src/site/xdoc/download.xml - ws-wss4j - Git at Google

 <?xml version="1.0" encoding="ISO-8859-1"?>
 <!--
   Licensed to the Apache Software Foundation (ASF) under one or more
   contributor license agreements.  See the NOTICE file distributed with
   this work for additional information regarding copyright ownership.
   The ASF licenses this file to You under the Apache License, Version 2.0
   (the "License"); you may not use this file except in compliance with
   the License.  You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
 -->
 <document>
 <body>
 <section name="Obtain the Apache WSS4J&#8482; distribution">
 <p>
 The <b>Apache WSS4J&#8482;</b> project provides a Java implementation of the primary security
 standards for Web Services.
 </p>
 <subsection name="How to Download">
 <p>
 Use the links below to download a distribution of Apache WSS4J from one of our mirrors.
 It is good practice to verify the integrity of the distribution files. Apache WSS4J releases are
 available under the
 <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> - see the
 LICENSE.txt and NOTICE.txt files contained in each release artifact.
 </p>
 </subsection>
 <subsection name="Current official release (closest mirror site selected automatically)">
 <ul>
 <li>
 <p>
 The current stable release is Apache WSS4J 3.0.3:
 </p>
 <p>
 <a href="https://www.apache.org/dyn/closer.lua/ws/wss4j/3.0.3/wss4j-3.0.3-source-release.zip">wss4j-3.0.3-source-release.zip</a>
 (<a href="https://downloads.apache.org/ws/wss4j/3.0.3/wss4j-3.0.3-source-release.zip.asc">PGP</a>)
 (<a href="https://downloads.apache.org/ws/wss4j/3.0.3/wss4j-3.0.3-source-release.zip.sha512">SHA-512</a>)
 </p>
 </li>
 <li>
 <p>
 The current release on the older 2.4.x-fixes branch is Apache WSS4J 2.4.3:
 </p>
 <p>
 <a href="https://www.apache.org/dyn/closer.lua/ws/wss4j/2.4.3/wss4j-2.4.3-source-release.zip">wss4j-2.4.3-source-release.zip</a>
 (<a href="https://downloads.apache.org/ws/wss4j/2.4.3/wss4j-2.4.3-source-release.zip.asc">PGP</a>)
 (<a href="https://downloads.apache.org/ws/wss4j/2.4.3/wss4j-2.4.3-source-release.zip.sha512">SHA-512</a>)
 </p>
 </li>
 <li>
 <p>
 The current release on the older 2.3.x-fixes branch is Apache WSS4J 2.3.4:
 </p>
 <p>
 <a href="https://www.apache.org/dyn/closer.lua/ws/wss4j/2.3.4/wss4j-2.3.4-source-release.zip">wss4j-2.3.4-source-release.zip</a>
 (<a href="https://downloads.apache.org/ws/wss4j/2.3.4/wss4j-2.3.4-source-release.zip.asc">PGP</a>)
 (<a href="https://downloads.apache.org/ws/wss4j/2.3.4/wss4j-2.3.4-source-release.zip.sha512">SHA-512</a>)
 </p>
 </li>
 </ul>
 </subsection>
 <subsection name="Verifying Releases">
 <p>
 When downloading from a mirror please check the SHA-512/SHA1 checksums as well
 as verifying the OpenPGP compatible signature available from the main Apache
 site. The <a href="https://downloads.apache.org/ws/wss4j/KEYS">KEYS</a> file
 contains the public keys used for signing the release. It is recommended that a
 web of trust is used to confirm the identity of these keys.
 </p>
 <p>
 You can check the OpenPGP compatible signature with GnuPG via:
 <ul>
 <li>gpg --import KEYS</li>
 <li>gpg --verify wss4j-*-source-release.zip.asc</li>
 </ul>
 </p>
 <p>
 You can check the SHA-512 digests with:
 <ul>
 <li>sha512sum wss4j-*-source-release.zip (and compare output to wss4j-*-source.release.zip.sha512)</li>
 </ul>
 </p>
 </subsection>
 <subsection name="Archive of old releases">
 <p>
 Older releases are available in the <a href="https://archive.apache.org/dist/ws/wss4j/">archive</a>.
 </p>
 </subsection>
 </section>

 </body>
 </document>
	<?xml version="1.0" encoding="ISO-8859-1"?>
	<!--
	Licensed to the Apache Software Foundation (ASF) under one or more
	contributor license agreements. See the NOTICE file distributed with
	this work for additional information regarding copyright ownership.
	The ASF licenses this file to You under the Apache License, Version 2.0
	(the "License"); you may not use this file except in compliance with
	the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	-->
	<document>
	<body>
	<section name="Obtain the Apache WSS4J™ distribution">
	<p>
	The <b>Apache WSS4J™</b> project provides a Java implementation of the primary security
	standards for Web Services.
	</p>
	<subsection name="How to Download">
	<p>
	Use the links below to download a distribution of Apache WSS4J from one of our mirrors.
	It is good practice to verify the integrity of the distribution files. Apache WSS4J releases are
	available under the
	<a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> - see the
	LICENSE.txt and NOTICE.txt files contained in each release artifact.
	</p>
	</subsection>
	<subsection name="Current official release (closest mirror site selected automatically)">
	<ul>
	<li>
	<p>
	The current stable release is Apache WSS4J 3.0.3:
	</p>
	<p>
	<a href="https://www.apache.org/dyn/closer.lua/ws/wss4j/3.0.3/wss4j-3.0.3-source-release.zip">wss4j-3.0.3-source-release.zip</a>
	(<a href="https://downloads.apache.org/ws/wss4j/3.0.3/wss4j-3.0.3-source-release.zip.asc">PGP</a>)
	(<a href="https://downloads.apache.org/ws/wss4j/3.0.3/wss4j-3.0.3-source-release.zip.sha512">SHA-512</a>)
	</p>
	</li>
	<li>
	<p>
	The current release on the older 2.4.x-fixes branch is Apache WSS4J 2.4.3:
	</p>
	<p>
	<a href="https://www.apache.org/dyn/closer.lua/ws/wss4j/2.4.3/wss4j-2.4.3-source-release.zip">wss4j-2.4.3-source-release.zip</a>
	(<a href="https://downloads.apache.org/ws/wss4j/2.4.3/wss4j-2.4.3-source-release.zip.asc">PGP</a>)
	(<a href="https://downloads.apache.org/ws/wss4j/2.4.3/wss4j-2.4.3-source-release.zip.sha512">SHA-512</a>)
	</p>
	</li>
	<li>
	<p>
	The current release on the older 2.3.x-fixes branch is Apache WSS4J 2.3.4:
	</p>
	<p>
	<a href="https://www.apache.org/dyn/closer.lua/ws/wss4j/2.3.4/wss4j-2.3.4-source-release.zip">wss4j-2.3.4-source-release.zip</a>
	(<a href="https://downloads.apache.org/ws/wss4j/2.3.4/wss4j-2.3.4-source-release.zip.asc">PGP</a>)
	(<a href="https://downloads.apache.org/ws/wss4j/2.3.4/wss4j-2.3.4-source-release.zip.sha512">SHA-512</a>)
	</p>
	</li>
	</ul>
	</subsection>
	<subsection name="Verifying Releases">
	<p>
	When downloading from a mirror please check the SHA-512/SHA1 checksums as well
	as verifying the OpenPGP compatible signature available from the main Apache
	site. The <a href="https://downloads.apache.org/ws/wss4j/KEYS">KEYS</a> file
	contains the public keys used for signing the release. It is recommended that a
	web of trust is used to confirm the identity of these keys.
	</p>
	<p>
	You can check the OpenPGP compatible signature with GnuPG via:
	<ul>
	<li>gpg --import KEYS</li>
	<li>gpg --verify wss4j-*-source-release.zip.asc</li>
	</ul>
	</p>
	<p>
	You can check the SHA-512 digests with:
	<ul>
	<li>sha512sum wss4j--source-release.zip (and compare output to wss4j--source.release.zip.sha512)</li>
	</ul>
	</p>
	</subsection>
	<subsection name="Archive of old releases">
	<p>
	Older releases are available in the <a href="https://archive.apache.org/dist/ws/wss4j/">archive</a>.
	</p>
	</subsection>
	</section>

	</body>
	</document>