Versions Compared

Old Version 18

changes.mady.by.user Andrei Shakirin

Saved on

compared with

New Version 19

changes.mady.by.user Andrei Shakirin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
xml
xml
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:cxf="http://cxf.apache.org/core" xmlns:jaxws="http://cxf.apache.org/jaxws"
    xmlns:test="http://apache.org/hello_world_soap_http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:util="http://www.springframework.org/schema/util"
    xsi:schemaLocation="
        http://cxf.apache.org/core
        http://cxf.apache.org/schemas/core.xsd
        http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
        http://cxf.apache.org/jaxws                                     
        http://cxf.apache.org/schemas/jaxws.xsd
        http://www.springframework.org/schema/util
        http://www.springframework.org/schema/util/spring-util-2.0.xsd">


    <bean id="dateValidator" class="org.apache.cxf.xkms.x509.validator.DateValidator" />

    <bean id="trustedAuthorityValidator"
        class="org.apache.cxf.xkms.x509.validator.TrustedAuthorityValidator">
        <constructor-arg ref="certificateRepo" />
    </bean>

    <bean id="x509Locator" class="org.apache.cxf.xkms.x509.handlers.X509Locator">
        <constructor-arg ref="certificateRepo" />
    </bean>

    <bean id="x509Register"
        class="org.apache.cxf.xkms.x509.handlers.x509Register">
        <constructor-arg ref="certificateRepo" />
    </bean>


    <!-- LDAP based implementation -->

    <bean id="certificateRepo"
        class="org.apache.cxf.xkms.x509.repo.ldap.LdapCertificateRepo">
        <constructor-arg ref="ldapServerConfigldapSearch" />
        <constructor-arg ref="ldapSchemaConfig" />
        <constructor-arg value="dc=example,dc=com" />
    </bean>

    <bean id="ldapServerConfigldapSearch" class="org.apache.cxf.xkms.x509.repo.ldap.LdapServerConfigLdapSearch">
        <constructor-arg value="ldap://localhost:2389" />
        <constructor-arg value="cn=Directory Manager,dc=example,dc=com" />
        <constructor-arg value="test" />
        <constructor-arg value="2" />
    </bean>

    <bean id="ldapSchemaConfig" class="org.apache.cxf.xkms.x509.repo.ldap.LdapSchemaConfig">
        <property name="certObjectClass" value="inetOrgPerson" />
        <property name="attrUID" value="uid" />
        <property name="attrIssuerID" value="manager" />
        <property name="attrSerialNumber" value="employeeNumber" />
        <property name="attrCrtBinary" value="userCertificate;binary" />
        <property name="constAttrNamesCSV" value="sn" />
        <property name="constAttrValuesCSV" value="X509 certificate" />
        <property name="serviceCertRDNTemplate" value="cn=%s,ou=services" />
        <property name="serviceCertUIDTemplate" value="cn=%s" />
	<property name="trustedAuthorityFilter" value="(&#038;(objectClass=inetOrgPerson)(ou:dn:=CAs))" />
	<property name="intermediateFilter" value="(objectClass=inetOrgPerson)" />
    </bean>


    <!-- File based implementation -->

    <!-- bean id="certificateRepo"
        class="org.apache.cxf.xkms.x509.repo.file.FileCertificateRepo">
        <constructor-arg value="../conf/certs" />
    </bean-->

</beans>

dateValidator and trustedAuthorityValidator beans are implementations of Validator interface for validity date and trusted chain validation.
x509Locator and x509Register are implementations of Locator and Register interfaces for X509 certificates.
certificateRepo is repository implementation for LDAP backend. LdapServerConfig LdapSearch and LdapSchemaConfig contain LDAP configuration described in the following table:

...