cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (CXF-5270) XKMS Crypto Client does not check local keystore for "locate" if the alias is actually a Subject DN
Date Wed, 11 Sep 2013 10:55:51 GMT

     [ https://issues.apache.org/jira/browse/CXF-5270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh resolved CXF-5270.
--------------------------------------

    Resolution: Fixed
    
> XKMS Crypto Client does not check local keystore for "locate" if the alias is actually
a Subject DN
> ---------------------------------------------------------------------------------------------------
>
>                 Key: CXF-5270
>                 URL: https://issues.apache.org/jira/browse/CXF-5270
>             Project: CXF
>          Issue Type: Bug
>          Components: Services
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.7.7
>
>
> The XKMS Crypto provider tries to get a Certificate for the value configured for "ws-security.encryption.username".
WSS4J treats this as an "alias", and the XKMS Crypto Provider first tries to get the Certificate
from a local keystore using this, before going off to the XKMS Server. However, if the encryption
username is in the form of a Subject DN it will fail to retrieve the certificate locally,
and always call out to the XKMS Server.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message