Hi David, Also - should there be a PrivateKeyProvider: > PrivateKey getKey(String keyId); >
+1. Please submit a PR. > > > > https://github.com/apache/cxf/tree/master/rt/rs/security/http-signature/src/main/java/org/apache/cxf/rs/security/httpsignature/filters > > There are no ClientRequestInterceptor to do the digest which is crucial > to > > the security protocol: > > https://tools.ietf.org/html/draft-cavage-http-signatures-10 > > > > Maybe that should be added as a WriterInterceptor (e.g. quite late in the > > chain) - as one of the required headers is the Date header? > > > > Also - should digest + sign maybe be in one filter - as they go together > > to implement the spec? > Yeah I was leaving the digest part until after I did an initial cleanup of the filters, and supported configuration via properties. I'll look at this next, although feel free to work on it if you'd prefer. > > > > Can the interceptors and filters be made non-final - > Done. Colm. > > > -- > > -- > > David J. M. Karlsen - http://www.linkedin.com/in/davidkarlsen > > > > > -- > -- > David J. M. Karlsen - http://www.linkedin.com/in/davidkarlsen > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
