You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Maciek Zywno <m....@amg.net.pl> on 2004/03/08 12:52:24 UTC
what information from crypto.properties is used for signing in WSSignEnvelope?
Hello
Maybe anyone could help me with my efforts to understand wss4j..
I am not sure how signing is done in WSSignEnvelope class and what
property from Crypto(and crypto.properties) is needed to sing a message?
Thanks in advance
Maciek
Re: what information from crypto.properties is used for signing in
WSSignEnvelope?
Posted by Yves Langisch <li...@langisch.ch>.
Maciek,
There is a good 'cookbook' in the source directory when you use it with
Axis:
src/org/apache/ws/axis/security/package.html
It helped me a lot.
Regards,
Yves
Maciek Zywno wrote:
> Hello
>
> Maybe anyone could help me with my efforts to understand wss4j..
> I am not sure how signing is done in WSSignEnvelope class and what
> property from Crypto(and crypto.properties) is needed to sing a message?
>
> Thanks in advance
>
> Maciek
>
>
Re: what information from crypto.properties is used for signing in
WSSignEnvelope?
Posted by Maciek Zywno <m....@amg.net.pl>.
Yves Langisch wrote:
> Maciek,
>
> There is a good 'cookbook' in the source directory when you use it
> with Axis:
>
> src/org/apache/ws/axis/security/package.html
>
> It helped me a lot.
>
> Regards,
> Yves
Thanks very much, it helped a lot, but I have another question
If I properly understood, in all examples in 'cookbook' a public key for
encryption and a private key for signing/encryption is taken from X.509
certiificate i.e. wsdd deployment file specifies some crypto.properties
file. This would suggest that X.509 format is the only one(in case of
wss4j) that can hold such data used for security purposes like private
and public keys. I am not an expert in security - only wanted to add
this layer for my webservice - so maybe my question is not really
sensible - but could I store private and public key not only in X.509
certificates? Does it make sense?
Thanks for any suggestions,
Maciek