Hi all, First of all, I wanted to suggest that the USER used in the Encryption example of XFire's WS-Security page be set to "myAlias", since that's the name used when the keys were created (instead of myserveralias).
Second, I wanted to know how all this would work in production, since this mechanism requires a password in the out_encryption.properties file (and in the incoming properties file as well). Is there any way to "hide" this information? I guess it would make it hard to transition my artifact (web application) from one environment to the other (dev, integration, testing, prod...) and BTW, the example works perfectly ok. Cheers, Andres Bernasconi
