Werner Dittmann wrote:
Can you have a look (google :-) ) for the option "useReqSigCert"?
At least in the WSS4J Axis handler this oprion triggers a specical
action. This could be the option you a looking for. Ther sever
uses the clients's certificate to encrypt the response, the client
uses its certificate to sign its request, the clients must use
"DirectReference" to submit its certificate in the request. This
works for any number of clients.
I don't know if this option is also available in CFX.
Regards,
Werner
1. Yes, CXF was having a value "useReqSigCert" for "encryptionUser"
property. You require to check it now.
2. The other way I know is to have signature from every client to server
message with signature key identifier as Direct Reference. This will
embed clients public key in the request message. You require to extract
out the certificate from in WSHandler, put it into the context of
message, so that the encryptionAction can then use the certificate to
encrypt the response to client. But, the cost to this approach is a)
Signature (any) is required in every incoming message b) you require to
tweak the WSS4J WSHandler code.
3. The third way is to use WS-Trust and specify "public key" as proof key.
With Regards,
Mayank
Cleber Moura schrieb:
Hi,
I have the fallowing scenario:
Server Side:
A webservice deployed on JBoss with CXF Stack for webservices. Using
ws-security for signing and encryptation of IN and OUT messages with X509
certificates.
Cliente Side:
Multiple clients also using ws-security for signing and encryptation of IN
and OUT messages.
The question is: How can the server encrypt the OUT message with the same
certificate of the IN message? The samples I've found only have the 1-to-1
scenario (one server to one client).
Thanks!
Cleber.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
