Hi
On 3/18/07, Andres Bernasconi <[EMAIL PROTECTED]> wrote:
Hi all, First of all, I wanted to suggest that the USER used in the Encryption example of XFire's WS-Security page be set to "myAlias", since that's the name used when the keys were created (instead of myserveralias). Second, I wanted to know how all this would work in production, since this mechanism requires a password in the out_encryption.properties file (and in the incoming properties file as well). Is there any way to "hide" this information? I guess it would make it hard to transition my artifact (web application) from one environment to the other (dev, integration, testing, prod...)
You can create your own crypto provider ( probably extending Merlin) which will decrypt paswords from config files during loading.
and BTW, the example works perfectly ok.
Thx :) -- ----- When one of our products stops working, we'll blame another vendor within 24 hours. --------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email
