Yes, it should be possible. Colm.
On Wed, May 15, 2013 at 1:18 PM, Ted Roeloffzen <[email protected]>wrote: > Is it Possible to use the CertificateStore as CryptoProvider and > instantiate that with the X509Certificate that i retreive from the > database? > > Ted > > > 2013/5/15 Colm O hEigeartaigh <[email protected]> > > > WSS4J uses a "Crypto" provider to retrieve certificates + private keys > for > > encrypting/signing etc. So to get a key from a database, you will have to > > implement your own Crypto provider and plug it in to CXF/WSS4J. > > > > Colm. > > > > > > On Wed, May 15, 2013 at 9:17 AM, Ted Roeloffzen < > [email protected] > > >wrote: > > > > > We don't have a keystore, but the certificate is persisted in a > database. > > > I have to retrieve it from the database and give it to cxf, but is that > > > even possible? > > > I can't seem to find any documentation on that > > > > > > best regards, > > > > > > Ted > > > > > > > > > 2013/5/15 Ted Roeloffzen <[email protected]> > > > > > > > Okay thanks. > > > > This is a first step. > > > > My problem lies in the fact that the action is not Username_token, > but > > > > timestap signature > > > > > > > > best regards, > > > > > > > > Ted > > > > > > > > > > > > 2013/5/15 Ted <[email protected]> > > > > > > > >> Not sure if this is the official way or not, but this is how I do > it : > > > >> > > > >> AccountWsService service = new AccountWsService("...")); > > > >> port = service.getAccountWsPort(); > > > >> > > > >> Client cxfClient = ClientProxy.getClient(port); > > > >> cxfClient.getOutInterceptors().add(new > > > >> AuthenticationOutWSS4JInterceptor(user, password)); > > > >> > > > >> where AuthenticationOutWSS4JInterceptor looks a little like : > > > >> > > > >> public class AuthenticationOutWSS4JInterceptor extends > > > >> WSS4JOutInterceptor implements CallbackHandler > > > >> { > > > >> private String password = null; > > > >> > > > >> /** > > > >> * @param user can be userId or userName, all > depends > > on > > > >> what the > > > >> received requires > > > >> * @param password can be password or securityToken, > > all > > > >> depends on > > > >> what the received requires > > > >> */ > > > >> public AuthenticationOutWSS4JInterceptor(Object > user, > > > >> String password) > > > >> { > > > >> this.password = password; > > > >> > > > >> HashMap<String, Object> properties = new > > > >> HashMap<String, Object>(); > > > >> properties.put(WSHandlerConstants.ACTION, > > > >> WSHandlerConstants.USERNAME_TOKEN); > > > >> properties.put(WSHandlerConstants.USER, > > > >> user.toString()); > > > >> > > properties.put(WSHandlerConstants.PASSWORD_TYPE, > > > >> WSConstants.PW_TEXT); > > > >> > > > >> properties.put(WSHandlerConstants.PW_CALLBACK_REF, this); > > > >> > > > >> setProperties(properties); > > > >> } > > > >> > > > >> @Override > > > >> public void handle(Callback[] callbacks) throws > > > >> IOException, > > > >> UnsupportedCallbackException > > > >> { > > > >> for (Callback callback : callbacks) > > > >> { > > > >> if (callback instanceof > > > >> WSPasswordCallback) > > > >> { > > > >> WSPasswordCallback > > > >> wsPasswordCallback = (WSPasswordCallback)callback; > > > >> > > > >> wsPasswordCallback.setPassword(password); > > > >> } > > > >> } > > > >> } > > > >> } > > > >> > > > >> On 5/14/13, Ted Roeloffzen <[email protected]> wrote: > > > >> > Good day all, > > > >> > > > > >> > At this moment I'm working on a webservice-client that has to use > > > >> > WS-Security, but i can't seem to figure out how configure CXF that > > it > > > >> fills > > > >> > the SOAP-header in the correct way. > > > >> > We don't use Spring for the configuration, so everything has to be > > > >> > configured via the API. > > > >> > > > > >> > We need to have a timestamp, a signature and also a binary > security > > > >> token. > > > >> > The Canonicalization-algorithm is xml-exc-c14 > > > >> > The signature-algorithm is RSA-SHA256 > > > >> > > > > >> > can someone point me in the right direction for this? > > > >> > > > > >> > I've already created a WSS4JInInterceptor and a > WSS4JOutInterceptor. > > > >> > Both with a properties-map containing an Action = Timestap > > Signature, > > > >> > signatureAlgorithm = " > > > http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 > > > >> " > > > >> > and signatureDigestAlgorithm = " > > > http://www.w3.org/2001/04/xmlenc#sha256 > > > >> " > > > >> > > > > >> > do I need to configure anymore other than adding a certificate to > > the > > > >> > keystore? > > > >> > > > > >> > thanks in advance. > > > >> > > > > >> > kind regards, > > > >> > > > > >> > Ted > > > >> > > > > >> > > > >> > > > >> -- > > > >> Ted. > > > >> > > > > > > > > > > > > > > > > > > > -- > > Colm O hEigeartaigh > > > > Talend Community Coder > > http://coders.talend.com > > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
