If you are using either Axis1 or Axis2 handlers then you might have look into the javadoc of WSHandlerConstants and search for the following parameter description:
/** * Specifying this name as [EMAIL PROTECTED] ENCRYPTION_USER} * triggers a special action to get the public key to use for encryption. * <p/> * The handler uses the public key of the sender's certificate. Using this * way to define an encryption key simplifies certificate management to * a large extend. */ public static final String USE_REQ_SIG_CERT = "useReqSigCert"; This effectively takes the public key of the client's certificate and uses if to encrypt the session key of the answer. Please have a look into the WSS4J FAQ <http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ>, and the secion 9 that shows how to handle this. Regards, Werner ________________________________ Von: ext Waclaw Borowiec [mailto:[EMAIL PROTECTED] Gesendet: Dienstag, 1. Mai 2007 13:15 An: [email protected] Betreff: client public key Hello I want to provide a service with two-way encryption. I don't want client's public key to be permanently stored on server's side. Is it possible to fetch client's certificate when he sends the request and use it for encryption of the answer? I'll be grateful for any help Waclaw Borowiec --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
