You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by Wally Dennis <Wa...@Hewitt.com> on 2008/04/28 03:11:55 UTC
How to set crypto config dynamically based on inbound message
Hello,
We currently have a service with a single endpoint that is called by many
different clients/users. Due to very strict security policies within our
organization, we must maintain seperate keys and keystores for each of
these clients/users. In addition, each user's keystore is contained in
its own directory on our servers. Therefore, before performing any
security processing, we have a need to be able to dynamically set the
crypto config (both signature and encrypt) based on information contained
in the inbound SOAP envelope identifying which client/user is calling the
service. For now, I think I am going to be able to accomplish this by
using the deprecated Inflow/Outflow Configuration method and adding a
custom handler to the Inflow Security phase before WSDoAllReceiver.
However, I don't see any way that I can do this using the RampartReciever
since I can't put a handler in front of that in the phase order. Is there
any way to do this using the RampartReciever or am I missing something? If
this is not currently possible, is this something that can be added in a
future version? Perhaps as some sort of callback function?
Thanks,
Wally
The information contained in this e-mail and any accompanying documents may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message, including any attachments. Any dissemination, distribution or other use of the contents of this message by anyone other than the intended recipient is strictly prohibited. All messages sent to and from this e-mail address may be monitored as permitted by applicable law and regulations to ensure compliance with our internal policies and to protect our business. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, lost or destroyed, or contain viruses. You are deemed to have accepted these risks if you communicate with us by e-mail.