> For instance, user should not be required because I am doing Signature and > not "Username Token" so why do I need this. There is no equivalent in a > Signature/JKS to the user.
The user corresponds to the alias of the key you're getting from the KeyStore to sign the message. > Also, if I want to do X.509...is the signatureKeyIdentifier supposed to be > X509KeyIdentifier? The "signatureKeyIdentifier" config option gives you more control about how to reference the key needed to verify the signature. By default the Issuer name and serial number of the certificate are used. If you want to include the certificate itself, you can specify "DirectReference" instead. Colm. On Sat, Mar 5, 2011 at 1:33 AM, jaybytez <[email protected]> wrote: > This is absolutely a critical path for me...I would appreciate anyone who has > experience. > > We are trying to do X.509 Signature on the message and use SSL. > > I just don't understand what the WSS4J is doing under the covers. > > For instance, user should not be required because I am doing Signature and > not "Username Token" so why do I need this. There is no equivalent in a > Signature/JKS to the user. > > Is the user supposed to equate to the owner or issuer? > > Also, if I want to do X.509...is the signatureKeyIdentifier supposed to be > X509KeyIdentifier? > > Thanks for your time....jay > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/CXF-with-Digital-Signatures-tp3408690p3410361.html > Sent from the cxf-user mailing list archive at Nabble.com. >
