Support to configure keystore per SAML realm
--------------------------------------------
Key: CXF-3924
URL: https://issues.apache.org/jira/browse/CXF-3924
Project: CXF
Issue Type: Improvement
Components: Services
Affects Versions: 2.5
Reporter: Oliver Wulff
You can configure the keystore in the properties file you configure using the
attribute signaturePropertiesFile of the StaticSTSProperties class which is
shared by all SAMLRealms. If you store several keys in one keystore, you can
configure the signatureAlias in each SAMLRealm.
It's best practise to not share several private keys in a single java keystore.
If you configure several realms in your STS deployment and each realm uses a
different key to sign the saml assertion you must store all private keys in one
java keystore.
Enhancement description:
Add the signaturePropertiesFile to the SAMLRealm too which is optional but if
configured has higher priority than signaturePropertiesFile in
StaticSTSProperties.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
