De: Brian Nielsen [mailto:[EMAIL PROTECTED]
Enviado el: jue 12/05/2005 16:57
Para: Garzon Maldonado, Jesus Javier; [email protected]
Asunto: RE: Help needed building secure and scalable web services
I think you are looking for the virtual encryptionUser
"useReqSigCert" that
takes the public key, that was used to sign the request,
to encrypt the
reply - see [1]. I'm not sure if it's documented anywhere
else.
Regards
Brian
[1]
http://cvs.apache.org/viewcvs.cgi/ws-fx/wss4j/src/org/apache/ws/security/han
dler/WSHandlerConstants.java?view=markup
________________________________
From:
Garzon Maldonado, Jesus Javier [mailto:[EMAIL PROTECTED]]
Sent: 12. maj
2005 16:43
To: [email protected]
Subject: Help needed building secure
and scalable web services
Hello all,
Suppose we have a Client,
(called Client01), that invokes a web service,
(called Service01), secured
with wss4j both request and response.
If we want to encrypt request made
from Client01 to Service01 we should
define in client-config.wsdd a sender
handler with the following parameters:
<parameter name="user"
value="user01"/>
<parameter name="encryptionUser"
value="server01"/>
...
On the other side, in order to encrypt the
response, server's sender handler
should include the following
parameters:
<parameter name="user" value="server01"/>
<parameter
name="encryptionUser" value="user01"/>
...
(server01 and user01 are
aliases of server and client certificates
respectively)
So far so
good...
but, what happens if this service is called from several clients,
each one
with its own digital certificate?, how can I configure server's
handlers to
use in the response client's certificate received with service
request?
Help would be
appreciated.
Regards.
