O hEigeartaigh, Colm wrote:
>
>
>> Line 102 and Line 121, does the WSS4J Action here "Timestamp Signature
>> Encrypt" mean the same thing as "Use the X.509 Token Profile" I.e.,
> those
>> three actions are used to activate X.509 profiles?
>
> I don't follow you here. The X.509 Token Profile is largely about how to
> reference X.509 certificates, i.e. for the case of signature to point to
> the public key required to verify the signature. This can be configured
> via WSHandlerConstants.SIG_KEY_ID and WSHandlerConstants.ENC_KEY_ID.
>
What I'm saying is that the UsernameToken profile is implemented using the
Action "UsernameToken". WS-Security has another profile called the "X.509
Token profile"--which I haven't studied yet. But is it the "Signature"
action (or "Signature Encrypt") which activates this profile, like
"UsernameToken" action activates the UT profile?
Thanks,
Glen
--
View this message in context:
http://www.nabble.com/Two-more-questions-on-CXF---WSS4J-tp18279527p18464406.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
