SecurityTokenReference and wss4j encryption

[An...@mro.com]

Hi
I noticed the generated xml from the tcpmon while I was trying the
encryption [just encryption and no signature] using the wss4j handler and
that contained a EncryptedKey header which is as per the xml encryption
standard. But I was a bit surprised to see the SecurityTokenReference tag
inside that containing the whole certificate [server pub certificate] that
I imported to the clients keystore from server keystore.
So if thats getting passed I figured that we dont need to set the key alias
in the crypto properties file in the server side. And it worked without
specifying that. Somehow all the examples that I have seen so far had that
property mentioned in the crypto properties file on the server side. Am I
missing something or this is the right way of setting up wss4j?

thanks
Anamitra


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org