You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2012/05/05 17:48:40 UTC

svn commit: r815898 - in /websites/production/cxf/content: cache/docs.pageCache docs/security.html docs/ws-trust.html

Author: buildbot
Date: Sat May  5 15:48:39 2012
New Revision: 815898

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/docs.pageCache
    websites/production/cxf/content/docs/security.html
    websites/production/cxf/content/docs/ws-trust.html

Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/docs/security.html
==============================================================================
--- websites/production/cxf/content/docs/security.html (original)
+++ websites/production/cxf/content/docs/security.html Sat May  5 15:48:39 2012
@@ -124,7 +124,7 @@ Apache CXF -- Security
 <div id="ConfluenceContent"><p><span style="font-size:2em;font-weight:bold"> Securing CXF Services </span></p>
 
 <div>
-<ul><li><a shape="rect" href="#Security-Securetransports">Secure transports</a></li><ul><li><a shape="rect" href="#Security-HTTPS">HTTPS</a></li></ul><li><a shape="rect" href="#Security-WSSecurity">WS-* Security</a></li><li><a shape="rect" href="#Security-WSTrust%2CSTS%2CSSO">WS-Trust, STS, SSO</a></li><li><a shape="rect" href="#Security-WSSecurityUsernameTokenandCustomAuthentication">WS-Security UsernameToken and Custom Authentication</a></li><li><a shape="rect" href="#Security-OAuth">OAuth</a></li><li><a shape="rect" href="#Security-Authentication">Authentication</a></li><li><a shape="rect" href="#Security-Authorization">Authorization</a></li><li><a shape="rect" href="#Security-ControllingLargeRequestPayloads">Controlling Large Request Payloads</a></li><ul><li><a shape="rect" href="#Security-XML">XML</a></li><li><a shape="rect" href="#Security-Multiparts">Multiparts</a></li></ul></ul></div>
+<ul><li><a shape="rect" href="#Security-Securetransports">Secure transports</a></li><ul><li><a shape="rect" href="#Security-HTTPS">HTTPS</a></li></ul><li><a shape="rect" href="#Security-WSSecurity%28includingUsernameTokenandX.509Tokenprofiles%29">WS-* Security (including UsernameToken and X.509 Token profiles)</a></li><li><a shape="rect" href="#Security-WSTrust%2CSTS%2CSSO">WS-Trust, STS, SSO</a></li><li><a shape="rect" href="#Security-OAuth">OAuth</a></li><li><a shape="rect" href="#Security-Authentication">Authentication</a></li><li><a shape="rect" href="#Security-Authorization">Authorization</a></li><li><a shape="rect" href="#Security-ControllingLargeRequestPayloads">Controlling Large Request Payloads</a></li><ul><li><a shape="rect" href="#Security-XML">XML</a></li><li><a shape="rect" href="#Security-Multiparts">Multiparts</a></li></ul></ul></div>
 
 <h1><a shape="rect" name="Security-Securetransports"></a>Secure transports</h1>
 
@@ -132,21 +132,13 @@ Apache CXF -- Security
 
 <p>Please see the <a shape="rect" href="http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html">Configuring SSL Support</a> page for more information.</p>
 
-<h1><a shape="rect" name="Security-WSSecurity"></a>WS-* Security</h1>
+<h1><a shape="rect" name="Security-WSSecurity%28includingUsernameTokenandX.509Tokenprofiles%29"></a>WS-* Security  (including UsernameToken and X.509 Token profiles)</h1>
 
 <p>Please see the <a shape="rect" href="http://cxf.apache.org/docs/ws-support.html">WS-* Support</a> page for more information.</p>
 
 <h1><a shape="rect" name="Security-WSTrust%2CSTS%2CSSO"></a>WS-Trust, STS, SSO</h1>
 
-<p>Please follow these blogs for the up-to-date information about the support for these technologies in CXF:<br clear="none">
-<a shape="rect" class="external-link" href="http://coheigea.blogspot.com/" rel="nofollow">http://coheigea.blogspot.com/</a><br clear="none">
-<a shape="rect" class="external-link" href="http://owulff.blogspot.com/" rel="nofollow">http://owulff.blogspot.com/</a></p>
-
-<h1><a shape="rect" name="Security-WSSecurityUsernameTokenandCustomAuthentication"></a>WS-Security UsernameToken and Custom Authentication</h1>
-
-<p>If needed, one may want to configure a jaxws:endpoint with a "ws-security.ut.no-callbacks" property set to true and register a custom org.apache.cxf.interceptor.security.AbstractUsernameTokenInInterceptor implementation for using a WSS4J UsernameToken wrapped in a CXF specific UsernameToken for the custom authentication and Subject creation. JAASLoginInterceptor will also recognize a CXF UsernameToken and thus can be used instead of the custom org.apache.cxf.interceptor.security.AbstractUsernameTokenInterceptor.</p>
-
-<p>Note that the "ws-security.ut.no-callbacks" property has been renamed to "ws-security.validate.token" in CXF 2.4.0. The name of the property is 'positive' thus one will need to set this property to false in order to postpone the validation of the token.</p>
+<p>Please see the <a shape="rect" class="external-link" href="https://cwiki.apache.org/CXF20DOC/ws-trust.html">WS-Trust</a> page for more information.</p>
 
 <h1><a shape="rect" name="Security-OAuth"></a>OAuth</h1>
 

Modified: websites/production/cxf/content/docs/ws-trust.html
==============================================================================
--- websites/production/cxf/content/docs/ws-trust.html (original)
+++ websites/production/cxf/content/docs/ws-trust.html Sat May  5 15:48:39 2012
@@ -293,7 +293,13 @@ If an STSClient is not found from the ab
 
 <h2><a shape="rect" name="WS-Trust-WSTrustusingSPNego"></a>WS-Trust using SPNego</h2>
 
-<p>As of CXF 2.4.7 and 2.5.3, CXF contains (client) support for WS-Trust using SPNego. See the following <a shape="rect" class="external-link" href="http://coheigea.blogspot.com/2012/02/ws-trust-spnego-support-in-apache-cxf.html" rel="nofollow">blog</a> for an explanation of what this entails, and how to run some system tests in CXF for this feature. </p></div>
+<p>As of CXF 2.4.7 and 2.5.3, CXF contains (client) support for WS-Trust using SPNego. See the following <a shape="rect" class="external-link" href="http://coheigea.blogspot.com/2012/02/ws-trust-spnego-support-in-apache-cxf.html" rel="nofollow">blog</a> for an explanation of what this entails, and how to run some system tests in CXF for this feature. </p>
+
+<h2><a shape="rect" name="WS-Trust-BlogsonWSTrustinCXF"></a>Blogs on WS-Trust in CXF</h2>
+
+<p>Some blogs for up-to-date information about WS-Trust and other security topics in CXF:<br clear="none">
+<a shape="rect" class="external-link" href="http://coheigea.blogspot.com/" rel="nofollow">http://coheigea.blogspot.com/</a><br clear="none">
+<a shape="rect" class="external-link" href="http://owulff.blogspot.com/" rel="nofollow">http://owulff.blogspot.com/</a></p></div>
            </div>
            <!-- Content -->
          </td>