axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nandana Mihindukulasooriya" <nandana....@gmail.com>
Subject Re: Question about merlin
Date Mon, 22 Oct 2007 12:39:05 GMT
Hi,
   I too came across the same problem when I wanted use both UsernameToken
as a supporting token and sign/encrypt using certificates. I get rid of the
problem
by making the username of the UsernameToken and alias of the certificate the
same.
But I think this is not always possible.
  Yes, password won't be a problem as the Password Callback is only called
when setting
the password of the Username Token. Password of the key store is given as a
crypto
property.

<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password
">password</ramp:property>

Regards,
Nandana

On 10/22/07, Massimiliano Masi <massimiliano.masi@math.unifi.it > wrote:
>
> Hi all,
>
> I've a question about digital signature. I'm using ws-securitypolicy.
> I have a policy that wants to sign the body and I have an usernametoken.
>
> Policy policy = PolicyEngine.getPolicy(builder.getDocumentElement());
> RampartConfig rc = new RampartConfig();
> rc.setUser(username);
> rc.setEncryptionUser("client");
> rc.setPwCbClass(ClientPasswordCallbackHandler.class.getName());
>
> How can I set the username value? If I use rc.setUser, the username is
> also
> used as user for the keystore, and merlin won't instantiate.
> The callback returns with the password only (for the usernametoken, I
> think).
>
>
> Thanks,
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>

Mime
View raw message