cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Shakirin <ashaki...@talend.com>
Subject RE: Alternative key sources using asymmetric security?
Date Fri, 06 Mar 2015 17:10:26 GMT
Hi Martin,

Yes, for sure. You need to provide own implementation of WSS4J Crypto interface.
Btw CXF supports XKMS standard to get public keys as alternative to keystore.
You can take this either as example of Crypto implementation: https://github.com/apache/cxf/blob/master/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/provider/XkmsCryptoProvider.java


 or use XKMS service to manage your certificates: http://cxf.apache.org/docs/xml-key-management-service-xkms.html


Regards,
Andrei.


> -----Original Message-----
> From: Martin Nielsen [mailto:mnybon@gmail.com]
> Sent: Freitag, 6. März 2015 10:36
> To: users@cxf.apache.org
> Subject: Alternative key sources using asymmetric security?
> 
> Looking at WS-Security asymmetric encryption, i was wondering if it is possible
> in some way to configure CXF to look somewhere else than a java keystore for
> the key information.
> 
> Say that you have a case where you need to add web services to an application
> that already has a public key for all it's users in a database, for example. Would
> it be possible to have CXF look for a public key in the database instead of a
> keystore?
> 
> -Martin
Mime
View raw message