Return-Path: X-Original-To: apmail-cxf-issues-archive@www.apache.org Delivered-To: apmail-cxf-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 907579619 for ; Fri, 2 Mar 2012 13:15:22 +0000 (UTC) Received: (qmail 35682 invoked by uid 500); 2 Mar 2012 13:15:22 -0000 Delivered-To: apmail-cxf-issues-archive@cxf.apache.org Received: (qmail 35654 invoked by uid 500); 2 Mar 2012 13:15:22 -0000 Mailing-List: contact issues-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list issues@cxf.apache.org Received: (qmail 35640 invoked by uid 99); 2 Mar 2012 13:15:22 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Mar 2012 13:15:22 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED,T_RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Mar 2012 13:15:20 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id 1254E4EB4 for ; Fri, 2 Mar 2012 13:14:59 +0000 (UTC) Date: Fri, 2 Mar 2012 13:14:59 +0000 (UTC) From: "Andrei Shakirin (Commented) (JIRA)" To: issues@cxf.apache.org Message-ID: <369769555.11816.1330694099076.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <334377894.59604.1327056340006.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Commented] (CXF-4049) Check external CryptoProvider from message context properties in Wss4jInInterceptor MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/CXF-4049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13220904#comment-13220904 ] Andrei Shakirin commented on CXF-4049: -------------------------------------- Aah, got it. Andrei. > Check external CryptoProvider from message context properties in Wss4jInInterceptor > ----------------------------------------------------------------------------------- > > Key: CXF-4049 > URL: https://issues.apache.org/jira/browse/CXF-4049 > Project: CXF > Issue Type: Improvement > Components: Core > Affects Versions: 2.5.1 > Environment: Windows > Reporter: Andrei Shakirin > Assignee: Colm O hEigeartaigh > Fix For: 2.4.7, 2.5.3 > > Attachments: WSS4JInInterceptor.patch, WSS4JInInterceptor.patch > > > Hi, > Just a small improvements in Wss4jInInterceptor. > Normally CryptoProvider doesn't instantiated directly via CryptoFactory, but firstly tried to obtained from message context properties (SecurityConstants.ENCRYPT_CRYPTO, SecurityConstants.SIGNATURE_CRYPTO). And only if the properties are not set, CryptoProvider is instantiated via CryptoFactory. This gives the possibility to replace Merlin CryptoProvider to custom one (probably non keystore based). > AbstractBindingBuilder, XmlSignHandler, SAMLUtils are working in this way. > Unfortunatelly it is not the case for Wss4jInInterceptor. It doesn't initializes crypto provider in RequestData and crypto provider is always created via CryptoFactory. It makes impossible to use custom implementation of CryptoProvider in incoming chain. > Patch is attached. > Regards, > Andrei. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira