You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by di...@apache.org on 2008/05/01 23:20:38 UTC
svn commit: r652665 [28/45] - in /webservices/axis2/site: ./ 1_4/ 1_4/adb/
1_4/adb/images/ 1_4/images/ 1_4/images/archi-guide/ 1_4/images/userguide/
1_4/jibx/ 1_4/src/ css/ download/0_9/ download/0_91/ download/0_92/
download/0_93/ download/0_94/ downl...
Modified: webservices/axis2/site/modules/rampart/1_3/sec-conf/sample-services.html
URL: http://svn.apache.org/viewvc/webservices/axis2/site/modules/rampart/1_3/sec-conf/sample-services.html?rev=652665&r1=652664&r2=652665&view=diff
==============================================================================
--- webservices/axis2/site/modules/rampart/1_3/sec-conf/sample-services.html (original)
+++ webservices/axis2/site/modules/rampart/1_3/sec-conf/sample-services.html Thu May 1 14:20:27 2008
@@ -9,9 +9,10 @@
-<html>
+
+<html xmlns="http://www.w3.org/1999/xhtml">
<head>
- <title>Apache Axis2 - </title>
+ <title>Maven - </title>
<style type="text/css" media="all">
@import url("../../../../css/maven-base.css");
@import url("../../../../css/maven-theme.css");
@@ -29,7 +30,7 @@
</a>
<span id="bannerRight">
- <img src="http://ws.apache.org/axis2/images/axis.jpg" alt="" />
+ <img src="../../../../../images/axis.jpg" alt="" />
</span>
<div class="clear">
@@ -44,23 +45,25 @@
+
<div class="xleft">
- Last Published: 08/13/2007
+ Last Published: 2008-05-01
</div>
- <div class="xright"> <a href="../../../../index.html">Axis2/Java</a>
- |
- <a href="http://ws.apache.org/axis2/c">Axis2/C</a>
- |
- <a href="../../../../../../">Apache WS</a>
- |
- <a href="http://www.apache.org">Apache</a>
-
+ <div class="xright"> <a href="../../../../index.html">Axis2/Java</a>
+ |
+ <a href="../../../../../c">Axis2/C</a>
+ |
+ <a href="../../../../../..">Apache WS</a>
+ |
+ <a href="http://www.apache.org" class="externalLink">Apache</a>
+
+
</div>
<div class="clear">
<hr/>
@@ -75,30 +78,31 @@
+
<h5>Axis2/Java</h5>
- <ul>
+ <ul>
<li class="none">
- <a href="../../../../index.html">Home</a>
- </li>
+ <a href="../../../../index.html">Home</a>
+ </li>
</ul>
- <h5>Downloads</h5>
- <ul>
+ <h5>Downloads</h5>
+ <ul>
<li class="none">
- <a href="../../../../download.cgi">Releases</a>
- </li>
+ <a href="../../../../download.cgi">Releases</a>
+ </li>
<li class="none">
- <a href="../../../../modules/index.html">Modules</a>
- </li>
+ <a href="../../../../modules/index.html">Modules</a>
+ </li>
<li class="none">
- <a href="../../../../tools/index.html">Tools</a>
- </li>
+ <a href="../../../../tools/index.html">Tools</a>
+ </li>
</ul>
- <h5>Documentation</h5>
- <ul>
+ <h5>Documentation</h5>
+ <ul>
@@ -117,147 +121,157 @@
+
+
<li class="expanded">
- <a href="../../../../1_3/contents.html">Version 1.3</a>
- <ul>
+ <a href="../../../../1_4/contents.html">Version 1.4</a>
+ <ul>
<li class="none">
- <a href="../../../../1_3/toc.html">Table of Contents</a>
- </li>
+ <a href="../../../../1_4/toc.html">Table of Contents</a>
+ </li>
<li class="none">
- <a href="../../../../1_3/installationguide.html">Installation Guide</a>
- </li>
+ <a href="../../../../1_4/installationguide.html">Installation Guide</a>
+ </li>
<li class="none">
- <a href="../../../../1_3/quickstartguide.html">QuickStart Guide</a>
- </li>
+ <a href="../../../../1_4/quickstartguide.html">QuickStart Guide</a>
+ </li>
<li class="none">
- <a href="../../../../1_3/userguide.html">User Guide</a>
- </li>
+ <a href="../../../../1_4/userguide.html">User Guide</a>
+ </li>
<li class="none">
- <a href="../../../../1_3/pojoguide.html">POJO Guide</a>
- </li>
+ <a href="../../../../1_4/jaxws-guide.html">JAXWS Guide</a>
+ </li>
<li class="none">
- <a href="../../../../1_3/spring.html">Spring Guide</a>
- </li>
+ <a href="../../../../1_4/pojoguide.html">POJO Guide</a>
+ </li>
<li class="none">
- <a href="../../../../1_3/webadminguide.html">Web Administrator's Guide</a>
- </li>
+ <a href="../../../../1_4/spring.html">Spring Guide</a>
+ </li>
<li class="none">
- <a href="../../../../1_3/migration.html">Migration Guide (from Axis1)</a>
- </li>
+ <a href="../../../../1_4/webadminguide.html">Web Administrator's Guide</a>
+ </li>
+
+ <li class="none">
+ <a href="../../../../1_4/migration.html">Migration Guide (from Axis1)</a>
+ </li>
</ul>
</li>
<li class="none">
- <a href="../../../../1_2/contents.html">Version 1.2</a>
- </li>
+ <a href="../../../../1_3/contents.html">Version 1.3</a>
+ </li>
<li class="none">
- <a href="../../../../1_1_1/contents.html">Version 1.1.1</a>
- </li>
+ <a href="../../../../1_2/contents.html">Version 1.2</a>
+ </li>
<li class="none">
- <a href="../../../../1_1/contents.html">Version 1.1</a>
- </li>
+ <a href="../../../../1_1_1/contents.html">Version 1.1.1</a>
+ </li>
<li class="none">
- <a href="../../../../1_0/index.html">Version 1.0</a>
- </li>
+ <a href="../../../../1_1/contents.html">Version 1.1</a>
+ </li>
<li class="none">
- <a href="../../../../0_95/index.html">Version 0.95</a>
- </li>
+ <a href="../../../../1_0/index.html">Version 1.0</a>
+ </li>
<li class="none">
- <a href="../../../../0_94/index.html">Version 0.94</a>
- </li>
+ <a href="../../../../0_95/index.html">Version 0.95</a>
+ </li>
<li class="none">
- <a href="../../../../0_93/index.html">Version 0.93</a>
- </li>
+ <a href="../../../../0_94/index.html">Version 0.94</a>
+ </li>
+
+ <li class="none">
+ <a href="../../../../0_93/index.html">Version 0.93</a>
+ </li>
</ul>
- <h5>Resources</h5>
- <ul>
+ <h5>Resources</h5>
+ <ul>
<li class="none">
- <a href="../../../../faq.html">FAQ</a>
- </li>
+ <a href="../../../../faq.html">FAQ</a>
+ </li>
<li class="none">
- <a href="../../../../articles.html">Articles</a>
- </li>
+ <a href="../../../../articles.html">Articles</a>
+ </li>
<li class="none">
- <a href="http://wiki.apache.org/ws/FrontPage/Axis2/">Wiki</a>
- </li>
+ <a href="http://wiki.apache.org/ws/FrontPage/Axis2/" class="externalLink">Wiki</a>
+ </li>
<li class="none">
- <a href="../../../../refLib.html">Reference Library</a>
- </li>
+ <a href="../../../../refLib.html">Reference Library</a>
+ </li>
<li class="none">
- <a href="http://ws.apache.org/axis2/1_3/api/index.html">Online Java Docs</a>
- </li>
+ <a href="../../../../../1_4/api/index.html">Online Java Docs</a>
+ </li>
</ul>
- <h5>Get Involved</h5>
- <ul>
+ <h5>Get Involved</h5>
+ <ul>
<li class="none">
- <a href="../../../../overview.html">Overview</a>
- </li>
+ <a href="../../../../overview.html">Overview</a>
+ </li>
<li class="none">
- <a href="../../../../svn.html">Checkout the Source</a>
- </li>
+ <a href="../../../../svn.html">Checkout the Source</a>
+ </li>
<li class="none">
- <a href="../../../../mail-lists.html">Mailing Lists</a>
- </li>
+ <a href="../../../../mail-lists.html">Mailing Lists</a>
+ </li>
<li class="none">
- <a href="../../../../release-process.html">Release Process</a>
- </li>
+ <a href="../../../../release-process.html">Release Process</a>
+ </li>
<li class="none">
- <a href="../../../../guidelines.html">Developer Guidelines</a>
- </li>
+ <a href="../../../../guidelines.html">Developer Guidelines</a>
+ </li>
<li class="none">
- <a href="../../../../siteHowTo.html">Build the Site</a>
- </li>
+ <a href="../../../../siteHowTo.html">Build the Site</a>
+ </li>
</ul>
- <h5>Project Information</h5>
- <ul>
+ <h5>Project Information</h5>
+ <ul>
<li class="none">
- <a href="../../../../team-list.html">Project Team</a>
- </li>
+ <a href="../../../../team-list.html">Project Team</a>
+ </li>
<li class="none">
- <a href="../../../../issue-tracking.html">Issue Tracking</a>
- </li>
+ <a href="../../../../issue-tracking.html">Issue Tracking</a>
+ </li>
<li class="none">
- <a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN">Source Code</a>
- </li>
+ <a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN" class="externalLink">Source Code</a>
+ </li>
<li class="none">
- <a href="../../../../thanks.html">Acknowledgements</a>
- </li>
+ <a href="../../../../thanks.html">Acknowledgements</a>
+ </li>
<li class="none">
- <a href="http://www.apache.org/licenses/LICENSE-2.0.html">License</a>
- </li>
+ <a href="http://www.apache.org/licenses/LICENSE-2.0.html" class="externalLink">License</a>
+ </li>
</ul>
- <a href="http://maven.apache.org/" title="Built by Maven" id="poweredBy">
+ <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img alt="Built by Maven" src="../../../../images/logos/maven-feather.png"></img>
</a>
@@ -267,99 +281,12 @@
+
</div>
</div>
<div id="bodyColumn">
<div id="contentBox">
- <service name="SecureService7">
-
- <module ref="addressing"></module>
- <module ref="rampart"></module>
-
- <parameter name="ServiceClass">org.apache.rampart.Service</parameter>
-
- <operation name="echo">
- <messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"></messageReceiver>
- <actionMapping>urn:echo</actionMapping>
- </operation>
-
- <wsp:Policy wsu:Id="SigEncrTripleDesRSA15DK" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:InitiatorToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:RequireDerivedKeys></sp:RequireDerivedKeys>
- <sp:WssX509V3Token10></sp:WssX509V3Token10>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:InitiatorToken>
- <sp:RecipientToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
- <wsp:Policy>
- <sp:RequireDerivedKeys></sp:RequireDerivedKeys>
- <sp:WssX509V3Token10></sp:WssX509V3Token10>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:RecipientToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:TripleDesRsa15></sp:TripleDesRsa15>
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Strict></sp:Strict>
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp></sp:IncludeTimestamp>
- <sp:OnlySignEntireHeadersAndBody></sp:OnlySignEntireHeadersAndBody>
- </wsp:Policy>
- </sp:AsymmetricBinding>
- <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier></sp:MustSupportRefKeyIdentifier>
- <sp:MustSupportRefIssuerSerial></sp:MustSupportRefIssuerSerial>
- </wsp:Policy>
- </sp:Wss10>
- <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Body></sp:Body>
- </sp:SignedParts>
- <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Body></sp:Body>
- </sp:EncryptedParts>
-
- <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
- <ramp:user>alice</ramp:user>
- <ramp:encryptionUser>bob</ramp:encryptionUser>
- <ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:passwordCallbackClass>
-
- <ramp:signatureCrypto>
- <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">store.jks</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
- </ramp:crypto>
- </ramp:signatureCrypto>
- <ramp:encryptionCypto>
- <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">store.jks</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property>
- </ramp:crypto>
- </ramp:encryptionCypto>
- </ramp:RampartConfig>
-
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
-</service>
+ <service name="SecureService7"><module ref="addressing"><module ref="rampart"><parameter name="ServiceClass">org.apache.rampart.Service</parameter><operation name="echo"><messageReceiver class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"><actionMapping>urn:echo</actionMapping></operation><wsp:Policy wsu:Id="SigEncrTripleDesRSA15DK" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"><wsp:ExactlyOne><wsp:All><sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:InitiatorToken><wsp:Policy><sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"><wsp:Policy><sp:RequireDerivedKeys><sp:WssX509V3Token10></wsp:Policy></sp:X509Token></wsp:Policy></sp:InitiatorToken><sp:RecipientToken><wsp:Policy><sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/
07/securitypolicy/IncludeToken/Never"><wsp:Policy><sp:RequireDerivedKeys><sp:WssX509V3Token10></wsp:Policy></sp:X509Token></wsp:Policy></sp:RecipientToken><sp:AlgorithmSuite><wsp:Policy><sp:TripleDesRsa15></wsp:Policy></sp:AlgorithmSuite><sp:Layout><wsp:Policy><sp:Strict></wsp:Policy></sp:Layout><sp:IncludeTimestamp><sp:OnlySignEntireHeadersAndBody></wsp:Policy></sp:AsymmetricBinding><sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><wsp:Policy><sp:MustSupportRefKeyIdentifier><sp:MustSupportRefIssuerSerial></wsp:Policy></sp:Wss10><sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><sp:Body></sp:SignedParts><sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"><sp:Body></sp:EncryptedParts><ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"><ramp:user>alice</ramp:user><ramp:encryptionUser>bob</ramp:encryptionUser><ramp:passwordCallbackClass>org.apache.rampart.PWCallback</ramp:pass
wordCallbackClass><ramp:signatureCrypto><ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"><ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property><ramp:property name="org.apache.ws.security.crypto.merlin.file">store.jks</ramp:property><ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property></ramp:crypto></ramp:signatureCrypto><ramp:encryptionCypto><ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"><ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property><ramp:property name="org.apache.ws.security.crypto.merlin.file">store.jks</ramp:property><ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">password</ramp:property></ramp:crypto></ramp:encryptionCypto></ramp:RampartConfig></wsp:All></wsp:ExactlyOne></wsp:Policy></service>
</div>
</div>
<div class="clear">
@@ -367,7 +294,7 @@
</div>
<div id="footer">
<div class="xright">©
- 2004-2007
+ 2004-2008
Apache Software Foundation
@@ -377,6 +304,7 @@
+
</div>
<div class="clear">
<hr/>
Modified: webservices/axis2/site/modules/rampart/1_3/security-module.html
URL: http://svn.apache.org/viewvc/webservices/axis2/site/modules/rampart/1_3/security-module.html?rev=652665&r1=652664&r2=652665&view=diff
==============================================================================
--- webservices/axis2/site/modules/rampart/1_3/security-module.html (original)
+++ webservices/axis2/site/modules/rampart/1_3/security-module.html Thu May 1 14:20:27 2008
@@ -9,9 +9,10 @@
-<html>
+
+<html xmlns="http://www.w3.org/1999/xhtml">
<head>
- <title>Apache Axis2 - </title>
+ <title>Maven - </title>
<style type="text/css" media="all">
@import url("../../../css/maven-base.css");
@import url("../../../css/maven-theme.css");
@@ -29,7 +30,7 @@
</a>
<span id="bannerRight">
- <img src="http://ws.apache.org/axis2/images/axis.jpg" alt="" />
+ <img src="../../../../images/axis.jpg" alt="" />
</span>
<div class="clear">
@@ -44,23 +45,25 @@
+
<div class="xleft">
- Last Published: 08/13/2007
+ Last Published: 2008-05-01
</div>
- <div class="xright"> <a href="../../../index.html">Axis2/Java</a>
- |
- <a href="http://ws.apache.org/axis2/c">Axis2/C</a>
- |
- <a href="../../../../../">Apache WS</a>
- |
- <a href="http://www.apache.org">Apache</a>
-
+ <div class="xright"> <a href="../../../index.html">Axis2/Java</a>
+ |
+ <a href="../../../../c">Axis2/C</a>
+ |
+ <a href="../../../../..">Apache WS</a>
+ |
+ <a href="http://www.apache.org" class="externalLink">Apache</a>
+
+
</div>
<div class="clear">
<hr/>
@@ -75,30 +78,31 @@
+
<h5>Axis2/Java</h5>
- <ul>
+ <ul>
<li class="none">
- <a href="../../../index.html">Home</a>
- </li>
+ <a href="../../../index.html">Home</a>
+ </li>
</ul>
- <h5>Downloads</h5>
- <ul>
+ <h5>Downloads</h5>
+ <ul>
<li class="none">
- <a href="../../../download.cgi">Releases</a>
- </li>
+ <a href="../../../download.cgi">Releases</a>
+ </li>
<li class="none">
- <a href="../../../modules/index.html">Modules</a>
- </li>
+ <a href="../../../modules/index.html">Modules</a>
+ </li>
<li class="none">
- <a href="../../../tools/index.html">Tools</a>
- </li>
+ <a href="../../../tools/index.html">Tools</a>
+ </li>
</ul>
- <h5>Documentation</h5>
- <ul>
+ <h5>Documentation</h5>
+ <ul>
@@ -117,147 +121,157 @@
+
+
<li class="expanded">
- <a href="../../../1_3/contents.html">Version 1.3</a>
- <ul>
+ <a href="../../../1_4/contents.html">Version 1.4</a>
+ <ul>
<li class="none">
- <a href="../../../1_3/toc.html">Table of Contents</a>
- </li>
+ <a href="../../../1_4/toc.html">Table of Contents</a>
+ </li>
<li class="none">
- <a href="../../../1_3/installationguide.html">Installation Guide</a>
- </li>
+ <a href="../../../1_4/installationguide.html">Installation Guide</a>
+ </li>
<li class="none">
- <a href="../../../1_3/quickstartguide.html">QuickStart Guide</a>
- </li>
+ <a href="../../../1_4/quickstartguide.html">QuickStart Guide</a>
+ </li>
<li class="none">
- <a href="../../../1_3/userguide.html">User Guide</a>
- </li>
+ <a href="../../../1_4/userguide.html">User Guide</a>
+ </li>
<li class="none">
- <a href="../../../1_3/pojoguide.html">POJO Guide</a>
- </li>
+ <a href="../../../1_4/jaxws-guide.html">JAXWS Guide</a>
+ </li>
<li class="none">
- <a href="../../../1_3/spring.html">Spring Guide</a>
- </li>
+ <a href="../../../1_4/pojoguide.html">POJO Guide</a>
+ </li>
<li class="none">
- <a href="../../../1_3/webadminguide.html">Web Administrator's Guide</a>
- </li>
+ <a href="../../../1_4/spring.html">Spring Guide</a>
+ </li>
<li class="none">
- <a href="../../../1_3/migration.html">Migration Guide (from Axis1)</a>
- </li>
+ <a href="../../../1_4/webadminguide.html">Web Administrator's Guide</a>
+ </li>
+
+ <li class="none">
+ <a href="../../../1_4/migration.html">Migration Guide (from Axis1)</a>
+ </li>
</ul>
</li>
<li class="none">
- <a href="../../../1_2/contents.html">Version 1.2</a>
- </li>
+ <a href="../../../1_3/contents.html">Version 1.3</a>
+ </li>
<li class="none">
- <a href="../../../1_1_1/contents.html">Version 1.1.1</a>
- </li>
+ <a href="../../../1_2/contents.html">Version 1.2</a>
+ </li>
<li class="none">
- <a href="../../../1_1/contents.html">Version 1.1</a>
- </li>
+ <a href="../../../1_1_1/contents.html">Version 1.1.1</a>
+ </li>
<li class="none">
- <a href="../../../1_0/index.html">Version 1.0</a>
- </li>
+ <a href="../../../1_1/contents.html">Version 1.1</a>
+ </li>
<li class="none">
- <a href="../../../0_95/index.html">Version 0.95</a>
- </li>
+ <a href="../../../1_0/index.html">Version 1.0</a>
+ </li>
<li class="none">
- <a href="../../../0_94/index.html">Version 0.94</a>
- </li>
+ <a href="../../../0_95/index.html">Version 0.95</a>
+ </li>
<li class="none">
- <a href="../../../0_93/index.html">Version 0.93</a>
- </li>
+ <a href="../../../0_94/index.html">Version 0.94</a>
+ </li>
+
+ <li class="none">
+ <a href="../../../0_93/index.html">Version 0.93</a>
+ </li>
</ul>
- <h5>Resources</h5>
- <ul>
+ <h5>Resources</h5>
+ <ul>
<li class="none">
- <a href="../../../faq.html">FAQ</a>
- </li>
+ <a href="../../../faq.html">FAQ</a>
+ </li>
<li class="none">
- <a href="../../../articles.html">Articles</a>
- </li>
+ <a href="../../../articles.html">Articles</a>
+ </li>
<li class="none">
- <a href="http://wiki.apache.org/ws/FrontPage/Axis2/">Wiki</a>
- </li>
+ <a href="http://wiki.apache.org/ws/FrontPage/Axis2/" class="externalLink">Wiki</a>
+ </li>
<li class="none">
- <a href="../../../refLib.html">Reference Library</a>
- </li>
+ <a href="../../../refLib.html">Reference Library</a>
+ </li>
<li class="none">
- <a href="http://ws.apache.org/axis2/1_3/api/index.html">Online Java Docs</a>
- </li>
+ <a href="../../../../1_4/api/index.html">Online Java Docs</a>
+ </li>
</ul>
- <h5>Get Involved</h5>
- <ul>
+ <h5>Get Involved</h5>
+ <ul>
<li class="none">
- <a href="../../../overview.html">Overview</a>
- </li>
+ <a href="../../../overview.html">Overview</a>
+ </li>
<li class="none">
- <a href="../../../svn.html">Checkout the Source</a>
- </li>
+ <a href="../../../svn.html">Checkout the Source</a>
+ </li>
<li class="none">
- <a href="../../../mail-lists.html">Mailing Lists</a>
- </li>
+ <a href="../../../mail-lists.html">Mailing Lists</a>
+ </li>
<li class="none">
- <a href="../../../release-process.html">Release Process</a>
- </li>
+ <a href="../../../release-process.html">Release Process</a>
+ </li>
<li class="none">
- <a href="../../../guidelines.html">Developer Guidelines</a>
- </li>
+ <a href="../../../guidelines.html">Developer Guidelines</a>
+ </li>
<li class="none">
- <a href="../../../siteHowTo.html">Build the Site</a>
- </li>
+ <a href="../../../siteHowTo.html">Build the Site</a>
+ </li>
</ul>
- <h5>Project Information</h5>
- <ul>
+ <h5>Project Information</h5>
+ <ul>
<li class="none">
- <a href="../../../team-list.html">Project Team</a>
- </li>
+ <a href="../../../team-list.html">Project Team</a>
+ </li>
<li class="none">
- <a href="../../../issue-tracking.html">Issue Tracking</a>
- </li>
+ <a href="../../../issue-tracking.html">Issue Tracking</a>
+ </li>
<li class="none">
- <a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN">Source Code</a>
- </li>
+ <a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN" class="externalLink">Source Code</a>
+ </li>
<li class="none">
- <a href="../../../thanks.html">Acknowledgements</a>
- </li>
+ <a href="../../../thanks.html">Acknowledgements</a>
+ </li>
<li class="none">
- <a href="http://www.apache.org/licenses/LICENSE-2.0.html">License</a>
- </li>
+ <a href="http://www.apache.org/licenses/LICENSE-2.0.html" class="externalLink">License</a>
+ </li>
</ul>
- <a href="http://maven.apache.org/" title="Built by Maven" id="poweredBy">
+ <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img alt="Built by Maven" src="../../../images/logos/maven-feather.png"></img>
</a>
@@ -267,302 +281,266 @@
+
</div>
</div>
<div id="bodyColumn">
<div id="contentBox">
- <html>
-<head>
- <meta http-equiv="content-type" content=""></meta>
- <link href="../../../css/axis-docs.css" rel="stylesheet" type="text/css" media="all"></link>
- Rampart : WS-Security module for Axis2
-</head>
-
-
-<h1>Securing SOAP Messages with Rampart</h1>
-
-<p>Axis2 comes with a module based on Apache WSS4J [1] to provide WS-Security
-features, called "Rampart". This document explains how to engage and
-configure Rampart module.</p>
-
-<h2>Content</h2>
-<ul>
- <li><a href="#intro">Introduction</a></li>
- <li><a href="#1_1_config">Rampart-1.1 Configuration</a>
- <ul>
- <li><a href="#1_1_assetions">Rampart Specific Assertions</a></li>
- <li><a href="#1_1_service_config">Service Configration</a></li>
- <li><a href="#1_1_client_config">Client Confiuration</a></li>
- </ul></li>
- <li><a href="#1_0_config">Rampart-1.0 Configuration</a>
- <ul>
- <li><a href="#outflowsecurity">OutflowSecurity Parameter</a></li>
- <li><a href="#inflowsecurity">InflowSecurity Parameter</a></li>
- </ul></li>
- <li><a href="#references">References</a></li>
- <li><a href="#examples">Examples</a></li>
-</ul>
-<a name="intro"></a>
-
-<h2>Introduction</h2>
-
-Since rampart module inserts handlers in the system specific security
-phase, it must be engaged globally. These handlers can be configured
-using WS-SecurityPolicy[2] and Rampart specific policy assertions.
-Rampart-1.0 used two axis2 parameters for configuration and these are
-still supported in the 1.1 release as well.
-
-The rampart-1.1 release is available
-<a href="http://www.apache.org/dyn/closer.cgi/ws/rampart/1_1">here</a>.
-
-First it should be engaged by inserting the following in the axis2.xml
-file.
-<div class="source"><pre><pre> <module ref="rampart"/></pre>
-</pre></div>
-The web admin interface can be used when Axis2 is deployed in a servlet
-container such as Apache Tomcat.
-
-At the server it is possible to provide security on a per service basis.
-The configuration parameters should be set in the service.xml file of the
-service. The client side config parameters should be set in the axis2.xml of
-the client's Axis2 repository.
-<a id="1_1_config"></a>
-<h2>Rampart-1.1 Configuration</h2>
-<a id="1_1_assetions"></a>
-<h3>Rampart Specific Assertions</h3>
-
-Rampart uses the standard WS-SecurityPolicy[2] assertions and also defines its own
-assertions to be able capture the configuration information that is not provided
-in WS-SecurityPolicy.
-The Rampart specific assertion's xsd can be found <a href="sec-conf/rampart-config.xsd">here
-</a>.
-
-The <strong>ramp:RampartConfig</strong> assertion must be available as a one of the top
-level assertions of the policy as shown <a href="sec-conf/sample-policy.xml">here</a>.
-<a id="1_1_service_config"></a>
-<h3>Service Configration</h3>
-
-To configure the service one will simply have to add the policy element into the
-sevices.xml file. A sample service.xml file is available
-<a href="sec-conf/sample-services.xml">here</a>.
-<a id="1_1_client_config"></a>
-<h3>Client Confiuration</h3>
-On the client side, a policy object should be created and loaded into options. Creating the policy object can be done using a "policy.xml" file as follows.
-
-<pre>
- //Creating the object
- StAXOMBuilder builder = new StAXOMBuilder(pathToPolicyfile);
- Policy clientPolicy = PolicyEngine.getPolicy(builder.getDocumentElement());
- //setting the object
- Options options = new Options();
- options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, clientPolicy);
-</pre>
-<a id="1_0_config"></a>
-<h2>Rampart-1.0 Configuration</h2>
-
-Rampart module uses two parameters:
-<ul>
- <li><a href="outflowsecurity">OutflowSecurity</a></li>
- <li><a href="inflowsecurity">InflowSecurity</a></li>
-</ul>
-The configuration that can go in each of these parameters are described
-below: <a name="outflowsecurity"></a>
-
-<h3>OutflowSecurity Parameter</h3>
-This parameter is used to configure the outflow security handler. The outflow
-handler can be invoked more than once in the outflow one can provide
-configuration for each of these invocations. The 'action' element describes
-one of these configurations. Therefore the 'OutflowSecurity' parameter can
-contain more than one 'action' elements. The schema of this 'action' element
-is available <a href="sec-conf/out-action.xsd">here</a>.
-
-An outflow configuration to add a timestamp, sign and encrypt the message
-once, is shown in<a href="#ex1"> Example 1</a> and <a href="#ex1"> Example
-2</a> shows how to sign the message twice by chaining the outflow handler
-(using two 'action' elements)
-
-Following is a description of the elements that can go in an 'action'
-element of the OutflowSecurity parameter
-<br></br>
-
-
-<table class="bodyTable">
- <tbody>
- <tr class="a">
- <td><b>Parameter</b></td>
- <td><b>Description</b></td>
- <td><b>Example</b></td>
- </tr>
- <tr class="b">
- <td>items</td>
- <td>Security actions for the inflow</td>
- <td>Add a Timestamp, Sign the SOAP body and Encrypt the SOAP body <br></br>
- <items> Timestamp Signature Encrypt</items></td>
- </tr>
- <tr class="a">
- <td>user</td>
- <td>The user's name</td>
- <td>Set alias of the key to be used to sign<br></br>
- <user> bob</user></td>
- </tr>
- <tr class="b">
- <td>passwordCallbackClass</td>
- <td>Callback class used to provide the password required to create the
- UsernameToken or to sign the message</td>
- <td><passwordCallbackClass>
- org.apache.axis2.security.PWCallback</passwordCallbackClass></td>
- </tr>
- <tr class="a">
- <td>signaturePropFile</td>
- <td>property file used to get the signature parameters such as crypto
- provider, keystore and its password</td>
- <td>Set example.properties file as the signature property file<br></br>
- <signaturePropFile>
- example.properties</signaturePropFile></td>
- </tr>
- <tr class="b">
- <td>signatureKeyIdentifier</td>
- <td>Key identifier to be used in referring the key in the signature</td>
- <td>Use the serial number of the certificate<br></br>
- <signatureKeyIdentifier>
- IssuerSerial</signatureKeyIdentifier></td>
- </tr>
- <tr class="a">
- <td>encryptionKeyIdentifier</td>
- <td>Key identifier to be used in referring the key in encryption</td>
- <td>Use the serial number of the certificate <br></br>
- <encryptionKeyIdentifier>IssuerSerial</encryptionKeyIdentifier></td>
- </tr>
- <tr class="b">
- <td>encryptionUser</td>
- <td>The user's name for encryption.</td>
- <td><br></br>
- <encryptionUser>alice</encryptionUser></td>
- </tr>
- <tr class="a">
- <td>encryptionSymAlgorithm</td>
- <td>Symmetric algorithm to be used for encryption</td>
- <td>Use AES-128<br></br>
- <encryptionSymAlgorithm>
- http://www.w3.org/2001/04/xmlenc#aes128-cbc</encryptionSymAlgorithm></td>
- </tr>
- <tr class="b">
- <td>encryptionKeyTransportAlgorithm</td>
- <td>Key encryption algorithm</td>
- <td>Use RSA-OAEP<br></br>
- <parameter name="encryptionSymAlgorithm">
- http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</parameter></td>
- </tr>
- <tr class="a">
- <td>signatureParts</td>
- <td>Sign multiple parts in the SOAP message</td>
- <td>Sign Foo and Bar elements qualified by "http://app.ns/ns"<br></br>
- <signatureParts>
- {Element}{http://app.ns/ns}Foo;{Element}{http://app.ns/ns}Bar
- </signatureParts></td>
- </tr>
- <tr class="b">
- <td>optimizeParts</td>
- <td>MTOM Optimize the elements specified by the XPath query</td>
- <td>Optimize the CipherValue<br></br>
- <optimizeParts>
- //xenc:EncryptedData/xenc:CipherData/xenc:CipherValue
- </optimizeParts></td>
- </tr>
- </tbody>
-</table>
-<a name="inflowsecurity"></a>
-
-<h3>InflowSecurity Parameter</h3>
-
-<p>This parameter is used to configure the inflow security handler. The
-'action' element is used to encapsulate the configuration elements here as
-well. The schema of the 'action' element is available here. <a href="#ex3">Example 3</a> shows the configuration to decrypt, verify
-signature and validate timestamp.</p>
-
-<table class="bodyTable">
- <tbody>
- <tr class="a">
- <td><b>Parameter</b></td>
- <td><b>Description</b></td>
- <td><b>Example</b></td>
- </tr>
- <tr class="b">
- <td>items</td>
- <td>Security actions for the inflow</td>
- <td>first the incoming message should be decrypted and then the
- signatures should be verified and should be checked for the
- availability of the Timestamp <br></br>
- <items> Timestamp Signature Encrypt</items></td>
- </tr>
- <tr class="a">
- <td>passwordCallbackClass</td>
- <td>Callback class used to obtain password for decryption and
- UsernameToken verification</td>
- <td><br></br>
- <passwordCallbackClass>
- org.apache.axis2.security.PWCallback</passwordCallbackClass></td>
- </tr>
- <tr class="b">
- <td>signaturePropFile</td>
- <td>Property file used for signature verification</td>
- <td><br></br>
- <signaturePropFile>
- sig.properties</signaturePropFile></td>
- </tr>
- <tr class="a">
- <td>decryptionPropFile</td>
- <td>Property file used for decryption</td>
- <td><br></br>
- <decryptionPropFile>
- dec.properties</decryptionPropFile></td>
- </tr>
- </tbody>
-</table>
-<br></br>
-
-
-<p>Please note that the '.properties' files used in properties such as
-OutSignaturePropFile are the same property files that are using in the WSS4J
-project. Following shows the properties defined in a sample property file</p>
-<div class="source"><pre><pre> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
- org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
- org.apache.ws.security.crypto.merlin.keystore.password=security
- org.apache.ws.security.crypto.merlin.keystore.alias=16c73ab6-b892-458f-abf5-2f875f74882e
- org.apache.ws.security.crypto.merlin.alias.password=security
- org.apache.ws.security.crypto.merlin.file=keys/x509.PFX.MSFT
- </pre>
-</pre></div>org.apache.ws.security.crypto.provider defines the implementation of
-the org.apache.ws.security.components.crypto.Crypto interface to provide the
-crypto information required by WSS4J. The other properties defined are the
-configuration properties used by the implementation class
-(org.apache.ws.security.components.crypto.Merlin). <a name="ref"></a> <a name="references"></a>
-
-<h2>References</h2>
-
-<p>1. <a href="http://ws.apache.org/wss4j">Apache WSS4J -Home</a></p>
-<a name="examples"></a>
-<p>2. <a href="http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf">ws-securitypolicy.pdf</a></p>
-<a name="examples"></a>
-
-
-<h2>Examples</h2>
-
-<p>Example 1: An outflow configuration to add a timestamp, sign and
-encrypt the message once</p>
-
-<p><img alt="" src="sec-conf/out-sample.png"></img></p>
-
-<p>Example 2: An outflow configuration to sign the message twice and
-add a timestamp</p>
-
-<p><img alt="" src="sec-conf/out-sample2.png"></img></p>
-
-<p>Example 3: An inflow configuration to decrypt, verify signature
-and validate timestamp</p>
-
-<p><img alt="" src="sec-conf/in-sample.png"></img></p>
-
+ <html><head><meta http-equiv="content-type" content=""><link href="../../../css/axis-docs.css" rel="stylesheet" type="text/css" media="all">Rampart : WS-Security module for Axis2</head><h1>Securing SOAP Messages with Rampart</h1><p>Axis2 comes with a module based on Apache WSS4J [1] to provide WS-Security
+features, called "Rampart". This document explains how to engage and
+configure Rampart module.</p>
+<h2>Content</h2><ul><li><a href="#intro">Introduction</a>
+</li>
+<li><a href="#1_1_config">Rampart-1.1 Configuration</a>
+<ul><li><a href="#1_1_assetions">Rampart Specific Assertions</a>
+</li>
+<li><a href="#1_1_service_config">Service Configration</a>
+</li>
+<li><a href="#1_1_client_config">Client Confiuration</a>
+</li>
+</ul>
+</li>
+<li><a href="#1_0_config">Rampart-1.0 Configuration</a>
+<ul><li><a href="#outflowsecurity">OutflowSecurity Parameter</a>
+</li>
+<li><a href="#inflowsecurity">InflowSecurity Parameter</a>
+</li>
+</ul>
+</li>
+<li><a href="#references">References</a>
+</li>
+<li><a href="#examples">Examples</a>
+</li>
+</ul>
+<a name="intro"></a>
+<h2>Introduction</h2><p>Since rampart module inserts handlers in the system specific security
+phase, it must be engaged globally. These handlers can be configured
+using WS-SecurityPolicy[2] and Rampart specific policy assertions.
+Rampart-1.0 used two axis2 parameters for configuration and these are
+still supported in the 1.1 release as well.</p>
+<p>The rampart-1.1 release is available
+<a class="externalLink" href="http://www.apache.org/dyn/closer.cgi/ws/rampart/1_1">here</a>
+.</p>
+<p>First it should be engaged by inserting the following in the axis2.xml
+file.</p>
+<div class="source"><pre><pre> <module ref="rampart"/></pre></pre>
+</div>
+<p>The web admin interface can be used when Axis2 is deployed in a servlet
+container such as Apache Tomcat.</p>
+<p>At the server it is possible to provide security on a per service basis.
+The configuration parameters should be set in the service.xml file of the
+service. The client side config parameters should be set in the axis2.xml of
+the client's Axis2 repository.</p>
+<a id="1_1_config"><h2>Rampart-1.1 Configuration</h2><a id="1_1_assetions"><h3>Rampart Specific Assertions</h3><p>Rampart uses the standard WS-SecurityPolicy[2] assertions and also defines its own
+assertions to be able capture the configuration information that is not provided
+in WS-SecurityPolicy.</p>
+<p>The Rampart specific assertion's xsd can be found <a href="sec-conf/rampart-config.xsd">here
+</a>
+.</p>
+<p>The <strong>ramp:RampartConfig</strong> assertion must be available as a one of the top
+level assertions of the policy as shown <a href="sec-conf/sample-policy.xml">here</a>
+.</p>
+<a id="1_1_service_config"><h3>Service Configration</h3>
+
+To configure the service one will simply have to add the policy element into the
+sevices.xml file. A sample service.xml file is available
+<a href="sec-conf/sample-services.xml">here</a>
+.
+<a id="1_1_client_config"><h3>Client Confiuration</h3><p>On the client side, a policy object should be created and loaded into options. Creating the policy object can be done using a "policy.xml" file as follows.</p>
+<pre>
+ //Creating the object
+ StAXOMBuilder builder = new StAXOMBuilder(pathToPolicyfile);
+ Policy clientPolicy = PolicyEngine.getPolicy(builder.getDocumentElement());
+ //setting the object
+ Options options = new Options();
+ options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, clientPolicy);
+</pre><a id="1_0_config"><h2>Rampart-1.0 Configuration</h2><p>Rampart module uses two parameters:</p>
+<ul><li><a href="#outflowsecurity">OutflowSecurity</a>
+</li>
+<li><a href="#inflowsecurity">InflowSecurity</a>
+</li>
+</ul>
+
+The configuration that can go in each of these parameters are described
+below: <a name="outflowsecurity"></a>
+<h3>OutflowSecurity Parameter</h3>
+This parameter is used to configure the outflow security handler. The outflow
+handler can be invoked more than once in the outflow one can provide
+configuration for each of these invocations. The 'action' element describes
+one of these configurations. Therefore the 'OutflowSecurity' parameter can
+contain more than one 'action' elements. The schema of this 'action' element
+is available <a href="sec-conf/out-action.xsd">here</a>
+.
+
+<p>An outflow configuration to add a timestamp, sign and encrypt the message
+once, is shown in<a href="#ex1"> Example 1</a>
+ and <a href="#ex1"> Example
+2</a>
+ shows how to sign the message twice by chaining the outflow handler
+(using two 'action' elements)</p>
+<p>Following is a description of the elements that can go in an 'action'
+element of the OutflowSecurity parameter</p>
+<br />
+<table class="bodyTable"><tbody><tr class="a"><td><b>Parameter</b>
+</td>
+<td><b>Description</b>
+</td>
+<td><b>Example</b>
+</td>
+</tr>
+<tr class="b"><td>items</td>
+<td>Security actions for the inflow</td>
+<td>Add a Timestamp, Sign the SOAP body and Encrypt the SOAP body <br />
+
+ <items> Timestamp Signature Encrypt</items></td>
+</tr>
+<tr class="a"><td>user</td>
+<td>The user's name</td>
+<td>Set alias of the key to be used to sign<br />
+
+ <user> bob</user></td>
+</tr>
+<tr class="b"><td>passwordCallbackClass</td>
+<td>Callback class used to provide the password required to create the
+ UsernameToken or to sign the message</td>
+<td><passwordCallbackClass>
+ org.apache.axis2.security.PWCallback</passwordCallbackClass></td>
+</tr>
+<tr class="a"><td>signaturePropFile</td>
+<td>property file used to get the signature parameters such as crypto
+ provider, keystore and its password</td>
+<td>Set example.properties file as the signature property file<br />
+
+ <signaturePropFile>
+ example.properties</signaturePropFile></td>
+</tr>
+<tr class="b"><td>signatureKeyIdentifier</td>
+<td>Key identifier to be used in referring the key in the signature</td>
+<td>Use the serial number of the certificate<br />
+
+ <signatureKeyIdentifier>
+ IssuerSerial</signatureKeyIdentifier></td>
+</tr>
+<tr class="a"><td>encryptionKeyIdentifier</td>
+<td>Key identifier to be used in referring the key in encryption</td>
+<td>Use the serial number of the certificate <br />
+
+ <encryptionKeyIdentifier>IssuerSerial</encryptionKeyIdentifier></td>
+</tr>
+<tr class="b"><td>encryptionUser</td>
+<td>The user's name for encryption.</td>
+<td><br />
+
+ <encryptionUser>alice</encryptionUser></td>
+</tr>
+<tr class="a"><td>encryptionSymAlgorithm</td>
+<td>Symmetric algorithm to be used for encryption</td>
+<td>Use AES-128<br />
+
+ <encryptionSymAlgorithm>
+ http://www.w3.org/2001/04/xmlenc#aes128-cbc</encryptionSymAlgorithm></td>
+</tr>
+<tr class="b"><td>encryptionKeyTransportAlgorithm</td>
+<td>Key encryption algorithm</td>
+<td>Use RSA-OAEP<br />
+
+ <parameter name="encryptionSymAlgorithm">
+ http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</parameter></td>
+</tr>
+<tr class="a"><td>signatureParts</td>
+<td>Sign multiple parts in the SOAP message</td>
+<td>Sign Foo and Bar elements qualified by "http://app.ns/ns"<br />
+
+ <signatureParts>
+ {Element}{http://app.ns/ns}Foo;{Element}{http://app.ns/ns}Bar
+ </signatureParts></td>
+</tr>
+<tr class="b"><td>optimizeParts</td>
+<td>MTOM Optimize the elements specified by the XPath query</td>
+<td>Optimize the CipherValue<br />
+
+ <optimizeParts>
+ //xenc:EncryptedData/xenc:CipherData/xenc:CipherValue
+ </optimizeParts></td>
+</tr>
+</tbody></table>
+<a name="inflowsecurity"></a>
+<h3>InflowSecurity Parameter</h3><p>This parameter is used to configure the inflow security handler. The
+'action' element is used to encapsulate the configuration elements here as
+well. The schema of the 'action' element is available here. <a href="#ex3">Example 3</a>
+ shows the configuration to decrypt, verify
+signature and validate timestamp.</p>
+<table class="bodyTable"><tbody><tr class="a"><td><b>Parameter</b>
+</td>
+<td><b>Description</b>
+</td>
+<td><b>Example</b>
+</td>
+</tr>
+<tr class="b"><td>items</td>
+<td>Security actions for the inflow</td>
+<td>first the incoming message should be decrypted and then the
+ signatures should be verified and should be checked for the
+ availability of the Timestamp <br />
+
+ <items> Timestamp Signature Encrypt</items></td>
+</tr>
+<tr class="a"><td>passwordCallbackClass</td>
+<td>Callback class used to obtain password for decryption and
+ UsernameToken verification</td>
+<td><br />
+
+ <passwordCallbackClass>
+ org.apache.axis2.security.PWCallback</passwordCallbackClass></td>
+</tr>
+<tr class="b"><td>signaturePropFile</td>
+<td>Property file used for signature verification</td>
+<td><br />
+
+ <signaturePropFile>
+ sig.properties</signaturePropFile></td>
+</tr>
+<tr class="a"><td>decryptionPropFile</td>
+<td>Property file used for decryption</td>
+<td><br />
+
+ <decryptionPropFile>
+ dec.properties</decryptionPropFile></td>
+</tr>
+</tbody></table>
+<br />
+<p>Please note that the '.properties' files used in properties such as
+OutSignaturePropFile are the same property files that are using in the WSS4J
+project. Following shows the properties defined in a sample property file</p>
+<div class="source"><pre><pre> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+ org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
+ org.apache.ws.security.crypto.merlin.keystore.password=security
+ org.apache.ws.security.crypto.merlin.keystore.alias=16c73ab6-b892-458f-abf5-2f875f74882e
+ org.apache.ws.security.crypto.merlin.alias.password=security
+ org.apache.ws.security.crypto.merlin.file=keys/x509.PFX.MSFT
+ </pre></pre>
+</div>
+org.apache.ws.security.crypto.provider defines the implementation of
+the org.apache.ws.security.components.crypto.Crypto interface to provide the
+crypto information required by WSS4J. The other properties defined are the
+configuration properties used by the implementation class
+(org.apache.ws.security.components.crypto.Merlin). <a name="ref"></a>
+<a name="references"></a>
+<h2>References</h2><p>1. <a class="externalLink" href="http://ws.apache.org/wss4j">Apache WSS4J -Home</a>
+</p>
+<a name="examples"></a>
+<p>2. <a class="externalLink" href="http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf">ws-securitypolicy.pdf</a>
+</p>
+<a name="examples"></a>
+<h2>Examples</h2><p>Example 1: An outflow configuration to add a timestamp, sign and
+encrypt the message once</p>
+<p><img src="sec-conf/out-sample.png" alt="" /></p>
+<p>Example 2: An outflow configuration to sign the message twice and
+add a timestamp</p>
+<p><img src="sec-conf/out-sample2.png" alt="" /></p>
+<p>Example 3: An inflow configuration to decrypt, verify signature
+and validate timestamp</p>
+<p><img src="sec-conf/in-sample.png" alt="" /></p>
</html>
</div>
</div>
@@ -571,7 +549,7 @@
</div>
<div id="footer">
<div class="xright">©
- 2004-2007
+ 2004-2008
Apache Software Foundation
@@ -581,6 +559,7 @@
+
</div>
<div class="clear">
<hr/>
Modified: webservices/axis2/site/modules/wss4j/0_94/0.94/security-module.html
URL: http://svn.apache.org/viewvc/webservices/axis2/site/modules/wss4j/0_94/0.94/security-module.html?rev=652665&r1=652664&r2=652665&view=diff
==============================================================================
--- webservices/axis2/site/modules/wss4j/0_94/0.94/security-module.html (original)
+++ webservices/axis2/site/modules/wss4j/0_94/0.94/security-module.html Thu May 1 14:20:27 2008
@@ -1,137 +1,137 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html><head><title>Axis2/Java - The Security Module</title><style type="text/css" media="all">
- @import url("../../../../style/maven-base.css");
-
- @import url("../../../../style/maven-theme.css");</style><link rel="stylesheet" href="../../../../style/print.css" type="text/css" media="print"></link><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"></meta></head><body class="composite"><div id="banner"><a href="http://www.apache.org/" id="organizationLogo"><img alt="Apache Software Foundation" src="http://www.apache.org/images/asf-logo.gif"></img></a><a href="http://ws.apache.org/axis2/" id="projectLogo"><img alt="Apache Axis2" src="http://ws.apache.org/axis2/images/axis.jpg"></img></a><div class="clear"><hr></hr></div></div><div id="breadcrumbs"><div class="xleft">
- Last published: 04 May 2007
- | Doc for 1.2</div><div class="xright">
-
- <a href="../../../../index.html">Axis2/Java</a>
-
-
-
- <span class="separator">|</span>
-
-
- <a href="http://ws.apache.org/axis2/c" class="externalLink" title="External Link">Axis2/C</a>
-
-
-
- <span class="separator">|</span>
-
-
- <a href="http://ws.apache.org" class="externalLink" title="External Link">Apache WS</a>
-
-
-
- <span class="separator">|</span>
-
-
- <a href="http://www.apache.org" class="externalLink" title="External Link">Apache </a>
- </div><div class="clear"><hr></hr></div></div><div id="leftColumn"><div id="navcolumn"><div id="menuAxis2_Java"><h5>Axis2/Java</h5><ul><li class="none"><a href="../../../../index.html">Home</a></li></ul></div><div id="menuDownloads"><h5>Downloads</h5><ul><li class="none"><a href="../../../../download.cgi">Releases</a></li><li class="none"><a href="../../../../modules/index.html">Modules</a></li><li class="none"><a href="../../../../tools/index.html">Tools</a></li></ul></div><div id="menuDocumentation"><h5>Documentation</h5><ul><li class="expanded"><a href="../../../../1_2/contents.html">Version 1.2</a><ul><li class="none"><a href="../../../../1_2/toc.html">Table of Contents</a></li><li class="none"><a href="../../../../1_2/installationguide.html">Installation Guide</a></li><li class="none"><a href="../../../../1_2/quickstartguide.html">QuickStart Guide</a></li><li class="none"><a href="../../../../1_2/userguide.html">User Guide</a></li><li class="none"><a href="../../.
./../1_2/pojoguide.html">POJO Guide</a></li><li class="none"><a href="../../../../1_2/spring.html">Spring Guide</a></li><li class="none"><a href="../../../../1_2/webadminguide.html">Web Administrator's Guide</a></li><li class="none"><a href="../../../../1_2/migration.html">Migration Guide (from Axis1)</a></li></ul></li><li class="none"><a href="../../../../1_1_1/contents.html">Version 1.1.1</a></li><li class="none"><a href="../../../../1_1/contents.html">Version 1.1</a></li><li class="none"><a href="../../../../1_0/index.html">Version 1.0</a></li><li class="none"><a href="../../../../0_95/index.html">Version 0.95</a></li><li class="none"><a href="../../../../0_94/index.html">Version 0.94</a></li><li class="none"><a href="../../../../0_93/index.html">Version 0.93</a></li></ul></div><div id="menuResources"><h5>Resources</h5><ul><li class="none"><a href="../../../../faq.html">FAQ</a></li><li class="none"><a href="../../../../articles.html">Articles</a></li><li class="none"><a h
ref="http://wiki.apache.org/ws/FrontPage/Axis2/" class="externalLink" title="External Link">Wiki</a></li><li class="none"><a href="../../../../refLib.html">Reference Library</a></li><li class="none"><a href="http://ws.apache.org/axis2/1_2/api/index.html" class="externalLink" title="External Link">Online Java Docs</a></li></ul></div><div id="menuGet_Involved"><h5>Get Involved</h5><ul><li class="none"><a href="../../../../overview.html">Overview</a></li><li class="none"><a href="../../../../svn.html">Checkout the Source</a></li><li class="none"><a href="../../../../mail-lists.html">Mailing Lists</a></li><li class="none"><a href="../../../../guidelines.html">Developer Guidelines</a></li><li class="none"><a href="../../../../siteHowTo.html">Build the Site</a></li></ul></div><div id="menuProject_Information"><h5>Project Information</h5><ul><li class="none"><a href="../../../../team-list.html">Project Team</a></li><li class="none"><a href="../../../../issue-tracking.html">Issue Tr
acking</a></li><li class="none"><a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN" class="externalLink" title="External Link">Source Code</a></li><li class="none"><a href="../../../../thanks.html">Acknowledgements</a></li><li class="none"><a href="http://www.apache.org/licenses/LICENSE-2.0.html" class="externalLink" title="External Link">License</a></li></ul></div><a href="http://maven.apache.org/" title="Built by Maven" id="poweredBy"><img alt="Built by Maven" src="../../../../images/logos/maven-button-1.png"></img></a></div></div><div id="bodyColumn"><div class="contentBox"><div class="section"><a name="Securing_SOAP_Messages_with_WSS4J"></a><h2>Securing SOAP Messages with WSS4J</h2><p><em>-For Axis2 version 0.94</em></p><p>Axis2 comes with a module based on WSS4J [1] to provide WS-Security
-features. This section explains how to engage and configure the security
-module. Since the security module inserts handlers in the system specific
-pre-dispatch phase, it must be engaged globally. But it is possible to
-activate the security module for the inflow or the outflow when required by
-the service or the clients.</p><p>The security module (security.mar) is available in the axis2.war but it is
-not engaged by default.</p><p>First it should be engaged by inserting the following in the axis2.xml
-file.</p>
- <div class="source"><pre><pre> <module ref="security"/></pre>
-</pre></div>
- <p>The web admin interface can be used when Axis2 is deployed in a servlet
-container such as Apache Tomcat.</p><p>At the server it is possible to provide security on a per service basis.
-The configuration parameters should be set in the service.xml file of the
-service. The client side config parameters should be set in the axis2.xml of
-the client's Axis2 repository.</p><p>The security module uses two parameters:</p><ul>
- <li>OutflowSecurity</li>
- <li>InflowSecurity</li>
-</ul><p>
-The configuration that can go in each of these parameters are described below:
-
-</p><div class="subsection"><a name="OutflowSecurity_parameter"></a><h3>OutflowSecurity parameter</h3><p>
-This parameter is used to configure the outflow security handler. The outflow
-handler can be invoked more than once in the outflow one can provide
-configuration for each of these invocations. The 'action' element describes
-one of these configurations. Therefore the 'OutflowSecurity' parameter can
-contain more than one 'action' elements. The schema of this 'action' element
-is available <a href="sec-conf/out-action.xsd">here</a>.
-
-</p><p>An outflow configuration to add a timestamp, sing and encrypt the message
-once, is shown in<a href="#ex1"> Example 1</a> and <a href="#ex1"> Example
-2</a> shows how to sign the message twice by chaining the outflow handler
-(using two 'action' elements)</p><p>Following is a description of the elements that can go in an 'action'
-element of the OutflowSecurity parameter</p><br></br><table class="bodyTable"><tbody>
- <tr class="b"><td><b>Parameter</b></td><td><b>Description</b></td><td><b>Example</b></td></tr>
- <tr class="a"><td>items</td><td>Security actions for the inflow</td><td>Add a Timestamp, Sign the SOAP body and Encrypt the SOAP body <br></br>
- <items> Timestamp Signature Encrypt</items></td></tr>
- <tr class="b"><td>user</td><td>The user's name</td><td>Set alias of the key to be used to sign<br></br>
- <user> bob</user></td></tr>
- <tr class="a"><td>passwordCallbackClass</td><td>Callback class used to provide the password required to create the
- UsernameToken or to sign the message</td><td><passwordCallbackClass>
- org.apache.axis2.security.PWCallback</passwordCallbackClass></td></tr>
- <tr class="b"><td>signaturePropFile</td><td>property file used to get the signature parameters such as crypto
- provider, keystore and its password</td><td>Set example.properties file as the signature property file<br></br>
- <signaturePropFile>
- example.properties</signaturePropFile></td></tr>
- <tr class="a"><td>signatureKeyIdentifier</td><td>Key identifier to be used in referring the key in the signature</td><td>Use the serial number of the certificate<br></br>
- <signatureKeyIdentifier>
- IssuerSerial</signatureKeyIdentifier></td></tr>
- <tr class="b"><td>encryptionKeyIdentifier</td><td>Key identifier to be used in referring the key in encryption</td><td>Use the serial number of the certificate <br></br>
- <encryptionKeyIdentifier>IssuerSerial</encryptionKeyIdentifier></td></tr>
- <tr class="a"><td>encryptionUser</td><td>The user's name for encryption.</td><td><br></br>
- <encryptionUser>alice</encryptionUser></td></tr>
- <tr class="b"><td>encryptionSymAlgorithm</td><td>Symmetric algorithm to be used for encryption</td><td>Use AES-128<br></br>
- <encryptionSymAlgorithm>
- http://www.w3.org/2001/04/xmlenc#aes128-cbc</encryptionSymAlgorithm></td></tr>
- <tr class="a"><td>encryptionKeyTransportAlgorithm</td><td>Key encryption algorithm</td><td>Use RSA-OAEP<br></br>
- <parameter name="encryptionSymAlgorithm">
- http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</parameter></td></tr>
- <tr class="b"><td>signatureParts</td><td>Sign multiple parts in the SOAP message</td><td>Sign Foo and Bar elements qualified by "http://app.ns/ns"<br></br>
- <signatureParts>
- {Element}{http://app.ns/ns}Foo;{Element}{http://app.ns/ns}Bar
- </signatureParts></td></tr>
- <tr class="a"><td>optimizeParts</td><td>MTOM Optimize the elements specified by the XPath query</td><td>Optimize the CipherValue<br></br>
- <optimizeParts>
- //xenc:EncryptedData/xenc:CipherData/xenc:CipherValue
- </optimizeParts></td></tr>
- </tbody></table><br></br></div><div class="subsection"><a name="InflowSecurity_parameter"></a><h3>InflowSecurity parameter</h3><p>This parameter is used to configure the inflow security handler. The
-'action' element is used to encapsulate the configuration elements here as
-well. The schema of the 'action' element is available here. <a href="#ex3">Example 3</a> shows the configuration to decrypt, verify
-signature and validate timestamp.</p><table class="bodyTable"><tbody>
- <tr class="b"><td><b>Parameter</b></td><td><b>Description</b></td><td><b>Example</b></td></tr>
- <tr class="a"><td>items</td><td>Security actions for the inflow</td><td>first the incoming message should be decrypted and then the
- signatures should be verified and should be checked for the
- availability of the Timestamp <br></br>
- <items> Timestamp Signature Encrypt</items></td></tr>
- <tr class="b"><td>passwordCallbackClass</td><td>Callback class used to obtain password for decryption and
- UsernameToken verification</td><td><br></br>
- <passwordCallbackClass>
- org.apache.axis2.security.PWCallback</passwordCallbackClass></td></tr>
- <tr class="a"><td>signaturePropFile</td><td>Property file used for signature verification</td><td><br></br>
- <signaturePropFile>
- sig.properties</signaturePropFile></td></tr>
- <tr class="b"><td>decryptionPropFile</td><td>Property file used for decryption</td><td><br></br>
- <decryptionPropFile>
- dec.properties</decryptionPropFile></td></tr>
- </tbody></table><br></br><p>Please note that the '.properties' files used in properties such as
-OutSignaturePropFile are the same property files that are using in the WSS4J
-project. Following shows the properties defined in a sample property file</p>
- <div class="source"><pre><pre>org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
-org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
-org.apache.ws.security.crypto.merlin.keystore.password=security
-org.apache.ws.security.crypto.merlin.keystore.alias=16c73ab6-b892-458f-abf5-2f875f74882e
-org.apache.ws.security.crypto.merlin.alias.password=security
-org.apache.ws.security.crypto.merlin.file=keys/x509.PFX.MSFT</pre>
-</pre></div>
- <p>org.apache.ws.security.crypto.provider defines the implementation of
-the org.apache.ws.security.components.crypto.Crypto interface to provide the
-crypto information required by WSS4J. The other properties defined are the
-configuration properties used by the implementation class
-(org.apache.ws.security.components.crypto.Merlin).
-
-</p></div><div class="subsection"><a name="JDK_1_5"></a><h3>JDK 1.5</h3><p>If you are using JDK1.5 make sure you add bouncycastle as a JCE provider
-of the JRE</p><p>Simply add
-<b>security.provider.X=org.bouncycastle.jce.provider.BouncyCastleProvider</b>
-entry in <b>JDK_HOME/jre/lib/security/java.security</b> file.</p><p><b>References</b></p><p>1. <a href="http://ws.apache.org/wss4j" class="externalLink" title="External Link">Apache WSS4J</a></p><br></br><p><b>Examples</b></p><p id="ex1">Example 1: An outflow configuration to add a timestamp, sing and
-encrypt the message once</p><p><img src="sec-conf/out-sample.png" alt=""></img></p><p id="ex2">Example 2: An outflow configuration to sign the message twice and
-add a timestamp</p><p><img src="sec-conf/out-sample2.png" alt=""></img></p><p id="ex3">Example 3: An inflow configuration to decrypt, verify signature
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html><head><title>Axis2/Java - The Security Module</title><style type="text/css" media="all">
+ @import url("../../../../style/maven-base.css");
+
+ @import url("../../../../style/maven-theme.css");</style><link rel="stylesheet" href="../../../../style/print.css" type="text/css" media="print"></link><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"></meta></head><body class="composite"><div id="banner"><a href="http://www.apache.org/" id="organizationLogo"><img alt="Apache Software Foundation" src="http://www.apache.org/images/asf-logo.gif"></img></a><a href="http://ws.apache.org/axis2/" id="projectLogo"><img alt="Apache Axis2" src="http://ws.apache.org/axis2/images/axis.jpg"></img></a><div class="clear"><hr></hr></div></div><div id="breadcrumbs"><div class="xleft">
+ Last published: 04 May 2007
+ | Doc for 1.2</div><div class="xright">
+
+ <a href="../../../../index.html">Axis2/Java</a>
+
+
+
+ <span class="separator">|</span>
+
+
+ <a href="http://ws.apache.org/axis2/c" class="externalLink" title="External Link">Axis2/C</a>
+
+
+
+ <span class="separator">|</span>
+
+
+ <a href="http://ws.apache.org" class="externalLink" title="External Link">Apache WS</a>
+
+
+
+ <span class="separator">|</span>
+
+
+ <a href="http://www.apache.org" class="externalLink" title="External Link">Apache </a>
+ </div><div class="clear"><hr></hr></div></div><div id="leftColumn"><div id="navcolumn"><div id="menuAxis2_Java"><h5>Axis2/Java</h5><ul><li class="none"><a href="../../../../index.html">Home</a></li></ul></div><div id="menuDownloads"><h5>Downloads</h5><ul><li class="none"><a href="../../../../download.cgi">Releases</a></li><li class="none"><a href="../../../../modules/index.html">Modules</a></li><li class="none"><a href="../../../../tools/index.html">Tools</a></li></ul></div><div id="menuDocumentation"><h5>Documentation</h5><ul><li class="expanded"><a href="../../../../1_2/contents.html">Version 1.2</a><ul><li class="none"><a href="../../../../1_2/toc.html">Table of Contents</a></li><li class="none"><a href="../../../../1_2/installationguide.html">Installation Guide</a></li><li class="none"><a href="../../../../1_2/quickstartguide.html">QuickStart Guide</a></li><li class="none"><a href="../../../../1_2/userguide.html">User Guide</a></li><li class="none"><a href="../../.
./../1_2/pojoguide.html">POJO Guide</a></li><li class="none"><a href="../../../../1_2/spring.html">Spring Guide</a></li><li class="none"><a href="../../../../1_2/webadminguide.html">Web Administrator's Guide</a></li><li class="none"><a href="../../../../1_2/migration.html">Migration Guide (from Axis1)</a></li></ul></li><li class="none"><a href="../../../../1_1_1/contents.html">Version 1.1.1</a></li><li class="none"><a href="../../../../1_1/contents.html">Version 1.1</a></li><li class="none"><a href="../../../../1_0/index.html">Version 1.0</a></li><li class="none"><a href="../../../../0_95/index.html">Version 0.95</a></li><li class="none"><a href="../../../../0_94/index.html">Version 0.94</a></li><li class="none"><a href="../../../../0_93/index.html">Version 0.93</a></li></ul></div><div id="menuResources"><h5>Resources</h5><ul><li class="none"><a href="../../../../faq.html">FAQ</a></li><li class="none"><a href="../../../../articles.html">Articles</a></li><li class="none"><a h
ref="http://wiki.apache.org/ws/FrontPage/Axis2/" class="externalLink" title="External Link">Wiki</a></li><li class="none"><a href="../../../../refLib.html">Reference Library</a></li><li class="none"><a href="http://ws.apache.org/axis2/1_2/api/index.html" class="externalLink" title="External Link">Online Java Docs</a></li></ul></div><div id="menuGet_Involved"><h5>Get Involved</h5><ul><li class="none"><a href="../../../../overview.html">Overview</a></li><li class="none"><a href="../../../../svn.html">Checkout the Source</a></li><li class="none"><a href="../../../../mail-lists.html">Mailing Lists</a></li><li class="none"><a href="../../../../guidelines.html">Developer Guidelines</a></li><li class="none"><a href="../../../../siteHowTo.html">Build the Site</a></li></ul></div><div id="menuProject_Information"><h5>Project Information</h5><ul><li class="none"><a href="../../../../team-list.html">Project Team</a></li><li class="none"><a href="../../../../issue-tracking.html">Issue Tr
acking</a></li><li class="none"><a href="http://svn.apache.org/viewcvs.cgi/webservices/axis2/trunk/?root=Apache-SVN" class="externalLink" title="External Link">Source Code</a></li><li class="none"><a href="../../../../thanks.html">Acknowledgements</a></li><li class="none"><a href="http://www.apache.org/licenses/LICENSE-2.0.html" class="externalLink" title="External Link">License</a></li></ul></div><a href="http://maven.apache.org/" title="Built by Maven" id="poweredBy"><img alt="Built by Maven" src="../../../../images/logos/maven-button-1.png"></img></a></div></div><div id="bodyColumn"><div class="contentBox"><div class="section"><a name="Securing_SOAP_Messages_with_WSS4J"></a><h2>Securing SOAP Messages with WSS4J</h2><p><em>-For Axis2 version 0.94</em></p><p>Axis2 comes with a module based on WSS4J [1] to provide WS-Security
+features. This section explains how to engage and configure the security
+module. Since the security module inserts handlers in the system specific
+pre-dispatch phase, it must be engaged globally. But it is possible to
+activate the security module for the inflow or the outflow when required by
+the service or the clients.</p><p>The security module (security.mar) is available in the axis2.war but it is
+not engaged by default.</p><p>First it should be engaged by inserting the following in the axis2.xml
+file.</p>
+ <div class="source"><pre><pre> <module ref="security"/></pre>
+</pre></div>
+ <p>The web admin interface can be used when Axis2 is deployed in a servlet
+container such as Apache Tomcat.</p><p>At the server it is possible to provide security on a per service basis.
+The configuration parameters should be set in the service.xml file of the
+service. The client side config parameters should be set in the axis2.xml of
+the client's Axis2 repository.</p><p>The security module uses two parameters:</p><ul>
+ <li>OutflowSecurity</li>
+ <li>InflowSecurity</li>
+</ul><p>
+The configuration that can go in each of these parameters are described below:
+
+</p><div class="subsection"><a name="OutflowSecurity_parameter"></a><h3>OutflowSecurity parameter</h3><p>
+This parameter is used to configure the outflow security handler. The outflow
+handler can be invoked more than once in the outflow one can provide
+configuration for each of these invocations. The 'action' element describes
+one of these configurations. Therefore the 'OutflowSecurity' parameter can
+contain more than one 'action' elements. The schema of this 'action' element
+is available <a href="sec-conf/out-action.xsd">here</a>.
+
+</p><p>An outflow configuration to add a timestamp, sing and encrypt the message
+once, is shown in<a href="#ex1"> Example 1</a> and <a href="#ex1"> Example
+2</a> shows how to sign the message twice by chaining the outflow handler
+(using two 'action' elements)</p><p>Following is a description of the elements that can go in an 'action'
+element of the OutflowSecurity parameter</p><br></br><table class="bodyTable"><tbody>
+ <tr class="b"><td><b>Parameter</b></td><td><b>Description</b></td><td><b>Example</b></td></tr>
+ <tr class="a"><td>items</td><td>Security actions for the inflow</td><td>Add a Timestamp, Sign the SOAP body and Encrypt the SOAP body <br></br>
+ <items> Timestamp Signature Encrypt</items></td></tr>
+ <tr class="b"><td>user</td><td>The user's name</td><td>Set alias of the key to be used to sign<br></br>
+ <user> bob</user></td></tr>
+ <tr class="a"><td>passwordCallbackClass</td><td>Callback class used to provide the password required to create the
+ UsernameToken or to sign the message</td><td><passwordCallbackClass>
+ org.apache.axis2.security.PWCallback</passwordCallbackClass></td></tr>
+ <tr class="b"><td>signaturePropFile</td><td>property file used to get the signature parameters such as crypto
+ provider, keystore and its password</td><td>Set example.properties file as the signature property file<br></br>
+ <signaturePropFile>
+ example.properties</signaturePropFile></td></tr>
+ <tr class="a"><td>signatureKeyIdentifier</td><td>Key identifier to be used in referring the key in the signature</td><td>Use the serial number of the certificate<br></br>
+ <signatureKeyIdentifier>
+ IssuerSerial</signatureKeyIdentifier></td></tr>
+ <tr class="b"><td>encryptionKeyIdentifier</td><td>Key identifier to be used in referring the key in encryption</td><td>Use the serial number of the certificate <br></br>
+ <encryptionKeyIdentifier>IssuerSerial</encryptionKeyIdentifier></td></tr>
+ <tr class="a"><td>encryptionUser</td><td>The user's name for encryption.</td><td><br></br>
+ <encryptionUser>alice</encryptionUser></td></tr>
+ <tr class="b"><td>encryptionSymAlgorithm</td><td>Symmetric algorithm to be used for encryption</td><td>Use AES-128<br></br>
+ <encryptionSymAlgorithm>
+ http://www.w3.org/2001/04/xmlenc#aes128-cbc</encryptionSymAlgorithm></td></tr>
+ <tr class="a"><td>encryptionKeyTransportAlgorithm</td><td>Key encryption algorithm</td><td>Use RSA-OAEP<br></br>
+ <parameter name="encryptionSymAlgorithm">
+ http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</parameter></td></tr>
+ <tr class="b"><td>signatureParts</td><td>Sign multiple parts in the SOAP message</td><td>Sign Foo and Bar elements qualified by "http://app.ns/ns"<br></br>
+ <signatureParts>
+ {Element}{http://app.ns/ns}Foo;{Element}{http://app.ns/ns}Bar
+ </signatureParts></td></tr>
+ <tr class="a"><td>optimizeParts</td><td>MTOM Optimize the elements specified by the XPath query</td><td>Optimize the CipherValue<br></br>
+ <optimizeParts>
+ //xenc:EncryptedData/xenc:CipherData/xenc:CipherValue
+ </optimizeParts></td></tr>
+ </tbody></table><br></br></div><div class="subsection"><a name="InflowSecurity_parameter"></a><h3>InflowSecurity parameter</h3><p>This parameter is used to configure the inflow security handler. The
+'action' element is used to encapsulate the configuration elements here as
+well. The schema of the 'action' element is available here. <a href="#ex3">Example 3</a> shows the configuration to decrypt, verify
+signature and validate timestamp.</p><table class="bodyTable"><tbody>
+ <tr class="b"><td><b>Parameter</b></td><td><b>Description</b></td><td><b>Example</b></td></tr>
+ <tr class="a"><td>items</td><td>Security actions for the inflow</td><td>first the incoming message should be decrypted and then the
+ signatures should be verified and should be checked for the
+ availability of the Timestamp <br></br>
+ <items> Timestamp Signature Encrypt</items></td></tr>
+ <tr class="b"><td>passwordCallbackClass</td><td>Callback class used to obtain password for decryption and
+ UsernameToken verification</td><td><br></br>
+ <passwordCallbackClass>
+ org.apache.axis2.security.PWCallback</passwordCallbackClass></td></tr>
+ <tr class="a"><td>signaturePropFile</td><td>Property file used for signature verification</td><td><br></br>
+ <signaturePropFile>
+ sig.properties</signaturePropFile></td></tr>
+ <tr class="b"><td>decryptionPropFile</td><td>Property file used for decryption</td><td><br></br>
+ <decryptionPropFile>
+ dec.properties</decryptionPropFile></td></tr>
+ </tbody></table><br></br><p>Please note that the '.properties' files used in properties such as
+OutSignaturePropFile are the same property files that are using in the WSS4J
+project. Following shows the properties defined in a sample property file</p>
+ <div class="source"><pre><pre>org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
+org.apache.ws.security.crypto.merlin.keystore.password=security
+org.apache.ws.security.crypto.merlin.keystore.alias=16c73ab6-b892-458f-abf5-2f875f74882e
+org.apache.ws.security.crypto.merlin.alias.password=security
+org.apache.ws.security.crypto.merlin.file=keys/x509.PFX.MSFT</pre>
+</pre></div>
+ <p>org.apache.ws.security.crypto.provider defines the implementation of
+the org.apache.ws.security.components.crypto.Crypto interface to provide the
+crypto information required by WSS4J. The other properties defined are the
+configuration properties used by the implementation class
+(org.apache.ws.security.components.crypto.Merlin).
+
+</p></div><div class="subsection"><a name="JDK_1_5"></a><h3>JDK 1.5</h3><p>If you are using JDK1.5 make sure you add bouncycastle as a JCE provider
+of the JRE</p><p>Simply add
+<b>security.provider.X=org.bouncycastle.jce.provider.BouncyCastleProvider</b>
+entry in <b>JDK_HOME/jre/lib/security/java.security</b> file.</p><p><b>References</b></p><p>1. <a href="http://ws.apache.org/wss4j" class="externalLink" title="External Link">Apache WSS4J</a></p><br></br><p><b>Examples</b></p><p id="ex1">Example 1: An outflow configuration to add a timestamp, sing and
+encrypt the message once</p><p><img src="sec-conf/out-sample.png" alt=""></img></p><p id="ex2">Example 2: An outflow configuration to sign the message twice and
+add a timestamp</p><p><img src="sec-conf/out-sample2.png" alt=""></img></p><p id="ex3">Example 3: An inflow configuration to decrypt, verify signature
and validate timestamp</p><p><img src="sec-conf/in-sample.png" alt=""></img></p></div></div></div></div><div class="clear"><hr></hr></div><div id="footer"><div class="xright">© 2004-2007, Apache Software Foundation</div><div class="clear"><hr></hr></div></div></body></html>
\ No newline at end of file
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org