You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by ad...@gmail.com on 2008/12/09 20:42:57 UTC

Specifying custom keystore

Hello,
I am new to rampart and axis in general so I dont know if this is possible  
at all or not. The problem I have is that we have a custom keystore (not  
using java key store) that we have an api to talk to. When specifying the  
rampart config, specifically the keystore file in signaturecrypto, I have  
to get the keystore from the api. So far all examples I have seen require  
you to specify the keystore file and I dont have that. The api that I have  
to use gives me a java.security.KeyStore Object and I want to know if there  
is anyway I can specify that instead of the file. If I have to extend any  
class and then use that instead of course that can be done, but I just  
don't know where to start which file/method to override and so on .  
Following is some sample of how I am specifying the rampart configuration :

RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("c1");
rampartConfig.setPwCbClass("custom.PasswordCallbackHandler");

CryptoConfig sigCrypto = new CryptoConfig();
sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin");

Properties props = new Properties();
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
props.setProperty("org.apache.ws.security.crypto.merlin.file","c:/keys/client.ks");  
<---  
Notice the file has to be specified here. This has to change
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "client-ks-pass");

sigCrypto.setProp(props);

rampartConfig.setSigCryptoConfig(sigCrypto);

Policy policy = new Policy();
policy.addAssertion(rampartConfig);


Any help in this regard is greatly appreciated.
Thanks in advance,

Adil

Re: Specifying custom keystore

Posted by Dimuthu Leelarathne <di...@wso2.com>.

Hi,

I think the solution is to write your own crypto implementation by 
implementing the interface 
org.apache.ws.security.components.crypto.Crypto. It will be something 
similar to org.apache.ws.security.components.crypto.Merlin. Inside this 
implementation use your key store API.

Thank you,
Dimuthu


adil.karamat@gmail.com wrote:
> Hello,
> I am new to rampart and axis in general so I dont know if this is 
> possible at all or not. The problem I have is that we have a custom 
> keystore (not using java key store) that we have an api to talk to. 
> When specifying the rampart config, specifically the keystore file in 
> signaturecrypto, I have to get the keystore from the api. So far all 
> examples I have seen require you to specify the keystore file and I 
> dont have that. The api that I have to use gives me a 
> java.security.KeyStore Object and I want to know if there is anyway I 
> can specify that instead of the file. If I have to extend any class 
> and then use that instead of course that can be done, but I just don't 
> know where to start which file/method to override and so on . 
> Following is some sample of how I am specifying the rampart 
> configuration :
>
> RampartConfig rampartConfig = new RampartConfig();
> rampartConfig.setUser("c1");
> rampartConfig.setPwCbClass("custom.PasswordCallbackHandler");
>
> CryptoConfig sigCrypto = new CryptoConfig();
> sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin");
>
> Properties props = new Properties();
> props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", 
> "JKS");
> props.setProperty("org.apache.ws.security.crypto.merlin.file","c:/keys/client.ks"); 
> <--- Notice the file has to be specified here. This has to change
> props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", 
> "client-ks-pass");
>
> sigCrypto.setProp(props);
>
> rampartConfig.setSigCryptoConfig(sigCrypto);
>
> Policy policy = new Policy();
> policy.addAssertion(rampartConfig);
>
>
> Any help in this regard is greatly appreciated.
> Thanks in advance,
>
> Adil
>