axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <Michael.Da...@servicecanada.gc.ca>
Subject Rampart configuration question
Date Fri, 06 Jul 2007 18:28:13 GMT
Hi,

I'm trying to use Rampart to encrypt my message body using a symetric secret key.

Sample 9, included with the Rampart distibution, does just this. The actual key is hard-coded
in a callback function both on the client and the server. My understanding is that the key
is the only piece of data needed to encode the message.

I was wondering why this part of the client config file:

        <action>
            <items>Encrypt</items>
            <user>client</user>
            <encryptionKeyIdentifier>EmbeddedKeyName</encryptionKeyIdentifier>
            <EmbeddedKeyCallbackClass>org.apache.rampart.samples.sample09.PWCBHandler</EmbeddedKeyCallbackClass>
            <encryptionPropFile>client.properties</encryptionPropFile>
            <EmbeddedKeyName>SessionKey</EmbeddedKeyName>
        </action>

contains the encryptionPropFile property. The said property file contains this:

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=apache
org.apache.ws.security.crypto.merlin.file=client.jks

Now, I can see why we need to configure the provider class. But why does Rampart need the
keystore? I'm not using public/private keys or certificates, just one secret key.

The code works, but I'd like to simplify it as much as possible. The properties and keystore
files shouldn't be necessary, unless I'm misunderstanding something.

Many thanks
Michael Davis

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message