ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1856947 [1/2] - in /webservices/website/wss4j: ./ testapidocs/org/apache/wss4j/common/cache/ testapidocs/org/apache/wss4j/common/cache/class-use/ xref-test/org/apache/wss4j/common/cache/
Date Thu, 04 Apr 2019 15:31:46 GMT
Author: coheigea
Date: Thu Apr  4 15:31:46 2019
New Revision: 1856947

URL: http://svn.apache.org/viewvc?rev=1856947&view=rev
Log:
More updates

Added:
    webservices/website/wss4j/dependency-check-report.html
    webservices/website/wss4j/migration.html
    webservices/website/wss4j/newfeatures20.html
    webservices/website/wss4j/testapidocs/org/apache/wss4j/common/cache/ReplayCacheTest.html
    webservices/website/wss4j/testapidocs/org/apache/wss4j/common/cache/class-use/ReplayCacheTest.html
    webservices/website/wss4j/wss4j16.html
    webservices/website/wss4j/wss4j20.html
    webservices/website/wss4j/wss4j21.html
    webservices/website/wss4j/wss4j22.html
    webservices/website/wss4j/xref-test/org/apache/wss4j/common/cache/ReplayCacheTest.html

Added: webservices/website/wss4j/dependency-check-report.html
URL: http://svn.apache.org/viewvc/webservices/website/wss4j/dependency-check-report.html?rev=1856947&view=auto
==============================================================================
--- webservices/website/wss4j/dependency-check-report.html (added)
+++ webservices/website/wss4j/dependency-check-report.html Thu Apr  4 15:31:46 2019
@@ -0,0 +1,602 @@
+
+<!DOCTYPE html>
+<html>
+    <head>
+        <title>Dependency-Check Report</title>
+        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+        <link rel="shortcut icon" href="data:;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAVLSURBVFhHvZdvbFRFEMB3913v9Vr+FKUNRdtrewg1lQgRE0gMYkJSowYMwcSPkGDwg8ZigMR+UYzGaIuAEj+R+IfE+EUlRL+QYAwhGBMqkFQDpO1xd/YPBaSU9u767r0dZ5a513vtXVsq8Zcsb3bu9c3szuzsIMU8iEaj5fhYJlzRYCkZ7Utd+wbnQL+Nd0TeoyeAPLFgf/oiyTNxXw6g4WUhTz4JEtaiNXLCEE8l3seHJjlzsOJHfLxMsgHE4cje9B6eTUPxc0ZoxbFHG1qVFq9rCRsKjc+KFG3oFGQ6Kw6xJsCsDqDxNZYWbWSYVUFAJFkyaA2XWAxiHIlcGPukYg1rDCVDQKsOadmqBaxllY8CuKHBuqOlHlNKufFk/GdUmxxoeqTpMbBg1dGXRlZtqHc2R8rgedIXgk4eqNyXMblS1AE2vhWNP84qAxl2hewno6wyFHOAZOLAc6PRbU+kd2OyrmbVPTg3pjlQzDgazGmh40rKMY3LZrVBCi/Tl0z+gqJxYGV9fWNOWC0kF3Jm1/C2pZWwk6cG2olpOcDb7hsHgLQGcUWAGs0bV1K7EuSQFbbOLKmuPkOvkZ64mkzG8bXz5BirDBuP1fzQP6I+5yl9eAS9vxjYAVz9esx0P2a0ck+73VKGPFaR8Vtpx7k0ODiYZlVJmpcvfzirwi1SyUWsMiF5ZXX6A1zJzsq9mRO+A7T1lO2BIyZVN/6bJZFWnQO4Wl1dnerq6sqRbq401TWtw9qxjGT6zhfbs3+0Hrw+THPfgVhdA8Xdz3j84RpIdZOngrY1kUgMOR3lG1kVREkHhBp3smJ4wdLmf+TuoJOxuroW3NI6zN6L9B1W33MAV1+F
 W99mNIgUclBaYtCPObjx3lTqT5KxqJyk52y4nv5u4f7stzzNY+Hww0ncS0JXBIoDWryRN07JVlVTc9Xo74OQpV7F6ndk5CO7iVVEwDihVqxYYVtKrOc5bckIgHJIpnhl3MxfpWIuJZyWAMdo0Io1AOXMJFI0hm3VzrOiYG2BmsLEAz0Zd9DWzZmyHd/tLt+bOUmDthuzun3C8dryjqCDdzF5tqcPRr40f1AElcvl6lgmJkC5d1kWYS8bZ3HOVL0z0TcKiz70tBjAML4opVgsoeB2nIJyXfeKJfRxGo52j4ds+xwWmN9t1/7t8sDALX7vvqjdd31cChgi40YhZdXUSyiPGkAjPalUL43+/v6/e3p6btC4PHB5XsZ9sMqxZJAWbGIxwJz6gfkAWl5jcUYUbU1+3D60uIp0PPwiNR/wZAW3HERRh5Sy4C3LEhdoiAn368b6xhdoxKLRVn5nXmDpfZZFg7J00f5QgRYJlkV5GWyJVnk2yRpUKBaLFZ6QOYMFaAdW0x08xcXDr5E9E8V3wAmFD7NseO3pMf8uh1xuJYuzQuGjMJreT4rJc4/XrvZk6aZ0yZ47WPkm47M55mxnET23IrW1tRU8DUBFBlf2faYzcptGuefETRix9+NXDNhLHJmpPTenAON1xMyQRbZevaV5ooanwrbsdSz6kPF8kaEz7o9CqOEAvPO59yuFccBR4a/MjGnfNDp5M2IzgQnpd8QB41NBoxRvarWyVrgRe77Ad4vhHzX6H41S8l2eitO9ZR+/+dNDZ3lqbsW+VN/52x12YxlY04xbZd5IqUSbCd8BSiLby13AlTWwSnx6tvKNY10LzCmhm7E3kTiFYqAp/a/4lZCSUYIX6Frffmb86K6nxqJknDoZVD1Q48S0ajc1FBTXU8mFzVs/G77OmgdK0XLLZ7nNnGHuXvmn/w9yYrwzUvIefzAI8S83C2sS1J4rmAAAAABJRU5ErkJggg==" />
+        <script type="text/javascript">
+            /*! jQuery v@1.8.0 jquery.com | jquery.org/license */

[... 595 lines stripped ...]
Added: webservices/website/wss4j/migration.html
URL: http://svn.apache.org/viewvc/webservices/website/wss4j/migration.html?rev=1856947&view=auto
==============================================================================
--- webservices/website/wss4j/migration.html (added)
+++ webservices/website/wss4j/migration.html Thu Apr  4 15:31:46 2019
@@ -0,0 +1,958 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<!-- Generated by Apache Maven Doxia Site Renderer 1.7.4 at 2019-04-04 -->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <title>Apache WSS4J &#x2013; </title>
+    <style type="text/css" media="all">
+      @import url("./css/maven-base.css");
+      @import url("./css/maven-theme.css");
+      @import url("./css/site.css");
+    </style>
+    <link rel="stylesheet" href="./css/print.css" type="text/css" media="print" />
+    <meta http-equiv="Content-Language" content="en" />
+        
+        </head>
+  <body class="composite">
+    <div id="banner">
+                                      <a href="./" id="bannerLeft">
+                Apache WSS4J™
+                </a>
+                              <a href="http://www.apache.org" id="bannerRight">
+                                        <img src="http://activemq.apache.org/images/asf-logo.png" alt="$alt" />
+                </a>
+            <div class="clear">
+        <hr/>
+      </div>
+    </div>
+    <div id="breadcrumbs">
+          
+                <div class="xleft">
+        <span id="publishDate">Last Published: 2019-04-04</span>
+                  &nbsp;| <span id="projectVersion">Version: 2.3.0-SNAPSHOT</span>
+                      </div>
+            <div class="xright">      
+      </div>
+      <div class="clear">
+        <hr/>
+      </div>
+    </div>
+    <div id="leftColumn">
+      <div id="navcolumn">
+           
+                                <h5>Apache WSS4J</h5>
+                  <ul>
+                  <li class="none">
+                          <a href="index.html" title="Home">Home</a>
+            </li>
+                  <li class="none">
+                          <a href="download.html" title="Download">Download</a>
+            </li>
+                  <li class="none">
+                          <a href="user_guide.html" title="User Guide">User Guide</a>
+            </li>
+                  <li class="none">
+                          <a href="security_advisories.html" title="Security Advisories">Security Advisories</a>
+            </li>
+          </ul>
+                       <h5>Project Documentation</h5>
+                  <ul>
+                                                                                                                          <li class="collapsed">
+                          <a href="project-info.html" title="Project Information">Project Information</a>
+                  </li>
+                                                                                                                                            <li class="collapsed">
+                          <a href="project-reports.html" title="Project Reports">Project Reports</a>
+                  </li>
+          </ul>
+                             <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
+        <img class="poweredBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
+      </a>
+                 
+            </div>
+    </div>
+    <div id="bodyColumn">
+      <div id="contentBox">
+        <div class="sect1">
+<h2 id="apache_wss4j_migration_guides">Apache WSS4J Migration Guides</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Information about migrating to various new versions of WSS4J is provided in this section.</p>
+</div>
+<div class="sect2">
+<h3 id="apache_wss4j_2_2_0_migration_guide">Apache WSS4J 2.2.0 Migration Guide</h3>
+<div class="paragraph">
+<p>This section is a migration guide for helping Apache WSS4J 2.1.x users to migrate
+to the 2.2.x releases.</p>
+</div>
+<div class="sect3">
+<h4 id="jdk8_minimum_requirement">JDK8 minimum requirement</h4>
+<div class="paragraph">
+<p>WSS4J 2.1.x required JDK7 as a minimum requirement. WSS4J 2.2.x requires at
+least JDK8.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="base64_changes">Base64 changes</h4>
+<div class="paragraph">
+<p>In WSS4J 2.1.x, the Base64 implementation that ships with the JDK
+(java.util.Base64) is used, instead of the Base64 implementation that ships
+with Apache Santuario. It is unlikely, but this may have an impact on users
+who are parsing messages with Base64 implementations that depend on specific
+CR or LF characters, as the Santuario and Java Base64 implementations differ
+slightly. Both the Apache Santuario and Java Base64 implementations can
+correctly decode the messages created with Apache WSS4J 2.2.x.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="kerberos_changes">Kerberos changes</h4>
+<div class="paragraph">
+<p>There are some changes with regards to Kerberos in WSS4J 2.1.x. The
+KerberosClientAction and KerberosServiceAction classes are removed. Instead
+use KerberosClientExceptionAction and KerberosServiceExceptionAction in the
+same package. The KerberosTokenDecoderImpl is removed as we can now get access
+to the secret key via the JDK APIs. As a consequence, the ws-security-common
+module no longer has a dependency on Apache Directory.</p>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="apache_wss4j_2_1_0_migration_guide">Apache WSS4J 2.1.0 Migration Guide</h3>
+<div class="paragraph">
+<p>This section is a migration guide for helping Apache WSS4J 2.0.x users to migrate
+to the 2.1.x releases.</p>
+</div>
+<div class="sect3">
+<h4 id="jdk7_minimum_requirement">JDK7 minimum requirement</h4>
+<div class="paragraph">
+<p>WSS4J 2.0.x required JDK6 as a minimum requirement. WSS4J 2.1.x requires at
+least JDK7. The Xerces and xml-api dependencies have been removed from the DOM
+code, as they are no longer required due to the JDK7 minimum requirement.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="opensaml_3_x_migration">OpenSAML 3.x migration</h4>
+<div class="paragraph">
+<p>A key dependency change in WSS4J 2.1.0 is the upgrade from OpenSAML 2.x to
+3.x (currently 3.1.0). OpenSAML 3.x contains a large number of package
+changes. Therefore if you have any OpenSAML dependencies in a CallbackHandler
+used to create SAML Assertions in WSS4J, code changes will be required.</p>
+</div>
+<div class="paragraph">
+<p>The most common OpenSAML dependency is to include a "SAMLVersion" to tell
+the SAMLCallback whether to create a SAML 2.0 or 1.1 Assertion. WSS4J 2.1
+provides an alternative way of specifying the SAML Version, via a <a href="https://svn.apache.org/repos/asf/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/saml/bean/Version.java">Version</a> bean. See
+<a href="https://svn.apache.org/repos/asf/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SAML2CallbackHandler.java">here</a> for an example.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="custom_processor_changes">Custom processor changes</h4>
+<div class="paragraph">
+<p>If you have a custom Processor instance to process a token in the security
+header in some custom way, you must add the WSSecurityEngineResult that is
+generated by the processing, to the WSDocInfo Object via the "addResult"
+method. Otherwise, it will not be available when security results are
+retrieved and processed.</p>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="apache_wss4j_2_0_0_migration_guide">Apache WSS4J 2.0.0 Migration Guide</h3>
+<div class="paragraph">
+<p>This section is a migration guide for helping Apache WSS4J 1.6.x users to migrate
+to the 2.0.x releases. Also see the <a href="newfeatures20.html">new
+features</a> page for more information about the new functionality available in
+WSS4J 2.0.x.</p>
+</div>
+<div class="sect3">
+<h4 id="migrating_to_using_the_streaming_stax_code">Migrating to using the streaming (StAX) code</h4>
+<div class="paragraph">
+<p>WSS4J 2.0.0 introduces a streaming (StAX-based) WS-Security implementation to
+complement the existing DOM-based implementation. The DOM-based implementation
+is quite performant and flexible, but having to read the entire request into
+memory carries performance penalties. The StAX-based code offers largely the
+same functionality as that available as part of the DOM code, and is
+configured in mostly the same way (via configuration tags that are shared
+between both stacks).</p>
+</div>
+<div class="paragraph">
+<p>As of the time of writing, Apache CXF is the only web services stack to
+integrate the new WS-Security streaming functionality. To switch to use the
+streaming code for the manual "Action" based approach, simply change the
+outbound and inbound interceptors as follows:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>"org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" to
+"org.apache.cxf.ws.security.wss4j.WSS4JStaxOutInterceptor".</p>
+</li>
+<li>
+<p>"org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor" to
+"org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor".</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>For the WS-SecurityPolicy based approach of configuring WS-Security, simply
+set the JAX-WS property SecurityConstants.ENABLE_STREAMING_SECURITY
+("ws-security.enable.streaming") to "true".</p>
+</div>
+<div class="paragraph">
+<p>For more information on the streaming functionality available in WSS4J 2.0.0,
+please see the <a href="streaming.html">streaming documentation</a> page.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="cryptocallbackhandler_changes">Crypto/CallbackHandler changes</h4>
+<div class="paragraph">
+<p>Typically, a user configures Signature and Encryption keys via a Crypto
+properties file. In WSS4J 1.6.x, the property names all start with
+"org.apache.ws.security.crypto.*". In WSS4J 2.0.0, the new prefix is
+"org.apache.wss4j.crypto.\*". However, WSS4J 2.0.0 will accept the older
+prefix value. No other changes are necessary for migrating Crypto properties.</p>
+</div>
+<div class="paragraph">
+<p>In WSS4J 1.6.x, it was only possible to specify a Crypto implementation for
+both Signature Creation + Verification. In WSS4J 2.0.0, there is now a
+separate Signature Verification Crypto instance, that can be configured via
+the following configuration tags:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>signatureVerificationPropFile - The path of the crypto property file to
+use for Signature verification.</p>
+</li>
+<li>
+<p>signatureVerificationPropRefId - The key that holds a reference to the
+object holding complete information about the signature verification Crypto
+implementation.</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>In WSS4J, you need to define a CallbackHandler to supply a password to a
+WSPasswordCallback Object when dealing with UsernameTokens, or to unlock
+private keys for Signature creation, etc. In WSS4J 2.0.0, the functionality is
+exactly the same, except that the package of the WSPasswordCallback Object has
+changed from "org.apache.ws.security" to "org.apache.wss4j.common.ext". Any
+CallbackHandler implementation will need to be updated to use the new package.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="saml_assertion_changes">SAML Assertion changes</h4>
+<div class="paragraph">
+<p>A CallbackHandler implementation is required to create a SAML Assertion, by
+populating various beans. Similar to the WSPasswordCallback package change,
+there are also some package changes for SAML. The base package for the
+SAMLCallback class, and of the various "bean" classes, has changed from
+"org.apache.ws.security.saml.ext" to "org.apache.wss4j.common.saml".</p>
+</div>
+<div class="paragraph">
+<p>Apache WSS4J 1.6.x uses the SAMLIssuer interface to configure the creation and
+signing of a SAML Assertion. In Apache WSS4J 2.0.0, the SAMLIssuer
+functionality has been moved to the SAMLCallback, so that the CallbackHandler
+used to create a SAML Assertion is responsible for all of the signing
+configuration as well. Therefore, the properties file that is used in
+WSS4J 1.6.x to sign a SAML Assertion is no longer used in WSS4J 2.0.0, and
+the "samlPropFile" and "samlPropRefId" configuration tags have been removed.</p>
+</div>
+<div class="paragraph">
+<p>The SAMLCallback Object contains the additional properties in WSS4J 2.0.0 that
+can be set to sign the Assertion:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>boolean signAssertion - Whether to sign the assertion or not (default "false").</p>
+</li>
+<li>
+<p>String issuerKeyName - The keystore alias for signature</p>
+</li>
+<li>
+<p>String issuerKeyPassword - The keystore password for the alias</p>
+</li>
+<li>
+<p>Crypto issuerCrypto - The Crypto instance used for signature</p>
+</li>
+<li>
+<p>boolean sendKeyValue - Whether to send the keyvalue or the X509Certificate
+(default "false").</p>
+</li>
+<li>
+<p>String canonicalizationAlgorithm - The C14n algorithm to use for signature.</p>
+</li>
+<li>
+<p>String signatureAlgorithm - The Signature algorithm.</p>
+</li>
+</ul>
+</div>
+</div>
+<div class="sect3">
+<h4 id="configuration_tag_changes">Configuration tag changes</h4>
+<div class="paragraph">
+<p>In WSS4J 1.6.x, configuration tags were configured in the WSHandlerConstants
+class. In WSS4J 2.0.0, both the DOM and StAX-based code largely share the
+same configuration options, and so the configuration tags are defined in
+<a href="http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/ConfigurationConstants.java?view=markup">ConfigurationConstants</a>. Note that the WSS4J 1.6.x configuration class
+(WSHandlerConstants) extends this class in WSS4J 2.0.0, so there is no need to
+change any configuration code when upgrading.</p>
+</div>
+<div class="paragraph">
+<p>The configuration tags that have been removed and added are detailed below.
+The non-standard key derivation and UsernameToken Signature functionality that
+was optional in WSS4J 1.6.x has been removed. Some new actions are added for
+the streaming code, as well as some options surrounding caching. An important
+migration point is that there is now a separate configuration tag used for
+verifying signatures. In WSS4J 1.6.x, there was only one tag used for both
+signature creation and verification.</p>
+</div>
+<div class="sect4">
+<h5 id="removed_configuration_tags_in_wss4j_2_0_0">Removed Configuration tags in WSS4J 2.0.0</h5>
+<div class="paragraph">
+<p>This section details the Configuration tags that are no longer present in
+WSS4J 2.0.0.</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>SIGN_WITH_UT_KEY (UsernameTokenSignature) - Perform a .NET specific signature using a Username Token action. Removed
+as it was not standard compliant.</p>
+</li>
+<li>
+<p>PASSWORD_TYPE_STRICT (passwordTypeStrict) - Whether to enable strict Username Token password type handling. In WSS4J
+2.0.0 this functionality can be enabled by just setting the required
+PASSWORD_TYPE.</p>
+</li>
+<li>
+<p>USE_DERIVED_KEY (useDerivedKey) - Whether to use the standard UsernameToken Key Derivation algorithm. Removed
+as only the standard algorithm is used in WSS4J 2.0.0.</p>
+</li>
+<li>
+<p>ENC_KEY_NAME (embeddedKeyName) - The text of the key name to be sent in the KeyInfo for encryption. Embedded
+KeyNames are not supported in WSS4J 2.0.0.</p>
+</li>
+<li>
+<p>ADD_UT_ELEMENTS (addUTElements) - Additional elements to add to a Username Token, i.e. "nonce" and "created".
+See the ADD_USERNAMETOKEN_NONCE and ADD_USERNAMETOKEN_CREATED properties below.</p>
+</li>
+<li>
+<p>WSE_SECRET_KEY_LENGTH (wseSecretKeyLength) - The length of the secret (derived) key to use for the WSE UT_SIGN
+functionality. Removed as it is not standard compliant.</p>
+</li>
+<li>
+<p>ENC_CALLBACK_CLASS (embeddedKeyCallbackClass) - The CallbackHandler implementation class used to get the key associated
+with a key name. KeyName is not supported in WSS4J 2.0.0.</p>
+</li>
+<li>
+<p>ENC_CALLBACK_REF (embeddedKeyCallbackRef) -The CallbackHandler implementation object used to get the key associated
+with a key name. KeyName is not supported in WSS4J 2.0.0.</p>
+</li>
+</ul>
+</div>
+</div>
+<div class="sect4">
+<h5 id="new_configuration_tags_in_wss4j_2_0_0">New Configuration tags in WSS4J 2.0.0</h5>
+<div class="paragraph">
+<p>This section details the new Configuration tags in WSS4J 2.0.0.</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>USERNAME_TOKEN_SIGNATURE (UsernameTokenSignature) - Perform a UsernameTokenSignature action.</p>
+</li>
+<li>
+<p>SIGNATURE_DERIVED (SignatureDerived) - Perform a Signature action with derived keys.</p>
+</li>
+<li>
+<p>ENCRYPT_DERIVED (EncryptDerived) - Perform a Encryption action with derived keys.</p>
+</li>
+<li>
+<p>SIGNATURE_WITH_KERBEROS_TOKEN (SignatureWithKerberosToken) - Perform a Signature action with a kerberos token. Only for StAX code.</p>
+</li>
+<li>
+<p>ENCRYPT_WITH_KERBEROS_TOKEN (EncryptWithKerberosToken) - Perform a Encryption action with a kerberos token. Only for StAX code.</p>
+</li>
+<li>
+<p>KERBEROS_TOKEN (KerberosToken) - Add a kerberos token.</p>
+</li>
+<li>
+<p>CUSTOM_TOKEN (CustomToken) - Add a "Custom" token from a CallbackHandler</p>
+</li>
+<li>
+<p>SIG_VER_PROP_FILE (signatureVerificationPropFile) - The path of the crypto property file to use for Signature verification.</p>
+</li>
+<li>
+<p>SIG_VER_PROP_REF_ID (signatureVerificationPropRefId) - The String ID that is used to store a reference to the Crypto object or
+the Crypto Properties object for Signature verification.</p>
+</li>
+<li>
+<p>ALLOW_RSA15_KEY_TRANSPORT_ALGORITHM (allowRSA15KeyTransportAlgorithm) - Whether to allow the RSA v1.5 Key Transport Algorithm or not. Default is
+"false".</p>
+</li>
+<li>
+<p>ADD_INCLUSIVE_PREFIXES (addInclusivePrefixes) - Whether to add an InclusiveNamespaces PrefixList as a
+CanonicalizationMethod child when generating Signatures using
+WSConstants.C14N_EXCL_OMIT_COMMENTS. Default is "true".</p>
+</li>
+<li>
+<p>ADD_USERNAMETOKEN_NONCE (addUsernameTokenNonce) - Whether to add a Nonce Element to a UsernameToken (for plaintext). Default
+is "false"</p>
+</li>
+<li>
+<p>ADD_USERNAMETOKEN_CREATED (addUsernameTokenCreated) - Whether to add a Created Element to a UsernameToken (for plaintext).
+Default is "false"</p>
+</li>
+<li>
+<p>ALLOW_USERNAMETOKEN_NOPASSWORD (allowUsernameTokenNoPassword) - Whether a UsernameToken with no password element is allowed. Default is
+"false".</p>
+</li>
+<li>
+<p>VALIDATE_SAML_SUBJECT_CONFIRMATION (validateSamlSubjectConfirmation) - Whether to validate the SubjectConfirmation requirements of a received
+SAML Token (sender-vouches or holder-of-key). Default is "true".</p>
+</li>
+<li>
+<p>INCLUDE_SIGNATURE_TOKEN (includeSignatureToken) - Whether to include the Signature Token in the security header as well or
+not (for IssuerSerial + Thumbprint cases). Default is "false"</p>
+</li>
+<li>
+<p>INCLUDE_ENCRYPTION_TOKEN (includeEncryptionToken) - Whether to include the Encryption Token in the security header as well or
+not (for IssuerSerial, Thumbprint, SKI cases). Default is "false"</p>
+</li>
+<li>
+<p>ENABLE_NONCE_CACHE (enableNonceCache) - Whether to cache UsernameToken nonces. Default is "true"</p>
+</li>
+<li>
+<p>ENABLE_TIMESTAMP_CACHE (enableTimestampCache) - Whether to cache Timestamp Created Strings (these are only cached in
+conjunction with a message Signature). Default is "true"</p>
+</li>
+<li>
+<p>ENABLE_SAML_ONE_TIME_USE_CACHE (enableSamlOneTimeUseCache) - Whether to cache SAML2 Token Identifiers, if the token contains a
+"OneTimeUse" Condition. Default is "true".</p>
+</li>
+<li>
+<p>USE_2005_12_NAMESPACE (use200512Namespace) - Whether to use the 2005/12 namespace for SecureConveration + DerivedKeys,
+or the older namespace. The default is "true"</p>
+</li>
+<li>
+<p>OPTIONAL_SIGNATURE_PARTS (optionalSignatureParts) - Parameter to define which parts of the request shall be signed, if they
+exist in the request.</p>
+</li>
+<li>
+<p>OPTIONAL_ENCRYPTION_PARTS (optionalEncryptionParts) - Parameter to define which parts of the request shall be encrypted, if they
+exist in the request.</p>
+</li>
+<li>
+<p>ENC_MGF_ALGO (encryptionMGFAlgorithm) - Defines which encryption mgf algorithm to use with the RSA OAEP Key
+Transport algorithm for encryption. The default is mgfsha1.</p>
+</li>
+<li>
+<p>VALIDATOR_MAP (validatorMap) - A map of QName, Object (Validator) instances to be used to validate
+tokens identified by their QName.</p>
+</li>
+<li>
+<p>NONCE_CACHE_INSTANCE (nonceCacheInstance) - A ReplayCache instance used to cache UsernameToken nonces. The default
+instance that is used is the EHCacheReplayCache.</p>
+</li>
+<li>
+<p>TIMESTAMP_CACHE_INSTANCE (timestampCacheInstance) - A ReplayCache instance used to cache Timestamp Created Strings. The default
+instance that is used is the EHCacheReplayCache.</p>
+</li>
+<li>
+<p>SAML_ONE_TIME_USE_CACHE_INSTANCE (samlOneTimeUseCacheInstance) - A ReplayCache instance used to cache SAML2 Token Identifier Strings (if
+the token contains a OneTimeUse Condition). The default instance that is used
+is the EHCacheReplayCache.</p>
+</li>
+<li>
+<p>PASSWORD_ENCRYPTOR_INSTANCE (passwordEncryptorInstance) - A PasswordEncryptor instance used to decrypt encrypted passwords in Crypto
+properties files. The default is the JasyptPasswordEncryptor.</p>
+</li>
+<li>
+<p>DERIVED_TOKEN_REFERENCE (derivedTokenReference) - This controls how deriving tokens are referenced.</p>
+</li>
+<li>
+<p>DERIVED_TOKEN_KEY_ID (derivedTokenKeyIdentifier) - This controls the key identifier of Derived Tokens.</p>
+</li>
+<li>
+<p>DERIVED_SIGNATURE_KEY_LENGTH (derivedSignatureKeyLength) - The length to use (in bytes) when deriving a key for Signature.</p>
+</li>
+<li>
+<p>DERIVED_ENCRYPTION_KEY_LENGTH (derivedEncryptionKeyLength) - The length to use (in bytes) when deriving a key for Encryption.</p>
+</li>
+</ul>
+</div>
+</div>
+</div>
+<div class="sect3">
+<h4 id="derived_key_and_secure_conversation_namespace_change">Derived Key and Secure Conversation namespace change</h4>
+<div class="paragraph">
+<p>In WSS4J 1.6.x, the default namespace used for Derived Key and Secure
+Conversation was the older "http://schemas.xmlsoap.org/ws/2005/02/sc"
+namespace. In WSS4J 2.0.0, the default namespace is now
+"http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512". To switch
+back to use the older namespace, you can set the new configuration property
+"USE_2005_12_NAMESPACE" to "false".</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="caching_changes">Caching changes</h4>
+<div class="paragraph">
+<p>WSS4J 2.0.0 uses three EhCache-based caches by default for the following
+scenarios, to prevent replay attacks:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>UsernameToken nonces</p>
+</li>
+<li>
+<p>Signed Timestamps</p>
+</li>
+<li>
+<p>SAML 2.0 OneTimeUse Assertions</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>If you are seeing a error about "replay attacks" after upgrade, then you may
+need to disable a particular cache.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="rsa_v1_5_key_transport_algorithm_not_allowed_by_default">RSA v1.5 Key Transport algorithm not allowed by default</h4>
+<div class="paragraph">
+<p>WSS4J supports two key transport algorithms, RSA v1.5 and RSA-OAEP. A number
+of attacks exist on RSA v1.5. Therefore, you should always use RSA-OAEP as the
+key transport algorithm. In WSS4J 2.0.0, the RSA v1.5 Key Transport algorithm
+is not allowed by default (as opposed to previous versions of WSS4J, where it
+is allowed). If you wish to allow it, then you must set the
+WSHandlerConstants.ALLOW_RSA15_KEY_TRANSPORT_ALGORITHM property to "true".</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="inclusivenamespaces_prefixlist_change">InclusiveNamespaces PrefixList change</h4>
+<div class="paragraph">
+<p>In WSS4J 1.6.x, when BSP Compliance was switched off on the outbound side, it
+had the effect that an InclusiveNamespaces PrefixList was not generated as a
+CanonicalizationMethod child of a Signature Element (as required by the BSP
+specification). In WSS4J 2.0.0, this is now controlled by a separate
+configuration tag "addInclusivePrefixes", which defaults to true.</p>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="new_features_available_in_apache_wss4j_2_0_0">New features available in Apache WSS4J 2.0.0</h3>
+<div class="sect3">
+<h4 id="overview_of_new_features">Overview of new features</h4>
+<div class="paragraph">
+<p>Apache WSS4J 2.0.0 delivers the following major new features:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>Support for a streaming (StAX) based WS-Security implementation that
+covers all of the main specifications.</p>
+</li>
+<li>
+<p>A WS-SecurityPolicy model that can be shared between both DOM + StAX
+implementations.</p>
+</li>
+<li>
+<p>Support for "real-time" WS-SecurityPolicy validation for the StAX
+implementation.</p>
+</li>
+<li>
+<p>Support for the SOAP with Attachments (SWA) Profile 1.1 specification.</p>
+</li>
+<li>
+<p>Support for caching based on EhCache.</p>
+</li>
+<li>
+<p>Support for encrypting passwords in Crypto properties files using Jasypt.</p>
+</li>
+</ul>
+</div>
+</div>
+<div class="sect3">
+<h4 id="streaming_stax_based_ws_security_implementation">Streaming (StAX) based WS-Security implementation</h4>
+<div class="paragraph">
+<p>WSS4J 2.0.0 introduces a new streaming (StAX) based WS-Security implementation.
+Please see the dedicated <a href="streaming.html">page</a> for more information.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="ws_securitypolicy_support">WS-SecurityPolicy support</h4>
+<div class="paragraph">
+<p>WSS4J 2.0.0 introduces a new WS-SecurityPolicy model as part of the
+"wss4j-policy" module. This model can be shared between both the DOM and StAX
+WS-Security implementations. Web service stacks such as Apache CXF and
+Apache Axis/Rampart that use WSS4J for WS-Security no longer need to maintain
+their own model. In this way any bug fixes to the model will get picked up
+by all web service stacks that rely on WSS4J.</p>
+</div>
+<div class="paragraph">
+<p>In addition to the new WS-SecurityPolicy model, a significant new feature of
+WSS4J 2.0.0 is that the new streaming WS-Security implementation has the
+ability to perform "real-time" validation of a request against the set of
+applicable WS-SecurityPolicy policies. The DOM-based code in WSS4J does not
+have any concept of WS-SecurityPolicy, but instead processes an inbound
+request, and relies on the web service stack to compare the results against
+the applicable policies. The advantage of the streaming approach in WSS4J
+2.0.0 is that bogus requests can be rejected quicker, which may help to avoid
+DoS based scenarios.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="support_for_signing_and_encrypting_message_attachments">Support for signing and encrypting message attachments</h4>
+<div class="paragraph">
+<p>WSS4J 2.0.0 introduces support for signing and encrypting SOAP message
+attachments, via the the SOAP with Attachments (SWA) Profile 1.1 specification.
+Please see the dedicated <a href="attachments.html">page</a> for more
+information.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="replay_attack_detection_using_ehcache">Replay Attack detection using EhCache</h4>
+<div class="paragraph">
+<p>In WSS4J 1.6.x, a "ReplayCache" interface was introduced to cache tokens to
+guard against replay attacks for the following scenarios:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>Signed Timestamps</p>
+</li>
+<li>
+<p>UsernameToken nonces</p>
+</li>
+<li>
+<p>SAML OneTimeUse Assertions</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>However, replay attack detection was not "switched on" by default in WSS4J
+1.6.x. In WSS4J 2.0.x, replay attack detection is enabled by default using
+an implementation of the "ReplayCache" interface based on EhCache. The
+following configuration tags can be used to configure caching:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>ConfigurationConstants.TIMESTAMP_CACHE_INSTANCE ("timestampCacheInstance"):
+This holds a reference to a ReplayCache instance used to cache Timestamp
+Created Strings. The default instance that is used is the EHCacheReplayCache.</p>
+</li>
+<li>
+<p>ConfigurationConstants.ENABLE_TIMESTAMP_CACHE ("enableTimestampCache"):
+Whether to cache Timestamp Created Strings (these are only cached in
+conjunction with a message Signature). The default value is "true".</p>
+</li>
+<li>
+<p>ConfigurationConstants.NONCE_CACHE_INSTANCE ("nonceCacheInstance"): This
+holds a reference to a ReplayCache instance used to cache UsernameToken
+nonces. The default instance that is used is the EHCacheReplayCache.</p>
+</li>
+<li>
+<p>ConfigurationConstants.ENABLE_NONCE_CACHE ("enableNonceCache"): Whether to
+cache UsernameToken nonces. The default value is "true".</p>
+</li>
+<li>
+<p>ConfigurationConstants. SAML_ONE_TIME_USE_CACHE_INSTANCE
+("samlOneTimeUseCacheInstance"): This holds a reference to a ReplayCache
+instance used to cache SAML2 Token Identifier Strings (if the token contains a
+OneTimeUse Condition). The default instance that is used is the
+EHCacheReplayCache.</p>
+</li>
+<li>
+<p>ConfigurationConstants.ENABLE_SAML_ONE_TIME_USE_CACHE
+("enableSamlOneTimeUseCache"):  Whether to cache SAML2 Token Identifiers, if
+the token contains a "OneTimeUse" Condition. The default value is "true".</p>
+</li>
+</ul>
+</div>
+</div>
+<div class="sect3">
+<h4 id="encrypting_passwords_in_crypto_property_files">Encrypting passwords in Crypto property files</h4>
+<div class="paragraph">
+<p>A typical example of the contents of a Crypto properties file (for Signature
+creation) is as follows:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>org.apache.wss4j.crypto.provider=org.apache.wss4j.common.crypto.Merlin</p>
+</li>
+<li>
+<p>org.apache.wss4j.crypto.merlin.keystore.type=jks</p>
+</li>
+<li>
+<p>org.apache.wss4j.crypto.merlin.keystore.password=security</p>
+</li>
+<li>
+<p>org.apache.wss4j.crypto.merlin.keystore.alias=wss40</p>
+</li>
+<li>
+<p>org.apache.wss4j.crypto.merlin.keystore.file=keys/wss40.jks</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>Note that the password used to load the keystore is in cleartext. One of the
+new features of Apache WSS4J 2.0.0 is the ability to instead store a (BASE-64
+encoded) encrypted version of the keystore password in the Crypto properties
+file. A new PasswordEncryptor interface is defined to allow for the
+encryption/decryption of passwords. A default implementation is now provided
+based on Jasypt called JasyptPasswordEncryptor, which uses
+"PBEWithMD5AndTripleDES".</p>
+</div>
+<div class="paragraph">
+<p>The WSPasswordCallback class has an additional "usage" called
+WSPasswordCallback.PASSWORD_ENCRYPTOR_PASSWORD, which is used to return the
+master password for use with the PasswordEncryptor implementation. When WSS4J
+is loading a Crypto implementation via a properties file, and it encounters a
+password encrypted in the format "ENC(encoded encrypted password)", it queries
+a CallbackHandler for a password via this WSPasswordCallback usage tag. It is
+possible to pass a custom PasswordEncryptor implementation to WSS4J via the
+new configuration tag ConfigurationConstants.PASSWORD_ENCRYPTOR_INSTANCE
+("passwordEncryptorInstance").</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="miscellaneous_new_features">Miscellaneous new features</h4>
+<div class="paragraph">
+<p>Support was added in WSS4J 1.6.x to obtain a Kerberos ticket from a KDC (Key
+Distribution Center) and include it in the security header of a request, as
+well as to process the received token. However, there was no built-in way to
+extract the secret key from the ticket to secure the request. Instead it was
+up to the user to plug in a custom "KerberosTokenDecoder" implementation to
+support this behaviour. In WSS4J 2.0.0, a default KerberosTokenDecoder
+implementation is provided, and so WSS4J now supports signing/encrypting using
+Kerberos tokens by default.</p>
+</div>
+<div class="paragraph">
+<p>A new "CustomToken" Action is defined in WSS4J 2.0.0. If this action is
+defined, a token (DOM Element) will be retrieved from a CallbackHandler via
+WSPasswordCallback.Usage.CUSTOM_TOKEN and written out as is in the security
+header. This provides for an easy way to write out tokens that have been
+retrieved out of band. Another related new feature is the ability to associate
+an action with a particular set of keys/algorithms. This means that it is now
+possible to configure two different Signature actions, that use different
+keys/algorithms.</p>
+</div>
+<div class="paragraph">
+<p>Support for enforcing the Basic Security Profile (BSP) 1.1 specification was
+added in WSS4J 1.6.x. In WSS4J 2.0.0, it is possible to disable individual
+BSP Rules for a non-compliant request, instead of having to disable BSP
+enforcement altogether as for WSS4J 1.6.x. The RequestData class has a
+setIgnoredBSPRules method, that takes a list of BSPRule Objects as an argument.
+The BSPRule class contains a complete list of Basic Security Profile rules
+that are enforced in WSS4J.</p>
+</div>
+<div class="paragraph">
+<p>WSS4J 2.0.0 now enforces the SubjectConfirmation requirements of an inbound
+SAML Token, instead of leaving it to the web services stack. For
+sender-vouches, a Signature must be present that covers both the SOAP Body and
+the SAML Assertion. For holder-of-key, a Signature must be present that signs
+some part of the SOAP request using the key information contained in the SAML
+Subject. Note that a Signature can be either a message or transport level
+Signature (i.e. using TLS is acceptable). A new configuration tag is defined
+that allows the user to switch off this validation if required
+(ConfigurationConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION  -
+"validateSamlSubjectConfirmation").</p>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="apache_wss4j_1_6_0_migration_guide">Apache WSS4J 1.6.0 Migration Guide</h3>
+<div class="paragraph">
+<p>This page describes the new features of WSS4J 1.6.0, and the things to be
+aware of when upgrading from WSS4J 1.5.x. Note that WSS4J 1.6.x has now been
+replaced by WSS4J 2.0.x, please see the WSS4J 2.0.0 <a href="wss4j20.html">migration guide</a> for more information.</p>
+</div>
+<div class="sect3">
+<h4 id="new_features">New features</h4>
+<div class="paragraph">
+<p>This section describes the main new features that have been implemented in
+WSS4J 1.6. For more information on the changes, please click on the links. You
+can also review the
+<a href="https://issues.apache.org/jira/browse/WSS/fixforversion/12313718">list of JIRAs</a>
+that have been fixed in WSS4J 1.6.</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p><a href="http://coheigea.blogspot.com/2011/03/wss4j-16-jsr-105-support.html">JSR-105 support</a>:
+WSS4J 1.6 has been ported to use the JSR 105 API for XML Digital Signature.</p>
+</li>
+<li>
+<p><a href="http://coheigea.blogspot.com/2011/02/support-for-saml2-assertions-in-wss4j.html">SAML2 support</a>: WSS4J 1.6 includes full support for creating, manipulating and parsing SAML2
+assertions, via the Opensaml2 library.</p>
+</li>
+<li>
+<p>Performance work: A general code-rewrite has been done with a focus on improving performance,
+e.g. the <a href="http://coheigea.blogspot.com/2011/01/wss4j-16-actionprocessor-loading-change.html">changes</a> that have been made to processor loading.</p>
+</li>
+<li>
+<p><a href="http://coheigea.blogspot.com/2011/03/wss4j-16-basic-security-profile-11.html">Basic Security Profile 1.1 compliance</a>: WSS4J 1.6 provides support for the BSP 1.1 specification.</p>
+</li>
+<li>
+<p>JDK 1.5 port: The JDK 1.4 requirement of WSS4J 1.5.x has been dropped as part of this work.</p>
+</li>
+<li>
+<p><a href="http://coheigea.blogspot.com/2011/01/wss4j-16-crypto-property-change.html">Support for Crypto trust-stores</a>: WSS4J 1.6 separates the concept of keystore and truststores for
+Crypto implementations.</p>
+</li>
+<li>
+<p><a href="http://coheigea.blogspot.com/2011/04/wss4j-16-introducing-validators.html">New Validator interface</a>: WSS4J 1.6 moves all validation of security tokens into a new Validator
+interface, which allows for custom validation of specific tokens.</p>
+</li>
+<li>
+<p>Support for the Kerberos Token Profile (in WSS4J 1.6.2 and 1.6.3).</p>
+</li>
+</ul>
+</div>
+</div>
+<div class="sect3">
+<h4 id="upgrade_notes">Upgrade notes</h4>
+<div class="paragraph">
+<p>This section describes the changes that have been made in WSS4J 1.6 that will impact on an existing
+user of WSS4J 1.5.x. Although WSS4J 1.6 is not 100% backwards compatible with 1.5.x, a general goal for
+the release was to restrict the API changes to those that were strictly necessary.</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>All Axis1 dependencies have been removed. Any user wishing to use WSS4J with Axis1 must use the
+WSS4J 1.5.x library. As Axis1 has been replaced by Axis2, this is unlikely to be an issue.</p>
+</li>
+<li>
+<p>A number of changes have been made to the Crypto interface. See
+<a href="http://coheigea.blogspot.com/2011/01/wss4j-16-crypto-property-change.html">here</a>,
+<a href="http://coheigea.blogspot.com/2011/02/wss4j-16-changes-to-crypto-interface.html">here</a>
+and <a href="http://coheigea.blogspot.com/2011/02/wss4j-16-change-to-publickey-validation.html">here</a>
+for an indepth explanation. In a nutshell, these changes are:</p>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>The BouncyCastle crypto implementation has been removed (replaced by Merlin)</p>
+</li>
+<li>
+<p>A new set of Merlin "truststore" configuration tags have been added. The behaviour of the old Merlin
+configuration tags will work exactly the same way in WSS4J 1.6.</p>
+</li>
+<li>
+<p>The CA certs are now &lt;b&gt;not&lt;/b&gt; loaded by default.</p>
+</li>
+<li>
+<p>PublicKeys (from KeyValues) are now not handled by a PublicKeyCallback, but by the Crypto implementation
+directly.</p>
+</li>
+</ol>
+</div>
+</li>
+<li>
+<p>If the WSEncryptionPart used to point to an element for signature or encryption does not either store
+the element directly, or store the wsu:Id, <strong>all</strong> DOM Elements that match the stored
+localname/namespace will be processed. See the
+<a href="http://ws.apache.org/wss4j/topics.html#Specifying_elements_to_sign_or_encrypt">Special Topics page</a>
+for more information.</p>
+</li>
+<li>
+<p>WSS4J 1.5.x used Opensaml1 to provide extremely limited support for SAML 1 assertions. WSS4J 1.6 has
+been upgraded to Opensaml2, and provides far more comprehensive support for SAML. See
+<a href="http://coheigea.blogspot.com/2011/02/support-for-saml2-assertions-in-wss4j.html">here</a> for
+more information on this. Some changes to be aware of are:</p>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>The way of creating SAML assertions via a properties file has completely changed. For example, see
+<a href="xref-test/org/apache/ws/security/saml/SamlTokenTest.html">SAML Token Test</a>.</p>
+</li>
+<li>
+<p>WSS4J 1.5.x ignored (enveloped) signatures on SAML (1.1) assertions - this is no longer the case, so
+deployments which do not set the correct keystore/truststore config for dealing with signature
+verification will fail.</p>
+</li>
+<li>
+<p>The SAMLTokenProcessor no longer saves all tokens as an "WSConstants.ST_UNSIGNED" action. It saves
+tokens that do not have an enveloped signature as this action, and token which <strong>do</strong> have an enveloped
+signature are saved as a "WSConstants.ST_SIGNED" action.</p>
+</li>
+<li>
+<p>The object that is saved as part of the action above has changed, from an Opensaml1 specific Assertion
+object, to an AssertionWrapper instance, which is a WSS4J specific object which encapsulates an
+Assertion, as well as some information corresponding to signature verification, etc.</p>
+</li>
+</ol>
+</div>
+</li>
+<li>
+<p>The way that UsernameTokens are processed has been changed. See
+<a href="http://coheigea.blogspot.com/2011/02/usernametoken-processing-changes-in.html">here</a> for
+more information. Some important changes are:</p>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>The plaintext password case has exactly the same behaviour as the digest case. The identifier is now
+WSPasswordCallback.USERNAME_TOKEN and not WSPasswordCallback.USERNAME_TOKEN_UNKNOWN, and the
+CallbackHandler does not do any authentication, but must set the password on the callback.</p>
+</li>
+<li>
+<p>The custom password type case defaults to the same behaviour as the plaintext case, assuming
+wssConfig.getHandleCustomPasswordTypes() returns true.</p>
+</li>
+<li>
+<p>For the case of a username token with no password element, the default behaviour is simply to ignore it,
+and to store it as a new result of type WSConstants.UT_NOPASSWORD.</p>
+</li>
+</ol>
+</div>
+</li>
+<li>
+<p>Some changes have been made to the WSPasswordCallback identifiers, used to obtain passwords for various
+actions. For more information see
+<a href="http://coheigea.blogspot.com/2011/02/wspasswordcallback-changes-in-wss4j-16.html">here</a>. In
+a nutshell, these changes consist of:</p>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>The WSPasswordCallback KEY_NAME, USERNAME_TOKEN_UNKNOWN and WSPasswordCallback.ENCRYPTED_KEY_TOKEN
+identifiers have been removed.</p>
+</li>
+<li>
+<p>CUSTOM_TOKEN is not longer used in the processors to get a secret key.</p>
+</li>
+<li>
+<p>SECRET_KEY is a new identifier for finding secret keys. It replaces the occasionally incorrect use of
+CUSTOM_TOKEN, as well as KEY_NAME and ENCRYPTED_KEY_TOKEN.</p>
+</li>
+</ol>
+</div>
+</li>
+<li>
+<p>Timestamp validation and signature trust verification is not done by the WSHandler implementation
+any more, but is performed when the security header is processed.</p>
+</li>
+</ul>
+</div>
+</div>
+</div>
+</div>
+</div>
+      </div>
+    </div>
+    <div class="clear">
+      <hr/>
+    </div>
+    <div id="footer">
+      <div class="xright">
+              Apache WSS4J, WSS4J, Apache, the Apache feather logo are trademarks of The Apache Software Foundation.
+    All other marks mentioned may be trademarks or registered trademarks of their respective owners.
+            </div>
+      <div class="clear">
+        <hr/>
+      </div>
+    </div>
+  </body>
+</html>

Added: webservices/website/wss4j/newfeatures20.html
URL: http://svn.apache.org/viewvc/webservices/website/wss4j/newfeatures20.html?rev=1856947&view=auto
==============================================================================
--- webservices/website/wss4j/newfeatures20.html (added)
+++ webservices/website/wss4j/newfeatures20.html Thu Apr  4 15:31:46 2019
@@ -0,0 +1,313 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<!-- Generated by Apache Maven Doxia Site Renderer 1.7.4 at 2019-04-04 -->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <title>Apache WSS4J &#x2013; </title>
+    <style type="text/css" media="all">
+      @import url("./css/maven-base.css");
+      @import url("./css/maven-theme.css");
+      @import url("./css/site.css");
+    </style>
+    <link rel="stylesheet" href="./css/print.css" type="text/css" media="print" />
+    <meta http-equiv="Content-Language" content="en" />
+        
+        </head>
+  <body class="composite">
+    <div id="banner">
+                                      <a href="./" id="bannerLeft">
+                Apache WSS4J™
+                </a>
+                              <a href="http://www.apache.org" id="bannerRight">
+                                        <img src="http://activemq.apache.org/images/asf-logo.png" alt="$alt" />
+                </a>
+            <div class="clear">
+        <hr/>
+      </div>
+    </div>
+    <div id="breadcrumbs">
+          
+                <div class="xleft">
+        <span id="publishDate">Last Published: 2019-04-04</span>
+                  &nbsp;| <span id="projectVersion">Version: 2.3.0-SNAPSHOT</span>
+                      </div>
+            <div class="xright">      
+      </div>
+      <div class="clear">
+        <hr/>
+      </div>
+    </div>
+    <div id="leftColumn">
+      <div id="navcolumn">
+           
+                                <h5>Apache WSS4J</h5>
+                  <ul>
+                  <li class="none">
+                          <a href="index.html" title="Home">Home</a>
+            </li>
+                  <li class="none">
+                          <a href="download.html" title="Download">Download</a>
+            </li>
+                  <li class="none">
+                          <a href="user_guide.html" title="User Guide">User Guide</a>
+            </li>
+                  <li class="none">
+                          <a href="security_advisories.html" title="Security Advisories">Security Advisories</a>
+            </li>
+          </ul>
+                       <h5>Project Documentation</h5>
+                  <ul>
+                                                                                                                          <li class="collapsed">
+                          <a href="project-info.html" title="Project Information">Project Information</a>
+                  </li>
+                                                                                                                                            <li class="collapsed">
+                          <a href="project-reports.html" title="Project Reports">Project Reports</a>
+                  </li>
+          </ul>
+                             <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
+        <img class="poweredBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
+      </a>
+                 
+            </div>
+    </div>
+    <div id="bodyColumn">
+      <div id="contentBox">
+        <div class="sect2">
+<h3 id="new_features_available_in_apache_wss4j_2_0_0">New features available in Apache WSS4J 2.0.0</h3>
+<div class="sect3">
+<h4 id="overview_of_new_features">Overview of new features</h4>
+<div class="paragraph">
+<p>Apache WSS4J 2.0.0 delivers the following major new features:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>Support for a streaming (StAX) based WS-Security implementation that
+covers all of the main specifications.</p>
+</li>
+<li>
+<p>A WS-SecurityPolicy model that can be shared between both DOM + StAX
+implementations.</p>
+</li>
+<li>
+<p>Support for "real-time" WS-SecurityPolicy validation for the StAX
+implementation.</p>
+</li>
+<li>
+<p>Support for the SOAP with Attachments (SWA) Profile 1.1 specification.</p>
+</li>
+<li>
+<p>Support for caching based on EhCache.</p>
+</li>
+<li>
+<p>Support for encrypting passwords in Crypto properties files using Jasypt.</p>
+</li>
+</ul>
+</div>
+</div>
+<div class="sect3">
+<h4 id="streaming_stax_based_ws_security_implementation">Streaming (StAX) based WS-Security implementation</h4>
+<div class="paragraph">
+<p>WSS4J 2.0.0 introduces a new streaming (StAX) based WS-Security implementation.
+Please see the dedicated <a href="streaming.html">page</a> for more information.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="ws_securitypolicy_support">WS-SecurityPolicy support</h4>
+<div class="paragraph">
+<p>WSS4J 2.0.0 introduces a new WS-SecurityPolicy model as part of the
+"wss4j-policy" module. This model can be shared between both the DOM and StAX
+WS-Security implementations. Web service stacks such as Apache CXF and
+Apache Axis/Rampart that use WSS4J for WS-Security no longer need to maintain
+their own model. In this way any bug fixes to the model will get picked up
+by all web service stacks that rely on WSS4J.</p>
+</div>
+<div class="paragraph">
+<p>In addition to the new WS-SecurityPolicy model, a significant new feature of
+WSS4J 2.0.0 is that the new streaming WS-Security implementation has the
+ability to perform "real-time" validation of a request against the set of
+applicable WS-SecurityPolicy policies. The DOM-based code in WSS4J does not
+have any concept of WS-SecurityPolicy, but instead processes an inbound
+request, and relies on the web service stack to compare the results against
+the applicable policies. The advantage of the streaming approach in WSS4J
+2.0.0 is that bogus requests can be rejected quicker, which may help to avoid
+DoS based scenarios.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="support_for_signing_and_encrypting_message_attachments">Support for signing and encrypting message attachments</h4>
+<div class="paragraph">
+<p>WSS4J 2.0.0 introduces support for signing and encrypting SOAP message
+attachments, via the the SOAP with Attachments (SWA) Profile 1.1 specification.
+Please see the dedicated <a href="attachments.html">page</a> for more
+information.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="replay_attack_detection_using_ehcache">Replay Attack detection using EhCache</h4>
+<div class="paragraph">
+<p>In WSS4J 1.6.x, a "ReplayCache" interface was introduced to cache tokens to
+guard against replay attacks for the following scenarios:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>Signed Timestamps</p>
+</li>
+<li>
+<p>UsernameToken nonces</p>
+</li>
+<li>
+<p>SAML OneTimeUse Assertions</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>However, replay attack detection was not "switched on" by default in WSS4J
+1.6.x. In WSS4J 2.0.x, replay attack detection is enabled by default using
+an implementation of the "ReplayCache" interface based on EhCache. The
+following configuration tags can be used to configure caching:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>ConfigurationConstants.TIMESTAMP_CACHE_INSTANCE ("timestampCacheInstance"):
+This holds a reference to a ReplayCache instance used to cache Timestamp
+Created Strings. The default instance that is used is the EHCacheReplayCache.</p>
+</li>
+<li>
+<p>ConfigurationConstants.ENABLE_TIMESTAMP_CACHE ("enableTimestampCache"):
+Whether to cache Timestamp Created Strings (these are only cached in
+conjunction with a message Signature). The default value is "true".</p>
+</li>
+<li>
+<p>ConfigurationConstants.NONCE_CACHE_INSTANCE ("nonceCacheInstance"): This
+holds a reference to a ReplayCache instance used to cache UsernameToken
+nonces. The default instance that is used is the EHCacheReplayCache.</p>
+</li>
+<li>
+<p>ConfigurationConstants.ENABLE_NONCE_CACHE ("enableNonceCache"): Whether to
+cache UsernameToken nonces. The default value is "true".</p>
+</li>
+<li>
+<p>ConfigurationConstants. SAML_ONE_TIME_USE_CACHE_INSTANCE
+("samlOneTimeUseCacheInstance"): This holds a reference to a ReplayCache
+instance used to cache SAML2 Token Identifier Strings (if the token contains a
+OneTimeUse Condition). The default instance that is used is the
+EHCacheReplayCache.</p>
+</li>
+<li>
+<p>ConfigurationConstants.ENABLE_SAML_ONE_TIME_USE_CACHE
+("enableSamlOneTimeUseCache"):  Whether to cache SAML2 Token Identifiers, if
+the token contains a "OneTimeUse" Condition. The default value is "true".</p>
+</li>
+</ul>
+</div>
+</div>
+<div class="sect3">
+<h4 id="encrypting_passwords_in_crypto_property_files">Encrypting passwords in Crypto property files</h4>
+<div class="paragraph">
+<p>A typical example of the contents of a Crypto properties file (for Signature
+creation) is as follows:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>org.apache.wss4j.crypto.provider=org.apache.wss4j.common.crypto.Merlin</p>
+</li>
+<li>
+<p>org.apache.wss4j.crypto.merlin.keystore.type=jks</p>
+</li>
+<li>
+<p>org.apache.wss4j.crypto.merlin.keystore.password=security</p>
+</li>
+<li>
+<p>org.apache.wss4j.crypto.merlin.keystore.alias=wss40</p>
+</li>
+<li>
+<p>org.apache.wss4j.crypto.merlin.keystore.file=keys/wss40.jks</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>Note that the password used to load the keystore is in cleartext. One of the
+new features of Apache WSS4J 2.0.0 is the ability to instead store a (BASE-64
+encoded) encrypted version of the keystore password in the Crypto properties
+file. A new PasswordEncryptor interface is defined to allow for the
+encryption/decryption of passwords. A default implementation is now provided
+based on Jasypt called JasyptPasswordEncryptor, which uses
+"PBEWithMD5AndTripleDES".</p>
+</div>
+<div class="paragraph">
+<p>The WSPasswordCallback class has an additional "usage" called
+WSPasswordCallback.PASSWORD_ENCRYPTOR_PASSWORD, which is used to return the
+master password for use with the PasswordEncryptor implementation. When WSS4J
+is loading a Crypto implementation via a properties file, and it encounters a
+password encrypted in the format "ENC(encoded encrypted password)", it queries
+a CallbackHandler for a password via this WSPasswordCallback usage tag. It is
+possible to pass a custom PasswordEncryptor implementation to WSS4J via the
+new configuration tag ConfigurationConstants.PASSWORD_ENCRYPTOR_INSTANCE
+("passwordEncryptorInstance").</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="miscellaneous_new_features">Miscellaneous new features</h4>
+<div class="paragraph">
+<p>Support was added in WSS4J 1.6.x to obtain a Kerberos ticket from a KDC (Key
+Distribution Center) and include it in the security header of a request, as
+well as to process the received token. However, there was no built-in way to
+extract the secret key from the ticket to secure the request. Instead it was
+up to the user to plug in a custom "KerberosTokenDecoder" implementation to
+support this behaviour. In WSS4J 2.0.0, a default KerberosTokenDecoder
+implementation is provided, and so WSS4J now supports signing/encrypting using
+Kerberos tokens by default.</p>
+</div>
+<div class="paragraph">
+<p>A new "CustomToken" Action is defined in WSS4J 2.0.0. If this action is
+defined, a token (DOM Element) will be retrieved from a CallbackHandler via
+WSPasswordCallback.Usage.CUSTOM_TOKEN and written out as is in the security
+header. This provides for an easy way to write out tokens that have been
+retrieved out of band. Another related new feature is the ability to associate
+an action with a particular set of keys/algorithms. This means that it is now
+possible to configure two different Signature actions, that use different
+keys/algorithms.</p>
+</div>
+<div class="paragraph">
+<p>Support for enforcing the Basic Security Profile (BSP) 1.1 specification was
+added in WSS4J 1.6.x. In WSS4J 2.0.0, it is possible to disable individual
+BSP Rules for a non-compliant request, instead of having to disable BSP
+enforcement altogether as for WSS4J 1.6.x. The RequestData class has a
+setIgnoredBSPRules method, that takes a list of BSPRule Objects as an argument.
+The BSPRule class contains a complete list of Basic Security Profile rules
+that are enforced in WSS4J.</p>
+</div>
+<div class="paragraph">
+<p>WSS4J 2.0.0 now enforces the SubjectConfirmation requirements of an inbound
+SAML Token, instead of leaving it to the web services stack. For
+sender-vouches, a Signature must be present that covers both the SOAP Body and
+the SAML Assertion. For holder-of-key, a Signature must be present that signs
+some part of the SOAP request using the key information contained in the SAML
+Subject. Note that a Signature can be either a message or transport level
+Signature (i.e. using TLS is acceptable). A new configuration tag is defined
+that allows the user to switch off this validation if required
+(ConfigurationConstants.VALIDATE_SAML_SUBJECT_CONFIRMATION  -
+"validateSamlSubjectConfirmation").</p>
+</div>
+</div>
+</div>
+      </div>
+    </div>
+    <div class="clear">
+      <hr/>
+    </div>
+    <div id="footer">
+      <div class="xright">
+              Apache WSS4J, WSS4J, Apache, the Apache feather logo are trademarks of The Apache Software Foundation.
+    All other marks mentioned may be trademarks or registered trademarks of their respective owners.
+            </div>
+      <div class="clear">
+        <hr/>
+      </div>
+    </div>
+  </body>
+</html>

Added: webservices/website/wss4j/testapidocs/org/apache/wss4j/common/cache/ReplayCacheTest.html
URL: http://svn.apache.org/viewvc/webservices/website/wss4j/testapidocs/org/apache/wss4j/common/cache/ReplayCacheTest.html?rev=1856947&view=auto
==============================================================================
--- webservices/website/wss4j/testapidocs/org/apache/wss4j/common/cache/ReplayCacheTest.html (added)
+++ webservices/website/wss4j/testapidocs/org/apache/wss4j/common/cache/ReplayCacheTest.html Thu Apr  4 15:31:46 2019
@@ -0,0 +1,301 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- NewPage -->
+<html lang="en">
+<head>
+<!-- Generated by javadoc (1.8.0_201) on Thu Apr 04 16:08:09 IST 2019 -->
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<title>ReplayCacheTest (Apache WSS4J 2.3.0-SNAPSHOT Test API)</title>
+<meta name="date" content="2019-04-04">
+<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style">
+<script type="text/javascript" src="../../../../../script.js"></script>
+</head>
+<body>
+<script type="text/javascript"><!--
+    try {
+        if (location.href.indexOf('is-external=true') == -1) {
+            parent.document.title="ReplayCacheTest (Apache WSS4J 2.3.0-SNAPSHOT Test API)";
+        }
+    }
+    catch(err) {
+    }
+//-->
+var methods = {"i0":10,"i1":10};
+var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],8:["t4","Concrete Methods"]};
+var altColor = "altColor";
+var rowColor = "rowColor";
+var tableTab = "tableTab";
+var activeTableTab = "activeTableTab";
+</script>
+<noscript>
+<div>JavaScript is disabled on your browser.</div>
+</noscript>
+<!-- ========= START OF TOP NAVBAR ======= -->
+<div class="topNav"><a name="navbar.top">
+<!--   -->
+</a>
+<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
+<a name="navbar.top.firstrow">
+<!--   -->
+</a>
+<ul class="navList" title="Navigation">
+<li><a href="../../../../../overview-summary.html">Overview</a></li>
+<li><a href="package-summary.html">Package</a></li>
+<li class="navBarCell1Rev">Class</li>
+<li><a href="class-use/ReplayCacheTest.html">Use</a></li>
+<li><a href="package-tree.html">Tree</a></li>
+<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
+<li><a href="../../../../../index-all.html">Index</a></li>
+<li><a href="../../../../../help-doc.html">Help</a></li>
+</ul>
+</div>
+<div class="subNav">
+<ul class="navList">
+<li><a href="../../../../../org/apache/wss4j/common/cache/EHCacheManagerHolderTest.html" title="class in org.apache.wss4j.common.cache"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
+<li>Next&nbsp;Class</li>
+</ul>
+<ul class="navList">
+<li><a href="../../../../../index.html?org/apache/wss4j/common/cache/ReplayCacheTest.html" target="_top">Frames</a></li>
+<li><a href="ReplayCacheTest.html" target="_top">No&nbsp;Frames</a></li>
+</ul>
+<ul class="navList" id="allclasses_navbar_top">
+<li><a href="../../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
+</ul>
+<div>
+<script type="text/javascript"><!--
+  allClassesLink = document.getElementById("allclasses_navbar_top");
+  if(window==top) {
+    allClassesLink.style.display = "block";
+  }
+  else {
+    allClassesLink.style.display = "none";
+  }
+  //-->
+</script>
+</div>
+<div>
+<ul class="subNavList">
+<li>Summary:&nbsp;</li>
+<li>Nested&nbsp;|&nbsp;</li>
+<li>Field&nbsp;|&nbsp;</li>
+<li><a href="#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
+<li><a href="#method.summary">Method</a></li>
+</ul>
+<ul class="subNavList">
+<li>Detail:&nbsp;</li>
+<li>Field&nbsp;|&nbsp;</li>
+<li><a href="#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
+<li><a href="#method.detail">Method</a></li>
+</ul>
+</div>
+<a name="skip.navbar.top">
+<!--   -->
+</a></div>
+<!-- ========= END OF TOP NAVBAR ========= -->
+<!-- ======== START OF CLASS DATA ======== -->
+<div class="header">
+<div class="subTitle">org.apache.wss4j.common.cache</div>
+<h2 title="Class ReplayCacheTest" class="title">Class ReplayCacheTest</h2>
+</div>
+<div class="contentContainer">
+<ul class="inheritance">
+<li><a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</a></li>
+<li>
+<ul class="inheritance">
+<li>org.apache.wss4j.common.cache.ReplayCacheTest</li>
+</ul>
+</li>
+</ul>
+<div class="description">
+<ul class="blockList">
+<li class="blockList">
+<hr>
+<br>
+<pre>public class <span class="typeNameLabel">ReplayCacheTest</span>
+extends <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></pre>
+<div class="block">Some unit tests for the ReplayCache implementations</div>
+</li>
+</ul>
+</div>
+<div class="summary">
+<ul class="blockList">
+<li class="blockList">
+<!-- ======== CONSTRUCTOR SUMMARY ======== -->
+<ul class="blockList">
+<li class="blockList"><a name="constructor.summary">
+<!--   -->
+</a>
+<h3>Constructor Summary</h3>
+<table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
+<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
+<tr>
+<th class="colOne" scope="col">Constructor and Description</th>
+</tr>
+<tr class="altColor">
+<td class="colOne"><code><span class="memberNameLink"><a href="../../../../../org/apache/wss4j/common/cache/ReplayCacheTest.html#ReplayCacheTest--">ReplayCacheTest</a></span>()</code>&nbsp;</td>
+</tr>
+</table>
+</li>
+</ul>
+<!-- ========== METHOD SUMMARY =========== -->
+<ul class="blockList">
+<li class="blockList"><a name="method.summary">
+<!--   -->
+</a>
+<h3>Method Summary</h3>
+<table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
+<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
+<tr>
+<th class="colFirst" scope="col">Modifier and Type</th>
+<th class="colLast" scope="col">Method and Description</th>
+</tr>
+<tr id="i0" class="altColor">
+<td class="colFirst"><code>void</code></td>
+<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/wss4j/common/cache/ReplayCacheTest.html#testEhCacheReplayCache--">testEhCacheReplayCache</a></span>()</code>&nbsp;</td>
+</tr>
+<tr id="i1" class="rowColor">
+<td class="colFirst"><code>void</code></td>
+<td class="colLast"><code><span class="memberNameLink"><a href="../../../../../org/apache/wss4j/common/cache/ReplayCacheTest.html#testMemoryReplayCache--">testMemoryReplayCache</a></span>()</code>&nbsp;</td>
+</tr>
+</table>
+<ul class="blockList">
+<li class="blockList"><a name="methods.inherited.from.class.java.lang.Object">
+<!--   -->
+</a>
+<h3>Methods inherited from class&nbsp;java.lang.<a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></h3>
+<code><a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#clone--" title="class or interface in java.lang">clone</a>, <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#equals-java.lang.Object-" title="class or interface in java.lang">equals</a>, <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#finalize--" title="class or interface in java.lang">finalize</a>, <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#getClass--" title="class or interface in java.lang">getClass</a>, <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#hashCode--" title="class or interface in java.lang">hashCode</a>, <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#notify--" title="class or interface in java.lang">notify</a>, <a href="http://docs.oracle.com/javase/8/docs/api/java/lang
 /Object.html?is-external=true#notifyAll--" title="class or interface in java.lang">notifyAll</a>, <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#toString--" title="class or interface in java.lang">toString</a>, <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#wait--" title="class or interface in java.lang">wait</a>, <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#wait-long-" title="class or interface in java.lang">wait</a>, <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#wait-long-int-" title="class or interface in java.lang">wait</a></code></li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+</div>
+<div class="details">
+<ul class="blockList">
+<li class="blockList">
+<!-- ========= CONSTRUCTOR DETAIL ======== -->
+<ul class="blockList">
+<li class="blockList"><a name="constructor.detail">
+<!--   -->
+</a>
+<h3>Constructor Detail</h3>
+<a name="ReplayCacheTest--">
+<!--   -->
+</a>
+<ul class="blockListLast">
+<li class="blockList">
+<h4>ReplayCacheTest</h4>
+<pre>public&nbsp;ReplayCacheTest()</pre>
+</li>
+</ul>
+</li>
+</ul>
+<!-- ============ METHOD DETAIL ========== -->
+<ul class="blockList">
+<li class="blockList"><a name="method.detail">
+<!--   -->
+</a>
+<h3>Method Detail</h3>
+<a name="testMemoryReplayCache--">
+<!--   -->
+</a>
+<ul class="blockList">
+<li class="blockList">
+<h4>testMemoryReplayCache</h4>
+<pre>public&nbsp;void&nbsp;testMemoryReplayCache()
+                           throws <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/InterruptedException.html?is-external=true" title="class or interface in java.lang">InterruptedException</a>,
+                                  <a href="http://docs.oracle.com/javase/8/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></pre>
+<dl>
+<dt><span class="throwsLabel">Throws:</span></dt>
+<dd><code><a href="http://docs.oracle.com/javase/8/docs/api/java/lang/InterruptedException.html?is-external=true" title="class or interface in java.lang">InterruptedException</a></code></dd>
+<dd><code><a href="http://docs.oracle.com/javase/8/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></code></dd>
+</dl>
+</li>
+</ul>
+<a name="testEhCacheReplayCache--">
+<!--   -->
+</a>
+<ul class="blockListLast">
+<li class="blockList">
+<h4>testEhCacheReplayCache</h4>
+<pre>public&nbsp;void&nbsp;testEhCacheReplayCache()
+                            throws <a href="http://docs.oracle.com/javase/8/docs/api/java/lang/InterruptedException.html?is-external=true" title="class or interface in java.lang">InterruptedException</a>,
+                                   <a href="http://docs.oracle.com/javase/8/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></pre>
+<dl>
+<dt><span class="throwsLabel">Throws:</span></dt>
+<dd><code><a href="http://docs.oracle.com/javase/8/docs/api/java/lang/InterruptedException.html?is-external=true" title="class or interface in java.lang">InterruptedException</a></code></dd>
+<dd><code><a href="http://docs.oracle.com/javase/8/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></code></dd>
+</dl>
+</li>
+</ul>
+</li>
+</ul>
+</li>
+</ul>
+</div>
+</div>
+<!-- ========= END OF CLASS DATA ========= -->
+<!-- ======= START OF BOTTOM NAVBAR ====== -->
+<div class="bottomNav"><a name="navbar.bottom">
+<!--   -->
+</a>
+<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
+<a name="navbar.bottom.firstrow">
+<!--   -->
+</a>
+<ul class="navList" title="Navigation">
+<li><a href="../../../../../overview-summary.html">Overview</a></li>
+<li><a href="package-summary.html">Package</a></li>
+<li class="navBarCell1Rev">Class</li>
+<li><a href="class-use/ReplayCacheTest.html">Use</a></li>
+<li><a href="package-tree.html">Tree</a></li>
+<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
+<li><a href="../../../../../index-all.html">Index</a></li>
+<li><a href="../../../../../help-doc.html">Help</a></li>
+</ul>
+</div>
+<div class="subNav">
+<ul class="navList">
+<li><a href="../../../../../org/apache/wss4j/common/cache/EHCacheManagerHolderTest.html" title="class in org.apache.wss4j.common.cache"><span class="typeNameLink">Prev&nbsp;Class</span></a></li>
+<li>Next&nbsp;Class</li>
+</ul>
+<ul class="navList">
+<li><a href="../../../../../index.html?org/apache/wss4j/common/cache/ReplayCacheTest.html" target="_top">Frames</a></li>
+<li><a href="ReplayCacheTest.html" target="_top">No&nbsp;Frames</a></li>
+</ul>
+<ul class="navList" id="allclasses_navbar_bottom">
+<li><a href="../../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
+</ul>
+<div>
+<script type="text/javascript"><!--
+  allClassesLink = document.getElementById("allclasses_navbar_bottom");
+  if(window==top) {
+    allClassesLink.style.display = "block";
+  }
+  else {
+    allClassesLink.style.display = "none";
+  }
+  //-->
+</script>
+</div>
+<div>
+<ul class="subNavList">
+<li>Summary:&nbsp;</li>
+<li>Nested&nbsp;|&nbsp;</li>
+<li>Field&nbsp;|&nbsp;</li>
+<li><a href="#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
+<li><a href="#method.summary">Method</a></li>
+</ul>
+<ul class="subNavList">
+<li>Detail:&nbsp;</li>
+<li>Field&nbsp;|&nbsp;</li>
+<li><a href="#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
+<li><a href="#method.detail">Method</a></li>
+</ul>
+</div>
+<a name="skip.navbar.bottom">
+<!--   -->
+</a></div>
+<!-- ======== END OF BOTTOM NAVBAR ======= -->
+<p class="legalCopy"><small>Copyright &#169; 2004&#x2013;2019 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All rights reserved.</small></p>
+</body>
+</html>

Added: webservices/website/wss4j/testapidocs/org/apache/wss4j/common/cache/class-use/ReplayCacheTest.html
URL: http://svn.apache.org/viewvc/webservices/website/wss4j/testapidocs/org/apache/wss4j/common/cache/class-use/ReplayCacheTest.html?rev=1856947&view=auto
==============================================================================
--- webservices/website/wss4j/testapidocs/org/apache/wss4j/common/cache/class-use/ReplayCacheTest.html (added)
+++ webservices/website/wss4j/testapidocs/org/apache/wss4j/common/cache/class-use/ReplayCacheTest.html Thu Apr  4 15:31:46 2019
@@ -0,0 +1,126 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- NewPage -->
+<html lang="en">
+<head>
+<!-- Generated by javadoc (1.8.0_201) on Thu Apr 04 16:08:10 IST 2019 -->
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<title>Uses of Class org.apache.wss4j.common.cache.ReplayCacheTest (Apache WSS4J 2.3.0-SNAPSHOT Test API)</title>
+<meta name="date" content="2019-04-04">
+<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
+<script type="text/javascript" src="../../../../../../script.js"></script>
+</head>
+<body>
+<script type="text/javascript"><!--
+    try {
+        if (location.href.indexOf('is-external=true') == -1) {
+            parent.document.title="Uses of Class org.apache.wss4j.common.cache.ReplayCacheTest (Apache WSS4J 2.3.0-SNAPSHOT Test API)";
+        }
+    }
+    catch(err) {
+    }
+//-->
+</script>
+<noscript>
+<div>JavaScript is disabled on your browser.</div>
+</noscript>
+<!-- ========= START OF TOP NAVBAR ======= -->
+<div class="topNav"><a name="navbar.top">
+<!--   -->
+</a>
+<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
+<a name="navbar.top.firstrow">
+<!--   -->
+</a>
+<ul class="navList" title="Navigation">
+<li><a href="../../../../../../overview-summary.html">Overview</a></li>
+<li><a href="../package-summary.html">Package</a></li>
+<li><a href="../../../../../../org/apache/wss4j/common/cache/ReplayCacheTest.html" title="class in org.apache.wss4j.common.cache">Class</a></li>
+<li class="navBarCell1Rev">Use</li>
+<li><a href="../package-tree.html">Tree</a></li>
+<li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
+<li><a href="../../../../../../index-all.html">Index</a></li>
+<li><a href="../../../../../../help-doc.html">Help</a></li>
+</ul>
+</div>
+<div class="subNav">
+<ul class="navList">
+<li>Prev</li>
+<li>Next</li>
+</ul>
+<ul class="navList">
+<li><a href="../../../../../../index.html?org/apache/wss4j/common/cache/class-use/ReplayCacheTest.html" target="_top">Frames</a></li>
+<li><a href="ReplayCacheTest.html" target="_top">No&nbsp;Frames</a></li>
+</ul>
+<ul class="navList" id="allclasses_navbar_top">
+<li><a href="../../../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
+</ul>
+<div>
+<script type="text/javascript"><!--
+  allClassesLink = document.getElementById("allclasses_navbar_top");
+  if(window==top) {
+    allClassesLink.style.display = "block";
+  }
+  else {
+    allClassesLink.style.display = "none";
+  }
+  //-->
+</script>
+</div>
+<a name="skip.navbar.top">
+<!--   -->
+</a></div>
+<!-- ========= END OF TOP NAVBAR ========= -->
+<div class="header">
+<h2 title="Uses of Class org.apache.wss4j.common.cache.ReplayCacheTest" class="title">Uses of Class<br>org.apache.wss4j.common.cache.ReplayCacheTest</h2>
+</div>
+<div class="classUseContainer">No usage of org.apache.wss4j.common.cache.ReplayCacheTest</div>
+<!-- ======= START OF BOTTOM NAVBAR ====== -->
+<div class="bottomNav"><a name="navbar.bottom">
+<!--   -->
+</a>
+<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
+<a name="navbar.bottom.firstrow">
+<!--   -->
+</a>
+<ul class="navList" title="Navigation">
+<li><a href="../../../../../../overview-summary.html">Overview</a></li>
+<li><a href="../package-summary.html">Package</a></li>
+<li><a href="../../../../../../org/apache/wss4j/common/cache/ReplayCacheTest.html" title="class in org.apache.wss4j.common.cache">Class</a></li>
+<li class="navBarCell1Rev">Use</li>
+<li><a href="../package-tree.html">Tree</a></li>
+<li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
+<li><a href="../../../../../../index-all.html">Index</a></li>
+<li><a href="../../../../../../help-doc.html">Help</a></li>
+</ul>
+</div>
+<div class="subNav">
+<ul class="navList">
+<li>Prev</li>
+<li>Next</li>
+</ul>
+<ul class="navList">
+<li><a href="../../../../../../index.html?org/apache/wss4j/common/cache/class-use/ReplayCacheTest.html" target="_top">Frames</a></li>
+<li><a href="ReplayCacheTest.html" target="_top">No&nbsp;Frames</a></li>
+</ul>
+<ul class="navList" id="allclasses_navbar_bottom">
+<li><a href="../../../../../../allclasses-noframe.html">All&nbsp;Classes</a></li>
+</ul>
+<div>
+<script type="text/javascript"><!--
+  allClassesLink = document.getElementById("allclasses_navbar_bottom");
+  if(window==top) {
+    allClassesLink.style.display = "block";
+  }
+  else {
+    allClassesLink.style.display = "none";
+  }
+  //-->
+</script>
+</div>
+<a name="skip.navbar.bottom">
+<!--   -->
+</a></div>
+<!-- ======== END OF BOTTOM NAVBAR ======= -->
+<p class="legalCopy"><small>Copyright &#169; 2004&#x2013;2019 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All rights reserved.</small></p>
+</body>
+</html>



Mime
View raw message