Hi Tabin! In the client wsdd configuration settings you have to set the encryption properties also, meaning the parameters: encryptionUser (which should be the alias of the certificate used to encrypt), encryptionKeyIdentifier and encryptionPropFile (crypto.properties).
On the server side you have to set the decryptionPropFile (crypto.properties to locate the keystore with the private key that should be used to decrypt). Yes, the encryption is done with the public key so only the owner of the private key can decrypt it. Hope it helps! Emanuel On 2/15/06, Tabin Cédric -[ thecaptain ]- <[EMAIL PROTECTED]> wrote: > Hi all ! > > I'm trying to set up the Signature Encrypt between my client/webservice. > As I can see, the signature & encryption are okay for my client but the > server doesn't work : he throws me an Server Error (not very useful :D). > Here are my configurations : > > CLIENT > ------ > > <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > <transport name="http" > pivot="java:org.apache.axis.transport.http.HTTPSender"/> > <globalConfiguration > > <requestFlow > > <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > > <parameter name="action" value="Signature Encrypt"/> > <parameter name="user" value="privatekey"/> > <parameter name="passwordCallbackClass" > value="eteaching.webservice.security.WSMainPasswordCallback"/> > <parameter name="signaturePropFile" value="crypto.properties" /> > </handler> > </requestFlow> > </globalConfiguration> > </deployment> > > I use the xml like this into axis : > EngineConfiguration config = new FileProvider("mainclientconfig.wsdd"); > MoodleETeachingService service = new MoodleETeachingServiceLocator(config, > url); > > My crypto.properties : > org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin > org.apache.ws.security.crypto.merlin.keystore.type=jks > org.apache.ws.security.crypto.merlin.keystore.password=security > org.apache.ws.security.crypto.merlin.keystore.alias=privatekey > org.apache.ws.security.crypto.merlin.alias.password=security > org.apache.ws.security.crypto.merlin.file=privateKeyStore > > and also my keys into the privateKeyStore : > Type keystore : jks > Fournisseur keystore : SUN > > publickey, 14 fév. 2006, trustedCertEntry, Emprunte du certificat (MD5) : > ..... > privateky, 14 fév. 2004, keyEntry, Emprunte du certificat (MD5) : ..... > > SERVER > ------ > > I also put the same crypto.properties with this deployment file : > <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > > <service name="MoodleETeaching" provider="java:RPC"> > > <requestFlow> > <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> > <parameter name="passwordCallbackClass" > value="eteaching.webservice.security.WSMoodlePasswordCallback"/> > <parameter name="action" value="Signature Encrypt"/> > <parameter name="signaturePropFile" value="crypto.properties" /> > </handler> > </requestFlow> > > <parameter name="scope" value="Session" /> > <parameter name="className" > value="eteaching.webservice.MoodleETeaching"/> > <parameter name="allowedMethods" value="*"/> > > </service> > </deployment> > > I think I've got a problem understanding the using of the certificates > into wss4j (how to say : encrypt with his public key, decrypt with my > private key ?)... > > Thank you for the help :) > > Best regards > > Tabin Cédric > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
