You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by Pages Laurent <la...@yahoo.fr> on 2010/06/24 13:41:17 UTC

Username token and derived keys

Hello!

I'm trying to use UsernameToken in CXF 2.2.9 and to derive key from the password in order to encrypt the message body. Service and client use CXF stack.
The security policy is described in the WSDL, but CXF client complains as if it does not support this functionnality.
Does someone know if CXF is able to deal with key derived from UsernameToken ?

FYI, I tried to call the CXF service with a client that uses the Metro stack, and it works (on the Metro side) but then the service complains it cannot find the key used for encryption...

Thanks!

Laurent

Re: Username token and derived keys

Posted by Daniel Kulp <dk...@apache.org>.

On Thursday 24 June 2010 7:41:17 am Pages Laurent wrote:
> Hello!
> 
> I'm trying to use UsernameToken in CXF 2.2.9 and to derive key from the
> password in order to encrypt the message body. Service and client use CXF
> stack. The security policy is described in the WSDL, but CXF client
> complains as if it does not support this functionnality. Does someone know
> if CXF is able to deal with key derived from UsernameToken ?

As Sergey mentioned, not yet.    Part of the reason is that at the time the 
WS-SecPol stuff was being worked on, WSS4J didn't support this.    This was 
added for the latest WSS4J, but we never went back and added support into the 
SecPol implementation.

Dan


> 
> FYI, I tried to call the CXF service with a client that uses the Metro
> stack, and it works (on the Metro side) but then the service complains it
> cannot find the key used for encryption...
> 
> Thanks!
> 
> Laurent

-- 
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog

Re: Username token and derived keys

Posted by Sergey Beryozkin <sb...@gmail.com>.

Just FYI :

https://issues.apache.org/jira/browse/CXF-2864

However I can not commit at this stage to fixing it - but it will be tracked
and is possible it will be addressed sooner rather than later

thanks for reporting the issue
Sergey

On Thu, Jun 24, 2010 at 12:41 PM, Pages Laurent <la...@yahoo.fr> wrote:

> Hello!
>
> I'm trying to use UsernameToken in CXF 2.2.9 and to derive key from the
> password in order to encrypt the message body. Service and client use CXF
> stack.
> The security policy is described in the WSDL, but CXF client complains as
> if it does not support this functionnality.
> Does someone know if CXF is able to deal with key derived from
> UsernameToken ?
>
> FYI, I tried to call the CXF service with a client that uses the Metro
> stack, and it works (on the Metro side) but then the service complains it
> cannot find the key used for encryption...
>
> Thanks!
>
> Laurent
>
>
>