ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (WSS-287) No longer use keystore for truststore purposes if the latter is explicitly specified.
Date Wed, 01 Jun 2011 16:56:47 GMT

     [ https://issues.apache.org/jira/browse/WSS-287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh resolved WSS-287.
-------------------------------------

    Resolution: Fixed

> No longer use keystore for truststore purposes if the latter is explicitly specified.
> -------------------------------------------------------------------------------------
>
>                 Key: WSS-287
>                 URL: https://issues.apache.org/jira/browse/WSS-287
>             Project: WSS4J
>          Issue Type: Improvement
>    Affects Versions: 1.6
>            Reporter: Glen Mazza
>            Assignee: Colm O hEigeartaigh
>            Priority: Minor
>             Fix For: 1.6.1
>
>
> According to this blog entry: http://coheigea.blogspot.com/2011/01/wss4j-16-crypto-property-change.html
> Quote: "One final note - when building a validation chain to validate a received credential,
WSS4J uses both the truststore and the keystore. This is for backwards compatibility reasons,
where the user does not specify a truststore using the new config."
> Recommend switching this algorithm to *not* use the keystore for validation if the truststore
is explicitly validated.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message