Thanks, I will try that. In the meantime, what I did was change the the
calling code to execute a TextInputCallback in EncryptedKeyProcessor.
So before was code like this:
if(privkey == null) {
// ask crypto for an alias from the cert so I can get the privkey
// OR get the default user's privkey
}
to something like this:
if(privkey == null) {
// Execute a TextInputCallback and see if we get a privkey, my test
code has access to the envelope and does the lookup based on my customer
headers.
// do the old stuff
}
>From what you are saying, maybe I can modify that a bit and pass in some
more context.
Thanks,
Dan
"Sanjesh Pathak"
<[EMAIL PROTECTED]
.com> To
"'DanD'" <[EMAIL PROTECTED]>,
04/18/2007 03:27 <[email protected]>
PM cc
Subject
RE:
org.apache.ws.security.components.c
rypto.Crypto API question
Dan,
If I understand correctly what you trying to do, one way you could do this
is to get the message context within this method, get your header from the
message context and do cert look up using the header info.
Sanjesh
Real-Time Web Service Monitoring for Java and .NET
SoapKnox Inc
http://www.soapknox.com
Ph: 832 279 3745
-----Original Message-----
From: DanD [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 18, 2007 1:41 PM
To: [email protected]
Subject: org.apache.ws.security.components.crypto.Crypto API question
We use a custom process to access digital certs and private keys and do not
use key stores. To manage this process, I've implemented my own version of
Crypto and gotten it to work for my three use cases (signatures, encryption
and sign/encrypt). My question concerns the method
public String getAliasForX509Cert(Certificate cert) throws
WSSecurityException;
This basically requires me to iterate through every cert in our database to
find a match and then return an alias. Having thousands of certs to search
through makes this a deal breaker. Is it possible to have the section of
code that calls this API function to pass in the headers received with the
SOAP envelope? All of our customers are required to send header
information
that we use to look up the certs. If this can't be patched into the code
base, could someone point me to the set of classes I would need to change
to
implement it myself?
Thanks,
Dan
--
View this message in context:
http://www.nabble.com/org.apache.ws.security.components.crypto.Crypto-API-qu
estion-tf3602581.html#a10064063
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
.
This
message and any attachments contain information from Union Pacific which may be
confidential and/or privileged.
If you are not the intended recipient, be aware that any disclosure, copying,
distribution or use of the contents of this message is strictly prohibited by
law. If you receive this message in error, please contact the sender
immediately and delete the message and any attachments.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
