cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrei Shakirin (Commented) (JIRA)" <>
Subject [jira] [Commented] (CXF-4049) Check external CryptoProvider from message context properties in Wss4jInInterceptor
Date Fri, 02 Mar 2012 10:37:00 GMT


Andrei Shakirin commented on CXF-4049:

Hi Colm,

Probably not completely got your comment from 20/Jan/12.
If I move this functionality to "Wss4jInInterceptor.computeAction()", PolicyBasedWss4JInInterceptor
will override with method and custom crypto provider will not be activated. Or did you mean
"PolicyBasedWss4JInInterceptor.computeAction()"? Also not sure that computeAction() is the
right place for checking custom crypto provider.

But as far as you already fixed this problem by [CXF-4034|]
in "PolicyBasedWss4JInInterceptor.checkAsymmetricBinding()", it doesn't matter.
> Check external CryptoProvider from message context properties in Wss4jInInterceptor
> -----------------------------------------------------------------------------------
>                 Key: CXF-4049
>                 URL:
>             Project: CXF
>          Issue Type: Improvement
>          Components: Core
>    Affects Versions: 2.5.1
>         Environment: Windows
>            Reporter: Andrei Shakirin
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.4.7, 2.5.3
>         Attachments: WSS4JInInterceptor.patch, WSS4JInInterceptor.patch
> Hi,
> Just a small improvements in Wss4jInInterceptor.
> Normally CryptoProvider doesn't instantiated directly via CryptoFactory, but firstly
tried to obtained from message context properties (SecurityConstants.ENCRYPT_CRYPTO, SecurityConstants.SIGNATURE_CRYPTO).
And only if the properties are not set, CryptoProvider is instantiated via CryptoFactory.
This gives the possibility to replace Merlin CryptoProvider to custom one (probably non keystore
> AbstractBindingBuilder, XmlSignHandler, SAMLUtils are working in this way.
> Unfortunatelly it is not the case for Wss4jInInterceptor. It doesn't initializes crypto
provider in RequestData and crypto provider is always created via CryptoFactory. It makes
impossible to use custom implementation of CryptoProvider in incoming chain.
> Patch is attached.
> Regards,
> Andrei.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message