axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nandana Mihindukulasooriya" <nandana....@gmail.com>
Subject Re: ws-security: Encryption using UserToken
Date Mon, 31 Dec 2007 17:19:15 GMT
Hi Patrick,

However what is still not clear to me is why in that sample there are using
> passwordCallbackClass to set key along with
> encryptionPropFile/decryptionPropFile
> (which eventually points to keystore). Shouldn't keystores  be redundant
> in symmetric encryption?


Yes, in this scenario we don't need encryptionPropFile/decryptionPropFile as
they are only needed when using a key store. This means that sample should
work if just remove the redundant encryptionPropFile/decryptionPropFile
attributes from the configuration.
   But there is a check in WSS4J which checks whether there is a property
file
when ever there is encryption. This check should be done only if a key store
is
involved. But this is bit tricky when it comes to decryption as this
information
( whether an embedded key was used ) is only available while processing the
encrypted elements but the key store is loaded in an earlier stage. But if
we
just remove that check this sample works fine with
encryptionPropFile/decryptionPropFile
attributes removed from the security configuration parameters.

Thanks,
Nandana

Mime
View raw message