Author: buildbot Date: Wed Mar 27 11:57:44 2019 New Revision: 1042602 Log: Production update by buildbot for cxf
Modified: websites/production/cxf/content/cache/docs.pageCache websites/production/cxf/content/docs/jax-rs-http-signature.html websites/production/cxf/content/docs/secure-jax-rs-services.html Modified: websites/production/cxf/content/cache/docs.pageCache ============================================================================== Binary files - no diff available. Modified: websites/production/cxf/content/docs/jax-rs-http-signature.html ============================================================================== --- websites/production/cxf/content/docs/jax-rs-http-signature.html (original) +++ websites/production/cxf/content/docs/jax-rs-http-signature.html Wed Mar 27 11:57:44 2019 @@ -118,11 +118,11 @@ Apache CXF -- JAX-RS HTTP Signature <!-- Content --> <div class="wiki-content"> <div id="ConfluenceContent"><p><style type="text/css">/*<![CDATA[*/ -div.rbtoc1553637438716 {padding: 0px;} -div.rbtoc1553637438716 ul {list-style: disc;margin-left: 0px;} -div.rbtoc1553637438716 li {margin-left: 0px;padding-left: 0px;} +div.rbtoc1553687826736 {padding: 0px;} +div.rbtoc1553687826736 ul {list-style: disc;margin-left: 0px;} +div.rbtoc1553687826736 li {margin-left: 0px;padding-left: 0px;} -/*]]>*/</style></p><div class="toc-macro rbtoc1553637438716"> +/*]]>*/</style></p><div class="toc-macro rbtoc1553687826736"> <ul class="toc-indentation"><li><a shape="rect" href="#JAX-RSHTTPSignature-Introduction">Introduction</a></li><li><a shape="rect" href="#JAX-RSHTTPSignature-MavenDependencies">Maven Dependencies</a></li><li><a shape="rect" href="#JAX-RSHTTPSignature-HTTPSignatureoverviewandImplementation">HTTP Signature overview and Implementation</a></li><li><a shape="rect" href="#JAX-RSHTTPSignature-Configuration">Configuration</a></li></ul> </div><h1 id="JAX-RSHTTPSignature-Introduction">Introduction</h1><p>CXF adds support for the <a shape="rect" class="external-link" href="https://tools.ietf.org/html/draft-cavage-http-signatures-10" rel="nofollow">HTTP Signatures</a> draft spec since CXF 3.3.0.</p><h1 id="JAX-RSHTTPSignature-MavenDependencies">Maven Dependencies</h1><p>Having the following dependency will let developers write JOSE JWS or JWE code:</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl"> <pre class="brush: java; gutter: false; theme: Default"><dependency> @@ -131,7 +131,7 @@ div.rbtoc1553637438716 li {margin-left: <version>3.3.1</version> </dependency> </pre> -</div></div><p><br clear="none"></p><h1 id="JAX-RSHTTPSignature-HTTPSignatureoverviewandImplementation">HTTP Signature overview and Implementation</h1><p><br clear="none"></p><h1 id="JAX-RSHTTPSignature-Configuration">Configuration</h1><p>The following configuration properties can be used to configure HTTP Signature with the various filters. Note that they are shared for the most part with <a shape="rect" href="jax-rs-jose.html">JAX-RS JOSE</a>.</p><p><br clear="none"></p><div class="table-wrap"><table class="wrapped confluenceTable"><colgroup span="1"><col span="1"><col span="1"><col span="1"></colgroup><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh">Configuration Tag</th><th colspan="1" rowspan="1" class="confluenceTh">Default</th><th colspan="1" rowspan="1" class="confluenceTh">Description</th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.keystore</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan ="1" class="confluenceTd">The Java KeyStore Object to use. This configuration tag is used if you want to pass the KeyStore Object through dynamically.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>rs.security.keystore.type</p></td><td colspan="1" rowspan="1" class="confluenceTd">JKS</td><td colspan="1" rowspan="1" class="confluenceTd"><p>The keystore type.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.keystore.password</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">The password required to access the keystore.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.keystore.alias</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd"> The keystore alias corresponding to the key to use.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.keystore .file</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">The path to the keystore file.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.key.password</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">The password required to access the private key (in the keystore).</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.key.password.provider</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.signature.out.properties</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The signature pr operties file for Compact or JSON signature creation. If not specified then it falls back to "rs.security.signature.properties".</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.signature.in.properties</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The signature properties file for Compact or JSON signature verification. If not specified then it falls back to "rs.security.signature.properties".</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.signature.properties</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">The signature properties file for Compact or JSON signature creation/verification.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.signature.algorithm</td><td colspan="1" rowspan="1" class="confluenceTd">rsa-sha256</td><td colspan="1" rowspa n="1" class="confluenceTd">The signature algorithm to use.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.http.signature.key.id</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">The signature key id.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.http.signature.out.headers</td><td colspan="1" rowspan="1" class="confluenceTd">all headers incl "(request-target)"</td><td colspan="1" rowspan="1" class="confluenceTd"><p>A list of String values which correspond to the list of HTTP headers that will be signed in the outbound request.</p></td></tr></tbody></table></div><p><br clear="none"></p><p><br clear="none"></p></div> +</div></div><p><br clear="none"></p><h1 id="JAX-RSHTTPSignature-HTTPSignatureoverviewandImplementation">HTTP Signature overview and Implementation</h1><p><br clear="none"></p><h1 id="JAX-RSHTTPSignature-Configuration">Configuration</h1><p>The following configuration properties can be used to configure HTTP Signature with the various filters. Note that they are shared for the most part with <a shape="rect" href="jax-rs-jose.html">JAX-RS JOSE</a>.</p><p><br clear="none"></p><div class="table-wrap"><table class="wrapped confluenceTable"><colgroup span="1"><col span="1"><col span="1"><col span="1"></colgroup><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh">Configuration Tag</th><th colspan="1" rowspan="1" class="confluenceTh">Default</th><th colspan="1" rowspan="1" class="confluenceTh">Description</th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.keystore</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan ="1" class="confluenceTd">The Java KeyStore Object to use. This configuration tag is used if you want to pass the KeyStore Object through dynamically.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>rs.security.keystore.type</p></td><td colspan="1" rowspan="1" class="confluenceTd">JKS</td><td colspan="1" rowspan="1" class="confluenceTd"><p>The keystore type.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.keystore.password</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">The password required to access the keystore.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.keystore.alias</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd"> The keystore alias corresponding to the key to use.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.keystore .file</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">The path to the keystore file.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.key.password</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">The password required to access the private key (in the keystore).</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.key.password.provider</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.signature.out.properties</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The signature pr operties file for Compact or JSON signature creation. If not specified then it falls back to "rs.security.signature.properties".</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.signature.in.properties</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The signature properties file for Compact or JSON signature verification. If not specified then it falls back to "rs.security.signature.properties".</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.signature.properties</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">The signature properties file for Compact or JSON signature creation/verification.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.signature.algorithm</td><td colspan="1" rowspan="1" class="confluenceTd">rsa-sha256</td><td colspan="1" rowspa n="1" class="confluenceTd">The signature algorithm to use.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.http.signature.key.id</td><td colspan="1" rowspan="1" class="confluenceTd"><br clear="none"></td><td colspan="1" rowspan="1" class="confluenceTd">The signature key id. This is a required configuration option on the outbound side.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.http.signature.out.headers</td><td colspan="1" rowspan="1" class="confluenceTd">all headers incl "(request-target)"</td><td colspan="1" rowspan="1" class="confluenceTd"><p>A list of String values which correspond to the list of HTTP headers that will be signed in the outbound request.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">rs.security.http.signature.in.headers</td><td colspan="1" rowspan="1" class="confluenceTd">"(request-target)" for a client request</td><td colspan="1" rowspan="1" class="confluenceTd"><p>A list of String valu es which correspond to the list of HTTP headers that must be signed in the inbound request.</p></td></tr></tbody></table></div><p><br clear="none"></p><p><br clear="none"></p></div> </div> <!-- Content --> </td> Modified: websites/production/cxf/content/docs/secure-jax-rs-services.html ============================================================================== --- websites/production/cxf/content/docs/secure-jax-rs-services.html (original) +++ websites/production/cxf/content/docs/secure-jax-rs-services.html Wed Mar 27 11:57:44 2019 @@ -121,12 +121,12 @@ Apache CXF -- Secure JAX-RS Services <div id="ConfluenceContent"><p><span style="font-size:2em;font-weight:bold">JAX-RS: Security</span> -<br clear="none"></p><p><br clear="none"></p><p><style type="text/css">/*<![CDATA[*/ -div.rbtoc1553637434500 {padding: 0px;} -div.rbtoc1553637434500 ul {list-style: disc;margin-left: 0px;} -div.rbtoc1553637434500 li {margin-left: 0px;padding-left: 0px;} +<br clear="none"></p><p><style type="text/css">/*<![CDATA[*/ +div.rbtoc1553687824714 {padding: 0px;} +div.rbtoc1553687824714 ul {list-style: disc;margin-left: 0px;} +div.rbtoc1553687824714 li {margin-left: 0px;padding-left: 0px;} -/*]]>*/</style></p><div class="toc-macro rbtoc1553637434500"> +/*]]>*/</style></p><div class="toc-macro rbtoc1553687824714"> <ul class="toc-indentation"><li><a shape="rect" href="#SecureJAX-RSServices-HTTPS">HTTPS</a> <ul class="toc-indentation"><li><a shape="rect" href="#SecureJAX-RSServices-Configuringendpoints">Configuring endpoints</a></li><li><a shape="rect" href="#SecureJAX-RSServices-Configuringclients">Configuring clients</a></li></ul> </li><li><a shape="rect" href="#SecureJAX-RSServices-Authentication">Authentication</a></li><li><a shape="rect" href="#SecureJAX-RSServices-Authorization">Authorization</a></li><li><a shape="rect" href="#SecureJAX-RSServices-WS-Trustintegration">WS-Trust integration</a>