Interesting idea.
I'd implement it as a CXF InInterceptor, appropriately place after
the CXF WSS4J InInterceptor, and then grab the X.509 certificate off
the request context. You can then use JCE interfaces to validate the
received certificate off your CRL, to make sure it hasn't been revoked.
-Fred
On Nov 29, 2007, at 9:44 AM, Olivier OTTAVI wrote:
Does anyone use WS-Security with X509 certificates and manage to
validate
against CRL with CXF or WSS4J ? I am looking for a standard or a
custom way
to design this validation (throught callback or interceptor for
exemple)
Thanks
