You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by Wally Dennis <Wa...@Hewitt.com> on 2008/04/28 03:11:55 UTC

How to set crypto config dynamically based on inbound message

Hello,

We currently have a service with a single endpoint that is called by many 
different clients/users. Due to very strict security policies within our 
organization, we must maintain seperate keys and keystores for each of 
these clients/users.   In addition, each user's keystore is contained in 
its own directory on our servers.  Therefore, before performing any 
security processing,  we have a need to be able to dynamically set the 
crypto config (both signature and encrypt) based on information contained 
in the inbound SOAP envelope identifying which client/user is calling the 
service.   For now, I think I am going to be able to accomplish this by 
using the deprecated Inflow/Outflow Configuration method and adding a 
custom handler to the Inflow Security phase before WSDoAllReceiver. 
However, I don't see any way that I can do this using the RampartReciever 
since I can't put a handler in front of that in the phase order.  Is there 
any way to do this using the RampartReciever or am I missing something? If 
this is not currently possible, is this something that can be added in a 
future version?  Perhaps as some sort of callback function? 

Thanks,
Wally

The information contained in this e-mail and any accompanying documents may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message, including any attachments. Any dissemination, distribution or other use of the contents of this message by anyone other than the intended recipient is strictly prohibited. All messages sent to and from this e-mail address may be monitored as permitted by applicable law and regulations to ensure compliance with our internal policies and to protect our business. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, lost or destroyed, or contain viruses. You are deemed to have accepted these risks if you communicate with us by e-mail.