Hello All,
In the CXF StaticSTSProperties, support for the private key password is
provided through the password callback handler class.
It can be configured in the STS bean as follows:
<bean id="transportSTSProperties"
class="org.apache.cxf.sts.StaticSTSProperties">
<property name="signaturePropertiesFile"
value="stsKeystore.properties" />
<property name="signatureUsername"
value="${STS.keystore.alias}" />
<property name="callbackHandlerClass"
value="org.ojbc.ads.PasswordCallbackHandler" />
<property name="issuer" value="myTokenIssuer" />
</bean>
I would like to use a dynamically configured Spring bean as a Callback
handler because then I can store the passwords for the private key in a
configuration on the server and not check it into source.
The STS does check to see if CallbackHandler is an object so maybe the
callbackHandlerClass variable can be changed from a String to an Object
private String callbackHandlerClass;
callbackHandler = getCallbackHandler(callbackHandlerClass);
private CallbackHandler getCallbackHandler(Object o) {
CallbackHandler handler = null;
if (o instanceof CallbackHandler) {
handler = (CallbackHandler)o;
}
On the JaxWS endpoint, you can set a value-ref to a custom bean for the
password callback handler:
<entry key="ws-security.callback-handler" value-ref="MyCallbackHandler" />
Did I miss how to configure this properly in StaticSTSProperties? Or should
I create a JIRA to support this?
Thanks,
Yogesh
--
View this message in context:
http://cxf.547215.n5.nabble.com/CXF-STS-callbackHandlerClass-dynamic-configuration-tp5721597.html
Sent from the cxf-user mailing list archive at Nabble.com.
