You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2013/06/24 19:10:57 UTC
svn commit: r867253 [27/46] - in /websites/production/cxf/content: ./ 2008/04/28/ 2008/06/20/ 2009/02/10/ 2009/08/04/ cache/ docs/ docs/cxf-architecture.thumbs/ docs/cxf-dependency-graphs.thumbs/ docs/logbrowser-configuration.thumbs/ docs/logbrowser-so...

Modified: websites/production/cxf/content/docs/jax-rs-xml-security.html
==============================================================================
--- websites/production/cxf/content/docs/jax-rs-xml-security.html (original)
+++ websites/production/cxf/content/docs/jax-rs-xml-security.html Mon Jun 24 17:10:51 2013
@@ -25,6 +25,18 @@
 <meta http-equiv="Content-type" content="text/html;charset=UTF-8">
 <meta name="keywords" content="business integration, EAI, SOA, Service Oriented Architecture, web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support, integration standards, application integration, middleware, software, solutions, services, CXF, open source">
 <meta name="description" content="Apache CXF, Services Framework - JAX-RS XML Security">
+
+  <link href='http://cxf.apache.org/resources/highlighter/styles/shCore.css' rel='stylesheet' type='text/css' />
+  <link href='http://cxf.apache.org/resources/highlighter/styles/shThemeCXF.css' rel='stylesheet' type='text/css' />
+  <script src='http://cxf.apache.org/resources/highlighter/scripts/shCore.js' type='text/javascript'></script>
+  <script src='http://cxf.apache.org/resources/highlighter/scripts/shBrushJava.js' type='text/javascript'></script>
+  <script src='http://cxf.apache.org/resources/highlighter/scripts/shBrushXml.js' type='text/javascript'></script>
+  
+  <script type="text/javascript">
+  SyntaxHighlighter.defaults['toolbar'] = false;
+  SyntaxHighlighter.all();
+  </script>
+ 
     <title>
 Apache CXF -- JAX-RS XML Security
     </title>
@@ -42,19 +54,15 @@ Apache CXF -- JAX-RS XML Security
     <td id="cell-1-0">&nbsp;</td>
     <td id="cell-1-1">&nbsp;</td>
     <td id="cell-1-2">
-      <div style="padding: 5px;">
-        <div id="banner">
-          <!-- Banner -->
-<div id="banner-content">
+      <!-- Banner -->
+<div class="banner" id="banner"><p>
 <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="left" colspan="1" nowrap>
 <a shape="rect" href="http://cxf.apache.org/" title="Apache CXF"><span style="font-weight: bold; font-size: 170%; color: white">Apache CXF</span></a>
 </td><td align="right" colspan="1" nowrap>
 <a shape="rect" href="http://www.apache.org/" title="The Apache Sofware Foundation"><img border="0" alt="ASF Logo" src="http://cxf.apache.org/images/asf-logo.png"></a>
 </td></tr></table>
-</div>
-          <!-- Banner -->
-        </div>
-      </div>
+</p></div>
+      <!-- Banner -->
       <div id="top-menu">
         <table border="0" cellpadding="1" cellspacing="0" width="100%">
           <tr>
@@ -94,7 +102,7 @@ Apache CXF -- JAX-RS XML Security
 
 
 <hr>
-<ul class="alternate" type="square"><li>Search
+<ul class="alternate" type="square"><li>Search<br clear="none">
 
 <form enctype="application/x-www-form-urlencoded" method="get" id="cse-search-box" action="http://www.google.com/cse">
   <div>
@@ -135,13 +143,13 @@ This is a work in progress and the enhan
 <h1><a shape="rect" name="JAX-RSXMLSecurity-Mavendependencies"></a>Maven dependencies</h1>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag">&lt;dependency&gt;</span>
-  <span class="code-tag">&lt;groupId&gt;</span>org.apache.cxf<span class="code-tag">&lt;/groupId&gt;</span>
-  <span class="code-tag">&lt;artifactId&gt;</span>cxf-rt-rs-security-xml<span class="code-tag">&lt;/artifactId&gt;</span>
-  <span class="code-tag">&lt;version&gt;</span>2.5.2<span class="code-tag">&lt;/version&gt;</span>
-<span class="code-tag">&lt;/dependency&gt;</span>
-</pre>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;dependency&gt;
+  &lt;groupId&gt;org.apache.cxf&lt;/groupId&gt;
+  &lt;artifactId&gt;cxf-rt-rs-security-xml&lt;/artifactId&gt;
+  &lt;version&gt;2.5.2&lt;/version&gt;
+&lt;/dependency&gt;
+]]></script>
 </div></div>
 
 <h1><a shape="rect" name="JAX-RSXMLSecurity-XMLSignature"></a>XML Signature</h1>
@@ -156,41 +164,41 @@ This is a work in progress and the enhan
 <p>Payload:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag">&lt;Book ID=<span class="code-quote">"4bd59819-7b78-47a5-bb61-cc08348e9d48"</span>&gt;</span>
-   <span class="code-tag">&lt;id&gt;</span>126<span class="code-tag">&lt;/id&gt;</span>
-   <span class="code-tag">&lt;name&gt;</span>CXF<span class="code-tag">&lt;/name&gt;</span>
-
-   <span class="code-tag">&lt;ds:Signature <span class="code-keyword">xmlns:ds</span>=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#"</span>&gt;</span>
-      <span class="code-tag">&lt;ds:SignedInfo&gt;</span>
-         <span class="code-tag">&lt;ds:CanonicalizationMethod Algorithm=<span class="code-quote">"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"</span>/&gt;</span>
-         <span class="code-tag">&lt;ds:SignatureMethod Algorithm=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#rsa-sha1"</span>/&gt;</span>
-         <span class="code-tag">&lt;ds:Reference URI=<span class="code-quote">"#4bd59819-7b78-47a5-bb61-cc08348e9d48"</span>&gt;</span>
-           <span class="code-tag">&lt;ds:Transforms&gt;</span>
-             <span class="code-tag">&lt;ds:Transform Algorithm=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#enveloped-signature"</span>/&gt;</span>
-             <span class="code-tag">&lt;ds:Transform Algorithm=<span class="code-quote">"http://www.w3.org/2001/10/xml-exc-c14n#"</span>/&gt;</span>
-           <span class="code-tag">&lt;/ds:Transforms&gt;</span>
-           <span class="code-tag">&lt;ds:DigestMethod Algorithm=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#sha1"</span>/&gt;</span>
-           <span class="code-tag">&lt;ds:DigestValue&gt;</span>eFduzs6Cg1/Wd6jagUmr8vRYxHY=<span class="code-tag">&lt;/ds:DigestValue&gt;</span>
-         <span class="code-tag">&lt;/ds:Reference&gt;</span>
-      <span class="code-tag">&lt;/ds:SignedInfo&gt;</span>
-<span class="code-tag">&lt;ds:SignatureValue&gt;</span>DLD+wU85G+Q+H/SNoMr1I7tOCAZAjd3lYE84sBGU5tuMtzbwxKOIgg10g2F1SUbpujy1CZZ9BPkQNA+gA1CH4FE3uiBzp3DDSVv6o5l6Q76Ci0XI28ylO7O1OCY+q2nbP0WtERFWOn9f9nniVKbduz6YQHjv6cNLd8pf4+k2U3g=<span class="code-tag">&lt;/ds:SignatureValue&gt;</span>
-
-       <span class="code-tag">&lt;ds:KeyInfo&gt;</span>
-         <span class="code-tag">&lt;ds:X509Data&gt;</span><span class="code-tag">&lt;ds:X509Certificate&gt;</span>MIICGjCCAYOgAwIBAgIESVRgATANBgkqhkiG9w0BAQUFADAzMRMwEQYDVQQKEwphcGFjaGUub3JnMQwwCgYDVQQLEwNlbmcxDjAMBgNVBAMTBWN4ZmNhMB4XDTcwMDEwMTAwMDAwMFoXDTM4MDExOTAzMTQwN1owMzETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQ4wDAYDVQQDEwVhbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvu747/VShQ85f16DGSc4Ixh9PVpGguyEqrCsK8q9XHOYX9l9/g5wEC6ZcR2FwfNsoaHcKNPjd5sSTzVtBWmQjfBEfIqwTR7vuihOxyNTwEzVwIJzvo7p8/aYxk+VdBtQxq4UweIcf/iFkUbM1cZ1oiXRQzciRBi+C1BQCQE0qzsCAwEAAaM7MDkwIQYDVR0SBBowGIIWTk9UX0ZPUl9QUk9EVUNUSU9OX1VTRTAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJKoZIhvcNAQEFBQADgYEAhLwkm+8psKt4gnbikGzV0TgpSWGcWxWKBi+z8tI2n6hFA5v1jVHHa4G9h3s0nxQ2TewzeR/k7gmgV2sI483NgrYHmTmLKaDBWza2pAuZuDhQH8GAEhJakFtKBP++EC9rNNpZnqqHxx3qb2tW25qRtBzDmK921gg9PMomMc7uqRQ=<span class="code-tag">&lt;/ds:X509Certificate&gt;</span>
-        <span class="code-tag">&lt;/ds:X509Data&gt;</span>
-
-        <span class="code-tag">&lt;ds:KeyValue&gt;</span>
-          <span class="code-tag">&lt;ds:RSAKeyValue&gt;</span>
-             <span class="code-tag">&lt;ds:Modulus&gt;</span>vu747/VShQ85f16DGSc4Ixh9PVpGguyEqrCsK8q9XHOYX9l9/g5wEC6ZcR2FwfNsoaHcKNPjd5sSTzVtBWmQjfBEfIqwTR7vuihOxyNTwEzVwIJzvo7p8/aYxk+VdBtQxq4UweIcf/iFkUbM1cZ1oiXRQzciRBi+C1BQCQE0qzs=<span class="code-tag">&lt;/ds:Modulus&gt;</span>
-             <span class="code-tag">&lt;ds:Exponent&gt;</span>AQAB<span class="code-tag">&lt;/ds:Exponent&gt;</span>
-          <span class="code-tag">&lt;/ds:RSAKeyValue&gt;</span>
-        <span class="code-tag">&lt;/ds:KeyValue&gt;</span>
-       <span class="code-tag">&lt;/ds:KeyInfo&gt;</span>
-     <span class="code-tag">&lt;/ds:Signature&gt;</span>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;Book ID="4bd59819-7b78-47a5-bb61-cc08348e9d48"&gt;
+   &lt;id&gt;126&lt;/id&gt;
+   &lt;name&gt;CXF&lt;/name&gt;
+
+   &lt;ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"&gt;
+      &lt;ds:SignedInfo&gt;
+         &lt;ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/&gt;
+         &lt;ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/&gt;
+         &lt;ds:Reference URI="#4bd59819-7b78-47a5-bb61-cc08348e9d48"&gt;
+           &lt;ds:Transforms&gt;
+             &lt;ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/&gt;
+             &lt;ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/&gt;
+           &lt;/ds:Transforms&gt;
+           &lt;ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/&gt;
+           &lt;ds:DigestValue&gt;eFduzs6Cg1/Wd6jagUmr8vRYxHY=&lt;/ds:DigestValue&gt;
+         &lt;/ds:Reference&gt;
+      &lt;/ds:SignedInfo&gt;
+&lt;ds:SignatureValue&gt;DLD+wU85G+Q+H/SNoMr1I7tOCAZAjd3lYE84sBGU5tuMtzbwxKOIgg10g2F1SUbpujy1CZZ9BPkQNA+gA1CH4FE3uiBzp3DDSVv6o5l6Q76Ci0XI28ylO7O1OCY+q2nbP0WtERFWOn9f9nniVKbduz6YQHjv6cNLd8pf4+k2U3g=&lt;/ds:SignatureValue&gt;
+
+       &lt;ds:KeyInfo&gt;
+         &lt;ds:X509Data&gt;&lt;ds:X509Certificate&gt;MIICGjCCAYOgAwIBAgIESVRgATANBgkqhkiG9w0BAQUFADAzMRMwEQYDVQQKEwphcGFjaGUub3JnMQwwCgYDVQQLEwNlbmcxDjAMBgNVBAMTBWN4ZmNhMB4XDTcwMDEwMTAwMDAwMFoXDTM4MDExOTAzMTQwN1owMzETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQ4wDAYDVQQDEwVhbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvu747/VShQ85f16DGSc4Ixh9PVpGguyEqrCsK8q9XHOYX9l9/g5wEC6ZcR2FwfNsoaHcKNPjd5sSTzVtBWmQjfBEfIqwTR7vuihOxyNTwEzVwIJzvo7p8/aYxk+VdBtQxq4UweIcf/iFkUbM1cZ1oiXRQzciRBi+C1BQCQE0qzsCAwEAAaM7MDkwIQYDVR0SBBowGIIWTk9UX0ZPUl9QUk9EVUNUSU9OX1VTRTAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJKoZIhvcNAQEFBQADgYEAhLwkm+8psKt4gnbikGzV0TgpSWGcWxWKBi+z8tI2n6hFA5v1jVHHa4G9h3s0nxQ2TewzeR/k7gmgV2sI483NgrYHmTmLKaDBWza2pAuZuDhQH8GAEhJakFtKBP++EC9rNNpZnqqHxx3qb2tW25qRtBzDmK921gg9PMomMc7uqRQ=&lt;/ds:X509Certificate&gt;
+        &lt;/ds:X509Data&gt;
+
+        &lt;ds:KeyValue&gt;
+          &lt;ds:RSAKeyValue&gt;
+             &lt;ds:Modulus&gt;vu747/VShQ85f16DGSc4Ixh9PVpGguyEqrCsK8q9XHOYX9l9/g5wEC6ZcR2FwfNsoaHcKNPjd5sSTzVtBWmQjfBEfIqwTR7vuihOxyNTwEzVwIJzvo7p8/aYxk+VdBtQxq4UweIcf/iFkUbM1cZ1oiXRQzciRBi+C1BQCQE0qzs=&lt;/ds:Modulus&gt;
+             &lt;ds:Exponent&gt;AQAB&lt;/ds:Exponent&gt;
+          &lt;/ds:RSAKeyValue&gt;
+        &lt;/ds:KeyValue&gt;
+       &lt;/ds:KeyInfo&gt;
+     &lt;/ds:Signature&gt;
 
-<span class="code-tag">&lt;/Book&gt;</span>
-</pre>
+&lt;/Book&gt;
+]]></script>
 </div></div>
 
 <p>Note that the Book root element is signed including its name and id children, and a signature ds:Reference links to Book. </p>
@@ -198,39 +206,39 @@ This is a work in progress and the enhan
 <p>Server Configuration fragment:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
 
-<span class="code-tag">&lt;bean id=<span class="code-quote">"serviceBean"</span> class=<span class="code-quote">"org.apache.cxf.systest.jaxrs.security.BookStore"</span>/&gt;</span>
-<span class="code-tag">&lt;bean id=<span class="code-quote">"xmlSigHandler"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlSigInHandler"</span>/&gt;</span>
-<span class="code-tag">&lt;bean id=<span class="code-quote">"xmlSigOutHandler"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlSigOutInterceptor"</span>/&gt;</span>
-
-<span class="code-tag">&lt;jaxrs:server address=<span class="code-quote">"/xmlsig"</span>&gt;</span> 
-    <span class="code-tag">&lt;jaxrs:serviceBeans&gt;</span>
-      <span class="code-tag">&lt;ref bean=<span class="code-quote">"serviceBean"</span>/&gt;</span>
-    <span class="code-tag">&lt;/jaxrs:serviceBeans&gt;</span>
+&lt;bean id="serviceBean" class="org.apache.cxf.systest.jaxrs.security.BookStore"/&gt;
+&lt;bean id="xmlSigHandler" class="org.apache.cxf.rs.security.xml.XmlSigInHandler"/&gt;
+&lt;bean id="xmlSigOutHandler" class="org.apache.cxf.rs.security.xml.XmlSigOutInterceptor"/&gt;
+
+&lt;jaxrs:server address="/xmlsig"&gt; 
+    &lt;jaxrs:serviceBeans&gt;
+      &lt;ref bean="serviceBean"/&gt;
+    &lt;/jaxrs:serviceBeans&gt;
     &lt;!-- 
        Required for validating the in signature and removing it from the payload.
        It also persists the signature on the current Message which can be disabled.
     --&gt;
-    <span class="code-tag">&lt;jaxrs:providers&gt;</span>
-      <span class="code-tag">&lt;ref bean=<span class="code-quote">"xmlSigHandler"</span>/&gt;</span>
-    <span class="code-tag">&lt;/jaxrs:providers&gt;</span> 
+    &lt;jaxrs:providers&gt;
+      &lt;ref bean="xmlSigHandler"/&gt;
+    &lt;/jaxrs:providers&gt; 
     &lt;!-- 
        Required for adding a new signature to the outbound payload
     --&gt;
-    <span class="code-tag">&lt;jaxrs:outInterceptors&gt;</span>
-          <span class="code-tag">&lt;ref bean=<span class="code-quote">"xmlSigOutHandler"</span>/&gt;</span>
-    <span class="code-tag">&lt;/jaxrs:outInterceptors&gt;</span>
-
-    <span class="code-tag">&lt;jaxrs:properties&gt;</span>
-          &lt;entry key=<span class="code-quote">"ws-security.callback-handler"</span> 
-                  value=<span class="code-quote">"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"</span>/&gt;
-          &lt;entry key=<span class="code-quote">"ws-security.signature.properties"</span> 
-                  value=<span class="code-quote">"org/apache/cxf/systest/jaxrs/security/alice.properties"</span>/&gt;
-    <span class="code-tag">&lt;/jaxrs:properties&gt;</span>
-<span class="code-tag">&lt;/jaxrs:server&gt;</span>
+    &lt;jaxrs:outInterceptors&gt;
+          &lt;ref bean="xmlSigOutHandler"/&gt;
+    &lt;/jaxrs:outInterceptors&gt;
+
+    &lt;jaxrs:properties&gt;
+          &lt;entry key="ws-security.callback-handler" 
+                  value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/&gt;
+          &lt;entry key="ws-security.signature.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/alice.properties"/&gt;
+    &lt;/jaxrs:properties&gt;
+&lt;/jaxrs:server&gt;
 
-</pre>
+]]></script>
 </div></div>
 
 <p>Note that org.apache.cxf.rs.security.xml.XmlSigInHandler is responsible for validating the signature attached to the inbound payload and is capable of processing all 3 types of XML Signature. </p>
@@ -240,39 +248,39 @@ This is a work in progress and the enhan
 
 <p>Client code:</p>
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
 
-<span class="code-object">String</span> address = <span class="code-quote">"https:<span class="code-comment">//localhost:8080/xmlsig/bookstore/books"</span>;
-</span>JAXRSClientFactoryBean bean = <span class="code-keyword">new</span> JAXRSClientFactoryBean();
+String address = "https://localhost:8080/xmlsig/bookstore/books";
+JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
 bean.setAddress(address);
 
-<span class="code-comment">// setup properties
-</span>Map&lt;<span class="code-object">String</span>, <span class="code-object">Object</span>&gt; properties = <span class="code-keyword">new</span> HashMap&lt;<span class="code-object">String</span>, <span class="code-object">Object</span>&gt;();
-properties.put(<span class="code-quote">"ws-security.callback-handler"</span>, 
-               <span class="code-quote">"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"</span>);
-properties.put(<span class="code-quote">"ws-security.signature.username"</span>, <span class="code-quote">"alice"</span>);
-properties.put(<span class="code-quote">"ws-security.signature.properties"</span>, 
-               <span class="code-quote">"org/apache/cxf/systest/jaxrs/security/alice.properties"</span>);
+// setup properties
+Map&lt;String, Object&gt; properties = new HashMap&lt;String, Object&gt;();
+properties.put("ws-security.callback-handler", 
+               "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
+properties.put("ws-security.signature.username", "alice");
+properties.put("ws-security.signature.properties", 
+               "org/apache/cxf/systest/jaxrs/security/alice.properties");
 bean.setProperties(properties);
 
-<span class="code-comment">// add the interceptor which will add a signature to the outbound payload
-</span>XmlSigOutInterceptor sigOutInterceptor = <span class="code-keyword">new</span> XmlSigOutInterceptor();
+// add the interceptor which will add a signature to the outbound payload
+XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor();
 bean.getOutInterceptors().add(sigOutInterceptor);
 
-<span class="code-comment">// add the interceptor which will validate a signature in the inbound payload
-</span>XmlSigInInterceptor sigInInterceptor = <span class="code-keyword">new</span> XmlSigInInterceptor();
+// add the interceptor which will validate a signature in the inbound payload
+XmlSigInInterceptor sigInInterceptor = new XmlSigInInterceptor();
 bean.getInInterceptors().add(sigInInterceptor);
 
 
-<span class="code-comment">// load a bus with HTTPS configuration:
-</span>SpringBusFactory bf = <span class="code-keyword">new</span> SpringBusFactory();
+// load a bus with HTTPS configuration:
+SpringBusFactory bf = new SpringBusFactory();
 Bus bus = bf.createBus(configLocation);
 bean.setBus(bus);
         
-<span class="code-comment">// use WebClient (or proxy) as usual
-</span>WebClient wc = bean.createWebClient();
-Book book = wc.post(<span class="code-keyword">new</span> Book(<span class="code-quote">"CXF"</span>, 126L), Book.class);
-</pre>
+// use WebClient (or proxy) as usual
+WebClient wc = bean.createWebClient();
+Book book = wc.post(new Book("CXF", 126L), Book.class);
+]]></script>
 </div></div>
 
 <p>Spring configuration can also be used.<br clear="none">
@@ -283,38 +291,38 @@ Please also check <a shape="rect" href="
 <p>Payload:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag">&lt;ds:Signature <span class="code-keyword">xmlns:ds</span>=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#"</span>&gt;</span>
-   <span class="code-tag">&lt;ds:SignedInfo&gt;</span>
-      <span class="code-tag">&lt;ds:CanonicalizationMethod Algorithm=<span class="code-quote">"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"</span>/&gt;</span>
-      <span class="code-tag">&lt;ds:SignatureMethod Algorithm=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#rsa-sha1"</span>/&gt;</span>
-      <span class="code-tag">&lt;ds:Reference URI=<span class="code-quote">"#88e688e6-6512-406f-9e88-a58e5d781ff0"</span>&gt;</span>
-        <span class="code-tag">&lt;ds:Transforms&gt;</span>
-           <span class="code-tag">&lt;ds:Transform Algorithm=<span class="code-quote">"http://www.w3.org/2001/10/xml-exc-c14n#"</span>/&gt;</span>
-        <span class="code-tag">&lt;/ds:Transforms&gt;</span>
-        <span class="code-tag">&lt;ds:DigestMethod Algorithm=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#sha1"</span>/&gt;</span>
-        <span class="code-tag">&lt;ds:DigestValue&gt;</span>Cq3zl3t3DqWTvuZ+4EtZgGs4ikk=<span class="code-tag">&lt;/ds:DigestValue&gt;</span>
-      <span class="code-tag">&lt;/ds:Reference&gt;</span>
-   <span class="code-tag">&lt;/ds:SignedInfo&gt;</span><span class="code-tag">&lt;ds:SignatureValue&gt;</span>NvcCS8vx3YJkc8fHMf8bQkC+lwasC6CwiS7HfKSm8t+6TtYdM7TRbYxSuqfCTkF4vBIldWIzl6UngON592FfJdbvrgE2CusCkIybrP7BBmP7zTSV0GjH4/60L6ObkhGPkMNoKzw4V+zgF7Zo+F7ngsz5ZUWZX/GWETmTtYtcfT0=<span class="code-tag">&lt;/ds:SignatureValue&gt;</span>
-   <span class="code-tag">&lt;ds:KeyInfo&gt;</span>
-     <span class="code-tag">&lt;ds:X509Data&gt;</span>
-       <span class="code-tag">&lt;ds:X509Certificate&gt;</span><span class="code-tag"><span class="code-comment">&lt;!-- Omitted for brevity--&gt;</span></span><span class="code-tag">&lt;/ds:X509Certificate&gt;</span>
-     <span class="code-tag">&lt;/ds:X509Data&gt;</span>
-     <span class="code-tag">&lt;ds:KeyValue&gt;</span>
-      <span class="code-tag">&lt;ds:RSAKeyValue&gt;</span><span class="code-tag">&lt;ds:Modulus&gt;</span>vu747/VShQ85f16DGSc4Ixh9PVpGguyEqrCsK8q9XHOYX9l9/g5wEC6ZcR2FwfNsoaHcKNPjd5sSTzVtBWmQjfBEfIqwTR7vuihOxyNTwEzVwIJzvo7p8/aYxk+VdBtQxq4UweIcf/iFkUbM1cZ1oiXRQzciRBi+C1BQCQE0qzs=<span class="code-tag">&lt;/ds:Modulus&gt;</span>
-       <span class="code-tag">&lt;ds:Exponent&gt;</span>AQAB<span class="code-tag">&lt;/ds:Exponent&gt;</span>
-      <span class="code-tag">&lt;/ds:RSAKeyValue&gt;</span>
-     <span class="code-tag">&lt;/ds:KeyValue&gt;</span>
-   <span class="code-tag">&lt;/ds:KeyInfo&gt;</span>
-   <span class="code-tag">&lt;ds:Object ID=<span class="code-quote">"88e688e6-6512-406f-9e88-a58e5d781ff0"</span>&gt;</span>
-
-      <span class="code-tag">&lt;Book&gt;</span>
-         <span class="code-tag">&lt;id&gt;</span>126<span class="code-tag">&lt;/id&gt;</span>
-         <span class="code-tag">&lt;name&gt;</span>CXF<span class="code-tag">&lt;/name&gt;</span>
-      <span class="code-tag">&lt;/Book&gt;</span>
-   <span class="code-tag">&lt;/ds:Object&gt;</span>
-<span class="code-tag">&lt;/ds:Signature&gt;</span>
-</pre>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"&gt;
+   &lt;ds:SignedInfo&gt;
+      &lt;ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/&gt;
+      &lt;ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/&gt;
+      &lt;ds:Reference URI="#88e688e6-6512-406f-9e88-a58e5d781ff0"&gt;
+        &lt;ds:Transforms&gt;
+           &lt;ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/&gt;
+        &lt;/ds:Transforms&gt;
+        &lt;ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/&gt;
+        &lt;ds:DigestValue&gt;Cq3zl3t3DqWTvuZ+4EtZgGs4ikk=&lt;/ds:DigestValue&gt;
+      &lt;/ds:Reference&gt;
+   &lt;/ds:SignedInfo&gt;&lt;ds:SignatureValue&gt;NvcCS8vx3YJkc8fHMf8bQkC+lwasC6CwiS7HfKSm8t+6TtYdM7TRbYxSuqfCTkF4vBIldWIzl6UngON592FfJdbvrgE2CusCkIybrP7BBmP7zTSV0GjH4/60L6ObkhGPkMNoKzw4V+zgF7Zo+F7ngsz5ZUWZX/GWETmTtYtcfT0=&lt;/ds:SignatureValue&gt;
+   &lt;ds:KeyInfo&gt;
+     &lt;ds:X509Data&gt;
+       &lt;ds:X509Certificate&gt;&lt;!-- Omitted for brevity--&gt;&lt;/ds:X509Certificate&gt;
+     &lt;/ds:X509Data&gt;
+     &lt;ds:KeyValue&gt;
+      &lt;ds:RSAKeyValue&gt;&lt;ds:Modulus&gt;vu747/VShQ85f16DGSc4Ixh9PVpGguyEqrCsK8q9XHOYX9l9/g5wEC6ZcR2FwfNsoaHcKNPjd5sSTzVtBWmQjfBEfIqwTR7vuihOxyNTwEzVwIJzvo7p8/aYxk+VdBtQxq4UweIcf/iFkUbM1cZ1oiXRQzciRBi+C1BQCQE0qzs=&lt;/ds:Modulus&gt;
+       &lt;ds:Exponent&gt;AQAB&lt;/ds:Exponent&gt;
+      &lt;/ds:RSAKeyValue&gt;
+     &lt;/ds:KeyValue&gt;
+   &lt;/ds:KeyInfo&gt;
+   &lt;ds:Object ID="88e688e6-6512-406f-9e88-a58e5d781ff0"&gt;
+
+      &lt;Book&gt;
+         &lt;id&gt;126&lt;/id&gt;
+         &lt;name&gt;CXF&lt;/name&gt;
+      &lt;/Book&gt;
+   &lt;/ds:Object&gt;
+&lt;/ds:Signature&gt;
+]]></script>
 </div></div>
 
 <p>This time the signature is enveloping the Book element using a ds:Object wrapper which ds:Reference links to.</p>
@@ -323,13 +331,13 @@ Please also check <a shape="rect" href="
 
 <p>Client code is nearly identical to the one shown in the Enveloped signatures section except that XmlSigOutInterceptor need to have an additional property set:</p>
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
 
-<span class="code-comment">// add the interceptor dealing with adding a signature
-</span>XmlSigOutInterceptor sigInterceptor = <span class="code-keyword">new</span> XmlSigOutInterceptor();
-sigInterceptor.setStyle(<span class="code-quote">"enveloping"</span>);
+// add the interceptor dealing with adding a signature
+XmlSigOutInterceptor sigInterceptor = new XmlSigOutInterceptor();
+sigInterceptor.setStyle("enveloping");
 
-</pre>
+]]></script>
 </div></div>
 
 <h2><a shape="rect" name="JAX-RSXMLSecurity-Detachedsignatures"></a>Detached signatures</h2>
@@ -337,53 +345,53 @@ sigInterceptor.setStyle(<span class="cod
 <p>Payload:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag">&lt;env:Envelope <span class="code-keyword">xmlns:env</span>=<span class="code-quote">"http://org.apache.cxf/rs/env"</span>&gt;</span>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;env:Envelope xmlns:env="http://org.apache.cxf/rs/env"&gt;
 
-  <span class="code-tag">&lt;Book ID=<span class="code-quote">"e9836bc2-cb5a-453f-b967-a9ddbaf9a6de"</span>&gt;</span>
-    <span class="code-tag">&lt;id&gt;</span>125<span class="code-tag">&lt;/id&gt;</span>
-    <span class="code-tag">&lt;name&gt;</span>CXF<span class="code-tag">&lt;/name&gt;</span>
-   <span class="code-tag">&lt;/Book&gt;</span>
-   <span class="code-tag">&lt;ds:Signature <span class="code-keyword">xmlns:ds</span>=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#"</span>&gt;</span>
-     <span class="code-tag">&lt;ds:SignedInfo&gt;</span>
-       <span class="code-tag">&lt;ds:CanonicalizationMethod Algorithm=<span class="code-quote">"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"</span>/&gt;</span>
-       <span class="code-tag">&lt;ds:SignatureMethod Algorithm=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#rsa-sha1"</span>/&gt;</span>
-       <span class="code-tag">&lt;ds:Reference URI=<span class="code-quote">"#e9836bc2-cb5a-453f-b967-a9ddbaf9a6de"</span>&gt;</span>
-         <span class="code-tag">&lt;ds:Transforms&gt;</span>
-           <span class="code-tag">&lt;ds:Transform Algorithm=<span class="code-quote">"http://www.w3.org/2001/10/xml-exc-c14n#"</span>/&gt;</span>
-         <span class="code-tag">&lt;/ds:Transforms&gt;</span>
-         <span class="code-tag">&lt;ds:DigestMethod Algorithm=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#sha1"</span>/&gt;</span>
-         <span class="code-tag">&lt;ds:DigestValue&gt;</span>Pxz77Hlg6I/MRsJz4gixkaMFtYI=<span class="code-tag">&lt;/ds:DigestValue&gt;</span>
-       <span class="code-tag">&lt;/ds:Reference&gt;</span>
-     <span class="code-tag">&lt;/ds:SignedInfo&gt;</span>
-<span class="code-tag">&lt;ds:SignatureValue&gt;</span>JSwgiVqZT1EtJ9xqtb90juS54pvZguzFMne7cQyGMQDvBW7b65aAAIfVx/PmFB7Tuy4qB4zqNFCzCwHlhDurNP9NYB7PEzFsA3v3vSyEcHnpUhu41xmBvjT5HWEKbuzqX0dHekizuUefbfzG5WpluVPmOgjashrm9DIhfEf+Hyg=<span class="code-tag">&lt;/ds:SignatureValue&gt;</span>
-     <span class="code-tag">&lt;ds:KeyInfo&gt;</span>
-      <span class="code-tag">&lt;ds:X509Data&gt;</span>
-         <span class="code-tag">&lt;ds:X509Certificate&gt;</span><span class="code-tag"><span class="code-comment">&lt;!--Omitted for Brewity--&gt;</span></span><span class="code-tag">&lt;/ds:X509Certificate&gt;</span>
-      <span class="code-tag">&lt;/ds:X509Data&gt;</span>
-      <span class="code-tag">&lt;ds:KeyValue&gt;</span>
-        <span class="code-tag">&lt;ds:RSAKeyValue&gt;</span>
-          <span class="code-tag">&lt;ds:Modulus&gt;</span>vu747/VShQ85f16DGSc4Ixh9PVpGguyEqrCsK8q9XHOYX9l9/g5wEC6ZcR2FwfNsoaHcKNPjd5sSTzVtBWmQjfBEfIqwTR7vuihOxyNTwEzVwIJzvo7p8/aYxk+VdBtQxq4UweIcf/iFkUbM1cZ1oiXRQzciRBi+C1BQCQE0qzs=<span class="code-tag">&lt;/ds:Modulus&gt;</span>
-          <span class="code-tag">&lt;ds:Exponent&gt;</span>AQAB<span class="code-tag">&lt;/ds:Exponent&gt;</span>
-        <span class="code-tag">&lt;/ds:RSAKeyValue&gt;</span>
-      <span class="code-tag">&lt;/ds:KeyValue&gt;</span>
-     <span class="code-tag">&lt;/ds:KeyInfo&gt;</span>
-   <span class="code-tag">&lt;/ds:Signature&gt;</span>
+  &lt;Book ID="e9836bc2-cb5a-453f-b967-a9ddbaf9a6de"&gt;
+    &lt;id&gt;125&lt;/id&gt;
+    &lt;name&gt;CXF&lt;/name&gt;
+   &lt;/Book&gt;
+   &lt;ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"&gt;
+     &lt;ds:SignedInfo&gt;
+       &lt;ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/&gt;
+       &lt;ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/&gt;
+       &lt;ds:Reference URI="#e9836bc2-cb5a-453f-b967-a9ddbaf9a6de"&gt;
+         &lt;ds:Transforms&gt;
+           &lt;ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/&gt;
+         &lt;/ds:Transforms&gt;
+         &lt;ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/&gt;
+         &lt;ds:DigestValue&gt;Pxz77Hlg6I/MRsJz4gixkaMFtYI=&lt;/ds:DigestValue&gt;
+       &lt;/ds:Reference&gt;
+     &lt;/ds:SignedInfo&gt;
+&lt;ds:SignatureValue&gt;JSwgiVqZT1EtJ9xqtb90juS54pvZguzFMne7cQyGMQDvBW7b65aAAIfVx/PmFB7Tuy4qB4zqNFCzCwHlhDurNP9NYB7PEzFsA3v3vSyEcHnpUhu41xmBvjT5HWEKbuzqX0dHekizuUefbfzG5WpluVPmOgjashrm9DIhfEf+Hyg=&lt;/ds:SignatureValue&gt;
+     &lt;ds:KeyInfo&gt;
+      &lt;ds:X509Data&gt;
+         &lt;ds:X509Certificate&gt;&lt;!--Omitted for Brewity--&gt;&lt;/ds:X509Certificate&gt;
+      &lt;/ds:X509Data&gt;
+      &lt;ds:KeyValue&gt;
+        &lt;ds:RSAKeyValue&gt;
+          &lt;ds:Modulus&gt;vu747/VShQ85f16DGSc4Ixh9PVpGguyEqrCsK8q9XHOYX9l9/g5wEC6ZcR2FwfNsoaHcKNPjd5sSTzVtBWmQjfBEfIqwTR7vuihOxyNTwEzVwIJzvo7p8/aYxk+VdBtQxq4UweIcf/iFkUbM1cZ1oiXRQzciRBi+C1BQCQE0qzs=&lt;/ds:Modulus&gt;
+          &lt;ds:Exponent&gt;AQAB&lt;/ds:Exponent&gt;
+        &lt;/ds:RSAKeyValue&gt;
+      &lt;/ds:KeyValue&gt;
+     &lt;/ds:KeyInfo&gt;
+   &lt;/ds:Signature&gt;
 
-    <span class="code-tag">&lt;saml2:Assertion <span class="code-keyword">xmlns:saml2</span>=<span class="code-quote">"urn:oasis:names:tc:SAML:2.0:assertion"</span> <span class="code-keyword">xmlns:xs</span>=<span class="code-quote">"http://www.w3.org/2001/XMLSchema"</span> <span class="code-keyword">xmlns:xsi</span>=<span class="code-quote">"http://www.w3.org/2001/XMLSchema-instance"</span> ID=<span class="code-quote">"_E462768C678896CE9913202742137181"</span> IssueInstant=<span class="code-quote">"2011-11-02T22:50:13.718Z"</span> Version=<span class="code-quote">"2.0"</span> xsi:type=<span class="code-quote">"saml2:AssertionType"</span>&gt;</span>
+    &lt;saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_E462768C678896CE9913202742137181" IssueInstant="2011-11-02T22:50:13.718Z" Version="2.0" xsi:type="saml2:AssertionType"&gt;
 
-<span class="code-tag">&lt;saml2:Issuer&gt;</span>https://idp.example.org/SAML2<span class="code-tag">&lt;/saml2:Issuer&gt;</span>
+&lt;saml2:Issuer&gt;https://idp.example.org/SAML2&lt;/saml2:Issuer&gt;
 
-<span class="code-tag">&lt;ds:Signature <span class="code-keyword">xmlns:ds</span>=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#"</span>&gt;</span>
+&lt;ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"&gt;
  &lt;!-- 
     Enveloped/embedded SAML Assertion XML Signature is omitted for brevity
     See the JAX-RS SAML section for more info
  --&gt;
-<span class="code-tag">&lt;/ds:Signature&gt;</span>
-<span class="code-tag"><span class="code-comment">&lt;!-- the rest of SAML assertion --&gt;</span></span>
-<span class="code-tag">&lt;/saml2:Assertion&gt;</span>
-<span class="code-tag">&lt;/env:Envelope&gt;</span>
-</pre>
+&lt;/ds:Signature&gt;
+&lt;!-- the rest of SAML assertion --&gt;
+&lt;/saml2:Assertion&gt;
+&lt;/env:Envelope&gt;
+]]></script>
 </div></div>
 
 <p>Note that the whole payload is enveloped by a configurable element wrapper. The Book instance is one part of the envelope and it's signed by a detached signature (see the first ds:Signature, with its ds:Reference linking to Book). The envelope also has an embedded SAML assertion which has its own enveloped signature.</p>
@@ -393,13 +401,13 @@ sigInterceptor.setStyle(<span class="cod
 <p>Client code is nearly identical to the one shown in the Enveloped signatures section except that XmlSigOutInterceptor need to have an additional property set:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
 
-<span class="code-comment">// add the interceptor dealing with adding a signature
-</span>XmlSigOutInterceptor sigInterceptor = <span class="code-keyword">new</span> XmlSigOutInterceptor();
-sigInterceptor.setStyle(<span class="code-quote">"detached"</span>);
+// add the interceptor dealing with adding a signature
+XmlSigOutInterceptor sigInterceptor = new XmlSigOutInterceptor();
+sigInterceptor.setStyle("detached");
 
-</pre>
+]]></script>
 </div></div>
 
 <h2><a shape="rect" name="JAX-RSXMLSecurity-Customizingthesignature"></a>Customizing the signature</h2>
@@ -419,56 +427,56 @@ The following properties can be set on i
 <p>Here is a payload example:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag">&lt;xenc:EncryptedData <span class="code-keyword">xmlns:xenc</span>=<span class="code-quote">"http://www.w3.org/2001/04/xmlenc#"</span>&gt;</span>
-  <span class="code-tag">&lt;xenc:EncryptionMethod Algorithm=<span class="code-quote">"http://www.w3.org/2001/04/xmlenc#aes128-cbc"</span>/&gt;</span>
-  <span class="code-tag">&lt;ds:KeyInfo <span class="code-keyword">xmlns:ds</span>=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#"</span>&gt;</span>
-    <span class="code-tag">&lt;ds:RetrievalMethod Type=<span class="code-quote">"http://www.w3.org/2001/04/xmlenc#EncryptedKey"</span>/&gt;</span>
-    <span class="code-tag">&lt;xenc:EncryptedKey Id=<span class="code-quote">"EK-B353DDCEE7C575B6A213203188664772"</span>&gt;</span>
-      <span class="code-tag">&lt;xenc:EncryptionMethod Algorithm=<span class="code-quote">"http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"</span>/&gt;</span>
-        <span class="code-tag">&lt;ds:KeyInfo&gt;</span>
-            <span class="code-tag">&lt;ds:X509Data&gt;</span>
-               <span class="code-tag">&lt;ds:X509Certificate&gt;</span><span class="code-tag"><span class="code-comment">&lt;!-- Omitted for brevity --&gt;</span></span><span class="code-tag">&lt;/ds:X509Certificate&gt;</span>
-           <span class="code-tag">&lt;/ds:X509Data&gt;</span>
-        <span class="code-tag">&lt;/ds:KeyInfo&gt;</span>
-        <span class="code-tag">&lt;xenc:CipherData&gt;</span><span class="code-tag">&lt;xenc:CipherValue&gt;</span>tPtZz4pnVWquaV2a7O0y+VrHoeWwk3Eu5Jnu3RHz5rGDB/MLyG6rBamhit03J2xWaV52zUtDAPEj8sr4oy5y2KLB09Hu317IbQjinePabUpd+DLnwNn5iHZpHWJPfndkh07JdYZSrMwqOvJ3fqrNJ+LQeLzZDneT8sC1vRyhSDU=<span class="code-tag">&lt;/xenc:CipherValue&gt;</span>
-        <span class="code-tag">&lt;/xenc:CipherData&gt;</span>
-    <span class="code-tag">&lt;/xenc:EncryptedKey&gt;</span>
-  <span class="code-tag">&lt;/ds:KeyInfo&gt;</span>
-  <span class="code-tag">&lt;xenc:CipherData&gt;</span>
-     <span class="code-tag">&lt;xenc:CipherValue&gt;</span>3ZPQ3SapAxemJwqG58sWh+r8B5SMRf/DZ2w/REswgl0zr8kpk0x4tayC5hl7IbSE8CPQYYHX8sXVnUFUoHOtJA==<span class="code-tag">&lt;/xenc:CipherValue&gt;</span>
-  <span class="code-tag">&lt;/xenc:CipherData&gt;</span>
-<span class="code-tag">&lt;/xenc:EncryptedData&gt;</span>
-</pre>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"&gt;
+  &lt;xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/&gt;
+  &lt;ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"&gt;
+    &lt;ds:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/&gt;
+    &lt;xenc:EncryptedKey Id="EK-B353DDCEE7C575B6A213203188664772"&gt;
+      &lt;xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/&gt;
+        &lt;ds:KeyInfo&gt;
+            &lt;ds:X509Data&gt;
+               &lt;ds:X509Certificate&gt;&lt;!-- Omitted for brevity --&gt;&lt;/ds:X509Certificate&gt;
+           &lt;/ds:X509Data&gt;
+        &lt;/ds:KeyInfo&gt;
+        &lt;xenc:CipherData&gt;&lt;xenc:CipherValue&gt;tPtZz4pnVWquaV2a7O0y+VrHoeWwk3Eu5Jnu3RHz5rGDB/MLyG6rBamhit03J2xWaV52zUtDAPEj8sr4oy5y2KLB09Hu317IbQjinePabUpd+DLnwNn5iHZpHWJPfndkh07JdYZSrMwqOvJ3fqrNJ+LQeLzZDneT8sC1vRyhSDU=&lt;/xenc:CipherValue&gt;
+        &lt;/xenc:CipherData&gt;
+    &lt;/xenc:EncryptedKey&gt;
+  &lt;/ds:KeyInfo&gt;
+  &lt;xenc:CipherData&gt;
+     &lt;xenc:CipherValue&gt;3ZPQ3SapAxemJwqG58sWh+r8B5SMRf/DZ2w/REswgl0zr8kpk0x4tayC5hl7IbSE8CPQYYHX8sXVnUFUoHOtJA==&lt;/xenc:CipherValue&gt;
+  &lt;/xenc:CipherData&gt;
+&lt;/xenc:EncryptedData&gt;
+]]></script>
 </div></div> 
 
 <p>Here is a server configuration fragment:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag">&lt;bean id=<span class="code-quote">"serviceBean"</span> class=<span class="code-quote">"org.apache.cxf.systest.jaxrs.security.BookStore"</span>/&gt;</span>
-<span class="code-tag">&lt;bean id=<span class="code-quote">"xmlSigInHandler"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlSigInHandler"</span>/&gt;</span>
-<span class="code-tag">&lt;bean id=<span class="code-quote">"xmlEncInHandler"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlEncInHandler"</span>/&gt;</span>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;bean id="serviceBean" class="org.apache.cxf.systest.jaxrs.security.BookStore"/&gt;
+&lt;bean id="xmlSigInHandler" class="org.apache.cxf.rs.security.xml.XmlSigInHandler"/&gt;
+&lt;bean id="xmlEncInHandler" class="org.apache.cxf.rs.security.xml.XmlEncInHandler"/&gt;
     
-<span class="code-tag">&lt;jaxrs:server address=<span class="code-quote">"/xmlsig"</span>&gt;</span> 
-    <span class="code-tag">&lt;jaxrs:serviceBeans&gt;</span>
-      <span class="code-tag">&lt;ref bean=<span class="code-quote">"serviceBean"</span>/&gt;</span>
-    <span class="code-tag">&lt;/jaxrs:serviceBeans&gt;</span>
-    <span class="code-tag">&lt;jaxrs:providers&gt;</span>
-       <span class="code-tag">&lt;ref bean=<span class="code-quote">"xmlEncHandler"</span>/&gt;</span>
-       <span class="code-tag">&lt;ref bean=<span class="code-quote">"xmlSigHandler"</span>/&gt;</span>
-    <span class="code-tag">&lt;/jaxrs:providers&gt;</span> 
-     <span class="code-tag">&lt;jaxrs:properties&gt;</span>
-           &lt;entry key=<span class="code-quote">"ws-security.callback-handler"</span> 
-                  value=<span class="code-quote">"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"</span>/&gt;
-           &lt;entry key=<span class="code-quote">"ws-security.encryption.properties"</span> 
-                  value=<span class="code-quote">"org/apache/cxf/systest/jaxrs/security/bob.properties"</span>/&gt;
-           &lt;entry key=<span class="code-quote">"ws-security.signature.properties"</span> 
-                  value=<span class="code-quote">"org/apache/cxf/systest/jaxrs/security/alice.properties"</span>/&gt;       
-     <span class="code-tag">&lt;/jaxrs:properties&gt;</span> 
-<span class="code-tag">&lt;/jaxrs:server&gt;</span>
+&lt;jaxrs:server address="/xmlsig"&gt; 
+    &lt;jaxrs:serviceBeans&gt;
+      &lt;ref bean="serviceBean"/&gt;
+    &lt;/jaxrs:serviceBeans&gt;
+    &lt;jaxrs:providers&gt;
+       &lt;ref bean="xmlEncHandler"/&gt;
+       &lt;ref bean="xmlSigHandler"/&gt;
+    &lt;/jaxrs:providers&gt; 
+     &lt;jaxrs:properties&gt;
+           &lt;entry key="ws-security.callback-handler" 
+                  value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/&gt;
+           &lt;entry key="ws-security.encryption.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/bob.properties"/&gt;
+           &lt;entry key="ws-security.signature.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/alice.properties"/&gt;       
+     &lt;/jaxrs:properties&gt; 
+&lt;/jaxrs:server&gt;
 
-</pre>
+]]></script>
 </div></div>
 
 <p>This configuration supports receiving signed and then encrypted XML payloads.</p>
@@ -476,43 +484,43 @@ The following properties can be set on i
 <p>The code:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
-<span class="code-object">String</span> address = <span class="code-quote">"https:<span class="code-comment">//localhost:8080/xmlencryption/bookstore/books"</span>;
-</span>JAXRSClientFactoryBean bean = <span class="code-keyword">new</span> JAXRSClientFactoryBean();
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
+String address = "https://localhost:8080/xmlencryption/bookstore/books";
+JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
 bean.setAddress(address);
 
-<span class="code-comment">// setup properties
-</span>Map&lt;<span class="code-object">String</span>, <span class="code-object">Object</span>&gt; properties = <span class="code-keyword">new</span> HashMap&lt;<span class="code-object">String</span>, <span class="code-object">Object</span>&gt;();
+// setup properties
+Map&lt;String, Object&gt; properties = new HashMap&lt;String, Object&gt;();
 
-properties.put(<span class="code-quote">"ws-security.callback-handler"</span>, 
-               <span class="code-quote">"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"</span>);
-properties.put(<span class="code-quote">"ws-security.encryption.username"</span>, <span class="code-quote">"bob"</span>);
-properties.put(<span class="code-quote">"ws-security.encryption.properties"</span>, 
-                       <span class="code-quote">"org/apache/cxf/systest/jaxrs/security/bob.properties"</span>);
-
-<span class="code-comment">// <span class="code-keyword">if</span> signature required: 
-</span>properties.put(<span class="code-quote">"ws-security.signature.username"</span>, <span class="code-quote">"alice"</span>);
-properties.put(<span class="code-quote">"ws-security.signature.properties"</span>, 
-               <span class="code-quote">"org/apache/cxf/systest/jaxrs/security/alice.properties"</span>);
+properties.put("ws-security.callback-handler", 
+               "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
+properties.put("ws-security.encryption.username", "bob");
+properties.put("ws-security.encryption.properties", 
+                       "org/apache/cxf/systest/jaxrs/security/bob.properties");
+
+// if signature required: 
+properties.put("ws-security.signature.username", "alice");
+properties.put("ws-security.signature.properties", 
+               "org/apache/cxf/systest/jaxrs/security/alice.properties");
 
 bean.setProperties(properties);
 
-<span class="code-comment">// <span class="code-keyword">if</span> signature required: add the interceptor dealing with adding a signature
-</span>XmlSigOutInterceptor sigInterceptor = <span class="code-keyword">new</span> XmlSigOutInterceptor();
+// if signature required: add the interceptor dealing with adding a signature
+XmlSigOutInterceptor sigInterceptor = new XmlSigOutInterceptor();
 bean.getOutInterceptors().add(sigInterceptor);
 
-<span class="code-comment">// add the interceptor dealing with the encryption
-</span>
-XmlEncOutInterceptor encInterceptor = <span class="code-keyword">new</span> XmlEncOutInterceptor();
-encInterceptor.setSymmetricEncAlgorithm(<span class="code-quote">"http:<span class="code-comment">//www.w3.org/2001/04/xmlenc#aes128-cbc"</span>);
-</span>bean.getOutInterceptors().add(encInterceptor);
+// add the interceptor dealing with the encryption
+
+XmlEncOutInterceptor encInterceptor = new XmlEncOutInterceptor();
+encInterceptor.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
+bean.getOutInterceptors().add(encInterceptor);
 
        
-<span class="code-comment">// use WebClient (or proxy) as usual
-</span>WebClient wc = bean.createWebClient();
-Response r = wc.post(<span class="code-keyword">new</span> Book(<span class="code-quote">"CXF"</span>, 126L), Book.class);
+// use WebClient (or proxy) as usual
+WebClient wc = bean.createWebClient();
+Response r = wc.post(new Book("CXF", 126L), Book.class);
 assertEquals(200, r.getStatus());
-</pre>
+]]></script>
 </div></div>
 
 <p>Note that XmlEncOutInterceptor interceptor has a "symmetricEncAlgorithm" property set to a weaker type just to get CXF tests passing.</p>
@@ -520,51 +528,51 @@ assertEquals(200, r.getStatus());
 <p>The actual application client code does not expect a payload such as Book back but if it did then configuring the server to encrypt the response would be straightforward:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag">&lt;bean id=<span class="code-quote">"serviceBean"</span> class=<span class="code-quote">"org.apache.cxf.systest.jaxrs.security.BookStore"</span>/&gt;</span>
-<span class="code-tag">&lt;bean id=<span class="code-quote">"xmlSigInHandler"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlSigInHandler"</span>/&gt;</span>
-<span class="code-tag">&lt;bean id=<span class="code-quote">"xmlSigOutHandler"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlSigOutInterceptor"</span>/&gt;</span>
-
-<span class="code-tag">&lt;bean id=<span class="code-quote">"xmlEncInHandler"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlEncInHandler"</span>/&gt;</span>
-<span class="code-tag">&lt;bean id=<span class="code-quote">"xmlEncOutHandler"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlEncOutInterceptor"</span>&gt;</span>
-        <span class="code-tag">&lt;property name=<span class="code-quote">"symmetricEncAlgorithm"</span> value=<span class="code-quote">"aes128-cbc"</span>/&gt;</span>
-<span class="code-tag">&lt;/bean&gt;</span>
-
-<span class="code-tag">&lt;jaxrs:server address=<span class="code-quote">"/xmlsec"</span>&gt;</span> 
-    <span class="code-tag">&lt;jaxrs:serviceBeans&gt;</span>
-      <span class="code-tag">&lt;ref bean=<span class="code-quote">"serviceBean"</span>/&gt;</span>
-    <span class="code-tag">&lt;/jaxrs:serviceBeans&gt;</span>
-    <span class="code-tag">&lt;jaxrs:providers&gt;</span>
-       <span class="code-tag">&lt;ref bean=<span class="code-quote">"xmlEncInHandler"</span>/&gt;</span>
-       <span class="code-tag">&lt;ref bean=<span class="code-quote">"xmlSigInHandler"</span>/&gt;</span>
-    <span class="code-tag">&lt;/jaxrs:providers&gt;</span> 
-    <span class="code-tag">&lt;jaxrs:outInterceptors&gt;</span>
-        <span class="code-tag">&lt;ref bean=<span class="code-quote">"xmlSigOutHandler"</span>/&gt;</span> 
-        <span class="code-tag">&lt;ref bean=<span class="code-quote">"xmlEncOutHandler"</span>/&gt;</span>
-     <span class="code-tag">&lt;/jaxrs:outInterceptors&gt;</span>
-     <span class="code-tag">&lt;jaxrs:properties&gt;</span>
-         &lt;entry key=<span class="code-quote">"ws-security.callback-handler"</span> 
-                  value=<span class="code-quote">"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"</span>/&gt;
-         &lt;entry key=<span class="code-quote">"ws-security.encryption.properties"</span> 
-                  value=<span class="code-quote">"org/apache/cxf/systest/jaxrs/security/alice.properties"</span>/&gt;
-         &lt;entry key=<span class="code-quote">"ws-security.signature.properties"</span> 
-                  value=<span class="code-quote">"org/apache/cxf/systest/jaxrs/security/bob.properties"</span>/&gt;
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;bean id="serviceBean" class="org.apache.cxf.systest.jaxrs.security.BookStore"/&gt;
+&lt;bean id="xmlSigInHandler" class="org.apache.cxf.rs.security.xml.XmlSigInHandler"/&gt;
+&lt;bean id="xmlSigOutHandler" class="org.apache.cxf.rs.security.xml.XmlSigOutInterceptor"/&gt;
+
+&lt;bean id="xmlEncInHandler" class="org.apache.cxf.rs.security.xml.XmlEncInHandler"/&gt;
+&lt;bean id="xmlEncOutHandler" class="org.apache.cxf.rs.security.xml.XmlEncOutInterceptor"&gt;
+        &lt;property name="symmetricEncAlgorithm" value="aes128-cbc"/&gt;
+&lt;/bean&gt;
+
+&lt;jaxrs:server address="/xmlsec"&gt; 
+    &lt;jaxrs:serviceBeans&gt;
+      &lt;ref bean="serviceBean"/&gt;
+    &lt;/jaxrs:serviceBeans&gt;
+    &lt;jaxrs:providers&gt;
+       &lt;ref bean="xmlEncInHandler"/&gt;
+       &lt;ref bean="xmlSigInHandler"/&gt;
+    &lt;/jaxrs:providers&gt; 
+    &lt;jaxrs:outInterceptors&gt;
+        &lt;ref bean="xmlSigOutHandler"/&gt; 
+        &lt;ref bean="xmlEncOutHandler"/&gt;
+     &lt;/jaxrs:outInterceptors&gt;
+     &lt;jaxrs:properties&gt;
+         &lt;entry key="ws-security.callback-handler" 
+                  value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/&gt;
+         &lt;entry key="ws-security.encryption.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/alice.properties"/&gt;
+         &lt;entry key="ws-security.signature.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/bob.properties"/&gt;
  
-    <span class="code-tag">&lt;/jaxrs:properties&gt;</span> 
-<span class="code-tag">&lt;/jaxrs:server&gt;</span>
-</pre>
+    &lt;/jaxrs:properties&gt; 
+&lt;/jaxrs:server&gt;
+]]></script>
 </div></div>
 
 <p>Now the client code can be updated to expect an encrypted and signed Book back:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
-<span class="code-comment">// Use the previous code fragment, add the in interceptors:
-</span>XmlEncInInterceptor encInInterceptor = <span class="code-keyword">new</span> XmlEncInInterceptor();
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
+// Use the previous code fragment, add the in interceptors:
+XmlEncInInterceptor encInInterceptor = new XmlEncInInterceptor();
 bean.getInInterceptors().add(encInInterceptor);
-XmlSigInInterceptor sigInInterceptor = <span class="code-keyword">new</span> XmlSigInInterceptor();
+XmlSigInInterceptor sigInInterceptor = new XmlSigInInterceptor();
 bean.getInInterceptors().add(sigInInterceptor);
-</pre>
+]]></script>
 </div></div> 
 
 
@@ -575,33 +583,33 @@ bean.getInInterceptors().add(sigInInterc
 <p>When multiple clients are posting the encrypted and signed payloads, the following configuration will lead to the request signature certificates being utilized for encrypting the symmetric key used to encrypt the response:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag"><span class="code-comment">&lt;!-- server --&gt;</span></span>
-<span class="code-tag">&lt;jaxrs:server&gt;</span>
-<span class="code-tag">&lt;jaxrs:properties&gt;</span>
-         &lt;entry key=<span class="code-quote">"ws-security.callback-handler"</span> 
-                  value=<span class="code-quote">"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"</span>/&gt;
-         &lt;entry key=<span class="code-quote">"ws-security.encryption.properties"</span> 
-                  value=<span class="code-quote">"org/apache/cxf/systest/jaxrs/security/alice.properties"</span>/&gt;
-         <span class="code-tag">&lt;entry key=<span class="code-quote">"ws-security.encryption.username"</span> value=<span class="code-quote">"useReqSigCert"</span>/&gt;</span>
-         &lt;entry key=<span class="code-quote">"ws-security.signature.properties"</span> 
-                  value=<span class="code-quote">"org/apache/cxf/systest/jaxrs/security/bob.properties"</span>/&gt;
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;!-- server --&gt;
+&lt;jaxrs:server&gt;
+&lt;jaxrs:properties&gt;
+         &lt;entry key="ws-security.callback-handler" 
+                  value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/&gt;
+         &lt;entry key="ws-security.encryption.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/alice.properties"/&gt;
+         &lt;entry key="ws-security.encryption.username" value="useReqSigCert"/&gt;
+         &lt;entry key="ws-security.signature.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/bob.properties"/&gt;
  
-    <span class="code-tag">&lt;/jaxrs:properties&gt;</span>
-<span class="code-tag">&lt;/jaxrs:server&gt;</span>
-<span class="code-tag">&lt;jaxrs:client&gt;</span>
-    <span class="code-tag">&lt;jaxrs:properties&gt;</span>
-         &lt;entry key=<span class="code-quote">"ws-security.callback-handler"</span> 
-                  value=<span class="code-quote">"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"</span>/&gt;
-         &lt;entry key=<span class="code-quote">"ws-security.encryption.properties"</span> 
-                  value=<span class="code-quote">"org/apache/cxf/systest/jaxrs/security/bob.properties"</span>/&gt;
-         <span class="code-tag">&lt;entry key=<span class="code-quote">"ws-security.encryption.username"</span> value=<span class="code-quote">"bob"</span>/&gt;</span>
-         &lt;entry key=<span class="code-quote">"ws-security.signature.properties"</span> 
-                  value=<span class="code-quote">"org/apache/cxf/systest/jaxrs/security/alice.properties"</span>/&gt;
-         <span class="code-tag">&lt;entry key=<span class="code-quote">"ws-security.signature.username"</span> value=<span class="code-quote">"alice"</span>/&gt;</span>
-    <span class="code-tag">&lt;/jaxrs:properties&gt;</span>
-<span class="code-tag">&lt;/jaxrs:client&gt;</span>
-</pre>
+    &lt;/jaxrs:properties&gt;
+&lt;/jaxrs:server&gt;
+&lt;jaxrs:client&gt;
+    &lt;jaxrs:properties&gt;
+         &lt;entry key="ws-security.callback-handler" 
+                  value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/&gt;
+         &lt;entry key="ws-security.encryption.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/bob.properties"/&gt;
+         &lt;entry key="ws-security.encryption.username" value="bob"/&gt;
+         &lt;entry key="ws-security.signature.properties" 
+                  value="org/apache/cxf/systest/jaxrs/security/alice.properties"/&gt;
+         &lt;entry key="ws-security.signature.username" value="alice"/&gt;
+    &lt;/jaxrs:properties&gt;
+&lt;/jaxrs:client&gt;
+]]></script>
 </div></div> 
 
 <p>The "ws-security.encryption.username" server property is set to "useReqSigCert".</p>
@@ -631,42 +639,42 @@ The following properties can be set on i
 <p>It is possible to configure the in encryption and signature handlers with the properties restricting the encryption and signature algorithms that clients can use, for example:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-    <span class="code-tag">&lt;bean id=<span class="code-quote">"sigProps"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.SignatureProperties"</span>&gt;</span>
-       &lt;property name=<span class="code-quote">"signatureAlgo"</span> 
-                 value=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#rsa-sha1"</span>/&gt;
-       &lt;property name=<span class="code-quote">"signatureDigestAlgo"</span> 
-                 value=<span class="code-quote">"http://www.w3.org/2000/09/xmldsig#sha1"</span>/&gt;
-       &lt;property name=<span class="code-quote">"signatureC14Method"</span> 
-                 value=<span class="code-quote">"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"</span>/&gt;
-       &lt;property name=<span class="code-quote">"signatureC14Transform"</span> 
-                 value=<span class="code-quote">"http://www.w3.org/2001/10/xml-exc-c14n#"</span>/&gt;                                                  
-    <span class="code-tag">&lt;/bean&gt;</span>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+    &lt;bean id="sigProps" class="org.apache.cxf.rs.security.xml.SignatureProperties"&gt;
+       &lt;property name="signatureAlgo" 
+                 value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/&gt;
+       &lt;property name="signatureDigestAlgo" 
+                 value="http://www.w3.org/2000/09/xmldsig#sha1"/&gt;
+       &lt;property name="signatureC14Method" 
+                 value="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/&gt;
+       &lt;property name="signatureC14Transform" 
+                 value="http://www.w3.org/2001/10/xml-exc-c14n#"/&gt;                                                  
+    &lt;/bean&gt;
     
-    <span class="code-tag">&lt;bean id=<span class="code-quote">"encProps"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.EncryptionProperties"</span>&gt;</span>
-       &lt;property name=<span class="code-quote">"encryptionKeyTransportAlgo"</span> 
-                 value=<span class="code-quote">"http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"</span>/&gt;
-       &lt;property name=<span class="code-quote">"encryptionSymmetricKeyAlgo"</span> 
-                 value=<span class="code-quote">"http://www.w3.org/2001/04/xmlenc#aes128-cbc"</span>/&gt;
-    <span class="code-tag">&lt;/bean&gt;</span>
+    &lt;bean id="encProps" class="org.apache.cxf.rs.security.xml.EncryptionProperties"&gt;
+       &lt;property name="encryptionKeyTransportAlgo" 
+                 value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/&gt;
+       &lt;property name="encryptionSymmetricKeyAlgo" 
+                 value="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/&gt;
+    &lt;/bean&gt;
     
-    <span class="code-tag">&lt;bean id=<span class="code-quote">"xmlSigInHandlerWithProps"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlSigInHandler"</span>&gt;</span>
-        <span class="code-tag">&lt;property name=<span class="code-quote">"signatureProperties"</span> ref=<span class="code-quote">"sigProps"</span>/&gt;</span>
-    <span class="code-tag">&lt;/bean&gt;</span>
+    &lt;bean id="xmlSigInHandlerWithProps" class="org.apache.cxf.rs.security.xml.XmlSigInHandler"&gt;
+        &lt;property name="signatureProperties" ref="sigProps"/&gt;
+    &lt;/bean&gt;
         
-    <span class="code-tag">&lt;bean id=<span class="code-quote">"xmlEncInHandlerWithProps"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlEncInHandler"</span>&gt;</span>
-        <span class="code-tag">&lt;property name=<span class="code-quote">"encryptionProperties"</span> ref=<span class="code-quote">"encProps"</span>/&gt;</span>
-    <span class="code-tag">&lt;/bean&gt;</span>
-
-    <span class="code-tag"><span class="code-comment">&lt;!-- the following ensures that the outbound handlers will use the same algorithms that the client used --&gt;</span></span>  
-    <span class="code-tag">&lt;bean id=<span class="code-quote">"xmlSigOutHandlerWithProps"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlSigOutInterceptor"</span>&gt;</span>
-        <span class="code-tag">&lt;property name=<span class="code-quote">"signatureProperties"</span> ref=<span class="code-quote">"sigProps"</span>/&gt;</span>
-    <span class="code-tag">&lt;/bean&gt;</span>
+    &lt;bean id="xmlEncInHandlerWithProps" class="org.apache.cxf.rs.security.xml.XmlEncInHandler"&gt;
+        &lt;property name="encryptionProperties" ref="encProps"/&gt;
+    &lt;/bean&gt;
+
+    &lt;!-- the following ensures that the outbound handlers will use the same algorithms that the client used --&gt;  
+    &lt;bean id="xmlSigOutHandlerWithProps" class="org.apache.cxf.rs.security.xml.XmlSigOutInterceptor"&gt;
+        &lt;property name="signatureProperties" ref="sigProps"/&gt;
+    &lt;/bean&gt;
         
-    <span class="code-tag">&lt;bean id=<span class="code-quote">"xmlEncOutHandlerWithProps"</span> class=<span class="code-quote">"org.apache.cxf.rs.security.xml.XmlEncOutInterceptor"</span>&gt;</span>
-        <span class="code-tag">&lt;property name=<span class="code-quote">"encryptionProperties"</span> ref=<span class="code-quote">"encProps"</span>/&gt;</span>
-    <span class="code-tag">&lt;/bean&gt;</span>
-</pre>
+    &lt;bean id="xmlEncOutHandlerWithProps" class="org.apache.cxf.rs.security.xml.XmlEncOutInterceptor"&gt;
+        &lt;property name="encryptionProperties" ref="encProps"/&gt;
+    &lt;/bean&gt;
+]]></script>
 </div></div>
 
 <p>Getting the same SignatureProperties and EncryptionProperties beans (with "sigProps" and "encProps" ids) registered with the outbound<br clear="none">

Modified: websites/production/cxf/content/docs/jax-rs.html
==============================================================================
--- websites/production/cxf/content/docs/jax-rs.html (original)
+++ websites/production/cxf/content/docs/jax-rs.html Mon Jun 24 17:10:51 2013
@@ -25,6 +25,18 @@
 <meta http-equiv="Content-type" content="text/html;charset=UTF-8">
 <meta name="keywords" content="business integration, EAI, SOA, Service Oriented Architecture, web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support, integration standards, application integration, middleware, software, solutions, services, CXF, open source">
 <meta name="description" content="Apache CXF, Services Framework - JAX-RS">
+
+  <link href='http://cxf.apache.org/resources/highlighter/styles/shCore.css' rel='stylesheet' type='text/css' />
+  <link href='http://cxf.apache.org/resources/highlighter/styles/shThemeCXF.css' rel='stylesheet' type='text/css' />
+  <script src='http://cxf.apache.org/resources/highlighter/scripts/shCore.js' type='text/javascript'></script>
+  <script src='http://cxf.apache.org/resources/highlighter/scripts/shBrushJava.js' type='text/javascript'></script>
+  <script src='http://cxf.apache.org/resources/highlighter/scripts/shBrushXml.js' type='text/javascript'></script>
+  
+  <script type="text/javascript">
+  SyntaxHighlighter.defaults['toolbar'] = false;
+  SyntaxHighlighter.all();
+  </script>
+ 
     <title>
 Apache CXF -- JAX-RS
     </title>
@@ -42,19 +54,15 @@ Apache CXF -- JAX-RS
     <td id="cell-1-0">&nbsp;</td>
     <td id="cell-1-1">&nbsp;</td>
     <td id="cell-1-2">
-      <div style="padding: 5px;">
-        <div id="banner">
-          <!-- Banner -->
-<div id="banner-content">
+      <!-- Banner -->
+<div class="banner" id="banner"><p>
 <table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td align="left" colspan="1" nowrap>
 <a shape="rect" href="http://cxf.apache.org/" title="Apache CXF"><span style="font-weight: bold; font-size: 170%; color: white">Apache CXF</span></a>
 </td><td align="right" colspan="1" nowrap>
 <a shape="rect" href="http://www.apache.org/" title="The Apache Sofware Foundation"><img border="0" alt="ASF Logo" src="http://cxf.apache.org/images/asf-logo.png"></a>
 </td></tr></table>
-</div>
-          <!-- Banner -->
-        </div>
-      </div>
+</p></div>
+      <!-- Banner -->
       <div id="top-menu">
         <table border="0" cellpadding="1" cellspacing="0" width="100%">
           <tr>
@@ -94,7 +102,7 @@ Apache CXF -- JAX-RS
 
 
 <hr>
-<ul class="alternate" type="square"><li>Search
+<ul class="alternate" type="square"><li>Search<br clear="none">
 
 <form enctype="application/x-www-form-urlencoded" method="get" id="cse-search-box" action="http://www.google.com/cse">
   <div>
@@ -171,13 +179,13 @@ There have been just a few minor modific
 <p>The cxf-rt-frontend-jaxrs dependency is required:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-   <span class="code-tag">&lt;dependency&gt;</span>
-      <span class="code-tag">&lt;groupId&gt;</span>org.apache.cxf<span class="code-tag">&lt;/groupId&gt;</span>
-      <span class="code-tag">&lt;artifactId&gt;</span>cxf-rt-frontend-jaxrs<span class="code-tag">&lt;/artifactId&gt;</span>
-      <span class="code-tag">&lt;version&gt;</span>${cxf.version}<span class="code-tag">&lt;/version&gt;</span>
-   <span class="code-tag">&lt;/dependency&gt;</span>
-</pre>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+   &lt;dependency&gt;
+      &lt;groupId&gt;org.apache.cxf&lt;/groupId&gt;
+      &lt;artifactId&gt;cxf-rt-frontend-jaxrs&lt;/artifactId&gt;
+      &lt;version&gt;${cxf.version}&lt;/version&gt;
+   &lt;/dependency&gt;
+]]></script>
 </div></div>
 
 <p>This will in turn pull in other <a shape="rect" href="http://cxf.apache.org/project-status.html">CXF modules</a> such <tt>cxf-api</tt>, <tt>cxf-rt-core</tt>, <tt>cxf-rt-transports-http</tt> and <tt>cxf-rt-bindings-xml</tt> as well as <a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/rt/frontend/jaxrs/pom.xml">the following 3rd-party dependencies</a>.</p>
@@ -197,25 +205,25 @@ There have been just a few minor modific
 <p>Optional providers (including the default JSONProvider) are located in this module:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-   <span class="code-tag">&lt;dependency&gt;</span>
-      <span class="code-tag">&lt;groupId&gt;</span>org.apache.cxf<span class="code-tag">&lt;/groupId&gt;</span>
-      <span class="code-tag">&lt;artifactId&gt;</span>cxf-rt-rs-extension-providers<span class="code-tag">&lt;/artifactId&gt;</span>
-      <span class="code-tag">&lt;version&gt;</span>2.6.0<span class="code-tag">&lt;/version&gt;</span>
-   <span class="code-tag">&lt;/dependency&gt;</span>
-</pre>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+   &lt;dependency&gt;
+      &lt;groupId&gt;org.apache.cxf&lt;/groupId&gt;
+      &lt;artifactId&gt;cxf-rt-rs-extension-providers&lt;/artifactId&gt;
+      &lt;version&gt;2.6.0&lt;/version&gt;
+   &lt;/dependency&gt;
+]]></script>
 </div></div>
 
 <p>The Search extension is now located in</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-   <span class="code-tag">&lt;dependency&gt;</span>
-      <span class="code-tag">&lt;groupId&gt;</span>org.apache.cxf<span class="code-tag">&lt;/groupId&gt;</span>
-      <span class="code-tag">&lt;artifactId&gt;</span>cxf-rt-rs-extension-search<span class="code-tag">&lt;/artifactId&gt;</span>
-      <span class="code-tag">&lt;version&gt;</span>2.6.0<span class="code-tag">&lt;/version&gt;</span>
-   <span class="code-tag">&lt;/dependency&gt;</span>
-</pre>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+   &lt;dependency&gt;
+      &lt;groupId&gt;org.apache.cxf&lt;/groupId&gt;
+      &lt;artifactId&gt;cxf-rt-rs-extension-search&lt;/artifactId&gt;
+      &lt;version&gt;2.6.0&lt;/version&gt;
+   &lt;/dependency&gt;
+]]></script>
 </div></div>
 
 <h3><a shape="rect" name="JAX-RS-CXF2.5.xCXF2.3.x"></a>CXF 2.5.x - CXF 2.3.x</h3>
@@ -231,30 +239,30 @@ There have been just a few minor modific
 <p><b>Note that starting from CXF 2.4.x the <tt>cxf-rt-databindings-aegis</tt> and <tt>org.apache.xmlbeans/xmlbeans/2.4.0</tt> dependencies are optional</b>. If you are not working with the CXF distributions containing these dependencies but using Maven to pull in either the CXF JAX-RS Bundle or the <tt>cxf-rt-frontend-jaxrs</tt> frontend then please make sure one of the following dependencies are also included:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-   <span class="code-tag">&lt;dependency&gt;</span>
-      <span class="code-tag">&lt;groupId&gt;</span>org.apache.cxf<span class="code-tag">&lt;/groupId&gt;</span>
-      <span class="code-tag">&lt;artifactId&gt;</span>cxf-rt-databinding-aegis<span class="code-tag">&lt;/artifactId&gt;</span>
-      <span class="code-tag"><span class="code-comment">&lt;!-- 2.4.4 or 2.5.0 --&gt;</span></span>
-      <span class="code-tag">&lt;version&gt;</span>${cxf.version}<span class="code-tag">&lt;/version&gt;</span>
-   <span class="code-tag">&lt;/dependency&gt;</span>
-   <span class="code-tag">&lt;dependency&gt;</span>
-      <span class="code-tag">&lt;groupId&gt;</span>org.apache.xmlbeans<span class="code-tag">&lt;/groupId&gt;</span>
-      <span class="code-tag">&lt;artifactId&gt;</span>xmlbeans<span class="code-tag">&lt;/artifactId&gt;</span>
-      <span class="code-tag">&lt;version&gt;</span>2.4.0<span class="code-tag">&lt;/version&gt;</span>
-   <span class="code-tag">&lt;/dependency&gt;</span>
-</pre>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+   &lt;dependency&gt;
+      &lt;groupId&gt;org.apache.cxf&lt;/groupId&gt;
+      &lt;artifactId&gt;cxf-rt-databinding-aegis&lt;/artifactId&gt;
+      &lt;!-- 2.4.4 or 2.5.0 --&gt;
+      &lt;version&gt;${cxf.version}&lt;/version&gt;
+   &lt;/dependency&gt;
+   &lt;dependency&gt;
+      &lt;groupId&gt;org.apache.xmlbeans&lt;/groupId&gt;
+      &lt;artifactId&gt;xmlbeans&lt;/artifactId&gt;
+      &lt;version&gt;2.4.0&lt;/version&gt;
+   &lt;/dependency&gt;
+]]></script>
 </div></div>
 
 <p><b>Starting from CXF 2.4.0</b> the wsdl4j transitive dependency is only required for running the CXF JAX-RS client code due to one of the HTTP transport extensions indirectly depending on wsdl4j. When running the server endpoints only, you can add the wsdl4j exclusion to either cxf-frontend-jaxrs or cxf-bundle-jaxrs dependency: </p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag">&lt;exclusion&gt;</span>
- <span class="code-tag">&lt;groupId&gt;</span>wsdl4j<span class="code-tag">&lt;/groupId&gt;</span>
- <span class="code-tag">&lt;artifactId&gt;</span>wsdl4j<span class="code-tag">&lt;/artifactId&gt;</span>
-<span class="code-tag">&lt;/exclusion&gt;</span>
-</pre>
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;exclusion&gt;
+ &lt;groupId&gt;wsdl4j&lt;/groupId&gt;
+ &lt;artifactId&gt;wsdl4j&lt;/artifactId&gt;
+&lt;/exclusion&gt;
+]]></script>
 </div></div>
 
 <p>Please check the <a shape="rect" class="external-link" href="http://svn.apache.org/repos/asf/cxf/trunk/rt/frontend/jaxrs/pom.xml">pom.xml</a> for the list of cxf components used by the JAX-RS implementation. Snapshots are available from <a shape="rect" class="external-link" href="http://repository.apache.org/snapshots/org/apache/cxf/apache-cxf/">http://repository.apache.org/snapshots/org/apache/cxf/apache-cxf/</a>.</p>
@@ -293,20 +301,20 @@ There have been just a few minor modific
 <p>Please note that this bundle has a transitive Maven dependency on the Jetty server modules. If you are using Maven and working with other servlet containers such as Tomcat then please add the following exclusion:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-   <span class="code-tag">&lt;dependency&gt;</span>
-      <span class="code-tag">&lt;groupId&gt;</span>org.apache.cxf<span class="code-tag">&lt;/groupId&gt;</span>
-      <span class="code-tag">&lt;artifactId&gt;</span>cxf-bundle-jaxrs<span class="code-tag">&lt;/artifactId&gt;</span>
-      <span class="code-tag">&lt;version&gt;</span>${cxf.version}<span class="code-tag">&lt;/version&gt;</span>
-      <span class="code-tag">&lt;exclusions&gt;</span>
-          <span class="code-tag">&lt;exclusion&gt;</span>
-            <span class="code-tag">&lt;groupId&gt;</span>org.eclipse.jetty<span class="code-tag">&lt;/groupId&gt;</span>
-            <span class="code-tag">&lt;artifactId&gt;</span>jetty-server<span class="code-tag">&lt;/artifactId&gt;</span>
-          <span class="code-tag">&lt;/exclusion&gt;</span>
-      <span class="code-tag">&lt;/exclusions&gt;</span> 
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+   &lt;dependency&gt;
+      &lt;groupId&gt;org.apache.cxf&lt;/groupId&gt;
+      &lt;artifactId&gt;cxf-bundle-jaxrs&lt;/artifactId&gt;
+      &lt;version&gt;${cxf.version}&lt;/version&gt;
+      &lt;exclusions&gt;
+          &lt;exclusion&gt;
+            &lt;groupId&gt;org.eclipse.jetty&lt;/groupId&gt;
+            &lt;artifactId&gt;jetty-server&lt;/artifactId&gt;
+          &lt;/exclusion&gt;
+      &lt;/exclusions&gt; 
 
-   <span class="code-tag">&lt;/dependency&gt;</span>
-</pre>
+   &lt;/dependency&gt;
+]]></script>
 </div></div>
 
 <h1><a shape="rect" name="JAX-RS-WhatisNew"></a>What is New</h1>
@@ -381,21 +389,21 @@ Please see the <a shape="rect" class="ex
 <p>The runtime will replace '.xml' or '.en' with an appropriate header value. For it to know the type or language value associated with a given URI suffix, some configuration needs to be done. Here's an example of how it can be done with Spring:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
 
-  <span class="code-tag">&lt;jaxrs:server id=<span class="code-quote">"customerService"</span> address=<span class="code-quote">"/"</span>&gt;</span>
-    <span class="code-tag">&lt;jaxrs:serviceBeans&gt;</span>
-      <span class="code-tag">&lt;bean class=<span class="code-quote">"org.apache.cxf.jaxrs.systests.CustomerService"</span> /&gt;</span>
-    <span class="code-tag">&lt;/jaxrs:serviceBeans&gt;</span>
-    <span class="code-tag">&lt;jaxrs:extensionMappings&gt;</span>
-      <span class="code-tag">&lt;entry key=<span class="code-quote">"json"</span> value=<span class="code-quote">"application/json"</span>/&gt;</span>
-      <span class="code-tag">&lt;entry key=<span class="code-quote">"xml"</span> value=<span class="code-quote">"application/xml"</span>/&gt;</span>
-    <span class="code-tag">&lt;/jaxrs:extensionMappings&gt;</span>
-    <span class="code-tag">&lt;jaxrs:languageMappings&gt;</span>
-       <span class="code-tag">&lt;entry key=<span class="code-quote">"en"</span> value=<span class="code-quote">"en-gb"</span>/&gt;</span>  
-    <span class="code-tag">&lt;/jaxrs:languageMappings&gt;</span>
-  <span class="code-tag">&lt;/jaxrs:server&gt;</span>
-</pre>
+  &lt;jaxrs:server id="customerService" address="/"&gt;
+    &lt;jaxrs:serviceBeans&gt;
+      &lt;bean class="org.apache.cxf.jaxrs.systests.CustomerService" /&gt;
+    &lt;/jaxrs:serviceBeans&gt;
+    &lt;jaxrs:extensionMappings&gt;
+      &lt;entry key="json" value="application/json"/&gt;
+      &lt;entry key="xml" value="application/xml"/&gt;
+    &lt;/jaxrs:extensionMappings&gt;
+    &lt;jaxrs:languageMappings&gt;
+       &lt;entry key="en" value="en-gb"/&gt;  
+    &lt;/jaxrs:languageMappings&gt;
+  &lt;/jaxrs:server&gt;
+]]></script>
 </div></div>
 
 <p>CXF also supports a _type query as an alternative to appending extensions like '.xml' to request URIs:</p>
@@ -422,17 +430,17 @@ by Java HTTPUrlConnection. When needed, 
 
 <p>Many of the existing CXF features can be applied either to <tt>jaxrs:server</tt> or <tt>jaxrs:client</tt>. For example, to enable logging of requests and responses, simply do:</p>
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-&lt;beans <span class="code-keyword">xmlns:cxf</span>=<span class="code-quote">"http://cxf.apache.org/core"</span> 
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;beans xmlns:cxf="http://cxf.apache.org/core" 
    xsi:schemaLocation="http://cxf.apache.org/core 
       http://cxf.apache.org/schemas/core.xsd"&gt;
-<span class="code-tag">&lt;jaxrs:server&gt;</span>
-<span class="code-tag">&lt;jaxrs:features&gt;</span>
-     <span class="code-tag">&lt;cxf:logging/&gt;</span>
-<span class="code-tag">&lt;/jaxrs:features&gt;</span>
-<span class="code-tag">&lt;jaxrs:server&gt;</span>
-<span class="code-tag">&lt;/beans&gt;</span>
-</pre>
+&lt;jaxrs:server&gt;
+&lt;jaxrs:features&gt;
+     &lt;cxf:logging/&gt;
+&lt;/jaxrs:features&gt;
+&lt;jaxrs:server&gt;
+&lt;/beans&gt;
+]]></script>
 </div></div>
 
 <p>Please make sure the <tt><a shape="rect" href="http://cxf.apache.org/core">http://cxf.apache.org/core</a></tt> namespace is in scope.</p>