You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ws.apache.org by "Colm O hEigeartaigh (Closed) (JIRA)" <ji...@apache.org> on 2011/10/03 11:04:40 UTC

[jira] [Closed] (WSS-228) Encryption with a UsernameToken is (almost) broken

     [ https://issues.apache.org/jira/browse/WSS-228?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh closed WSS-228.
-----------------------------------

    
> Encryption with a UsernameToken is (almost) broken
> --------------------------------------------------
>
>                 Key: WSS-228
>                 URL: https://issues.apache.org/jira/browse/WSS-228
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>    Affects Versions: 1.5.8
>            Reporter: Evan Leonard
>            Assignee: Ruchith Udayanga Fernando
>
> We just upgraded from 1.5.2 to 1.5.8 and our code for encryption w/ a username token broke.
> Basically WSSecEncrypt now requires that prepare is called before getId. Our code was not calling prepare in this case so getId was returning "null" which obviously doesn't work.
> Adding a call to prepare would be a simple fix if it didn't take an initialized crypto instance. In the case of using a UsernameToken there is no certificates involved, and we don't have any easily available in this code path. So I had to come up with this ugly work around:
> WSSecEncrypt builder = new WSSecEncrypt();
> ...
> KeyStore keystore = KeyStore.getInstance("JKS");
> CustomCrypto crypto = new CustomCrypto(keystore); //custom class to allow dire
> KeyStore store = CryptoUtils.loadCaCerts(); //loads the JVM cacerts keystore.
> Enumeration<String> aliases = store.aliases();
> String anAlias = aliases.nextElement();
> crypto.setKeyStore(store);
> builder.setUserInfo(anAlias);
> builder.prepare(doc,crypto);

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org