schemas.configuration.security.xsd Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of org.apache.cxf Show documentation
Show all versions of org.apache.cxf Show documentation
Apache CXF is an open-source services framework that aids in
the development of services using front-end programming APIs, like JAX-WS
and JAX-RS.
This structure holds parameters that may govern authentication
that use a User Password strategy.
User Name for server BASIC authentication login
(some servers require users to authenticate with the server -- see also Password, AuthorizationType, and Authorization)
Password for server BASIC authentication login
(some servers require users to authenticate with the server -- see also UserName, AuthorizationType, and Authorization)
Type of authentication to use with server, if not using
username and password based "BASIC" authentication.
If username and password are used, this does not need to be set.
(some servers require users to authenticate with the server -- see also UserName, Password, and Authorization)
Actual authentication data for server, if not using
username and password based "BASIC" authentication
If username and password are used, this does not need to be set.
(some servers require users to authenticate with the server -- see also UserName, Password, and AuthorizationType)
This attribute specifies if client authentication should be requested.
This attribute specifies if client authentication should be required.
A KeyStoreType represents the information needed to load a collection
of key and certificate material from a desired location.
The "url", "file", and "resource" attributes are intended to be
mutually exclusive, though this assumption is not encoded in schema.
The precedence order observed by the runtime is
1) "file", 2) "resource", and 3) "url".
This attribute specifies the type of the keystore.
It is highly correlated to the provider. Most common examples
are "jks" "pkcs12".
This attribute specifes the integrity password for the keystore.
This is not the password that unlock keys within the keystore.
This attribute specifies the keystore implementation provider.
Most common examples are "SUN".
This attribute specifies the URL location of the keystore.
This element should be a properly accessible URL, such as
"http://..." "file:///...", etc. Only one attribute of
"url", "file", or "resource" is allowed.
This attribute specifies the File location of the keystore.
This element should be a properly accessible file from the
working directory. Only one attribute of
"url", "file", or "resource" is allowed.
This attribute specifies the Resource location of the keystore.
This element should be a properly accessible on the classpath.
Only one attribute of
"url", "file", or "resource" is allowed.
A CertStoreType represents a catenated sequence of X.509 certificates,
in PEM or DER format.
The "url", "file", and "resource" attributes are intended to be
mutually exclusive, though this assumption is not encoded in schema.
The precedence order observed by the runtime is
1) "file", 2) "resource", and 3) "url".
This attribute specifies the type of the certstore.
It is highly correlated to the provider. Most common examples
are "jks" "pkcs12".
This attribute specifies the File location of the certificate store.
This element should be a properly accessible file from the
working directory. Only one attribute of
"url", "file", or "resource" is allowed.
This attribute specifies the Resource location of the certificate store.
This element should be a properly accessible on the classpath.
Only one attribute of
"url", "file", or "resource" is allowed.
This attribute specifies the URL location of the certificate store.
This element should be a properly accessible URL, such as
"http://..." "file:///...", etc. Only one attribute of
"url", "file", or "resource" is allowed.
This structure specifies the JSSE based KeyManagers for a single
Keystore.
This element specified the Keystore for these JSSE KeyManagers.
This attribute contains the password that unlocks the keys
within the keystore.
This attribute contains the name of the class implementing
password callback handler to unlock the keys withing the keystore.
Alternative to keyPassword attribute.
This attribute contains the KeyManagers provider name.
This attribute contains the algorithm the KeyManagers Factory
will use in creating the KeyManagers from the KeyStore. Most
common examples are "PKIX".
This attribute contains the reference to the KeyManagers bean. This
attribute allows the KeyManagers instance to be constructed by other
means and referenced from this object.
This structure contains the specification of JSSE TrustManagers for
a single Keystore used for trusted certificates.
This element contains the KeyStore used as a trust
store.
This element contains the CertStore used as a trust store.
This attribute contains the KeyManagers provider name.
This attribute contains the algorithm the KeyManagers Factory
will use in creating the KeyManagers from the KeyStore. Most
common examples are "PKIX".
This attribute contains the reference to the TrustManagers bean. This
attribute allows the TrustManagers instance to be constructed by other
means and referenced from this object.
This structure holds a list of ciphersuite names that are to be
supported. Note: that does not mean that they will be available.
That depends on the JSSE and Crypto providers.
This structure holds a list of protocols that are to be excluded.
If this structure is not defined then SSLv3 is excluded by default
This structure holds a list of protocols that are to be included.
Sometimes we want to include more protocols than the secure socket protocol, for example
"SSLv2Hello".
This structure holds the parameters for the Secure Random Number
generator used in the JSSE.
This structure holds a list of regular expressions that corresponds to a sequence of
Certificate Constraints on either the Subject or Issuer DN.
This structure holds a list of regular expressions that corresponds to a sequence of
Certificate Constraints. The optional combinator attribute refers to whether ALL or
ANY of these regular expressions must be satisfied.
This type refers to whether ALL or ANY of the DNConstraintsType regular expressions
must be satisfied.
This element contains the KeyManagers specification.
This element contains the TrustManagers specification.
This element contains the the CipherSuites that will be supported.
This element contains the filters of the supported CipherSuites
that will be supported and used if available.
This element contains SecureRandom specification.
This element contains the Certificate Constraints specification.
This element contains the Certificate Alias.
This attribute specifies if HttpsURLConnection.defaultSslSocketFactory
should be used to create https connections. If 'true', 'jsseProvider',
'secureSocketProtocol', 'trustManagers', 'keyManagers', 'secureRandom',
'cipherSuites' and 'cipherSuitesFilter' are ignored.
Since 2.2.7.
This attribute specifies if HttpsURLConnection.defaultHostnameVerifier
should be used to create https connections. If 'true', 'disableCNCheck'
is ignored.
Since 2.2.7.
This attribute specifies if JSSE should omit checking if the
host name specified in the URL matches that of the Common Name
(CN) on the server's certificate. Default is false; this attribute
should not be set to true during production use.
This attribute specifies whether to enable revocation when checking the server certificate.
The default is false.
This attribute contains the JSSE provider name.
This attribute contains the Protocol Name. Most common
example is "SSL", "TLS" or "TLSv1".
This attribute contains the JDK SSL session cache timeout
This element contains the KeyManagers specification.
This element contains the TrustManagers specification.
This element contains the the CipherSuites that will be supported.
This element contains the filters of the supported CipherSuites
that will be supported and used if available.
This element contains the the Protocols that will be excluded
This element contains the the Protocols that will be included
This element contains SecureRandom specification.
This element contains Client Authentication specification.
This element contains the Certificate Constraints specification.
This element contains the Certificate Alias.
This attribute contains the JSSE provider name.
This attribute contains the Protocol Name. Most common
example is "SSL", "TLS" or "TLSv1".
This attribute specifies whether to enable revocation when checking the client certificate,
if client authentication is enabled. The default is false.