Hi all I'm working with the CXF STS and came across the following issue: I've configured several realms where each realm uses a different certificat/private key to sign the saml assertion. Every keystore (pkcs12 / jks) contains only one private key/cert.
I can configure a signatureAlias per SAMLRealm but I can't configure a signaturePropertiesFile per SAMLRealm. I think it would make sense to allow to configure the following attributes per SAMLRealm: CallbackHandler SignatureProperties signaturePropertiesFile which has higher priority than the global settings in StaticSTSProperties. What are your thoughts? Thanks Oli
