You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by cLaSic <me...@gmail.com> on 2009/10/09 13:31:23 UTC

Reloading KeyStore/TrustStore

Hello,

I'm using WS-Security to authenticate clients. My server has a Truststore
with some clients public key.
The probleme is that whene i add a new public key to this TrustStore i must
reload the Tomcat context to take into account the new public key !

Do any one know how can i reload the Trusstore each time i receive a client
request ! ?

Any hints are welcome

Thanks
cLaSic
-- 
View this message in context: http://www.nabble.com/Reloading-KeyStore-TrustStore-tp25819531p25819531.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: Reloading KeyStore/TrustStore

Posted by cLaSic <me...@gmail.com>.

I will answer my own question :

To resolve this issue i overrloaded loadSignatureCrypto(RequestData rdata)
in WSS4JInInterceptor and then i have created a new instance of Merlin and i
loaded a new KeyStore object. :)

Bye,
cLaSic
		

cLaSic wrote:
> 
> Hello,
> 
> I'm using WS-Security to authenticate clients. My server has a Truststore
> with some clients public key.
> The probleme is that whene i add a new public key to this TrustStore i
> must reload the Tomcat context to take into account the new public key !
> 
> Do any one know how can i reload the Trusstore each time i receive a
> client request ! ?
> 
> I wrote my own handler extending WSS4JInInterceptor, and i did override
> the verifyTrust to reload my Trusstore like this :
> 
> 	@Override
> 	protected boolean verifyTrust(X509Certificate arg0, RequestData arg1)
> 			throws WSSecurityException {
> 		
> 		System.out.println("#--> verifyTrust - This is a message from
> MyInterceptor !");
> 		try {
> 			arg1.getSigCrypto().getKeyStore().load(new FileInputStream(new
> File("d:\\cxf\\cxf_keystore.jks")),"changeit".toCharArray());
> 		} catch (NoSuchAlgorithmException e) {
> 			// TODO Auto-generated catch block
> 			e.printStackTrace();
> 		} catch (CertificateException e) {
> 			// TODO Auto-generated catch block
> 			e.printStackTrace();
> 		} catch (FileNotFoundException e) {
> 			// TODO Auto-generated catch block
> 			e.printStackTrace();
> 		} catch (IOException e) {
> 			// TODO Auto-generated catch block
> 			e.printStackTrace();
> 		}
> 		return super.verifyTrust(arg0, arg1);
> 	}
> 
> And without any success !!
> 
> Any hints are welcome
> 
> Thanks
> cLaSic
> 

-- 
View this message in context: http://www.nabble.com/Reloading-KeyStore-TrustStore-tp25819531p25821488.html
Sent from the cxf-user mailing list archive at Nabble.com.