Implementing a KeyStoreInstance manager is the way to go. Currently, the only way to configure it is to go to the JMX mbean associated with the servicemix-http component and change the keystoreManagerName to a new entry in the JNDI tree where you would put your own implementation. You'd also have to register it in the conf/jndi.xml configuration file. This is not very easy, so if you're fancy providing a patch to configure it on the endpoint directly, i'd be happy to apply it.
On Jan 18, 2008 2:31 PM, Sebas Gomez <[EMAIL PROTECTED]> wrote: > Hi. > > Thanks for the quick answer. > > I only retieve the certificate from the card, nothing else. I think the > easiest way of getting the certificate would be implementing a custom > KeyStoreInstance but I can't find the place in the configuration of the > servicemix-http component where to tell ServiceMix to use it. I suppose it > should be in one of the sslParameters, but I don't know which one. > > The other possibility would be to subclass the servicemix-http, but I > think > the easy solution would be the one explained on the paragraph above. > > Would it be possible to implement my custom KeystoreInstance or should I > be > thinking of subclassing the component? > > Best regards. > > Sebastian Gomez > > On Jan 18, 2008 1:24 PM, Guillaume Nodet <[EMAIL PROTECTED]> wrote: > > > I'm not aware of anything done on this subject. > > What kind of data do you retrieve from the smartcard and how ? > > Do you simply retrieve the certificate ? > > servicemix-http uses an abstraction on top of a keystore so you may be > > able to implement you own that would delegate calls to the smartcard > > somehow. > > > > > > > http://svn.apache.org/viewvc/servicemix/smx3/trunk/core/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/keystore/KeystoreInstance.java?revision=602826&view=markup > > > > On Jan 18, 2008 11:07 AM, Sebas Gomez <[EMAIL PROTECTED]> wrote: > > > > > Hello. > > > > > > I need to access a web service secured with WS-Security using a Smart > > > Card. > > > If I had the security certificate in local, I know I could set the > > > http:sslParameters with the path of the keystore and its keystore > > > password, > > > but this is not the case. > > > > > > I suppose I will have to extend either servicemix-http or > servicemix-cxf > > > to > > > support reading smart cards, but I don't know if there is an easier > > > workaround. > > > > > > Is there anything similar already implemented? If not, I would > > appreciate > > > any kind of indication as to what would be the best way to solve this > > > problem. > > > > > > Best regards. > > > > > > Sebastian Gomez > > > > > > > > > > > -- > > Cheers, > > Guillaume Nodet > > ------------------------ > > Blog: http://gnodet.blogspot.com/ > > > -- Cheers, Guillaume Nodet ------------------------ Blog: http://gnodet.blogspot.com/
