cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glen Mazza <glen.ma...@gmail.com>
Subject Can CXF encrypt the soap:header and soap:body with different keys?
Date Mon, 08 Sep 2008 22:23:06 GMT

Hello, I'm not sure how important a use case this is, but does CXF have the
ability to encrypt the soap:header differently from the soap:body?  Perhaps
a typical example might be accessing bank account information--an
intermediary node (with its own private key) could be used to check the SAML
or other security token specified in the soap:header while the business
service (with a different private key) could decrypt the actual bank account
information in the soap:body.  In this case, the client would need to
encrypt the soap:header and soap:body with different public keys for this
system to work.

I would guess a way to implement this would be to configure two
WSS4JOutInterceptors[1], specifying different encryptionParts (one for
header, one for body)--would that be workable?  If necessary, I can add a
JIRA enhancement request for this.

I think I'll ask the same question on the Metro list for this.

Regards,
Glen

[1]
http://www.jroller.com/gmazza/entry/implementing_ws_security_with_the#PKICXF5
(Step 5, substep 1)

-- 
View this message in context: http://www.nabble.com/Can-CXF-encrypt-the-soap%3Aheader-and-soap%3Abody-with-different-keys--tp19382497p19382497.html
Sent from the cxf-dev mailing list archive at Nabble.com.


Mime
View raw message