You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by ad...@gmail.com on 2008/12/09 20:42:57 UTC
Specifying custom keystore
Hello,
I am new to rampart and axis in general so I dont know if this is possible
at all or not. The problem I have is that we have a custom keystore (not
using java key store) that we have an api to talk to. When specifying the
rampart config, specifically the keystore file in signaturecrypto, I have
to get the keystore from the api. So far all examples I have seen require
you to specify the keystore file and I dont have that. The api that I have
to use gives me a java.security.KeyStore Object and I want to know if there
is anyway I can specify that instead of the file. If I have to extend any
class and then use that instead of course that can be done, but I just
don't know where to start which file/method to override and so on .
Following is some sample of how I am specifying the rampart configuration :
RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("c1");
rampartConfig.setPwCbClass("custom.PasswordCallbackHandler");
CryptoConfig sigCrypto = new CryptoConfig();
sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin");
Properties props = new Properties();
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
props.setProperty("org.apache.ws.security.crypto.merlin.file","c:/keys/client.ks");
<---
Notice the file has to be specified here. This has to change
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "client-ks-pass");
sigCrypto.setProp(props);
rampartConfig.setSigCryptoConfig(sigCrypto);
Policy policy = new Policy();
policy.addAssertion(rampartConfig);
Any help in this regard is greatly appreciated.
Thanks in advance,
Adil
Re: Specifying custom keystore
Posted by Dimuthu Leelarathne <di...@wso2.com>.
Hi,
I think the solution is to write your own crypto implementation by
implementing the interface
org.apache.ws.security.components.crypto.Crypto. It will be something
similar to org.apache.ws.security.components.crypto.Merlin. Inside this
implementation use your key store API.
Thank you,
Dimuthu
adil.karamat@gmail.com wrote:
> Hello,
> I am new to rampart and axis in general so I dont know if this is
> possible at all or not. The problem I have is that we have a custom
> keystore (not using java key store) that we have an api to talk to.
> When specifying the rampart config, specifically the keystore file in
> signaturecrypto, I have to get the keystore from the api. So far all
> examples I have seen require you to specify the keystore file and I
> dont have that. The api that I have to use gives me a
> java.security.KeyStore Object and I want to know if there is anyway I
> can specify that instead of the file. If I have to extend any class
> and then use that instead of course that can be done, but I just don't
> know where to start which file/method to override and so on .
> Following is some sample of how I am specifying the rampart
> configuration :
>
> RampartConfig rampartConfig = new RampartConfig();
> rampartConfig.setUser("c1");
> rampartConfig.setPwCbClass("custom.PasswordCallbackHandler");
>
> CryptoConfig sigCrypto = new CryptoConfig();
> sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin");
>
> Properties props = new Properties();
> props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type",
> "JKS");
> props.setProperty("org.apache.ws.security.crypto.merlin.file","c:/keys/client.ks");
> <--- Notice the file has to be specified here. This has to change
> props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password",
> "client-ks-pass");
>
> sigCrypto.setProp(props);
>
> rampartConfig.setSigCryptoConfig(sigCrypto);
>
> Policy policy = new Policy();
> policy.addAssertion(rampartConfig);
>
>
> Any help in this regard is greatly appreciated.
> Thanks in advance,
>
> Adil
>