Author: azeez Date: Fri Jan 18 04:25:33 2008 New Revision: 12477 Log:
Updating docs Added: trunk/wsas/java/modules/www/extensions/core/js/init.js Modified: trunk/wsas/java/modules/documentation/src/site/xdoc/ejb_guide.xml trunk/wsas/java/modules/documentation/src/site/xdoc/jmx.xml trunk/wsas/java/modules/documentation/src/site/xdoc/xkms.xml Modified: trunk/wsas/java/modules/documentation/src/site/xdoc/ejb_guide.xml ============================================================================== --- trunk/wsas/java/modules/documentation/src/site/xdoc/ejb_guide.xml (original) +++ trunk/wsas/java/modules/documentation/src/site/xdoc/ejb_guide.xml Fri Jan 18 04:25:33 2008 @@ -14,140 +14,208 @@ ~ limitations under the License. --> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" - "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd";> <html xmlns="http://www.w3.org/1999/xhtml";> -<body> -<p>[<a -href="http://dist.wso2.org/products/wsas/java/@wso2wsas_version@";>Download</a>] -| [<a href="index_docs.html">Documentation Home</a>] | [<a -href="release_notes.html">Release Note</a>]</p> - -<h1>EJB Service Guide</h1> - -<p>This document provides instructions exposing EJBs as Web services using -WSO2 WSAS .</p> - -<p>Your feedback on WSO2 WSAS is most appreciated. Please send them to our <a -href="mail-lists.html">mailing lists</a>.</p> - -<h3>EJB Service Provider</h3> - -<p></p> -WSAS makes it possible for you to expose an EJB deployed in you application -server (JBoss, Apache Geronimo, BEA WebLogic or other) as a Web service. - -<p>Once you have the EJB deployed in your application server, all you need to -do is show WSAS the location of the archive containing the remote/home -interfaces, enter the details for the interface, JNDI bean names etc, and -WSAS will take care of exposing the EJB as a Web service. WSAS will -communicate with the EJB using JNDI, which the WS client just sees as yet -another Web service.</p> - -<p></p> - -<p><strong>Table of Contents</strong></p> - -<div class="toc"> -<ul> - <li><a href="#Step">Step 1 - EJB Provider Configuration</a></li> - <li><a href="#Step1">Step 2 - Upload Interface</a></li> - <li><a href="#Step2">Step 3 - Select Classes</a></li> - <li><a href="#Step3">Step 4 - Deploy Service</a></li> -</ul> -</div> - -<p></p> - -<h4 id="Instructio">Instructions</h4> - -<p><strong>Before you start WSAS, make sure you've started the J2EE Application Server where your -EJB is deployed, and copy the client .jars of your J2EE Application Server to either WSO2WSAS_HOME/lib folder -or onto the classpath.</strong></p> <br /> - -<p>After you have logged in to WSAS, click <strong>Services</strong>.</p> - -<p>Then click <strong>Define EJB Service</strong> to configure an EJB to be -exposed as a Web service.</p> -<br /><br /> -<img alt="" src="images/available_services-new.jpg" /> <br /> - -<a name="ejb_step1"></a> -<h4 id="Step">Step 1 - EJB Provider Configuration</h4> - -<p>On the next screen, enter the details of the application server on which -you have your EJBs deployed. If this is the first time you're attempting to -do this, under Existing configurations, "No existing EJB Configurations" will -be displayed.</p> -<br /> -<p> - <img alt="" src="images/ejb_guide/screen2.jpg" /> <br /> -</p> -<br /><br /> -<p>Also, there are no servers configured yet. So, click <strong>Add -New</strong>.</p> - <br /> -<p>Select your application server from the list. WSAS comes pre-configured -with some of the settings for the following application servers: JBoss, -Apache Geronimo, and BEA WebLogic. If you use an application server other -than one of these, please select '<strong>Generic</strong>'. Refer to your -application server documentation/configuration for the values and the field -descriptions.</p> - <br /> -<p>If your application server requires a username and password for logging -in, please enter them on this page. Once you have entered the details, click -<strong>Add Application Server</strong> to add the server to the -configuration. If the configuration details were entered correctly, now you -should see the server you configured in the Use Existing list. You can enter -other application server configurations if you need to. Otherwise, click -<strong>Next</strong>.</p> - <br /> -<a name="ejb_step2"></a> -<h4 id="Step1">Step 2 - Upload Interface</h4> - -<p>On the next page, provide the path to the .jar or .zip file containing the -home and remote interfaces for your EJB.</p> - <br /><br /> -<img alt="" src="images/ejb_guide/screen3.jpg" /><br /><br /> -Click <strong>Next</strong>. - <br /> -<a name="ejb_step3"></a> -<h4 id="Step2">Step 3 - Select Classes</h4> - <br /> -<p>On the next page, you will see a list of the remote/home interfaces -available in the archive, you selected on the previous page.</p> <br /> -<img alt="" src="images/ejb_guide/screen4.jpg" /><br /> <br /> - - -<p>Here you can select the interfaces that will be used as the remote and -home interfaces. Accordingly, the two fields (Home Interface and Remote -Interface) in the EJB details table will be populated automatically. You will -have to fill in the JNDI Bean Name for your EJB manually. Click -<strong>Next</strong>.</p> <br /> - -<a name="ejb_step4"></a> -<h4 id="Step3">Step 4 - Deploy Service</h4> -<br /> -<p>Choose an existing Service Group to deploy the EJB service into, or create -a new one. Click <strong>Deploy Service</strong>.</p> <br /><br /> - -<p>If the service deployment was successful, a message will appear informing -you so.</p> <br /><br /> -<img alt="" src="images/ejb_guide/screen5.jpg" /><br /> <br /> - - -<p>Once the WSAS Services page has been refreshed, you should be able to see the new services you -just exposed. Congratulations!</p> <br /> -<a name="ejb_param_edit"></a> - -<p>If you select the EJB service from the main Services page and click on -'Edit EJB Service' option, you'll be taken to a page with the service -parameters for the EJB service. Be careful when you edit any of the -parameters here, as an erroneous edit may result in your EJB service becoming -faulty.</p> <br /> -<img alt="" src="images/ejb_guide/param_edit.jpg" /><br /> <br /> - -<br/> -<h3></h3> -</body> + <head> + <title/> + </head> + <body> + <p>[ + <a + href="http://dist.wso2.org/products/wsas/java/@wso2wsas_version@";>Download</a> + ] + | [ + <a href="index_docs.html">Documentation Home</a> + ] | [ + <a + href="release_notes.html">Release Note</a> + ] + </p> + + <h1>EJB Service Guide</h1> + + <p>This document provides instructions exposing EJBs as Web services using + WSO2 WSAS.</p> + + <p>Your feedback on WSO2 WSAS is most appreciated. Please send them to our + <a + href="mail-lists.html">mailing lists</a> + . + </p> + + <h3>EJB Service Provider</h3> + + <p></p> + WSAS makes it possible for you to expose an EJB deployed in you application + server (JBoss, Apache Geronimo, BEA WebLogic or other) as a Web service. + + <p>Once you have the EJB deployed in your application server, all you need to + do is show WSAS the location of the archive containing the remote/home + interfaces, enter the details for the interface, JNDI bean names etc, and + WSAS will take care of exposing the EJB as a Web service. WSAS will + communicate with the EJB using JNDI, which the WS client just sees as yet + another Web service.</p> + + <p></p> + + <p> + <strong>Contents</strong> + </p> + + <div class="toc"> + <ul> + <li> + <a href="#Step1">Step 1 - EJB Provider Configuration</a> + </li> + <li> + <a href="#Step2">Step 2 - Upload Interface</a> + </li> + <li> + <a href="#Step3">Step 3 - Select Classes</a> + </li> + <li> + <a href="#Step4">Step 4 - Deploy Service</a> + </li> + </ul> + </div> + + <p></p> + + <h4>Instructions</h4> + + <p> + <strong>Before you start WSAS, make sure you've started the J2EE Application Server + where your + EJB is deployed, and copy the client .jars of your J2EE Application Server to either + WSO2WSAS_HOME/lib folder + or onto the classpath.</strong> + </p> + <br/> + + <p>After you have logged in to WSAS, click + <strong>Services</strong> + . + </p> + + <p>Then click + <strong>Define EJB Service</strong> + to configure an EJB to be + exposed as a Web service. + </p> + <br/> + <br/> + <img alt="" src="images/available_services-new.jpg"/> + <br/> + + <a name="Step1"></a> + <h4>Step 1 - EJB Provider Configuration</h4> + + <p>On the next screen, enter the details of the application server on which + you have your EJBs deployed. If this is the first time you're attempting to + do this, under Existing configurations, "No existing EJB Configurations" will + be displayed.</p> + <br/> + <p> + <img alt="" src="images/ejb_guide/screen2.jpg"/> + <br/> + </p> + <br/> + <br/> + <p>Also, there are no servers configured yet. So, click + <strong>Add + New</strong> + . + </p> + <br/> + <p>Select your application server from the list. WSAS comes pre-configured + with some of the settings for the following application servers: JBoss, + Apache Geronimo, and BEA WebLogic. If you use an application server other + than one of these, please select ' + <strong>Generic</strong> + '. Refer to your + application server documentation/configuration for the values and the field + descriptions. + </p> + <br/> + <p>If your application server requires a username and password for logging + in, please enter them on this page. Once you have entered the details, click + <strong>Add Application Server</strong> + to add the server to the + configuration. If the configuration details were entered correctly, now you + should see the server you configured in the Use Existing list. You can enter + other application server configurations if you need to. Otherwise, click + <strong>Next</strong> + . + </p> + <br/> + <a name="Step2"></a> + <h4>Step 2 - Upload Interface</h4> + + <p>On the next page, provide the path to the .jar or .zip file containing the + home and remote interfaces for your EJB.</p> + <br/> + <br/> + <img alt="" src="images/ejb_guide/screen3.jpg"/> + <br/> + <br/> + Click + <strong>Next</strong> + . + <br/> + <a name="Step3"></a> + <h4>Step 3 - Select Classes</h4> + <br/> + <p>On the next page, you will see a list of the remote/home interfaces + available in the archive, you selected on the previous page.</p> + <br/> + <img alt="" src="images/ejb_guide/screen4.jpg"/> + <br/> + <br/> + + + <p>Here you can select the interfaces that will be used as the remote and + home interfaces. Accordingly, the two fields (Home Interface and Remote + Interface) in the EJB details table will be populated automatically. You will + have to fill in the JNDI Bean Name for your EJB manually. Click + <strong>Next</strong>. + </p> + <br/> + + <a name="Step4"></a> + <h4>Step 4 - Deploy Service</h4> + <br/> + <p>Choose an existing Service Group to deploy the EJB service into, or create + a new one. Click + <strong>Deploy Service</strong>. + </p> + <br/> + <br/> + + <p>If the service deployment was successful, a message will appear informing + you so.</p> + <br/> + <br/> + <img alt="" src="images/ejb_guide/screen5.jpg"/> + <br/> + <br/> + + + <p>Once the WSAS Services page has been refreshed, you should be able to see the new + services you + just exposed. Congratulations!</p> + <br/> + <a name="ejb_param_edit"></a> + + <p>If you select the EJB service from the main Services page and click on + 'Edit EJB Service' option, you'll be taken to a page with the service + parameters for the EJB service. Be careful when you edit any of the + parameters here, as an erroneous edit may result in your EJB service becoming + faulty.</p> + <br/> + <img alt="" src="images/ejb_guide/param_edit.jpg"/> + <br/> + <br/> + + <br/> + <h3></h3> + </body> </html> Modified: trunk/wsas/java/modules/documentation/src/site/xdoc/jmx.xml ============================================================================== --- trunk/wsas/java/modules/documentation/src/site/xdoc/jmx.xml (original) +++ trunk/wsas/java/modules/documentation/src/site/xdoc/jmx.xml Fri Jan 18 04:25:33 2008 @@ -14,9 +14,10 @@ ~ limitations under the License. --> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" - "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd";> -<html> +<html xmlns="http://www.w3.org/1999/xhtml";> + <head> + <title/> + </head> <body> <p>[ <a @@ -31,22 +32,24 @@ </p> <h1>JMX Based Monitoring</h1> - jconsole service:jmx:rmi:///jndi/rmi://192.168.8.155:9999/server - <h2>Content</h2> + <p> + <strong>Contents</strong> + </p> <ul> <li> <a href="#introduction">Introduction</a> </li> <li> - <a href="#implementation">Using jconsole to monitor WSAS</a> + <a href="#howto">Using jconsole to Manage & Monitor WSAS</a> </li> </ul> - <a id="introduction"></a> - <h3>Introduction</h3> + <a name="introduction"></a> + <h2>Introduction</h2> <p> - JMX is a technology that lets you implement management interfaces for Java applications. + Java Management Extensions(JMX) is a technology that lets you implement management + interfaces for Java applications. A management interface, as defined by JMX, is composed of named objects - called MBeans (Management Beans). MBeans are registered with a name (an ObjectName) in an MBeanServer. @@ -56,37 +59,192 @@ implemented by protocol connectors, or protocol adaptors. </p> <p> - <img src="images/jmx/jmx1.gif"/> + The first version of JMX based monitoring is available in this release. Some of the + monitoring & management capabilities available in the Management Console have + also been exposed via JMX. </p> + + <a name="howto"></a> + <h2>Using jconsole to Manage & Monitor WSAS</h2> <p> - <img src="images/jmx/jmx2.gif"/> + This section introduces some of the MBeans in WSAS and their usages. We will use + jconsole which ships + with J2SDK 1.5 and newer version in the course of this article. Please + </p> + <hr/> + <p> + <img alt="" src="images/jmx/jmx1.gif"/> + <br/> + <br/> + As shown in the image above, when WSAS is started, if JMX has been enabled, the JMX + Service URL will be displayed. + The default URL is service:jmx:rmi:///jndi/rmi://<your-ip>:9999/server. From the + command line, you can start jconsole + by typing + <strong>jconsole service:jmx:rmi:///jndi/rmi://<your-ip>:9999/server</strong> + . Now the jconsole window will be available + as shown below. You can type in the default username and password combination + admin/admin to login. Note that this is the same administrator account + that is used for looging in, in the Management Console. Any user having the admin role + can login to JMX. </p> <p> - <img src="images/jmx/jmx3.gif"/> + <img alt="" src="images/jmx/jmx2.gif"/> </p> <p> - <img src="images/jmx/jmx4.gif"/> + <img alt="" src="images/jmx/jmx3.gif"/> </p> + + <hr/> <p> - <img src="images/jmx/jmx5.gif"/> + Here is the first window you will see when you login. </p> <p> - <img src="images/jmx/jmx6.gif"/> + <img alt="" src="images/jmx/jmx4.gif"/> </p> + + <hr/> <p> - <img src="images/jmx/jmx7.gif"/> + Click on the MBeans tab and you will see the org.wso2.wsas domain, which will contain + some + MBeans as shown below. </p> <p> - <img src="images/jmx/jmx8.gif"/> + <img alt="" src="images/jmx/jmx5.gif"/> </p> + + <hr/> + <h2>ServerAdmin MBean</h2> <p> - <img src="images/jmx/jmx9.gif"/> + The ServerAdmin MBean is used for administering the WSAS server instance </p> <p> - <img src="images/jmx/jmx10.gif"/> + <img alt="" src="images/jmx/jmx6.gif"/> </p> <p> - <img src="images/jmx/jmx11.gif"/> + The above screen shows the Server attributes such as the ServerStatus, ServerData & + ServerVersion. The ServerStatus can be either RUNNING, SHUTTING_DOWN, RESTARTING or + IN_MAINTENANCE. </p> + <p> + <img alt="" src="images/jmx/jmx7.gif"/> + </p> + <p> + The above screen shows the operations available in the ServerAdmin MBean. + </p> + <ul> + <li>shutdown - forcefully shutdown the server</li> + <li>restart - forcefully restart the server</li> + <li>restartGracefully - wait till all current requests are served and then restart</li> + <li>shutdownGracefully - wait till all current requests are served and then + shutdown</li> + <li>startMaintenance - switch the server to maintenance mode. No new requests will be + accepted while the server is in maintenance</li> + <li>endMaintenance - switch the server to normal mode, if it was switched to maintenance + mode earlier.</li> + </ul> + + <hr/> + <h2>ServiceAdmin MBean</h2> + <p> + The ServiceAdmin MBean is used for adminsitering services deployed on WSAS + </p> + <p> + <img alt="" src="images/jmx/jmx8.gif"/> + </p> + <p> + The above screen shows the attributes: + </p> + <ul> + <li>NumberOfActiveServices - The number of services which can currently serve + requests</li> + <li>NumberOfInactiveServices - The number of services which have been disabled by an + administrator</li> + <li>NumberOfFaultyServices - The number of services which are faulty</li> + </ul> + <p> + <img alt="" src="images/jmx/jmx9.gif"/> + </p> + <p> + The above screen shows the operations available in the ServiceAdmin MBean. + </p> + <ul> + <li>startService(p1:string) - The p1 parameter is the service name. You can activate a + service using this operation.</li> + <li>stopService(p1:string) - The p1 parameter is the service name. You can + deactivate/disable a service using this operation.</li> + </ul> + + <hr/> + <h2>Statistics MBean</h2> + <p> + The Statistics MBean is used for monitoring system and server statistics + </p> + <p> + <img alt="" src="images/jmx/jmx10.gif"/> + </p> + <p> + The above screen shows the attributes: + </p> + <ul> + <li>AvgSystemResponseTime - The average response time for all the services deployed + in the system. The beginning of the measurement is the time at which the server + started.</li> + <li>MaxSystemResponseTime - The maximum response time for all the services deployed + in the system. The beginning of the measurement is the time at which the server + started.</li> + <li>MinSystemResponseTime - The minimum time for all the services deployed in the + system. The beginning of the measurement is the time at which the server + started.</li> + <li>SystemFaultCount - The total number of faults that occurred in the system since + the server was started.</li> + <li>SystemRequestCount - The total number of requests that has been served by the + system since the server was started</li> + <li>SystemResponseCount - The total number of response that has been sent by the + system since the server was started</li> + </ul> + <p> + <img alt="" src="images/jmx/jmx11.gif"/> + </p> + <p> + The above screen shows the operations available in the Statistics MBean.</p> + <ul> + <li>getServiceRequestCount(p1:string) - The p1 parameter is the service name. You + can get the total number of requests received by this service since the time it + was deployed, using this operation.</li> + <li>getServiceResponseCount(p1:string) - The p1 parameter is the service name. You + can get the total number of responses sent by this service since the time it was + deployed, using this operation.</li> + <li>getServiceFaultCount(p1:string) - The p1 parameter is the service name. You can + get the total number of fault responses sent by this service since the time it + was deployed, using this operation.</li> + <li>getMaxServiceResponseTime(p1:string) - The p1 parameter is the service name. You + can get the maximum response time of this service since deployment.</li> + <li>getMinServiceResponseTime(p1:string) - The p1 parameter is the service name. You + can get the minimum response time of this service since deployment.</li> + <li>getAvgServiceResponseTime(p1:string) - The p1 parameter is the service name. You + can get the average response time of this service since deployment.</li> + <li>getOperationRequestCount(p1:string, p2:string) - The p1 parameter is the service + name. The p2 parameter is the operation name. You can get the total number of + requests received by this operation since the time its service was deployed, + using this operation.</li> + <li>getOperationResponseCount(p1:string, p2:string) - The p1 parameter is the + service name. The p2 parameter is the operation name. You can get the total + number of responses sent by this operation since the time its service was + deployed, using this operation.</li> + <li>getOperationFaultCount(p1:string, p2:string) - The p1 parameter is the service + name. The p2 parameter is the operation name. You can get the total number of + fault responses sent by this operation since the time its service was deployed, + using this operation.</li> + <li>getMaxOperationResponseTime(p1:string, p2:string) - The p1 parameter is the + service name. The p2 parameter is the operation name. You can get the maximum + response time of this operation since deployment.</li> + <li>getMinOperationResponseTime(p1:string, p2:string) - The p1 parameter is the + service name. The p2 parameter is the operation name. You can get the minimum + response time of this operation since deployment.</li> + <li>getAvgOperationResponseTime(p1:string, p2:string) - The p1 parameter is the + service name. The p2 parameter is the operation name. You can get the average + response time of this operation since deployment.</li> + </ul> </body> </html> Modified: trunk/wsas/java/modules/documentation/src/site/xdoc/xkms.xml ============================================================================== --- trunk/wsas/java/modules/documentation/src/site/xdoc/xkms.xml (original) +++ trunk/wsas/java/modules/documentation/src/site/xdoc/xkms.xml Fri Jan 18 04:25:33 2008 @@ -14,196 +14,258 @@ ~ limitations under the License. --> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" - "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd";> -<html> -<body> -<p>[<a - href="http://dist.wso2.org/products/wsas/java/@wso2wsas_version@";>Download</a>] - | [<a href="index_docs.html">Documentation Home</a>] | [<a - href="release_notes.html">Release Note</a>]</p> - -<h1>WSO2 XKMS Implementation (XKMS 2.0)</h1> - -<h2>Content</h2> -<ul> - <li><a href="#introduction">Introduction</a></li> - <li><a href="#implementation">Implementation</a></li> - <li><a href="#configuration">Configuration</a></li> - <li><a href="#enabling_on_wsas">Enabling WSAS to use an XKMS service</a></li> -</ul> - -<a id="introduction"></a> -<h3>Introduction</h3> -XML Key Management Service Specification (a.k.a. XKMS) defines a standard way of -generating key pairs, storing public key information and retrieving public -key information. The XKMS services can be exposed as Web services which allow -other applications to delegate some of the key information processing to such -services. That allows the client applications of XKMS services to operate -without worrying about the Public Key Infrastructure which the XKMS services -might be using. XKMS consists of two components. Namely: -<ul> - <li>Protocol Exchanges</li> - Consist of sequences of request/response pairs. This will focus on synchronous, asynchronous - and two-phase request protocols. - <p></p> - <li>Key Information Service (X-KISS)</li> - This set of services allows the client application to retrieve information - about a public key. This has the following operations, - <ol> - <li>Locate</li> - <li>Validate</li> - </ol> - - <p></p> - <li>Key Registration Service. (X-KRISS)</li> - This set of services allows the client application to register the public - key of a client generated key-pair, retrieve the private key of a - server generated key-pair, revoke a registered public key and recover - a private key issued by the server. This has the following operations, - <ol> - <li>Register</li> - <li>Reissue</li> - <li>Revoke</li> - <li>Recover</li> - </ol> - -</ul> - -<a id="implementation"></a> -<h3>Implementation</h3> - -<p>WS02 XKMS Implementation allows the users to expose a Java key store via the following - XKMS operations.</p> - -<ul> - <li> - <strong>Registration of a Key Pair</strong><br/> - - This allows the client to register a public key with the XKMS service. - The XKMS service uses the metadata specified in - the Register request to a X509Certificate using the given public key - and stores it in underlying Java keystore - as a X509Certificate. If a public key is not specified in the - Register request, the server will generate a RSA - key pair and will send the private key back to the client in an encrypted block. - - Please refer to XKMS sample to see how to use an XKMS client to register a public - key with an XKMS server. - </li> - <li><strong>Reissueing of a X509Certificate</strong><br/> - - This allows the client to reissue a X509Certificate with new credentials specified - in Reissue request. For example, the client may request the server to reissue a - X509Certificate with a new validity interval. However the - specified credentials are only advisory to the service. +<html xmlns="http://www.w3.org/1999/xhtml";> + <head> + <title/> + </head> + <body> + <p>[ + <a + href="http://dist.wso2.org/products/wsas/java/@wso2wsas_version@";>Download</a> + ] + | [ + <a href="index_docs.html">Documentation Home</a> + ] | [ + <a + href="release_notes.html">Release Note</a> + ] + </p> + + <h1>WSO2 XKMS Implementation (XKMS 2.0)</h1> + + <p> + <strong>Contents</strong> + </p> + <div class="toc"> + <ul> + <li> + <a href="#introduction">Introduction</a> + </li> + <li> + <a href="#implementation">Implementation</a> + </li> + <li> + <a href="#configuration">Configuration</a> + </li> + <li> + <a href="#enabling_on_wsas">Enabling WSAS to use an XKMS service</a> + </li> + </ul> + </div> + + <a name="introduction"></a> + <h3>Introduction</h3> + XML Key Management Service Specification (a.k.a. XKMS) defines a standard way of + generating key pairs, storing public key information and retrieving public + key information. The XKMS services can be exposed as Web services which allow + other applications to delegate some of the key information processing to such + services. That allows the client applications of XKMS services to operate + without worrying about the Public Key Infrastructure which the XKMS services + might be using. XKMS consists of two components. Namely: + <ul> + <li>Protocol Exchanges + <br/> + Consist of sequences of request/response pairs. This will focus on synchronous, + asynchronous + and two-phase request protocols. + <p></p> + </li> + <li>Key Information Service (X-KISS) + This set of services allows the client application to retrieve information + about a public key. This has the following operations, + <ol> + <li>Locate</li> + <li>Validate</li> + </ol> + + </li> + <li>Key Registration Service. (X-KRISS) + This set of services allows the client application to register the public + key of a client generated key-pair, retrieve the private key of a + server generated key-pair, revoke a registered public key and recover + a private key issued by the server. This has the following operations, + <ol> + <li>Register</li> + <li>Reissue</li> + <li>Revoke</li> + <li>Recover</li> + </ol> + </li> + </ul> + + <a name="implementation"></a> + <h3>Implementation</h3> + + <p>WS02 XKMS Implementation allows the users to expose a Java key store via the following + XKMS operations.</p> + + <ul> + <li> + <strong>Registration of a Key Pair</strong> + <br/> + + This allows the client to register a public key with the XKMS service. + The XKMS service uses the metadata specified in + the Register request to a X509Certificate using the given public key + and stores it in underlying Java keystore + as a X509Certificate. If a public key is not specified in the + Register request, the server will generate a RSA + key pair and will send the private key back to the client in an encrypted block. + + Please refer to XKMS sample to see how to use an XKMS client to register a public + key with an XKMS server. + </li> + <li> + <strong>Reissueing of a X509Certificate</strong> + <br/> + + This allows the client to reissue a X509Certificate with new credentials specified + in Reissue request. For example, the client may request the server to reissue a + X509Certificate with a new validity interval. However the + specified credentials are only advisory to the service. + + Please refer to XKMS sample to see how to use a XKMS client to send a reissue + request to a XKMS Service. + + </li> + <li> + <strong>Recovering a Key Pair</strong> + <br/> + + This allows the client to recover the key (and the private key for server-generated + key pairs) + if it is lost. The private key will be presented inside an encrypted bock. + + Please refer to XKMS sample to see how to use a XKMS client to send a recover + request + to a XKMS service. + + </li> + <li> + <strong>Locating a Public Key / X509Certificate</strong> + <br/> + + This allows the client to use a XKMS service to locate a Public key or + X509Certificate. + The XKMS service may reply with + more than one Public keys or X509Certificates if the query has multiple matches. + the client may use the alias + of the key as the key name in the query. + + Please refer to XKMS sample to see how to use a XKMS client to send a locate request + to a XKMS service. + + </li> + <li> + <strong>Validating a Public key or a X509Certificate</strong> + <br/> + + This allows the client to validate a Public key or a X509Certificate using the XKMS + service. + The XKMS service will + reply whether the Public key or the X509Certificate is trustworthy. + + Please refer to XKMS sample to see how to use a XKMS client to send a validate + request to the + XKMS service. + + </li> + </ul> + + <a name="configuration"></a> + <h3>Configuration</h3> + The XKMS service can be configured by editing the following parameters for the service. + <ul> + <li> + <strong> + org.wso2.xkms2.service.crypto.authen.code</strong> + <br/> + Specifies the authentication code used to authenticate client requests. + </li> + <li> + <strong> + org.wso2.xkms2.service.crypto.keystore.location</strong> + <br/> + Specifies the location of the Java keystore to be used as the key store of XKMS + service. + </li> + <li> + <strong> + org.wso2.xkms2.service.crypto.keystore.password</strong> + <br/> + Specifies the password of the above keystore. + </li> + <li> + <strong> + org.wso2.xkms2.service.crypto.server.cert.alias</strong> + <br/> + Specifies the alias of XKMS server certificate. This will be used to sign + entire outgoing XKMS messages. + </li> + <li> + <strong> + org.wso2.xkms2.service.crypto.server.key.password</strong> + <br/> + Specifies the private key password of the service. This will be used to sign + entire outgoing XKMS messages. + </li> + <li> + <strong> + org.wso2.xkms2.service.crypto.issuer.cert.alias</strong> + <br/> + Specifies the alias of the the Issuer certificate which will be used as + issuer certificate when generating + certificates for public keys specified in Register requests. + </li> + <li> + <strong> + org.wso2.xkms2.service.crypto.issuer.key.password</strong> + <br/> + Specifies the password of Issuer private key. This will be used when generating + certificates for public keys + specified in Register requests. + </li> + <li> + <strong> + org.wso2.xkms2.service.crypto.default.private.key.password</strong> + <br/> + Specifies the password to be used to store server-generated private keys. + </li> + <li> + <strong> + org.wso2.xkms2.service.crypto.default.expriy.interval</strong> + <br/> + Specifies the default validity interval of generated certificates. Client can + request to + limit the validity + period to a value less than the default but can not increase it more than the + default period. + </li> + <li> + <strong> + org.wso2.xkms2.service.crypto.persistence.enabled</strong> + <br/> + Sets the flag to enable persistence. If set, it will persist the Java keystore when + the + keys are uploaded. + </li> + </ul> - Please refer to XKMS sample to see how to use a XKMS client to send a reissue - request to a XKMS Service. - - </li> - <li><strong>Recovering a Key Pair</strong> <br/> - This allows the client to recover the key (and the private key for server-generated key pairs) - if it is lost. The private key will be presented inside an encrypted bock. - - Please refer to XKMS sample to see how to use a XKMS client to send a recover request - to a XKMS service. - - </li> - <li><strong>Locating a Public Key / X509Certificate</strong><br/> - - This allows the client to use a XKMS service to locate a Public key or X509Certificate. - The XKMS service may reply with - more than one Public keys or X509Certificates if the query has multiple matches. - the client may use the alias - of the key as the key name in the query. - - Please refer to XKMS sample to see how to use a XKMS client to send a locate request to a XKMS service. - - </li> - <li><strong>Validating a Public key or a X509Certificate</strong><br/> - - This allows the client to validate a Public key or a X509Certificate using the XKMS service. - The XKMS service will - reply whether the Public key or the X509Certificate is trustworthy. - - Please refer to XKMS sample to see how to use a XKMS client to send a validate request to the - XKMS service. - - </li> -</ul> - -<a id="configuration"></a> -<h3>Configuration</h3> -The XKMS service can be configured by editing the following parameters for the service. -<ul> - <li><strong> - org.wso2.xkms2.service.crypto.authen.code </strong><br/> - Specifies the authentication code used to authenticate client requests. - </li> - <li><strong> - org.wso2.xkms2.service.crypto.keystore.location</strong><br/> - Specifies the location of the Java keystore to be used as the key store of XKMS service.</li> - <li><strong> - org.wso2.xkms2.service.crypto.keystore.password</strong><br/> - Specifies the password of the above keystore. - </li> - <li><strong> - org.wso2.xkms2.service.crypto.server.cert.alias</strong><br/> - Specifies the alias of XKMS server certificate. This will be used to sign - entire outgoing XKMS messages. - </li> - <li><strong> - org.wso2.xkms2.service.crypto.server.key.password</strong><br/> - Specifies the private key password of the service. This will be used to sign - entire outgoing XKMS messages. - </li> - <li><strong> - org.wso2.xkms2.service.crypto.issuer.cert.alias</strong><br/> - Specifies the alias of the the Issuer certificate which will be used as - issuer certificate when generating - certificates for public keys specified in Register requests. - </li> - <li><strong> - org.wso2.xkms2.service.crypto.issuer.key.password </strong><br/> - Specifies the password of Issuer private key. This will be used when generating - certificates for public keys - specified in Register requests. - </li> - <li><strong> - org.wso2.xkms2.service.crypto.default.private.key.password </strong><br/> - Specifies the password to be used to store server-generated private keys. - </li> - <li><strong> - org.wso2.xkms2.service.crypto.default.expriy.interval</strong><br/> - Specifies the default validity interval of generated certificates. Client can request to - limit the validity - period to a value less than the default but can not increase it more than the default period. - </li> - <li><strong> - org.wso2.xkms2.service.crypto.persistence.enabled</strong><br/> - Sets the flag to enable persistence. If set, it will persist the Java keystore when the - keys are uploaded. - </li> -</ul> - -<br/> - -<a id="enabling_on_wsas"></a> -<h3>Enabling WSAS to use an XKMS service</h3> -<p>You can configure WSO2 WSAS to use a XKMS server to locate and validate public keys - and x509 Certificates when applying WS-Security. You can do this by un-commenting - the following parameter in the axis2.xml in the AXIS2_HOME/conf directory.</p> - <pre> - <parameter name="XKMSConfig" enabled="true"> - <URL>http://127.0.0.1:9762/services/xkms</URL> - <PassPhrase>secret</PassPhrase> - </parameter> - </pre> -<p>Once it is enabled, the WSAS Crypto implementation will try to use the XKMS service for - retrieval or validation purposes as the last resort, if the key or the certificate is - not available on local keystores.</p> -</body> + <a name="enabling_on_wsas"></a> + <h3>Enabling WSAS to use an XKMS service</h3> + <p>You can configure WSO2 WSAS to use a XKMS server to locate and validate public keys + and x509 Certificates when applying WS-Security. You can do this by un-commenting + the following parameter in the axis2.xml in the AXIS2_HOME/conf directory.</p> + <pre> + <parameter name="XKMSConfig" enabled="true"> + <URL>http://127.0.0.1:9762/services/xkms</URL> + <PassPhrase>secret</PassPhrase> + </parameter> + </pre> + <p>Once it is enabled, the WSAS Crypto implementation will try to use the XKMS service for + retrieval or validation purposes as the last resort, if the key or the certificate is + not available on local keystores.</p> + </body> </html> Added: trunk/wsas/java/modules/www/extensions/core/js/init.js ============================================================================== --- (empty file) +++ trunk/wsas/java/modules/www/extensions/core/js/init.js Fri Jan 18 04:25:33 2008 @@ -0,0 +1,8 @@ +/* This js will initialze wsas specific namespaces */ +// This will have all the functionality for data services. +if (typeof (wso2) == "undefined") { + wso2 = {}; +} +if (typeof (wso2.wsas) == "undefined") { + wso2.wsas = {}; +} _______________________________________________ Wsas-java-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/wsas-java-dev
