAs).</p><h2
id="XMLKeyManagementService(XKMS)-XKMSSpecification">XKMS
Specification</h2><p>W3C specifies a protocol to distribute and register public
keys, certificates and CAs that can be used for XML-based cryptography,
including signature and encryption: <a shape="rect" class="external-link"
href="http://www.w3.org/TR/xkms2/"; rel="nofollow">XML Key Management
Specification</a> (XKMS 2.0). <br clear="none"> The XKMS Specification
comprises two parts – the XML Key Information Service Specification
(XKISS) describing the runtime aspects of key lookup and certificate
validation, and the XML Key Registration Service Specification (XKRSS)
describing the administrative aspects of registering, renewing, revoking and
recovering certificates. <br clear="none"> The XKMS Service implements both
parts of specification.</p><p>The XKMS SOAP interface can be used as a standard
frontend to access the Public Key Infrastructure (PKI). Using XKMS message
encryptio
n scenario, the message encryption picture will change in the following
way:</p><p><img class="confluence-embedded-image"
src="xml-key-management-service-xkms.data/classic-message-encryption-PKI-XKMS.jpg"
data-image-src="/confluence/download/attachments/31820321/classic-message-encryption-PKI-XKMS.jpg?version=1&modificationDate=1367579177000&api=v2"></p><p>Receiver
X509 certificate is not saved into sender's local keystore anymore. Instead,
certificate is stored into central PKI and can be located, validated and
administrated using standard XKMS interface. This essentially improves the
control on certificates in large services landscape.</p><p>Administrator can
update, renew and revoke certificates, manage certification authorities and
revocation lists.</p><h3
id="XMLKeyManagementService(XKMS)-IntegratingtheXKMSclientintotheCXFruntime">Integrating
the XKMS client into the CXF runtime</h3><p>The XKMS client can be integrated
into CXF and WSS4J in pretty elegant way using a cu
stom Crypto provider implementation. In this case, the XKMS service will be
automatically invoked when WSS4J asks for the certificates or validates them.
Details are described in this <a shape="rect" class="external-link"
href="http://ashakirin.blogspot.de/2013/04/cxf-security-getting-certificates-from.html";
rel="nofollow">blog</a>. A basic XKMS implementation of WSS4J Crypto interface
is available in XKMS Client component (XKMSCryptoProvider and
XKMSCryptoProviderFactory). Implementation uses Ehcache to cache certificates
received from XKMS service.</p><h3
id="XMLKeyManagementService(XKMS)-XKMSServiceDesign">XKMS Service
Design</h3><p>Internal structure of XKMS service is represented in the
following figure:</p><p><img class="confluence-embedded-image"
src="xml-key-management-service-xkms.data/XKMS-cxf.jpg"
data-image-src="/confluence/download/attachments/31820321/XKMS-cxf.jpg?version=1&modificationDate=1367497945000&api=v2"></p><p>The
XKMS Service exposes a SOAP interface
specified in <a shape="rect" class="external-link"
href="http://www.w3.org/TR/xkms2/"; rel="nofollow">XKMS 2.0</a>. <br
clear="none"> The XKMS implementation realizes <a shape="rect"
class="external-link"
href="http://en.wikipedia.org/wiki/Chain-of-responsibility_pattern";
rel="nofollow">chain of responsibility design pattern </a>.<br clear="none">
Each XKMS operation defines a handler interface and provides one or more
implementations of this interface. Handler implementations are connected into a
chain. <br clear="none"> Operation implementation invokes handlers one after
another from the pre-configured chain until either all handlers will be
processed or a critical error will occur. <br clear="none"> This design makes
the XKMS internal implementation quite flexible: it is easy to add/remove
handlers, change their order, introduce handlers supporting new backends, etc.
<br clear="none"> For example, a certificate can be searched firstly in the
LDAP repository by LDAP lookup handler
and, if it is not found there, additionally looked for in a remote PKI using
an appropriate lookup handler. Validation operation logic is organized in a
chain is well: first validation handler checks format and expiry date of the
X509 certificate, next one checks the certificate trust chain.</p><p>Currently
the XKMS Service supports simple file based and LDAP backends.<br clear="none">
Sample spring configuration of XKMS handlers looks like:</p><div class="code
panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false"
type="syntaxhighlighter"><![CDATA[<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:cxf="http://cxf.apache.org/core"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xmlns:test="http://apache.org/hello_world_soap_http"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Modified: websites/production/cxf/content/docs/xslt-feature.html
==============================================================================
--- websites/production/cxf/content/docs/xslt-feature.html (original)
+++ websites/production/cxf/content/docs/xslt-feature.html Fri Dec 19 19:09:46
2014
@@ -118,11 +118,11 @@ Apache CXF -- XSLT Feature
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><h1 id="XSLTFeature-XSLTFeature">XSLT
Feature</h1><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1396468201178 {padding: 0px;}
-div.rbtoc1396468201178 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1396468201178 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015806472 {padding: 0px;}
+div.rbtoc1419015806472 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015806472 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1396468201178">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015806472">
<ul class="toc-indentation"><li><a shape="rect"
href="#XSLTFeature-XSLTFeature">XSLT Feature</a></li><li><a shape="rect"
href="#XSLTFeature-WhenshouldIuseTransformationFeatureandwhenXSLTFeature?">When
should I use Transformation Feature and when XSLT Feature?</a></li><li><a
shape="rect" href="#XSLTFeature-Springconfiguration">Spring
configuration</a></li><li><a shape="rect"
href="#XSLTFeature-ConfiguringtheXSLTFeaturefromtheSpring/Bluepring">Configuring
the XSLT Feature from the Spring/Bluepring</a></li><li><a shape="rect"
href="#XSLTFeature-ConfiguringtheXSLTinterceptorsincode">Configuring the XSLT
interceptors in code</a></li><li><a shape="rect"
href="#XSLTFeature-XSLTinterceptorsandphases">XSLT interceptors and
phases</a></li><li><a shape="rect"
href="#XSLTFeature-Supportedmessagecontents">Supported message
contents</a></li></ul>
</div><p>The CXF XSLT Feature is alternative to <a shape="rect"
href="http://cxf.apache.org/docs/transformationfeature.html";>CXF Transformation
Feature</a> providing flexible way to do the dynamic transformations of XML
messages. <br clear="none"> XSLT Feature applies custom XSL transformations to
inbound and/or outbound messages.</p><h1
id="XSLTFeature-WhenshouldIuseTransformationFeatureandwhenXSLTFeature?">When
should I use Transformation Feature and when XSLT Feature?</h1><p>If only
trivial transformations must be done, it is recommended to use lightweight and
fast Transformation Feature. It covers the most use cases
as:</p><ul><li>dropping the namespace of the outbound
messages;</li><li>qualifying the incoming message;</li><li>changing
namespaces;</li><li>appending or dropping elements;</li><li>converting
attributes to elements.</li></ul><p>Transformation Feature is completely stream
oriented and work fast especially for large messages.</p><p>If you should apply
non-trivial tran
sformation, not supported by Transformation Feature - it is use case for XSLT
Feature. Here you can write any custom XSL Transformation and apply it to
inbound and/or outbound messages.<br clear="none"> As far as Xalan XSLT engine
is actually not completely stream oriented, XSLT Feature breaks streaming.
However it uses high-performance DTM (Document Table Model) instead complete
DOM model.<br clear="none"> Performance can be improved in the future by using
further versions of Xalan or other XSLT engines (like Saxon or STX oriented
Joost).</p><h1 id="XSLTFeature-Springconfiguration">Spring
configuration</h1><p>It is necessary to configure XSLT script for inbound
or/and outbound transformation. Example:</p><div class="code panel pdl"
style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false"
type="syntaxhighlighter"><![CDATA[ <bean id="xsltFeature"
class="org.apache.cxf.feature.transform.XSLTFeature">
Modified: websites/production/cxf/content/dosgi-architecture.html
==============================================================================
--- websites/production/cxf/content/dosgi-architecture.html (original)
+++ websites/production/cxf/content/dosgi-architecture.html Fri Dec 19 19:09:46
2014
@@ -111,13 +111,13 @@ Apache CXF -- DOSGi Architecture
-<span class="gliffy-container" id="gliffy-container-30965906-8953"
data-fullwidth="900" data-ceoid="30739778"
data-edit="${diagramEditLink.getLinkUrl()}"
data-full="/confluence/plugins/gliffy/viewer.action?inline=false&attachmentId=30965906&attachmentVersion=4&lastPage=%2Fpages%2Fviewpage.action%3FpageId%3D30739778"
data-filename="remote-services-spec">
+<span class="gliffy-container" id="gliffy-container-30965906-9557"
data-fullwidth="900" data-ceoid="30739778"
data-edit="${diagramEditLink.getLinkUrl()}"
data-full="/confluence/plugins/gliffy/viewer.action?inline=false&attachmentId=30965906&attachmentVersion=4&lastPage=%2Fpages%2Fviewpage.action%3FpageId%3D30739778"
data-filename="remote-services-spec">
- <map id="gliffy-map-30965906-6030" name="gliffy-map-30965906-6030"></map>
+ <map id="gliffy-map-30965906-8916" name="gliffy-map-30965906-8916"></map>
- <img class="gliffy-image" id="gliffy-image-30965906-8953" width="900"
height="480" data-full-width="900" data-full-height="480"
src="https://cwiki.apache.org/confluence/download/attachments/30739778/remote-services-spec.png?version=4&modificationDate=1362365433000&api=v2";
alt="remote-services-spec" usemap="#gliffy-map-30965906-6030">
+ <img class="gliffy-image" id="gliffy-image-30965906-9557" width="900"
height="480" data-full-width="900" data-full-height="480"
src="https://cwiki.apache.org/confluence/download/attachments/30739778/remote-services-spec.png?version=4&modificationDate=1362365433000&api=v2";
alt="remote-services-spec" usemap="#gliffy-map-30965906-8916">
- <map class="gliffy-dynamic" id="gliffy-dynamic-map-30965906-8953"
name="gliffy-dynamic-map-30965906-8953"></map>
+ <map class="gliffy-dynamic" id="gliffy-dynamic-map-30965906-9557"
name="gliffy-dynamic-map-30965906-9557"></map>
</span>
@@ -129,13 +129,13 @@ Apache CXF -- DOSGi Architecture
-<span class="gliffy-container" id="gliffy-container-30965903-9287"
data-fullwidth="897" data-ceoid="30739778"
data-edit="${diagramEditLink.getLinkUrl()}"
data-full="/confluence/plugins/gliffy/viewer.action?inline=false&attachmentId=30965903&attachmentVersion=2&lastPage=%2Fpages%2Fviewpage.action%3FpageId%3D30739778"
data-filename="remote-service-admin-spec">
+<span class="gliffy-container" id="gliffy-container-30965903-2990"
data-fullwidth="897" data-ceoid="30739778"
data-edit="${diagramEditLink.getLinkUrl()}"
data-full="/confluence/plugins/gliffy/viewer.action?inline=false&attachmentId=30965903&attachmentVersion=2&lastPage=%2Fpages%2Fviewpage.action%3FpageId%3D30739778"
data-filename="remote-service-admin-spec">
- <map id="gliffy-map-30965903-2292" name="gliffy-map-30965903-2292"></map>
+ <map id="gliffy-map-30965903-1731" name="gliffy-map-30965903-1731"></map>
- <img class="gliffy-image" id="gliffy-image-30965903-9287" width="897"
height="600" data-full-width="897" data-full-height="600"
src="https://cwiki.apache.org/confluence/download/attachments/30739778/remote-service-admin-spec.png?version=2&modificationDate=1362365400000&api=v2";
alt="remote-service-admin-spec" usemap="#gliffy-map-30965903-2292">
+ <img class="gliffy-image" id="gliffy-image-30965903-2990" width="897"
height="600" data-full-width="897" data-full-height="600"
src="https://cwiki.apache.org/confluence/download/attachments/30739778/remote-service-admin-spec.png?version=2&modificationDate=1362365400000&api=v2";
alt="remote-service-admin-spec" usemap="#gliffy-map-30965903-1731">
- <map class="gliffy-dynamic" id="gliffy-dynamic-map-30965903-9287"
name="gliffy-dynamic-map-30965903-9287"></map>
+ <map class="gliffy-dynamic" id="gliffy-dynamic-map-30965903-2990"
name="gliffy-dynamic-map-30965903-2990"></map>
</span>
@@ -167,13 +167,13 @@ Apache CXF -- DOSGi Architecture
-<span class="gliffy-container" id="gliffy-container-30965962-5943"
data-fullwidth="1217" data-ceoid="30739778"
data-edit="${diagramEditLink.getLinkUrl()}"
data-full="/confluence/plugins/gliffy/viewer.action?inline=false&attachmentId=30965962&attachmentVersion=4&lastPage=%2Fpages%2Fviewpage.action%3FpageId%3D30739778"
data-filename="cxf-dosgi-topology-manager">
+<span class="gliffy-container" id="gliffy-container-30965962-1059"
data-fullwidth="1217" data-ceoid="30739778"
data-edit="${diagramEditLink.getLinkUrl()}"
data-full="/confluence/plugins/gliffy/viewer.action?inline=false&attachmentId=30965962&attachmentVersion=4&lastPage=%2Fpages%2Fviewpage.action%3FpageId%3D30739778"
data-filename="cxf-dosgi-topology-manager">
- <map id="gliffy-map-30965962-2152" name="gliffy-map-30965962-2152"></map>
+ <map id="gliffy-map-30965962-5377" name="gliffy-map-30965962-5377"></map>
- <img class="gliffy-image" id="gliffy-image-30965962-5943" width="1217"
height="773" data-full-width="1217" data-full-height="773"
src="https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-topology-manager.png?version=4&modificationDate=1368712288000&api=v2";
alt="cxf-dosgi-topology-manager" usemap="#gliffy-map-30965962-2152">
+ <img class="gliffy-image" id="gliffy-image-30965962-1059" width="1217"
height="773" data-full-width="1217" data-full-height="773"
src="https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-topology-manager.png?version=4&modificationDate=1368712288000&api=v2";
alt="cxf-dosgi-topology-manager" usemap="#gliffy-map-30965962-5377">
- <map class="gliffy-dynamic" id="gliffy-dynamic-map-30965962-5943"
name="gliffy-dynamic-map-30965962-5943"></map>
+ <map class="gliffy-dynamic" id="gliffy-dynamic-map-30965962-1059"
name="gliffy-dynamic-map-30965962-1059"></map>
</span>
@@ -186,13 +186,13 @@ Apache CXF -- DOSGi Architecture
-<span class="gliffy-container" id="gliffy-container-30966000-1540"
data-fullwidth="1191" data-ceoid="30739778"
data-edit="${diagramEditLink.getLinkUrl()}"
data-full="/confluence/plugins/gliffy/viewer.action?inline=false&attachmentId=30966000&attachmentVersion=3&lastPage=%2Fpages%2Fviewpage.action%3FpageId%3D30739778"
data-filename="cxf-dosgi-discovery-distributed">
+<span class="gliffy-container" id="gliffy-container-30966000-8273"
data-fullwidth="1191" data-ceoid="30739778"
data-edit="${diagramEditLink.getLinkUrl()}"
data-full="/confluence/plugins/gliffy/viewer.action?inline=false&attachmentId=30966000&attachmentVersion=3&lastPage=%2Fpages%2Fviewpage.action%3FpageId%3D30739778"
data-filename="cxf-dosgi-discovery-distributed">
- <map id="gliffy-map-30966000-3487" name="gliffy-map-30966000-3487"></map>
+ <map id="gliffy-map-30966000-4520" name="gliffy-map-30966000-4520"></map>
- <img class="gliffy-image" id="gliffy-image-30966000-1540" width="1191"
height="1229" data-full-width="1191" data-full-height="1229"
src="https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-discovery-distributed.png?version=3&modificationDate=1362365313000&api=v2";
alt="cxf-dosgi-discovery-distributed" usemap="#gliffy-map-30966000-3487">
+ <img class="gliffy-image" id="gliffy-image-30966000-8273" width="1191"
height="1229" data-full-width="1191" data-full-height="1229"
src="https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-discovery-distributed.png?version=3&modificationDate=1362365313000&api=v2";
alt="cxf-dosgi-discovery-distributed" usemap="#gliffy-map-30966000-4520">
- <map class="gliffy-dynamic" id="gliffy-dynamic-map-30966000-1540"
name="gliffy-dynamic-map-30966000-1540"></map>
+ <map class="gliffy-dynamic" id="gliffy-dynamic-map-30966000-8273"
name="gliffy-dynamic-map-30966000-8273"></map>
</span>
@@ -205,13 +205,13 @@ Apache CXF -- DOSGi Architecture
-<span class="gliffy-container" id="gliffy-container-30966005-4805"
data-fullwidth="200" data-ceoid="30739778"
data-edit="${diagramEditLink.getLinkUrl()}"
data-full="/confluence/plugins/gliffy/viewer.action?inline=false&attachmentId=30966005&attachmentVersion=2&lastPage=%2Fpages%2Fviewpage.action%3FpageId%3D30739778"
data-filename="cxf-dosgi-remote-service-admin">
+<span class="gliffy-container" id="gliffy-container-30966005-7340"
data-fullwidth="200" data-ceoid="30739778"
data-edit="${diagramEditLink.getLinkUrl()}"
data-full="/confluence/plugins/gliffy/viewer.action?inline=false&attachmentId=30966005&attachmentVersion=2&lastPage=%2Fpages%2Fviewpage.action%3FpageId%3D30739778"
data-filename="cxf-dosgi-remote-service-admin">
- <map id="gliffy-map-30966005-4017" name="gliffy-map-30966005-4017"></map>
+ <map id="gliffy-map-30966005-2702" name="gliffy-map-30966005-2702"></map>
- <img class="gliffy-image" id="gliffy-image-30966005-4805" width="200"
height="200" data-full-width="200" data-full-height="200"
src="https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-remote-service-admin.png?version=2&modificationDate=1362364251000&api=v2";
alt="cxf-dosgi-remote-service-admin" usemap="#gliffy-map-30966005-4017">
+ <img class="gliffy-image" id="gliffy-image-30966005-7340" width="200"
height="200" data-full-width="200" data-full-height="200"
src="https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-remote-service-admin.png?version=2&modificationDate=1362364251000&api=v2";
alt="cxf-dosgi-remote-service-admin" usemap="#gliffy-map-30966005-2702">
- <map class="gliffy-dynamic" id="gliffy-dynamic-map-30966005-4805"
name="gliffy-dynamic-map-30966005-4805"></map>
+ <map class="gliffy-dynamic" id="gliffy-dynamic-map-30966005-7340"
name="gliffy-dynamic-map-30966005-7340"></map>
</span>
</div>
Modified: websites/production/cxf/content/dosgi-ds-demo-page.html
==============================================================================
--- websites/production/cxf/content/dosgi-ds-demo-page.html (original)
+++ websites/production/cxf/content/dosgi-ds-demo-page.html Fri Dec 19 19:09:46
2014
@@ -123,7 +123,7 @@ Declarative Services is similar to Sprin
<p>The service implementation and consumer bundle are built using DS.<br
clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/119430/dosgi_cxf_ds.png?version=1&modificationDate=1244095557000&api=v2";
data-image-src="/confluence/download/attachments/119430/dosgi_cxf_ds.png?version=1&modificationDate=1244095557000&api=v2"><br
clear="none">
+<img class="confluence-embedded-image"
src="dosgi-ds-demo-page.data/dosgi_cxf_ds.png"
data-image-src="/confluence/download/attachments/119430/dosgi_cxf_ds.png?version=1&modificationDate=1244095557000&api=v2"><br
clear="none">
The <a shape="rect" class="external-link"
href="http://svn.apache.org/repos/asf/cxf/dosgi/trunk/samples/ds/interface/src/main/java/org/apache/cxf/dosgi/samples/ds/AdderService.java";>Adder
Service interface</a> is as follows:</p>
<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent
panelContent pdl">
<script class="theme: Default; brush: java; gutter: false"
type="syntaxhighlighter"><![CDATA[public interface AdderService {
@@ -156,12 +156,12 @@ The <a shape="rect" class="external-link
<p>So let's install the server side in Equinox, together with the Equinox DS
implementation. You can do this from the Equinox command line, but in this
document I'll launch Equinox from within Eclipse (last tried with Eclipse
3.6).<br clear="none">
I'm starting off by importing the Single Bundle Distribution as a binary
project in Eclipse by going <em>File -> Import | Plug-ins and Fragments</em>
and then select the directory that contains the single bundle distribution JAR
file. My workspace now looks like this:<br clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/119430/start.JPG?version=2&modificationDate=1259940791000&api=v2";
data-image-src="/confluence/download/attachments/119430/start.JPG?version=2&modificationDate=1259940791000&api=v2"><br
clear="none">
+<img class="confluence-embedded-image" src="dosgi-ds-demo-page.data/start.JPG"
data-image-src="/confluence/download/attachments/119430/start.JPG?version=2&modificationDate=1259940791000&api=v2"><br
clear="none">
Next I'll create an OSGi Framework launch configuration that includes DS. To
do this</p>
<ol><li><em>deselect</em> the 'Target Platform' tickbox in the Eclipse Launch
configuration screen</li><li>select org.eclipse.equinox.ds</li><li>hit the 'Add
Required Bundles' button</li></ol>
-<p><img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/119430/launch.JPG?version=2&modificationDate=1259940791000&api=v2";
data-image-src="/confluence/download/attachments/119430/launch.JPG?version=2&modificationDate=1259940791000&api=v2"></p>
+<p><img class="confluence-embedded-image"
src="dosgi-ds-demo-page.data/launch.JPG"
data-image-src="/confluence/download/attachments/119430/launch.JPG?version=2&modificationDate=1259940791000&api=v2"></p>
<p>Now run the OSGi container, you will get a setup like this:</p>
<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent
panelContent pdl">
@@ -195,7 +195,7 @@ osgi> start 6
</div>
<p>At this point, the service should be available remotely, you can check this
by obtaining the WSDL:<br clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/119430/wsdl.JPG?version=1&modificationDate=1244095619000&api=v2";
data-image-src="/confluence/download/attachments/119430/wsdl.JPG?version=1&modificationDate=1244095619000&api=v2"></p>
+<img class="confluence-embedded-image" src="dosgi-ds-demo-page.data/wsdl.JPG"
data-image-src="/confluence/download/attachments/119430/wsdl.JPG?version=1&modificationDate=1244095619000&api=v2"></p>
<h2 id="DOSGiDSDemopage-TheAdderServiceConsumer">The Adder Service
Consumer</h2>
Modified: websites/production/cxf/content/dosgi-spring-dm-demo-page.html
==============================================================================
--- websites/production/cxf/content/dosgi-spring-dm-demo-page.html (original)
+++ websites/production/cxf/content/dosgi-spring-dm-demo-page.html Fri Dec 19
19:09:46 2014
@@ -119,7 +119,7 @@ Apache CXF -- DOSGi Spring-DM Demo page
<ul><li>The demo interface bundle providing the Dinner Service
interface.</li><li>The Dinner Service implementation bundle.</li><li>The Dinner
Service consumer bundle.</li></ul>
-<p><img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/119322/dosgi_cxf_springdm.png?version=1&modificationDate=1244017745000&api=v2";
data-image-src="/confluence/download/attachments/119322/dosgi_cxf_springdm.png?version=1&modificationDate=1244017745000&api=v2"></p>
+<p><img class="confluence-embedded-image"
src="dosgi-spring-dm-demo-page.data/dosgi_cxf_springdm.png"
data-image-src="/confluence/download/attachments/119322/dosgi_cxf_springdm.png?version=1&modificationDate=1244017745000&api=v2"></p>
<p>The <a shape="rect" class="external-link"
href="http://svn.apache.org/repos/asf/cxf/dosgi/trunk/samples/spring_dm/interface/src/main/java/org/apache/cxf/dosgi/samples/springdm/DinnerService.java";>Dinner
Service interface</a> is as follows:</p>
<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent
panelContent pdl">
@@ -164,7 +164,7 @@ START LEVEL 32
</div></div>
<p>At this point the service should be available. You can check this by
obtaining the WSDL:</p>
-<p><img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/119322/spring-dm-wsdl.jpeg?version=1&modificationDate=1244017759000&api=v2";
data-image-src="/confluence/download/attachments/119322/spring-dm-wsdl.jpeg?version=1&modificationDate=1244017759000&api=v2"></p>
+<p><img class="confluence-embedded-image"
src="dosgi-spring-dm-demo-page.data/spring-dm-wsdl.jpeg"
data-image-src="/confluence/download/attachments/119322/spring-dm-wsdl.jpeg?version=1&modificationDate=1244017759000&api=v2"></p>
<h2 id="DOSGiSpring-DMDemopage-TheDinnerServiceConsumer">The Dinner Service
Consumer</h2>
<p>As on the remote service provider side, the service consumer is also
created using spring. Spring creates a <a shape="rect" class="external-link"
href="http://svn.apache.org/repos/asf/cxf/dosgi/trunk/samples/spring_dm/client/src/main/java/org/apache/cxf/dosgi/samples/springdm/client/DinnerServiceConsumer.java";>DinnerServiceConsumer</a>
bean which is injected with the a proxy to the remote DinnerService. The
injection is all done by Spring, which makes the code extremely simple. When
Spring is done injecting, it calls the <code>start()</code> method where the
remote service is used. </p>
Modified: websites/production/cxf/content/faq.html
==============================================================================
--- websites/production/cxf/content/faq.html (original)
+++ websites/production/cxf/content/faq.html Fri Dec 19 19:09:46 2014
@@ -110,11 +110,11 @@ Apache CXF -- FAQ
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><h1 id="FAQ-FrequentlyAskedQuestions">Frequently
Asked Questions</h1><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1410835613579 {padding: 0px;}
-div.rbtoc1410835613579 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1410835613579 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1419015910145 {padding: 0px;}
+div.rbtoc1419015910145 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1419015910145 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1410835613579">
+/*]]>*/</style></p><div class="toc-macro rbtoc1419015910145">
<ul class="toc-indentation"><li><a shape="rect" href="#FAQ-General">General</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#FAQ-CanCXFrunwithJDK1.8/Java8?">Can CXF run with JDK 1.8/Java
8?</a></li><li><a shape="rect" href="#FAQ-CanCXFrunwithJDK1.7/Java7?">Can CXF
run with JDK 1.7/Java 7?</a></li><li><a shape="rect"
href="#FAQ-CanCXFrunwithJDK1.6?">Can CXF run with JDK 1.6?</a></li><li><a
shape="rect" href="#FAQ-CanCXFrunwithouttheSunreferenceSAAJimplementation?">Can
CXF run without the Sun reference SAAJ implementation?</a></li><li><a
shape="rect"
href="#FAQ-AretherecommercialofferingsofCXFthatprovideservices,support,andadditionalfeatures?">Are
there commercial offerings of CXF that provide services, support, and
additional features?</a></li><li><a shape="rect"
href="#FAQ-IsthereanApacheCXFcertificationprogram?">Is there an Apache CXF
certification program?</a></li></ul>
</li><li><a shape="rect" href="#FAQ-JAX-WSRelated">JAX-WS Related</a>
Modified: websites/production/cxf/content/fediz-architecture.html
==============================================================================
--- websites/production/cxf/content/fediz-architecture.html (original)
+++ websites/production/cxf/content/fediz-architecture.html Fri Dec 19 19:09:46
2014
@@ -110,7 +110,7 @@ The IDP component leverages the STS capa
An browser first access the Web Application (RP) which redirects the browser
to the IDP as the requestor is not authenticated. The IDP authenticates the
user and requests a security token based on the requirements by the RP. The
security token is "redirected" to the RP which validates the token and creates
a session in the RP.</p>
-<p><img class="confluence-embedded-image image-center"
src="https://cwiki.apache.org/confluence/download/attachments/27849062/Fediz_Highlevel.png?version=1&modificationDate=1339179408000&api=v2";
data-image-src="/confluence/download/attachments/27849062/Fediz_Highlevel.png?version=1&modificationDate=1339179408000&api=v2"></p>
+<p><img class="confluence-embedded-image image-center"
src="fediz-architecture.data/Fediz_Highlevel.png"
data-image-src="/confluence/download/attachments/27849062/Fediz_Highlevel.png?version=1&modificationDate=1339179408000&api=v2"></p>
<p>Fediz provides the following components to implement Web SSO based on
WS-Federation (red background):</p>
@@ -132,7 +132,7 @@ Fediz ships examples to illustrate how t
<p>This section describes and illustrates the message flow between the browser
and the application and IDP in more detail.</p>
-<p><img class="confluence-embedded-image image-center"
src="https://cwiki.apache.org/confluence/download/attachments/27849062/Fediz_Detailed.png?version=1&modificationDate=1339179408000&api=v2";
data-image-src="/confluence/download/attachments/27849062/Fediz_Detailed.png?version=1&modificationDate=1339179408000&api=v2"></p>
+<p><img class="confluence-embedded-image image-center"
src="fediz-architecture.data/Fediz_Detailed.png"
data-image-src="/confluence/download/attachments/27849062/Fediz_Detailed.png?version=1&modificationDate=1339179408000&api=v2"></p>
<p>The browser accesses the web application (1). It is then redirected to
IDP/STS if no token or cookie is supplied in the request (2). This redirection
process may require prompting the user (3) to authenticate himself (4). The
IDP/STS issues a signed SAML 2.0 security token (WS-Federation doesn’t
mandate <a shape="rect" class="external-link"
href="http://saml.xml.org/saml-specifications"; rel="nofollow">SAML</a>). The
IDP "redirects" (5/6) the user to the application server including the SAML
token. The application server verifies the signature of the SAML token. There
is a trust relationship between the application server and the IDP/STS which
doesn't require network connectivity between the application server and the
IDP/STS (Cloud!). After successful validation, a session is created and the
corresponding cookie is set on the browser (7). Finally, the request is
dispatched to the application.</p>
Modified: websites/production/cxf/content/fediz-websphere.html
==============================================================================
--- websites/production/cxf/content/fediz-websphere.html (original)
+++ websites/production/cxf/content/fediz-websphere.html Fri Dec 19 19:09:46
2014
@@ -163,10 +163,10 @@ At deployment time, the declared J2EE se
<h5 id="FedizWebsphere-WebApplicationconfiguration">Web Application
configuration</h5>
<ol><li>Open the Administative Console with Administrator privileges and
navigate to Security / Global security</li><li>Ensure Application security is
enabled<br clear="none">
- <img class="confluence-embedded-image confluence-content-image-border"
width="800"
src="https://cwiki.apache.org/confluence/download/attachments/33292561/GlobalSec.png?version=1&modificationDate=1378468360000&api=v2";
data-image-src="/confluence/download/attachments/33292561/GlobalSec.png?version=1&modificationDate=1378468360000&api=v2"></li><li>Navigate
to <em>Security / Global security / Web and SIP security</em> and select
<strong>Trust association</strong><br clear="none">
- <img class="confluence-embedded-image confluence-content-image-border"
width="800"
src="https://cwiki.apache.org/confluence/download/attachments/33292561/trust-association.png?version=1&modificationDate=1378468952000&api=v2";
data-image-src="/confluence/download/attachments/33292561/trust-association.png?version=1&modificationDate=1378468952000&api=v2"></li><li>Check
the <strong>Enable trust association</strong> check box</li><li>Select
Interceptors<br clear="none">
- <img class="confluence-embedded-image confluence-content-image-border"
width="800"
src="https://cwiki.apache.org/confluence/download/attachments/33292561/enable-trust-assoc.png?version=1&modificationDate=1378811183000&api=v2";
data-image-src="/confluence/download/attachments/33292561/enable-trust-assoc.png?version=1&modificationDate=1378811183000&api=v2"></li><li>Click
on New and specify the Interceptor class name as
<code>org.apache.cxf.fediz.was.tai.FedizInterceptor</code><br clear="none">
- <img class="confluence-embedded-image confluence-content-image-border"
width="800"
src="https://cwiki.apache.org/confluence/download/attachments/33292561/create-interceptor.png?version=1&modificationDate=1378811156000&api=v2";
data-image-src="/confluence/download/attachments/33292561/create-interceptor.png?version=1&modificationDate=1378811156000&api=v2"></li></ol>
+ <img class="confluence-embedded-image confluence-content-image-border"
width="800" src="fediz-websphere.data/GlobalSec.png"
data-image-src="/confluence/download/attachments/33292561/GlobalSec.png?version=1&modificationDate=1378468360000&api=v2"></li><li>Navigate
to <em>Security / Global security / Web and SIP security</em> and select
<strong>Trust association</strong><br clear="none">
+ <img class="confluence-embedded-image confluence-content-image-border"
width="800" src="fediz-websphere.data/trust-association.png"
data-image-src="/confluence/download/attachments/33292561/trust-association.png?version=1&modificationDate=1378468952000&api=v2"></li><li>Check
the <strong>Enable trust association</strong> check box</li><li>Select
Interceptors<br clear="none">
+ <img class="confluence-embedded-image confluence-content-image-border"
width="800" src="fediz-websphere.data/enable-trust-assoc.png"
data-image-src="/confluence/download/attachments/33292561/enable-trust-assoc.png?version=1&modificationDate=1378811183000&api=v2"></li><li>Click
on New and specify the Interceptor class name as
<code>org.apache.cxf.fediz.was.tai.FedizInterceptor</code><br clear="none">
+ <img class="confluence-embedded-image confluence-content-image-border"
width="800" src="fediz-websphere.data/create-interceptor.png"
data-image-src="/confluence/download/attachments/33292561/create-interceptor.png?version=1&modificationDate=1378811156000&api=v2"></li></ol>
<div class="table-wrap"><table class="confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Property </p></th><th
colspan="1" rowspan="1" class="confluenceTh"><p>Value</p></th></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"><p>config.file.location
</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>Specify the path
to the fediz-config.xml file</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p>role.group.mapper </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Specify the class of the Role to Group Mapper<br
clear="none">
Modified: websites/production/cxf/content/logo-contest.html
==============================================================================
--- websites/production/cxf/content/logo-contest.html (original)
+++ websites/production/cxf/content/logo-contest.html Fri Dec 19 19:09:46 2014
@@ -103,7 +103,7 @@ Apache CXF -- Logo Contest
<p>This page is a working draft. No contest has started yet.</p>
</div></div>
<h1 id="LogoContest-ApacheCXFLogoContest">Apache CXF Logo Contest</h1>
-<p><img class="confluence-embedded-image image-left"
src="https://cwiki.apache.org/confluence/download/attachments/2327185/paint_200x150.png?version=1&modificationDate=1247752598000&api=v2";
data-image-src="/confluence/download/attachments/2327185/paint_200x150.png?version=1&modificationDate=1247752598000&api=v2"><br
clear="none">
+<p><img class="confluence-embedded-image image-left"
src="logo-contest.data/paint_200x150.png"
data-image-src="/confluence/download/attachments/2327185/paint_200x150.png?version=1&modificationDate=1247752598000&api=v2"><br
clear="none">
<strong>Submissions accepted through TBD</strong><br clear="none">
<strong>Round 1 Voting runs from TBD through TBD</strong><br clear="none">
<strong>Round 2 Voting runs from TBD through TBD</strong><br clear="none">
Modified: websites/production/cxf/content/security-advisories.html
==============================================================================
--- websites/production/cxf/content/security-advisories.html (original)
+++ websites/production/cxf/content/security-advisories.html Fri Dec 19
19:09:46 2014
@@ -99,7 +99,7 @@ Apache CXF -- Security Advisories
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h3
id="SecurityAdvisories-2014">2014</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2014-3566.txt.asc?version=1&modificationDate=1418740474042&api=v2">Note
on CVE-2014-3566</a>: SSL 3.0 support in Apache CXF, aka the "POODLE"
attack.</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-3623.txt.asc?version=1&modificationDate=1414169368000&api=v2">CVE-2014-3623</a>:
Apache CXF does not properly enforce the security semantics of SAML
SubjectConfirmation methods when used with the TransportBinding</li><li><a
shape="rect"
href="security-advisories.data/CVE-2014-3584.txt.asc?version=1&modificationDate=1414169326000&api=v2">CVE-2014-3584</a>:
Apache CXF JAX-RS SAML handling is vulnerable to a Denial of Service (DoS)
attack</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-0109.txt.asc?version=1&modificationDate=1398873370000&api=v2">CVE-2014-0109</a>:
HTML content posted to SOAP endpoint
could cause OOM errors</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-0110.txt.asc?version=1&modificationDate=1398873378000&api=v2">CVE-2014-0110</a>:
Large invalid content could cause temporary space to fill</li><li><a
shape="rect"
href="security-advisories.data/CVE-2014-0034.txt.asc?version=1&modificationDate=1398873385000&api=v2">CVE-2014-0034</a>:
The SecurityTokenService accepts certain invalid SAML Tokens as
valid</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-0035.txt.asc?version=1&modificationDate=1398873391000&api=v2">CVE-2014-0035</a>:
UsernameTokens are sent in plaintext with a Symmetric EncryptBeforeSigning
policy</li></ul><h3 id="SecurityAdvisories-2013">2013</h3><ul><li><a
shape="rect"
href="security-advisories.data/CVE-2013-2160.txt.asc?version=1&modificationDate=1372324301000&api=v2">CVE-2013-2160</a>
- Denial of Service Attacks on Apache CXF</li><li><a shape="rect"
href="cve-2012-5575.html">Note on CV
E-2012-5575</a> - XML Encryption backwards compatibility attack on Apache
CXF.</li><li><a shape="rect" href="cve-2013-0239.html">CVE-2013-0239</a> -
Authentication bypass in the case of WS-SecurityPolicy enabled plaintext
UsernameTokens.</li></ul><h3 id="SecurityAdvisories-2012">2012</h3><ul><li><a
shape="rect" href="cve-2012-5633.html">CVE-2012-5633</a> - WSS4JInInterceptor
always allows HTTP Get requests from browser.</li><li><a shape="rect"
href="note-on-cve-2011-2487.html">Note on CVE-2011-2487</a> - Bleichenbacher
attack against distributed symmetric key in WS-Security.</li><li><a
shape="rect" href="cve-2012-3451.html">CVE-2012-3451</a> - Apache CXF is
vulnerable to SOAP Action spoofing attacks on Document Literal web
services.</li><li><a shape="rect" href="cve-2012-2379.html">CVE-2012-2379</a> -
Apache CXF does not verify that elements were signed or encrypted by a
particular Supporting Token.</li><li><a shape="rect"
href="cve-2012-2378.html">CVE-2012-2378</a> - Apache CXF doe
s not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken
policy assertions on the client side.</li><li><a shape="rect"
href="note-on-cve-2011-1096.html">Note on CVE-2011-1096</a> - XML Encryption
flaw / Character pattern encoding attack.</li><li><a shape="rect"
href="cve-2012-0803.html">CVE-2012-0803</a> - Apache CXF does not validate
UsernameToken policies correctly.</li></ul><h3
id="SecurityAdvisories-2010">2010</h3><ul><li><a shape="rect"
class="external-link"
href="http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf";>CVE-2010-2076</a>
- DTD based XML attacks.</li></ul></div>
+<div id="ConfluenceContent"><h3
id="SecurityAdvisories-2014">2014</h3><ul><li><a shape="rect"
href="security-advisories.data/CVE-2014-3566.txt.asc?version=1&modificationDate=1418740474000&api=v2">Note
on CVE-2014-3566</a>: SSL 3.0 support in Apache CXF, aka the "POODLE"
attack.</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-3623.txt.asc?version=1&modificationDate=1414169368000&api=v2">CVE-2014-3623</a>:
Apache CXF does not properly enforce the security semantics of SAML
SubjectConfirmation methods when used with the TransportBinding</li><li><a
shape="rect"
href="security-advisories.data/CVE-2014-3584.txt.asc?version=1&modificationDate=1414169326000&api=v2">CVE-2014-3584</a>:
Apache CXF JAX-RS SAML handling is vulnerable to a Denial of Service (DoS)
attack</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-0109.txt.asc?version=1&modificationDate=1398873370000&api=v2">CVE-2014-0109</a>:
HTML content posted to SOAP endpoint
could cause OOM errors</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-0110.txt.asc?version=1&modificationDate=1398873378000&api=v2">CVE-2014-0110</a>:
Large invalid content could cause temporary space to fill</li><li><a
shape="rect"
href="security-advisories.data/CVE-2014-0034.txt.asc?version=1&modificationDate=1398873385000&api=v2">CVE-2014-0034</a>:
The SecurityTokenService accepts certain invalid SAML Tokens as
valid</li><li><a shape="rect"
href="security-advisories.data/CVE-2014-0035.txt.asc?version=1&modificationDate=1398873391000&api=v2">CVE-2014-0035</a>:
UsernameTokens are sent in plaintext with a Symmetric EncryptBeforeSigning
policy</li></ul><h3 id="SecurityAdvisories-2013">2013</h3><ul><li><a
shape="rect"
href="security-advisories.data/CVE-2013-2160.txt.asc?version=1&modificationDate=1372324301000&api=v2">CVE-2013-2160</a>
- Denial of Service Attacks on Apache CXF</li><li><a shape="rect"
href="cve-2012-5575.html">Note on CV
E-2012-5575</a> - XML Encryption backwards compatibility attack on Apache
CXF.</li><li><a shape="rect" href="cve-2013-0239.html">CVE-2013-0239</a> -
Authentication bypass in the case of WS-SecurityPolicy enabled plaintext
UsernameTokens.</li></ul><h3 id="SecurityAdvisories-2012">2012</h3><ul><li><a
shape="rect" href="cve-2012-5633.html">CVE-2012-5633</a> - WSS4JInInterceptor
always allows HTTP Get requests from browser.</li><li><a shape="rect"
href="note-on-cve-2011-2487.html">Note on CVE-2011-2487</a> - Bleichenbacher
attack against distributed symmetric key in WS-Security.</li><li><a
shape="rect" href="cve-2012-3451.html">CVE-2012-3451</a> - Apache CXF is
vulnerable to SOAP Action spoofing attacks on Document Literal web
services.</li><li><a shape="rect" href="cve-2012-2379.html">CVE-2012-2379</a> -
Apache CXF does not verify that elements were signed or encrypted by a
particular Supporting Token.</li><li><a shape="rect"
href="cve-2012-2378.html">CVE-2012-2378</a> - Apache CXF doe
s not pick up some child policies of WS-SecurityPolicy 1.1 SupportingToken
policy assertions on the client side.</li><li><a shape="rect"
href="note-on-cve-2011-1096.html">Note on CVE-2011-1096</a> - XML Encryption
flaw / Character pattern encoding attack.</li><li><a shape="rect"
href="cve-2012-0803.html">CVE-2012-0803</a> - Apache CXF does not validate
UsernameToken policies correctly.</li></ul><h3
id="SecurityAdvisories-2010">2010</h3><ul><li><a shape="rect"
class="external-link"
href="http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf";>CVE-2010-2076</a>
- DTD based XML attacks.</li></ul></div>
</div>
<!-- Content -->
</td>
Modified:
websites/production/cxf/content/setting-up-eclipse-for-running-and-debugging-distributed-osgi.html
==============================================================================
---
websites/production/cxf/content/setting-up-eclipse-for-running-and-debugging-distributed-osgi.html
(original)
+++
websites/production/cxf/content/setting-up-eclipse-for-running-and-debugging-distributed-osgi.html
Fri Dec 19 19:09:46 2014
@@ -103,25 +103,25 @@ Apache CXF -- Setting up Eclipse for Run
<p>1. Import the CXF DOSGi bundles and dependencies as plugins into the
workspace<br clear="none">
Go to File | Import and select Plugin-ins and Fragments.<br clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/105935/import.jpg?version=1&modificationDate=1230020161000&api=v2";
data-image-src="/confluence/download/attachments/105935/import.jpg?version=1&modificationDate=1230020161000&api=v2"></p>
+<img class="confluence-embedded-image"
src="setting-up-eclipse-for-running-and-debugging-distributed-osgi.data/import.jpg"
data-image-src="/confluence/download/attachments/105935/import.jpg?version=1&modificationDate=1230020161000&api=v2"></p>
<p>2. select the directory that contains all the bundles of the distribution.
For the <strong>multi-bundle</strong> distribution go to
<code>.../dosgi_bundles</code> location of the distribution. For the
<strong>single-bundle</strong> distribution go to the location that contains
the <code>cxf-dosgi-ri-singlebundle-distribution-<version>.jar</code>
bundle.<br clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/105935/select.jpg?version=1&modificationDate=1230020249000&api=v2";
data-image-src="/confluence/download/attachments/105935/select.jpg?version=1&modificationDate=1230020249000&api=v2"><br
clear="none">
+<img class="confluence-embedded-image"
src="setting-up-eclipse-for-running-and-debugging-distributed-osgi.data/select.jpg"
data-image-src="/confluence/download/attachments/105935/select.jpg?version=1&modificationDate=1230020249000&api=v2"><br
clear="none">
Simply add all the bundles found in this location.</p>
<p>3. now you have all the bundles imported in Eclipse and can start
developing your distributed OSGi application.<br clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/105935/done.jpg?version=1&modificationDate=1230020249000&api=v2";
data-image-src="/confluence/download/attachments/105935/done.jpg?version=1&modificationDate=1230020249000&api=v2"></p>
+<img class="confluence-embedded-image"
src="setting-up-eclipse-for-running-and-debugging-distributed-osgi.data/done.jpg"
data-image-src="/confluence/download/attachments/105935/done.jpg?version=1&modificationDate=1230020249000&api=v2"></p>
<p>4. Develop your Distributed OSGi application. <br clear="none">
<a shape="rect"
href="developing-a-distributed-osgi-application-in-eclipse.html">Here's how you
develop a Distributed OSGi app in Eclipse</a></p>
<p>5. Launch the whole lot in Equinox. If you do this in debug mode you can
set breakpoints in you DOSGi code, step through it etc.<br clear="none">
To do this, create a new OSGi Framework Launch configuration. Select all the
bundles in the workspace but <strong>deselect all the bundles of the Target
Platform</strong> (otherwise you get all of the Eclipse bundles launched, which
is probably not what you want). Then hit the 'Add Required Bundles' button to
just select the ones you need.<br clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/105935/launch_config.jpg?version=1&modificationDate=1230022097000&api=v2";
data-image-src="/confluence/download/attachments/105935/launch_config.jpg?version=1&modificationDate=1230022097000&api=v2"><br
clear="none">
+<img class="confluence-embedded-image"
src="setting-up-eclipse-for-running-and-debugging-distributed-osgi.data/launch_config.jpg"
data-image-src="/confluence/download/attachments/105935/launch_config.jpg?version=1&modificationDate=1230022097000&api=v2"><br
clear="none">
And click Debug (or Run) to launch.</p>
<p>6. Once started you can check that your OSGi service is actually remoted
you can request it's WSDL. The one for the Temperature Service developed above
looks like this:<br clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/105935/wsdl.jpg?version=1&modificationDate=1230022097000&api=v2";
data-image-src="/confluence/download/attachments/105935/wsdl.jpg?version=1&modificationDate=1230022097000&api=v2"></p></div>
+<img class="confluence-embedded-image"
src="setting-up-eclipse-for-running-and-debugging-distributed-osgi.data/wsdl.jpg"
data-image-src="/confluence/download/attachments/105935/wsdl.jpg?version=1&modificationDate=1230022097000&api=v2"></p></div>
</div>
<!-- Content -->
</td>
Modified: websites/production/cxf/content/using-ws-policy-in-cxf-projects.html
==============================================================================
--- websites/production/cxf/content/using-ws-policy-in-cxf-projects.html
(original)
+++ websites/production/cxf/content/using-ws-policy-in-cxf-projects.html Fri
Dec 19 19:09:46 2014
@@ -224,7 +224,7 @@ CXF automatically recognizes the asserti
<h1 id="UsingWS-PolicyinCXFprojects-HowandwhereCXFprocessespolicies">How and
where CXF processes policies</h1>
<p>As I already mentioned, CXF provides two interceptors:
org.apache.cxf.ws.policy.PolicyInInterceptor and
org.apache.cxf.ws.policy.PolicyOutInterceptor. These interceptors are
responsible to load policy from destination, parse, merge them and add all
associated interceptors into message interceptor chain. Functionality of policy
interceptors are represented on the following figure:<br clear="none">
-<img class="confluence-embedded-image"
src="https://cwiki.apache.org/confluence/download/attachments/27838786/cxf-ws-policies.jpg?version=2&modificationDate=1331119722000&api=v2";
data-image-src="/confluence/download/attachments/27838786/cxf-ws-policies.jpg?version=2&modificationDate=1331119722000&api=v2"></p>
+<img class="confluence-embedded-image"
src="using-ws-policy-in-cxf-projects.data/cxf-ws-policies.jpg"
data-image-src="/confluence/download/attachments/27838786/cxf-ws-policies.jpg?version=2&modificationDate=1331119722000&api=v2"></p>
<p>Briefly, policy interceptors make following steps:</p>
<ol><li>Check message property
<em>PolicyConstants.POLICY_OVERRIDE</em>.</li><li>If
<em>PolicyConstants.POLICY_OVERRIDE</em> contains policy, it will be taken for
further processing.</li><li>If property is empty, policy will be asked from
ServiceModel. Here CXF loads policies attached to WSDL or provided via Spring
configuration.</li><li>If any policy on step 2 or step 3 is found,
<em>EffectivePolicy</em> will be created. Appropriate WS-policies will be
merged for the current message and built into Neethi <em>Policy</em>
object.</li><li>All interceptors registered for result policy assertions will
be added to message interceptor chain.</li></ol>
![https://cwiki.apache.org/confluence/download/attachments/70534/jconsole_connect2.png?version=1&modificationDate=1194657533000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/70534/jconsole_connect2.png?version=1&modificationDate=1194657533000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/70534/jconsole_service_endpoint.png?version=1&modificationDate=1194657339000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/70534/jconsole_service_endpoint.png?version=1&modificationDate=1194657339000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/31820321/classic-message-encryption-PKI-XKMS.jpg?version=1&modificationDate=1367579177000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/31820321/classic-message-encryption-PKI-XKMS.jpg?version=1&modificationDate=1367579177000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/30739778/remote-services-spec.png?version=4&modificationDate=1362365433000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/30739778/remote-services-spec.png?version=4&modificationDate=1362365433000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/30739778/remote-service-admin-spec.png?version=2&modificationDate=1362365400000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/30739778/remote-service-admin-spec.png?version=2&modificationDate=1362365400000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-topology-manager.png?version=4&modificationDate=1368712288000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-topology-manager.png?version=4&modificationDate=1368712288000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-discovery-distributed.png?version=3&modificationDate=1362365313000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-discovery-distributed.png?version=3&modificationDate=1362365313000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-remote-service-admin.png?version=2&modificationDate=1362364251000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/30739778/cxf-dosgi-remote-service-admin.png?version=2&modificationDate=1362364251000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/119430/dosgi_cxf_ds.png?version=1&modificationDate=1244095557000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/119430/dosgi_cxf_ds.png?version=1&modificationDate=1244095557000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/119430/start.JPG?version=2&modificationDate=1259940791000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/119430/start.JPG?version=2&modificationDate=1259940791000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/119430/launch.JPG?version=2&modificationDate=1259940791000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/119430/launch.JPG?version=2&modificationDate=1259940791000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/119430/wsdl.JPG?version=1&modificationDate=1244095619000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/119430/wsdl.JPG?version=1&modificationDate=1244095619000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/119322/dosgi_cxf_springdm.png?version=1&modificationDate=1244017745000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/119322/dosgi_cxf_springdm.png?version=1&modificationDate=1244017745000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/119322/spring-dm-wsdl.jpeg?version=1&modificationDate=1244017759000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/119322/spring-dm-wsdl.jpeg?version=1&modificationDate=1244017759000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/27849062/Fediz_Highlevel.png?version=1&modificationDate=1339179408000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/27849062/Fediz_Highlevel.png?version=1&modificationDate=1339179408000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/27849062/Fediz_Detailed.png?version=1&modificationDate=1339179408000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/27849062/Fediz_Detailed.png?version=1&modificationDate=1339179408000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/33292561/GlobalSec.png?version=1&modificationDate=1378468360000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/33292561/GlobalSec.png?version=1&modificationDate=1378468360000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/33292561/trust-association.png?version=1&modificationDate=1378468952000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/33292561/trust-association.png?version=1&modificationDate=1378468952000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/33292561/enable-trust-assoc.png?version=1&modificationDate=1378811183000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/33292561/enable-trust-assoc.png?version=1&modificationDate=1378811183000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/33292561/create-interceptor.png?version=1&modificationDate=1378811156000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/33292561/create-interceptor.png?version=1&modificationDate=1378811156000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/2327185/paint_200x150.png?version=1&modificationDate=1247752598000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/2327185/paint_200x150.png?version=1&modificationDate=1247752598000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/105935/import.jpg?version=1&modificationDate=1230020161000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/105935/import.jpg?version=1&modificationDate=1230020161000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/105935/select.jpg?version=1&modificationDate=1230020249000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/105935/select.jpg?version=1&modificationDate=1230020249000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/105935/done.jpg?version=1&modificationDate=1230020249000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/105935/done.jpg?version=1&modificationDate=1230020249000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/105935/launch_config.jpg?version=1&modificationDate=1230022097000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/105935/launch_config.jpg?version=1&modificationDate=1230022097000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/105935/wsdl.jpg?version=1&modificationDate=1230022097000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/105935/wsdl.jpg?version=1&modificationDate=1230022097000&api=v2"){kind=link}
![https://cwiki.apache.org/confluence/download/attachments/27838786/cxf-ws-policies.jpg?version=2&modificationDate=1331119722000&api=v2"](https://cwiki.apache.org/confluence/download/attachments/27838786/cxf-ws-policies.jpg?version=2&modificationDate=1331119722000&api=v2"){kind=link}