You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2012/12/11 15:48:09 UTC
svn commit: r841719 - in /websites/production/cxf/content: cache/docs.pageCache docs/ws-security.html

Author: buildbot
Date: Tue Dec 11 14:48:07 2012
New Revision: 841719

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/docs.pageCache
    websites/production/cxf/content/docs/ws-security.html

Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/docs/ws-security.html
==============================================================================
--- websites/production/cxf/content/docs/ws-security.html (original)
+++ websites/production/cxf/content/docs/ws-security.html Tue Dec 11 14:48:07 2012
@@ -610,7 +610,12 @@ org.apache.ws.security.crypto.merlin.fil
 
 <p>Encryption involves the sender encrypting the message with the recipient's public key to ensure that only the recipient can read the message (only the recipient has its own private key, necessary for decrypting the message.)  This requires the sender to have the recipient's public key in its keystore.</p>
 
-<p>The process for encrypting is very similar to and indeed usually combined with the signature process above.  Our <a shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/">WS-Security test sample</a> provides an example of encrypting requests and responses, also check <a shape="rect" class="external-link" href="http://www.jroller.com/gmazza/entry/cxf_x509_profile" rel="nofollow">this blog entry</a> for a more end-to-end example showing signature and encryption of both SOAP requests and responses.</p></div>
+<p>The process for encrypting is very similar to and indeed usually combined with the signature process above.  Our <a shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/security/">WS-Security test sample</a> provides an example of encrypting requests and responses, also check <a shape="rect" class="external-link" href="http://www.jroller.com/gmazza/entry/cxf_x509_profile" rel="nofollow">this blog entry</a> for a more end-to-end example showing signature and encryption of both SOAP requests and responses.</p>
+
+<h1><a shape="rect" name="WS-Security-SecurityBestPractices"></a>Security Best Practices</h1>
+
+<p>Some guidelines are given at the WSS4J website about <a shape="rect" class="external-link" href="http://ws.apache.org/wss4j/best_practice.html">best practices</a> when using WS-Security. It is recommended to study the guidelines carefully.</p>
+</div>
            </div>
            <!-- Content -->
          </td>