Hi, This password is only for the keystore file
org.apache.ws.security.crypto.merlin.file=mykey.jks org.apache.ws.security.crypto.merlin.keystore.password=password The password to the private key is supplied by the password callback class if ( usage == WSPasswordCallback.SIGNATURE ) { System.out.println ( "SIGNATURE " + identifier ) ; if ( identifier.equals ( "myuser" ) ) { /* keystore private key password */ callback.setPassword ( "password" ) ; return ; } } Could you use a keystore where the keystore password and private key password are different ? -----Original Message----- From: Rodrigo Ruiz [mailto:[EMAIL PROTECTED] Sent: Friday, 23 February 2007 12:41 AM To: axis-user@ws.apache.org Subject: Re: Axis2: Encrypting the merlin keystore password property Hi Ruchith, Do you know any alternative to Merlin? :-) Regards, Rodrigo Ruchith Fernando wrote: > Hi Andrew, > > If you use Merlin it is not possible. > > However in practice if you host the web service in a server and if > only the admin has access to read the deployment files then I don't > see this as an issue. > > Thanks, > Ruchith > > On 2/20/07, Andrew Fielden <[EMAIL PROTECTED]> wrote: >> I have deployed an Axis2 service with security enabled. The crypto >> properties specify a keystore and password. Is there any way that the >> password property can be stored in an encrypted form, not plain text? >> >> org.apache.ws.security.crypto.merlin.keystore.password=password >> org.apache.ws.security.crypto.merlin.file=mykey.jks >> >> Thanks. >> Andrew. >> -- ------------------------------------------------------------------- GRID SYSTEMS, S.A. Rodrigo Ruiz Parc Bit - Edificio 17 Research Coordinator 07121 Palma de Mallorca Baleares - Spain Tel: +34 971 435 085 http://www.gridsystems.com/ Fax: +34 971 435 082 ------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]