rampartconfig-guide.xml

shankar Tue, 21 Dec 2010 02:16:56 -0800

Author: shankar
Date: Tue Dec 21 10:16:31 2010
New Revision: 1051445

URL: http://svn.apache.org/viewvc?rev=1051445&view=rev
Log:
Applying patch from RAMPART-306


Modified:
    
axis/axis2/java/rampart/trunk/modules/documentation/src/site/xdoc/rampartconfig-guide.xml

Modified: 
axis/axis2/java/rampart/trunk/modules/documentation/src/site/xdoc/rampartconfig-guide.xml
URL: 
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/documentation/src/site/xdoc/rampartconfig-guide.xml?rev=1051445&r1=1051444&r2=1051445&view=diff
==============================================================================
--- 
axis/axis2/java/rampart/trunk/modules/documentation/src/site/xdoc/rampartconfig-guide.xml
 (original)
+++ 
axis/axis2/java/rampart/trunk/modules/documentation/src/site/xdoc/rampartconfig-guide.xml
 Tue Dec 21 10:16:31 2010
@@ -43,14 +43,14 @@
                </td></tr>
     <tr class="b"><td>encryptionCypto</td><td>properties to needed perform 
signature, such as crypto
         provider, keystore and its password</td><td>
-<pre>        
+<pre>
 &lt;encryptionCypto&gt;
     ....crypto element ......
 &lt;/encryptionCypto&gt;
 </pre></td></tr>
     <tr class="a"><td>decryptionCrypto</td><td>properties to needed perform 
signature, such as crypto
         provider, keystore and its password</td><td>
-<pre>  
+<pre>
 &lt;decryptionCrypto&gt;
     ....crypto element ......
 &lt;/decryptionCrypto&gt;</pre></td></tr>
@@ -67,10 +67,66 @@
 the org.apache.ws.security.components.crypto.Crypto interface to provide the
 crypto information required by WSS4J. The other properties defined are the
 configuration properties used by the implementation class
-(org.apache.ws.security.components.crypto.Merlin). 
+(org.apache.ws.security.components.crypto.Merlin).
 <br></br>
-<a name="ref"></a><a name="references"></a></p>
-<a name="References"></a>
-<h3>References</h3>1. <a href="http://ws.apache.org/wss4j";>Apache WSS4J 
-Home</a>
+      <a name="ref"></a>
+      <a name="references"></a>
+  </p>
+      <a name="References"></a>
+      <h3>Crypto Caching</h3>
+      <p>Enabling caching of crypto objects will improve the performance of 
security processing.
+          After
+          enabling crypto caching, the crypto objects will be read from a 
cache instead of
+          constructing them by reading the keystore files.
+      </p>
+      <p>To enable caching of Crypto objects, two attributes should be added 
to the crypto elements
+          of signatureCrypto/encryptionCrypto of RampartConfig.
+      </p>
+      <ol>
+          <li xmlns="http://www.w3.org/1999/xhtml"; xml:space="preserve">
+              <b>cryptoKey</b> - <p>As the value of this attribute, specify 
the property of a Crypto
+              implementation which points to the location of the keystore. For 
example in
+              Merlin, the
+              property "org.apache.ws.security.crypto.merlin.file" is unique 
and its pointing to
+              the
+              location of the keystore. Absence of this attribute will not 
enable caching.</p>
+          </li>
+          <li xmlns="http://www.w3.org/1999/xhtml"; xml:space="preserve">
+              <b>cacheRefreshInterval</b> - <p>This is the cache refresh 
interval specified in
+              milliseconds. Any
+              object that resides in the cache longer than this period will be 
considered as
+              expired.
+              Cache will not be refreshed if this attribute is not present in 
the configuration.
+              If you
+              do not want to refresh the cache, provide only the "cryptoKey" 
attribute.</p>
+          </li>
+      </ol>
+      <p>
+          A sample configuration is provided below. It uses the Merlin crypto 
implementation for
+          signing and encryption. Here, the value of the cryptoKey attribute 
is eqaul to
+          "org.apache.ws.security.crypto.merlin.file" and the cache refresh 
interval is 300000
+          milliseconds.
+      </p>
+      <pre xmlns="http://www.w3.org/1999/xhtml"; xml:space="preserve">
+          &lt;ramp:RampartConfig 
xmlns:ramp="http://ws.apache.org/rampart/policy";&gt;
+            &lt;ramp:signatureCrypto&gt;
+                &lt;ramp:crypto 
provider="org.apache.ws.security.components.crypto.Merlin" 
cryptoKey="org.apache.ws.security.crypto.merlin.file" 
cacheRefreshInterval="300000"&gt;
+                    &lt;ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.type"&gt;JKS&lt;/ramp:property&gt;
+                    &lt;ramp:property 
name="org.apache.ws.security.crypto.merlin.file"&gt;service.jks&lt;/ramp:property&gt;
+                    &lt;ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.password"&gt;servicePW&lt;/ramp:property&gt;
+                &lt;/ramp:crypto&gt;
+            &lt;/ramp:signatureCrypto&gt;
+            &lt;ramp:encryptionCypto&gt;
+                &lt;ramp:crypto 
provider="org.apache.ws.security.components.crypto.Merlin" 
cryptoKey="org.apache.ws.security.crypto.merlin.file" 
cacheRefreshInterval="300000&gt;
+                    &lt;ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.type"&gt;JKS&lt;/ramp:property&gt;
+                    &lt;ramp:property 
name="org.apache.ws.security.crypto.merlin.file"&gt;service.jks&lt;/ramp:property&gt;
+                    &lt;ramp:property 
name="org.apache.ws.security.crypto.merlin.keystore.password"&gt;apache&lt;/ramp:property&gt;
+                &lt;/ramp:crypto&gt;
+            &lt;/ramp:encryptionCypto&gt;
+          &lt;/ramp:RampartConfig&gt;
+      </pre>
+      <br></br>
+      <h3>References</h3>1.
+      <a href="http://ws.apache.org/wss4j";>Apache WSS4J -Home</a>
   </body>
 </html>

svn commit: r1051445 - /axis/axis2/java/rampart/trunk/modules/documentation/src/site/xdoc/rampartconfig-guide.xml

Reply via email to