Abilty to dynamically set Encryption certificate on client
----------------------------------------------------------
Key: RAMPART-25
URL: https://issues.apache.org/jira/browse/RAMPART-25
Project: Rampart
Issue Type: Improvement
Components: rampart-core
Affects Versions: 1.1
Reporter: Hans G Knudsen
Hi!
I was looking for a way to dynamically specify the encryption certificate in a
client, instead of specifying it statically in the RampartConfig by defining
the 'encryptionUser'.
Looking at RampartUtil.setEncryptionUser it looked like the only way to do it,
was to resemble the 'useReqSigCert' option which makes the server use the
received signature certificate for encryption on a reply..
This would look something like this...
X509Certificate cert = fetchFromLdap( recipient );
Vector results = new Vector();
WSSecurityEngineResult wsser = new
WSSecurityEngineResult(WSConstants.SIGN, null, cert, null, new byte[0]);
results.add( wsser );
WSHandlerResult wshr = new WSHandlerResult("STRING", results);
Vector resultObj = new Vector();
resultObj.add( wshr );
clientOptions.setProperty( WSHandlerConstants.RECV_RESULTS,
resultObj );
Would It be usefull to be able to specify the certificate as a Rampart
parameter/property - something like :
clientOptions.serProperty(
RampartMessageData.ENCRYPTION_CERTIFICATE, cert );
and have RampartUtil check 'encryptionUser' for eg 'useParamCert' and use the
transfered certificate for outgoing encryption.
Should I supply a proposal as a diff ??
/hans
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
