I want to make sure it is unneeded for encryption, but retained for signatures.
I'm new at this, but encrypting, from the client's perspective, involves working with the public key of the server. That public key is stored in a trust store for the client. It should *not* require a callback password to obtain the server's public key. As far as I can tell, callbacks for key passwords should only be needed when working with private keys--basically, when the client is signing the SOAP message with its own private key. Thanks, Glen Fred Dushin-4 wrote: > > Okay, maybe I misunderstood your question, then. > > If you have to encrypt, then why are you trying to remove the callback? > > On Jul 24, 2008, at 11:10 PM, Glen Mazza wrote: > >> >> No, my goal is Sig/Encrypt/Timestamp. Anyway, I'll continue coding >> it, and >> let you know if it turns out that WSS4J is asking for a key (not >> keystore) >> password to obtain a public certificate in a truststore. I don't >> think it >> will though. >> >> Thanks, >> Glen >> >> >> Fred Dushin-4 wrote: >>> >>> Are you sure a callback is needed if your action is only Signature >>> (and Timestamp)? Y/Our client.xml [1] has Encrypt as an action. >>> >>> You should not need a callback for signature only, I'm pretty sure, >>> though my experience has been writing against lower-level WSS4J APIs. >>> >>> Sorry, should be reading the CXF lists more closely... >>> >>> -Fred >>> >>> [1] >>> http://svn.apache.org/viewvc/cxf/trunk/systests/src/test/java/org/apache/cxf/systest/ws/security/client.xml?revision=679390&view=markup >>> >>> On Jul 24, 2008, at 5:53 PM, Glen Mazza wrote: >>> >>>> >>>> Hello, I asked this question this morning on the CXF list--no >>>> response--but >>>> since it seems to be at least as much WSS4J related as CXF-related, >>>> I was >>>> wondering if anybody here could answer it: >>>> >>>> http://www.nabble.com/KeystorePasswordCallback-in-CXF%27s-WS-Security-sample-tc18631505.html >>>> >>>> Thanks, >>>> Glen >>>> -- >>>> View this message in context: >>>> http://www.nabble.com/Does-WSS4J-need-key-passwords-to-read-public-keys-from-a-truststore--tp18641318p18641318.html >>>> Sent from the WSS4J mailing list archive at Nabble.com. >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>> For additional commands, e-mail: [EMAIL PROTECTED] >>>> >>>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >> >> -- >> View this message in context: >> http://www.nabble.com/Does-WSS4J-need-key-passwords-to-read-public-keys-from-a-truststore--tp18641318p18644439.html >> Sent from the WSS4J mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Does-WSS4J-need-key-passwords-to-read-public-keys-from-a-truststore--tp18641318p18661912.html Sent from the WSS4J mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
