cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1331953 - in /cxf/trunk: rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/ rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/ systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/
Date Sun, 29 Apr 2012 17:11:25 GMT
Author: sergeyb
Date: Sun Apr 29 17:11:24 2012
New Revision: 1331953

URL: http://svn.apache.org/viewvc?rev=1331953&view=rev
Log:
[CXF-4274] Support for a useReqSigCert for encrypting the responses from JAX-RS endpoints

Modified:
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSigInHandler.java
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSigOutInterceptor.java
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml

Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java?rev=1331953&r1=1331952&r2=1331953&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
(original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/SecurityUtils.java
Sun Apr 29 17:11:24 2012
@@ -34,6 +34,7 @@ import org.apache.cxf.common.util.Base64
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.ws.security.WSPasswordCallback;
 import org.apache.ws.security.WSSecurityException;
@@ -45,11 +46,21 @@ public final class SecurityUtils {
     
     public static final String X509_KEY = "X509_KEY";
     public static final String X509_ISSUER_SERIAL = "X509_ISSUER_SERIAL";
+    public static final String USE_REQUEST_SIGNATURE_CERT = "useReqSigCert";
     
     private SecurityUtils() {
         
     }
     
+    public static boolean isSignedAndEncryptedTwoWay(Message m) {
+        Message outMessage = m.getExchange().getOutMessage();
+        Message requestMessage = outMessage != null && MessageUtils.isRequestor(outMessage)

+            ? outMessage : m;
+        return "POST".equals((String)requestMessage.get(Message.HTTP_REQUEST_METHOD))
+            && m.getContextualProperty(SecurityConstants.ENCRYPT_PROPERTIES) != null

+            && m.getContextualProperty(SecurityConstants.SIGNATURE_PROPERTIES) !=
null;
+    }
+    
     public static X509Certificate loadX509Certificate(Crypto crypto, Element certNode) 
         throws Exception {
         String base64Value = certNode.getTextContent().trim();
@@ -90,14 +101,18 @@ public final class SecurityUtils {
     
     public static String getUserName(Message message, Crypto crypto, String userNameKey)
{
         String user = (String)message.getContextualProperty(userNameKey);
-        if (crypto != null && StringUtils.isEmpty(user)) {
+        return getUserName(crypto, user);
+    }
+    
+    public static String getUserName(Crypto crypto, String userName) {
+        if (crypto != null && StringUtils.isEmpty(userName)) {
             try {
-                user = crypto.getDefaultX509Identifier();
+                userName = crypto.getDefaultX509Identifier();
             } catch (WSSecurityException e1) {
                 throw new Fault(e1);
             }
         }
-        return user;
+        return userName;
     }
     
     public static String getPassword(Message message, String userName, 

Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java?rev=1331953&r1=1331952&r2=1331953&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
(original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlEncInHandler.java
Sun Apr 29 17:11:24 2012
@@ -87,11 +87,20 @@ public abstract class AbstractXmlEncInHa
     
     // Subclasses can overwrite it and return the bytes, assuming they know the actual key
     protected byte[] getSymmetricKeyBytes(Message message, Element encDataElement) {
+        
+        String cryptoKey = null; 
+        String propKey = null;
+        if (SecurityUtils.isSignedAndEncryptedTwoWay(message)) {
+            cryptoKey = SecurityConstants.SIGNATURE_CRYPTO;
+            propKey = SecurityConstants.SIGNATURE_PROPERTIES;
+        } else {
+            cryptoKey = SecurityConstants.ENCRYPT_CRYPTO;
+            propKey = SecurityConstants.ENCRYPT_PROPERTIES;
+        }
+        
         Crypto crypto = null;
         try {
-            crypto = new CryptoLoader().getCrypto(message,
-                               SecurityConstants.ENCRYPT_CRYPTO,
-                               SecurityConstants.ENCRYPT_PROPERTIES);
+            crypto = new CryptoLoader().getCrypto(message, cryptoKey, propKey);
         } catch (Exception ex) {
             throwFault("Crypto can not be loaded", ex);
         }

Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSigInHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSigInHandler.java?rev=1331953&r1=1331952&r2=1331953&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSigInHandler.java
(original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSigInHandler.java
Sun Apr 29 17:11:24 2012
@@ -32,6 +32,7 @@ import org.w3c.dom.Node;
 import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.rs.security.common.CryptoLoader;
+import org.apache.cxf.rs.security.common.SecurityUtils;
 import org.apache.cxf.rs.security.common.TrustValidator;
 import org.apache.cxf.staxutils.W3CDOMStreamReader;
 import org.apache.cxf.ws.security.SecurityConstants;
@@ -71,17 +72,20 @@ public class AbstractXmlSigInHandler ext
             throwFault("XML Signature is not available", null);
         }
         
+        String cryptoKey = null; 
+        String propKey = null;
+        if (SecurityUtils.isSignedAndEncryptedTwoWay(message)) {
+            cryptoKey = SecurityConstants.ENCRYPT_CRYPTO;
+            propKey = SecurityConstants.ENCRYPT_PROPERTIES;
+        } else {
+            cryptoKey = SecurityConstants.SIGNATURE_CRYPTO;
+            propKey = SecurityConstants.SIGNATURE_PROPERTIES;    
+        }
+        
         Crypto crypto = null;
         try {
             CryptoLoader loader = new CryptoLoader();
-            crypto = loader.getCrypto(message, 
-                               SecurityConstants.SIGNATURE_CRYPTO,
-                               SecurityConstants.SIGNATURE_PROPERTIES);
-            if (crypto == null) {
-                crypto = loader.getCrypto(message, 
-                                   SecurityConstants.ENCRYPT_CRYPTO,
-                                   SecurityConstants.ENCRYPT_PROPERTIES);
-            }
+            crypto = loader.getCrypto(message, cryptoKey, propKey);
         } catch (Exception ex) {
             throwFault("Crypto can not be loaded", ex);
         }

Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java?rev=1331953&r1=1331952&r2=1331953&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
(original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlEncOutInterceptor.java
Sun Apr 29 17:11:24 2012
@@ -40,6 +40,7 @@ import org.apache.cxf.common.util.Base64
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.rs.security.common.CryptoLoader;
 import org.apache.cxf.rs.security.common.SecurityUtils;
 import org.apache.cxf.ws.security.SecurityConstants;
@@ -53,6 +54,7 @@ import org.apache.ws.security.util.UUIDG
 import org.apache.ws.security.util.WSSecurityUtil;
 import org.apache.xml.security.algorithms.JCEMapper;
 import org.apache.xml.security.encryption.XMLCipher;
+import org.apache.xml.security.signature.XMLSignature;
 import org.apache.xml.security.utils.EncryptionConstants;
 
 public class XmlEncOutInterceptor extends AbstractXmlSecOutInterceptor {
@@ -106,20 +108,34 @@ public class XmlEncOutInterceptor extend
         Document encryptedDataDoc = DOMUtils.createDocument();
         Element encryptedDataElement = createEncryptedDataElement(encryptedDataDoc);
         if (encryptSymmetricKey) {
-            CryptoLoader loader = new CryptoLoader();
-            Crypto crypto = loader.getCrypto(message, 
-                                      SecurityConstants.ENCRYPT_CRYPTO,
-                                      SecurityConstants.ENCRYPT_PROPERTIES);
+            X509Certificate receiverCert = null;
             
-            String user = 
-                SecurityUtils.getUserName(message, crypto, SecurityConstants.ENCRYPT_USERNAME);
-            if (StringUtils.isEmpty(user)) {
-                return null;
+            String userName = (String)message.getContextualProperty(SecurityConstants.ENCRYPT_USERNAME);
+            if (userName != null 
+                && SecurityUtils.USE_REQUEST_SIGNATURE_CERT.equals(userName)
+                && !MessageUtils.isRequestor(message)) {
+                XMLSignature sig = message.getExchange().getInMessage().getContent(XMLSignature.class);
+                if (sig != null) {
+                    receiverCert = sig.getKeyInfo().getX509Certificate(); 
+                }
+            } else {
+                CryptoLoader loader = new CryptoLoader();
+                Crypto crypto = loader.getCrypto(message, 
+                                          SecurityConstants.ENCRYPT_CRYPTO,
+                                          SecurityConstants.ENCRYPT_PROPERTIES);
+                
+                userName = SecurityUtils.getUserName(crypto, userName);
+                if (StringUtils.isEmpty(userName)) {
+                    throw new WSSecurityException("User name is not available");
+                }
+                receiverCert = getReceiverCertificateFromCrypto(crypto, userName);
+            }
+            if (receiverCert == null) {
+                throw new WSSecurityException("Receiver certificate is not available");
             }
-            X509Certificate cert = getReceiverCertificate(crypto, user);
-            byte[] encryptedSecretKey = encryptSymmetricKey(secretKey, cert, crypto);
 
-            addEncryptedKeyElement(encryptedDataElement, cert, encryptedSecretKey);
+            byte[] encryptedSecretKey = encryptSymmetricKey(secretKey, receiverCert);
+            addEncryptedKeyElement(encryptedDataElement, receiverCert, encryptedSecretKey);
         }
                
         // encrypt payloadDoc
@@ -150,7 +166,7 @@ public class XmlEncOutInterceptor extend
         return symmetricKey.getEncoded();
     }
     
-    private X509Certificate getReceiverCertificate(Crypto crypto, String user) throws Exception
{
+    private X509Certificate getReceiverCertificateFromCrypto(Crypto crypto, String user)
throws Exception {
         X509Certificate[] certs = SecurityUtils.getCertificates(crypto, user);
         return certs[0];
     }
@@ -183,8 +199,7 @@ public class XmlEncOutInterceptor extend
     // Apache Security XMLCipher does not support 
     // Certificates for encrypting the keys
     protected byte[] encryptSymmetricKey(byte[] keyBytes, 
-                                         X509Certificate remoteCert,
-                                         Crypto crypto) throws WSSecurityException {
+                                         X509Certificate remoteCert) throws WSSecurityException
{
         Cipher cipher = 
             EncryptionUtils.initCipherWithCert(
                 keyEncAlgo, digestAlgo, Cipher.ENCRYPT_MODE, remoteCert

Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSigOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSigOutInterceptor.java?rev=1331953&r1=1331952&r2=1331953&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSigOutInterceptor.java
(original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSigOutInterceptor.java
Sun Apr 29 17:11:24 2012
@@ -103,16 +103,10 @@ public class XmlSigOutInterceptor extend
         Crypto crypto = loader.getCrypto(message, 
                                          SecurityConstants.SIGNATURE_CRYPTO,
                                          SecurityConstants.SIGNATURE_PROPERTIES);
-        if (crypto == null) {
-            crypto = loader.getCrypto(message, 
-                                      SecurityConstants.ENCRYPT_CRYPTO,
-                                      SecurityConstants.ENCRYPT_PROPERTIES);
-            userNameKey = SecurityConstants.ENCRYPT_USERNAME;
-        }
         String user = SecurityUtils.getUserName(message, crypto, userNameKey);
          
-        if (StringUtils.isEmpty(user)) {
-            return null;
+        if (StringUtils.isEmpty(user) || SecurityUtils.USE_REQUEST_SIGNATURE_CERT.equals(user))
{
+            throw new WSSecurityException("User name is not available");
         }
 
         String password = 

Modified: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java?rev=1331953&r1=1331952&r2=1331953&view=diff
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
(original)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
Sun Apr 29 17:11:24 2012
@@ -154,7 +154,7 @@ public class JAXRSXmlSecTest extends Abs
         properties.put("ws-security.encryption.username", "bob");
         properties.put("ws-security.encryption.properties", 
                        "org/apache/cxf/systest/jaxrs/security/bob.properties");
-        doTestPostEncryptedBook(address, properties);
+        doTestPostEncryptedBook(address, false, properties);
     }
     
     @Test
@@ -167,7 +167,7 @@ public class JAXRSXmlSecTest extends Abs
         properties.put("ws-security.encryption.properties", 
                        "org/apache/cxf/systest/jaxrs/security/bob.properties");
         String aes128GCM = "http://www.w3.org/2009/xmlenc11#aes128-gcm";
-        doTestPostEncryptedBook(address, properties, SecurityUtils.X509_KEY, aes128GCM, null);
+        doTestPostEncryptedBook(address, false, properties, SecurityUtils.X509_KEY, aes128GCM,
null);
     }
     
     @Test
@@ -180,7 +180,7 @@ public class JAXRSXmlSecTest extends Abs
         properties.put("ws-security.encryption.properties", 
                        "org/apache/cxf/systest/jaxrs/security/bob.properties");
         doTestPostEncryptedBook(
-            address, properties, SecurityUtils.X509_KEY, XMLCipher.AES_128, XMLCipher.SHA256
+            address, false, properties, SecurityUtils.X509_KEY, XMLCipher.AES_128, XMLCipher.SHA256
         );
     }
     
@@ -194,7 +194,7 @@ public class JAXRSXmlSecTest extends Abs
         properties.put("ws-security.encryption.properties", 
                        "org/apache/cxf/systest/jaxrs/security/bob.properties");
         doTestPostEncryptedBook(
-            address, properties, SecurityUtils.X509_ISSUER_SERIAL, XMLCipher.AES_128, null
+            address, false, properties, SecurityUtils.X509_ISSUER_SERIAL, XMLCipher.AES_128,
null
         );
     }
     
@@ -210,33 +210,34 @@ public class JAXRSXmlSecTest extends Abs
         properties.put("ws-security.signature.username", "alice");
         properties.put("ws-security.signature.properties", 
                        "org/apache/cxf/systest/jaxrs/security/alice.properties");
-        doTestPostEncryptedBook(address, properties);
+        doTestPostEncryptedBook(address, true, properties);
         
     }
     
     @Test
-    //Encryption properties are shared by encryption and signature handlers
-    public void testPostEncryptedSignedBookSharedProps() throws Exception {
-        String address = "https://localhost:" + PORT + "/xmlsec2/bookstore/books";
+    public void testPostEncryptedSignedBookUseReqSigCert() throws Exception {
+        String address = "https://localhost:" + PORT + "/xmlsec-useReqSigCert/bookstore/books";
         Map<String, Object> properties = new HashMap<String, Object>();
         properties.put("ws-security.callback-handler", 
                        "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
         properties.put("ws-security.encryption.username", "bob");
         properties.put("ws-security.encryption.properties", 
                        "org/apache/cxf/systest/jaxrs/security/bob.properties");
-        doTestPostEncryptedBook(address, properties);
-        
+        properties.put("ws-security.signature.username", "alice");
+        properties.put("ws-security.signature.properties", 
+                       "org/apache/cxf/systest/jaxrs/security/alice.properties");
+        doTestPostEncryptedBook(address, true, properties);
     }
     
-    public void doTestPostEncryptedBook(String address, Map<String, Object> properties)

+    public void doTestPostEncryptedBook(String address, boolean sign, Map<String, Object>
properties) 
         throws Exception {
         doTestPostEncryptedBook(
-            address, properties, SecurityUtils.X509_KEY, XMLCipher.AES_128, null
+            address, sign, properties, SecurityUtils.X509_KEY, XMLCipher.AES_128, null
         );
     }
     
     public void doTestPostEncryptedBook(
-        String address, Map<String, Object> properties,
+        String address, boolean sign, Map<String, Object> properties,
         String keyIdentifierType, String symmetricAlgorithm,
         String digestAlgorithm
     ) throws Exception {
@@ -249,7 +250,9 @@ public class JAXRSXmlSecTest extends Abs
         bean.setBus(springBus);
 
         bean.setProperties(properties);
-        bean.getOutInterceptors().add(new XmlSigOutInterceptor());
+        if (sign) {
+            bean.getOutInterceptors().add(new XmlSigOutInterceptor());
+        }
         XmlEncOutInterceptor encInterceptor = new XmlEncOutInterceptor();
         encInterceptor.setKeyIdentifierType(keyIdentifierType);
         encInterceptor.setSymmetricEncAlgorithm(symmetricAlgorithm);
@@ -257,8 +260,13 @@ public class JAXRSXmlSecTest extends Abs
         bean.getOutInterceptors().add(encInterceptor);
         
         bean.getInInterceptors().add(new XmlEncInInterceptor());
+        if (sign) {
+            bean.getInInterceptors().add(new XmlSigInInterceptor());
+        }
+        
         
         WebClient wc = bean.createWebClient();
+        WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(10000000L);
         try {
             Book book = wc.post(new Book("CXF", 126L), Book.class);
             assertEquals(126L, book.getId());

Modified: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml?rev=1331953&r1=1331952&r2=1331953&view=diff
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
(original)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/server.xml
Sun Apr 29 17:11:24 2012
@@ -123,22 +123,22 @@ under the License.
           <ref bean="xmlSigHandler"/>
        </jaxrs:providers> 
        <jaxrs:outInterceptors>
+          <ref bean="xmlSigOutHandler"/>
           <ref bean="xmlEncOutHandler"/>
        </jaxrs:outInterceptors>
        <jaxrs:properties>
            <entry key="ws-security.callback-handler" 
                   value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/>
            <entry key="ws-security.encryption.properties" 
-                  value="org/apache/cxf/systest/jaxrs/security/bob.properties"/>
+                  value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
            <entry key="ws-security.signature.properties" 
-                  value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>   
   
+                  value="org/apache/cxf/systest/jaxrs/security/bob.properties"/>     
 
        </jaxrs:properties> 
      
     </jaxrs:server>
-
-    <!-- Encryption properties are shared by encryption and signature handlers -->
    
+    
     <jaxrs:server 
-       address="https://localhost:${testutil.ports.jaxrs-xmlsec}/xmlsec2"> 
+       address="https://localhost:${testutil.ports.jaxrs-xmlsec}/xmlsec-useReqSigCert">

        <jaxrs:serviceBeans>
           <ref bean="serviceBean"/>
        </jaxrs:serviceBeans>
@@ -147,15 +147,20 @@ under the License.
           <ref bean="xmlSigHandler"/>
        </jaxrs:providers> 
        <jaxrs:outInterceptors>
+          <ref bean="xmlSigOutHandler"/>
           <ref bean="xmlEncOutHandler"/>
        </jaxrs:outInterceptors>
        <jaxrs:properties>
            <entry key="ws-security.callback-handler" 
                   value="org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"/>
+           <entry key="ws-security.signature.properties" 
+               value="org/apache/cxf/systest/jaxrs/security/bob.properties"/>
            <entry key="ws-security.encryption.properties" 
-                  value="org/apache/cxf/systest/jaxrs/security/bob.properties"/>
+                  value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>   
   
+           <entry key="ws-security.encryption.username" value="useReqSigCert"/>
        </jaxrs:properties> 
      
     </jaxrs:server>
 
+    
 </beans>



Mime
View raw message