svn commit: r969998 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-jose.html docs/security-configuration.html
Author: buildbot Date: Fri Oct 23 16:47:42 2015 New Revision: 969998 Log: Production update by buildbot for cxf Modified: websites/production/cxf/content/cache/docs.pageCache websites/production/cxf/content/docs/jax-rs-jose.html websites/production/cxf/content/docs/security-configuration.html Modified: websites/production/cxf/content/cache/docs.pageCache == Binary files - no diff available. Modified: websites/production/cxf/content/docs/jax-rs-jose.html == --- websites/production/cxf/content/docs/jax-rs-jose.html (original) +++ websites/production/cxf/content/docs/jax-rs-jose.html Fri Oct 23 16:47:42 2015 @@ -118,16 +118,16 @@ Apache CXF -- JAX-RS JOSE /**/ +/*]]>*/ IntroductionMaven DependenciesJOSE OverviewJWA AlgorithmsJWK KeysJWS SignatureJSON EncryptionJSON Web TokensLinking JWT authentications to JWS or JWE contentJOSE JAX-RS Filters JWEJWS Configuration -Configuration that applies to both encryption and signatureEncrypting JWK stores -OAuth2 and JoseOIDC and JoseFuture WorkThird-Party Alternatives +Configuration that applies to both encryption and signatureConfiguration that applies to signature only +Encrypting JWK storesOAuth2 and JoseOIDC and JoseFuture WorkThird-Party Alternatives IntroductionCXF 3.0.x implements https://datatracker.ietf.org/wg/jose/documents/"; rel="nofollow">JOSE.Maven Dependenciesorg.apache.cxf @@ -176,7 +176,7 @@ AesWrapKeyDecryptionAlgorithm keyDecrypt JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption); String decryptedText = decryption.decrypt(jweContent).getContentText(); assertEquals(specPlainText, decryptedText); - CXF ships JWE related classes in https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=tree;f=rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe;h=71e0e29025252080838168458b3d2e0179a7a0bd;hb=HEAD";>this package and offers a support for all of JWA encryption algorithms.https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweEncryptionProvider.java;h=615212b1622abb1c0a8b06a3b5498d8b6199d0cc;hb=HEAD";>JweEncryptionProvider supports encrypting the content, https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweDecryptionProvider.java;h=1f4861a2d78df5514ff74c40330c1a5f5933f47d;hb=HEAD";>JweDecryptionProvider - decrypting the content. Encryptors and Decryptors for all of JWE algorithms are shipped.JweCompactConsumer and JweCompactProducer offer a utility support for creating and validating JWE compact serialization and accept keys in a variety of formats(as JWKs, JCA representations, created out of band and wrapped in either JweEncryptionProvider or JweDecryptionProvider).JweJwtCompactConsumer and JweJwtCompactProducer are JweCompactConsumer and JweCompactProducer specializations that offer a utility support for encrypting Json Web Tokens in a compact format.JweJsonConsumer and JweJsonProducer support JWE JSON (full) serialization.JweOutputStream is a specialized output stream that can be used in conjunction with JWE JAX-RS filters (see one of the next sections)to support the best effort at streaming the content while encrypting it. These classes will use https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/jose/src /main/java/org/apache/cxf/rs/security/jose/jwe/JweEncryptionOutput.java;h=918ef5a085c3dc51025e2e9cbba37388f37eb49e;hb=HEAD">JweEncryptionOutput optionally returned from JweEncryptionProviderinstead of working with the consumer utility classes which deal with the encryption process completely in memory. Many more examples will be added here.JSON Web Tokens https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32"; rel="nofollow">JSON Web Token (JWT) is a collection of claims in JSON format. It offers a standard JSON container for representing various properties or claims.JWT can be signed and or encrypted, i.e, serve as a JOSE signature or encryption input like any other data structure. JWT has been primarily used in OAuth2 applications to represent self-contained access tokens but can also be used in other contex ts.CXF offers an initial JWT support in https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=tree;f=rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt;h=ab5e633cd9d8137428
[4/5] cxf git commit: Recording .gitmergeinfo Changes
Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f357cf6d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f357cf6d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f357cf6d Branch: refs/heads/3.0.x-fixes Commit: f357cf6d7d293668f07b797407232b17289fe70f Parents: cd64bdb Author: Colm O hEigeartaigh Authored: Fri Oct 23 17:29:47 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 17:29:47 2015 +0100 -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/f357cf6d/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index bd28989..ceac54b 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -601,6 +601,7 @@ M 79156d8a23497b9ed9bd912b64f684e610d49863 M 7988c4a974118cc5c2a8bd956fe396a7d5e8bb5c M 79f8cee005bc09bae7bcb37bba15151bea27e416 M 79f9a1056d979b138041ef0693052d3f989ef522 +M 7abdac771c87f759615292fe40dbe313ab14cda5 M 7b31a2afca1ec599100511ce1f7428160618f389 M 7b4cb818cb6276dfd3a7432c796e67e98c8c941e M 7bf10fc3fb018d533409cc444c2d7b75144b9e23
[2/5] cxf git commit: Modification to the accept public key configuration tag
Modification to the accept public key configuration tag Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9a4e72c2 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9a4e72c2 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9a4e72c2 Branch: refs/heads/3.0.x-fixes Commit: 9a4e72c2cdcfc58eef131a2f5970ef584b831681 Parents: f1f8707 Author: Colm O hEigeartaigh Authored: Fri Oct 23 17:25:43 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 17:29:41 2015 +0100 -- .../apache/cxf/rs/security/jose/common/JoseConstants.java | 9 +++-- .../java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java | 2 +- .../java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java | 2 +- .../org/apache/cxf/systest/jaxrs/security/jwt/server.xml| 1 + 4 files changed, 10 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/9a4e72c2/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java -- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java index 604155f..b05fdd6 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java @@ -120,9 +120,14 @@ public final class JoseConstants { public static final String RSSEC_INCLUDE_CERT_SHA1 = "rs.security.include.cert.sha1"; /** + * Whether to allow using a JWK received in the header for signature validation. The default + * is "false". + */ +public static final String RSSEC_ACCEPT_PUBLIC_KEY = "rs.security.accept.public.key"; + +/** * TODO documentation for these */ -public static final String RSSEC_ACCEPT_PUBLIC_KEY_PROP = "rs.security.accept.public.key.properties"; public static final String RSSEC_KEY_STORE_JWKSET = "rs.security.keystore.jwkset"; public static final String RSSEC_KEY_STORE_JWKKEY = "rs.security.keystore.jwkkey"; @@ -187,7 +192,7 @@ public final class JoseConstants { public static final String RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY = "rs.security.signature.include.public.key"; /** - * Include the X.509 certificate for signaturein the "x5c" header. + * Include the X.509 certificate for signature in the "x5c" header. */ public static final String RSSEC_SIGNATURE_INCLUDE_CERT = "rs.security.signature.include.cert"; http://git-wip-us.apache.org/repos/asf/cxf/blob/9a4e72c2/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java -- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java index 5ab72e0..60d3c83 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java @@ -312,7 +312,7 @@ public final class JwkUtils { JsonWebKeys jwkSet = loadJwkSet(m, props, cb, reader); String kid = null; if (inHeaderKid != null -&& MessageUtils.getContextualBoolean(m, JoseConstants.RSSEC_ACCEPT_PUBLIC_KEY_PROP, true)) { +&& MessageUtils.getContextualBoolean(m, JoseConstants.RSSEC_ACCEPT_PUBLIC_KEY, false)) { kid = inHeaderKid; } else { kid = KeyManagementUtils.getKeyId(m, props, JoseConstants.RSSEC_KEY_STORE_ALIAS, keyOper); http://git-wip-us.apache.org/repos/asf/cxf/blob/9a4e72c2/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java -- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java index b3e0a99..7cdefbe 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java @@ -337,7 +337,7 @@ public final class JwsUtils { if (inHeaders.getHeader(JoseConstants.HEADER_JSON_WEB_KEY) != null) { JsonWebKey publicJwk = inHeaders.getJsonWebKey();
cxf-fediz git commit: [FEDIZ-133] Adding wreply to logout confirmation form.
Repository: cxf-fediz Updated Branches: refs/heads/master 73edea40e -> 626e76831 [FEDIZ-133] Adding wreply to logout confirmation form. Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/626e7683 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/626e7683 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/626e7683 Branch: refs/heads/master Commit: 626e7683104edfe16dfab0ca6bc4be4dbf05e61d Parents: 73edea4 Author: Jan Bernhardt Authored: Fri Oct 23 18:30:40 2015 +0200 Committer: Jan Bernhardt Committed: Fri Oct 23 18:30:40 2015 +0200 -- .../src/main/webapp/WEB-INF/views/signoutconfirmationresponse.jsp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/626e7683/services/idp/src/main/webapp/WEB-INF/views/signoutconfirmationresponse.jsp -- diff --git a/services/idp/src/main/webapp/WEB-INF/views/signoutconfirmationresponse.jsp b/services/idp/src/main/webapp/WEB-INF/views/signoutconfirmationresponse.jsp index 607762e..3e7a547 100644 --- a/services/idp/src/main/webapp/WEB-INF/views/signoutconfirmationresponse.jsp +++ b/services/idp/src/main/webapp/WEB-INF/views/signoutconfirmationresponse.jsp @@ -51,7 +51,8 @@ <% if (wreply != null && !wreply.isEmpty()) { - %> + %> + <% }
[5/5] cxf git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d435640f Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d435640f Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d435640f Branch: refs/heads/3.0.x-fixes Commit: d435640fdbb851419b121bbaa62981ff786bd337 Parents: f357cf6 Author: Colm O hEigeartaigh Authored: Fri Oct 23 17:30:54 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 17:30:54 2015 +0100 -- .../cxf/rt/security/SecurityConstants.java | 362 --- .../cxf/ws/security/SecurityConstants.java | 3 + 2 files changed, 3 insertions(+), 362 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/d435640f/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java -- diff --git a/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java b/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java deleted file mode 100644 index 5ee526b..000 --- a/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java +++ /dev/null @@ -1,362 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.cxf.rt.security; - -import java.util.Arrays; -import java.util.Collections; -import java.util.HashSet; -import java.util.Set; - -/** - * This class contains some configuration tags that can be used to configure various security properties. These - * tags are shared between the SOAP stack (WS-SecurityPolicy configuration), as well as the REST stack (JAX-RS - * XML Security). - * - * The configuration tags largely relate to properties for signing, encryption as well as SAML tokens. Most of - * the signing/encryption tags refer to Apache WSS4J "Crypto" objects, which are used by both stacks to control - * how certificates/keys are retrieved, etc. - * - * More specific configuration tags for WS-SecurityPolicy are configured in the SecurityConstants - * class in the cxf-rt-ws-security module, which extends this class. - */ -public class SecurityConstants { - -// -// User properties -// - -/** - * The user's name. It is used as follows: - * a) As the name in the UsernameToken for WS-Security. - * b) As the alias name in the keystore to get the user's cert and private key for signature - *if {@link SIGNATURE_USERNAME} is not set. - * c) As the alias name in the keystore to get the user's public key for encryption if - *{@link ENCRYPT_USERNAME} is not set. - */ -public static final String USERNAME = "security.username"; - -/** - * The user's password when a {@link CALLBACK_HANDLER} is not defined. - */ -public static final String PASSWORD = "security.password"; - -/** - * The user's name for signature. It is used as the alias name in the keystore to get the user's cert - * and private key for signature. If this is not defined, then {@link USERNAME} is used instead. If - * that is also not specified, it uses the the default alias set in the properties file referenced by - * {@link SIGNATURE_PROPERTIES}. If that's also not set, and the keystore only contains a single key, - * that key will be used. - */ -public static final String SIGNATURE_USERNAME = "security.signature.username"; - -/** - * The user's name for encryption. It is used as the alias name in the keystore to get the user's public - * key for encryption. If this is not defined, then {@link USERNAME} is used instead. If - * that is also not specified, it uses the the default alias set in the properties file referenced by - * {@link ENCRYPT_PROPERTIES}. If that's also not set, and the keystore only contains a single key, - * that key will be used. - * - * For the WS-Security web service provider, the "useReqSigCert" keyword can be used to accept (encrypt to) - * any client whose public key is in t
cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/2.7.x-fixes 45ac70124 -> 81cf207d1 Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/81cf207d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/81cf207d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/81cf207d Branch: refs/heads/2.7.x-fixes Commit: 81cf207d10a8acbd4bdf904a128fe8de7358c90d Parents: 45ac701 Author: Colm O hEigeartaigh Authored: Fri Oct 23 17:31:35 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 17:31:35 2015 +0100 -- .gitmergeinfo | 5 + 1 file changed, 5 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/81cf207d/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 20d26a0..da06621 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -1486,6 +1486,7 @@ B 9a258338bef4c952db0fed6dfa108279c34a4630 B 9a2fe574c337173cf02bb87aca33bb232a544f70 B 9a321e7b9c448f5103adbd75f27b7b49bdfcf903 B 9a405329136898bc47069837fd145072987a6f75 +B 9a4e72c2cdcfc58eef131a2f5970ef584b831681 B 9a4f57eba1ba34c6d2115acb358b17ed8616b8b1 B 9a5231905e144ca1b9f195487700a355902e8a6f B 9a81d7e71f6a8477f6acc2cc46fb0683e2f8d2ec @@ -1925,6 +1926,7 @@ B cd0c70d4982280aed6cfcfa4ccfc756305fbe1de B cd3c7cd9e1deac5dfe8c7e01cfaded27b36734e4 B cd409578835e14f99fbea4d137f84262acce693f B cd5ac08a564ff7683bd2c7fee70b9ed7ac1a044e +B cd64bdb5ddb1a14fc9000eff2bd906705e50fda5 B cda59ba670339fe9a404b9e9f29ed891529ba187 B cdb21645e189c3b31f7a407e0d37db6464df4a91 B cdb742bacf1e98488aecd49d12de6491c6528ea5 @@ -1992,6 +1994,7 @@ B d3da9ed549ec3bfc48da8ea536624a5e57b29010 B d3e7cb90a76d935ada732386b1af4428aabbad71 B d3fa179ee5131353aadfb0348a2a0ed5fa3c2411 B d3fe4b7fef1498eab1d3e314def6046927476dfc +B d435640fdbb851419b121bbaa62981ff786bd337 B d43cf7de3f75aa0bbd8ff5e33b86c8424f86b585 B d48dd9082e58fd3e3ddfd067ccc287bef402f333 B d4ab2f9bdf294e74c5e74a77df34aaf770642787 @@ -2279,6 +2282,7 @@ B f18780cf52189338fee6681374f2622856f09330 B f1a489678051ed4343bb2d1826a5937a0b71e125 B f1d5ca8aee78a87a3cf2382a7498d8acc143bd3e B f1f64bfeb545eacfbe33eab62b08aed9d25adf99 +B f1f87071057fdb98e2d25d4f19b3a0f984e2e86f B f206aab7a0b641388e608af91866b5ddb317bdd4 B f224624358d45987006a9b7fd507ab744388ca58 B f2284040e8269ae8fe4cabe54b1b916abd26016d @@ -2294,6 +2298,7 @@ B f32709f86d7f1aefb23a60c705d6d658d7b958e2 B f34899128e0e27850a3cc31bbf58658290931506 B f3497b00bd89e2978d605425c98f93fd310f442e B f34ea2c8d96f88c41420ec9b851240cd7197def3 +B f357cf6d7d293668f07b797407232b17289fe70f B f360f14089d616160553b1ea336c0d51a0206443 B f372fffe46870f44ba491afbff1807d4a8799b75 B f388bc160dbb9013dc8b1539f2d5bf85d273683e
[1/5] cxf git commit: Support keys stored as SHA-1 digests in JWS headers
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 24be0b75a -> d435640fd Support keys stored as SHA-1 digests in JWS headers Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f1f87071 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f1f87071 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f1f87071 Branch: refs/heads/3.0.x-fixes Commit: f1f87071057fdb98e2d25d4f19b3a0f984e2e86f Parents: 24be0b7 Author: Colm O hEigeartaigh Authored: Fri Oct 23 15:26:09 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 17:29:39 2015 +0100 -- .../jose/common/KeyManagementUtils.java | 52 .../cxf/rs/security/jose/jws/JwsUtils.java | 10 2 files changed, 62 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/f1f87071/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java -- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java index 04b56b4..c491712 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java @@ -21,6 +21,7 @@ package org.apache.cxf.rs.security.jose.common; import java.io.InputStream; import java.security.KeyStore; +import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; @@ -45,6 +46,7 @@ import java.util.logging.Logger; import org.apache.cxf.Bus; import org.apache.cxf.common.logging.LogUtils; +import org.apache.cxf.common.util.Base64Exception; import org.apache.cxf.common.util.Base64UrlUtility; import org.apache.cxf.message.Message; import org.apache.cxf.message.MessageUtils; @@ -390,4 +392,54 @@ public final class KeyManagementUtils { throw new JoseException(ex); } } + +public static X509Certificate getCertificateFromThumbprint(String thumbprint, + String digestAlgorithm, + Message m, + Properties props) { +KeyStore ks = loadPersistKeyStore(m, props); +if (ks == null || thumbprint == null) { +return null; +} + +try { +byte[] decodedThumbprint = Base64UrlUtility.decode(thumbprint); + +for (Enumeration e = ks.aliases(); e.hasMoreElements();) { +String alias = e.nextElement(); +Certificate[] certs = ks.getCertificateChain(alias); +if (certs == null || certs.length == 0) { +// no cert chain, so lets check if getCertificate gives us a result. +Certificate cert = ks.getCertificate(alias); +if (cert != null) { +certs = new Certificate[]{cert}; +} +} + +if (certs != null && certs.length > 0 && certs[0] instanceof X509Certificate) { +X509Certificate x509cert = (X509Certificate) certs[0]; +byte[] data = +MessageDigestUtils.createDigest(x509cert.getEncoded(), digestAlgorithm); + +if (Arrays.equals(data, decodedThumbprint)) { +return x509cert; +} +} +} +} catch (KeyStoreException e) { +LOG.log(Level.WARNING, "X509Certificate can not be loaded: ", e); +throw new JoseException(e); +} catch (CertificateEncodingException e) { +LOG.log(Level.WARNING, "X509Certificate can not be loaded: ", e); +throw new JoseException(e); +} catch (NoSuchAlgorithmException e) { +LOG.log(Level.WARNING, "X509Certificate can not be loaded: ", e); +throw new JoseException(e); +} catch (Base64Exception e) { +LOG.log(Level.WARNING, "X509Certificate can not be loaded: ", e); +throw new JoseException(e); +} + +return null; +} } http://git-wip-us.apache.org/repos/asf/cxf/blob/f1f87071/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java -- diff --git a/rt/r
[3/5] cxf git commit: Updating docs
Updating docs Conflicts: rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/cd64bdb5 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/cd64bdb5 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/cd64bdb5 Branch: refs/heads/3.0.x-fixes Commit: cd64bdb5ddb1a14fc9000eff2bd906705e50fda5 Parents: 9a4e72c Author: Colm O hEigeartaigh Authored: Fri Oct 23 17:28:53 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 17:29:46 2015 +0100 -- .../cxf/rt/security/SecurityConstants.java | 362 +++ 1 file changed, 362 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/cd64bdb5/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java -- diff --git a/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java b/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java new file mode 100644 index 000..5ee526b --- /dev/null +++ b/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java @@ -0,0 +1,362 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.cxf.rt.security; + +import java.util.Arrays; +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; + +/** + * This class contains some configuration tags that can be used to configure various security properties. These + * tags are shared between the SOAP stack (WS-SecurityPolicy configuration), as well as the REST stack (JAX-RS + * XML Security). + * + * The configuration tags largely relate to properties for signing, encryption as well as SAML tokens. Most of + * the signing/encryption tags refer to Apache WSS4J "Crypto" objects, which are used by both stacks to control + * how certificates/keys are retrieved, etc. + * + * More specific configuration tags for WS-SecurityPolicy are configured in the SecurityConstants + * class in the cxf-rt-ws-security module, which extends this class. + */ +public class SecurityConstants { + +// +// User properties +// + +/** + * The user's name. It is used as follows: + * a) As the name in the UsernameToken for WS-Security. + * b) As the alias name in the keystore to get the user's cert and private key for signature + *if {@link SIGNATURE_USERNAME} is not set. + * c) As the alias name in the keystore to get the user's public key for encryption if + *{@link ENCRYPT_USERNAME} is not set. + */ +public static final String USERNAME = "security.username"; + +/** + * The user's password when a {@link CALLBACK_HANDLER} is not defined. + */ +public static final String PASSWORD = "security.password"; + +/** + * The user's name for signature. It is used as the alias name in the keystore to get the user's cert + * and private key for signature. If this is not defined, then {@link USERNAME} is used instead. If + * that is also not specified, it uses the the default alias set in the properties file referenced by + * {@link SIGNATURE_PROPERTIES}. If that's also not set, and the keystore only contains a single key, + * that key will be used. + */ +public static final String SIGNATURE_USERNAME = "security.signature.username"; + +/** + * The user's name for encryption. It is used as the alias name in the keystore to get the user's public + * key for encryption. If this is not defined, then {@link USERNAME} is used instead. If + * that is also not specified, it uses the the default alias set in the properties file referenced by + * {@link ENCRYPT_PROPERTIES}. If that's also not set, and the keystore only contains a single key, + * that key will be used. + * + * For the WS-Security web service provider, the "useReqSigCert" keyword can be used to accept (encrypt to) + * any client whos
cxf git commit: Updating docs
Repository: cxf Updated Branches: refs/heads/master c60357527 -> 7abdac771 Updating docs Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7abdac77 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7abdac77 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7abdac77 Branch: refs/heads/master Commit: 7abdac771c87f759615292fe40dbe313ab14cda5 Parents: c603575 Author: Colm O hEigeartaigh Authored: Fri Oct 23 17:28:53 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 17:28:53 2015 +0100 -- .../main/java/org/apache/cxf/rt/security/SecurityConstants.java | 3 +++ 1 file changed, 3 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/7abdac77/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java -- diff --git a/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java b/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java index acc671d..5ee526b 100644 --- a/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java +++ b/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java @@ -150,6 +150,9 @@ public class SecurityConstants { /** * Whether to allow unsigned saml assertions as SecurityContext Principals. The default is false. + * Note that "unsigned" refers to an internal signature. Even if the token is signed by an + * external signature (as per the "sender-vouches" requirement), this boolean must still be + * configured if you want to use the token to set up the security context. */ public static final String ENABLE_UNSIGNED_SAML_ASSERTION_PRINCIPAL = "security.enable.unsigned-saml-assertion.principal";
[1/2] cxf git commit: Modification to the accept public key configuration tag
Repository: cxf Updated Branches: refs/heads/master 6a778890e -> c60357527 Modification to the accept public key configuration tag Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c6035752 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c6035752 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c6035752 Branch: refs/heads/master Commit: c60357527dd1614734c2c80ea86879ab1e4acc4d Parents: 7b4a828 Author: Colm O hEigeartaigh Authored: Fri Oct 23 17:25:43 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 17:26:10 2015 +0100 -- .../apache/cxf/rs/security/jose/common/JoseConstants.java | 9 +++-- .../java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java | 2 +- .../java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java | 2 +- .../org/apache/cxf/systest/jaxrs/security/jwt/server.xml| 1 + 4 files changed, 10 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/c6035752/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java -- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java index 604155f..b05fdd6 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java @@ -120,9 +120,14 @@ public final class JoseConstants { public static final String RSSEC_INCLUDE_CERT_SHA1 = "rs.security.include.cert.sha1"; /** + * Whether to allow using a JWK received in the header for signature validation. The default + * is "false". + */ +public static final String RSSEC_ACCEPT_PUBLIC_KEY = "rs.security.accept.public.key"; + +/** * TODO documentation for these */ -public static final String RSSEC_ACCEPT_PUBLIC_KEY_PROP = "rs.security.accept.public.key.properties"; public static final String RSSEC_KEY_STORE_JWKSET = "rs.security.keystore.jwkset"; public static final String RSSEC_KEY_STORE_JWKKEY = "rs.security.keystore.jwkkey"; @@ -187,7 +192,7 @@ public final class JoseConstants { public static final String RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY = "rs.security.signature.include.public.key"; /** - * Include the X.509 certificate for signaturein the "x5c" header. + * Include the X.509 certificate for signature in the "x5c" header. */ public static final String RSSEC_SIGNATURE_INCLUDE_CERT = "rs.security.signature.include.cert"; http://git-wip-us.apache.org/repos/asf/cxf/blob/c6035752/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java -- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java index 5ab72e0..60d3c83 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java @@ -312,7 +312,7 @@ public final class JwkUtils { JsonWebKeys jwkSet = loadJwkSet(m, props, cb, reader); String kid = null; if (inHeaderKid != null -&& MessageUtils.getContextualBoolean(m, JoseConstants.RSSEC_ACCEPT_PUBLIC_KEY_PROP, true)) { +&& MessageUtils.getContextualBoolean(m, JoseConstants.RSSEC_ACCEPT_PUBLIC_KEY, false)) { kid = inHeaderKid; } else { kid = KeyManagementUtils.getKeyId(m, props, JoseConstants.RSSEC_KEY_STORE_ALIAS, keyOper); http://git-wip-us.apache.org/repos/asf/cxf/blob/c6035752/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java -- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java index c36002f..747d53b 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java @@ -336,7 +336,7 @@ public final class JwsUtils { if (inHeaders.getHeader(JoseConstants.HEADER_JSON_WEB_KEY) !=
[2/2] cxf git commit: Support keys stored as SHA-1 digests in JWS headers
Support keys stored as SHA-1 digests in JWS headers Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7b4a828b Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7b4a828b Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7b4a828b Branch: refs/heads/master Commit: 7b4a828bad8e71d7b3500721a3f49b1ceb414712 Parents: 6a77889 Author: Colm O hEigeartaigh Authored: Fri Oct 23 15:26:09 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 17:26:10 2015 +0100 -- .../jose/common/KeyManagementUtils.java | 52 .../cxf/rs/security/jose/jws/JwsUtils.java | 10 2 files changed, 62 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/7b4a828b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java -- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java index 04b56b4..c491712 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java @@ -21,6 +21,7 @@ package org.apache.cxf.rs.security.jose.common; import java.io.InputStream; import java.security.KeyStore; +import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; @@ -45,6 +46,7 @@ import java.util.logging.Logger; import org.apache.cxf.Bus; import org.apache.cxf.common.logging.LogUtils; +import org.apache.cxf.common.util.Base64Exception; import org.apache.cxf.common.util.Base64UrlUtility; import org.apache.cxf.message.Message; import org.apache.cxf.message.MessageUtils; @@ -390,4 +392,54 @@ public final class KeyManagementUtils { throw new JoseException(ex); } } + +public static X509Certificate getCertificateFromThumbprint(String thumbprint, + String digestAlgorithm, + Message m, + Properties props) { +KeyStore ks = loadPersistKeyStore(m, props); +if (ks == null || thumbprint == null) { +return null; +} + +try { +byte[] decodedThumbprint = Base64UrlUtility.decode(thumbprint); + +for (Enumeration e = ks.aliases(); e.hasMoreElements();) { +String alias = e.nextElement(); +Certificate[] certs = ks.getCertificateChain(alias); +if (certs == null || certs.length == 0) { +// no cert chain, so lets check if getCertificate gives us a result. +Certificate cert = ks.getCertificate(alias); +if (cert != null) { +certs = new Certificate[]{cert}; +} +} + +if (certs != null && certs.length > 0 && certs[0] instanceof X509Certificate) { +X509Certificate x509cert = (X509Certificate) certs[0]; +byte[] data = +MessageDigestUtils.createDigest(x509cert.getEncoded(), digestAlgorithm); + +if (Arrays.equals(data, decodedThumbprint)) { +return x509cert; +} +} +} +} catch (KeyStoreException e) { +LOG.log(Level.WARNING, "X509Certificate can not be loaded: ", e); +throw new JoseException(e); +} catch (CertificateEncodingException e) { +LOG.log(Level.WARNING, "X509Certificate can not be loaded: ", e); +throw new JoseException(e); +} catch (NoSuchAlgorithmException e) { +LOG.log(Level.WARNING, "X509Certificate can not be loaded: ", e); +throw new JoseException(e); +} catch (Base64Exception e) { +LOG.log(Level.WARNING, "X509Certificate can not be loaded: ", e); +throw new JoseException(e); +} + +return null; +} } http://git-wip-us.apache.org/repos/asf/cxf/blob/7b4a828b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java -- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.ja
cxf-fediz git commit: [FEDIZ-133] Imrove Logout Page handling
Repository: cxf-fediz Updated Branches: refs/heads/master c78fff7f0 -> 73edea40e [FEDIZ-133] Imrove Logout Page handling Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/73edea40 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/73edea40 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/73edea40 Branch: refs/heads/master Commit: 73edea40e59d4ecfb6e8aab4c682c015d99797b9 Parents: c78fff7 Author: Jan Bernhardt Authored: Fri Oct 23 17:29:30 2015 +0200 Committer: Jan Bernhardt Committed: Fri Oct 23 17:29:30 2015 +0200 -- .../idp/beans/SigninParametersCacheAction.java | 81 .../flows/federation-validate-request.xml | 16 ++-- .../views/signoutconfirmationresponse.jsp | 46 ++- .../webapp/WEB-INF/views/signoutresponse.jsp| 26 --- 4 files changed, 116 insertions(+), 53 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/73edea40/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/SigninParametersCacheAction.java -- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/SigninParametersCacheAction.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/SigninParametersCacheAction.java index a822d1b..41cac31 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/SigninParametersCacheAction.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/SigninParametersCacheAction.java @@ -37,7 +37,9 @@ public class SigninParametersCacheAction { //todo introduce constants class? public static final String IDP_CONFIG = "idpConfig"; +@Deprecated public static final String REALM_URL_MAP = "realmUrlMap"; +public static final String ACTIVE_APPLICATIONS = "realmConfigMap"; private static final Logger LOG = LoggerFactory.getLogger(SigninParametersCacheAction.class); @@ -108,6 +110,11 @@ public class SigninParametersCacheAction { } } +/** + * @deprecated use {@link #storeRPConfigInSession()} instead. + * @param context + * @throws ProcessingException + */ public void storeRPUrlInSession(RequestContext context) throws ProcessingException { String whr = (String)WebUtils.getAttributeFromFlowScope(context, FederationConstants.PARAM_HOME_REALM); @@ -127,24 +134,12 @@ public class SigninParametersCacheAction { } if (url == null) { -url = (String)WebUtils.getAttributeFromFlowScope(context, FederationConstants.PARAM_REPLY); -try { -//basic check if the url is correctly formed -new URL(url); -} catch (Exception e) { -url = null; -} -if (url == null) { -url = wtrealm; -try { -//basic check if the url is correctly formed -new URL(url); -} catch (Exception e) { -throw new ProcessingException(e.getMessage(), e, ProcessingException.TYPE.INVALID_REQUEST); -} +url = guessPassiveRequestorURL(context, wtrealm); +if (serviceConfig != null) { +serviceConfig.setPassiveRequestorEndpoint(url); } } - + @SuppressWarnings("unchecked") Map rum = (Map)WebUtils @@ -159,5 +154,59 @@ public class SigninParametersCacheAction { if (val == null) { rum.put(wtrealm, url); } + +storeRPConfigInSession(context); +} + +public void storeRPConfigInSession(RequestContext context) throws ProcessingException { + +String whr = (String)WebUtils.getAttributeFromFlowScope(context, FederationConstants.PARAM_HOME_REALM); +String wtrealm = (String)WebUtils.getAttributeFromFlowScope(context, FederationConstants.PARAM_TREALM); +Idp idpConfig = (Idp) WebUtils.getAttributeFromFlowScope(context, IDP_CONFIG); +if (whr == null || wtrealm == null || idpConfig == null) { +return; +} + +Application serviceConfig = idpConfig.findApplication(wtrealm); +if (serviceConfig != null) { +if (serviceConfig.getPassiveRequestorEndpoint() == null) { +String url = guessPassiveRequestorURL(context, wtrealm); +serviceConfig.setPassiveRequestorEndpoint(url); +} + +@SuppressWarnings("unchecked") +Map realmConfigMap = +(Map)WebUtils +.getAttributeFromExternalContext(context, ACTIVE_APPLICATIONS); + +
svn commit: r969980 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-jose.html
Author: buildbot Date: Fri Oct 23 13:47:37 2015 New Revision: 969980 Log: Production update by buildbot for cxf Modified: websites/production/cxf/content/cache/docs.pageCache websites/production/cxf/content/docs/jax-rs-jose.html Modified: websites/production/cxf/content/cache/docs.pageCache == Binary files - no diff available. Modified: websites/production/cxf/content/docs/jax-rs-jose.html == --- websites/production/cxf/content/docs/jax-rs-jose.html (original) +++ websites/production/cxf/content/docs/jax-rs-jose.html Fri Oct 23 13:47:37 2015 @@ -118,11 +118,11 @@ Apache CXF -- JAX-RS JOSE /**/ +/*]]>*/ IntroductionMaven DependenciesJOSE OverviewJWA AlgorithmsJWK KeysJWS SignatureJSON EncryptionJSON Web TokensLinking JWT authentications to JWS or JWE contentJOSE JAX-RS Filters JWEJWS Configuration @@ -176,7 +176,7 @@ AesWrapKeyDecryptionAlgorithm keyDecrypt JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption); String decryptedText = decryption.decrypt(jweContent).getContentText(); assertEquals(specPlainText, decryptedText); - CXF ships JWE related classes in https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=tree;f=rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe;h=71e0e29025252080838168458b3d2e0179a7a0bd;hb=HEAD";>this package and offers a support for all of JWA encryption algorithms.https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweEncryptionProvider.java;h=615212b1622abb1c0a8b06a3b5498d8b6199d0cc;hb=HEAD";>JweEncryptionProvider supports encrypting the content, https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweDecryptionProvider.java;h=1f4861a2d78df5514ff74c40330c1a5f5933f47d;hb=HEAD";>JweDecryptionProvider - decrypting the content. Encryptors and Decryptors for all of JWE algorithms are shipped.JweCompactConsumer and JweCompactProducer offer a utility support for creating and validating JWE compact serialization and accept keys in a variety of formats(as JWKs, JCA representations, created out of band and wrapped in either JweEncryptionProvider or JweDecryptionProvider).JweJwtCompactConsumer and JweJwtCompactProducer are JweCompactConsumer and JweCompactProducer specializations that offer a utility support for encrypting Json Web Tokens in a compact format.JweJsonConsumer and JweJsonProducer support JWE JSON (full) serialization.JweOutputStream is a specialized output stream that can be used in conjunction with JWE JAX-RS filters (see one of the next sections)to support the best effort at streaming the content while encrypting it. These classes will use https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/jose/src /main/java/org/apache/cxf/rs/security/jose/jwe/JweEncryptionOutput.java;h=918ef5a085c3dc51025e2e9cbba37388f37eb49e;hb=HEAD">JweEncryptionOutput optionally returned from JweEncryptionProviderinstead of working with the consumer utility classes which deal with the encryption process completely in memory. Many more examples will be added here.JSON Web Tokens https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32"; rel="nofollow">JSON Web Token (JWT) is a collection of claims in JSON format. It offers a standard JSON container for representing various properties or claims.JWT can be signed and or encrypted, i.e, serve as a JOSE signature or encryption input like any other data structure. JWT has been primarily used in OAuth2 applications to represent self-contained access tokens but can also be used in other contex ts.CXF offers an initial JWT support in https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=tree;f=rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt;h=ab5e633cd9d81374288c46c7d283df49931cc0d8;hb=HEAD";>this package.Linking JWT authentications to JWS or JWE contentAdd more...JOSE JAX-RS FiltersJWEJWSConfigurationConfiguration that applies to both encryption and signaturers.security.keystore.typeThe keystore type. Suitable values are "jks" or "j wk".rs.security.keystore.passwordThe password required to access the keystore.rs.security.key.passwordThe password required to access the private key (in the keystore).rs.security.keystore.alias The keystore alias corresponding to the key to use. You can append one of the following to this tag to get the ali
cxf git commit: Upgrade atmosphere to 2.3.5
Repository: cxf Updated Branches: refs/heads/master 070315cf0 -> 6a778890e Upgrade atmosphere to 2.3.5 Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6a778890 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6a778890 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6a778890 Branch: refs/heads/master Commit: 6a778890e91542ce0f8b92c6bbf3c3d403fa7aaa Parents: 070315c Author: Akitoshi Yoshida Authored: Fri Oct 23 13:59:03 2015 +0200 Committer: Akitoshi Yoshida Committed: Fri Oct 23 13:59:03 2015 +0200 -- parent/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/6a778890/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index b842f1d..9ef6d2d 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -69,7 +69,7 @@ 5.12.0 1.9.8 2.0.0-M20 -2.3.2 +2.3.5 [2.0,3.0) 1.2.14 1.52
cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/2.7.x-fixes fb032c0e9 -> 45ac70124 Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/45ac7012 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/45ac7012 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/45ac7012 Branch: refs/heads/2.7.x-fixes Commit: 45ac70124bffa182deaf483ac547f3271592eb87 Parents: fb032c0 Author: Colm O hEigeartaigh Authored: Fri Oct 23 12:12:18 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 12:12:18 2015 +0100 -- .gitmergeinfo | 2 ++ 1 file changed, 2 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/45ac7012/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 4dfac60..20d26a0 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -376,6 +376,7 @@ B 242ffb176a1b2bea2be1762750f66af8d227ca2f B 24854c231e5cc04c7cb649ae58abd4570f8e317e B 249c25bddbe08ba346f67dcc34d65dd2598d5c72 B 24aa7e5814f6e6a4c51522ae27a33ac1ed8cc809 +B 24be0b75a10498fa928cdcbe0ee86ba20d555cfe B 24c65ee574a29bb89b97b948ff2b683d31014a99 B 24cbca795a21070f5bf11587277900b3a2cf226b B 24d88dc5ecea8053c86c56caa1e3879b917885f5 @@ -1550,6 +1551,7 @@ B a1b1e7898cb51e2681203e4ec89767a89f2750cf B a1e910583c95417964e74d5dad38249c1f9743b2 B a2182495fe9079423b6b439614884a518729b9a9 B a23a473d8df5d9b0210d10b10a0e66ef9bbd056f +B a24b89126236aa77173f18d88eff10afed2b821d B a2616506a4c6c879a5a0b5e81cbf15eda0b2b71b B a270811466ef702756ba04cc8d06a9886ef8d1ff B a279a14a74f1dc61cd295bd025a356a911dbc659
[1/2] cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 61d0690a8 -> 24be0b75a Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/24be0b75 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/24be0b75 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/24be0b75 Branch: refs/heads/3.0.x-fixes Commit: 24be0b75a10498fa928cdcbe0ee86ba20d555cfe Parents: a24b891 Author: Colm O hEigeartaigh Authored: Fri Oct 23 12:08:00 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 12:08:00 2015 +0100 -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/24be0b75/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index dd0897a..bd28989 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -487,6 +487,7 @@ M 00a5a1d6b1da5f3b679c25d4bd988d1277ee62e7 M 00b626af504d3d59419ec2d1eb5e39943ec5b8aa M 05383ffcfc3fe16c6acadf1a343375c00fa1116c M 05b96b6e8d1c3f845ce4d9b8a77c638ed7e987b7 +M 070315cf06b2f2d8596c922115fd3f811e394ecc M 0a91c7b3694c8fb453a3eb9c50b94ba4870f8aff M 0cb64ee2bb66e4249c4a0f8d7ae62068e2a95dcd M 0d3d0bd91a8dd9e01e4716bc40dce28ed07c4325
[2/2] cxf git commit: Remove LDAP server set up from the Kerberos tests
Remove LDAP server set up from the Kerberos tests Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a24b8912 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a24b8912 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a24b8912 Branch: refs/heads/3.0.x-fixes Commit: a24b89126236aa77173f18d88eff10afed2b821d Parents: 61d0690 Author: Colm O hEigeartaigh Authored: Fri Oct 23 11:59:44 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 12:08:00 2015 +0100 -- .../kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java| 7 --- .../systest/kerberos/wssec/kerberos/KerberosTokenTest.java| 7 --- .../cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java| 7 --- 3 files changed, 21 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/a24b8912/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java -- diff --git a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java index 32c59da..cda826c 100644 --- a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java +++ b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java @@ -34,7 +34,6 @@ import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.cxf.transport.http.auth.HttpAuthHeader; import org.apache.cxf.transport.http.auth.SpnegoAuthSupplier; import org.apache.directory.server.annotations.CreateKdcServer; -import org.apache.directory.server.annotations.CreateLdapServer; import org.apache.directory.server.annotations.CreateTransport; import org.apache.directory.server.core.annotations.ApplyLdifFiles; import org.apache.directory.server.core.annotations.CreateDS; @@ -76,12 +75,6 @@ import org.junit.runner.RunWith; } ) -@CreateLdapServer( -transports = { -@CreateTransport(protocol = "LDAP") -} -) - @CreateKdcServer( transports = { // @CreateTransport(protocol = "TCP", address = "127.0.0.1", port=1024) http://git-wip-us.apache.org/repos/asf/cxf/blob/a24b8912/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/kerberos/KerberosTokenTest.java -- diff --git a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/kerberos/KerberosTokenTest.java b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/kerberos/KerberosTokenTest.java index f9c00ef..2545b1f 100644 --- a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/kerberos/KerberosTokenTest.java +++ b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/kerberos/KerberosTokenTest.java @@ -37,7 +37,6 @@ import org.apache.cxf.systest.kerberos.wssec.sts.StaxSTSServer; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.cxf.testutil.common.TestUtil; import org.apache.directory.server.annotations.CreateKdcServer; -import org.apache.directory.server.annotations.CreateLdapServer; import org.apache.directory.server.annotations.CreateTransport; import org.apache.directory.server.core.annotations.ApplyLdifFiles; import org.apache.directory.server.core.annotations.CreateDS; @@ -79,12 +78,6 @@ import org.junit.runner.RunWith; } ) -@CreateLdapServer( -transports = { -@CreateTransport(protocol = "LDAP") -} -) - @CreateKdcServer( transports = { // @CreateTransport(protocol = "TCP", address = "127.0.0.1", port=1024) http://git-wip-us.apache.org/repos/asf/cxf/blob/a24b8912/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java -- diff --git a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java index 29380a7..c7d50aa 100644 --- a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java +++ b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java @@ -34,7 +34,6 @@ import org.apache.cxf.systest.kerberos.common.SecurityTestUtil; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.cxf.testutil.common.TestUtil; import org.apache.directory.server.annotations.CreateKdcServer; -import org.apache.directory.s
cxf git commit: Remove LDAP server set up from the Kerberos tests
Repository: cxf Updated Branches: refs/heads/master ff4fd0c01 -> 070315cf0 Remove LDAP server set up from the Kerberos tests Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/070315cf Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/070315cf Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/070315cf Branch: refs/heads/master Commit: 070315cf06b2f2d8596c922115fd3f811e394ecc Parents: ff4fd0c Author: Colm O hEigeartaigh Authored: Fri Oct 23 11:59:44 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Oct 23 11:59:44 2015 +0100 -- .../kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java| 7 --- .../systest/kerberos/wssec/kerberos/KerberosTokenTest.java| 7 --- .../cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java| 7 --- 3 files changed, 21 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/070315cf/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java -- diff --git a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java index 18079d1..4087fcc 100644 --- a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java +++ b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/jaxrs/kerberos/JAXRSKerberosBookTest.java @@ -34,7 +34,6 @@ import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.cxf.transport.http.auth.HttpAuthHeader; import org.apache.cxf.transport.http.auth.SpnegoAuthSupplier; import org.apache.directory.server.annotations.CreateKdcServer; -import org.apache.directory.server.annotations.CreateLdapServer; import org.apache.directory.server.annotations.CreateTransport; import org.apache.directory.server.core.annotations.ApplyLdifFiles; import org.apache.directory.server.core.annotations.CreateDS; @@ -76,12 +75,6 @@ import org.junit.runner.RunWith; } ) -@CreateLdapServer( -transports = { -@CreateTransport(protocol = "LDAP") -} -) - @CreateKdcServer( transports = { @CreateTransport(protocol = "KRB", address = "127.0.0.1") http://git-wip-us.apache.org/repos/asf/cxf/blob/070315cf/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/kerberos/KerberosTokenTest.java -- diff --git a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/kerberos/KerberosTokenTest.java b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/kerberos/KerberosTokenTest.java index 2ce3786..52dce83 100644 --- a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/kerberos/KerberosTokenTest.java +++ b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/kerberos/KerberosTokenTest.java @@ -37,7 +37,6 @@ import org.apache.cxf.systest.kerberos.wssec.sts.StaxSTSServer; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.cxf.testutil.common.TestUtil; import org.apache.directory.server.annotations.CreateKdcServer; -import org.apache.directory.server.annotations.CreateLdapServer; import org.apache.directory.server.annotations.CreateTransport; import org.apache.directory.server.core.annotations.ApplyLdifFiles; import org.apache.directory.server.core.annotations.CreateDS; @@ -79,12 +78,6 @@ import org.junit.runner.RunWith; } ) -@CreateLdapServer( -transports = { -@CreateTransport(protocol = "LDAP") -} -) - @CreateKdcServer( transports = { @CreateTransport(protocol = "KRB", address = "127.0.0.1") http://git-wip-us.apache.org/repos/asf/cxf/blob/070315cf/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java -- diff --git a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java index 66f1f57..8140921 100644 --- a/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java +++ b/systests/kerberos/src/test/java/org/apache/cxf/systest/kerberos/wssec/spnego/SpnegoTokenTest.java @@ -34,7 +34,6 @@ import org.apache.cxf.systest.kerberos.common.SecurityTestUtil; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.cxf.testutil.common.TestUtil; import org.apache.directory.server.annotations.C
cxf-fediz git commit: [FEDIZ-132] Fixed encoding error
Repository: cxf-fediz Updated Branches: refs/heads/master 4884ddf35 -> c78fff7f0 [FEDIZ-132] Fixed encoding error Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/c78fff7f Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/c78fff7f Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/c78fff7f Branch: refs/heads/master Commit: c78fff7f089010d4f7681cb3e18cc18d04e09da5 Parents: 4884ddf Author: Jan Bernhardt Authored: Fri Oct 23 11:43:56 2015 +0200 Committer: Jan Bernhardt Committed: Fri Oct 23 11:43:56 2015 +0200 -- plugins/core/pom.xml | 2 ++ pom.xml | 4 2 files changed, 6 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c78fff7f/plugins/core/pom.xml -- diff --git a/plugins/core/pom.xml b/plugins/core/pom.xml index d45af9a..c3705a9 100644 --- a/plugins/core/pom.xml +++ b/plugins/core/pom.xml @@ -95,6 +95,8 @@ org.apache.cxf.fediz.core.config.jaxb -Xdv +-encoding +UTF-8 http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c78fff7f/pom.xml -- diff --git a/pom.xml b/pom.xml index eede46a..a6244f4 100644 --- a/pom.xml +++ b/pom.xml @@ -684,6 +684,7 @@ ${jdk.version} 256M ${compiler.fork} + UTF-8 @@ -731,6 +732,7 @@ ${fediz.compile.show.deprecation} true ${fediz.compile.flags} + UTF-8 @@ -798,6 +800,7 @@ ${fediz.compile.show.deprecation} true ${fediz.compile.flags} + UTF-8 @@ -834,6 +837,7 @@ true true ${fediz.compile.flags} + UTF-8
cxf git commit: align the start-level values in features.xml
Repository: cxf Updated Branches: refs/heads/master 42e6fde99 -> ff4fd0c01 align the start-level values in features.xml Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ff4fd0c0 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ff4fd0c0 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ff4fd0c0 Branch: refs/heads/master Commit: ff4fd0c01aaf8ef1cbdb8707eb50a54d762d640b Parents: 42e6fde Author: Akitoshi Yoshida Authored: Fri Oct 23 11:16:04 2015 +0200 Committer: Akitoshi Yoshida Committed: Fri Oct 23 11:16:04 2015 +0200 -- osgi/karaf/features/src/main/resources/features.xml | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/ff4fd0c0/osgi/karaf/features/src/main/resources/features.xml -- diff --git a/osgi/karaf/features/src/main/resources/features.xml b/osgi/karaf/features/src/main/resources/features.xml index 19845bf..80c339c 100644 --- a/osgi/karaf/features/src/main/resources/features.xml +++ b/osgi/karaf/features/src/main/resources/features.xml @@ -40,7 +40,7 @@ cxf-specs -mvn:commons-codec/commons-codec/${cxf.commons-codec.version} +mvn:commons-codec/commons-codec/${cxf.commons-codec.version} mvn:org.apache.abdera/abdera-core/${cxf.abdera.version} mvn:org.apache.abdera/abdera-extensions-main/${cxf.abdera.version} mvn:org.apache.abdera/abdera-i18n/${cxf.abdera.version} @@ -76,7 +76,7 @@ cxf-specs mvn:org.apache.ws.xmlschema/xmlschema-core/${cxf.xmlschema.version} -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.xmlresolver/${cxf.xmlresolver.bundle.version} +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.xmlresolver/${cxf.xmlresolver.bundle.version} mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.fastinfoset/${cxf.fastinfoset.bundle.version} mvn:org.apache.cxf/cxf-core/${project.version} mvn:org.apache.cxf/cxf-rt-management/${project.version} @@ -339,7 +339,7 @@ cxf-jaxb -mvn:commons-lang/commons-lang/${cxf.commons-lang.version} +mvn:commons-lang/commons-lang/${cxf.commons-lang.version} mvn:org.apache.cxf.xjc-utils/cxf-xjc-runtime/${cxf.xjc-utils.version} @@ -351,7 +351,7 @@ cxf-jaxrs cxf-jaxws cxf-javascript - mvn:commons-lang/commons-lang/${cxf.commons-lang.version} +mvn:commons-lang/commons-lang/${cxf.commons-lang.version} mvn:org.apache.velocity/velocity/${cxf.velocity.version} mvn:commons-collections/commons-collections/${cxf.commons-collections.version} mvn:org.apache.cxf/cxf-tools-common/${project.version} @@ -450,7 +450,7 @@ cxf-core cxf-jaxrs mvn:commons-lang/commons-lang/${cxf.commons-lang.version} -mvn:commons-codec/commons-codec/${cxf.commons-codec.version} +mvn:commons-codec/commons-codec/${cxf.commons-codec.version} mvn:org.apache.abdera/abdera-core/${cxf.abdera.version} mvn:org.apache.abdera/abdera-i18n/${cxf.abdera.version} mvn:org.apache.james/apache-mime4j-core/${cxf.james.mim4j.version}
cxf git commit: fix checkstyle errors
Repository: cxf Updated Branches: refs/heads/master 1616f1910 -> 42e6fde99 fix checkstyle errors Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/42e6fde9 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/42e6fde9 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/42e6fde9 Branch: refs/heads/master Commit: 42e6fde997a3b7e7408414e79e2003ec067910f3 Parents: 1616f19 Author: Akitoshi Yoshida Authored: Fri Oct 23 11:15:07 2015 +0200 Committer: Akitoshi Yoshida Committed: Fri Oct 23 11:15:07 2015 +0200 -- .../cxf/transport/http_jetty/JettyHTTPServerEngine.java | 7 ++- 1 file changed, 2 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/42e6fde9/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java -- diff --git a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java index e4da5f4..0b864f5 100644 --- a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java +++ b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java @@ -594,14 +594,11 @@ public class JettyHTTPServerEngine implements ServerEngine { int major = 8; int minor = 0; -try -{ +try { String[] version = Server.getVersion().split("\\."); major = Integer.parseInt(version[0]); minor = Integer.parseInt(version[1]); -} -catch (Exception e) -{ +} catch (Exception e) { // unparsable version }
cxf-fediz git commit: Fix remote IDP URL
Repository: cxf-fediz Updated Branches: refs/heads/master bd86beaa4 -> 4884ddf35 Fix remote IDP URL Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/4884ddf3 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/4884ddf3 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/4884ddf3 Branch: refs/heads/master Commit: 4884ddf350933e43703ef596f297a8ae8d369ad8 Parents: bd86bea Author: Jan Bernhardt Authored: Fri Oct 23 10:46:51 2015 +0200 Committer: Jan Bernhardt Committed: Fri Oct 23 10:46:51 2015 +0200 -- services/idp/src/main/resources/entities-realmb.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4884ddf3/services/idp/src/main/resources/entities-realmb.xml -- diff --git a/services/idp/src/main/resources/entities-realmb.xml b/services/idp/src/main/resources/entities-realmb.xml index 152ff52..592a605 100644 --- a/services/idp/src/main/resources/entities-realmb.xml +++ b/services/idp/src/main/resources/entities-realmb.xml @@ -34,7 +34,7 @@ https://localhost:12443/fediz-idp-sts/REALMB"; /> -https://localhost:12443/fediz-idp/federation"; /> +https://localhost:12443/fediz-idp-remote/federation"; /> http://docs.oasis-open.org/wsfed/federation/200706