[jira] Commented: (RAMPART-25) Abilty to dynamically set Encryption certificate on client

Thu, 13 Dec 2007 07:37:03 -0800 

    [ 
https://issues.apache.org/jira/browse/RAMPART-25?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12551537
 ] 

Pete commented on RAMPART-25:
-----------------------------

Hello Hans,

I believe this is similar to what I was looking for in a post I made to the 
group long ago and was looking for a way around this. (I was attempting to do 
this programmatically and not finding enough documentation detail on the net 
and in rampart...)

Namely: I have the same service residing on many different endpoints. I need to 
change the encryption cert (send and receive) depending on which one I am 
sending the message to.

I didn't get many responses back from my questions on the best way of 
implementing this.

You have any recommendations? Sounds like you are dealing with something 
similar..

Thanks!
-Pete



> Abilty to dynamically set Encryption certificate on client
> ----------------------------------------------------------
>
>                 Key: RAMPART-25
>                 URL: https://issues.apache.org/jira/browse/RAMPART-25
>             Project: Rampart
>          Issue Type: Improvement
>          Components: rampart-core
>    Affects Versions: 1.1, 1.2, 1.3
>            Reporter: Hans G Knudsen
>
> Hi!
> I was looking for a way to dynamically specify the encryption certificate in 
> a client, instead of specifying it statically in the RampartConfig by 
> defining the 'encryptionUser'.
> Looking at RampartUtil.setEncryptionUser it looked like the only way to do 
> it, was to resemble the 'useReqSigCert' option which makes the server use the 
> received signature certificate for encryption on a reply..
> This would look something like this...
>                 X509Certificate cert = fetchFromLdap( recipient );
>                 Vector results = new Vector();
>                 WSSecurityEngineResult wsser = new 
> WSSecurityEngineResult(WSConstants.SIGN, null, cert, null, new byte[0]);
>                 results.add( wsser );
>                 
>                 WSHandlerResult wshr = new WSHandlerResult("STRING", results);
>                 Vector resultObj = new Vector();
>                 resultObj.add( wshr );
>                 
>                 clientOptions.setProperty( WSHandlerConstants.RECV_RESULTS, 
> resultObj );
> Would It be usefull to be able to specify the certificate as a Rampart 
> parameter/property - something like :
>                clientOptions.serProperty( 
> RampartMessageData.ENCRYPTION_CERTIFICATE, cert );
> and have RampartUtil check 'encryptionUser' for eg 'useParamCert' and use the 
> transfered certificate for outgoing encryption.
> Should I supply a proposal as a diff ??
> /hans

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to