I don't use WS-Sec, so no :) But someone on mailing list mentioned he does.
On 3/19/07, Andres Bernasconi <[EMAIL PROTECTED]> wrote:
do YOU do it like that? On 3/19/07, Tomek Sztelak <[EMAIL PROTECTED]> wrote: > > Hi > > > On 3/18/07, Andres Bernasconi <[EMAIL PROTECTED]> wrote: > > Hi all, > > > > First of all, I wanted to suggest that the USER used in the Encryption > > example of XFire's WS-Security page be set to "myAlias", since that's the > > name used when the keys were created (instead of myserveralias). > > > > Second, I wanted to know how all this would work in production, since this > > mechanism requires a password in the out_encryption.properties file (and in > > the incoming properties file as well). Is there any way to "hide" this > > information? I guess it would make it hard to transition my artifact (web > > application) from one environment to the other (dev, integration, testing, > > prod...) > > You can create your own crypto provider ( probably extending Merlin) > which will decrypt paswords from config files during loading. > > > and BTW, the example works perfectly ok. > > Thx :) > > > > -- > ----- > When one of our products stops working, we'll blame another vendor > within 24 hours. > > --------------------------------------------------------------------- > To unsubscribe from this list please visit: > > http://xircles.codehaus.org/manage_email > >
-- ----- When one of our products stops working, we'll blame another vendor within 24 hours. --------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email
