-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pham Hoai Van wrote: > My question is that how to specify which part of that soap msg need to > be encrypted/signed. I do not change their content.
I think the only way to really do that is either have a bean type that specifies it is encrypted data, or just document somewhere that you assume that certain fields are encrypted. For example, for me, all passwords are encrypted, but the application can decide which algorithm and strength to use, based on the framework I developed. Now, if you use RSA for the encryption you will take a big performance hit, but if you use a symmetric algorithm the performance hit is much, much smaller. - -- Corruptisima republica plurimae leges. [The more corrupt a republic, the more laws.] Tacitus from Annals III, 116AD Blogs: http://jamesruminations.blogspot.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) iD8DBQFCYHDDJ/zyYkX46joRAieKAJ416pigXPK8at/jC+GAkHGhaVC4mACfQhYt Qi9IZGgrX6sXkLGQR/xR6iw= =NXPN -----END PGP SIGNATURE-----
