You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-user@axis.apache.org by Erwin Reinhoud <Er...@ictu.nl> on 2009/01/15 17:17:20 UTC

Axis2 WS-Security encryption

Hello All,
 
I am wondering how i could implement a service that is used by multiple
clients and WS-Security signing andf encryption is applied. Somehow
you'll have to gather from the request which client you are dealing with
and encrypt the response. One way of doing this is i  guess, is using
the same cert for encryption as was used for signing the request which
was included in the message. Any examples, best practices? Is it implied
that an encrypted exchange can only be done per service-client pair?
 
Thanks in advance.
 
Kind regards,
Erwin

Re: Axis2 WS-Security encryption

Posted by Nandana Mihindukulasooriya <na...@gmail.com>.

Hi Erwin,
         Yes, what we do is we use the cert that was used to sign the
request to encrypt the response back to the client. This[1] tutorial has
more information.

thanks,
nandana

[1] - http://wso2.org/library/255

On Thu, Jan 15, 2009 at 9:47 PM, Erwin Reinhoud <Er...@ictu.nl>wrote:

>  Hello All,
>
> I am wondering how i could implement a service that is used by multiple
> clients and WS-Security signing andf encryption is applied. Somehow you'll
> have to gather from the request which client you are dealing with and
> encrypt the response. One way of doing this is i  guess, is using the same
> cert for encryption as was used for signing the request which was included
> in the message. Any examples, best practices? Is it implied that an
> encrypted exchange can only be done per service-client pair?
>
> Thanks in advance.
>
> Kind regards,
> Erwin
>



-- 
Nandana Mihindukulasooriya
WSO2 inc.

http://nandana83.blogspot.com/
http://www.wso2.org