You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/10/11 16:51:20 UTC

[jira] [Commented] (CXF-7086) Dynamically load signature validation keys using KeyName

    [ https://issues.apache.org/jira/browse/CXF-7086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15565958#comment-15565958 ] 

ASF GitHub Bot commented on CXF-7086:
-------------------------------------

GitHub user spark404 opened a pull request:

    https://github.com/apache/cxf/pull/177

    CXF-7086 Add a Map with KeyNames and aliases to configure xmlsec

    This patch is related to https://github.com/apache/santuario-java/pull/8
    
    The goal is to have a solution where the "user" of the XmlSecInInterceptor can specify a map of KeyNames and the keystore aliases that contain the keys to use during the signature validation.
    
    (and possibly also decryption, but that i haven't looked at yet)
    
    Looking for feedback

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/spark404/cxf CXF-7086

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cxf/pull/177.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #177
    
----
commit c297508e7e3b4e69c0824a6faa846ab1e54cd9b1
Author: Hugo Trippaers <ht...@schubergphilis.com>
Date:   2016-10-11T14:52:42Z

    CXF-7084 Add a configurable KeyName value using the properties

commit 2562213e6c8710201a70e9dd40374af5521a9607
Author: Hugo Trippaers <ht...@schubergphilis.com>
Date:   2016-10-11T16:45:02Z

    CXF-7086 Use a map of KeyName and aliases to fill the KeyName lookup map in the XMLSecurityProperties

----


> Dynamically load signature validation keys using KeyName
> --------------------------------------------------------
>
>                 Key: CXF-7086
>                 URL: https://issues.apache.org/jira/browse/CXF-7086
>             Project: CXF
>          Issue Type: New Feature
>          Components: JAX-RS Security
>            Reporter: Hugo Trippaers
>            Priority: Minor
>
> The current implementation of handling incoming messages with a KeyName identifier is to rely on a single "default" key. The SignatureValidationKey. However it is possible to have multiple different KeyNames and the expected behaviour is to select the right certificate based on the KeyName.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)