| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" |
| "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> |
| <html xmlns="http://www.w3.org/1999/xhtml"> |
| <head> |
| <title>Apache Rampart - Configuration Guide</title> |
| </head> |
| <body> |
| |
| <h2>Rampart Configurations</h2> |
| <p>RampartConfig element can have any of the following child elements. Schema is available <a href="rampart-config.xsd">here</a></p> |
| <table class="bodyTable"><tbody> |
| <tr class="a"><td><b>Parameter</b></td><td><b>Description</b></td><td><b>Example</b></td></tr> |
| |
| <tr class="b"><td>user</td><td>The user's name</td><td>Set username of UsernameToken to be used <br></br> |
| <user> bob</user></td></tr> |
| <tr class="a"><td>userCertAlias</td><td>The user's cert alias</td><td>Set alias of the key to be used to sign<br></br> |
| <userCertAlias> bob</userCertAlias></td></tr> |
| <tr class="b"><td>encryptionUser</td><td>The user's name for encryption.</td><td><br></br> |
| <encryptionUser>alice</encryptionUser></td></tr> |
| <tr class="a"><td>passwordCallbackClass</td><td>Callback class used to provide the password required to create the |
| UsernameToken or to sign the message</td><td><passwordCallbackClass> |
| org.apache.axis2.security.PWCallback</passwordCallbackClass></td></tr> |
| <tr class="b"><td>policyValidatorCbClass</td><td>Callback class used to provide custom validater </td><td><policyValidatorCbClass> |
| org.apache.axis2.security.CustomPolicyValidater</policyValidatorCbClass></td></tr> |
| |
| <tr class="a"><td>signatureCrypto</td><td>properties to needed perform signature, such as crypto |
| provider, keystore and its password</td><td> |
| <pre> |
| <signatureCrypto> |
| <crypto provider="org.apache.ws.security.components.crypto.Merlin"> |
| <property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property> |
| <property name="org.apache.ws.security.crypto.merlin.file">client.jks</property> |
| <property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</property> |
| </crypto> |
| <signatureCrypto> |
| </pre> |
| </td></tr> |
| <tr class="b"><td>encryptionCypto</td><td>properties to needed perform signature, such as crypto |
| provider, keystore and its password</td><td><encryptionCypto>....crypto element ......</encryptionCypto></td></tr> |
| <tr class="a"><td>decryptionCrypto</td><td>properties to needed perform signature, such as crypto |
| provider, keystore and its password</td><td><decryptionCrypto>....crypto element ......</decryptionCrypto></td></tr> |
| <tr class="b"><td>timestampTTL</td><td>Time to live of Timestamp</td><td>The default timestamp time to live is 300 seconds</td></tr> |
| <tr class="a"><td>timestampMaxSkew</td><td>The maximum tolerence limit for timeskew of the timestamp</td><td>Rampart allows timestamps created slightly ahead of the reciever's time.<br/> This parameter allows to specify the tolerence limit</td></tr> |
| <tr class="b"><td>tokenStoreClass</td><td></td><td></td></tr> |
| <tr class="a"><td>sslConfig</td><td>SSL Configuration need for Transportbinding</td><td>Can specify the properties such as "javax.net.ssl.trustStore" and "javax.net.ssl.trustStorePassword". Please see below for more information.</td></tr> |
| </tbody></table> |
| <h3>Crypto Provider</h3> |
| <p>org.apache.ws.security.crypto.provider defines the implementation of |
| the org.apache.ws.security.components.crypto.Crypto interface to provide the |
| crypto information required by WSS4J. The other properties defined are the |
| configuration properties used by the implementation class |
| (org.apache.ws.security.components.crypto.Merlin). <a name="ref"></a><a name="references"></a></p> |
| <a name="References"></a><h3>References</h3>1. <a href="http://ws.apache.org/wss4j">Apache WSS4J -Home</a> |
| </body> |
| </html> |