You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by r....@pantheon-automatisering.nl on 2013/10/29 12:20:42 UTC
Example to program client signature properties
Hi,
For the client I'm building with cxf 2.7.7 I would like an example to
program the client signature properties.
For now I'm user a properties file:
bindingProvider = (BindingProvider) port;
bindingProvider.getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,
keystore.properties);
with the keystore.properties containing:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.file=keystoreName.jks
org.apache.ws.security.crypto.merlin.keystore.type=JKS
org.apache.ws.security.crypto.merlin.keystore.password=KeystorePassword
org.apache.ws.security.crypto.merlin.keystore.alias=privateAlias
org.apache.ws.security.crypto.merlin.alias.password=PrivateKeyPassword
But I already have the keystore in the software. So to make my client run
I save a text file 'keystore.properties' and the keystore I want to use to
the file 'keystoreName,jks'.
I would love to use the object already have at hand. Can somebody please
give me an example how to handle this, I really can't find it.
Ralph Keegstra
RE: Example to program client signature properties
Posted by r....@pantheon-automatisering.nl.
Hi Andrei,
Thanx for your answer. It is exactly what I meant, you did understand me
correctly, so I won't go that way.
Regards,
Ralph
From:
Andrei Shakirin <as...@talend.com>
To:
"users@cxf.apache.org" <us...@cxf.apache.org>
Cc:
"r.keegstra@pantheon-automatisering.nl"
<r....@pantheon-automatisering.nl>
Date:
29-10-2013 16:30
Subject:
RE: Example to program client signature properties
Hi,
Did I understand you correctly, you would like to reuse
java.security.KeyStore object for 'keystoreName.jks'?
AFAIK default wss4j crypto provider Merlin always creates own keystore
object:
...
if (provider == null || provider.length() == 0) {
ks = KeyStore.getInstance(type);
} else {
ks = KeyStore.getInstance(type, provider);
}
ks.load(input, (storepass == null || storepass.length() == 0)
? new char[0] : storepass.toCharArray());
...
Of course you can use own implementation of crypto provider using
SecurityConstants.SIGNATURE_CRYPTO and SecurityConstants.ENCRYPTION_CRYPTO
and use own keystore object there, but IMO efforts will be more as
benefit.
Regards,
Andrei.
> -----Original Message-----
> From: r.keegstra@pantheon-automatisering.nl
> [mailto:r.keegstra@pantheon-automatisering.nl]
> Sent: Dienstag, 29. Oktober 2013 12:21
> To: CXF Users
> Subject: Example to program client signature properties
>
> Hi,
>
> For the client I'm building with cxf 2.7.7 I would like an example to
program
> the client signature properties.
> For now I'm user a properties file:
> bindingProvider = (BindingProvider) port;
> bindingProvider.getRequestContext().put(SecurityConstants.SIGNATURE_P
> ROPERTIES,
> keystore.properties);
>
> with the keystore.properties containing:
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components
> .crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.file=keystoreName.jks
> org.apache.ws.security.crypto.merlin.keystore.type=JKS
> org.apache.ws.security.crypto.merlin.keystore.password=KeystorePassword
> org.apache.ws.security.crypto.merlin.keystore.alias=privateAlias
> org.apache.ws.security.crypto.merlin.alias.password=PrivateKeyPassword
>
> But I already have the keystore in the software. So to make my client
run I
> save a text file 'keystore.properties' and the keystore I want to use to
the file
> 'keystoreName,jks'.
>
> I would love to use the object already have at hand. Can somebody please
> give me an example how to handle this, I really can't find it.
>
> Ralph Keegstra
RE: Example to program client signature properties
Posted by Andrei Shakirin <as...@talend.com>.
Hi,
Did I understand you correctly, you would like to reuse java.security.KeyStore object for 'keystoreName.jks'?
AFAIK default wss4j crypto provider Merlin always creates own keystore object:
...
if (provider == null || provider.length() == 0) {
ks = KeyStore.getInstance(type);
} else {
ks = KeyStore.getInstance(type, provider);
}
ks.load(input, (storepass == null || storepass.length() == 0)
? new char[0] : storepass.toCharArray());
...
Of course you can use own implementation of crypto provider using SecurityConstants.SIGNATURE_CRYPTO and SecurityConstants.ENCRYPTION_CRYPTO and use own keystore object there, but IMO efforts will be more as benefit.
Regards,
Andrei.
> -----Original Message-----
> From: r.keegstra@pantheon-automatisering.nl
> [mailto:r.keegstra@pantheon-automatisering.nl]
> Sent: Dienstag, 29. Oktober 2013 12:21
> To: CXF Users
> Subject: Example to program client signature properties
>
> Hi,
>
> For the client I'm building with cxf 2.7.7 I would like an example to program
> the client signature properties.
> For now I'm user a properties file:
> bindingProvider = (BindingProvider) port;
> bindingProvider.getRequestContext().put(SecurityConstants.SIGNATURE_P
> ROPERTIES,
> keystore.properties);
>
> with the keystore.properties containing:
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components
> .crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.file=keystoreName.jks
> org.apache.ws.security.crypto.merlin.keystore.type=JKS
> org.apache.ws.security.crypto.merlin.keystore.password=KeystorePassword
> org.apache.ws.security.crypto.merlin.keystore.alias=privateAlias
> org.apache.ws.security.crypto.merlin.alias.password=PrivateKeyPassword
>
> But I already have the keystore in the software. So to make my client run I
> save a text file 'keystore.properties' and the keystore I want to use to the file
> 'keystoreName,jks'.
>
> I would love to use the object already have at hand. Can somebody please
> give me an example how to handle this, I really can't find it.
>
> Ralph Keegstra