You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by dk...@apache.org on 2012/12/11 20:35:07 UTC
svn commit: r1420354 -
/webservices/wss4j/branches/1_6_x-fixes/src/site/xdoc/best_practice.xml
Author: dkulp
Date: Tue Dec 11 19:35:06 2012
New Revision: 1420354
URL: http://svn.apache.org/viewvc?rev=1420354&view=rev
Log:
Fix grammar mistake that make the sentence sound like more of a question than a statement of fact
Modified:
webservices/wss4j/branches/1_6_x-fixes/src/site/xdoc/best_practice.xml
Modified: webservices/wss4j/branches/1_6_x-fixes/src/site/xdoc/best_practice.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/site/xdoc/best_practice.xml?rev=1420354&r1=1420353&r2=1420354&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/site/xdoc/best_practice.xml (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/site/xdoc/best_practice.xml Tue Dec 11 19:35:06 2012
@@ -41,7 +41,7 @@ and enforce this decision. For WS-Securi
that ends with "Rsa15" (e.g. "Basic128Rsa15"). For the direct configuration case, you should
explicitly configure WSHandlerConstants.ENC_KEY_TRANSPORT ("encryptionKeyTransportAlgorithm")
to be "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p". This latter point requires the
-web services stack to set this property on the Request (is it known that Apache CXF does this).
+web services stack to set this property on the Request (it is known that Apache CXF does this).
</p>
</subsection>
<subsection name="Avoid using a cbc Symmetric Encryption Algorithm">
@@ -70,7 +70,7 @@ approach), you should specify a signatur
can be done via WSHandlerConstants.SIG_ALGO ("signatureAlgorithm"). Setting this property
to (e.g.) "http://www.w3.org/2000/09/xmldsig#rsa-sha1" will ensure that the signature
algorithm allowed is RSA-SHA1 and not (e.g.) HMAC-SHA1. This latter point requires the
-web services stack to set this property on the Request (is it known that Apache CXF does
+web services stack to set this property on the Request (it is known that Apache CXF does
this). See also the previous point about setting the key encryption transport algorithm.
</p>
</subsection>