Hi,
I'm trying to use Rampart to encrypt my message body using a symetric secret
key.
Sample 9, included with the Rampart distibution, does just this. The actual key
is hard-coded in a callback function both on the client and the server. My
understanding is that the key is the only piece of data needed to encode the
message.
I was wondering why this part of the client config file:
<action>
<items>Encrypt</items>
<user>client</user>
<encryptionKeyIdentifier>EmbeddedKeyName</encryptionKeyIdentifier>
<EmbeddedKeyCallbackClass>org.apache.rampart.samples.sample09.PWCBHandler</EmbeddedKeyCallbackClass>
<encryptionPropFile>client.properties</encryptionPropFile>
<EmbeddedKeyName>SessionKey</EmbeddedKeyName>
</action>
contains the encryptionPropFile property. The said property file contains this:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=apache
org.apache.ws.security.crypto.merlin.file=client.jks
Now, I can see why we need to configure the provider class. But why does
Rampart need the keystore? I'm not using public/private keys or certificates,
just one secret key.
The code works, but I'd like to simplify it as much as possible. The properties
and keystore files shouldn't be necessary, unless I'm misunderstanding
something.
Many thanks
Michael Davis
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
