You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by bu...@apache.org on 2014/12/09 14:20:27 UTC
svn commit: r931973 [1/2] - in /websites/production/camel/content:
book-component-appendix.html book-in-one-page.html cache/main.pageCache
crypto-digital-signatures.html
Author: buildbot
Date: Tue Dec 9 13:20:26 2014
New Revision: 931973
Log:
Production update by buildbot for camel
Modified:
websites/production/camel/content/book-component-appendix.html
websites/production/camel/content/book-in-one-page.html
websites/production/camel/content/cache/main.pageCache
websites/production/camel/content/crypto-digital-signatures.html
Modified: websites/production/camel/content/book-component-appendix.html
==============================================================================
--- websites/production/camel/content/book-component-appendix.html (original)
+++ websites/production/camel/content/book-component-appendix.html Tue Dec 9 13:20:26 2014
@@ -1255,67 +1255,23 @@ registry.bind("accounts", blac
<p>A context component instance can have many public input and output endpoints that can be accessed from outside it's CamelContext. When there are many it is recommended that you use logical names for them to hide the middleware as shown above.</p>
<p>However when there is only one input, output or error/dead letter endpoint in a component we recommend using the common posix shell names <strong>in</strong>, <strong>out</strong> and <strong>err</strong></p>
-<h2 id="BookComponentAppendix-CryptocomponentforDigitalSignatures">Crypto component for Digital Signatures</h2>
-<p><strong>Available as of Camel 2.3</strong></p>
-
-<p>With Camel cryptographic endpoints and Java's Cryptographic extension it is easy to create Digital Signatures for <a shape="rect" href="exchange.html">Exchange</a>s. Camel provides a pair of flexible endpoints which get used in concert to create a signature for an exchange in one part of the exchange's workflow and then verify the signature in a later part of the workflow.</p>
-
-<p>Maven users will need to add the following dependency to their <code>pom.xml</code> for this component:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
-<dependency>
+<h2 id="BookComponentAppendix-CryptocomponentforDigitalSignatures">Crypto component for Digital Signatures</h2><p><strong>Available as of Camel 2.3</strong></p><p>With Camel cryptographic endpoints and Java's Cryptographic extension it is easy to create Digital Signatures for <a shape="rect" href="exchange.html">Exchange</a>s. Camel provides a pair of flexible endpoints which get used in concert to create a signature for an exchange in one part of the exchange's workflow and then verify the signature in a later part of the workflow.</p><p>Maven users will need to add the following dependency to their <code>pom.xml</code> for this component:</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-crypto</artifactId>
<version>x.x.x</version>
<!-- use the same version as your Camel core version -->
</dependency>
]]></script>
-</div></div>
-
-<h3 id="BookComponentAppendix-Introduction">Introduction</h3>
-
-<p>Digital signatures make use of Asymmetric Cryptographic techniques to sign messages. From a (very) high level, the algorithms use pairs of complimentary keys with the special property that data encrypted with one key can only be decrypted with the other. One, the private key, is closely guarded and used to 'sign' the message while the other, public key, is shared around to anyone interested in verifying the signed messages. Messages are signed by using the private key to encrypting a digest of the message. This encrypted digest is transmitted along with the message. On the other side the verifier recalculates the message digest and uses the public key to decrypt the the digest in the signature. If both digests match the verifier knows only the holder of the private key could have created the signature. </p>
-
-<p>Camel uses the Signature service from the Java Cryptographic Extension to do all the heavy cryptographic lifting required to create exchange signatures. The following are some excellent resources for explaining the mechanics of Cryptography, Message digests and Digital Signatures and how to leverage them with the JCE.</p>
-
-<ul class="alternate"><li>Bruce Schneier's Applied Cryptography</li><li>Beginning Cryptography with Java by David Hook</li><li>The ever insightful Wikipedia <a shape="rect" class="external-link" href="http://en.wikipedia.org/wiki/Digital_signature" rel="nofollow">Digital_signatures</a></li></ul>
-
-
-<h3 id="BookComponentAppendix-URIformat.9">URI format</h3>
-
-<p>As mentioned Camel provides a pair of crypto endpoints to create and verify signatures</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
-crypto:sign:name[?options]
+</div></div><h3 id="BookComponentAppendix-Introduction">Introduction</h3><p>Digital signatures make use of Asymmetric Cryptographic techniques to sign messages. From a (very) high level, the algorithms use pairs of complimentary keys with the special property that data encrypted with one key can only be decrypted with the other. One, the private key, is closely guarded and used to 'sign' the message while the other, public key, is shared around to anyone interested in verifying the signed messages. Messages are signed by using the private key to encrypting a digest of the message. This encrypted digest is transmitted along with the message. On the other side the verifier recalculates the message digest and uses the public key to decrypt the the digest in the signature. If both digests match the verifier knows only the holder of the private key could have created the signature.</p><p>Camel uses the Signature service from the Java Cryptographic Extension to do all the heavy cryptograp
hic lifting required to create exchange signatures. The following are some excellent resources for explaining the mechanics of Cryptography, Message digests and Digital Signatures and how to leverage them with the JCE.</p><ul class="alternate"><li>Bruce Schneier's Applied Cryptography</li><li>Beginning Cryptography with Java by David Hook</li><li>The ever insightful Wikipedia <a shape="rect" class="external-link" href="http://en.wikipedia.org/wiki/Digital_signature" rel="nofollow">Digital_signatures</a></li></ul><h3 id="BookComponentAppendix-URIformat.9">URI format</h3><p>As mentioned Camel provides a pair of crypto endpoints to create and verify signatures</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[crypto:sign:name[?options]
crypto:verify:name[?options]
]]></script>
-</div></div>
-
-<ul><li><code>crypto:sign</code> creates the signature and stores it in the Header keyed by the constant <code>Exchange.SIGNATURE</code>, i.e. <code>"CamelDigitalSignature"</code>.</li><li><code>crypto:verify</code> will read in the contents of this header and do the verification calculation.</li></ul>
-
-
-<p>In order to correctly function, the sign and verify process needs a pair of keys to be shared, signing requiring a <code>PrivateKey</code> and verifying a <code>PublicKey</code> (or a <code>Certificate</code> containing one). Using the JCE it is very simple to generate these key pairs but it is usually most secure to use a KeyStore to house and share your keys. The DSL is very flexible about how keys are supplied and provides a number of mechanisms. </p>
-
-<p>Note a <code>crypto:sign</code> endpoint is typically defined in one route and the complimentary <code>crypto:verify</code> in another, though for simplicity in the examples they appear one after the other. It goes without saying that both signing and verifying should be configured identically.</p>
-
-<h3 id="BookComponentAppendix-Options.6">Options</h3>
-<div class="confluenceTableSmall">
-<div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Description </p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>algorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>SHA1WithDSA</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The name of the JCE Signature algorithm that will be used. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>alias</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" r
owspan="1" class="confluenceTd"><p> An alias name that will be used to select a key from the keystore. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>bufferSize</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>Integer</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>2048</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> the size of the buffer used in the signature process. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>certificate</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>Certificate</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> A Certificate used to verify the signature of the exchange's payload. Either this or a Public Key is required. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>keystor
e</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>KeyStore</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> A reference to a JCE Keystore that stores keys and certificates used to sign and verify. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>provider</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The name of the JCE Security Provider that should be used. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>privateKey</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>PrivateKey</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> The private key used to sign the exchange's payload. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>publicKey</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>PublicKey</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The public key used to verify the signature of the exchange's payload. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>secureRandom</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>secureRandom</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> A reference to a <code>SecureRandom</code> object that will be used to initialize the Signature service. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>password</code> <
/p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>char[]</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The password for the keystore. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>clearHeaders</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>true</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Remove camel crypto headers from Message after a verify operation (value can be <code>"true"</code>/<code>"false"</code>). </p></td></tr></tbody></table></div>
-</div>
-
-<h3 id="BookComponentAppendix-Using.2">Using</h3>
-
-<h4 id="BookComponentAppendix-1)Rawkeys">1) Raw keys</h4>
-<p>The most basic way to way to sign and verify an exchange is with a KeyPair as follows. </p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><ul><li><code>crypto:sign</code> creates the signature and stores it in the Header keyed by the constant <code>Exchange.SIGNATURE</code>, i.e. <code>"CamelDigitalSignature"</code>.</li><li><code>crypto:verify</code> will read in the contents of this header and do the verification calculation.</li></ul><p>In order to correctly function, the sign and verify process needs a pair of keys to be shared, signing requiring a <code>PrivateKey</code> and verifying a <code>PublicKey</code> (or a <code>Certificate</code> containing one). Using the JCE it is very simple to generate these key pairs but it is usually most secure to use a KeyStore to house and share your keys. The DSL is very flexible about how keys are supplied and provides a number of mechanisms.</p><p>Note a <code>crypto:sign</code> endpoint is typically defined in one route and the complimentary <code>crypto:verify</code> in another, though for simplicity in the examples they appear one after the other. It goes with
out saying that both signing and verifying should be configured identically.</p><h3 id="BookComponentAppendix-Options.6">Options</h3><div class="confluenceTableSmall"><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Type</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Default</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>algorithm</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>SHA1WithDSA</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The name of the JCE Signature algorithm that will be used.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>alias</code></p></td><td colspan="1" rowspan="1" cl
ass="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>An alias name that will be used to select a key from the keystore.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>bufferSize</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>Integer</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>2048</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>the size of the buffer used in the signature process.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>certificate</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>Certificate</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>A Certificate used to verify the signature of the exchange's payloa
d. Either this or a Public Key is required.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>keystore</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>KeyStore</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>A reference to a JCE Keystore that stores keys and certificates used to sign and verify.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">keyStoreParameters <strong>Camel 2.14.1</strong></td><td colspan="1" rowspan="1" class="confluenceTd">KeyStoreParameters</td><td colspan="1" rowspan="1" class="confluenceTd">null</td><td colspan="1" rowspan="1" class="confluenceTd">A reference to a Camel KeyStoreParameters Object which wraps a Java KeyStore Object</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>provider</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p><
/td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The name of the JCE Security Provider that should be used.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>privateKey</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>PrivateKey</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The private key used to sign the exchange's payload.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>publicKey</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>PublicKey</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The public key used to verify the signature of the exchange's payload.</p></td></tr><tr><td colspan="1" rowspan="1" class="
confluenceTd"><p><code>secureRandom</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>secureRandom</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>A reference to a <code>SecureRandom</code> object that will be used to initialize the Signature service.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>password</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>char[]</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The password to access the private key from the keystore</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>clearHeaders</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>true</code></p></t
d><td colspan="1" rowspan="1" class="confluenceTd"><p>Remove camel crypto headers from Message after a verify operation (value can be <code>"true"</code>/<code>"false"</code>).</p></td></tr></tbody></table></div></div><h3 id="BookComponentAppendix-Using.2">Using</h3><h4 id="BookComponentAppendix-1)Rawkeys">1) Raw keys</h4><p>The most basic way to way to sign and verify an exchange is with a KeyPair as follows.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:keypair").to("crypto:sign://basic?privateKey=#myPrivateKey", "crypto:verify://basic?publicKey=#myPublicKey", "mock:result");
]]></script>
-</div></div>
-
-<p>The same can be achieved with the <a shape="rect" href="spring-xml-extensions.html">Spring XML Extensions</a> using references to keys </p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>The same can be achieved with the <a shape="rect" href="spring-xml-extensions.html">Spring XML Extensions</a> using references to keys</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:keypair"/>
@@ -1324,22 +1280,11 @@ from("direct:keypair").to(&quo
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<h4 id="BookComponentAppendix-2)KeyStoresandAliases.">2) KeyStores and Aliases.</h4>
-<p>The JCE provides a very versatile keystore concept for housing pairs of private keys and certificates, keeping them encrypted and password protected. They can be retrieved by applying an alias to the retrieval APIs. There are a number of ways to get keys and Certificates into a keystore, most often this is done with the external 'keytool' application. <a shape="rect" class="external-link" href="http://www.exampledepot.com/egs/java.security.cert/CreateCert.html" rel="nofollow">This</a> is a good example of using keytool to create a KeyStore with a self signed Cert and Private key.</p>
-
-<p>The examples use a Keystore with a key and cert aliased by 'bob'. The password for the keystore and the key is 'letmein'</p>
-
-<p>The following shows how to use a Keystore via the Fluent builders, it also shows how to load and initialize the keystore.</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h4 id="BookComponentAppendix-2)KeyStoresandAliases.">2) KeyStores and Aliases.</h4><p>The JCE provides a very versatile keystore concept for housing pairs of private keys and certificates, keeping them encrypted and password protected. They can be retrieved by applying an alias to the retrieval APIs. There are a number of ways to get keys and Certificates into a keystore, most often this is done with the external 'keytool' application. <a shape="rect" class="external-link" href="http://www.exampledepot.com/egs/java.security.cert/CreateCert.html" rel="nofollow">This</a> is a good example of using keytool to create a KeyStore with a self signed Cert and Private key.</p><p>The examples use a Keystore with a key and cert aliased by 'bob'. The password for the keystore and the key is 'letmein'</p><p>The following shows how to use a Keystore via the Fluent builders, it also shows how to load and initialize the keystore.</p><div class="code panel pdl" style="border-width: 1px;
"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:keystore").to("crypto:sign://keystore?keystore=#keystore&alias=bob&password=letmein", "crypto:verify://keystore?keystore=#keystore&alias=bob", "mock:result");
]]></script>
-</div></div>
-
-<p>Again in Spring a ref is used to lookup an actual keystore instance. </p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>Again in Spring a ref is used to lookup an actual keystore instance.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:keystore"/>
@@ -1348,12 +1293,7 @@ from("direct:keystore").to(&qu
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<h4 id="BookComponentAppendix-3)ChangingJCEProviderandAlgorithm">3) Changing JCE Provider and Algorithm</h4>
-<p>Changing the Signature algorithm or the Security provider is a simple matter of specifying their names. You will need to also use Keys that are compatible with the algorithm you choose.</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h4 id="BookComponentAppendix-3)ChangingJCEProviderandAlgorithm">3) Changing JCE Provider and Algorithm</h4><p>Changing the Signature algorithm or the Security provider is a simple matter of specifying their names. You will need to also use Keys that are compatible with the algorithm you choose.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(512, new SecureRandom());
@@ -1366,16 +1306,11 @@ context.getEndpoint("crypto:sign://
context.getEndpoint("crypto:verify://rsa?algorithm=MD5withRSA", DigitalSignatureEndpoint.class).setPublicKey(publicKey);
from("direct:algorithm").to("crypto:sign://rsa?algorithm=MD5withRSA", "crypto:verify://rsa?algorithm=MD5withRSA", "mock:result");
]]></script>
-</div></div>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:provider").to("crypto:sign://provider?privateKey=#myPrivateKey&provider=SUN", "crypto:verify://provider?publicKey=#myPublicKey&provider=SUN", "mock:result");
]]></script>
-</div></div>
-
-<p>or</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>or</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:algorithm"/>
@@ -1384,8 +1319,7 @@ from("direct:provider").to(&qu
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:provider"/>
@@ -1394,20 +1328,12 @@ from("direct:provider").to(&qu
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<h4 id="BookComponentAppendix-4)ChangingtheSignatureMessageHeader">4) Changing the Signature Message Header</h4>
-<p>It may be desirable to change the message header used to store the signature. A different header name can be specified in the route definition as follows</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h4 id="BookComponentAppendix-4)ChangingtheSignatureMessageHeader">4) Changing the Signature Message Header</h4><p>It may be desirable to change the message header used to store the signature. A different header name can be specified in the route definition as follows</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:signature-header").to("crypto:sign://another?privateKey=#myPrivateKey&signatureHeader=AnotherDigitalSignature",
"crypto:verify://another?publicKey=#myPublicKey&signatureHeader=AnotherDigitalSignature", "mock:result");
]]></script>
-</div></div>
-
-<p>or</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>or</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:signature-header"/>
@@ -1416,19 +1342,11 @@ from("direct:signature-header"
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<h4 id="BookComponentAppendix-5)Changingthebuffersize">5) Changing the buffersize</h4>
-<p>In case you need to update the size of the buffer...</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h4 id="BookComponentAppendix-5)Changingthebuffersize">5) Changing the buffersize</h4><p>In case you need to update the size of the buffer...</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:buffersize").to("crypto:sign://buffer?privateKey=#myPrivateKey&buffersize=1024", "crypto:verify://buffer?publicKey=#myPublicKey&buffersize=1024", "mock:result");
]]></script>
-</div></div>
-
-<p>or</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>or</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:buffersize" />
@@ -1437,24 +1355,12 @@ from("direct:buffersize").to(&
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<h4 id="BookComponentAppendix-6)SupplyingKeysdynamically.">6) Supplying Keys dynamically.</h4>
-<p>When using a Recipient list or similar EIP the recipient of an exchange can vary dynamically. Using the same key across all recipients may be neither feasible nor desirable. It would be useful to be able to specify signature keys dynamically on a per-exchange basis. The exchange could then be dynamically enriched with the key of its target recipient prior to signing. To facilitate this the signature mechanisms allow for keys to be supplied dynamically via the message headers below </p>
-
-<ul><li><code>Exchange.SIGNATURE_PRIVATE_KEY</code>, <code>"CamelSignaturePrivateKey"</code></li><li><code>Exchange.SIGNATURE_PUBLIC_KEY_OR_CERT</code>, <code>"CamelSignaturePublicKeyOrCert"</code></li></ul>
-
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h4 id="BookComponentAppendix-6)SupplyingKeysdynamically.">6) Supplying Keys dynamically.</h4><p>When using a Recipient list or similar EIP the recipient of an exchange can vary dynamically. Using the same key across all recipients may be neither feasible nor desirable. It would be useful to be able to specify signature keys dynamically on a per-exchange basis. The exchange could then be dynamically enriched with the key of its target recipient prior to signing. To facilitate this the signature mechanisms allow for keys to be supplied dynamically via the message headers below</p><ul><li><code>Exchange.SIGNATURE_PRIVATE_KEY</code>, <code>"CamelSignaturePrivateKey"</code></li><li><code>Exchange.SIGNATURE_PUBLIC_KEY_OR_CERT</code>, <code>"CamelSignaturePublicKeyOrCert"</code></li></ul><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:headerkey-sign").to("crypto:sign://alias");
from("direct:headerkey-verify").to("crypto:verify://alias", "mock:result");
]]></script>
-</div></div>
-
-<p>or</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>or</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:headerkey-sign"/>
@@ -1466,22 +1372,12 @@ from("direct:headerkey-verify"
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<p>Even better would be to dynamically supply a keystore alias. Again the alias can be supplied in a message header</p>
-<ul><li><code>Exchange.KEYSTORE_ALIAS</code>, <code>"CamelSignatureKeyStoreAlias"</code></li></ul>
-
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>Even better would be to dynamically supply a keystore alias. Again the alias can be supplied in a message header</p><ul><li><code>Exchange.KEYSTORE_ALIAS</code>, <code>"CamelSignatureKeyStoreAlias"</code></li></ul><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:alias-sign").to("crypto:sign://alias?keystore=#keystore");
from("direct:alias-verify").to("crypto:verify://alias?keystore=#keystore", "mock:result");
]]></script>
-</div></div>
-
-<p>or</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>or</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:alias-sign"/>
@@ -1493,12 +1389,8 @@ from("direct:alias-verify").to
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<p>The header would be set as follows</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
-Exchange unsigned = getMandatoryEndpoint("direct:alias-sign").createExchange();
+</div></div><p>The header would be set as follows</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[Exchange unsigned = getMandatoryEndpoint("direct:alias-sign").createExchange();
unsigned.getIn().setBody(payload);
unsigned.getIn().setHeader(DigitalSignatureConstants.KEYSTORE_ALIAS, "bob");
unsigned.getIn().setHeader(DigitalSignatureConstants.KEYSTORE_PASSWORD, "letmein".toCharArray());
@@ -1508,11 +1400,8 @@ signed.getIn().copyFrom(unsigned.getOut(
signed.getIn().setHeader(KEYSTORE_ALIAS, "bob");
template.send("direct:alias-verify", signed);
]]></script>
-</div></div>
-
-<h3 id="BookComponentAppendix-SeeAlso.8">See Also</h3>
-<ul><li><a shape="rect" href="configuring-camel.html">Configuring Camel</a></li><li><a shape="rect" href="component.html">Component</a></li><li><a shape="rect" href="endpoint.html">Endpoint</a></li><li><a shape="rect" href="getting-started.html">Getting Started</a></li></ul>
-<ul><li><a shape="rect" href="crypto.html">Crypto</a> Crypto is also available as a <a shape="rect" href="data-format.html">Data Format</a></li></ul>
+</div></div><p></p><h3 id="BookComponentAppendix-SeeAlso.8">See Also</h3>
+<ul><li><a shape="rect" href="configuring-camel.html">Configuring Camel</a></li><li><a shape="rect" href="component.html">Component</a></li><li><a shape="rect" href="endpoint.html">Endpoint</a></li><li><a shape="rect" href="getting-started.html">Getting Started</a></li></ul><ul><li><a shape="rect" href="crypto.html">Crypto</a> Crypto is also available as a <a shape="rect" href="data-format.html">Data Format</a></li></ul>
<h2 id="BookComponentAppendix-CXFComponent">CXF Component</h2> <div class="aui-message warning shadowed information-macro">
<span class="aui-icon icon-warning">Icon</span>
<div class="message-content">
@@ -1526,11 +1415,11 @@ template.send("direct:alias-verify&
</div>
</div>
<p>The <strong>cxf:</strong> component provides integration with <a shape="rect" href="http://cxf.apache.org">Apache CXF</a> for connecting to JAX-WS services hosted in CXF.</p><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1418062724074 {padding: 0px;}
-div.rbtoc1418062724074 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1418062724074 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1418131126404 {padding: 0px;}
+div.rbtoc1418131126404 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1418131126404 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1418062724074">
+/*]]>*/</style></p><div class="toc-macro rbtoc1418131126404">
<ul class="toc-indentation"><li><a shape="rect" href="#CXF-CXFComponent">CXF Component</a>
<ul class="toc-indentation"><li><a shape="rect" href="#CXF-URIformat">URI format</a></li><li><a shape="rect" href="#CXF-Options">Options</a>
<ul class="toc-indentation"><li><a shape="rect" href="#CXF-Thedescriptionsofthedataformats">The descriptions of the dataformats</a>
Modified: websites/production/camel/content/book-in-one-page.html
==============================================================================
--- websites/production/camel/content/book-in-one-page.html (original)
+++ websites/production/camel/content/book-in-one-page.html Tue Dec 9 13:20:26 2014
@@ -4126,11 +4126,11 @@ While not actual tutorials you might fin
</div>
</div>
<h2 id="BookInOnePage-Preface">Preface</h2><p>This tutorial aims to guide the reader through the stages of creating a project which uses Camel to facilitate the routing of messages from a JMS queue to a <a shape="rect" class="external-link" href="http://www.springramework.org" rel="nofollow">Spring</a> service. The route works in a synchronous fashion returning a response to the client.</p><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1418062751172 {padding: 0px;}
-div.rbtoc1418062751172 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1418062751172 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1418131140955 {padding: 0px;}
+div.rbtoc1418131140955 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1418131140955 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1418062751172">
+/*]]>*/</style></p><div class="toc-macro rbtoc1418131140955">
<ul class="toc-indentation"><li><a shape="rect" href="#Tutorial-JmsRemoting-TutorialonSpringRemotingwithJMS">Tutorial on Spring Remoting with JMS</a></li><li><a shape="rect" href="#Tutorial-JmsRemoting-Preface">Preface</a></li><li><a shape="rect" href="#Tutorial-JmsRemoting-Prerequisites">Prerequisites</a></li><li><a shape="rect" href="#Tutorial-JmsRemoting-Distribution">Distribution</a></li><li><a shape="rect" href="#Tutorial-JmsRemoting-About">About</a></li><li><a shape="rect" href="#Tutorial-JmsRemoting-CreatetheCamelProject">Create the Camel Project</a>
<ul class="toc-indentation"><li><a shape="rect" href="#Tutorial-JmsRemoting-UpdatethePOMwithDependencies">Update the POM with Dependencies</a></li></ul>
</li><li><a shape="rect" href="#Tutorial-JmsRemoting-WritingtheServer">Writing the Server</a>
@@ -6316,11 +6316,11 @@ So we completed the last piece in the pi
<style type="text/css">/*<![CDATA[*/
-div.rbtoc1418062752752 {padding: 0px;}
-div.rbtoc1418062752752 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1418062752752 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1418131141772 {padding: 0px;}
+div.rbtoc1418131141772 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1418131141772 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style><div class="toc-macro rbtoc1418062752752">
+/*]]>*/</style><div class="toc-macro rbtoc1418131141772">
<ul class="toc-indentation"><li><a shape="rect" href="#Tutorial-AXIS-Camel-TutorialusingAxis1.4withApacheCamel">Tutorial using Axis 1.4 with Apache Camel</a>
<ul class="toc-indentation"><li><a shape="rect" href="#Tutorial-AXIS-Camel-Prerequisites">Prerequisites</a></li><li><a shape="rect" href="#Tutorial-AXIS-Camel-Distribution">Distribution</a></li><li><a shape="rect" href="#Tutorial-AXIS-Camel-Introduction">Introduction</a></li><li><a shape="rect" href="#Tutorial-AXIS-Camel-SettinguptheprojecttorunAxis">Setting up the project to run Axis</a>
<ul class="toc-indentation"><li><a shape="rect" href="#Tutorial-AXIS-Camel-Maven2">Maven 2</a></li><li><a shape="rect" href="#Tutorial-AXIS-Camel-wsdl">wsdl</a></li><li><a shape="rect" href="#Tutorial-AXIS-Camel-ConfiguringAxis">Configuring Axis</a></li><li><a shape="rect" href="#Tutorial-AXIS-Camel-RunningtheExample">Running the Example</a></li></ul>
@@ -19064,67 +19064,23 @@ registry.bind("accounts", blac
<p>A context component instance can have many public input and output endpoints that can be accessed from outside it's CamelContext. When there are many it is recommended that you use logical names for them to hide the middleware as shown above.</p>
<p>However when there is only one input, output or error/dead letter endpoint in a component we recommend using the common posix shell names <strong>in</strong>, <strong>out</strong> and <strong>err</strong></p>
-<h2 id="BookInOnePage-CryptocomponentforDigitalSignatures">Crypto component for Digital Signatures</h2>
-<p><strong>Available as of Camel 2.3</strong></p>
-
-<p>With Camel cryptographic endpoints and Java's Cryptographic extension it is easy to create Digital Signatures for <a shape="rect" href="exchange.html">Exchange</a>s. Camel provides a pair of flexible endpoints which get used in concert to create a signature for an exchange in one part of the exchange's workflow and then verify the signature in a later part of the workflow.</p>
-
-<p>Maven users will need to add the following dependency to their <code>pom.xml</code> for this component:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
-<dependency>
+<h2 id="BookInOnePage-CryptocomponentforDigitalSignatures">Crypto component for Digital Signatures</h2><p><strong>Available as of Camel 2.3</strong></p><p>With Camel cryptographic endpoints and Java's Cryptographic extension it is easy to create Digital Signatures for <a shape="rect" href="exchange.html">Exchange</a>s. Camel provides a pair of flexible endpoints which get used in concert to create a signature for an exchange in one part of the exchange's workflow and then verify the signature in a later part of the workflow.</p><p>Maven users will need to add the following dependency to their <code>pom.xml</code> for this component:</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[<dependency>
<groupId>org.apache.camel</groupId>
<artifactId>camel-crypto</artifactId>
<version>x.x.x</version>
<!-- use the same version as your Camel core version -->
</dependency>
]]></script>
-</div></div>
-
-<h3 id="BookInOnePage-Introduction.6">Introduction</h3>
-
-<p>Digital signatures make use of Asymmetric Cryptographic techniques to sign messages. From a (very) high level, the algorithms use pairs of complimentary keys with the special property that data encrypted with one key can only be decrypted with the other. One, the private key, is closely guarded and used to 'sign' the message while the other, public key, is shared around to anyone interested in verifying the signed messages. Messages are signed by using the private key to encrypting a digest of the message. This encrypted digest is transmitted along with the message. On the other side the verifier recalculates the message digest and uses the public key to decrypt the the digest in the signature. If both digests match the verifier knows only the holder of the private key could have created the signature. </p>
-
-<p>Camel uses the Signature service from the Java Cryptographic Extension to do all the heavy cryptographic lifting required to create exchange signatures. The following are some excellent resources for explaining the mechanics of Cryptography, Message digests and Digital Signatures and how to leverage them with the JCE.</p>
-
-<ul class="alternate"><li>Bruce Schneier's Applied Cryptography</li><li>Beginning Cryptography with Java by David Hook</li><li>The ever insightful Wikipedia <a shape="rect" class="external-link" href="http://en.wikipedia.org/wiki/Digital_signature" rel="nofollow">Digital_signatures</a></li></ul>
-
-
-<h3 id="BookInOnePage-URIformat.10">URI format</h3>
-
-<p>As mentioned Camel provides a pair of crypto endpoints to create and verify signatures</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
-crypto:sign:name[?options]
+</div></div><h3 id="BookInOnePage-Introduction.6">Introduction</h3><p>Digital signatures make use of Asymmetric Cryptographic techniques to sign messages. From a (very) high level, the algorithms use pairs of complimentary keys with the special property that data encrypted with one key can only be decrypted with the other. One, the private key, is closely guarded and used to 'sign' the message while the other, public key, is shared around to anyone interested in verifying the signed messages. Messages are signed by using the private key to encrypting a digest of the message. This encrypted digest is transmitted along with the message. On the other side the verifier recalculates the message digest and uses the public key to decrypt the the digest in the signature. If both digests match the verifier knows only the holder of the private key could have created the signature.</p><p>Camel uses the Signature service from the Java Cryptographic Extension to do all the heavy cryptographic li
fting required to create exchange signatures. The following are some excellent resources for explaining the mechanics of Cryptography, Message digests and Digital Signatures and how to leverage them with the JCE.</p><ul class="alternate"><li>Bruce Schneier's Applied Cryptography</li><li>Beginning Cryptography with Java by David Hook</li><li>The ever insightful Wikipedia <a shape="rect" class="external-link" href="http://en.wikipedia.org/wiki/Digital_signature" rel="nofollow">Digital_signatures</a></li></ul><h3 id="BookInOnePage-URIformat.10">URI format</h3><p>As mentioned Camel provides a pair of crypto endpoints to create and verify signatures</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[crypto:sign:name[?options]
crypto:verify:name[?options]
]]></script>
-</div></div>
-
-<ul><li><code>crypto:sign</code> creates the signature and stores it in the Header keyed by the constant <code>Exchange.SIGNATURE</code>, i.e. <code>"CamelDigitalSignature"</code>.</li><li><code>crypto:verify</code> will read in the contents of this header and do the verification calculation.</li></ul>
-
-
-<p>In order to correctly function, the sign and verify process needs a pair of keys to be shared, signing requiring a <code>PrivateKey</code> and verifying a <code>PublicKey</code> (or a <code>Certificate</code> containing one). Using the JCE it is very simple to generate these key pairs but it is usually most secure to use a KeyStore to house and share your keys. The DSL is very flexible about how keys are supplied and provides a number of mechanisms. </p>
-
-<p>Note a <code>crypto:sign</code> endpoint is typically defined in one route and the complimentary <code>crypto:verify</code> in another, though for simplicity in the examples they appear one after the other. It goes without saying that both signing and verifying should be configured identically.</p>
-
-<h3 id="BookInOnePage-Options.27">Options</h3>
-<div class="confluenceTableSmall">
-<div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p> Name </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Type </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Default </p></th><th colspan="1" rowspan="1" class="confluenceTh"><p> Description </p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>algorithm</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>SHA1WithDSA</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The name of the JCE Signature algorithm that will be used. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>alias</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" r
owspan="1" class="confluenceTd"><p> An alias name that will be used to select a key from the keystore. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>bufferSize</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>Integer</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>2048</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> the size of the buffer used in the signature process. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>certificate</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>Certificate</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> A Certificate used to verify the signature of the exchange's payload. Either this or a Public Key is required. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>keystor
e</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>KeyStore</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> A reference to a JCE Keystore that stores keys and certificates used to sign and verify. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>provider</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The name of the JCE Security Provider that should be used. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>privateKey</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>PrivateKey</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p> The private key used to sign the exchange's payload. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>publicKey</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>PublicKey</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The public key used to verify the signature of the exchange's payload. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>secureRandom</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>secureRandom</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> A reference to a <code>SecureRandom</code> object that will be used to initialize the Signature service. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>password</code> <
/p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>char[]</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>null</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> The password for the keystore. </p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>clearHeaders</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>String</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> <code>true</code> </p></td><td colspan="1" rowspan="1" class="confluenceTd"><p> Remove camel crypto headers from Message after a verify operation (value can be <code>"true"</code>/<code>"false"</code>). </p></td></tr></tbody></table></div>
-</div>
-
-<h3 id="BookInOnePage-Using.2">Using</h3>
-
-<h4 id="BookInOnePage-1)Rawkeys">1) Raw keys</h4>
-<p>The most basic way to way to sign and verify an exchange is with a KeyPair as follows. </p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><ul><li><code>crypto:sign</code> creates the signature and stores it in the Header keyed by the constant <code>Exchange.SIGNATURE</code>, i.e. <code>"CamelDigitalSignature"</code>.</li><li><code>crypto:verify</code> will read in the contents of this header and do the verification calculation.</li></ul><p>In order to correctly function, the sign and verify process needs a pair of keys to be shared, signing requiring a <code>PrivateKey</code> and verifying a <code>PublicKey</code> (or a <code>Certificate</code> containing one). Using the JCE it is very simple to generate these key pairs but it is usually most secure to use a KeyStore to house and share your keys. The DSL is very flexible about how keys are supplied and provides a number of mechanisms.</p><p>Note a <code>crypto:sign</code> endpoint is typically defined in one route and the complimentary <code>crypto:verify</code> in another, though for simplicity in the examples they appear one after the other. It goes with
out saying that both signing and verifying should be configured identically.</p><h3 id="BookInOnePage-Options.27">Options</h3><div class="confluenceTableSmall"><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Name</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Type</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Default</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>algorithm</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>SHA1WithDSA</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The name of the JCE Signature algorithm that will be used.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>alias</code></p></td><td colspan="1" rowspan="1" class="co
nfluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>An alias name that will be used to select a key from the keystore.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>bufferSize</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>Integer</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>2048</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>the size of the buffer used in the signature process.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>certificate</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>Certificate</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>A Certificate used to verify the signature of the exchange's payload. Eith
er this or a Public Key is required.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>keystore</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>KeyStore</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>A reference to a JCE Keystore that stores keys and certificates used to sign and verify.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">keyStoreParameters <strong>Camel 2.14.1</strong></td><td colspan="1" rowspan="1" class="confluenceTd">KeyStoreParameters</td><td colspan="1" rowspan="1" class="confluenceTd">null</td><td colspan="1" rowspan="1" class="confluenceTd">A reference to a Camel KeyStoreParameters Object which wraps a Java KeyStore Object</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>provider</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The name of the JCE Security Provider that should be used.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>privateKey</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>PrivateKey</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The private key used to sign the exchange's payload.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>publicKey</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>PublicKey</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The public key used to verify the signature of the exchange's payload.</p></td></tr><tr><td colspan="1" rowspan="1" class="conflue
nceTd"><p><code>secureRandom</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>secureRandom</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>A reference to a <code>SecureRandom</code> object that will be used to initialize the Signature service.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>password</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>char[]</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>null</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>The password to access the private key from the keystore</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><code>clearHeaders</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>String</code></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><code>true</code></p></td><td c
olspan="1" rowspan="1" class="confluenceTd"><p>Remove camel crypto headers from Message after a verify operation (value can be <code>"true"</code>/<code>"false"</code>).</p></td></tr></tbody></table></div></div><h3 id="BookInOnePage-Using.2">Using</h3><h4 id="BookInOnePage-1)Rawkeys">1) Raw keys</h4><p>The most basic way to way to sign and verify an exchange is with a KeyPair as follows.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:keypair").to("crypto:sign://basic?privateKey=#myPrivateKey", "crypto:verify://basic?publicKey=#myPublicKey", "mock:result");
]]></script>
-</div></div>
-
-<p>The same can be achieved with the <a shape="rect" href="spring-xml-extensions.html">Spring XML Extensions</a> using references to keys </p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>The same can be achieved with the <a shape="rect" href="spring-xml-extensions.html">Spring XML Extensions</a> using references to keys</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:keypair"/>
@@ -19133,22 +19089,11 @@ from("direct:keypair").to(&quo
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<h4 id="BookInOnePage-2)KeyStoresandAliases.">2) KeyStores and Aliases.</h4>
-<p>The JCE provides a very versatile keystore concept for housing pairs of private keys and certificates, keeping them encrypted and password protected. They can be retrieved by applying an alias to the retrieval APIs. There are a number of ways to get keys and Certificates into a keystore, most often this is done with the external 'keytool' application. <a shape="rect" class="external-link" href="http://www.exampledepot.com/egs/java.security.cert/CreateCert.html" rel="nofollow">This</a> is a good example of using keytool to create a KeyStore with a self signed Cert and Private key.</p>
-
-<p>The examples use a Keystore with a key and cert aliased by 'bob'. The password for the keystore and the key is 'letmein'</p>
-
-<p>The following shows how to use a Keystore via the Fluent builders, it also shows how to load and initialize the keystore.</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h4 id="BookInOnePage-2)KeyStoresandAliases.">2) KeyStores and Aliases.</h4><p>The JCE provides a very versatile keystore concept for housing pairs of private keys and certificates, keeping them encrypted and password protected. They can be retrieved by applying an alias to the retrieval APIs. There are a number of ways to get keys and Certificates into a keystore, most often this is done with the external 'keytool' application. <a shape="rect" class="external-link" href="http://www.exampledepot.com/egs/java.security.cert/CreateCert.html" rel="nofollow">This</a> is a good example of using keytool to create a KeyStore with a self signed Cert and Private key.</p><p>The examples use a Keystore with a key and cert aliased by 'bob'. The password for the keystore and the key is 'letmein'</p><p>The following shows how to use a Keystore via the Fluent builders, it also shows how to load and initialize the keystore.</p><div class="code panel pdl" style="border-width: 1px;"><div c
lass="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:keystore").to("crypto:sign://keystore?keystore=#keystore&alias=bob&password=letmein", "crypto:verify://keystore?keystore=#keystore&alias=bob", "mock:result");
]]></script>
-</div></div>
-
-<p>Again in Spring a ref is used to lookup an actual keystore instance. </p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>Again in Spring a ref is used to lookup an actual keystore instance.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:keystore"/>
@@ -19157,12 +19102,7 @@ from("direct:keystore").to(&qu
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<h4 id="BookInOnePage-3)ChangingJCEProviderandAlgorithm">3) Changing JCE Provider and Algorithm</h4>
-<p>Changing the Signature algorithm or the Security provider is a simple matter of specifying their names. You will need to also use Keys that are compatible with the algorithm you choose.</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h4 id="BookInOnePage-3)ChangingJCEProviderandAlgorithm">3) Changing JCE Provider and Algorithm</h4><p>Changing the Signature algorithm or the Security provider is a simple matter of specifying their names. You will need to also use Keys that are compatible with the algorithm you choose.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(512, new SecureRandom());
@@ -19175,16 +19115,11 @@ context.getEndpoint("crypto:sign://
context.getEndpoint("crypto:verify://rsa?algorithm=MD5withRSA", DigitalSignatureEndpoint.class).setPublicKey(publicKey);
from("direct:algorithm").to("crypto:sign://rsa?algorithm=MD5withRSA", "crypto:verify://rsa?algorithm=MD5withRSA", "mock:result");
]]></script>
-</div></div>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:provider").to("crypto:sign://provider?privateKey=#myPrivateKey&provider=SUN", "crypto:verify://provider?publicKey=#myPublicKey&provider=SUN", "mock:result");
]]></script>
-</div></div>
-
-<p>or</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>or</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:algorithm"/>
@@ -19193,8 +19128,7 @@ from("direct:provider").to(&qu
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:provider"/>
@@ -19203,20 +19137,12 @@ from("direct:provider").to(&qu
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<h4 id="BookInOnePage-4)ChangingtheSignatureMessageHeader">4) Changing the Signature Message Header</h4>
-<p>It may be desirable to change the message header used to store the signature. A different header name can be specified in the route definition as follows</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h4 id="BookInOnePage-4)ChangingtheSignatureMessageHeader">4) Changing the Signature Message Header</h4><p>It may be desirable to change the message header used to store the signature. A different header name can be specified in the route definition as follows</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:signature-header").to("crypto:sign://another?privateKey=#myPrivateKey&signatureHeader=AnotherDigitalSignature",
"crypto:verify://another?publicKey=#myPublicKey&signatureHeader=AnotherDigitalSignature", "mock:result");
]]></script>
-</div></div>
-
-<p>or</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>or</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:signature-header"/>
@@ -19225,19 +19151,11 @@ from("direct:signature-header"
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<h4 id="BookInOnePage-5)Changingthebuffersize">5) Changing the buffersize</h4>
-<p>In case you need to update the size of the buffer...</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h4 id="BookInOnePage-5)Changingthebuffersize">5) Changing the buffersize</h4><p>In case you need to update the size of the buffer...</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:buffersize").to("crypto:sign://buffer?privateKey=#myPrivateKey&buffersize=1024", "crypto:verify://buffer?publicKey=#myPublicKey&buffersize=1024", "mock:result");
]]></script>
-</div></div>
-
-<p>or</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>or</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:buffersize" />
@@ -19246,24 +19164,12 @@ from("direct:buffersize").to(&
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<h4 id="BookInOnePage-6)SupplyingKeysdynamically.">6) Supplying Keys dynamically.</h4>
-<p>When using a Recipient list or similar EIP the recipient of an exchange can vary dynamically. Using the same key across all recipients may be neither feasible nor desirable. It would be useful to be able to specify signature keys dynamically on a per-exchange basis. The exchange could then be dynamically enriched with the key of its target recipient prior to signing. To facilitate this the signature mechanisms allow for keys to be supplied dynamically via the message headers below </p>
-
-<ul><li><code>Exchange.SIGNATURE_PRIVATE_KEY</code>, <code>"CamelSignaturePrivateKey"</code></li><li><code>Exchange.SIGNATURE_PUBLIC_KEY_OR_CERT</code>, <code>"CamelSignaturePublicKeyOrCert"</code></li></ul>
-
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h4 id="BookInOnePage-6)SupplyingKeysdynamically.">6) Supplying Keys dynamically.</h4><p>When using a Recipient list or similar EIP the recipient of an exchange can vary dynamically. Using the same key across all recipients may be neither feasible nor desirable. It would be useful to be able to specify signature keys dynamically on a per-exchange basis. The exchange could then be dynamically enriched with the key of its target recipient prior to signing. To facilitate this the signature mechanisms allow for keys to be supplied dynamically via the message headers below</p><ul><li><code>Exchange.SIGNATURE_PRIVATE_KEY</code>, <code>"CamelSignaturePrivateKey"</code></li><li><code>Exchange.SIGNATURE_PUBLIC_KEY_OR_CERT</code>, <code>"CamelSignaturePublicKeyOrCert"</code></li></ul><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:headerkey-sign").to("crypto:sign://alias");
from("direct:headerkey-verify").to("crypto:verify://alias", "mock:result");
]]></script>
-</div></div>
-
-<p>or</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>or</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:headerkey-sign"/>
@@ -19275,22 +19181,12 @@ from("direct:headerkey-verify"
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<p>Even better would be to dynamically supply a keystore alias. Again the alias can be supplied in a message header</p>
-<ul><li><code>Exchange.KEYSTORE_ALIAS</code>, <code>"CamelSignatureKeyStoreAlias"</code></li></ul>
-
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>Even better would be to dynamically supply a keystore alias. Again the alias can be supplied in a message header</p><ul><li><code>Exchange.KEYSTORE_ALIAS</code>, <code>"CamelSignatureKeyStoreAlias"</code></li></ul><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
from("direct:alias-sign").to("crypto:sign://alias?keystore=#keystore");
from("direct:alias-verify").to("crypto:verify://alias?keystore=#keystore", "mock:result");
]]></script>
-</div></div>
-
-<p>or</p>
-
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>or</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
<route>
<from uri="direct:alias-sign"/>
@@ -19302,12 +19198,8 @@ from("direct:alias-verify").to
<to uri="mock:result"/>
</route>
]]></script>
-</div></div>
-
-<p>The header would be set as follows</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
-Exchange unsigned = getMandatoryEndpoint("direct:alias-sign").createExchange();
+</div></div><p>The header would be set as follows</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[Exchange unsigned = getMandatoryEndpoint("direct:alias-sign").createExchange();
unsigned.getIn().setBody(payload);
unsigned.getIn().setHeader(DigitalSignatureConstants.KEYSTORE_ALIAS, "bob");
unsigned.getIn().setHeader(DigitalSignatureConstants.KEYSTORE_PASSWORD, "letmein".toCharArray());
@@ -19317,11 +19209,8 @@ signed.getIn().copyFrom(unsigned.getOut(
signed.getIn().setHeader(KEYSTORE_ALIAS, "bob");
template.send("direct:alias-verify", signed);
]]></script>
-</div></div>
-
-<h3 id="BookInOnePage-SeeAlso.28">See Also</h3>
-<ul><li><a shape="rect" href="configuring-camel.html">Configuring Camel</a></li><li><a shape="rect" href="component.html">Component</a></li><li><a shape="rect" href="endpoint.html">Endpoint</a></li><li><a shape="rect" href="getting-started.html">Getting Started</a></li></ul>
-<ul><li><a shape="rect" href="crypto.html">Crypto</a> Crypto is also available as a <a shape="rect" href="data-format.html">Data Format</a></li></ul>
+</div></div><p></p><h3 id="BookInOnePage-SeeAlso.28">See Also</h3>
+<ul><li><a shape="rect" href="configuring-camel.html">Configuring Camel</a></li><li><a shape="rect" href="component.html">Component</a></li><li><a shape="rect" href="endpoint.html">Endpoint</a></li><li><a shape="rect" href="getting-started.html">Getting Started</a></li></ul><ul><li><a shape="rect" href="crypto.html">Crypto</a> Crypto is also available as a <a shape="rect" href="data-format.html">Data Format</a></li></ul>
<h2 id="BookInOnePage-CXFComponent">CXF Component</h2> <div class="aui-message warning shadowed information-macro">
<span class="aui-icon icon-warning">Icon</span>
<div class="message-content">
@@ -19335,11 +19224,11 @@ template.send("direct:alias-verify&
</div>
</div>
<p>The <strong>cxf:</strong> component provides integration with <a shape="rect" href="http://cxf.apache.org">Apache CXF</a> for connecting to JAX-WS services hosted in CXF.</p><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1418062764124 {padding: 0px;}
-div.rbtoc1418062764124 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1418062764124 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1418131150006 {padding: 0px;}
+div.rbtoc1418131150006 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1418131150006 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1418062764124">
+/*]]>*/</style></p><div class="toc-macro rbtoc1418131150006">
<ul class="toc-indentation"><li><a shape="rect" href="#CXF-CXFComponent">CXF Component</a>
<ul class="toc-indentation"><li><a shape="rect" href="#CXF-URIformat">URI format</a></li><li><a shape="rect" href="#CXF-Options">Options</a>
<ul class="toc-indentation"><li><a shape="rect" href="#CXF-Thedescriptionsofthedataformats">The descriptions of the dataformats</a>
Modified: websites/production/camel/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.