ws-wss4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Werner Dittmann <Werner.Dittm...@t-online.de>
Subject Re: How to configure WSS4JOutInterceptor encryptation for multiple clients
Date Mon, 08 Jun 2009 16:24:14 GMT
IMHO this message "No certificates..." shows up if the request does
not contain the certificate. The option works only if you use the
option "DirectReference" and the request contains the certificate as
base64 encoded data (true for Axis 1.x). If this does not work the
same way in Axis 2 then this should be check as a possible bug.

Regards,
Werner

Cleber Moura schrieb:
> I try to use this option already, but it doesn´t work. It raises an
> exception with the message: "No certificates for user useReqSigCert were
> found for encryption".
> 
> As a workaround I did override the method handleMessage from
> WSS4JOutInterceptor class to set the property "encriptionUser" with the same
> user from IN message.
> 
> Thanks.
> 
> 2009/6/6 Werner Dittmann <Werner.Dittmann@t-online.de>
> 
>> Can you have a look (google :-)  ) for the option "useReqSigCert"?
>> At least in the WSS4J Axis handler this oprion triggers a specical
>> action. This could be the option you a looking for. Ther sever
>> uses the clients's certificate to encrypt the response, the client
>> uses its certificate to sign its request, the clients must use
>> "DirectReference" to submit its certificate in the request. This
>> works for any number of clients.
>>
>> I don't know if this option is also available in CFX.
>>
>> Regards,
>> Werner
>>
>> Cleber Moura schrieb:
>>> Hi,
>>>
>>> I have the fallowing scenario:
>>>
>>> Server Side:
>>> A webservice deployed on JBoss with CXF Stack for webservices. Using
>>> ws-security for signing and encryptation of IN and OUT messages with X509
>>> certificates.
>>>
>>> Cliente Side:
>>> Multiple clients also using ws-security for signing and encryptation of
>> IN
>>> and OUT messages.
>>>
>>> The question is: How can the server encrypt the OUT message with the same
>>> certificate of the IN message? The samples I've found only have the
>> 1-to-1
>>> scenario (one server to one client).
>>>
>>> Thanks!
>>>
>>> Cleber.
>>>
>>
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org


Mime
View raw message