Sorry, that's part of our own code. I got tired of hunting down all the
possible property keys in Merlin and elsewhere.
'org.apache.ws.security.crypto.merlin.keystore.type' for keystore_type,
and value of 'PKCS12'. Depending on what you're using merlin for
encryption/decryption, signature checking, etc. You may need to check
for other defaults.
You still end up non-intuitive areas for stuff like decryption where
you'll set your base properties in the Sender/Receiver but handle the
private key in your callback.
For your other question, it looks like TestWSSecurityHooks.java has some
examples on using WSDoAllSender/Receiver.
-Mike
Christopher S. Johnson wrote:
> Mike -
>
> You are referring to the method found in TestWSSecrutyHooks.java right?
>
Christopher S. Johnson wrote:
Mike -
I cant seem to find any record of Wss4jConstants.java or any file that
contains anything like WSS4J_MERLIN_KEYSTORE_TYPE
Regards
..Chris
On Tue, 11 Oct 2005, Mike wrote:
Subclass merlin and WSDoAll{Sender, Receiver} so that you control the
creation of crypto. You can then manually set your keystore and
properties in the constructor of your new nerlin class. Merlin will
nicely initialize w/o requiring properties on startup and will not
attempt to load a keystore if it notices it doesn't have properties.
public class CachedMerlin extends Merlin{
/** Creates a new instance of CachedMerlin */
public CachedMerlin(Properties p, KeyStore ks) throws
CredentialException, IOException {
super(null);
// set keystore to use
if (ks == null) {
throw new
CredentialException(CredentialException.FAILURE,"Cached keystore not
set", (Object[])null);
}
super.setKeyStore(ks);
// set Merlin properties from input
if (p != null) {
properties = new Properties(p);
} else {
properties = new Properties();
}
if
(!properties.containsKey(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE)) {
properties.setProperty(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE,
Wss4jConstants.WSS4J_DEFAULT_KEYSTORE_TYPE);
}
...
...
Christopher S. Johnson wrote:
Arun -
Thanks for the feedback, but the keystore is in memeory rather then on
disk so org.apache.ws.security.crypto.merlin.file wont work for me.. any
other ideas?
Thanks
..Chris
On Sun, 9 Oct 2005, Soactive Inc wrote:
I agree. In most cases, expecting properties files on the server for this
data seems impractical. I overcame this by constructing and using a
Properties object at run time from the related data.
So, you can write a simple function to convert the data that you have to a
Properties object:
E.g.
public Properties getProperties() {
Properties props = new Properties();
props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
props.put("org.apache.ws.security.crypto.merlin.keystore.password",
passwordString);
props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
return props;
}
Then, use the Properties object to construct the Crypto object instance that
you typically need for most security/access-related API:
Properties props = getProperties();
Crypto _crypto =
CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
props);
// proceed to actual access/security logic using _crypto
Hope this helps,
-Arun
On 10/7/05, Christopher S. Johnson <[EMAIL PROTECTED]> wrote:
I'm trying to programmatically sign soap messages using the _setProperty()
procedure as described on the wss4j web page
(http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
be fairly easy but I've come across a stumbling block. It seems simple
enough to pass in the 'signaturePropFile' value yet my clients wont have a
anything like a crypto.properties file but I will know everything that
should be in the crypto.properties file in memory, I'll have a in memory
keystore, password and know the keystore type. How do I pass the in
memory crypto.properties to wss4j?
Thanks
--
Chris Johnson
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Chris Johnson
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Chris Johnson
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
