You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/08/29 11:11:59 UTC
svn commit: r1017424 [3/4] - in /websites/production/cxf/content: ./ cache/
docs/
Modified: websites/production/cxf/content/docs/swagger2feature.html
==============================================================================
--- websites/production/cxf/content/docs/swagger2feature.html (original)
+++ websites/production/cxf/content/docs/swagger2feature.html Tue Aug 29 11:11:59 2017
@@ -32,8 +32,8 @@
<link type="text/css" rel="stylesheet" href="/resources/highlighter/styles/shThemeCXF.css">
<script src='/resources/highlighter/scripts/shCore.js'></script>
-<script src='/resources/highlighter/scripts/shBrushJava.js'></script>
<script src='/resources/highlighter/scripts/shBrushXml.js'></script>
+<script src='/resources/highlighter/scripts/shBrushJava.js'></script>
<script>
SyntaxHighlighter.defaults['toolbar'] = false;
SyntaxHighlighter.all();
@@ -118,12 +118,12 @@ Apache CXF -- Swagger2Feature
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><h1 id="Swagger2Feature-Swagger2Feature">Swagger2Feature</h1><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1496864824384 {padding: 0px;}
-div.rbtoc1496864824384 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1496864824384 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1504004877808 {padding: 0px;}
+div.rbtoc1504004877808 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1504004877808 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1496864824384">
-<ul class="toc-indentation"><li><a shape="rect" href="#Swagger2Feature-Swagger2Feature">Swagger2Feature</a></li><li><a shape="rect" href="#Swagger2Feature-Setup">Setup</a></li><li><a shape="rect" href="#Swagger2Feature-Properties">Properties</a></li><li><a shape="rect" href="#Swagger2Feature-ConfiguringProgramatically">Configuring Programatically</a></li><li><a shape="rect" href="#Swagger2Feature-ConfiguringinSpring">Configuring in Spring</a></li><li><a shape="rect" href="#Swagger2Feature-ConfiguringinBlueprint">Configuring in Blueprint</a></li><li><a shape="rect" href="#Swagger2Feature-ConfiguringinCXFNonSpringJaxrsServlet">Configuring in CXFNonSpringJaxrsServlet</a></li><li><a shape="rect" href="#Swagger2Feature-EnablinginSpringBoot">Enabling in Spring Boot</a></li><li><a shape="rect" href="#Swagger2Feature-AccessingSwaggerDocuments">Accessing Swagger Documents</a></li><li><a shape="rect" href="#Swagger2Feature-EnablingSwaggerUI">Enabling Swagger UI</a>
+/*]]>*/</style></p><div class="toc-macro rbtoc1504004877808">
+<ul class="toc-indentation"><li><a shape="rect" href="#Swagger2Feature-Swagger2Feature">Swagger2Feature</a></li><li><a shape="rect" href="#Swagger2Feature-Setup">Setup</a></li><li><a shape="rect" href="#Swagger2Feature-Properties">Properties</a></li><li><a shape="rect" href="#Swagger2Feature-ConfiguringfromCode">Configuring from Code</a></li><li><a shape="rect" href="#Swagger2Feature-ConfiguringinSpring">Configuring in Spring</a></li><li><a shape="rect" href="#Swagger2Feature-ConfiguringinBlueprint">Configuring in Blueprint</a></li><li><a shape="rect" href="#Swagger2Feature-ConfiguringinCXFNonSpringJaxrsServlet">Configuring in CXFNonSpringJaxrsServlet</a></li><li><a shape="rect" href="#Swagger2Feature-New:ConfiguringfromPropertiesfile">New: Configuring from Properties file</a></li><li><a shape="rect" href="#Swagger2Feature-EnablinginSpringBoot">Enabling in Spring Boot</a></li><li><a shape="rect" href="#Swagger2Feature-AccessingSwaggerDocuments">Accessing Swagger Documents</a></li><l
i><a shape="rect" href="#Swagger2Feature-EnablingSwaggerUI">Enabling Swagger UI</a>
<ul class="toc-indentation"><li><a shape="rect" href="#Swagger2Feature-AutomaticUIActivation">Automatic UI Activation</a></li><li><a shape="rect" href="#Swagger2Feature-UnpackingSwaggerUIresources">Unpacking Swagger UI resources</a></li></ul>
</li><li><a shape="rect" href="#Swagger2Feature-Samples">Samples</a></li></ul>
</div><p> </p><p>The CXF Swagger2Feature allows you to generate <a shape="rect" class="external-link" href="http://swagger.io/specification/" rel="nofollow">Swagger 2.0</a> documents from JAX-RS service endpoints with a simple configuration.</p><p>For generating <a shape="rect" class="external-link" href="https://github.com/swagger-api/swagger-spec/blob/master/versions/1.2.md" rel="nofollow">Swagger 1.2</a> documents, you can use SwaggerFeature instead of Swagger2Feature (for CXF versions <= 3.1.x).</p><p>These features can be configured programatically in Java or using Spring or Blueprint beans.</p><h1 id="Swagger2Feature-Setup">Setup</h1><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
@@ -134,7 +134,7 @@ div.rbtoc1496864824384 li {margin-left:
</dependency>
</pre>
-</div></div><p>Note that a <strong>cxf-rt-rs-service-description</strong> needs to be used if older CXF 3.1.x versions are used.</p><p> </p><h1 id="Swagger2Feature-Properties">Properties</h1><p><span style="line-height: 1.4285715;">The following optional parameters can be configured in Swagger2Feature</span></p><p><span style="line-height: 1.4285715;">Note some properties listed below are not available or used differently in SwaggerFeature, as the corresponding properties are used differently in Swagger 2.0 and Swagger 1.2. Please refer to the corresponding Swagger documentation for more information.)</span></p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh">Name</th><th colspan="1" rowspan="1" class="confluenceTh">Description</th><th colspan="1" rowspan="1" class="confluenceTh">Default</th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">basePath</td><td colspan="1" rowspan="1" class="confluenceTd">the
context root path<sup>+</sup></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">contact</td><td colspan="1" rowspan="1" class="confluenceTd">the contact information<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"users@cxf.apache.org"</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">description</td><td colspan="1" rowspan="1" class="confluenceTd">the description<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"The Application"</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">filterClass</td><td colspan="1" rowspan="1" class="confluenceTd">a security filter<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">host</td><td colspan="1" rowspan="1" class="confluenceTd">the host and port<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd">ignoreRoutes</td><td colspan="1" rowspan="1" class="confluenceTd">excludes specific paths when scanning all resources (see scanAllResources)<span>+</span><span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">license</td><td colspan="1" rowspan="1" class="confluenceTd">the license<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"Apache 2.0 License"</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">licenceUrl</td><td colspan="1" rowspan="1" class="confluenceTd">the license URL<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"<span class="nolink">http://www.apache.org/licenses/LICENSE-2.0.html</span>"</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">prettyPrint</td><td colspan="1" rowspan="1" class="confluenceTd">when generating swagger.json, pretty-print the json document<span>+</span></td><td cols
pan="1" rowspan="1" class="confluenceTd">false</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">resourcePackage</td><td colspan="1" rowspan="1" class="confluenceTd">a list of comma separated package names where resources must be scanned<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">a list of service classes configured at the endpoint</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">runAsFilter</td><td colspan="1" rowspan="1" class="confluenceTd">runs the feature as a filter</td><td colspan="1" rowspan="1" class="confluenceTd">false</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">scan</td><td colspan="1" rowspan="1" class="confluenceTd">generates the swagger documentation<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">true</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">scanAllResources</td><td colspan="1" rowspan="1" class="confluenceTd">scans all resources including non-annotated JAX-RS r
esources<span>+</span><span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">false</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">schemes</td><td colspan="1" rowspan="1" class="confluenceTd">the protocol schemes<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">termsOfServiceUrl</td><td colspan="1" rowspan="1" class="confluenceTd">the terms of service URL<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">title</td><td colspan="1" rowspan="1" class="confluenceTd">the title<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"Sample REST Application"</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">version</td><td colspan="1" rowspan="1" class="confluenceTd">the version<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"1.0.0"</td></tr></tbody></ta
ble></div><p>Note: those descriptions marked with <span>+ correspond to the properties defined in Swagger's BeanConfig, and those marked with <span>+</span><span>+ correspond to the properties defined in Swagger's ReaderConfig.</span></span></p><h1 id="Swagger2Feature-ConfiguringProgramatically">Configuring Programatically</h1><p> </p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p>Note that a <strong>cxf-rt-rs-service-description</strong> needs to be used if older CXF 3.1.x versions are used.</p><p> </p><h1 id="Swagger2Feature-Properties">Properties</h1><p><span style="line-height: 1.4285715;">The following optional parameters can be configured in Swagger2Feature</span></p><p><span style="line-height: 1.4285715;">Note some properties listed below are not available or used differently in SwaggerFeature, as the corresponding properties are used differently in Swagger 2.0 and Swagger 1.2. Please refer to the corresponding Swagger documentation for more information.)</span></p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh">Name</th><th colspan="1" rowspan="1" class="confluenceTh">Description</th><th colspan="1" rowspan="1" class="confluenceTh">Default</th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">basePath</td><td colspan="1" rowspan="1" class="confluenceTd">the
context root path<sup>+</sup></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">contact</td><td colspan="1" rowspan="1" class="confluenceTd">the contact information<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"users@cxf.apache.org"</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">description</td><td colspan="1" rowspan="1" class="confluenceTd">the description<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"The Application"</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">filterClass</td><td colspan="1" rowspan="1" class="confluenceTd">a security filter<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">host</td><td colspan="1" rowspan="1" class="confluenceTd">the host and port<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd">ignoreRoutes</td><td colspan="1" rowspan="1" class="confluenceTd">excludes specific paths when scanning all resources (see scanAllResources)<span>+</span><span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">license</td><td colspan="1" rowspan="1" class="confluenceTd">the license<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"Apache 2.0 License"</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">licenceUrl</td><td colspan="1" rowspan="1" class="confluenceTd">the license URL<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"<span class="nolink">http://www.apache.org/licenses/LICENSE-2.0.html</span>"</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">prettyPrint</td><td colspan="1" rowspan="1" class="confluenceTd">when generating swagger.json, pretty-print the json document<span>+</span></td><td cols
pan="1" rowspan="1" class="confluenceTd">false</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">resourcePackage</td><td colspan="1" rowspan="1" class="confluenceTd">a list of comma separated package names where resources must be scanned<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">a list of service classes configured at the endpoint</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">runAsFilter</td><td colspan="1" rowspan="1" class="confluenceTd">runs the feature as a filter</td><td colspan="1" rowspan="1" class="confluenceTd">false</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">scan</td><td colspan="1" rowspan="1" class="confluenceTd">generates the swagger documentation<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">true</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">scanAllResources</td><td colspan="1" rowspan="1" class="confluenceTd">scans all resources including non-annotated JAX-RS r
esources<span>+</span><span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">false</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">schemes</td><td colspan="1" rowspan="1" class="confluenceTd">the protocol schemes<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">termsOfServiceUrl</td><td colspan="1" rowspan="1" class="confluenceTd">the terms of service URL<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">null</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">title</td><td colspan="1" rowspan="1" class="confluenceTd">the title<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"Sample REST Application"</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">version</td><td colspan="1" rowspan="1" class="confluenceTd">the version<span>+</span></td><td colspan="1" rowspan="1" class="confluenceTd">"1.0.0"</td></tr></tbody></ta
ble></div><p>Note: those descriptions marked with <span>+ correspond to the properties defined in Swagger's BeanConfig, and those marked with <span>+</span><span>+ correspond to the properties defined in Swagger's ReaderConfig.</span></span></p><h1 id="Swagger2Feature-ConfiguringfromCode">Configuring from Code</h1><p> </p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="brush: java; gutter: false; theme: Default" style="font-size:12px;">import org.apache.cxf.frontend.ServerFactoryBean;
import org.apache.cxf.jaxrs.swagger.Swagger2Feature;
...
@@ -252,7 +252,7 @@ import org.apache.cxf.jaxrs.swagger.Swag
</servlet-mapping>
</web-app></pre>
-</div></div><h1 id="Swagger2Feature-EnablinginSpringBoot">Enabling in Spring Boot</h1><p>See <a shape="rect" class="external-link" href="https://github.com/apache/cxf/tree/master/distribution/src/main/release/samples/jax_rs/spring_boot" rel="nofollow">samples/jax_rs/spring_boot</a> and on how to create Swagger2Feature in a @Bean method and <a shape="rect" class="external-link" href="https://github.com/apache/cxf/tree/master/distribution/src/main/release/samples/jax_rs/spring_boot_scan" rel="nofollow">samples/jax_rs/spring_boot_scan</a> on how to auto-enable it.</p><p> </p><h1 id="Swagger2Feature-AccessingSwaggerDocuments">Accessing Swagger Documents</h1><p>When Swagger is enabled by Swagger feature, the Swagger documents will be available at the location URL constructed of the service endpoint location followed by /swagger.json or /swagger.yaml.</p><p>For example, lets assume a JAX-RS endpoint is published at 'http://host:port/context/services/' where 'context' is a web ap
plication context,  "/services" is a servlet URL. In this case its Swagger documents are available at 'http://host:port/context/services/swagger.json' and 'http://host:port/context/services/swagger.yaml'.</p><p>Starting from CXF 3.1.7 the CXF Services page will link to Swagger documents if Swagger2Feature is active. </p><p>In the above example, go to '<span>http://host:port/context/services/</span>services' and follow a Swagger link which will return a Swagger JSON document.</p><p>If <a shape="rect" class="external-link" href="https://github.com/swagger-api/swagger-ui/blob/master/README.md#cors-support" rel="nofollow">CORS support</a> is needed to access the definition from a Swagger UI on another host, the <a shape="rect" href="jax-rs-cors.html">CrossOriginResourceSharingFilter from cxf-rt-rs-security-cors</a> can be added.</p><h1 id="Swagger2Feature-EnablingSwaggerUI">Enabling Swagger UI</h1><p>First one needs to add the following</p><div class="code panel pdl" styl
e="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><h1 id="Swagger2Feature-New:ConfiguringfromPropertiesfile">New: Configuring from Properties file</h1><p>Starting from CXF 3.1.13 and 3.2.0 it is possible to configure Swagger2Feature with a Properties file.</p><p>For example, while a <a shape="rect" class="external-link" href="https://github.com/apache/cxf/tree/master/distribution/src/main/release/samples/jax_rs/spring_boot" rel="nofollow">samples/jax_rs/spring_boot</a> demo configures the feature <a shape="rect" class="external-link" href="https://github.com/apache/cxf/blob/master/distribution/src/main/release/samples/jax_rs/spring_boot/src/main/java/sample/rs/service/SampleRestApplication.java#L54" rel="nofollow">from the code</a>, a  <a shape="rect" class="external-link" href="https://github.com/apache/cxf/tree/master/distribution/src/main/release/samples/jax_rs/spring_boot_scan" rel="nofollow">samples/jax_rs/spring_boot_scan</a> demo has it configured from <a shape="rect" class="external-link" href="https://gith
ub.com/apache/cxf/blob/master/distribution/src/main/release/samples/jax_rs/spring_boot_scan/application/src/main/resources/swagger.properties" rel="nofollow">the properties file</a>.</p><p>Default location for a properties file is "<strong>/swagger.properties</strong>". Swagger2Feature will pick it up if it is available, and the location can be overridden with a new Swagger2Feature '<strong>swaggerPropertiesLocation</strong>' property. </p><p>Note that the properties, if available, do not override the properties which may have been set as suggested above from the code or Spring/Blueprint contexts or web.xml. Instead they complement and serve as the default configuration properties: for example, if some properties have been set from the code then the values for the same properties found in the properties file will not be used.</p><h1 id="Swagger2Feature-EnablinginSpringBoot">Enabling in Spring Boot</h1><p>See <a shape="rect" class="external-link" href="https://github.com/apache/
cxf/tree/master/distribution/src/main/release/samples/jax_rs/spring_boot" rel="nofollow">samples/jax_rs/spring_boot</a> and on how to create Swagger2Feature in a @Bean method and <a shape="rect" class="external-link" href="https://github.com/apache/cxf/tree/master/distribution/src/main/release/samples/jax_rs/spring_boot_scan" rel="nofollow">samples/jax_rs/spring_boot_scan</a> on how to auto-enable it.</p><p> </p><h1 id="Swagger2Feature-AccessingSwaggerDocuments">Accessing Swagger Documents</h1><p>When Swagger is enabled by Swagger feature, the Swagger documents will be available at the location URL constructed of the service endpoint location followed by /swagger.json or /swagger.yaml.</p><p>For example, lets assume a JAX-RS endpoint is published at 'http://host:port/context/services/' where 'context' is a web application context,  "/services" is a servlet URL. In this case its Swagger documents are available at 'http://host:port/context/services/swagger.json' and 'ht
tp://host:port/context/services/swagger.yaml'.</p><p>Starting from CXF 3.1.7 the CXF Services page will link to Swagger documents if Swagger2Feature is active. </p><p>In the above example, go to '<span>http://host:port/context/services/</span>services' and follow a Swagger link which will return a Swagger JSON document.</p><p>If <a shape="rect" class="external-link" href="https://github.com/swagger-api/swagger-ui/blob/master/README.md#cors-support" rel="nofollow">CORS support</a> is needed to access the definition from a Swagger UI on another host, the <a shape="rect" href="jax-rs-cors.html">CrossOriginResourceSharingFilter from cxf-rt-rs-security-cors</a> can be added.</p><h1 id="Swagger2Feature-EnablingSwaggerUI">Enabling Swagger UI</h1><p>First one needs to add the following</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="brush: xml; gutter: false; theme: Default" style="font-size:12px;"><dependency>
<groupId>org.webjars</groupId>
<artifactId>swagger-ui</artifactId>
Modified: websites/production/cxf/content/docs/writing-a-service-with-spring.html
==============================================================================
--- websites/production/cxf/content/docs/writing-a-service-with-spring.html (original)
+++ websites/production/cxf/content/docs/writing-a-service-with-spring.html Tue Aug 29 11:11:59 2017
@@ -28,17 +28,6 @@
<meta name="description" content="Apache CXF, Services Framework - Writing a service with Spring">
-<link type="text/css" rel="stylesheet" href="/resources/highlighter/styles/shCoreCXF.css">
-<link type="text/css" rel="stylesheet" href="/resources/highlighter/styles/shThemeCXF.css">
-
-<script src='/resources/highlighter/scripts/shCore.js'></script>
-<script src='/resources/highlighter/scripts/shBrushJava.js'></script>
-<script src='/resources/highlighter/scripts/shBrushXml.js'></script>
-<script src='/resources/highlighter/scripts/shBrushPlain.js'></script>
-<script>
- SyntaxHighlighter.defaults['toolbar'] = false;
- SyntaxHighlighter.all();
-</script>
<title>
@@ -132,36 +121,10 @@ Apache CXF -- Writing a service with Spr
<h1 id="WritingaservicewithSpring-WritingyourService">Writing your Service</h1>
<p>First we'll write our service interface. It will have one operation called "sayHello" which says "Hello" to whoever submits their name.</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="brush: java; gutter: false; theme: Default" type="syntaxhighlighter"><![CDATA[
-package demo.spring.service;
-
-import javax.jws.WebService;
-
-@WebService
-public interface HelloWorld {
- String sayHi(String text);
-}
-]]></script>
-</div></div>
+<plain-text-body>{snippet:id=service|lang=java|url=cxf/trunk/distribution/src/main/release/samples/java_first_spring_support/src/main/java/demo/spring/service/HelloWorld.java}</plain-text-body>
<p>Our implementation will then look like this:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="brush: java; gutter: false; theme: Default" type="syntaxhighlighter"><![CDATA[
-package demo.spring.service;
-
-import javax.jws.WebService;
-
-@WebService(endpointInterface = "demo.spring.service.HelloWorld")
-public class HelloWorldImpl implements HelloWorld {
-
- public String sayHi(String text) {
- System.out.println("sayHi called");
- return "Hello " + text;
- }
-}
-]]></script>
-</div></div>
+<plain-text-body>{snippet:id=service|lang=java|url=cxf/trunk/distribution/src/main/release/samples/java_first_spring_support/src/main/java/demo/spring/service/HelloWorldImpl.java}</plain-text-body>
<p>The <code>@WebService</code> annotation on the implementation class lets CXF know which interface to use when creating WSDL. In this case its simply our HelloWorld interface.</p>
@@ -169,25 +132,15 @@ public class HelloWorldImpl implements H
<p>CXF contains support for "nice XML" within Spring 2.0. For the JAX-WS side of things, we have a <jaxws:endpoint> bean which sets up a server side endpoint.</p>
<p>Lets create a "cxf-servlet.xml" file in our WEB-INF directory which declares an endpoint bean:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="brush: java; gutter: false; theme: Default" type="syntaxhighlighter"><![CDATA[
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
- <import resource="classpath:META-INF/cxf/cxf.xml"/>
- <import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
- <jaxws:endpoint id="helloWorld" implementor="demo.spring.service.HelloWorldImpl" address="/HelloWorld"/>
-</beans>
-]]></script>
-</div></div>
+<plain-text-body>{snippet:id=beans|lang=java|url=cxf/trunk/distribution/src/main/release/samples/java_first_spring_support/src/main/webapp/WEB-INF/cxf-servlet.xml}</plain-text-body>
<p>If you want to reference a spring managed-bean, you can write like this:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<pre class="brush: xml; gutter: false; theme: Default" style="font-size:12px;">
+<parameter ac:name="">xml</parameter><plain-text-body>
<bean id="hello" class="demo.spring.service.HelloWorldImpl" />
<jaxws:endpoint id="helloWorld" implementor="#hello" address="/HelloWorld" />
-</pre>
-</div></div>
+</plain-text-body>
<p>The bean uses the following properties:</p>
<ul><li><code>id</code> specifies the id of the bean in the Spring context.</li><li><code>implementor</code> specifies the implementation class.</li><li><code>address</code> specifies the location the service will be hosted. This should just be a related path. This is because CXF can't know the war name and the servlet container's listening port, CXF will update the endpoint address with the request url at the runtime.</li></ul>
@@ -204,8 +157,7 @@ public class HelloWorldImpl implements H
<p>An example:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<pre class="brush: java; gutter: false; theme: Default" style="font-size:12px;">
+<parameter ac:name="">java</parameter><plain-text-body>
<web-app ...>
...
<context-param>
@@ -219,16 +171,14 @@ public class HelloWorldImpl implements H
</listener-class>
</listener>
</web-app>
-</pre>
-</div></div>
+</plain-text-body>
<p>It is important to note that the address that you chose for your endpoint bean must be one your servlet listens on. For instance, if my Servlet was register for "/some-services/*" but my address was "/more-services/HelloWorld", there is no way CXF could receive a request. </p>
<h1 id="WritingaservicewithSpring-CreateaClient(EasyWay)">Create a Client (Easy Way)</h1>
<p>Just like the <code><jaxws:endpoint></code> used on the server side, there is a <code><jaxws:client></code> that can be used on the client side. You'll give it a bean name, the service interface, and the service URL, and it will create a bean with the specified name, implementing the service interface, and invoking the remote SOAP service under the covers:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<pre class="brush: xml; gutter: false; theme: Default" style="font-size:12px;">
+<parameter ac:name="">xml</parameter><plain-text-body>
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:jaxws="http://cxf.apache.org/jaxws"
@@ -240,17 +190,14 @@ http://cxf.apache.org/jaxws http://cxf.a
<jaxws:client id="helloClient"
serviceClass="demo.spring.HelloWorld"
address="http://localhost:9002/HelloWorld" />
-</beans></pre>
-</div></div>
+</beans></plain-text-body>
<p>You can now inject that "helloClient" bean into any other Spring bean, or look it up from the Spring application context manually with code like this:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<pre class="brush: java; gutter: false; theme: Default" style="font-size:12px;">
+<parameter ac:name="">java</parameter><plain-text-body>
ApplicationContext context = ...; // your Spring ApplicationContext
HelloWorld client = (HelloWorld) context.getBean("helloClient");
-</pre>
-</div></div>
+</plain-text-body>
<p>You can also do more sophisticated things with the <code><jaxws:client></code> element like add nested tags to attach JAX-WS Handlers or CXF Interceptors to the client. For more on this see <a shape="rect" href="jax-ws-configuration.html">JAX-WS Configuration</a>.</p>
@@ -258,31 +205,19 @@ HelloWorld client = (HelloWorld) context
<p>CXF includes a JaxWsProxyFactory bean which create a client for you from your service interface. You simply need to tell it what your service class is (the HelloWorld interface in this case) and the URL of your service. You can then create a client bean via the JaxWsProxyFactory bean by calling it's create() method.</p>
<p>Here's an example:</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="brush: xml; gutter: false; theme: Default" type="syntaxhighlighter"><![CDATA[
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schema/jaxws.xsd">
- <bean id="client" class="demo.spring.service.HelloWorld" factory-bean="clientFactory" factory-method="create"/>
- <bean id="clientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
- <property name="serviceClass" value="demo.spring.service.HelloWorld"/>
- <property name="address" value="http://localhost:9002/services/HelloWorld"/>
- </bean>
-</beans>
-]]></script>
-</div></div>
+<plain-text-body>{snippet:id=beans|lang=xml|url=cxf/trunk/distribution/src/main/release/samples/java_first_spring_support/src/main/resources/client-beans.xml}</plain-text-body>
<p>If you were going to access your client you could now simply pull it out of the Spring context (or better yet, inject it into your application using Spring!):</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<pre class="brush: java; gutter: false; theme: Default" style="font-size:12px;">
+<parameter ac:name="">java</parameter><plain-text-body>
ApplicationContext context = ...; // your Spring ApplicationContext
HelloWorld client = (HelloWorld) context.getBean("client");
-</pre>
-</div></div>
+</plain-text-body>
<p>client code at
<a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/java_first_spring_support/src/main/java/demo/spring/client/Client.java">http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/java_first_spring_support/src/main/java/demo/spring/client/Client.java</a></p>
-<div class="confluence-information-macro confluence-information-macro-note"><span class="aui-icon aui-icon-small aui-iconfont-warning confluence-information-macro-icon"></span><div class="confluence-information-macro-body">
-<p>Some usage scenarios will require more extensive configuration (and this is not the case with the <code><jaxws:client></code> syntax described above). For more information, see <a shape="rect" href="jax-ws-configuration.html">JAX-WS Configuration</a>.</p></div></div>
+<rich-text-body>
+<p>Some usage scenarios will require more extensive configuration (and this is not the case with the <code><jaxws:client></code> syntax described above). For more information, see <a shape="rect" href="jax-ws-configuration.html">JAX-WS Configuration</a>.</p></rich-text-body>
<h1 id="WritingaservicewithSpring-AdvancedSteps">Advanced Steps</h1>
<p>For more information on using Spring you may want to read the <a shape="rect" href="configuration.html">Configuration</a> and <a shape="rect" href="spring.html">Spring</a> sections of the User's Guide.</p></div>
Modified: websites/production/cxf/content/fediz-downloads.html
==============================================================================
--- websites/production/cxf/content/fediz-downloads.html (original)
+++ websites/production/cxf/content/fediz-downloads.html Tue Aug 29 11:11:59 2017
@@ -108,7 +108,7 @@ Apache CXF -- Fediz Downloads
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1 id="FedizDownloads-Releases">Releases</h1><h2 id="FedizDownloads-1.4.0">1.4.0</h2><p>The 1.4.0 release is our latest release. For more information please see the <a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/FEDIZ/fixforversion/12338680">release notes</a>.</p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>PGP</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>Source distribution</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua?path=/cxf/fediz/1.4.0/fediz-1.4.0-source-release.zi
p">fediz-1.4.0-source-release.zip</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.4.0/fediz-1.4.0-source-release.zip.md5">fediz-1.4.0-source-release.zip.md5</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.4.0/fediz-1.4.0-source-release.zip.sha1">fediz-1.4.0-source-release.zip.sha1</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.4.0/fediz-1.4.0-source-release.zip.asc">fediz-1.4.0-source-release.zip.asc</a></p></td></tr></tbody></table></div><h2 id="FedizDownloads-1.3.2">1.3.2</h2><p>The 1.3.2 release is our latest release of the 1.3.x branch. For more information please see the <a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/FEDIZ/fixforversion/12338091">r
elease notes</a>.</p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>PGP</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>Source distribution</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua?path=/cxf/fediz/1.3.2/fediz-1.3.2-source-release.zip">fediz-1.3.2-source-release.zip</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.3.2/fediz-1.3.2-source-release.zip.md5">fediz-1.3.2-source-release.zip.md5</a></p></td><td colspan="1" rowspan="1" class="con
fluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.3.2/fediz-1.3.2-source-release.zip.sha1">fediz-1.3.2-source-release.zip.sha1</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.3.2/fediz-1.3.2-source-release.zip.asc">fediz-1.3.2-source-release.zip.asc</a></p></td></tr></tbody></table></div><h2 id="FedizDownloads-1.2.4">1.2.4</h2><p>The 1.2.4 release is our latest release of the 1.2.x branch. For more information please see the <a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/FEDIZ/fixforversion/12338219">release notes</a>.</p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>MD5</p></th><th colspan="1" row
span="1" class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>PGP</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>Binary distribution</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua?path=/cxf/fediz/1.2.4/apache-fediz-1.2.4.zip">apache-fediz-1.2.4.zip</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.2.4/apache-fediz-1.2.4.zip.md5">apache-fediz-1.2.4.zip.md5</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.2.4/apache-fediz-1.2.4.zip.sha1">apache-fediz-1.2.4.zip.sha1</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.2.4/apache-fediz-1.2.4.zip.asc">
apache-fediz-1.2.4.zip.asc</a></p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>Source distribution</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua?path=/cxf/fediz/1.2.4/fediz-1.2.4-source-release.zip">fediz-1.2.4-source-release.zip</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.2.4/fediz-1.2.4-source-release.zip.md5">fediz-1.2.4-source-release.zip.md5</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.2.4/fediz-1.2.4-source-release.zip.sha1">fediz-1.2.4-source-release.zip.sha1</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.2.4/fediz-1.2.4-source-release.zip.asc">fediz-1.2.4-sou
rce-release.zip.asc</a></p></td></tr></tbody></table></div><h2 id="FedizDownloads-VerifyingReleases">Verifying Releases</h2><p>When downloading from a mirror please check the SHA1/MD5 checksums as well as verifying the OpenPGP compatible signature available from the main Apache site. The <a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/KEYS">KEYS</a> file contains the public keys used for signing the release. It is recommended that a web of trust is used to confirm the identity of these keys.</p><p>You can check the OpenPGP signature with GnuPG via:</p><p> </p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<div id="ConfluenceContent"><h1 id="FedizDownloads-Releases">Releases</h1><h2 id="FedizDownloads-1.4.1">1.4.1</h2><p>The 1.4.1 release is our latest release. For more information please see the <a shape="rect" class="external-link" href="https://issues.apache.org/jira/projects/FEDIZ/versions/12340452">release notes</a>.</p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>PGP</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>Source distribution</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua?path=/cxf/fediz/1.4.1/fediz-1.4.1-source-release.zip">
fediz-1.4.1-source-release.zip</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.4.1/fediz-1.4.1-source-release.zip.md5">fediz-1.4.1-source-release.zip.md5</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.4.1/fediz-1.4.1-source-release.zip.sha1">fediz-1.4.1-source-release.zip.sha1</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.4.1/fediz-1.4.1-source-release.zip.asc">fediz-1.4.1-source-release.zip.asc</a></p></td></tr></tbody></table></div><h2 id="FedizDownloads-1.3.2">1.3.2</h2><p>The 1.3.2 release is our latest release of the 1.3.x branch. For more information please see the <a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/FEDIZ/fixforversion/12338091">rele
ase notes</a>.</p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>File</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>MD5</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>SHA1</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>PGP</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p>Source distribution</p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua?path=/cxf/fediz/1.3.2/fediz-1.3.2-source-release.zip">fediz-1.3.2-source-release.zip</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.3.2/fediz-1.3.2-source-release.zip.md5">fediz-1.3.2-source-release.zip.md5</a></p></td><td colspan="1" rowspan="1" class="conflu
enceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.3.2/fediz-1.3.2-source-release.zip.sha1">fediz-1.3.2-source-release.zip.sha1</a></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p><a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/fediz/1.3.2/fediz-1.3.2-source-release.zip.asc">fediz-1.3.2-source-release.zip.asc</a></p></td></tr></tbody></table></div><h2 id="FedizDownloads-VerifyingReleases">Verifying Releases</h2><p>When downloading from a mirror please check the SHA1/MD5 checksums as well as verifying the OpenPGP compatible signature available from the main Apache site. The <a shape="rect" class="external-link" href="https://www.apache.org/dist/cxf/KEYS">KEYS</a> file contains the public keys used for signing the release. It is recommended that a web of trust is used to confirm the identity of these keys.</p><p>You can check the OpenPGP signature with GnuPG via:</p><p> </p><div class="code panel
pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="brush: java; gutter: false; theme: Default" style="font-size:12px;">gpg --import KEYS
gpg --verify apache-fediz-*.zip.asc
</pre>
Modified: websites/production/cxf/content/fediz.html
==============================================================================
--- websites/production/cxf/content/fediz.html (original)
+++ websites/production/cxf/content/fediz.html Tue Aug 29 11:11:59 2017
@@ -99,7 +99,7 @@ Apache CXF -- Fediz
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1 id="Fediz-ApacheCXFFediz:AnOpen-SourceWebSecurityFramework">Apache CXF Fediz: An Open-Source Web Security Framework</h1><h2 id="Fediz-Overview">Overview</h2><p>Apache CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications and delegates security enforcement to the underlying application server. With Fediz, authentication is externalized from your web application to an identity provider installed as a dedicated server component. The supported standard is <a shape="rect" class="external-link" href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175002" rel="nofollow">WS-Federation Passive Requestor Profile</a>. Fediz supports <a shape="rect" class="external-link" href="http://en.wikipedia.org/wiki/Claims-based_identity" rel="nofollow">Claims Based Access Control</a> beyond Role Based Access Control (RBAC).</p><h2 id="Fediz-News">News</h2><p><strong><strong>May 16, 2017 - Two new securi
ty advisories for Apache CXF Fediz are released</strong></strong></p><p>Two new security advisories have been released for issues that are fixed in the latest releases (1.4.0, 1.3.2 and 1.2.4):</p><ul><li><a shape="rect" href="http://cxf.apache.org/security-advisories.data/CVE-2017-7661.txt.asc?version=1&modificationDate=1494949364764&api=v2">CVE-2017-7661</a>: The Apache CXF Fediz Jetty and Spring plugins are vulnerable to CSRF attacks.</li><li><a shape="rect" href="http://cxf.apache.org/security-advisories.data/CVE-2017-7662.txt.asc?version=1&modificationDate=1494949377300&api=v2">CVE-2017-7662</a>: The Apache CXF Fediz OIDC Client Registration Service is vulnerable to CSRF attacks.</li></ul><p>Please upgrade to the latest releases as soon as possible.</p><p><strong><strong>April 28, 2017 - Apache CXF Fediz 1.4.0, 1.3.2 and 1.2.4 released<br clear="none"></strong></strong></p><p>Apache CXF Fediz 1.4.0, 1.3.2 and 1.2.4 have been released.</p><p>For more information
and to download the new releases, please go <a shape="rect" href="fediz-downloads.html">here</a>.</p><h2 id="Fediz-Features">Features</h2><p>The following features are supported by Fediz 1.2</p><ul><li>WS-Federation 1.0/1.1/1.2</li><li>SAML 1.1/2.0 Tokens</li><li>Support for encrypted SAML Tokens (Release 1.1)</li><li>Support for Holder-Of-Key SubjectConfirmationMethod (1.1)</li><li>Custom token Support</li><li>Publish WS-Federation Metadata document</li><li>Role information encoded as AttributeStatement in SAML 1.1/2.0 tokens</li><li>Claims information provided by FederationPrincipal Interface</li><li>Support for Tomcat, Jetty, Websphere, Spring Security and CXF (1.1)</li><li>Fediz IDP supports "Resource IDP" role as well (1.1)</li><li>A new REST API for the IdP (1.2)</li><li>Support for logout in both the RP and IdP (1.2)</li><li>Support for logging on to the IdP via Kerberos and TLS client authentication (1.2)</li><li>A new container-independent CXF plugin for WS-Federation (1.2)
</li><li>Support to use the IdP as an identity broker with a remote SAML SSO IdP (1.2)</li></ul><p>The following features are planned for the next release:</p><ul><li>support for other protocols like OAuth</li></ul><p>You can get the current status of the enhancements <a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/FEDIZ">here </a>.</p><h2 id="Fediz-Architecture">Architecture</h2><p>The Fediz architecture is described in more detail <a shape="rect" href="fediz-architecture.html">here</a>.</p><h2 id="Fediz-Download">Download</h2><p>See <a shape="rect" href="fediz-downloads.html">here</a>.</p><h2 id="Fediz-Gettingstarted">Getting started</h2><p>The WS-Federation specification defines the following parties involved during a web login:</p><ul><li>Browser</li><li>Identity Provider (IDP)<br clear="none"> The IDP is a centralized, application independent runtime component which implements the protocol defined by WS-Federation. You can use any open source o
r commercial product that supports WS-Federation 1.1/1.2 as your IDP. It's recommended to use the Fediz IDP for testing as it allows for testing your web application in a sandbox without having all infrastructure components available. The Fediz IDP consists of two WAR components. The Security Token Service (STS) does most of the work including user authentication, claims/role data retrieval and creating the SAML token. The IDP WAR translates the response to an HTML response allowing a browser to process it.</li><li>Relying Party (RP)<br clear="none"> The RP is a web application that needs to be protected. The RP must be able to implement the protocol as defined by WS-Federation. This component is called "Fediz Plugin" in this project which consists of container agnostic module/jar and a container specific jar. When an authenticated request is detected by the plugin it redirects to the IDP for authentication. The browser sends the response from the IDP to the RP after successful auth
entication. The RP validates the response and creates the container security context.</li></ul><p>It's recommended to deploy the IDP and the web application (RP) into different container instances as in a production deployment. The container with the IDP can be used during development and testing for multiple web applications needing security.</p><h3 id="Fediz-SettinguptheIDP">Setting up the IDP</h3><p>The installation and configuration of the IDP is documented <a shape="rect" href="fediz-idp-11.html">here</a></p><h3 id="Fediz-SetuptheRelyingPartyContainer">Set up the Relying Party Container</h3><p>The Fediz plugin needs to be deployed into the Relying Party (RP) container. The security mechanism is not specified by JEE. Even though it is very similar in each servlet container there are some differences which require a dedicated Fediz plugin for each servlet container implementation. Most of the configuration goes into a Servlet container independent configuration file which is desc
ribed <a shape="rect" href="fediz-configuration.html">here</a></p><p>The following lists shows the supported containers and the location of the installation and configuration page.</p><ul><li><a shape="rect" href="fediz-tomcat.html">Tomcat 7 </a></li><li><a shape="rect" href="fediz-jetty.html">Jetty 7/8 (1.1)</a></li><li><a shape="rect" href="fediz-spring.html">Spring Security 3.1 (1.1)</a></li><li><a shape="rect" href="fediz-websphere.html">Websphere 7/8 (1.1)</a></li><li><a shape="rect" href="fediz-cxf.html">CXF (1.1) </a></li></ul><h2 id="Fediz-Samples">Samples</h2><p>The examples directory contains two sample relying party applications. They are independent of each other, so it is not necessary to deploy both at once.</p><p>Each sample is described in a <code>README.txt</code> file located in the base directory of each sample.</p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Sample</p></th><th colspan="1" ro
wspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>simpleWebapp</strong></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>a simple web application which is protected by the Fediz IDP. The FederationServlet illustrates how to get security information using the standard APIs.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>wsclientWebapp</strong></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>a protected web application that calls a web service that uses the Fediz STS to validate credentials. Here, the same STS is used for token issuance (indirectly, by the web application through use of the Fediz IDP) and validation. The FederationServlet illustrates how to securely call a web service.</p></td></tr></tbody></table></div><p><span class="confluence-anchor-link" id="Fediz-building"></span></p><h2 id="Fediz-Building">Building</h2><p>Check out the code from here:</p
><ul><li>git clone -v <a shape="rect" class="external-link" href="https://git-wip-us.apache.org/repos/asf/cxf-fediz.git">https://git-wip-us.apache.org/repos/asf/cxf-fediz.git</a></li></ul><p>Then follow the <a shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/fediz/trunk/BUILDING.txt?view=markup">BUILDING.txt</a> file in the Fediz download for full build instructions.</p><h5 id="Fediz-SettingupEclipse:">Setting up Eclipse:</h5><p>See <a shape="rect" href="http://cxf.apache.org/setting-up-eclipse.html">this page</a> for information on using the Eclipse IDE with the Fediz source code. This page is created for CXF but the same commands are applicable for Fediz too.</p></div>
+<div id="ConfluenceContent"><h1 id="Fediz-ApacheCXFFediz:AnOpen-SourceWebSecurityFramework">Apache CXF Fediz: An Open-Source Web Security Framework</h1><h2 id="Fediz-Overview">Overview</h2><p>Apache CXF Fediz is a subproject of CXF. Fediz helps you to secure your web applications and delegates security enforcement to the underlying application server. With Fediz, authentication is externalized from your web application to an identity provider installed as a dedicated server component. The supported standard is <a shape="rect" class="external-link" href="http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175002" rel="nofollow">WS-Federation Passive Requestor Profile</a>. Fediz supports <a shape="rect" class="external-link" href="http://en.wikipedia.org/wiki/Claims-based_identity" rel="nofollow">Claims Based Access Control</a> beyond Role Based Access Control (RBAC).</p><h2 id="Fediz-News">News</h2><p><strong><strong>August 18, 2017 - <strong><st
rong>Apache CXF Fediz 1.4.</strong></strong>1 released</strong></strong></p><p>Apache CXF Fediz 1.4.1 has been released.</p><p>For more information and to download the new release, please go <a shape="rect" href="fediz-downloads.html">here</a>.</p><p><strong><strong>May 16, 2017 - Two new security advisories for Apache CXF Fediz are released</strong></strong></p><p>Two new security advisories have been released for issues that are fixed in the latest releases (1.4.0, 1.3.2 and 1.2.4):</p><ul><li><a shape="rect" href="http://cxf.apache.org/security-advisories.data/CVE-2017-7661.txt.asc?version=1&modificationDate=1494949364764&api=v2">CVE-2017-7661</a>: The Apache CXF Fediz Jetty and Spring plugins are vulnerable to CSRF attacks.</li><li><a shape="rect" href="http://cxf.apache.org/security-advisories.data/CVE-2017-7662.txt.asc?version=1&modificationDate=1494949377300&api=v2">CVE-2017-7662</a>: The Apache CXF Fediz OIDC Client Registration Service is vulnerable to CSRF
attacks.</li></ul><p>Please upgrade to the latest releases as soon as possible.</p><p><strong><strong>April 28, 2017 - Apache CXF Fediz 1.4.0, 1.3.2 and 1.2.4 released<br clear="none"></strong></strong></p><p>Apache CXF Fediz 1.4.0, 1.3.2 and 1.2.4 have been released.</p><p>For more information and to download the new releases, please go <a shape="rect" href="fediz-downloads.html">here</a>.</p><h2 id="Fediz-Features">Features</h2><p>The following features are supported by Fediz 1.2</p><ul><li>WS-Federation 1.0/1.1/1.2</li><li>SAML 1.1/2.0 Tokens</li><li>Support for encrypted SAML Tokens (Release 1.1)</li><li>Support for Holder-Of-Key SubjectConfirmationMethod (1.1)</li><li>Custom token Support</li><li>Publish WS-Federation Metadata document</li><li>Role information encoded as AttributeStatement in SAML 1.1/2.0 tokens</li><li>Claims information provided by FederationPrincipal Interface</li><li>Support for Tomcat, Jetty, Websphere, Spring Security and CXF (1.1)</li><li>Fediz IDP suppo
rts "Resource IDP" role as well (1.1)</li><li>A new REST API for the IdP (1.2)</li><li>Support for logout in both the RP and IdP (1.2)</li><li>Support for logging on to the IdP via Kerberos and TLS client authentication (1.2)</li><li>A new container-independent CXF plugin for WS-Federation (1.2)</li><li>Support to use the IdP as an identity broker with a remote SAML SSO IdP (1.2)</li></ul><p>The following features are planned for the next release:</p><ul><li>support for other protocols like OAuth</li></ul><p>You can get the current status of the enhancements <a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/FEDIZ">here </a>.</p><h2 id="Fediz-Architecture">Architecture</h2><p>The Fediz architecture is described in more detail <a shape="rect" href="fediz-architecture.html">here</a>.</p><h2 id="Fediz-Download">Download</h2><p>See <a shape="rect" href="fediz-downloads.html">here</a>.</p><h2 id="Fediz-Gettingstarted">Getting started</h2><p>The WS-Federatio
n specification defines the following parties involved during a web login:</p><ul><li>Browser</li><li>Identity Provider (IDP)<br clear="none"> The IDP is a centralized, application independent runtime component which implements the protocol defined by WS-Federation. You can use any open source or commercial product that supports WS-Federation 1.1/1.2 as your IDP. It's recommended to use the Fediz IDP for testing as it allows for testing your web application in a sandbox without having all infrastructure components available. The Fediz IDP consists of two WAR components. The Security Token Service (STS) does most of the work including user authentication, claims/role data retrieval and creating the SAML token. The IDP WAR translates the response to an HTML response allowing a browser to process it.</li><li>Relying Party (RP)<br clear="none"> The RP is a web application that needs to be protected. The RP must be able to implement the protocol as defined by WS-Federation. This componen
t is called "Fediz Plugin" in this project which consists of container agnostic module/jar and a container specific jar. When an authenticated request is detected by the plugin it redirects to the IDP for authentication. The browser sends the response from the IDP to the RP after successful authentication. The RP validates the response and creates the container security context.</li></ul><p>It's recommended to deploy the IDP and the web application (RP) into different container instances as in a production deployment. The container with the IDP can be used during development and testing for multiple web applications needing security.</p><h3 id="Fediz-SettinguptheIDP">Setting up the IDP</h3><p>The installation and configuration of the IDP is documented <a shape="rect" href="fediz-idp-11.html">here</a></p><h3 id="Fediz-SetuptheRelyingPartyContainer">Set up the Relying Party Container</h3><p>The Fediz plugin needs to be deployed into the Relying Party (RP) container. The security mecha
nism is not specified by JEE. Even though it is very similar in each servlet container there are some differences which require a dedicated Fediz plugin for each servlet container implementation. Most of the configuration goes into a Servlet container independent configuration file which is described <a shape="rect" href="fediz-configuration.html">here</a></p><p>The following lists shows the supported containers and the location of the installation and configuration page.</p><ul><li><a shape="rect" href="fediz-tomcat.html">Tomcat 7 </a></li><li><a shape="rect" href="fediz-jetty.html">Jetty 7/8 (1.1)</a></li><li><a shape="rect" href="fediz-spring.html">Spring Security 3.1 (1.1)</a></li><li><a shape="rect" href="fediz-websphere.html">Websphere 7/8 (1.1)</a></li><li><a shape="rect" href="fediz-cxf.html">CXF (1.1) </a></li></ul><h2 id="Fediz-Samples">Samples</h2><p>The examples directory contains two sample relying party applications. They are independent of each other, so it is not nec
essary to deploy both at once.</p><p>Each sample is described in a <code>README.txt</code> file located in the base directory of each sample.</p><div class="table-wrap"><table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"><p>Sample</p></th><th colspan="1" rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>simpleWebapp</strong></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>a simple web application which is protected by the Fediz IDP. The FederationServlet illustrates how to get security information using the standard APIs.</p></td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"><p><strong>wsclientWebapp</strong></p></td><td colspan="1" rowspan="1" class="confluenceTd"><p>a protected web application that calls a web service that uses the Fediz STS to validate credentials. Here, the same STS is used for token issuance (indirectly, by the web applicatio
n through use of the Fediz IDP) and validation. The FederationServlet illustrates how to securely call a web service.</p></td></tr></tbody></table></div><p><span class="confluence-anchor-link" id="Fediz-building"></span></p><h2 id="Fediz-Building">Building</h2><p>Check out the code from here:</p><ul><li>git clone -v <a shape="rect" class="external-link" href="https://git-wip-us.apache.org/repos/asf/cxf-fediz.git">https://git-wip-us.apache.org/repos/asf/cxf-fediz.git</a></li></ul><p>Then follow the <a shape="rect" class="external-link" href="http://svn.apache.org/viewvc/cxf/fediz/trunk/BUILDING.txt?view=markup">BUILDING.txt</a> file in the Fediz download for full build instructions.</p><h5 id="Fediz-SettingupEclipse:">Setting up Eclipse:</h5><p>See <a shape="rect" href="http://cxf.apache.org/setting-up-eclipse.html">this page</a> for information on using the Eclipse IDE with the Fediz source code. This page is created for CXF but the same commands are applicable for Fediz too.</p></d
iv>
</div>
<!-- Content -->
</td>
Modified: websites/production/cxf/content/index.html
==============================================================================
--- websites/production/cxf/content/index.html (original)
+++ websites/production/cxf/content/index.html Tue Aug 29 11:11:59 2017
@@ -99,7 +99,7 @@ Apache CXF -- Index
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1 id="Index-ApacheCXF™:AnOpen-SourceServicesFramework">Apache CXF™: An Open-Source Services Framework</h1><h2 id="Index-Overview">Overview</h2><p>Apache CXF™ is an open source services framework. CXF helps you build and develop services using frontend programming APIs, like JAX-WS and JAX-RS. These services can speak a variety of protocols such as SOAP, XML/HTTP, RESTful HTTP, or CORBA and work over a variety of transports such as HTTP, JMS or JBI.</p><h2 id="Index-News">News</h2><p> </p><h3 id="Index-June29,2017-ApacheCXF3.1.12/3.0.14released!">June 29, 2017 - Apache CXF 3.1.12/3.0.14 released!</h3><p>The Apache CXF team is proud to announce the availability of the latest patch releases. Over 55 JIRA issues were fixed for 3.1.12 which many of those fixes back ported to 3.0.14.</p><p>This is mostly a patch release to fix problems and issues that users have encountered.   Downloads are available <a shape="rect" href=
"download.html">here</a>.</p><h3 id="Index-April10,2017-ApacheCXF3.1.11/3.0.13released!">April 10, 2017 - Apache CXF 3.1.11/3.0.13 released!</h3><p>The Apache CXF team is proud to announce the availability of the latest patch releases. Over 100 JIRA issues were fixed for 3.1.11 which many of those fixes back ported to 3.0.13.</p><p>This is mostly a patch release to fix problems and issues that users have encountered.   Downloads are available <a shape="rect" href="download.html">here</a>.</p><h3 id="Index-Features">Features</h3><p>CXF includes a broad feature set, but it is primarily focused on the following areas:</p><ul><li><strong>Web Services Standards Support:</strong> CXF supports a variety of web service standards including SOAP, the WS-I Basic Profile, WSDL, WS-Addressing, WS-Policy, WS-ReliableMessaging, WS-Security, WS-SecurityPolicy, WS-SecureConverstation, and WS-Trust (partial).</li><li><strong>Frontends:</strong> CXF supports a variety of "frontend" prog
ramming models.</li></ul><p>CXF implements the JAX-WS APIs. CXF JAX-WS support includes some extensions to the standard that make it significantly easier to use, compared to the reference implementation: It will automatically generate code for request and response bean classes, and does not require a WSDL for simple cases.</p><p>It also includes a "simple frontend" which allows creation of clients and endpoints without annotations. CXF supports both contract first development with WSDL and code first development starting from Java.</p><p>For REST, CXF also supports a JAX-RS frontend.</p><ul><li><strong>Ease of use:</strong> CXF is designed to be intuitive and easy to use. There are simple APIs to quickly build code-first services, Maven plug-ins to make tooling integration easy, JAX-WS API support, Spring 2.x XML support to make configuration a snap, and much more.</li><li><strong>Binary and Legacy Protocol Support:</strong> CXF has been designed to provide a pluggable architecture
that supports not only XML but also non-XML type bindings, such as JSON and CORBA, in combination with any type of transport.</li></ul><p>To get started using CXF, check out the <a shape="rect" href="download.html">downloads</a>, the <a shape="rect" href="http://cxf.apache.org/docs/index.html">user's guide</a>, or the <a shape="rect" href="mailing-lists.html">mailing lists</a> to get more information!</p><h2 id="Index-Goals">Goals</h2><h3 id="Index-General">General</h3><ul><li>High Performance</li><li>Extensible</li><li>Intuitive & Easy to Use</li></ul><h3 id="Index-SupportforStandards">Support for Standards</h3><h5 id="Index-JSRSupport">JSR Support</h5><ul><li>JAX-WS - Java API for XML-Based Web Services (JAX-WS) 2.0 - <a shape="rect" class="external-link" href="http://jcp.org/en/jsr/detail?id=224" rel="nofollow">JSR-224</a></li><li>Web Services Metadata for the Java Platform - <a shape="rect" class="external-link" href="http://jcp.org/en/jsr/detail?id=181" rel="nofollow">JSR-1
81</a></li><li>JAX-RS - The Java API for RESTful Web Services - <a shape="rect" class="external-link" href="http://jcp.org/en/jsr/detail?id=311" rel="nofollow">JSR-311</a></li><li>SAAJ - SOAP with Attachments API for Java (SAAJ) - <a shape="rect" class="external-link" href="http://jcp.org/aboutJava/communityprocess/mrel/jsr067/index3.html" rel="nofollow">JSR-67</a></li></ul><h5 id="Index-WS-*andrelatedSpecificationsSupport">WS-* and related Specifications Support</h5><ul><li>Basic support: WS-I Basic Profile 1.1</li><li>Quality of Service: WS-Reliable Messaging</li><li>Metadata: WS-Policy, WSDL 1.1 - Web Service Definition Language</li><li>Communication Security: WS-Security, WS-SecurityPolicy, WS-SecureConversation, WS-Trust (partial support)</li><li>Messaging Support: WS-Addressing, SOAP 1.1, SOAP 1.2, Message Transmission Optimization Mechanism (MTOM)</li></ul><h3 id="Index-MultipleTransports,ProtocolBindings,DataBindings,andFormats">Multiple Transports, Protocol Bindings, Data B
indings, and Formats</h3><ul><li>Transports: HTTP, Servlet, JMS, In-VM and many others via the <a shape="rect" class="external-link" href="http://camel.apache.org/camel-transport-for-cxf.html">Camel transport for CXF</a> such as SMTP/POP3, TCP and Jabber</li><li>Protocol Bindings: SOAP, REST/HTTP, pure XML</li><li>Data bindings: JAXB 2.x, Aegis, Apache XMLBeans, Service Data Objects (SDO), JiBX</li><li>Formats: XML Textual, JSON, FastInfoset</li><li>Extensibility API allows additional bindings for CXF, enabling additional message format support such as CORBA/IIOP</li></ul><h3 id="Index-FlexibleDeployment">Flexible Deployment</h3><ul><li>Lightweight containers: deploy services in Jetty, Tomcat or Spring-based containers</li><li>JBI integration: deploy as a service engine in a JBI container such as ServiceMix, OpenESB or Petals</li><li>Java EE integration: deploy services in Java EE application servers such as Apache Geronimo, JOnAS, Redhat JBoss, OC4J, Oracle WebLogic, and IBM WebSph
ere</li><li>Standalone Java client/server</li></ul><h3 id="Index-SupportforMultipleProgrammingLanguages">Support for Multiple Programming Languages</h3><ul><li>Full support for JAX-WS 2.x client/server programming model</li><li>JAX-WS 2.x synchronous, asynchronous and one-way API's</li><li>JAX-WS 2.x Dynamic Invocation Interface (DII) API</li><li>JAX-RS for RESTful clients</li><li>Support for wrapped and non-wrapped styles</li><li>XML messaging API</li><li>Support for JavaScript and ECMAScript 4 XML (E4X) - both client and server</li><li>Support for CORBA</li><li>Support for JBI with ServiceMix</li></ul><h3 id="Index-Tooling">Tooling</h3><ul><li>Generating Code: WSDL to Java, WSDL to JavaScript, Java to JavaScript</li><li>Generating WSDL: Java to WSDL, XSD to WSDL, IDL to WSDL, WSDL to XML</li><li>Adding Endpoints: WSDL to SOAP, WSDL to CORBA, WSDL to service</li><li>Generating Support Files: WSDL to IDL</li><li>Validating Files: WSDL Validation</li></ul><h2 id="Index-GettingInvolve
d">Getting Involved</h2><p>Apache CXF is currently under heavy development. To get involved you can <a shape="rect" href="mailing-lists.html">subscribe to the mailing lists</a>. You can also grab the code from the <a shape="rect" href="source-repository.html">Source Repository</a>. You also need to read about <a shape="rect" href="building.html">Building</a> CXF. For Eclipse users, you should read about <a shape="rect" href="setting-up-eclipse.html">Setting up Eclipse</a>.</p></div>
+<div id="ConfluenceContent"><h1 id="Index-ApacheCXF™:AnOpen-SourceServicesFramework">Apache CXF™: An Open-Source Services Framework</h1><h2 id="Index-Overview">Overview</h2><p>Apache CXF™ is an open source services framework. CXF helps you build and develop services using frontend programming APIs, like JAX-WS and JAX-RS. These services can speak a variety of protocols such as SOAP, XML/HTTP, RESTful HTTP, or CORBA and work over a variety of transports such as HTTP, JMS or JBI.</p><h2 id="Index-News">News</h2><h3 id="Index-August3,2017-ApacheCXF2.6.17released!">August 3, 2017 - Apache CXF 2.6.17 released!</h3><div>Apache CXF 2.6.17 has been released. This is a once-off release to fix some security advisories that have been fixed in more recent versions of CXF. CXF users should try as much as possible to upgrade to a more recent and supported version of CXF.</div><p>The <a shape="rect" href="security-advisories.html">advisories</a> fixed in this release are as follo
ws:</p><p> - CVE-2014-3577 <br clear="none"> - CVE-2014-3623 <br clear="none"> - CVE-2015-5253 <br clear="none"> - CVE-2016-8739 <br clear="none"> - CVE-2016-6812 <br clear="none"> - CVE-2017-5656</p><h3 id="Index-June29,2017-ApacheCXF3.1.12/3.0.14released!">June 29, 2017 - Apache CXF 3.1.12/3.0.14 released!</h3><p>The Apache CXF team is proud to announce the availability of the latest patch releases. Over 55 JIRA issues were fixed for 3.1.12 which many of those fixes back ported to 3.0.14.</p><p>This is mostly a patch release to fix problems and issues that users have encountered.   Downloads are available <a shape="rect" href="download.html">here</a>.</p><h3 id="Index-April10,2017-ApacheCXF3.1.11/3.0.13released!">April 10, 2017 - Apache CXF 3.1.11/3.0.13 released!</h3><p>The Apache CXF team is proud to announce the availability of the latest patch releases. Over 100 JIRA issues were fixed for 3.1.11 which many of those fixes back ported
to 3.0.13.</p><p>This is mostly a patch release to fix problems and issues that users have encountered.   Downloads are available <a shape="rect" href="download.html">here</a>.</p><h3 id="Index-Features">Features</h3><p>CXF includes a broad feature set, but it is primarily focused on the following areas:</p><ul><li><strong>Web Services Standards Support:</strong> CXF supports a variety of web service standards including SOAP, the WS-I Basic Profile, WSDL, WS-Addressing, WS-Policy, WS-ReliableMessaging, WS-Security, WS-SecurityPolicy, WS-SecureConverstation, and WS-Trust (partial).</li><li><strong>Frontends:</strong> CXF supports a variety of "frontend" programming models.</li></ul><p>CXF implements the JAX-WS APIs. CXF JAX-WS support includes some extensions to the standard that make it significantly easier to use, compared to the reference implementation: It will automatically generate code for request and response bean classes, and does not require a WSDL for simpl
e cases.</p><p>It also includes a "simple frontend" which allows creation of clients and endpoints without annotations. CXF supports both contract first development with WSDL and code first development starting from Java.</p><p>For REST, CXF also supports a JAX-RS frontend.</p><ul><li><strong>Ease of use:</strong> CXF is designed to be intuitive and easy to use. There are simple APIs to quickly build code-first services, Maven plug-ins to make tooling integration easy, JAX-WS API support, Spring 2.x XML support to make configuration a snap, and much more.</li><li><strong>Binary and Legacy Protocol Support:</strong> CXF has been designed to provide a pluggable architecture that supports not only XML but also non-XML type bindings, such as JSON and CORBA, in combination with any type of transport.</li></ul><p>To get started using CXF, check out the <a shape="rect" href="download.html">downloads</a>, the <a shape="rect" href="http://cxf.apache.org/docs/index.html">user's guide</a>, or
the <a shape="rect" href="mailing-lists.html">mailing lists</a> to get more information!</p><h2 id="Index-Goals">Goals</h2><h3 id="Index-General">General</h3><ul><li>High Performance</li><li>Extensible</li><li>Intuitive & Easy to Use</li></ul><h3 id="Index-SupportforStandards">Support for Standards</h3><h5 id="Index-JSRSupport">JSR Support</h5><ul><li>JAX-WS - Java API for XML-Based Web Services (JAX-WS) 2.0 - <a shape="rect" class="external-link" href="http://jcp.org/en/jsr/detail?id=224" rel="nofollow">JSR-224</a></li><li>Web Services Metadata for the Java Platform - <a shape="rect" class="external-link" href="http://jcp.org/en/jsr/detail?id=181" rel="nofollow">JSR-181</a></li><li>JAX-RS - The Java API for RESTful Web Services - <a shape="rect" class="external-link" href="http://jcp.org/en/jsr/detail?id=311" rel="nofollow">JSR-311</a></li><li>SAAJ - SOAP with Attachments API for Java (SAAJ) - <a shape="rect" class="external-link" href="http://jcp.org/aboutJava/communityprocess
/mrel/jsr067/index3.html" rel="nofollow">JSR-67</a></li></ul><h5 id="Index-WS-*andrelatedSpecificationsSupport">WS-* and related Specifications Support</h5><ul><li>Basic support: WS-I Basic Profile 1.1</li><li>Quality of Service: WS-Reliable Messaging</li><li>Metadata: WS-Policy, WSDL 1.1 - Web Service Definition Language</li><li>Communication Security: WS-Security, WS-SecurityPolicy, WS-SecureConversation, WS-Trust (partial support)</li><li>Messaging Support: WS-Addressing, SOAP 1.1, SOAP 1.2, Message Transmission Optimization Mechanism (MTOM)</li></ul><h3 id="Index-MultipleTransports,ProtocolBindings,DataBindings,andFormats">Multiple Transports, Protocol Bindings, Data Bindings, and Formats</h3><ul><li>Transports: HTTP, Servlet, JMS, In-VM and many others via the <a shape="rect" class="external-link" href="http://camel.apache.org/camel-transport-for-cxf.html">Camel transport for CXF</a> such as SMTP/POP3, TCP and Jabber</li><li>Protocol Bindings: SOAP, REST/HTTP, pure XML</li><li>
Data bindings: JAXB 2.x, Aegis, Apache XMLBeans, Service Data Objects (SDO), JiBX</li><li>Formats: XML Textual, JSON, FastInfoset</li><li>Extensibility API allows additional bindings for CXF, enabling additional message format support such as CORBA/IIOP</li></ul><h3 id="Index-FlexibleDeployment">Flexible Deployment</h3><ul><li>Lightweight containers: deploy services in Jetty, Tomcat or Spring-based containers</li><li>JBI integration: deploy as a service engine in a JBI container such as ServiceMix, OpenESB or Petals</li><li>Java EE integration: deploy services in Java EE application servers such as Apache Geronimo, JOnAS, Redhat JBoss, OC4J, Oracle WebLogic, and IBM WebSphere</li><li>Standalone Java client/server</li></ul><h3 id="Index-SupportforMultipleProgrammingLanguages">Support for Multiple Programming Languages</h3><ul><li>Full support for JAX-WS 2.x client/server programming model</li><li>JAX-WS 2.x synchronous, asynchronous and one-way API's</li><li>JAX-WS 2.x Dynamic Invoca
tion Interface (DII) API</li><li>JAX-RS for RESTful clients</li><li>Support for wrapped and non-wrapped styles</li><li>XML messaging API</li><li>Support for JavaScript and ECMAScript 4 XML (E4X) - both client and server</li><li>Support for CORBA</li><li>Support for JBI with ServiceMix</li></ul><h3 id="Index-Tooling">Tooling</h3><ul><li>Generating Code: WSDL to Java, WSDL to JavaScript, Java to JavaScript</li><li>Generating WSDL: Java to WSDL, XSD to WSDL, IDL to WSDL, WSDL to XML</li><li>Adding Endpoints: WSDL to SOAP, WSDL to CORBA, WSDL to service</li><li>Generating Support Files: WSDL to IDL</li><li>Validating Files: WSDL Validation</li></ul><h2 id="Index-GettingInvolved">Getting Involved</h2><p>Apache CXF is currently under heavy development. To get involved you can <a shape="rect" href="mailing-lists.html">subscribe to the mailing lists</a>. You can also grab the code from the <a shape="rect" href="source-repository.html">Source Repository</a>. You also need to read about <a sh
ape="rect" href="building.html">Building</a> CXF. For Eclipse users, you should read about <a shape="rect" href="setting-up-eclipse.html">Setting up Eclipse</a>.</p></div>
</div>
<!-- Content -->
</td>