No longer use keystore for truststore purposes if the latter is explicitly
specified.
-------------------------------------------------------------------------------------
Key: WSS-287
URL: https://issues.apache.org/jira/browse/WSS-287
Project: WSS4J
Issue Type: Improvement
Affects Versions: 1.6
Reporter: Glen Mazza
Assignee: Colm O hEigeartaigh
Priority: Minor
According to this blog entry:
http://coheigea.blogspot.com/2011/01/wss4j-16-crypto-property-change.html
Quote: "One final note - when building a validation chain to validate a
received credential, WSS4J uses both the truststore and the keystore. This is
for backwards compatibility reasons, where the user does not specify a
truststore using the new config."
Recommend switching this algorithm to *not* use the keystore for validation if
the truststore is explicitly validated.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
