This is an automated email from the ASF dual-hosted git repository.
robertlazarski pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git
The following commit(s) were added to refs/heads/master by this push:
new 4bf1c829 RAMPART-441 community patch on docs
4bf1c829 is described below
commit 4bf1c82911b74746c3d3215ebd7ef53e878668a7
Author: Robert Lazarski <robertlazar...@gmail.com>
AuthorDate: Sat Oct 26 06:24:13 2024 -1000
RAMPART-441 community patch on docs
---
src/site/resources/rampart-config.xsd | 89 ++++++++++++++++++++++-------------
src/site/xdoc/rampartconfig-guide.xml | 10 ++--
2 files changed, 60 insertions(+), 39 deletions(-)
diff --git a/src/site/resources/rampart-config.xsd
b/src/site/resources/rampart-config.xsd
index c0e94d48..b9e6632b 100644
--- a/src/site/resources/rampart-config.xsd
+++ b/src/site/resources/rampart-config.xsd
@@ -6,47 +6,68 @@
</xs:annotation>
<xs:complexType>
<xs:sequence>
- <xs:element name="user" type="xs:string"/>
- <xs:element name="userCertAlias"
type="xs:string" minOccurs="0"/>
- <xs:element name="encryptionUser"
type="xs:string" minOccurs="0"/>
- <xs:element name="passwordCallbackClass"
type="xs:string" minOccurs="0"/>
- <xs:element name="policyValidatorCbClass"
type="xs:string" minOccurs="0"/>
- <xs:element name="rampartConfigCallbackClass"
type="xs:string" minOccurs="0"/>
- <xs:element name="signatureCrypto"
type="ramp:crypto" minOccurs="0"/>
- <xs:element name="encryptionCypto"
type="ramp:crypto" minOccurs="0"/>
- <xs:element name="decryptionCrypto"
type="ramp:crypto" minOccurs="0"/>
- <xs:element
name="timestampPrecisionInMilliseconds" type="xs:boolean" minOccurs="0"/>
- <xs:element name="timestampTTL"
type="xs:integer" minOccurs="0"/>
- <xs:element name="timestampMaxSkew"
type="xs:integer" minOccurs="0"/>
- <xs:element name="tokenStoreClass"
type="xs:string" minOccurs="0"/>
- <xs:element name="optimizeParts"
type="xs:string" minOccurs="0"/>
- <xs:element name="sslConfig" type="ramp:ssl"
minOccurs="0"/>
+ <xs:choice minOccurs="0" maxOccurs="unbounded">
+ <xs:element name="user"
type="xs:string"/>
+ <xs:element name="userCertAlias"
type="xs:string" minOccurs="0"/>
+ <xs:element name="actor"
type="xs:string" minOccurs="0"/>
+ <xs:element name="mustUnderstand"
type="xs:integer" minOccurs="0"/>
+ <xs:element name="encryptionUser"
type="xs:string" minOccurs="0"/>
+ <xs:element name="stsAlias"
type="xs:string" minOccurs="0"/>
+ <xs:element
name="passwordCallbackClass" type="xs:string" minOccurs="0"/>
+ <xs:element
name="policyValidatorCbClass" type="xs:string" minOccurs="0"/>
+ <xs:element
name="rampartConfigCallbackClass" type="xs:string" minOccurs="0"/>
+ <xs:element name="sslConfig"
type="ramp:ssl" minOccurs="0"/>
+ <xs:element name="kerberosConfig"
type="ramp:ssl" minOccurs="0"/>
+ <xs:element name="signatureCrypto"
type="ramp:crypto" minOccurs="0"/>
+ <xs:element name="encryptionCrypto"
type="ramp:crypto" minOccurs="0"/>
+ <xs:element name="decryptionCrypto"
type="ramp:crypto" minOccurs="0"/>
+ <xs:element name="stsCrypto"
type="ramp:crypto" minOccurs="0"/>
+ <xs:element
name="timestampPrecisionInMilliseconds" type="xs:boolean" minOccurs="0"/>
+ <xs:element name="timestampTTL"
type="xs:integer" minOccurs="0"/>
+ <xs:element name="timestampMaxSkew"
type="xs:integer" minOccurs="0"/>
+ <xs:element name="nonceLifeTime"
type="xs:integer" minOccurs="0"/>
+ <xs:element name="tokenStoreClass"
type="xs:string" minOccurs="0"/>
+ <xs:element name="optimizeParts"
type="xs:string" minOccurs="0"/>
+ <xs:element name="timestampStrict"
type="xs:boolean" minOccurs="0"/>
+ <xs:element
name="optimizeMessageProcessingForTransportBinding" type="xs:boolean"
minOccurs="0"/>
+ </xs:choice>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:complexType name="crypto">
- <xs:sequence maxOccurs="1">
- <xs:element name="crypto">
- <xs:complexType>
- <xs:sequence maxOccurs="unbounded">
- <xs:element name="property">
- <xs:complexType>
- <xs:simpleContent>
- <xs:extension base="xs:string">
- <xs:attribute name="name"
type="xs:string" use="required"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
- <xs:attribute name="provider" type="xs:string"
use="required"/>
- </xs:complexType>
- </xs:element>
- </xs:sequence>
+ <xs:sequence maxOccurs="1">
+ <xs:element name="crypto">
+ <xs:complexType>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="property">
+ <xs:complexType>
+
<xs:simpleContent>
+
<xs:extension base="xs:string">
+
<xs:attribute name="name" type="xs:string" use="required"/>
+
</xs:extension>
+
</xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ <xs:attribute name="provider"
type="xs:string" use="required"/>
+ <xs:attribute name="cryptoKey"
type="xs:string" use="optional"/>
+ <xs:attribute
name="cacheRefreshInterval" type="xs:integer" use="optional"/>
+ <xs:attribute
name="enableCryptoCaching" type="xs:boolean" use="optional"/>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
</xs:complexType>
<xs:complexType name="ssl">
<xs:sequence maxOccurs="unbounded">
- <xs:element name="property" type="xs:string"/>
+ <xs:element name="property">
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="xs:string">
+ <xs:attribute
name="name" type="xs:string" use="required"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
</xs:sequence>
</xs:complexType>
</xs:schema>
\ No newline at end of file
diff --git a/src/site/xdoc/rampartconfig-guide.xml
b/src/site/xdoc/rampartconfig-guide.xml
index a077165f..e593b8dd 100644
--- a/src/site/xdoc/rampartconfig-guide.xml
+++ b/src/site/xdoc/rampartconfig-guide.xml
@@ -41,12 +41,12 @@
<signatureCrypto>
</pre>
</td></tr>
- <tr class="b"><td>encryptionCypto</td><td>properties to needed perform
signature, such as crypto
+ <tr class="b"><td>encryptionCrypto</td><td>properties to needed perform
signature, such as crypto
provider, keystore and its password</td><td>
<pre>
-<encryptionCypto>
+<encryptionCrypto>
....crypto element ......
-</encryptionCypto>
+</encryptionCrypto>
</pre></td></tr>
<tr class="a"><td>decryptionCrypto</td><td>properties to needed perform
signature, such as crypto
provider, keystore and its password</td><td>
@@ -116,13 +116,13 @@ configuration properties used by the implementation class
<ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">servicePW</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
- <ramp:encryptionCypto>
+ <ramp:encryptionCrypto>
<ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin"
cryptoKey="org.apache.ws.security.crypto.merlin.file"
cacheRefreshInterval="300000>
<ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">PKCS12</ramp:property>
<ramp:property
name="org.apache.ws.security.crypto.merlin.file">service.pkcs12</ramp:property>
<ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
</ramp:crypto>
- </ramp:encryptionCypto>
+ </ramp:encryptionCrypto>
</ramp:RampartConfig>
</pre>
<p>Crypto caching is enabled by default when Merlin is used as the
crypto provider. So Rampart will cache the crypto objects
