You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2016/08/16 08:03:55 UTC
[31/51] [partial] camel git commit: CAMEL-9541: Use -component as
suffix for component docs.
http://git-wip-us.apache.org/repos/asf/camel/blob/9c0b7baf/components/camel-crypto/src/main/docs/crypto.adoc
----------------------------------------------------------------------
diff --git a/components/camel-crypto/src/main/docs/crypto.adoc b/components/camel-crypto/src/main/docs/crypto.adoc
deleted file mode 100644
index b1c60f9..0000000
--- a/components/camel-crypto/src/main/docs/crypto.adoc
+++ /dev/null
@@ -1,609 +0,0 @@
-[[Crypto-Crypto]]
-Crypto
-~~~~~~
-
-*Available as of Camel 2.3*
-*PGP Available as of Camel 2.9*
-
-The Crypto link:data-format.html[Data Format] integrates the Java
-Cryptographic Extension into Camel, allowing simple and flexible
-encryption and decryption of messages using Camel's familiar marshall
-and unmarshal formatting mechanism. It assumes marshalling to mean
-encryption to cyphertext and unmarshalling to mean decryption back to
-the original plaintext. This data format implements only symmetric
-(shared-key) encryption and decyption.
-
-[[Crypto-Options]]
-Options
-^^^^^^^
-[width="70%",cols="10%,10%,10%,70%",options="header",]
-|=======================================================================
-|Name |Type |Default |Description
-
-|`algorithm` |`String` |`DES/CBC/PKCS5Padding` |The JCE algorithm name indicating the cryptographic algorithm that will
-be used.
-
-|`algorithmParameterSpec` |`java.security.spec.AlgorithmParameterSpec` |`null` |A JCE AlgorithmParameterSpec used to initialize the Cipher.
-
-|`bufferSize` |`Integer` |`4096` |the size of the buffer used in the signature process.
-
-|`cryptoProvider` |`String` |`null` |The name of the JCE Security Provider that should be used.
-
-|`initializationVector` |`byte[]` |`null` |A byte array containing the Initialization Vector that will be used to
-initialize the Cipher.
-
-|`inline` |`boolean` |`false` |Flag indicating that the configured IV should be inlined into the
-encrypted data stream.
-
-|`macAlgorithm` |`String` |`null` |The JCE algorithm name indicating the Message Authentication algorithm.
-
-|`shouldAppendHMAC` |`boolean` |`null`
-|=======================================================================
-
-Flag indicating that a Message Authentication Code should be calculated
-and appended to the encrypted data.
-
-[[Crypto-BasicUsage]]
-Basic Usage
-^^^^^^^^^^^
-
-At its most basic all that is required to encrypt/decrypt an exchange is
-a shared secret key. If one or more instances of the Crypto data format
-are configured with this key the format can be used to encrypt the
-payload in one route (or part of one) and decrypted in another. For
-example, using the Java DSL as follows:
-
-In Spring the dataformat is configured first and then used in routes
-
-[source,xml]
------------------------------------------------------------------------
-<camelContext id="camel" xmlns="http://camel.apache.org/schema/spring">
- <dataFormats>
- <crypto id="basic" algorithm="DES" keyRef="desKey" />
- </dataFormats>
- ...
- <route>
- <from uri="direct:basic-encryption" />
- <marshal ref="basic" />
- <to uri="mock:encrypted" />
- <unmarshal ref="basic" />
- <to uri="mock:unencrypted" />
- </route>
-</camelContext>
------------------------------------------------------------------------
-
-[[Crypto-SpecifyingtheEncryptionAlgorithm]]
-Specifying the Encryption Algorithm
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Changing the algorithm is a matter of supplying the JCE algorithm name.
-If you change the algorithm you will need to use a compatible key.
-
-A list of the available algorithms in Java 7 is available via the
-http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html[Java
-Cryptography Architecture Standard Algorithm Name Documentation].
-
-[[Crypto-SpecifyinganInitializationVector]]
-Specifying an Initialization Vector
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Some crypto algorithms, particularly block algorithms, require
-configuration with an initial block of data known as an Initialization
-Vector. In the JCE this is passed as an AlgorithmParameterSpec when the
-Cipher is initialized. To use such a vector with the CryptoDataFormat
-you can configure it with a byte[] containing the required data e.g.
-
-or with spring, suppling a reference to a byte[]
-
-The same vector is required in both the encryption and decryption
-phases. As it is not necessary to keep the IV a secret, the DataFormat
-allows for it to be inlined into the encrypted data and subsequently
-read out in the decryption phase to initialize the Cipher. To inline the
-IV set the /oinline flag.
-
-or with spring.
-
-For more information of the use of Initialization Vectors, consult
-
-*
-http://en.wikipedia.org/wiki/Initialization_vector[http://en.wikipedia.org/wiki/Initialization_vector]
-*
-http://www.herongyang.com/Cryptography/[http://www.herongyang.com/Cryptography/]
-*
-http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation[http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation]
-
-[[Crypto-HashedMessageAuthenticationCodes(HMAC)]]
-Hashed Message Authentication Codes (HMAC)
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-To avoid attacks against the encrypted data while it is in transit the
-CryptoDataFormat can also calculate a Message Authentication Code for
-the encrypted exchange contents based on a configurable MAC algorithm.
-The calculated HMAC is appended to the stream after encryption. It is
-separated from the stream in the decryption phase. The MAC is
-recalculated and verified against the transmitted version to insure
-nothing was tampered with in transit.For more information on Message
-Authentication Codes see
-http://en.wikipedia.org/wiki/HMAC[http://en.wikipedia.org/wiki/HMAC]
-
-or with spring.
-
-By default the HMAC is calculated using the HmacSHA1 mac algorithm
-though this can be easily changed by supplying a different algorithm
-name. See
-https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=CAMEL&title=here&linkCreation=true&fromPageId=17268915[here]
-for how to check what algorithms are available through the configured
-security providers
-
-or with spring.
-
-[[Crypto-SupplyingKeysDynamically]]
-Supplying Keys Dynamically
-^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-When using a Recipient list or similar EIP the recipient of an exchange
-can vary dynamically. Using the same key across all recipients may
-neither be feasible or desirable. It would be useful to be able to
-specify keys dynamically on a per exchange basis. The exchange could
-then be dynamically enriched with the key of its target recipient before
-being processed by the data format. To facilitate this the DataFormat
-allow for keys to be supplied dynamically via the message headers below
-
-* `CryptoDataFormat.KEY` `"CamelCryptoKey"`
-
-or with spring.
-
-[[Crypto-PGPMessage]]
-PGP Message
-^^^^^^^^^^^
-
-The PGP Data Formater can create and decrypt/verify PGP Messages of the
-following PGP packet structure (entries in brackets are optional and
-ellipses indicate repetition, comma represents �sequential composition,
-and vertical bar separates alternatives):
-
-� � Public Key Encrypted Session Key ..., Symmetrically Encrypted Data |
-Sym. Encrypted and Integrity Protected Data, (Compressed Data,) (One
-Pass Signature ...,)�Literal Data, (Signature ...,)
-
-*Since Camel 2.16*.*0* the Compressed Data packet is optional, before it
-was mandatory.
-
-�
-
-[[Crypto-PGPDataFormatOptions]]
-PGPDataFormat Options
-^^^^^^^^^^^^^^^^^^^^^
-[width="70%",cols="10%,10%,10%,70%",options="header",]
-|=======================================================================
-|Name |Type |Default |Description
-
-|`keyUserid` |`String` |`null` |The user ID of the key in the PGP keyring used during encryption. See
-also option `keyUserids`. Can also be only a part of a user ID. For
-example, if the user ID is "Test User <te...@camel.com>" then you can use
-the part "Test User" or "<te...@camel.com>" to address the user ID.
-
-|`keyUserids` |`List<String>` |`null` |*Since camel 2.12.2*: PGP allows to encrypt the symmetric key by several
-asymmetric public receiver keys. You can specify here the User IDs or
-parts of User IDs of several public keys contained in the PGP keyring.
-If you just have one User ID, then you can also use the option
-`keyUserid`. The User ID specified in `keyUserid` and the User IDs in
-`keyUserids` will be merged together and the corresponding public keys
-will be used for the encryption.
-
-|`password` |`String` |`null` |Password used when opening the private key (not used for encryption).
-
-|`keyFileName` |`String` |`null` |Filename of the keyring; must be accessible as a classpath resource (but
-you can specify a location in the file system by using the "file:"
-prefix).
-
-|`encryptionKeyRing` |`byte[]` |`null` |*Since camel 2.12.1*: encryption keyring; you can not set the
-keyFileName and encryptionKeyRing at the same time.
-
-|`signatureKeyUserid` |`String` |`null` |*Since Camel 2.11.0*; optional User ID of the key in the PGP keyring
-used for signing (during encryption) or signature verification (during
-decryption). During the signature verification process the specified
-User ID restricts the public keys from the public keyring which can be
-used for the verification. If no User ID is specified for the signature
-verficiation then any public key in the public keyring can be used for
-the verification. Can also be only a part of a user ID. For example, if
-the user ID is "Test User <te...@camel.com>" then you can use the part
-"Test User" or "<te...@camel.com>" to address the User ID.
-
-|`signatureKeyUserids` |`List<String>` |`null` |*Since Camel 2.12.3*: optional list of User IDs of the key in the PGP
-keyring used for signing (during encryption) or signature verification
-(during decryption). You can specify here the User IDs or parts of User
-IDs of several keys contained in the PGP keyring. If you just have one
-User ID, then you can also use the option `keyUserid`. The User ID
-specified in `keyUserid` and the User IDs in `keyUserids` will be merged
-together and the corresponding keys will be used for the signing or
-signature verification. If the specified User IDs reference several keys
-then for each key a signature is added to the PGP result during the
-encryption-signing process. In the decryption-verifying process the list
-of User IDs restricts the list of public keys which can be used for
-signature verification. If the list of User IDs is empty then any public
-key in the public keyring can be used for the signature verification.
-
-|`signaturePassword` |`String` |`null` |*Since Camel 2.11.0*: optional password used when opening the private
-key used for signing (during encryption).
-
-|`signatureKeyFileName` |`String` |`null` |*Since Camel 2.11.0*: optional filename of the keyring to use for
-signing (during encryption) or for signature verification (during
-decryption); must be accessible as a classpath resource (but you can
-specify a location in the file system by using the "file:" prefix).
-
-|`signatureKeyRing` |`byte[]` |`null` |*Since camel 2.12.1*: signature keyring; you can not set the
-signatureKeyFileName and signatureKeyRing at the same time.
-
-|`algorithm` |`int` |`SymmetricKeyAlgorithmTags.CAST5` |*Since camel 2.12.2*: symmetric key encryption algorithm; possible
-values are defined in `org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags`;
-for example 2 (= TRIPLE DES), 3 (= CAST5), 4 (= BLOWFISH), 6 (= DES), 7
-(= AES_128). Only relevant for encrypting.
-
-|`compressionAlgorithm` |`int` |`CompressionAlgorithmTags.ZIP` |*Since camel 2.12.2*: compression algorithm; possible values are defined
-in `org.bouncycastle.bcpg.CompressionAlgorithmTags`; for example 0 (=
-UNCOMPRESSED), 1 (= ZIP), 2 (= ZLIB), 3 (= BZIP2). Only relevant for
-encrypting.
-
-|`hashAlgorithm` |`int` |`HashAlgorithmTags.SHA1` |*Since camel 2.12.2*: signature hash algorithm; possible values are
-defined in `org.bouncycastle.bcpg.HashAlgorithmTags`; for example 2 (=
-SHA1), 8 (= SHA256), 9 (= SHA384), 10 (= SHA512), 11 (=SHA224). Only
-relevant for signing.
-
-|`armored` |`boolean` |`false` |This option will cause PGP to base64 encode the encrypted text, making
-it available for copy/paste, etc.
-
-|`integrity` |`boolean` |`true` |Adds an integrity check/sign into the encryption file.
-
-|`passphraseAccessor` |`PGPPassphraseAccessor` |`null` |*Since Camel 2.12.2*: provides passphrases corresponding to user Ids. If
-no passpharase can be found from the option `password` or
-`signaturePassword` and from the headers `CamelPGPDataFormatKeyPassword`
-or `CamelPGPDataFormatSignatureKeyPassword` then the passphrase is
-fetched from the passphrase accessor. You provide a bean which
-implements the interface
-https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPassphraseAccessor.java[PGPPassphraseAccessor].
-A default implementation is given by
-https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPPassphraseAccessor.java[DefaultPGPPassphraseAccessor].
-The passphrase accessor is especially useful in the decrypt case; see
-chapter 'PGP Decrypting/Verifying of Messages Encrypted/Signed by
-Different Private/Public Keys' below.
-
-|`signatureVerificationOption` |`String` |`"optional"` |*Since Camel 2.13.0*: controls the behavior for verifying the signature
-during unmarshaling. There are three values possible:
-
-* `"optional"`: The PGP message may or may not contain signatures; if it
-does contain signatures, then a signature verification is executed. Use
-the constant
-PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_OPTIONAL.
-* `"required"`: The PGP message must contain at least one signature; if
-this is not the case an exception (PGPException) is thrown. A signature
-verification is executed. Use the constant
-PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_REQUIRED.
-* `"ignore"`: Contained signatures in the PGP message are ignored; no
-signature verification is executed. Use the constant
-PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_IGNORE.
-* `"no_signature_allowed"`: The PGP message must not contain a
-signature; otherwise an exception (PGPException) is thrown. Use the
-constant
-PGPKeyAccessDataFormat.SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED.
-
-|`FileName` |`String` |`"_CONSOLE"` |*Since camel 2.15.0*: Sets the file name for the literal data packet.
-Can be overwritten by the� header \{@link Exchange#FILE_NAME}.
-
-"`_CONSOLE`" indicates that the message is considered to be "for your
-eyes only". This advises that the message data is unusually sensitive,
-and the receiving program should process it more carefully, perhaps
-avoiding storing the received data to disk, for example.Only used for
-marshaling.
-
-|`withCompressedDataPacket` |boolean |`true` |*Since Camel 2.16.0*: Indicator whether the PGP Message shall be created
-with or without a Compressed Data packet. If the value is set to false,
-then no Compressed Data packet is added and the compressionAlgorithm
-value is ignored. Only used for marshaling.
-|=======================================================================
-
-[[Crypto-PGPDataFormatMessageHeaders]]
-PGPDataFormat Message Headers
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-You can override the PGPDataFormat options by applying below headers
-into message dynamically.
-
-[width="70%",cols="10%,10%,80%",options="header",]
-|=======================================================================
-|Name |Type |Description
-
-|`CamelPGPDataFormatKeyFileName` |`String` |*Since Camel 2.11.0*; filename of the keyring; will override existing
-setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatEncryptionKeyRing` |`byte[]` |*Since Camel 2.12.1*; the encryption keyring; will override existing
-setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatKeyUserid` |`String` |*Since Camel 2.11.0*; the User ID of the key in the PGP keyring; will
-override existing setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatKeyUserids` |`List<String>` |*Since camel 2.12.2*: the User IDs of the key in the PGP keyring; will
-override existing setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatKeyPassword` |`String` |*Since Camel 2.11.0*; password used when opening the private key; will
-override existing setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatSignatureKeyFileName` |`String` |*Since Camel 2.11.0*; filename of the signature keyring; will override
-existing setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatSignatureKeyRing` |`byte[]` |*Since Camel 2.12.1*; the signature keyring; will override existing
-setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatSignatureKeyUserid` |`String` |*Since Camel 2.11.0*; the User ID of the signature key in the PGP
-keyring; will override existing setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatSignatureKeyUserids` |`List<String>` |*Since Camel 2.12.3*; the User IDs of the signature keys in the PGP
-keyring; will override existing setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatSignatureKeyPassword` |`String` |*Since Camel 2.11.0*; password used when opening the signature private
-key; will override existing setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatEncryptionAlgorithm` |`int` |*Since Camel 2.12.2*; symmetric key encryption algorithm; will override
-existing setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatSignatureHashAlgorithm` |`int` |*Since Camel 2.12.2*; signature hash algorithm; will override existing
-setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatCompressionAlgorithm` |`int` |*Since Camel 2.12.2*; compression algorithm; will override existing
-setting directly on the PGPDataFormat.
-
-|`CamelPGPDataFormatNumberOfEncryptionKeys` |`Integer` |*Since*�*Camel 2.12.3;�*number of public keys used for encrypting the
-symmectric key, set by PGPDataFormat during encryptiion process
-
-|`CamelPGPDataFormatNumberOfSigningKeys` |`Integer` |*Since*�*Camel 2.12.3;�*number of private keys used for creating
-signatures, set by PGPDataFormat during signing process
-|=======================================================================
-
-[[Crypto-EncryptingwithPGPDataFormat]]
-Encrypting with PGPDataFormat
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-The following sample uses the popular PGP format for
-encrypting/decrypting files using the
-http://www.bouncycastle.org/java.html[Bouncy Castle Java libraries]:
-
-The following sample performs signing + encryption, and then signature
-verification + decryption. It uses the same keyring for both signing and
-encryption, but you can obviously use different keys:
-
-Or using Spring:
-
-[[Crypto-Toworkwiththepreviousexampleyouneedthefollowing]]
-To work with the previous example you need the following
-++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-
-* A public keyring file which contains the public keys used to encrypt
-the data
-* A private keyring file which contains the keys used to decrypt the
-data
-* The keyring password
-
-[[Crypto-Managingyourkeyring]]
-Managing your keyring
-+++++++++++++++++++++
-
-To manage the keyring, I use the command line tools, I find this to be
-the simplest approach in managing the keys. There are also Java
-libraries available from
-http://www.bouncycastle.org/java.html[http://www.bouncycastle.org/java.html]
-if you would prefer to do it that way.
-
-1. Install the command line utilities on linux
-
-[source,java]
----------------------
-apt-get install gnupg
----------------------
-2. Create your keyring, entering a secure password
-
-[source,java]
--------------
-gpg --gen-key
--------------
-3. If you need to import someone elses public key so that you can
-encrypt a file for them.
-
-[source,java]
---------------------------
-gpg --import <filename.key
---------------------------
-4. The following files should now exist and can be used to run the
-example
-
-[source,java]
------------------------------------------------
-ls -l ~/.gnupg/pubring.gpg ~/.gnupg/secring.gpg
------------------------------------------------
-
-[[Crypto-PGPDecrypting/VerifyingofMessagesEncrypted/SignedbyDifferentPrivate/PublicKeys]]
-PGP Decrypting/Verifying of Messages Encrypted/Signed by Different
-Private/Public Keys
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Since *Camel 2.12.2*.
-
-A PGP Data Formater can decrypt/verify messages which have been
-encrypted by different public keys or signed by different private keys.
-Just, provide the corresponding private keys in the secret keyring, the
-corresponding public keys in the public keyring, and the passphrases in
-the passphrase accessor.
-
-[source,java]
-------------------------------------------------------------------------------------------------------------------------------------------
-Map<String, String> userId2Passphrase = new HashMap<String, String>(2);
-// add passphrases of several private keys whose corresponding public keys have been used to encrypt the messages
-userId2Passphrase.put("UserIdOfKey1","passphrase1"); // you must specify the exact User ID!
-userId2Passphrase.put("UserIdOfKey2","passphrase2");
-PGPPassphraseAccessor passphraseAccessor = new PGPPassphraseAccessorDefault(userId2Passphrase);
-
-PGPDataFormat pgpVerifyAndDecrypt = new PGPDataFormat();
-pgpVerifyAndDecrypt.setPassphraseAccessor(passphraseAccessor);
-// the method getSecKeyRing() provides the secret keyring as byte array containing the private keys
-pgpVerifyAndDecrypt.setEncryptionKeyRing(getSecKeyRing()); // alternatively you can use setKeyFileName(keyfileName)
-// the method getPublicKeyRing() provides the public keyring as byte array containing the public keys
-pgpVerifyAndDecrypt.setSignatureKeyRing((getPublicKeyRing()); // alternatively you can use setSignatureKeyFileName(signatgureKeyfileName)
-// it is not necessary to specify the encryption or signer User Id
-
-from("direct:start")
- ...
- .unmarshal(pgpVerifyAndDecrypt) // can decrypt/verify messages encrypted/signed by different private/public keys
- ...
-------------------------------------------------------------------------------------------------------------------------------------------
-
-* The functionality is especially useful to support the key exchange. If
-you want to exchange the private key for decrypting you can accept for a
-period of time messages which are either encrypted with the old or new
-corresponding public key. Or if the sender wants to exchange his signer
-private key, you can accept for a period of time, the old or new signer
-key.
-* Technical background: The PGP encrypted data contains a Key ID of the
-public key which was used to encrypt the data. This Key ID can be used
-to locate the private key in the secret keyring to decrypt the data. The
-same mechanism is also used to locate the public key for verifying a
-signature. Therefore you no longer must specify User IDs for the
-unmarshaling.
-
-[[Crypto-RestrictingtheSignerIdentitiesduringPGPSignatureVerification]]
-Restricting the Signer Identities during PGP Signature Verification
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Since�*Camel 2.12.3.*
-
-If you verify a signature you not only want to verify the correctness of
-the signature but you also want check that the signature comes from a
-certain identity or a specific set of identities. Therefore it is
-possible to restrict the number of public keys from the public keyring
-which can be used for the verification of a signature. �
-
-*Signature User IDs*
-
-[source,java]
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
-// specify the User IDs of the expected signer identities
- List<String> expectedSigUserIds = new ArrayList<String>();
- expectedSigUserIds.add("Trusted company1");
- expectedSigUserIds.add("Trusted company2");
-�
- PGPDataFormat pgpVerifyWithSpecificKeysAndDecrypt = new PGPDataFormat();
- pgpVerifyWithSpecificKeysAndDecrypt.setPassword("my password"); // for decrypting with private key
- pgpVerifyWithSpecificKeysAndDecrypt.setKeyFileName(keyfileName);
- pgpVerifyWithSpecificKeysAndDecrypt.setSignatureKeyFileName(signatgureKeyfileName);
- pgpVerifyWithSpecificKeysAndDecrypt.setSignatureKeyUserids(expectedSigUserIds); // if you have only one signer identity then you can also use setSignatureKeyUserid("expected Signer")
-�
-from("direct:start")
- ...
- .unmarshal(pgpVerifyWithSpecificKeysAndDecrypt)
- ...
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
-
-* If the PGP content has several signatures the verification is
-successful as soon as one signature can be verified.
-* If you do not want to restrict the signer identities for verification
-then do not specify the signature key User IDs. In this case all public
-keys in the public keyring are taken into account.
-
-[[Crypto-SeveralSignaturesinOnePGPDataFormat]]
-Several Signatures in One PGP Data Format
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Since�*Camel 2.12.3.*
-
-The PGP specification allows that one PGP data format can contain
-several signatures from different keys. Since Camel 2.13.3 it is
-possible to create such kind of PGP content via specifying signature
-User IDs which relate to several private keys in the secret keyring.
-
-*Several Signatures*
-
-[source,java]
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- PGPDataFormat pgpSignAndEncryptSeveralSignerKeys = new PGPDataFormat();
- pgpSignAndEncryptSeveralSignerKeys.setKeyUserid(keyUserid); // for encrypting, you can also use setKeyUserids if you want to encrypt with several keys
- pgpSignAndEncryptSeveralSignerKeys.setKeyFileName(keyfileName);
- pgpSignAndEncryptSeveralSignerKeys.setSignatureKeyFileName(signatgureKeyfileName);
- pgpSignAndEncryptSeveralSignerKeys.setSignaturePassword("sdude"); // here we assume that all private keys have the same password, if this is not the case then you can use setPassphraseAccessor
-
- List<String> signerUserIds = new ArrayList<String>();
- signerUserIds.add("company old key");
- signerUserIds.add("company new key");
- pgpSignAndEncryptSeveralSignerKeys.setSignatureKeyUserids(signerUserIds);
-�
-from("direct:start")
- ...
- .marshal(pgpSignAndEncryptSeveralSignerKeys)
- ...
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
-
-[[Crypto-SupportofSub-KeysandKeyFlagsinPGPDataFormatMarshaler]]
-Support of Sub-Keys and Key Flags in PGP Data Format Marshaler
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Since�*Camel 2.12.3. +
-*An https://tools.ietf.org/html/rfc4880#section-12.1[OpenPGP V4 key] can
-have a primary key and sub-keys. The usage of the keys is indicated by
-the so called https://tools.ietf.org/html/rfc4880#section-5.2.3.21[Key
-Flags]. For example, you can have a primary key with two sub-keys; the
-primary key shall only be used for certifying other keys (Key Flag
-0x01), the first sub-key� shall only be used for signing (Key Flag
-0x02), and the second sub-key shall only be used for encryption (Key
-Flag 0x04 or 0x08). The PGP Data Format marshaler takes into account
-these Key Flags of the primary key and sub-keys in order to determine
-the right key for signing and encryption. This is necessary because the
-primary key and its sub-keys have the same User IDs.
-
-[[Crypto-SupportofCustomKeyAccessors]]
-Support of Custom Key Accessors
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Since *Camel 2.13.0. +
-*You can implement custom key accessors for encryption/signing. The
-above PGPDataFormat class selects in a certain predefined way the keys
-which should be used for signing/encryption or verifying/decryption. If
-you have special requirements how your keys should be selected you
-should use the
-https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPKeyAccessDataFormat.java[PGPKeyAccessDataFormat]
-class instead and implement the interfaces
-https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPPublicKeyAccessor.java[PGPPublicKeyAccessor]
-and
-https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/PGPSecretKeyAccessor.java[PGPSecretKeyAccessor]
-as beans. There are default implementations
-https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPPublicKeyAccessor.java[DefaultPGPPublicKeyAccessor]
-and
-https://github.com/apache/camel/blob/master/components/camel-crypto/src/main/java/org/apache/camel/converter/crypto/DefaultPGPSecretKeyAccessor.java[DefaultPGPSecretKeyAccessor]
-which cache the keys, so that not every time the keyring is parsed when
-the processor is called.
-
-PGPKeyAccessDataFormat has the same options as PGPDataFormat except
-password, keyFileName, encryptionKeyRing, signaturePassword,
-signatureKeyFileName, and signatureKeyRing.
-
-[[Crypto-Dependencies]]
-Dependencies
-^^^^^^^^^^^^
-
-To use the link:crypto.html[Crypto] dataformat in your camel routes you
-need to add the following dependency to your pom.
-
-[source,xml]
-----------------------------------------------------------
-<dependency>
- <groupId>org.apache.camel</groupId>
- <artifactId>camel-crypto</artifactId>
- <version>x.x.x</version>
- <!-- use the same version as your Camel core version -->
-</dependency>
-----------------------------------------------------------
-
-[[Crypto-SeeAlso]]
-See Also
-^^^^^^^^
-
-* link:data-format.html[Data Format]
-* link:crypto-digital-signatures.html[Crypto (Digital Signatures)]
-* http://www.bouncycastle.org/java.html[http://www.bouncycastle.org/java.html]
-
http://git-wip-us.apache.org/repos/asf/camel/blob/9c0b7baf/components/camel-cxf/src/main/docs/cxf-component.adoc
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/main/docs/cxf-component.adoc b/components/camel-cxf/src/main/docs/cxf-component.adoc
new file mode 100644
index 0000000..ba16233
--- /dev/null
+++ b/components/camel-cxf/src/main/docs/cxf-component.adoc
@@ -0,0 +1,934 @@
+[[CXF-CXFComponent]]
+CXF Component
+~~~~~~~~~~~~~
+
+NOTE:When using CXF as a consumer, the link:cxf-bean-component.html[CXF Bean
+Component] allows you to factor out how message payloads are received
+from their processing as a RESTful or SOAP web service. This has the
+potential of using a multitude of transports to consume web services.
+The bean component's configuration is also simpler and provides the
+fastest method to implement web services using Camel and CXF.
+
+TIP:When using CXF in streaming modes (see DataFormat option), then also
+read about link:stream-caching.html[Stream caching].
+
+The *cxf:* component provides integration with
+http://cxf.apache.org[Apache CXF] for connecting to JAX-WS services
+hosted in CXF.
+
+* link:#CXF-CXFComponent[CXF Component]
+** link:#CXF-URIformat[URI format]
+** link:#CXF-Options[Options]
+*** link:#CXF-Thedescriptionsofthedataformats[The descriptions of the
+dataformats]
+**** link:#CXF-HowtoenableCXFLoggingOutInterceptorinMESSAGEmode[How to
+enable CXF's LoggingOutInterceptor in MESSAGE mode]
+*** link:#CXF-DescriptionofrelayHeadersoption[Description of
+relayHeaders option]
+**** link:#CXF-AvailableonlyinPOJOmode[Available only in POJO mode]
+**** link:#CXF-ChangessinceRelease2.0[Changes since Release 2.0]
+** link:#CXF-ConfiguretheCXFendpointswithSpring[Configure the CXF
+endpoints with Spring]
+**
+link:#CXF-ConfiguringtheCXFEndpointswithApacheAriesBlueprint.[Configuring
+the CXF Endpoints with Apache Aries Blueprint.]
+**
+link:#CXF-Howtomakethecamel-cxfcomponentuselog4jinsteadofjava.util.logging[How
+to make the camel-cxf component use log4j instead of java.util.logging]
+** link:#CXF-Howtoletcamel-cxfresponsemessagewithxmlstartdocument[How to
+let camel-cxf response message with xml start document]
+** link:#CXF-HowtooverridetheCXFproduceraddressfrommessageheader[How to
+override the CXF producer address from message header]
+**
+link:#CXF-Howtoconsumeamessagefromacamel-cxfendpointinPOJOdataformat[How
+to consume a message from a camel-cxf endpoint in POJO data format]
+**
+link:#CXF-Howtopreparethemessageforthecamel-cxfendpointinPOJOdataformat[How
+to prepare the message for the camel-cxf endpoint in POJO data format]
+**
+link:#CXF-Howtodealwiththemessageforacamel-cxfendpointinPAYLOADdataformat[How
+to deal with the message for a camel-cxf endpoint in PAYLOAD data
+format]
+** link:#CXF-HowtogetandsetSOAPheadersinPOJOmode[How to get and set SOAP
+headers in POJO mode]
+** link:#CXF-HowtogetandsetSOAPheadersinPAYLOADmode[How to get and set
+SOAP headers in PAYLOAD mode]
+** link:#CXF-SOAPheadersarenotavailableinMESSAGEmode[SOAP headers are
+not available in MESSAGE mode]
+** link:#CXF-HowtothrowaSOAPFaultfromCamel[How to throw a SOAP Fault
+from Camel]
+**
+link:#CXF-Howtopropagateacamel-cxfendpointrequestandresponsecontext[How
+to propagate a camel-cxf endpoint's request and response context]
+** link:#CXF-AttachmentSupport[Attachment Support]
+** link:#CXF-StreamingSupportinPAYLOADmode[Streaming Support in PAYLOAD
+mode]
+** link:#CXF-UsingthegenericCXFDispatchmode[Using the generic CXF
+Dispatch mode]
+** link:#CXF-SeeAlso[See Also]
+
+Maven users will need to add the following dependency to their `pom.xml`
+for this component:
+
+[source,xml]
+------------------------------------------------------------
+<dependency>
+ <groupId>org.apache.camel</groupId>
+ <artifactId>camel-cxf</artifactId>
+ <version>x.x.x</version>
+ <!-- use the same version as your Camel core version -->
+</dependency>
+------------------------------------------------------------
+
+[Tip]
+====
+CXF dependencies
+
+If you want to learn about CXF dependencies you can checkout the
+`WHICH-JARS` text file.
+
+====
+
+[[CXF-URIformat]]
+URI format
+^^^^^^^^^^
+
+[source,java]
+------------------------------
+cxf:bean:cxfEndpoint[?options]
+------------------------------
+
+Where *cxfEndpoint* represents a bean ID that references a bean in the
+Spring bean registry. With this URI format, most of the endpoint details
+are specified in the bean definition.
+
+[source,java]
+---------------------------
+cxf://someAddress[?options]
+---------------------------
+
+Where *someAddress* specifies the CXF endpoint's address. With this URI
+format, most of the endpoint details are specified using options.
+
+For either style above, you can append options to the URI as follows:
+
+[source,java]
+---------------------------------------------------------------------
+cxf:bean:cxfEndpoint?wsdlURL=wsdl/hello_world.wsdl&dataFormat=PAYLOAD
+---------------------------------------------------------------------
+
+[[CXF-Options]]
+Options
+^^^^^^^
+
+
+// component options: START
+The CXF component supports 2 options which are listed below.
+
+
+
+{% raw %}
+[width="100%",cols="2s,1m,8",options="header"]
+|=======================================================================
+| Name | Java Type | Description
+| allowStreaming | Boolean | This option controls whether the CXF component when running in PAYLOAD mode will DOM parse the incoming messages into DOM Elements or keep the payload as a javax.xml.transform.Source object that would allow streaming in some cases.
+| headerFilterStrategy | HeaderFilterStrategy | To use a custom HeaderFilterStrategy to filter header to and from Camel message.
+|=======================================================================
+{% endraw %}
+// component options: END
+
+
+
+
+// endpoint options: START
+The CXF component supports 35 endpoint options which are listed below:
+
+{% raw %}
+[width="100%",cols="2s,1,1m,1m,5",options="header"]
+|=======================================================================
+| Name | Group | Default | Java Type | Description
+| beanId | common | | String | To lookup an existing configured CxfEndpoint. Must used bean: as prefix.
+| address | service | | String | The service publish address.
+| dataFormat | common | POJO | DataFormat | The data type messages supported by the CXF endpoint.
+| wrappedStyle | common | | Boolean | The WSDL style that describes how parameters are represented in the SOAP body. If the value is false CXF will chose the document-literal unwrapped style If the value is true CXF will chose the document-literal wrapped style
+| bridgeErrorHandler | consumer | false | boolean | Allows for bridging the consumer to the Camel routing Error Handler which mean any exceptions occurred while the consumer is trying to pickup incoming messages or the likes will now be processed as a message and handled by the routing Error Handler. By default the consumer will use the org.apache.camel.spi.ExceptionHandler to deal with exceptions that will be logged at WARN/ERROR level and ignored.
+| exceptionHandler | consumer (advanced) | | ExceptionHandler | To let the consumer use a custom ExceptionHandler. Notice if the option bridgeErrorHandler is enabled then this options is not in use. By default the consumer will deal with exceptions that will be logged at WARN/ERROR level and ignored.
+| defaultOperationName | producer | | String | This option will set the default operationName that will be used by the CxfProducer which invokes the remote service.
+| defaultOperationNamespace | producer | | String | This option will set the default operationNamespace that will be used by the CxfProducer which invokes the remote service.
+| hostnameVerifier | producer | | HostnameVerifier | The hostname verifier to be used. Use the notation to reference a HostnameVerifier from the registry.
+| sslContextParameters | producer | | SSLContextParameters | The Camel SSL setting reference. Use the notation to reference the SSL Context.
+| wrapped | producer | false | boolean | Which kind of operation that CXF endpoint producer will invoke
+| allowStreaming | advanced | | Boolean | This option controls whether the CXF component when running in PAYLOAD mode will DOM parse the incoming messages into DOM Elements or keep the payload as a javax.xml.transform.Source object that would allow streaming in some cases.
+| bus | advanced | | Bus | To use a custom configured CXF Bus.
+| continuationTimeout | advanced | 30000 | long | This option is used to set the CXF continuation timeout which could be used in CxfConsumer by default when the CXF server is using Jetty or Servlet transport.
+| cxfBinding | advanced | | CxfBinding | To use a custom CxfBinding to control the binding between Camel Message and CXF Message.
+| cxfEndpointConfigurer | advanced | | CxfEndpointConfigurer | This option could apply the implementation of org.apache.camel.component.cxf.CxfEndpointConfigurer which supports to configure the CXF endpoint in programmatic way. User can configure the CXF server and client by implementing configureServerClient method of CxfEndpointConfigurer.
+| defaultBus | advanced | false | boolean | Will set the default bus when CXF endpoint create a bus by itself
+| exchangePattern | advanced | InOnly | ExchangePattern | Sets the default exchange pattern when creating an exchange
+| headerFilterStrategy | advanced | | HeaderFilterStrategy | To use a custom HeaderFilterStrategy to filter header to and from Camel message.
+| mergeProtocolHeaders | advanced | false | boolean | Whether to merge protocol headers. If enabled then propagating headers between Camel and CXF becomes more consistent and similar. For more details see CAMEL-6393.
+| mtomEnabled | advanced | false | boolean | To enable MTOM (attachments). This requires to use POJO or PAYLOAD data format mode.
+| properties | advanced | | Map | To set additional CXF options using the key/value pairs from the Map. For example to turn on stacktraces in SOAP faults properties.faultStackTraceEnabled=true
+| skipPayloadMessagePartCheck | advanced | false | boolean | Sets whether SOAP message validation should be disabled.
+| synchronous | advanced | false | boolean | Sets whether synchronous processing should be strictly used or Camel is allowed to use asynchronous processing (if supported).
+| loggingFeatureEnabled | logging | false | boolean | This option enables CXF Logging Feature which writes inbound and outbound SOAP messages to log.
+| loggingSizeLimit | logging | 49152 | int | To limit the total size of number of bytes the logger will output when logging feature has been enabled and -1 for no limit.
+| skipFaultLogging | logging | false | boolean | This option controls whether the PhaseInterceptorChain skips logging the Fault that it catches.
+| password | security | | String | This option is used to set the basic authentication information of password for the CXF client.
+| username | security | | String | This option is used to set the basic authentication information of username for the CXF client.
+| bindingId | service | | String | The bindingId for the service model to use.
+| portName | service | | String | The endpoint name this service is implementing it maps to the wsdl:portname. In the format of ns:PORT_NAME where ns is a namespace prefix valid at this scope.
+| publishedEndpointUrl | service | | String | This option can override the endpointUrl that published from the WSDL which can be accessed with service address url plus wsd
+| serviceClass | service | | Class<?> | The class name of the SEI (Service Endpoint Interface) class which could have JSR181 annotation or not.
+| serviceName | service | | String | The service name this service is implementing it maps to the wsdl:servicename.
+| wsdlURL | service | | String | The location of the WSDL. Can be on the classpath file system or be hosted remotely.
+|=======================================================================
+{% endraw %}
+// endpoint options: END
+
+
+The `serviceName` and `portName` are
+http://en.wikipedia.org/wiki/QName[QNames], so if you provide them be
+sure to prefix them with their \{namespace} as shown in the examples
+above.
+
+[[CXF-Thedescriptionsofthedataformats]]
+The descriptions of the dataformats
++++++++++++++++++++++++++++++++++++
+
+[width="100%",cols="50%,50%",options="header",]
+|=======================================================================
+|DataFormat |Description
+
+|`POJO` |POJOs (Plain old Java objects) are the Java parameters to the method
+being invoked on the target server. Both Protocol and Logical JAX-WS
+handlers are supported.
+
+|`PAYLOAD` |`PAYLOAD` is the message payload (the contents of the `soap:body`) after
+message configuration in the CXF endpoint is applied. Only Protocol
+JAX-WS handler is supported. Logical JAX-WS handler is not supported.
+
+|`MESSAGE` |`MESSAGE` is the raw message that is received from the transport layer.
+It is not suppose to touch or change Stream, some of the CXF
+interceptors will be removed if you are using this kind of DataFormat so
+you can't see any soap headers after the camel-cxf consumer and JAX-WS
+handler is not supported.
+
+|`CXF_MESSAGE` |New in *Camel 2.8.2*, `CXF_MESSAGE` allows for invoking the full
+capabilities of CXF interceptors by converting the message from the
+transport layer into a raw SOAP message
+|=======================================================================
+
+You can determine the data format mode of an exchange by retrieving the
+exchange property, `CamelCXFDataFormat`. The exchange key constant is
+defined in
+`org.apache.camel.component.cxf.CxfConstants.DATA_FORMAT_PROPERTY`.
+
+[[CXF-HowtoenableCXFLoggingOutInterceptorinMESSAGEmode]]
+How to enable CXF's LoggingOutInterceptor in MESSAGE mode
+
+CXF's `LoggingOutInterceptor` outputs outbound message that goes on the
+wire to logging system (Java Util Logging). Since the
+`LoggingOutInterceptor` is in `PRE_STREAM` phase (but `PRE_STREAM` phase
+is removed in `MESSAGE` mode), you have to configure
+`LoggingOutInterceptor` to be run during the `WRITE` phase. The
+following is an example.
+
+[source,xml]
+-------------------------------------------------------------------------------------------------------
+<bean id="loggingOutInterceptor" class="org.apache.cxf.interceptor.LoggingOutInterceptor">
+ <!-- it really should have been user-prestream but CXF does have such phase! -->
+ <constructor-arg value="target/write"/>
+</bean>
+
+<cxf:cxfEndpoint id="serviceEndpoint" address="http://localhost:${CXFTestSupport.port2}/LoggingInterceptorInMessageModeTest/helloworld"
+ serviceClass="org.apache.camel.component.cxf.HelloService">
+ <cxf:outInterceptors>
+ <ref bean="loggingOutInterceptor"/>
+ </cxf:outInterceptors>
+ <cxf:properties>
+ <entry key="dataFormat" value="MESSAGE"/>
+ </cxf:properties>
+</cxf:cxfEndpoint>
+-------------------------------------------------------------------------------------------------------
+
+[[CXF-DescriptionofrelayHeadersoption]]
+Description of relayHeaders option
+++++++++++++++++++++++++++++++++++
+
+There are _in-band_ and _out-of-band_ on-the-wire headers from the
+perspective of a JAXWS WSDL-first developer.
+
+The _in-band_ headers are headers that are explicitly defined as part of
+the WSDL binding contract for an endpoint such as SOAP headers.
+
+The _out-of-band_ headers are headers that are serialized over the wire,
+but are not explicitly part of the WSDL binding contract.
+
+Headers relaying/filtering is bi-directional.
+
+When a route has a CXF endpoint and the developer needs to have
+on-the-wire headers, such as SOAP headers, be relayed along the route to
+be consumed say by another JAXWS endpoint, then `relayHeaders` should be
+set to `true`, which is the default value.
+
+[[CXF-AvailableonlyinPOJOmode]]
+Available only in POJO mode
+
+The `relayHeaders=true` express an intent to relay the headers. The
+actual decision on whether a given header is relayed is delegated to a
+pluggable instance that implements the `MessageHeadersRelay` interface.
+A concrete implementation of `MessageHeadersRelay` will be consulted to
+decide if a header needs to be relayed or not. There is already an
+implementation of `SoapMessageHeadersRelay` which binds itself to
+well-known SOAP name spaces. Currently only out-of-band headers are
+filtered, and in-band headers will always be relayed when
+`relayHeaders=true`. If there is a header on the wire, whose name space
+is unknown to the runtime, then a fall back `DefaultMessageHeadersRelay`
+will be used, which simply allows all headers to be relayed.
+
+The `relayHeaders=false` setting asserts that all headers in-band and
+out-of-band will be dropped.
+
+You can plugin your own `MessageHeadersRelay` implementations overriding
+or adding additional ones to the list of relays. In order to override a
+preloaded relay instance just make sure that your `MessageHeadersRelay`
+implementation services the same name spaces as the one you looking to
+override. Also note, that the overriding relay has to service all of the
+name spaces as the one you looking to override, or else a runtime
+exception on route start up will be thrown as this would introduce an
+ambiguity in name spaces to relay instance mappings.
+
+[source,xml]
+-------------------------------------------------------------------------------------------------------
+<cxf:cxfEndpoint ...>
+ <cxf:properties>
+ <entry key="org.apache.camel.cxf.message.headers.relays">
+ <list>
+ <ref bean="customHeadersRelay"/>
+ </list>
+ </entry>
+ </cxf:properties>
+ </cxf:cxfEndpoint>
+ <bean id="customHeadersRelay" class="org.apache.camel.component.cxf.soap.headers.CustomHeadersRelay"/>
+-------------------------------------------------------------------------------------------------------
+
+Take a look at the tests that show how you'd be able to relay/drop
+headers here:
+
+https://svn.apache.org/repos/asf/camel/branches/camel-1.x/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/soap/headers/CxfMessageHeadersRelayTest.java[https://svn.apache.org/repos/asf/camel/branches/camel-1.x/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/soap/headers/CxfMessageHeadersRelayTest.java]
+
+[[CXF-ChangessinceRelease2.0]]
+Changes since Release 2.0
+
+* `POJO` and `PAYLOAD` modes are supported. In `POJO` mode, only
+out-of-band message headers are available for filtering as the in-band
+headers have been processed and removed from header list by CXF. The
+in-band headers are incorporated into the `MessageContentList` in POJO
+mode. The `camel-cxf` component does make any attempt to remove the
+in-band headers from the `MessageContentList`. If filtering of in-band
+headers is required, please use `PAYLOAD` mode or plug in a (pretty
+straightforward) CXF interceptor/JAXWS Handler to the CXF endpoint.
+* The Message Header Relay mechanism has been merged into
+`CxfHeaderFilterStrategy`. The `relayHeaders` option, its semantics, and
+default value remain the same, but it is a property of
+`CxfHeaderFilterStrategy`.
+ Here is an example of configuring it.
+
+[source,xml]
+-------------------------------------------------------------------------------------------------------
+<bean id="dropAllMessageHeadersStrategy" class="org.apache.camel.component.cxf.common.header.CxfHeaderFilterStrategy">
+
+ <!-- Set relayHeaders to false to drop all SOAP headers -->
+ <property name="relayHeaders" value="false"/>
+
+</bean>
+-------------------------------------------------------------------------------------------------------
+
+Then, your endpoint can reference the `CxfHeaderFilterStrategy`.
+
+[source,xml]
+-------------------------------------------------------------------------------------------------------
+<route>
+ <from uri="cxf:bean:routerNoRelayEndpoint?headerFilterStrategy=#dropAllMessageHeadersStrategy"/>
+ <to uri="cxf:bean:serviceNoRelayEndpoint?headerFilterStrategy=#dropAllMessageHeadersStrategy"/>
+</route>
+-------------------------------------------------------------------------------------------------------
+
+* The `MessageHeadersRelay` interface has changed slightly and has been
+renamed to `MessageHeaderFilter`. It is a property of
+`CxfHeaderFilterStrategy`. Here is an example of configuring user
+defined Message Header Filters:
+
+[source,xml]
+-------------------------------------------------------------------------------------------------------
+<bean id="customMessageFilterStrategy" class="org.apache.camel.component.cxf.common.header.CxfHeaderFilterStrategy">
+ <property name="messageHeaderFilters">
+ <list>
+ <!-- SoapMessageHeaderFilter is the built in filter. It can be removed by omitting it. -->
+ <bean class="org.apache.camel.component.cxf.common.header.SoapMessageHeaderFilter"/>
+
+ <!-- Add custom filter here -->
+ <bean class="org.apache.camel.component.cxf.soap.headers.CustomHeaderFilter"/>
+ </list>
+ </property>
+</bean>
+-------------------------------------------------------------------------------------------------------
+
+* Other than `relayHeaders`, there are new properties that can be
+configured in `CxfHeaderFilterStrategy`.
+
+[width="100%",cols="10%,10%,80%",options="header",]
+|=======================================================================
+|Name |Required |Description
+|`relayHeaders` |No |All message headers will be processed by Message Header Filters
+ _Type_: `boolean`
+ _Default_: `true`
+
+|`relayAllMessageHeaders` | No |All message headers will be propagated (without processing by Message
+Header Filters)
+ _Type_: `boolean`
+ _Default_: `false`
+
+|`allowFilterNamespaceClash` |No |If two filters overlap in activation namespace, the property control how
+it should be handled. If the value is `true`, last one wins. If the
+value is `false`, it will throw an exception
+ _Type_: `boolean`
+ _Default_: `false`
+|=======================================================================
+
+[[CXF-ConfiguretheCXFendpointswithSpring]]
+Configure the CXF endpoints with Spring
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+You can configure the CXF endpoint with the Spring configuration file
+shown below, and you can also embed the endpoint into the `camelContext`
+tags. When you are invoking the service endpoint, you can set the
+`operationName` and `operationNamespace` headers to explicitly state
+which operation you are calling.
+
+[source,xml]
+----------------------------------------------------------------------------------------------------------------
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:cxf="http://camel.apache.org/schema/cxf"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
+ http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd">
+ <cxf:cxfEndpoint id="routerEndpoint" address="http://localhost:9003/CamelContext/RouterPort"
+ serviceClass="org.apache.hello_world_soap_http.GreeterImpl"/>
+ <cxf:cxfEndpoint id="serviceEndpoint" address="http://localhost:9000/SoapContext/SoapPort"
+ wsdlURL="testutils/hello_world.wsdl"
+ serviceClass="org.apache.hello_world_soap_http.Greeter"
+ endpointName="s:SoapPort"
+ serviceName="s:SOAPService"
+ xmlns:s="http://apache.org/hello_world_soap_http" />
+ <camelContext id="camel" xmlns="http://camel.apache.org/schema/spring">
+ <route>
+ <from uri="cxf:bean:routerEndpoint" />
+ <to uri="cxf:bean:serviceEndpoint" />
+ </route>
+ </camelContext>
+ </beans>
+----------------------------------------------------------------------------------------------------------------
+
+Be sure to include the JAX-WS `schemaLocation` attribute specified on
+the root beans element. This allows CXF to validate the file and is
+required. Also note the namespace declarations at the end of the
+`<cxf:cxfEndpoint/>` tag--these are required because the combined
+\{`namespace}localName` syntax is presently not supported for this tag's
+attribute values.
+
+The `cxf:cxfEndpoint` element supports many additional attributes:
+
+[width="100%",cols="50%,50%",options="header",]
+|=======================================================================
+|Name |Value
+
+|`PortName` |The endpoint name this service is implementing, it maps to the
+`wsdl:port@name`. In the format of `ns:PORT_NAME` where `ns` is a
+namespace prefix valid at this scope.
+
+|`serviceName` |The service name this service is implementing, it maps to the
+`wsdl:service@name`. In the format of `ns:SERVICE_NAME` where `ns` is a
+namespace prefix valid at this scope.
+
+|`wsdlURL` |The location of the WSDL. Can be on the classpath, file system, or be
+hosted remotely.
+
+|`bindingId` |The `bindingId` for the service model to use.
+
+|`address` |The service publish address.
+
+|`bus` |The bus name that will be used in the JAX-WS endpoint.
+
+|`serviceClass` |The class name of the SEI (Service Endpoint Interface) class which could
+have JSR181 annotation or not.
+|=======================================================================
+
+It also supports many child elements:
+
+[width="100%",cols="50%,50%",options="header",]
+|=======================================================================
+|Name |Value
+
+|`cxf:inInterceptors` |The incoming interceptors for this endpoint. A list of `<bean>` or
+`<ref>`.
+
+|`cxf:inFaultInterceptors` |The incoming fault interceptors for this endpoint. A list of `<bean>` or
+`<ref>`.
+
+|`cxf:outInterceptors` |The outgoing interceptors for this endpoint. A list of `<bean>` or
+`<ref>`.
+
+|`cxf:outFaultInterceptors` |The outgoing fault interceptors for this endpoint. A list of `<bean>` or
+`<ref>`.
+
+|`cxf:properties` | A properties map which should be supplied to the JAX-WS endpoint. See
+below.
+
+|`cxf:handlers` |A JAX-WS handler list which should be supplied to the JAX-WS endpoint.
+See below.
+
+|`cxf:dataBinding` |You can specify the which `DataBinding` will be use in the endpoint.
+This can be supplied using the Spring `<bean class="MyDataBinding"/>`
+syntax.
+
+|`cxf:binding` |You can specify the `BindingFactory` for this endpoint to use. This can
+be supplied using the Spring `<bean class="MyBindingFactory"/>` syntax.
+
+|`cxf:features` |The features that hold the interceptors for this endpoint. A list of
+beans or refs
+
+|`cxf:schemaLocations` |The schema locations for endpoint to use. A list of schemaLocations
+
+|`cxf:serviceFactory` |The service factory for this endpoint to use. This can be supplied using
+the Spring `<bean class="MyServiceFactory"/>` syntax
+|=======================================================================
+
+You can find more advanced examples that show how to provide
+interceptors, properties and handlers on the CXF
+https://cwiki.apache.org/CXF20DOC/JAX-WS+Configuration[JAX-WS
+Configuration page].
+
+*NOTE*
+ You can use cxf:properties to set the camel-cxf endpoint's dataFormat
+and setDefaultBus properties from spring configuration file.
+
+[source,xml]
+-------------------------------------------------------------------------
+<cxf:cxfEndpoint id="testEndpoint" address="http://localhost:9000/router"
+ serviceClass="org.apache.camel.component.cxf.HelloService"
+ endpointName="s:PortName"
+ serviceName="s:ServiceName"
+ xmlns:s="http://www.example.com/test">
+ <cxf:properties>
+ <entry key="dataFormat" value="MESSAGE"/>
+ <entry key="setDefaultBus" value="true"/>
+ </cxf:properties>
+ </cxf:cxfEndpoint>
+-------------------------------------------------------------------------
+
+[[CXF-ConfiguringtheCXFEndpointswithApacheAriesBlueprint.]]
+Configuring the CXF Endpoints with Apache Aries Blueprint.
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Since camel 2.8 there is support for utilizing aries blueprint
+dependency injection for your CXF endpoints.
+ The schema utilized is very similar to the spring schema so the
+transition is fairly transparent.
+
+Example
+
+[source,xml]
+------------------------------------------------------------------------------------------------------------------------------------
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0"
+ xmlns:camel-cxf="http://camel.apache.org/schema/blueprint/cxf"
+ xmlns:cxfcore="http://cxf.apache.org/blueprint/core"
+ xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd">
+
+ <camel-cxf:cxfEndpoint id="routerEndpoint"
+ address="http://localhost:9001/router"
+ serviceClass="org.apache.servicemix.examples.cxf.HelloWorld">
+ <camel-cxf:properties>
+ <entry key="dataFormat" value="MESSAGE"/>
+ </camel-cxf:properties>
+ </camel-cxf:cxfEndpoint>
+
+ <camel-cxf:cxfEndpoint id="serviceEndpoint"
+ address="http://localhost:9000/SoapContext/SoapPort"
+ serviceClass="org.apache.servicemix.examples.cxf.HelloWorld">
+ </camel-cxf:cxfEndpoint>
+
+ <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+ <route>
+ <from uri="routerEndpoint"/>
+ <to uri="log:request"/>
+ </route>
+ </camelContext>
+
+</blueprint>
+------------------------------------------------------------------------------------------------------------------------------------
+
+Currently the endpoint element is the first supported CXF
+namespacehandler.
+
+You can also use the bean references just as in spring
+
+[source,xml]
+----------------------------------------------------------------------------------------------------------------
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.0.0"
+ xmlns:jaxws="http://cxf.apache.org/blueprint/jaxws"
+ xmlns:cxf="http://cxf.apache.org/blueprint/core"
+ xmlns:camel="http://camel.apache.org/schema/blueprint"
+ xmlns:camelcxf="http://camel.apache.org/schema/blueprint/cxf"
+ xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://cxf.apache.org/blueprint/jaxws http://cxf.apache.org/schemas/blueprint/jaxws.xsd
+ http://cxf.apache.org/blueprint/core http://cxf.apache.org/schemas/blueprint/core.xsd
+ ">
+
+ <camelcxf:cxfEndpoint id="reportIncident"
+ address="/camel-example-cxf-blueprint/webservices/incident"
+ wsdlURL="META-INF/wsdl/report_incident.wsdl"
+ serviceClass="org.apache.camel.example.reportincident.ReportIncidentEndpoint">
+ </camelcxf:cxfEndpoint>
+
+ <bean id="reportIncidentRoutes" class="org.apache.camel.example.reportincident.ReportIncidentRoutes" />
+
+ <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+ <routeBuilder ref="reportIncidentRoutes"/>
+ </camelContext>
+
+</blueprint>
+----------------------------------------------------------------------------------------------------------------
+
+[[CXF-Howtomakethecamel-cxfcomponentuselog4jinsteadofjava.util.logging]]
+How to make the camel-cxf component use log4j instead of java.util.logging
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+CXF's default logger is `java.util.logging`. If you want to change it to
+log4j, proceed as follows. Create a file, in the classpath, named
+`META-INF/cxf/org.apache.cxf.logger`. This file should contain the
+fully-qualified name of the class,
+`org.apache.cxf.common.logging.Log4jLogger`, with no comments, on a
+single line.
+
+[[CXF-Howtoletcamel-cxfresponsemessagewithxmlstartdocument]]
+How to let camel-cxf response message with xml start document
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+If you are using some SOAP client such as PHP, you will get this kind of
+error, because CXF doesn't add the XML start document "<?xml
+version="1.0" encoding="utf-8"?>"
+
+[source,java]
+---------------------------------------------------------------------------------------
+Error:sendSms: SoapFault exception: [Client] looks like we got no XML document in [...]
+---------------------------------------------------------------------------------------
+
+To resolved this issue, you just need to tell StaxOutInterceptor to
+write the XML start document for you.
+
+You can add a customer interceptor like this and configure it into you
+camel-cxf endpont
+
+Or adding a message header for it like this if you are using *Camel
+2.4*.
+
+[source,java]
+-------------------------------------------------------------------
+ // set up the response context which force start document
+ Map<String, Object> map = new HashMap<String, Object>();
+ map.put("org.apache.cxf.stax.force-start-document", Boolean.TRUE);
+ exchange.getOut().setHeader(Client.RESPONSE_CONTEXT, map);
+-------------------------------------------------------------------
+
+[[CXF-HowtooverridetheCXFproduceraddressfrommessageheader]]
+How to override the CXF producer address from message header
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The�`camel-cxf`�producer supports to override the services address by
+setting the message with the key of "CamelDestinationOverrideUrl".
+
+[source,java]
+----------------------------------------------------------------------------------------------
+ // set up the service address from the message header to override the setting of CXF endpoint
+ exchange.getIn().setHeader(Exchange.DESTINATION_OVERRIDE_URL, constant(getServiceAddress()));
+----------------------------------------------------------------------------------------------
+
+[[CXF-Howtoconsumeamessagefromacamel-cxfendpointinPOJOdataformat]]
+How to consume a message from a camel-cxf endpoint in POJO data format
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The `camel-cxf` endpoint consumer POJO data format is based on the
+http://cwiki.apache.org/CXF20DOC/invokers.html[cxf invoker], so the
+message header has a property with the name of
+`CxfConstants.OPERATION_NAME` and the message body is a list of the SEI
+method parameters.
+
+[[CXF-Howtopreparethemessageforthecamel-cxfendpointinPOJOdataformat]]
+How to prepare the message for the camel-cxf endpoint in POJO data format
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The `camel-cxf` endpoint producer is based on the
+https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/endpoint/Client.java[cxf
+client API]. First you need to specify the operation name in the message
+header, then add the method parameters to a list, and initialize the
+message with this parameter list. The response message's body is a
+messageContentsList, you can get the result from that list.
+
+If you don't specify the operation name in the message header,
+`CxfProducer` will try to use the `defaultOperationName `from
+`CxfEndpoint`, if there is no `defaultOperationName` set on
+`CxfEndpoint`, it will pickup the first operationName from the Operation
+list.
+
+If you want to get the object array from the message body, you can get
+the body using `message.getbody(Object[].class)`, as follows:
+
+[[CXF-Howtodealwiththemessageforacamel-cxfendpointinPAYLOADdataformat]]
+How to deal with the message for a camel-cxf endpoint in PAYLOAD data format
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+`PAYLOAD` means that you process the payload message from the SOAP
+envelope. You can use the `Header.HEADER_LIST` as the key to set or get
+the SOAP headers and use the `List<Element>` to set or get SOAP body
+elements.
+ `Message.getBody()` will return an
+`org.apache.camel.component.cxf.CxfPayload` object, which has getters
+for SOAP message headers and Body elements. This change enables
+decoupling the native CXF message from the Camel message.
+
+[[CXF-HowtogetandsetSOAPheadersinPOJOmode]]
+How to get and set SOAP headers in POJO mode
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+`POJO` means that the data format is a "list of Java objects" when the
+Camel-cxf endpoint produces or consumes Camel exchanges. Even though
+Camel expose message body as POJOs in this mode, Camel-cxf still
+provides access to read and write SOAP headers. However, since CXF
+interceptors remove in-band SOAP headers from Header list after they
+have been processed, only out-of-band SOAP headers are available to
+Camel-cxf in POJO mode.
+
+The following example illustrate how to get/set SOAP headers. Suppose we
+have a route that forwards from one Camel-cxf endpoint to another. That
+is, SOAP Client -> Camel -> CXF service. We can attach two processors to
+obtain/insert SOAP headers at (1) before request goes out to the CXF
+service and (2) before response comes back to the SOAP Client. Processor
+(1) and (2) in this example are InsertRequestOutHeaderProcessor and
+InsertResponseOutHeaderProcessor. Our route looks like this:
+
+SOAP headers are propagated to and from Camel Message headers. The Camel
+message header name is "org.apache.cxf.headers.Header.list" which is a
+constant defined in CXF (org.apache.cxf.headers.Header.HEADER_LIST). The
+header value is a List of CXF SoapHeader objects
+(org.apache.cxf.binding.soap.SoapHeader). The following snippet is the
+InsertResponseOutHeaderProcessor (that insert a new SOAP header in the
+response message). The way to access SOAP headers in both
+InsertResponseOutHeaderProcessor and InsertRequestOutHeaderProcessor are
+actually the same. The only difference between the two processors is
+setting the direction of the inserted SOAP header.
+
+[[CXF-HowtogetandsetSOAPheadersinPAYLOADmode]]
+How to get and set SOAP headers in PAYLOAD mode
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+We've already shown how to access SOAP message (CxfPayload object) in
+PAYLOAD mode (See "How to deal with the message for a camel-cxf endpoint
+in PAYLOAD data format").
+
+Once you obtain a CxfPayload object, you can invoke the
+CxfPayload.getHeaders() method that returns a List of DOM Elements (SOAP
+headers).
+
+Since Camel 2.16.0, you can also use the same way as described in
+sub-chapter "How to get and set SOAP headers in POJO mode" to set or get
+the SOAP headers. So, you can use now the
+header�"org.apache.cxf.headers.Header.list" to get and set a list of
+SOAP headers.This does also mean that if you have a route�that forwards
+from one Camel-cxf endpoint to another (SOAP Client -> Camel -> CXF
+service), now also the SOAP headers sent by the SOAP client are
+forwarded to the CXF service. If you do not want that these headers are
+forwarded you have to remove them in the Camel header
+"org.apache.cxf.headers.Header.list".
+
+[[CXF-SOAPheadersarenotavailableinMESSAGEmode]]
+SOAP headers are not available in MESSAGE mode
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+SOAP headers are not available in MESSAGE mode as SOAP processing is
+skipped.
+
+[[CXF-HowtothrowaSOAPFaultfromCamel]]
+How to throw a SOAP Fault from Camel
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+If you are using a `camel-cxf` endpoint to consume the SOAP request, you
+may need to throw the SOAP Fault from the camel context. +
+ Basically, you can use the `throwFault` DSL to do that; it works for
+`POJO`, `PAYLOAD` and `MESSAGE` data format. +
+ You can define the soap fault like this
+
+Then throw it as you like
+
+If your CXF endpoint is working in the `MESSAGE` data format, you could
+set the the SOAP Fault message in the message body and set the response
+code in the message header.
+
+Same for using POJO data format. You can set the SOAPFault on the out
+body and also indicate it's a fault by calling Message.setFault(true):
+
+[[CXF-Howtopropagateacamel-cxfendpointrequestandresponsecontext]]
+How to propagate a camel-cxf endpoint's request and response context
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/endpoint/Client.java[cxf
+client API] provides a way to invoke the operation with request and
+response context. If you are using a `camel-cxf` endpoint producer to
+invoke the outside web service, you can set the request context and get
+response context with the following code:
+
+[source,java]
+-------------------------------------------------------------------------------------------------------------
+ CxfExchange exchange = (CxfExchange)template.send(getJaxwsEndpointUri(), new Processor() {
+ public void process(final Exchange exchange) {
+ final List<String> params = new ArrayList<String>();
+ params.add(TEST_MESSAGE);
+ // Set the request context to the inMessage
+ Map<String, Object> requestContext = new HashMap<String, Object>();
+ requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, JAXWS_SERVER_ADDRESS);
+ exchange.getIn().setBody(params);
+ exchange.getIn().setHeader(Client.REQUEST_CONTEXT , requestContext);
+ exchange.getIn().setHeader(CxfConstants.OPERATION_NAME, GREET_ME_OPERATION);
+ }
+ });
+ org.apache.camel.Message out = exchange.getOut();
+ // The output is an object array, the first element of the array is the return value
+ Object\[\] output = out.getBody(Object\[\].class);
+ LOG.info("Received output text: " + output\[0\]);
+ // Get the response context form outMessage
+ Map<String, Object> responseContext = CastUtils.cast((Map)out.getHeader(Client.RESPONSE_CONTEXT));
+ assertNotNull(responseContext);
+ assertEquals("Get the wrong wsdl opertion name", "{http://apache.org/hello_world_soap_http}greetMe",
+ responseContext.get("javax.xml.ws.wsdl.operation").toString());
+-------------------------------------------------------------------------------------------------------------
+
+[[CXF-AttachmentSupport]]
+Attachment Support
+^^^^^^^^^^^^^^^^^^
+
+*POJO Mode:* Both SOAP with Attachment and MTOM are supported (see
+example in Payload Mode for enabling MTOM).� However, SOAP with
+Attachment is not tested.� Since attachments are marshalled and
+unmarshalled into POJOs, users typically do not need to deal with the
+attachment themself.� Attachments are propagated to Camel message's
+attachments if the MTOM is not enabled, since 2.12.3.� So, it is
+possible to retreive attachments by Camel Message API
+
+[source,java]
+--------------------------------------------
+DataHandler Message.getAttachment(String id)
+--------------------------------------------
+
+*Payload Mode:* MTOM is supported since 2.1. Attachments can be
+retrieved by Camel Message APIs mentioned above. SOAP with Attachment
+(SwA) is supported and attachments can be retrieved since 2.5. SwA is
+the default (same as setting the CXF endpoint property "mtom-enabled" to
+false).�
+
+To enable MTOM, set the CXF endpoint property "mtom-enabled" to _true_.
+(I believe you can only do it with Spring.)
+
+You can produce a Camel message with attachment to send to a CXF
+endpoint in Payload mode.
+
+You can also consume a Camel message received from a CXF endpoint in
+Payload mode.
+
+*Message Mode:* Attachments are not supported as it does not process the
+message at all.
+
+*CXF_MESSAGE Mode*: MTOM is supported, and Attachments can be retrieved
+by Camel Message APIs mentioned above. Note that when receiving a
+multipart (i.e. MTOM) message the default SOAPMessage to String
+converter will provide the complete multipart payload on the body. If
+you require just the SOAP XML as a String, you can set the message body
+with message.getSOAPPart(), and Camel convert can do the rest of work
+for you.
+
+[[CXF-StreamingSupportinPAYLOADmode]]
+Streaming Support in PAYLOAD mode
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+In 2.8.2, the camel-cxf component now supports streaming of incoming
+messages when using PAYLOAD mode. Previously, the incoming messages
+would have been completely DOM parsed. For large messages, this is time
+consuming and uses a significant amount of memory. Starting in 2.8.2,
+the incoming messages can remain as a javax.xml.transform.Source while
+being routed and, if nothing modifies the payload, can then be directly
+streamed out to the target destination. For common "simple proxy" use
+cases (example: from("cxf:...").to("cxf:...")), this can provide very
+significant performance increases as well as significantly lowered
+memory requirements.
+
+However, there are cases where streaming may not be appropriate or
+desired. Due to the streaming nature, invalid incoming XML may not be
+caught until later in the processing chain. Also, certain actions may
+require the message to be DOM parsed anyway (like WS-Security or message
+tracing and such) in which case the advantages of the streaming is
+limited. At this point, there are two ways to control the streaming:
+
+* Endpoint property: you can add "allowStreaming=false" as an endpoint
+property to turn the streaming on/off.
+
+* Component property: the CxfComponent object also has an allowStreaming
+property that can set the default for endpoints created from that
+component.
+
+Global system property: you can add a system property of
+"org.apache.camel.component.cxf.streaming" to "false" to turn if off.
+That sets the global default, but setting the endpoint property above
+will override this value for that endpoint.
+
+[[CXF-UsingthegenericCXFDispatchmode]]
+Using the generic CXF Dispatch mode
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+From 2.8.0, the camel-cxf component supports the generic
+https://cxf.apache.org/docs/jax-ws-dispatch-api.html[CXF dispatch
+mode]�that can transport messages of arbitrary structures (i.e., not
+bound to a specific XML schema). To use this mode, you simply omit
+specifying the wsdlURL and serviceClass attributes of the CXF endpoint.
+
+[source,xml]
+-------------------------------------------------------------------------------------------
+<cxf:cxfEndpoint id="testEndpoint" address="http://localhost:9000/SoapContext/SoapAnyPort">
+ <cxf:properties>
+ <entry key="dataFormat" value="PAYLOAD"/>
+ </cxf:properties>
+ </cxf:cxfEndpoint>
+-------------------------------------------------------------------------------------------
+
+It is noted that the default CXF dispatch client does not send a
+specific SOAPAction header. Therefore, when the target service requires
+a specific SOAPAction value, it is supplied in the Camel header using
+the key SOAPAction (case-insensitive).
+
+�
+
+[[CXF-SeeAlso]]
+See Also
+^^^^^^^^
+
+* link:configuring-camel.html[Configuring Camel]
+* link:component.html[Component]
+* link:endpoint.html[Endpoint]
+* link:getting-started.html[Getting Started]
+