You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2014/02/28 17:20:58 UTC
svn commit: r1572986 [2/2] - /webservices/website/wss4j/
Added: webservices/website/wss4j/user_guide.html
URL: http://svn.apache.org/viewvc/webservices/website/wss4j/user_guide.html?rev=1572986&view=auto
==============================================================================
--- webservices/website/wss4j/user_guide.html (added)
+++ webservices/website/wss4j/user_guide.html Fri Feb 28 16:20:58 2014
@@ -0,0 +1,126 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<!-- Generated by Apache Maven Doxia Site Renderer 1.4 at 2014-02-28 -->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+ <title>Apache WSS4J - </title>
+ <style type="text/css" media="all">
+ @import url("./css/maven-base.css");
+ @import url("./css/maven-theme.css");
+ @import url("./css/site.css");
+ </style>
+ <link rel="stylesheet" href="./css/print.css" type="text/css" media="print" />
+ <meta name="Date-Revision-yyyymmdd" content="20140228" />
+ <meta http-equiv="Content-Language" content="en" />
+
+ </head>
+ <body class="composite">
+ <div id="banner">
+ <a href="./" id="bannerLeft">
+ Apache WSS4J
+ </a>
+ <a href="http://www.apache.org" id="bannerRight">
+ <img src="http://activemq.apache.org/images/asf-logo.png" alt="$alt" />
+ </a>
+ <div class="clear">
+ <hr/>
+ </div>
+ </div>
+ <div id="breadcrumbs">
+
+
+ <div class="xleft">
+ <span id="publishDate">Last Published: 2014-02-28</span>
+ | <span id="projectVersion">Version: 2.0.0-SNAPSHOT</span>
+ </div>
+ <div class="xright">
+
+ </div>
+ <div class="clear">
+ <hr/>
+ </div>
+ </div>
+ <div id="leftColumn">
+ <div id="navcolumn">
+
+
+ <h5>Apache WSS4J</h5>
+ <ul>
+ <li class="none">
+ <a href="index.html" title="Home">Home</a>
+ </li>
+ <li class="none">
+ <a href="download.html" title="Download">Download</a>
+ </li>
+ <li class="none">
+ <strong>User's Guide</strong>
+ </li>
+ </ul>
+ <h5>Project Documentation</h5>
+ <ul>
+ <li class="collapsed">
+ <a href="project-info.html" title="Project Information">Project Information</a>
+ </li>
+ </ul>
+ <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
+ <img class="poweredBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
+ </a>
+
+
+ </div>
+ </div>
+ <div id="bodyColumn">
+ <div id="contentBox">
+
+
+<div class="section">
+<h2>Apache WSS4J User's Guide<a name="Apache_WSS4J_Users_Guide"></a></h2>
+
+<p>
+Click on the links below for more information about the functionality offered
+by WSS4J and how to configure it.
+</p>
+
+<ul>
+
+<li><a href="using.html">Using Apache WSS4J</a></li>
+
+<li><a href="config.html">WSS4J Configuration</a></li>
+
+<li><a href="newfeatures20.html">WSS4J 2.0.0 New Features</a></li>
+
+<li><a href="streaming.html">Streaming WS-Security support</a></li>
+
+<li><a href="attachments.html">Securing message attachments</a></li>
+
+<li><a href="migration.html">WSS4J 2.0.0 Migration Guide</a></li>
+
+<li><a href="wss4j16.html">WSS4J 1.6.0 Migration Guide</a></li>
+
+<li><a href="topics.html">Special Topics</a></li>
+
+<li><a href="best_practice.html">Security Best Practices</a></li>
+
+<li><a href="resources.html">Further Resources</a></li>
+</ul>
+</div>
+
+
+ </div>
+ </div>
+ <div class="clear">
+ <hr/>
+ </div>
+ <div id="footer">
+ <div class="xright">
+ Copyright © 2004-2014
+ <a href="http://www.apache.org/">The Apache Software Foundation</a>.
+ All Rights Reserved.
+
+ </div>
+ <div class="clear">
+ <hr/>
+ </div>
+ </div>
+ </body>
+</html>
Modified: webservices/website/wss4j/using.html
URL: http://svn.apache.org/viewvc/webservices/website/wss4j/using.html?rev=1572986&r1=1572985&r2=1572986&view=diff
==============================================================================
--- webservices/website/wss4j/using.html (original)
+++ webservices/website/wss4j/using.html Fri Feb 28 16:20:58 2014
@@ -1,5 +1,5 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<!-- Generated by Apache Maven Doxia Site Renderer 1.4 at 2014-02-07 -->
+<!-- Generated by Apache Maven Doxia Site Renderer 1.4 at 2014-02-28 -->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
@@ -10,7 +10,7 @@
@import url("./css/site.css");
</style>
<link rel="stylesheet" href="./css/print.css" type="text/css" media="print" />
- <meta name="Date-Revision-yyyymmdd" content="20140207" />
+ <meta name="Date-Revision-yyyymmdd" content="20140228" />
<meta http-equiv="Content-Language" content="en" />
</head>
@@ -30,7 +30,7 @@
<div class="xleft">
- <span id="publishDate">Last Published: 2014-02-07</span>
+ <span id="publishDate">Last Published: 2014-02-28</span>
| <span id="projectVersion">Version: 2.0.0-SNAPSHOT</span>
</div>
<div class="xright">
@@ -53,22 +53,7 @@
<a href="download.html" title="Download">Download</a>
</li>
<li class="none">
- <strong>Using WSS4J</strong>
- </li>
- <li class="none">
- <a href="config.html" title="WSS4J Configuration">WSS4J Configuration</a>
- </li>
- <li class="none">
- <a href="migration.html" title="WSS4J 2.0.0 Migration Guide">WSS4J 2.0.0 Migration Guide</a>
- </li>
- <li class="none">
- <a href="topics.html" title="Special Topics">Special Topics</a>
- </li>
- <li class="none">
- <a href="best_practice.html" title="Security Best Practices">Security Best Practices</a>
- </li>
- <li class="none">
- <a href="wss4j16.html" title="WSS4J 1.6 Release Notes">WSS4J 1.6 Release Notes</a>
+ <a href="user_guide.html" title="User's Guide">User's Guide</a>
</li>
</ul>
<h5>Project Documentation</h5>
@@ -92,134 +77,347 @@
<h2>Using Apache WSS4J<a name="Using_Apache_WSS4J"></a></h2>
<p>
-This page describes how to use Apache WSS4J, either in a standalone manner, or in conjunction with
-other software packages. For information about how to configure WSS4J 1.6, see the
-<a href="config.html">configuration page</a>.
+This page describes how to use Apache WSS4J. For information about how to
+configure WSS4J, see the <a href="config.html">configuration page</a>. WSS4J
+can essentially be used in three different ways. For information about using
+WSS4J with a SOAP stack, see the sections on Apache CXF and Apache Rampart/Axis.
</p>
+<ul>
+
+<li>Action based approach: WSS4J offers an "Action" based approach to
+applying WS-Security to a SOAP request or response, in conjunction with a SOAP
+stack.</li>
+
+<li>WS-SecurityPolicy based approach: WSS4J can be configured for a SOAP
+request/response via WS-SecurityPolicy, in conjunction with a SOAP Stack.
+This is the recommended approach.</li>
+
+<li>Standalone approach: WSS4J offers a low-level (DOM) API to
+construct/sign/encrypt/etc. tokens directly.</li>
+</ul>
+
+
<div class="section">
-<h3>Standalone<a name="Standalone"></a></h3>
+<h3>Action based approach<a name="Action_based_approach"></a></h3>
<p>
-Apache WSS4J provides a set of APIs to implement WS-Security functionality on a SOAP message. It is
-possible to use these APIs directly in a standalone manner. The best way of finding out how to do
-this is to take a look at the test sources. For example:
+The WSHandler class in WSS4J is designed to configure WSS4J to secure an
+outbound SOAP request, by parsing configuration that is supplied to it via
+a subclass. Typically a web services stack that uses WSS4J for WS-Security
+will subclass WSHandler. An example of a subclass is the
+<a class="externalLink" href="http://cxf.apache.org/docs/ws-security.html">WSS4JOutInterceptor</a>
+in Apache CXF. The configuration tags are defined in the <a class="externalLink" href="http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/ConfigurationConstants.java?view=markup">ConfigurationConstants</a> class (WSHandlerConstants in WSS4J 1.6.x). For a more detailed explanation
+of the configuration tags, please refer to the
+<a href="config.html">configuration</a> page. The next few paragraphs will
+describe the most fundamental configuration tags that are used in most
+cases.
</p>
-<ul>
+</div>
+<div class="section">
+<h3>
+<p>Common configuration tags</p><a name="Common_configuration_tags"></a></h3>
-<li>
-<a href="xref-test/org/apache/ws/security/message/UsernameTokenTest.html">Username Token Test</a>
-</li>
+<p>
+The "Action" based approach to using Apache WSS4J involves explicitly telling
+WSS4J what WS-Security functionality to perform on a request, by configuring
+the stack specific WSHandler implementation with the required properties. On
+the receiving side, the "actions" that are configured are matched against what
+was processed in the security header, and an error is thrown if they do not
+match (in some order). Typical actions include "UsernameToken, "Signature",
+"Encrypt", "Timestamp, "SAMLTokenSigned", etc.
+</p>
-<li>
-<a href="xref-test/org/apache/ws/security/message/EncryptionTest.html">Encryption Test</a>
-</li>
+<p>
+After specifying the action to perform on a request, the next task is typically
+to specify the "user". The "user" can be either the username to insert into a
+UsernameToken, or the keystore alias to use for either signature or encryption.
+If you are configuring more than one of these actions, the "signatureUser" and
+"encryptionUser" configuration tags override the more general "user" tag. The
+next task is often to specify a CallbackHandler implementation to use to
+retrieve passwords. On the sending side, this is used to retrieve a password
+to insert into a UsernameToken and to decrypt a private key from a keystore
+for Signature. On the receiving side, it is used to retrieve a password to
+validate a received UsernameToken, and to decrypt a private key from a
+keystore to use for decryption.
+</p>
-<li>
-<a href="xref-test/org/apache/ws/security/message/SignatureTest.html">Signature Test</a>
-</li>
+<p>
+The next task is to specify a Crypto implementation if you are using Signature
+or Encryption. See the <a href="configuration.html">configuration</a> page for
+more information on the Crypto interface. Typically, it is configured in a
+Crypto properties file, which specifies the Crypto implementation to use, as
+well as the keystore location, default alias/password, etc. For signature, the
+path of this properties file can be referred to by the tag "signaturePropFile"
+and "encryptionPropFile" for outbound request, and
+"signatureVerificationPropFile" and "decryptionPropFile" for inbound requests".
+How signing keys/certificates are referenced from a Signature can be
+controlled via the "signatureKeyIdentifier" configuration tag. This defaults
+to "IssuerSerial", but could be "DirectReference", "Thumbprint", etc. The
+"encryptionKeyIdentifier" tag performs the same function for encryption.
+</p>
-<li>
-<a href="xref-test/org/apache/ws/security/message/TimestampTest.html">Timestamp Test</a>
-</li>
+<p>
+Finally, the Elements to sign or encrypt can be specified by the
+"signatureParts" and "encryptionParts" configuration tags. Both default to the
+SOAP Body. The value of signatureParts/encryptionParts is a list of semi-colon
+separated values that identify the elements to sign/encrypt. The value is of
+the format of an encryption mode specifier, and a namespace URI, each inside a
+pair of curly brackets, and then the local name of the Element. For example,
+"{Content}{http://example.org/paymentv2}CreditCard;". The encryption modifier
+can be either "Content" or "Element" and only applies to encryption.
+</p>
+
+<p>
+Here are some sample configuration values for various actions, as taken from
+some CXF system tests. The constructor of the
+WSS4JOutInterceptor/WSS4JInIntereptor interceptors in CXF takes a map of
+String/Object pairs which correspond to the key/value pairs given in the tables
+below. See the CXF configuration <a class="externalLink" href="https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob_plain;f=systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/client.xml;hb=HEAD">file</a> for more information.
+</p>
-<li>
-<a href="xref-test/org/apache/ws/security/saml/SamlTokenTest.html">SAML Token Test</a>
-</li>
-</ul>
</div>
+<div class="section">
+<h3>
+<p>Sample Outbound UsernameToken configuration</p><a name="Sample_Outbound_UsernameToken_configuration"></a></h3>
+
+
+<table border="0" class="bodyTable">
+
+<tr class="a">
+
+<th>Key</th>
+<th>Value</th>
+</tr>
+
+<tr class="b">
+
+<td>action</td>
+
+<td>UsernameToken</td>
+</tr>
+
+<tr class="a">
+
+<td>user</td>
+
+<td>Alice</td>
+</tr>
+
+<tr class="b">
+
+<td>passwordCallbackClass</td>
+
+<td><a class="externalLink" href="https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob_plain;f=systests/ws-security/src/test/java/org/apache/cxf/systest/ws/common/UTPasswordCallback.java;hb=HEAD">org.apache.cxf.systest.ws.common.UTPasswordCallback</a></td>
+</tr>
+</table>
+
+</div>
<div class="section">
-<h3>Apache CXF<a name="Apache_CXF"></a></h3>
+<h3>
+<p>Sample Outbound Signature/Timestamp configuration</p><a name="Sample_Outbound_SignatureTimestamp_configuration"></a></h3>
+
+
+<table border="0" class="bodyTable">
+
+<tr class="a">
+
+<th>Key</th>
+
+<th>Value</th>
+</tr>
+
+<tr class="b">
+
+<td>action</td>
+
+<td>Signature Timestamp</td>
+</tr>
+
+<tr class="a">
+
+<td>signatureUser</td>
+
+<td>alice</td>
+</tr>
+
+<tr class="b">
+
+<td>passwordCallbackClass</td>
+
+<td><a class="externalLink" href="https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob_plain;f=systests/ws-security/src/test/java/org/apache/cxf/systest/ws/common/KeystorePasswordCallback.java;hb=HEAD">org.apache.cxf.systest.ws.common.KeystorePasswordCallback</a></td>
+</tr>
+
+<tr class="a">
+
+<td>signaturePropFile</td>
+
+<td><a class="externalLink" href="https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob_plain;f=systests/ws-security/src/test/resources/alice.properties;hb=HEAD">alice.properties</a></td>
+</tr>
+
+<tr class="b">
+
+<td>signatureKeyIdentifier</td>
+
+<td>DirectReference</td>
+</tr>
+
+<tr class="a">
+
+<td>signatureParts</td>
+
+<td>{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{}{http://schemas.xmlsoap.org/soap/envelope/}Body;</td>
+</tr>
+</table>
+
+</div>
+
+
+<div class="section">
+<h3>WS-SecurityPolicy based approach<a name="WS-SecurityPolicy_based_approach"></a></h3>
+
+<p>
+The recommended way of applying WS-Security to your web services is to use
+WS-SecurityPolicy. The WS-SecurityPolicy specification defines a set of
+WS-Policy expressions that can be used to define the security requirements of
+a web service. Typically one or more policies are attached to the WSDL of a
+service, which conveys the security requirements of the service to the client.
+A WS-SecurityPolicy aware stack such as Apache CXF or Apache Axis/Rampart can
+parse the policies and configure WSS4J appropriately. This greatly simplifies
+things for the user, who then only has to supply some basic information about
+which users, CallbackHandlers, Crypto property files, etc. to use.
+</p>
+
+<p>
+For more information on using WS-SecurityPolicy with WSS4J, please see CXF's
+WS-SecurityPolicy page, or go to the SOAP stack sections below:
+<a class="externalLink" href="http://cxf.apache.org/docs/ws-securitypolicy.html">CXF
+WS-SecurityPolicy configuration</a>
+</p>
+
+</div>
+
+
+<div class="section">
+<h3>Standalone approach<a name="Standalone_approach"></a></h3>
<p>
-<a class="externalLink" href="http://cxf.apache.org">Apache CXF</a> is an open-source web services stack. CXF uses
-WSS4J to perform the core WS-Security functionality, and provides extended security functionality
-based around the WS-SecurityPolicy, WS-SecureConversation and WS-Trust specifications. More
-information:
+Apache WSS4J provides a set of APIs to implement WS-Security functionality on
+a SOAP message. It is possible to use these APIs directly in a standalone
+manner, although it is far more common to use either the "Action" or
+WS-SecurityPolicy based approaches. This functionality is only available for
+the DOM code. The best way of finding out how to do this is to take a look at
+the test sources. For example:
</p>
<ul>
<li>
-<a class="externalLink" href="http://cxf.apache.org/docs/ws-security.html">CXF WS-Security configuration</a>
+<a class="externalLink" href="http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java?view=markup">Username Token Test</a>
</li>
<li>
-<a class="externalLink" href="http://cxf.apache.org/docs/ws-secureconversation.html">CXF WS-SecureConversation
-configuration</a>
+<a class="externalLink" href="http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java?view=markup">Encryption Test</a>
</li>
<li>
-<a class="externalLink" href="http://cxf.apache.org/docs/ws-securitypolicy.html">CXF WS-SecurityPolicy configuration</a>
+<a class="externalLink" href="http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java?view=markup">Signature Test</a>
</li>
<li>
-<a class="externalLink" href="http://cxf.apache.org/docs/ws-trust.html">CXF WS-Trust configuration</a>
+<a class="externalLink" href="http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/TimestampTest.java?view=markup">Timestamp Test</a>
</li>
<li>
-<a class="externalLink" href="http://cxf.apache.org/resources-and-articles.html">CXF Security articles</a>
+<a class="externalLink" href="http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java?view=markup">SAML Token Test</a>
</li>
</ul>
</div>
+
+<div class="section">
+<h3>SOAP Stacks<a name="SOAP_Stacks"></a></h3>
+
+</div>
<div class="section">
-<h3>Apache Rampart<a name="Apache_Rampart"></a></h3>
+<h3>
+<p>Apache CXF</p><a name="Apache_CXF"></a></h3>
<p>
-<a class="externalLink" href="http://axis.apache.org/axis2/java/rampart/">Apache Rampart</a> is the security module
-for the Axis2 web services stack. Rampart uses WSS4J to perform the core WS-Security functionality,
-and provides extended security functionality based around the WS-SecurityPolicy,
+<a class="externalLink" href="http://cxf.apache.org">Apache CXF</a> is an open-source web services
+stack. CXF uses WSS4J to perform the core WS-Security functionality, and
+provides extended security functionality based around the WS-SecurityPolicy,
WS-SecureConversation and WS-Trust specifications. More information:
</p>
<ul>
<li>
-<a class="externalLink" href="http://axis.apache.org/axis2/java/rampart/developer-guide.html">Rampart developer guide</a>
+<a class="externalLink" href="http://cxf.apache.org/docs/ws-security.html">CXF WS-Security
+configuration</a>
</li>
<li>
-<a class="externalLink" href="http://axis.apache.org/axis2/java/rampart/samples.html">Rampart samples</a>
+<a class="externalLink" href="http://cxf.apache.org/docs/ws-secureconversation.html">CXF
+WS-SecureConversation configuration</a>
</li>
<li>
-<a class="externalLink" href="http://axis.apache.org/axis2/java/rampart/rampartconfig-guide.html">Rampart configuration
-guide</a>
+<a class="externalLink" href="http://cxf.apache.org/docs/ws-securitypolicy.html">CXF
+WS-SecurityPolicy configuration</a>
</li>
<li>
-<a class="externalLink" href="http://axis.apache.org/axis2/java/rampart/articles.html">Rampart articles</a>
+<a class="externalLink" href="http://cxf.apache.org/docs/ws-trust.html">CXF WS-Trust
+configuration</a>
+</li>
+
+<li>
+<a class="externalLink" href="http://cxf.apache.org/resources-and-articles.html">CXF Security
+articles</a>
</li>
</ul>
-</div>
+</div>
<div class="section">
-<h3>Apache Axis 1<a name="Apache_Axis_1"></a></h3>
+<h3>
+<p>Apache Rampart/Axis</p><a name="Apache_RampartAxis"></a></h3>
<p>
-The 1.5.x branch of WSS4J contains special support for
-<a class="externalLink" href="http://ws.apache.org/axis/">Apache Axis 1</a>, the open-source web services stack which has been
-replaced by Axis2. For some information about how to use WSS4J 1.5.x with Axis 1 see:
+<a class="externalLink" href="http://axis.apache.org/axis2/java/rampart/">Apache Rampart</a> is the
+security module for the Axis2 web services stack. Rampart uses WSS4J to
+perform the core WS-Security functionality, and provides extended security
+functionality based around the WS-SecurityPolicy, WS-SecureConversation and
+WS-Trust specifications. Note that support for Apache Axis1 via the WSS4J
+1.5.x series of releases is no longer supported. More information:
</p>
<ul>
<li>
-<a href="axis.html">Axis deployment tutorial 1</a>
+<a class="externalLink" href="http://axis.apache.org/axis2/java/rampart/developer-guide.html">
+Rampart developer guide</a>
</li>
<li>
-<a href="package.html">Axis deployment tutorial 2</a>
+<a class="externalLink" href="http://axis.apache.org/axis2/java/rampart/samples.html">Rampart
+samples</a>
</li>
-</ul>
-<p>
-Please note that these deployment tutorials do not apply to WSS4J 1.6+, only WSS4J 1.5.x.
-</p>
+<li>
+<a class="externalLink" href="http://axis.apache.org/axis2/java/rampart/rampartconfig-guide.html">
+Rampart configuration guide</a>
+</li>
+
+<li>
+<a class="externalLink" href="http://axis.apache.org/axis2/java/rampart/articles.html">Rampart
+articles</a>
+</li>
+</ul>
</div>
+
</div>
Modified: webservices/website/wss4j/wss4j16.html
URL: http://svn.apache.org/viewvc/webservices/website/wss4j/wss4j16.html?rev=1572986&r1=1572985&r2=1572986&view=diff
==============================================================================
--- webservices/website/wss4j/wss4j16.html (original)
+++ webservices/website/wss4j/wss4j16.html Fri Feb 28 16:20:58 2014
@@ -1,5 +1,5 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<!-- Generated by Apache Maven Doxia Site Renderer 1.4 at 2014-02-07 -->
+<!-- Generated by Apache Maven Doxia Site Renderer 1.4 at 2014-02-28 -->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
@@ -10,7 +10,7 @@
@import url("./css/site.css");
</style>
<link rel="stylesheet" href="./css/print.css" type="text/css" media="print" />
- <meta name="Date-Revision-yyyymmdd" content="20140207" />
+ <meta name="Date-Revision-yyyymmdd" content="20140228" />
<meta http-equiv="Content-Language" content="en" />
</head>
@@ -30,7 +30,7 @@
<div class="xleft">
- <span id="publishDate">Last Published: 2014-02-07</span>
+ <span id="publishDate">Last Published: 2014-02-28</span>
| <span id="projectVersion">Version: 2.0.0-SNAPSHOT</span>
</div>
<div class="xright">
@@ -53,23 +53,8 @@
<a href="download.html" title="Download">Download</a>
</li>
<li class="none">
- <a href="using.html" title="Using WSS4J">Using WSS4J</a>
+ <a href="user_guide.html" title="User's Guide">User's Guide</a>
</li>
- <li class="none">
- <a href="config.html" title="WSS4J Configuration">WSS4J Configuration</a>
- </li>
- <li class="none">
- <a href="migration.html" title="WSS4J 2.0.0 Migration Guide">WSS4J 2.0.0 Migration Guide</a>
- </li>
- <li class="none">
- <a href="topics.html" title="Special Topics">Special Topics</a>
- </li>
- <li class="none">
- <a href="best_practice.html" title="Security Best Practices">Security Best Practices</a>
- </li>
- <li class="none">
- <strong>WSS4J 1.6 Release Notes</strong>
- </li>
</ul>
<h5>Project Documentation</h5>
<ul>
@@ -89,19 +74,21 @@
<div class="section">
-<h2>Apache WSS4J 1.6<a name="Apache_WSS4J_1.6"></a></h2>
+<h2>Apache WSS4J 1.6.0 Migration Guide<a name="Apache_WSS4J_1.6.0_Migration_Guide"></a></h2>
<p>
-This page describes the new features of WSS4J 1.6, and the things to be aware of when upgrading
-from WSS4J 1.5.x.
+This page describes the new features of WSS4J 1.6.0, and the things to be
+aware of when upgrading from WSS4J 1.5.x. Note that WSS4J 1.6.x has now been
+replaced by WSS4J 2.0.x, please see the WSS4J 2.0.0 <a href="migration.html">migration guide</a> for more information.
</p>
<div class="section">
<h3>New features<a name="New_features"></a></h3>
<p>
-This section describes the main new features that have been implemented in WSS4J 1.6. For more
-information on the changes, please click on the links. You can also review the
+This section describes the main new features that have been implemented in
+WSS4J 1.6. For more information on the changes, please click on the links. You
+can also review the
<a class="externalLink" href="https://issues.apache.org/jira/browse/WSS/fixforversion/12313718">list of JIRAs</a>
that have been fixed in WSS4J 1.6.
</p>