cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glen Mazza <>
Subject Can CXF encrypt the soap:header and soap:body with different keys?
Date Mon, 08 Sep 2008 22:23:06 GMT

Hello, I'm not sure how important a use case this is, but does CXF have the
ability to encrypt the soap:header differently from the soap:body?  Perhaps
a typical example might be accessing bank account information--an
intermediary node (with its own private key) could be used to check the SAML
or other security token specified in the soap:header while the business
service (with a different private key) could decrypt the actual bank account
information in the soap:body.  In this case, the client would need to
encrypt the soap:header and soap:body with different public keys for this
system to work.

I would guess a way to implement this would be to configure two
WSS4JOutInterceptors[1], specifying different encryptionParts (one for
header, one for body)--would that be workable?  If necessary, I can add a
JIRA enhancement request for this.

I think I'll ask the same question on the Metro list for this.


(Step 5, substep 1)

View this message in context:
Sent from the cxf-dev mailing list archive at

View raw message