You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "Christopher S. Johnson" <jo...@clarkson.edu> on 2005/10/07 15:15:54 UTC
programmatically set crypto.properties
I'm trying to programmatically sign soap messages using the _setProperty()
procedure as described on the wss4j web page
(http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
be fairly easy but I've come across a stumbling block. It seems simple
enough to pass in the 'signaturePropFile' value yet my clients wont have a
anything like a crypto.properties file but I will know everything that
should be in the crypto.properties file in memory, I'll have a in memory
keystore, password and know the keystore type. How do I pass the in
memory crypto.properties to wss4j?
Thanks
--
Chris Johnson
johnsocs@clarkson.edu
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by "Christopher S. Johnson" <jo...@clarkson.edu>.
Mike -
You are referring to the method found in TestWSSecrutyHooks.java right?
On Tue, 11 Oct 2005, Mike wrote:
>
> Subclass merlin and WSDoAll{Sender, Receiver} so that you control the
> creation of crypto. You can then manually set your keystore and
> properties in the constructor of your new nerlin class. Merlin will
> nicely initialize w/o requiring properties on startup and will not
> attempt to load a keystore if it notices it doesn't have properties.
>
> public class CachedMerlin extends Merlin{
>
>
> /** Creates a new instance of CachedMerlin */
> public CachedMerlin(Properties p, KeyStore ks) throws
> CredentialException, IOException {
> super(null);
>
> // set keystore to use
> if (ks == null) {
> throw new
> CredentialException(CredentialException.FAILURE,"Cached keystore not
> set", (Object[])null);
> }
> super.setKeyStore(ks);
>
> // set Merlin properties from input
> if (p != null) {
> properties = new Properties(p);
> } else {
> properties = new Properties();
> }
>
> if
> (!properties.containsKey(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE)) {
>
> properties.setProperty(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE,
> Wss4jConstants.WSS4J_DEFAULT_KEYSTORE_TYPE);
> }
> ...
> ...
>
> Christopher S. Johnson wrote:
> > Arun -
> >
> > Thanks for the feedback, but the keystore is in memeory rather then on
> > disk so org.apache.ws.security.crypto.merlin.file wont work for me.. any
> > other ideas?
> >
> > Thanks
> > ..Chris
> >
> > On Sun, 9 Oct 2005, Soactive Inc wrote:
> >
> >
> >>I agree. In most cases, expecting properties files on the server for this
> >>data seems impractical. I overcame this by constructing and using a
> >>Properties object at run time from the related data.
> >>
> >>So, you can write a simple function to convert the data that you have to a
> >>Properties object:
> >>
> >>E.g.
> >>
> >>public Properties getProperties() {
> >>Properties props = new Properties();
> >>props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
> >>props.put("org.apache.ws.security.crypto.merlin.keystore.password",
> >>passwordString);
> >>props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
> >>
> >>return props;
> >>}
> >>
> >>Then, use the Properties object to construct the Crypto object instance that
> >>you typically need for most security/access-related API:
> >>
> >>Properties props = getProperties();
> >>Crypto _crypto =
> >>CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
> >>props);
> >>
> >>// proceed to actual access/security logic using _crypto
> >>
> >>Hope this helps,
> >>-Arun
> >>
> >>On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
> >>
> >>>I'm trying to programmatically sign soap messages using the _setProperty()
> >>>procedure as described on the wss4j web page
> >>>(http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
> >>>be fairly easy but I've come across a stumbling block. It seems simple
> >>>enough to pass in the 'signaturePropFile' value yet my clients wont have a
> >>>anything like a crypto.properties file but I will know everything that
> >>>should be in the crypto.properties file in memory, I'll have a in memory
> >>>keystore, password and know the keystore type. How do I pass the in
> >>>memory crypto.properties to wss4j?
> >>>
> >>>Thanks
> >>>
> >>>--
> >>>Chris Johnson
> >>>johnsocs@clarkson.edu
> >>>
> >>>---------------------------------------------------------------------
> >>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> >>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >>>
> >>>
> >>
> >
> > --
> > Chris Johnson
> > johnsocs@clarkson.edu
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
Chris Johnson
johnsocs@clarkson.edu
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by "Christopher S. Johnson" <jo...@clarkson.edu>.
Mike -
You are referring to the method found in TestWSSecrutyHooks.java right?
On Tue, 11 Oct 2005, Mike wrote:
>
> Subclass merlin and WSDoAll{Sender, Receiver} so that you control the
> creation of crypto. You can then manually set your keystore and
> properties in the constructor of your new nerlin class. Merlin will
> nicely initialize w/o requiring properties on startup and will not
> attempt to load a keystore if it notices it doesn't have properties.
>
> public class CachedMerlin extends Merlin{
>
>
> /** Creates a new instance of CachedMerlin */
> public CachedMerlin(Properties p, KeyStore ks) throws
> CredentialException, IOException {
> super(null);
>
> // set keystore to use
> if (ks == null) {
> throw new
> CredentialException(CredentialException.FAILURE,"Cached keystore not
> set", (Object[])null);
> }
> super.setKeyStore(ks);
>
> // set Merlin properties from input
> if (p != null) {
> properties = new Properties(p);
> } else {
> properties = new Properties();
> }
>
> if
> (!properties.containsKey(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE)) {
>
> properties.setProperty(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE,
> Wss4jConstants.WSS4J_DEFAULT_KEYSTORE_TYPE);
> }
> ...
> ...
>
> Christopher S. Johnson wrote:
> > Arun -
> >
> > Thanks for the feedback, but the keystore is in memeory rather then on
> > disk so org.apache.ws.security.crypto.merlin.file wont work for me.. any
> > other ideas?
> >
> > Thanks
> > ..Chris
> >
> > On Sun, 9 Oct 2005, Soactive Inc wrote:
> >
> >
> >>I agree. In most cases, expecting properties files on the server for this
> >>data seems impractical. I overcame this by constructing and using a
> >>Properties object at run time from the related data.
> >>
> >>So, you can write a simple function to convert the data that you have to a
> >>Properties object:
> >>
> >>E.g.
> >>
> >>public Properties getProperties() {
> >>Properties props = new Properties();
> >>props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
> >>props.put("org.apache.ws.security.crypto.merlin.keystore.password",
> >>passwordString);
> >>props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
> >>
> >>return props;
> >>}
> >>
> >>Then, use the Properties object to construct the Crypto object instance that
> >>you typically need for most security/access-related API:
> >>
> >>Properties props = getProperties();
> >>Crypto _crypto =
> >>CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
> >>props);
> >>
> >>// proceed to actual access/security logic using _crypto
> >>
> >>Hope this helps,
> >>-Arun
> >>
> >>On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
> >>
> >>>I'm trying to programmatically sign soap messages using the _setProperty()
> >>>procedure as described on the wss4j web page
> >>>(http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
> >>>be fairly easy but I've come across a stumbling block. It seems simple
> >>>enough to pass in the 'signaturePropFile' value yet my clients wont have a
> >>>anything like a crypto.properties file but I will know everything that
> >>>should be in the crypto.properties file in memory, I'll have a in memory
> >>>keystore, password and know the keystore type. How do I pass the in
> >>>memory crypto.properties to wss4j?
> >>>
> >>>Thanks
> >>>
> >>>--
> >>>Chris Johnson
> >>>johnsocs@clarkson.edu
> >>>
> >>>---------------------------------------------------------------------
> >>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> >>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >>>
> >>>
> >>
> >
> > --
> > Chris Johnson
> > johnsocs@clarkson.edu
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
Chris Johnson
johnsocs@clarkson.edu
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by Mike <to...@umiacs.umd.edu>.
Sorry, that's part of our own code. I got tired of hunting down all the
possible property keys in Merlin and elsewhere.
'org.apache.ws.security.crypto.merlin.keystore.type' for keystore_type,
and value of 'PKCS12'. Depending on what you're using merlin for
encryption/decryption, signature checking, etc. You may need to check
for other defaults.
You still end up non-intuitive areas for stuff like decryption where
you'll set your base properties in the Sender/Receiver but handle the
private key in your callback.
For your other question, it looks like TestWSSecurityHooks.java has some
examples on using WSDoAllSender/Receiver.
-Mike
Christopher S. Johnson wrote:
> Mike -
>
> You are referring to the method found in TestWSSecrutyHooks.java right?
>
Christopher S. Johnson wrote:
> Mike -
>
> I cant seem to find any record of Wss4jConstants.java or any file that
> contains anything like WSS4J_MERLIN_KEYSTORE_TYPE
>
> Regards
> ..Chris
>
>
> On Tue, 11 Oct 2005, Mike wrote:
>
>
>>Subclass merlin and WSDoAll{Sender, Receiver} so that you control the
>>creation of crypto. You can then manually set your keystore and
>>properties in the constructor of your new nerlin class. Merlin will
>>nicely initialize w/o requiring properties on startup and will not
>>attempt to load a keystore if it notices it doesn't have properties.
>>
>>public class CachedMerlin extends Merlin{
>>
>>
>> /** Creates a new instance of CachedMerlin */
>> public CachedMerlin(Properties p, KeyStore ks) throws
>>CredentialException, IOException {
>> super(null);
>>
>> // set keystore to use
>> if (ks == null) {
>> throw new
>>CredentialException(CredentialException.FAILURE,"Cached keystore not
>>set", (Object[])null);
>> }
>> super.setKeyStore(ks);
>>
>> // set Merlin properties from input
>> if (p != null) {
>> properties = new Properties(p);
>> } else {
>> properties = new Properties();
>> }
>>
>> if
>>(!properties.containsKey(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE)) {
>>
>>properties.setProperty(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE,
>>Wss4jConstants.WSS4J_DEFAULT_KEYSTORE_TYPE);
>> }
>>...
>>...
>>
>>Christopher S. Johnson wrote:
>>
>>>Arun -
>>>
>>>Thanks for the feedback, but the keystore is in memeory rather then on
>>>disk so org.apache.ws.security.crypto.merlin.file wont work for me.. any
>>>other ideas?
>>>
>>>Thanks
>>>..Chris
>>>
>>>On Sun, 9 Oct 2005, Soactive Inc wrote:
>>>
>>>
>>>
>>>>I agree. In most cases, expecting properties files on the server for this
>>>>data seems impractical. I overcame this by constructing and using a
>>>>Properties object at run time from the related data.
>>>>
>>>>So, you can write a simple function to convert the data that you have to a
>>>>Properties object:
>>>>
>>>>E.g.
>>>>
>>>>public Properties getProperties() {
>>>>Properties props = new Properties();
>>>>props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
>>>>props.put("org.apache.ws.security.crypto.merlin.keystore.password",
>>>>passwordString);
>>>>props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
>>>>
>>>>return props;
>>>>}
>>>>
>>>>Then, use the Properties object to construct the Crypto object instance that
>>>>you typically need for most security/access-related API:
>>>>
>>>>Properties props = getProperties();
>>>>Crypto _crypto =
>>>>CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
>>>>props);
>>>>
>>>>// proceed to actual access/security logic using _crypto
>>>>
>>>>Hope this helps,
>>>>-Arun
>>>>
>>>>On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
>>>>
>>>>
>>>>>I'm trying to programmatically sign soap messages using the _setProperty()
>>>>>procedure as described on the wss4j web page
>>>>>(http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
>>>>>be fairly easy but I've come across a stumbling block. It seems simple
>>>>>enough to pass in the 'signaturePropFile' value yet my clients wont have a
>>>>>anything like a crypto.properties file but I will know everything that
>>>>>should be in the crypto.properties file in memory, I'll have a in memory
>>>>>keystore, password and know the keystore type. How do I pass the in
>>>>>memory crypto.properties to wss4j?
>>>>>
>>>>>Thanks
>>>>>
>>>>>--
>>>>>Chris Johnson
>>>>>johnsocs@clarkson.edu
>>>>>
>>>>>---------------------------------------------------------------------
>>>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>>>
>>>>>
>>>>
>>>--
>>>Chris Johnson
>>>johnsocs@clarkson.edu
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>
>
> --
> Chris Johnson
> johnsocs@clarkson.edu
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by Mike <to...@umiacs.umd.edu>.
Sorry, that's part of our own code. I got tired of hunting down all the
possible property keys in Merlin and elsewhere.
'org.apache.ws.security.crypto.merlin.keystore.type' for keystore_type,
and value of 'PKCS12'. Depending on what you're using merlin for
encryption/decryption, signature checking, etc. You may need to check
for other defaults.
You still end up non-intuitive areas for stuff like decryption where
you'll set your base properties in the Sender/Receiver but handle the
private key in your callback.
For your other question, it looks like TestWSSecurityHooks.java has some
examples on using WSDoAllSender/Receiver.
-Mike
Christopher S. Johnson wrote:
> Mike -
>
> You are referring to the method found in TestWSSecrutyHooks.java right?
>
Christopher S. Johnson wrote:
> Mike -
>
> I cant seem to find any record of Wss4jConstants.java or any file that
> contains anything like WSS4J_MERLIN_KEYSTORE_TYPE
>
> Regards
> ..Chris
>
>
> On Tue, 11 Oct 2005, Mike wrote:
>
>
>>Subclass merlin and WSDoAll{Sender, Receiver} so that you control the
>>creation of crypto. You can then manually set your keystore and
>>properties in the constructor of your new nerlin class. Merlin will
>>nicely initialize w/o requiring properties on startup and will not
>>attempt to load a keystore if it notices it doesn't have properties.
>>
>>public class CachedMerlin extends Merlin{
>>
>>
>> /** Creates a new instance of CachedMerlin */
>> public CachedMerlin(Properties p, KeyStore ks) throws
>>CredentialException, IOException {
>> super(null);
>>
>> // set keystore to use
>> if (ks == null) {
>> throw new
>>CredentialException(CredentialException.FAILURE,"Cached keystore not
>>set", (Object[])null);
>> }
>> super.setKeyStore(ks);
>>
>> // set Merlin properties from input
>> if (p != null) {
>> properties = new Properties(p);
>> } else {
>> properties = new Properties();
>> }
>>
>> if
>>(!properties.containsKey(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE)) {
>>
>>properties.setProperty(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE,
>>Wss4jConstants.WSS4J_DEFAULT_KEYSTORE_TYPE);
>> }
>>...
>>...
>>
>>Christopher S. Johnson wrote:
>>
>>>Arun -
>>>
>>>Thanks for the feedback, but the keystore is in memeory rather then on
>>>disk so org.apache.ws.security.crypto.merlin.file wont work for me.. any
>>>other ideas?
>>>
>>>Thanks
>>>..Chris
>>>
>>>On Sun, 9 Oct 2005, Soactive Inc wrote:
>>>
>>>
>>>
>>>>I agree. In most cases, expecting properties files on the server for this
>>>>data seems impractical. I overcame this by constructing and using a
>>>>Properties object at run time from the related data.
>>>>
>>>>So, you can write a simple function to convert the data that you have to a
>>>>Properties object:
>>>>
>>>>E.g.
>>>>
>>>>public Properties getProperties() {
>>>>Properties props = new Properties();
>>>>props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
>>>>props.put("org.apache.ws.security.crypto.merlin.keystore.password",
>>>>passwordString);
>>>>props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
>>>>
>>>>return props;
>>>>}
>>>>
>>>>Then, use the Properties object to construct the Crypto object instance that
>>>>you typically need for most security/access-related API:
>>>>
>>>>Properties props = getProperties();
>>>>Crypto _crypto =
>>>>CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
>>>>props);
>>>>
>>>>// proceed to actual access/security logic using _crypto
>>>>
>>>>Hope this helps,
>>>>-Arun
>>>>
>>>>On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
>>>>
>>>>
>>>>>I'm trying to programmatically sign soap messages using the _setProperty()
>>>>>procedure as described on the wss4j web page
>>>>>(http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
>>>>>be fairly easy but I've come across a stumbling block. It seems simple
>>>>>enough to pass in the 'signaturePropFile' value yet my clients wont have a
>>>>>anything like a crypto.properties file but I will know everything that
>>>>>should be in the crypto.properties file in memory, I'll have a in memory
>>>>>keystore, password and know the keystore type. How do I pass the in
>>>>>memory crypto.properties to wss4j?
>>>>>
>>>>>Thanks
>>>>>
>>>>>--
>>>>>Chris Johnson
>>>>>johnsocs@clarkson.edu
>>>>>
>>>>>---------------------------------------------------------------------
>>>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>>>
>>>>>
>>>>
>>>--
>>>Chris Johnson
>>>johnsocs@clarkson.edu
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>
>
> --
> Chris Johnson
> johnsocs@clarkson.edu
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by Mike <to...@umiacs.umd.edu>.
Subclass merlin and WSDoAll{Sender, Receiver} so that you control the
creation of crypto. You can then manually set your keystore and
properties in the constructor of your new nerlin class. Merlin will
nicely initialize w/o requiring properties on startup and will not
attempt to load a keystore if it notices it doesn't have properties.
public class CachedMerlin extends Merlin{
/** Creates a new instance of CachedMerlin */
public CachedMerlin(Properties p, KeyStore ks) throws
CredentialException, IOException {
super(null);
// set keystore to use
if (ks == null) {
throw new
CredentialException(CredentialException.FAILURE,"Cached keystore not
set", (Object[])null);
}
super.setKeyStore(ks);
// set Merlin properties from input
if (p != null) {
properties = new Properties(p);
} else {
properties = new Properties();
}
if
(!properties.containsKey(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE)) {
properties.setProperty(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE,
Wss4jConstants.WSS4J_DEFAULT_KEYSTORE_TYPE);
}
...
...
Christopher S. Johnson wrote:
> Arun -
>
> Thanks for the feedback, but the keystore is in memeory rather then on
> disk so org.apache.ws.security.crypto.merlin.file wont work for me.. any
> other ideas?
>
> Thanks
> ..Chris
>
> On Sun, 9 Oct 2005, Soactive Inc wrote:
>
>
>>I agree. In most cases, expecting properties files on the server for this
>>data seems impractical. I overcame this by constructing and using a
>>Properties object at run time from the related data.
>>
>>So, you can write a simple function to convert the data that you have to a
>>Properties object:
>>
>>E.g.
>>
>>public Properties getProperties() {
>>Properties props = new Properties();
>>props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
>>props.put("org.apache.ws.security.crypto.merlin.keystore.password",
>>passwordString);
>>props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
>>
>>return props;
>>}
>>
>>Then, use the Properties object to construct the Crypto object instance that
>>you typically need for most security/access-related API:
>>
>>Properties props = getProperties();
>>Crypto _crypto =
>>CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
>>props);
>>
>>// proceed to actual access/security logic using _crypto
>>
>>Hope this helps,
>>-Arun
>>
>>On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
>>
>>>I'm trying to programmatically sign soap messages using the _setProperty()
>>>procedure as described on the wss4j web page
>>>(http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
>>>be fairly easy but I've come across a stumbling block. It seems simple
>>>enough to pass in the 'signaturePropFile' value yet my clients wont have a
>>>anything like a crypto.properties file but I will know everything that
>>>should be in the crypto.properties file in memory, I'll have a in memory
>>>keystore, password and know the keystore type. How do I pass the in
>>>memory crypto.properties to wss4j?
>>>
>>>Thanks
>>>
>>>--
>>>Chris Johnson
>>>johnsocs@clarkson.edu
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>
>>>
>>
>
> --
> Chris Johnson
> johnsocs@clarkson.edu
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by Mike <to...@umiacs.umd.edu>.
Subclass merlin and WSDoAll{Sender, Receiver} so that you control the
creation of crypto. You can then manually set your keystore and
properties in the constructor of your new nerlin class. Merlin will
nicely initialize w/o requiring properties on startup and will not
attempt to load a keystore if it notices it doesn't have properties.
public class CachedMerlin extends Merlin{
/** Creates a new instance of CachedMerlin */
public CachedMerlin(Properties p, KeyStore ks) throws
CredentialException, IOException {
super(null);
// set keystore to use
if (ks == null) {
throw new
CredentialException(CredentialException.FAILURE,"Cached keystore not
set", (Object[])null);
}
super.setKeyStore(ks);
// set Merlin properties from input
if (p != null) {
properties = new Properties(p);
} else {
properties = new Properties();
}
if
(!properties.containsKey(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE)) {
properties.setProperty(Wss4jConstants.WSS4J_MERLIN_KEYSTORE_TYPE,
Wss4jConstants.WSS4J_DEFAULT_KEYSTORE_TYPE);
}
...
...
Christopher S. Johnson wrote:
> Arun -
>
> Thanks for the feedback, but the keystore is in memeory rather then on
> disk so org.apache.ws.security.crypto.merlin.file wont work for me.. any
> other ideas?
>
> Thanks
> ..Chris
>
> On Sun, 9 Oct 2005, Soactive Inc wrote:
>
>
>>I agree. In most cases, expecting properties files on the server for this
>>data seems impractical. I overcame this by constructing and using a
>>Properties object at run time from the related data.
>>
>>So, you can write a simple function to convert the data that you have to a
>>Properties object:
>>
>>E.g.
>>
>>public Properties getProperties() {
>>Properties props = new Properties();
>>props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
>>props.put("org.apache.ws.security.crypto.merlin.keystore.password",
>>passwordString);
>>props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
>>
>>return props;
>>}
>>
>>Then, use the Properties object to construct the Crypto object instance that
>>you typically need for most security/access-related API:
>>
>>Properties props = getProperties();
>>Crypto _crypto =
>>CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
>>props);
>>
>>// proceed to actual access/security logic using _crypto
>>
>>Hope this helps,
>>-Arun
>>
>>On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
>>
>>>I'm trying to programmatically sign soap messages using the _setProperty()
>>>procedure as described on the wss4j web page
>>>(http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
>>>be fairly easy but I've come across a stumbling block. It seems simple
>>>enough to pass in the 'signaturePropFile' value yet my clients wont have a
>>>anything like a crypto.properties file but I will know everything that
>>>should be in the crypto.properties file in memory, I'll have a in memory
>>>keystore, password and know the keystore type. How do I pass the in
>>>memory crypto.properties to wss4j?
>>>
>>>Thanks
>>>
>>>--
>>>Chris Johnson
>>>johnsocs@clarkson.edu
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>
>>>
>>
>
> --
> Chris Johnson
> johnsocs@clarkson.edu
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by "Christopher S. Johnson" <jo...@clarkson.edu>.
Arun -
Thanks for the feedback, but the keystore is in memeory rather then on
disk so org.apache.ws.security.crypto.merlin.file wont work for me.. any
other ideas?
Thanks
..Chris
On Sun, 9 Oct 2005, Soactive Inc wrote:
> I agree. In most cases, expecting properties files on the server for this
> data seems impractical. I overcame this by constructing and using a
> Properties object at run time from the related data.
>
> So, you can write a simple function to convert the data that you have to a
> Properties object:
>
> E.g.
>
> public Properties getProperties() {
> Properties props = new Properties();
> props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
> props.put("org.apache.ws.security.crypto.merlin.keystore.password",
> passwordString);
> props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
>
> return props;
> }
>
> Then, use the Properties object to construct the Crypto object instance that
> you typically need for most security/access-related API:
>
> Properties props = getProperties();
> Crypto _crypto =
> CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
> props);
>
> // proceed to actual access/security logic using _crypto
>
> Hope this helps,
> -Arun
>
> On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
> >
> > I'm trying to programmatically sign soap messages using the _setProperty()
> > procedure as described on the wss4j web page
> > (http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
> > be fairly easy but I've come across a stumbling block. It seems simple
> > enough to pass in the 'signaturePropFile' value yet my clients wont have a
> > anything like a crypto.properties file but I will know everything that
> > should be in the crypto.properties file in memory, I'll have a in memory
> > keystore, password and know the keystore type. How do I pass the in
> > memory crypto.properties to wss4j?
> >
> > Thanks
> >
> > --
> > Chris Johnson
> > johnsocs@clarkson.edu
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
>
--
Chris Johnson
johnsocs@clarkson.edu
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by "Christopher S. Johnson" <jo...@clarkson.edu>.
Arun -
Thanks for the feedback, but the keystore is in memeory rather then on
disk so org.apache.ws.security.crypto.merlin.file wont work for me.. any
other ideas?
Thanks
..Chris
On Sun, 9 Oct 2005, Soactive Inc wrote:
> I agree. In most cases, expecting properties files on the server for this
> data seems impractical. I overcame this by constructing and using a
> Properties object at run time from the related data.
>
> So, you can write a simple function to convert the data that you have to a
> Properties object:
>
> E.g.
>
> public Properties getProperties() {
> Properties props = new Properties();
> props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
> props.put("org.apache.ws.security.crypto.merlin.keystore.password",
> passwordString);
> props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
>
> return props;
> }
>
> Then, use the Properties object to construct the Crypto object instance that
> you typically need for most security/access-related API:
>
> Properties props = getProperties();
> Crypto _crypto =
> CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
> props);
>
> // proceed to actual access/security logic using _crypto
>
> Hope this helps,
> -Arun
>
> On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
> >
> > I'm trying to programmatically sign soap messages using the _setProperty()
> > procedure as described on the wss4j web page
> > (http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
> > be fairly easy but I've come across a stumbling block. It seems simple
> > enough to pass in the 'signaturePropFile' value yet my clients wont have a
> > anything like a crypto.properties file but I will know everything that
> > should be in the crypto.properties file in memory, I'll have a in memory
> > keystore, password and know the keystore type. How do I pass the in
> > memory crypto.properties to wss4j?
> >
> > Thanks
> >
> > --
> > Chris Johnson
> > johnsocs@clarkson.edu
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
>
--
Chris Johnson
johnsocs@clarkson.edu
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by Davanum Srinivas <da...@gmail.com>.
Guys,
please create a bug report asking for an enhancement.
thanks,
dims
On 10/10/05, Soactive Inc <so...@gmail.com> wrote:
> I agree. In most cases, expecting properties files on the server for this
> data seems impractical. I overcame this by constructing and using a
> Properties object at run time from the related data.
>
> So, you can write a simple function to convert the data that you have to a
> Properties object:
>
> E.g.
>
> public Properties getProperties() {
> Properties props = new Properties();
>
> props.put("org.apache.ws.security.crypto.merlin.keystore.type",
> typeString);
>
> props.put("org.apache.ws.security.crypto.merlin.keystore.password",
> passwordString);
>
> props.put("org.apache.ws.security.crypto.merlin.file",
> fileNameString);
>
> return props;
> }
>
> Then, use the Properties object to construct the Crypto object instance
> that you typically need for most security/access-related API:
>
> Properties props = getProperties();
> Crypto _crypto =
>
> CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
> props);
>
> // proceed to actual access/security logic using _crypto
>
> Hope this helps,
> -Arun
>
>
> On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
> > I'm trying to programmatically sign soap messages using the _setProperty()
> > procedure as described on the wss4j web page
> > (http://ws.apache.org/wss4j/axis.html). Setting the
> properties seems to
> > be fairly easy but I've come across a stumbling block. It seems simple
> > enough to pass in the 'signaturePropFile' value yet my clients wont have a
> > anything like a crypto.properties file but I will know everything that
> > should be in the crypto.properties file in memory, I'll have a in memory
> > keystore, password and know the keystore type. How do I pass the in
> > memory crypto.properties to wss4j?
> >
> > Thanks
> >
> > --
> > Chris Johnson
> > johnsocs@clarkson.edu
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
>
>
--
Davanum Srinivas : http://wso2.com/blogs/
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by Davanum Srinivas <da...@gmail.com>.
Guys,
please create a bug report asking for an enhancement.
thanks,
dims
On 10/10/05, Soactive Inc <so...@gmail.com> wrote:
> I agree. In most cases, expecting properties files on the server for this
> data seems impractical. I overcame this by constructing and using a
> Properties object at run time from the related data.
>
> So, you can write a simple function to convert the data that you have to a
> Properties object:
>
> E.g.
>
> public Properties getProperties() {
> Properties props = new Properties();
>
> props.put("org.apache.ws.security.crypto.merlin.keystore.type",
> typeString);
>
> props.put("org.apache.ws.security.crypto.merlin.keystore.password",
> passwordString);
>
> props.put("org.apache.ws.security.crypto.merlin.file",
> fileNameString);
>
> return props;
> }
>
> Then, use the Properties object to construct the Crypto object instance
> that you typically need for most security/access-related API:
>
> Properties props = getProperties();
> Crypto _crypto =
>
> CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
> props);
>
> // proceed to actual access/security logic using _crypto
>
> Hope this helps,
> -Arun
>
>
> On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
> > I'm trying to programmatically sign soap messages using the _setProperty()
> > procedure as described on the wss4j web page
> > (http://ws.apache.org/wss4j/axis.html). Setting the
> properties seems to
> > be fairly easy but I've come across a stumbling block. It seems simple
> > enough to pass in the 'signaturePropFile' value yet my clients wont have a
> > anything like a crypto.properties file but I will know everything that
> > should be in the crypto.properties file in memory, I'll have a in memory
> > keystore, password and know the keystore type. How do I pass the in
> > memory crypto.properties to wss4j?
> >
> > Thanks
> >
> > --
> > Chris Johnson
> > johnsocs@clarkson.edu
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
>
>
--
Davanum Srinivas : http://wso2.com/blogs/
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: programmatically set crypto.properties
Posted by Soactive Inc <so...@gmail.com>.
I agree. In most cases, expecting properties files on the server for this
data seems impractical. I overcame this by constructing and using a
Properties object at run time from the related data.
So, you can write a simple function to convert the data that you have to a
Properties object:
E.g.
public Properties getProperties() {
Properties props = new Properties();
props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
props.put("org.apache.ws.security.crypto.merlin.keystore.password",
passwordString);
props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
return props;
}
Then, use the Properties object to construct the Crypto object instance that
you typically need for most security/access-related API:
Properties props = getProperties();
Crypto _crypto =
CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
props);
// proceed to actual access/security logic using _crypto
Hope this helps,
-Arun
On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
>
> I'm trying to programmatically sign soap messages using the _setProperty()
> procedure as described on the wss4j web page
> (http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
> be fairly easy but I've come across a stumbling block. It seems simple
> enough to pass in the 'signaturePropFile' value yet my clients wont have a
> anything like a crypto.properties file but I will know everything that
> should be in the crypto.properties file in memory, I'll have a in memory
> keystore, password and know the keystore type. How do I pass the in
> memory crypto.properties to wss4j?
>
> Thanks
>
> --
> Chris Johnson
> johnsocs@clarkson.edu
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
Re: programmatically set crypto.properties
Posted by Soactive Inc <so...@gmail.com>.
I agree. In most cases, expecting properties files on the server for this
data seems impractical. I overcame this by constructing and using a
Properties object at run time from the related data.
So, you can write a simple function to convert the data that you have to a
Properties object:
E.g.
public Properties getProperties() {
Properties props = new Properties();
props.put("org.apache.ws.security.crypto.merlin.keystore.type", typeString);
props.put("org.apache.ws.security.crypto.merlin.keystore.password",
passwordString);
props.put("org.apache.ws.security.crypto.merlin.file", fileNameString);
return props;
}
Then, use the Properties object to construct the Crypto object instance that
you typically need for most security/access-related API:
Properties props = getProperties();
Crypto _crypto =
CryptoFactory.getInstance("org.apache.ws.security.components.crypto.Merlin",
props);
// proceed to actual access/security logic using _crypto
Hope this helps,
-Arun
On 10/7/05, Christopher S. Johnson <jo...@clarkson.edu> wrote:
>
> I'm trying to programmatically sign soap messages using the _setProperty()
> procedure as described on the wss4j web page
> (http://ws.apache.org/wss4j/axis.html). Setting the properties seems to
> be fairly easy but I've come across a stumbling block. It seems simple
> enough to pass in the 'signaturePropFile' value yet my clients wont have a
> anything like a crypto.properties file but I will know everything that
> should be in the crypto.properties file in memory, I'll have a in memory
> keystore, password and know the keystore type. How do I pass the in
> memory crypto.properties to wss4j?
>
> Thanks
>
> --
> Chris Johnson
> johnsocs@clarkson.edu
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>