cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Shakirin <ashaki...@talend.com>
Subject RE: cxf keystore security problem - org.apache.cxf.binding.soap.SoapFault: Empty username for specified action.
Date Fri, 03 May 2013 09:59:16 GMT
Hi, 

Private key is password protected in the java keystore.
CXF needs private key for the signature, therefore password should be provided using PasswordCallback
for each alias.

Regards,
Andrei.

> -----Original Message-----
> From: cvm [mailto:chetan.v.minajagi@jpmorgan.com]
> Sent: Donnerstag, 2. Mai 2013 16:54
> To: users@cxf.apache.org
> Subject: Re: cxf keystore security problem -
> org.apache.cxf.binding.soap.SoapFault: Empty username for specified action.
> 
> Pardon my ignorance.But why do I have to set the password on the client
> Callback when we are using Signature.I can understand the usage of it when
> using Usernametoken where we need to send the username/pwd combo
> and validate it on the server side but when we are using keystores and
> providing all the relevant information on the signaturePropFile why do we
> still need to set the password to the keystore password on the client callback
> handler?
> Th 2nd part of the question is what is the right way of fetching this
> password.At the moment I'm doing as follows
> 
> 
> 
> abcd123 is my keystore password.Obviously this is ok for test but in a prod
> scenario where do i go and fetch this password to be set?
> 
> 
> 
> 
> --
> View this message in context: http://cxf.547215.n5.nabble.com/cxf-
> keystore-security-problem-org-apache-cxf-binding-soap-SoapFault-Empty-
> username-for-specified-act-tp5726920p5727071.html
> Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message