You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Andrei Shakirin (JIRA)" <ji...@apache.org> on 2014/08/04 15:34:12 UTC
[jira] [Assigned] (CXF-5926) Extend SSL KeyManagers with password
callback handler
[ https://issues.apache.org/jira/browse/CXF-5926?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrei Shakirin reassigned CXF-5926:
------------------------------------
Assignee: Andrei Shakirin
> Extend SSL KeyManagers with password callback handler
> ------------------------------------------------------
>
> Key: CXF-5926
> URL: https://issues.apache.org/jira/browse/CXF-5926
> Project: CXF
> Issue Type: Improvement
> Components: Core
> Reporter: Andrei Shakirin
> Assignee: Andrei Shakirin
>
> Currently user can specify password for private key in SSL KeyManager configuration only explicitly:
> {code}
> <http:conduit name="https://localhost:.*/customerservice/.*">
> <http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000" />
> <http:tlsClientParameters>
> <sec:keyManagers keyPassword="ckpass">
> <sec:keyStore file="src/main/config/clientKeystore.jks"
> password="cspass" type="JKS" />
> </sec:keyManagers>
> <sec:trustManagers>
> <sec:keyStore file="src/main/config/clientKeystore.jks"
> password="cspass" type="JKS" />
> </sec:trustManagers>
> </http:tlsClientParameters>
> </http:conduit>
> {code}
> There are some users requests to support password callback handler as well.
> Proposal is to introduce optional attribute keyPasswordCallbackHandler in keyManagers element. This attribute will contain full class name implementing JSE CallbackHandler interface and expecting PasswordCallback element in input array. Path to keystore will be used as identifier in PasswordCallback.
--
This message was sent by Atlassian JIRA
(v6.2#6252)