[
https://issues.apache.org/jira/browse/WSS-551?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-551.
-------------------------------------
Resolution: Fixed
> Property passwordEncryptorInstance is not honored
> -------------------------------------------------
>
> Key: WSS-551
> URL: https://issues.apache.org/jira/browse/WSS-551
> Project: WSS4J
> Issue Type: Bug
> Affects Versions: 2.0.5
> Reporter: Wladislaw Mitzel
> Assignee: Colm O hEigeartaigh
> Fix For: 2.0.6, 2.1.3
>
> Attachments: WSS-551_WSHandler.patch, wss4j-example.zip
>
>
> The configuration documentation says
> || Tag name || Tag value || Tag meaning ||
> | *WSS4J 2.0.0* PASSWORD_ENCRYPTOR_INSTANCE | passwordEncryptorInstance |
> A PasswordEncryptor instance used to decrypt encrypted passwords in Crypto
> properties files. The default is the JasyptPasswordEncryptor. |
> When configuring a {{passwordEncryptorInstance}} for {{WSS4JOutInterceptor}}
> (line 20) the property is not honored.
> {code:xml|linenumbers=true}
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://www.springframework.org/schema/beans";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xmlns:jaxws="http://cxf.apache.org/jaxws";
> xsi:schemaLocation="http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
> http://cxf.apache.org/jaxws
> http://cxf.apache.org/schemas/jaxws.xsd";>
> <jaxws:endpoint id="hello" address="/hello"
> implementor="de.wlami.wss4jexample.Service">
> <jaxws:outInterceptors>
> <bean id="TimestampSignEncrypt_Response"
> class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
> <constructor-arg>
> <map>
> <entry key="action" value="Timestamp Signature" />
> <entry key="user" value="servicekey" />
> <entry key="signaturePropFile" value="serviceKeystore.properties"
> />
> <entry key="encryptionPropFile"
> value="serviceKeystore.properties" />
> <entry key="encryptionUser" value="useReqSigCert" />
> <entry key="passwordCallbackClass"
> value="de.wlami.wss4jexample.PasswordCallback" />
> <entry key="passwordEncryptorInstance"
> value-ref="customPasswordEncrypter" />
> </map>
> </constructor-arg>
> </bean>
> </jaxws:outInterceptors>
> </jaxws:endpoint>
> <bean id="customPasswordEncrypter"
> class="de.wlami.wss4jexample.CustomPasswordEncrypter"></bean>
> </beans>
> {code}
> The only code which seems to use the documented property is located in
> {{org.apache.wss4j.stax.ConfigurationConverter.parseCrypto(Map<String,
> Object>, WSSSecurityProperties)}}. However this method is only called from
> test classes as far as i could see. Using the given configuration the default
> {{JasyptPasswordEncryptor}} is created instead of the configured class.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
