Re: Question about Rampart

Wed, 11 Jun 2008 23:38:07 -0700 

thank you

Then :

   * The client encrypt with the public key of the server wiich is
     store in the keystore of the client.

   * The server respond to the client with the key that it is in the
     header of the soap request ?

But in my case the server use a keystore like the client.
I want to do the response with the key given by the client in the header soap how I can do that please ? 

Here is my client_axis2.xml in the client side:
   <module ref="rampart" />
   <parameter name="InflowSecurity">
       <action>
           <items>Encrypt</items>
           <passwordCallbackClass>
               fr.bull.presto.emetteur.commun.PWCBHandler
           </passwordCallbackClass>
           <decryptionPropFile>client.properties</decryptionPropFile>
       </action>
   </parameter>
   <parameter name="OutflowSecurity">
       <action>
           <items>Encrypt</items>
           <encryptionUser>service</encryptionUser>
           <encryptionPropFile>client.properties</encryptionPropFile>
       </action>
   </parameter>

and here my service.xml in the server side :
   <module ref="rampart" />
   <parameter name="OutflowSecurity">
       <action>
           <items>Encrypt</items>
           <encryptionUser>client</encryptionUser>
           <encryptionPropFile>
               service.properties
           </encryptionPropFile>
       </action>
   </parameter>
   <parameter name="InflowSecurity">
       <action>
           <items>Encrypt</items>
           <passwordCallbackClass>
               fr.bull.presto.recepteur.api.PWCBHandler
           </passwordCallbackClass>
           <decryptionPropFile>
               service.properties
           </decryptionPropFile>
       </action>
   </parameter>

The client include natively his public key in the soap header or not ?
How can I specify to the server to use this public key of the client to crypt the response ? 

Thank a lot

Nandana Mihindukulasooriya a écrit :

On Wed, Jun 11, 2008 at 7:41 PM, Fabien Couvert <[EMAIL PROTECTED]>
wrote:


Hi all,
I have a question about the mechanism of Encryption with asymmetric key.
In my application I use 2 keystore, one for the client(specified in the
client.properties file) and one for the server (specified in the
service.properties).

In the client conf file I added :
      <items>Encrypt</items>
      <encryptionUser>service</encryptionUser>
      <encryptionPropFile>client.properties</encryptionPropFile>
    </action>

Everything works fine but how ?! :)

How the client can crypt the message with the public key of the server ?
(name service)



In the keystore of the client, you must be having the service's certificate
with the alias "service". You can check this with the java keytool. Use the
command given bellow to check the content of the key store.

$ keytool -v -list -keystore /path/to/keystore.jks -storepass
keystore-password

How the client recover the public key of the server ?

It has to be there in the client's key store. But in the server side, if you
have use "useReqSigCert" as the encryption user , binary certificate which
was in security header of the request can be used to encrypt the message
back to the client.

Reply via email to