Would this answer your question:
http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html?revision=1364769&view=co
Glen
On 05/07/2013 06:22 AM, snowch wrote:
Hi Glen,
Thanks for the response.
How does the CXF STS know where to look for the truststore?
Looking through the following configuration
(/fediz-idp-sts/src/main/webapp/WEB-INF/cxf-transport.xml), it seems that
only the outgoing encryption/signing is being configured:
<bean id="transportSTSProperties"
class="org.apache.cxf.sts.StaticSTSProperties">
<property name="signaturePropertiesFile"
value="stsKeystore.properties" />
<property name="signatureUsername" value="mystskey" />
<property name="callbackHandlerClass"
value="org.apache.cxf.fediz.service.sts.PasswordCallbackHandler" />
<property name="encryptionPropertiesFile"
value="stsKeystore.properties"
/>
<property name="issuer" value="DoubleItSTSIssuer" />
<property name="encryptionUsername" value="myservicekey" />
</bean>
Unless some of the above setters are configuring the incoming
decryption/signature verification?
Many thanks,
Chris
--
View this message in context:
http://cxf.547215.n5.nabble.com/Fediz-STS-how-does-it-know-where-to-find-the-public-certs-for-verifying-the-UsernameToken-in-the-IDP-tp5727184p5727336.html
Sent from the cxf-user mailing list archive at Nabble.com.
