My Client Config :
<bean id="wss4jOut"
class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Timestamp Signature Encrypt"/>
<entry key="user" value="myclientkey"/>
<entry key="signaturePropFile"
value="clientKeystore.properties"/>
<entry key="encryptionPropFile"
value="clientKeystore.properties"/>
<entry key="encryptionUser" value="myclientkey"/>
<entry key="signatureKeyIdentifier"
value="DirectReference"/>
<entry key="passwordCallbackRef"
value-ref="clientKeystorePassword"/>
<!--<entry key="passwordCallbackClass"
value="edu.osu.oit.peoplesoft.webservice.ClientKeystorePasswordCallback"/>-->
<entry key="signatureParts"
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
<entry key="encryptionParts"
value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
<entry key="encryptionSymAlgorithm"
value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
</map>
</constructor-arg>
</bean>
<bean id="wss4jIn"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor" >
<constructor-arg>
<map>
<entry key="action" value="Timestamp Signature Encrypt"/>
<entry key="signaturePropFile"
value="clientKeystore.properties"/>
<entry key="decryptionPropFile"
value="clientKeystore.properties"/>
<entry key="passwordCallbackRef"
value-ref="clientKeystorePassword"/>
</map>
</constructor-arg>
</bean>
Service Configurations:
<bean id="wss4jInterceptor"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Timestamp Signature Encrypt"/>
<entry key="signaturePropFile"
value="serviceKeystore.properties"/>
<entry key="decryptionPropFile"
value="serviceKeystore.properties"/>
<entry key="passwordCallbackRef"
value-ref="serviceKeystorePasswordClass"/>
</map>
</constructor-arg>
</bean>
<bean id="wss4jOutInterceptor"
class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Timestamp Signature Encrypt"/>
<entry key="user" value="myservicekey"/>
<entry key="signaturePropFile"
value="serviceKeystore.properties"/>
<entry key="encryptionPropFile"
value="serviceKeystore.properties"/>
<entry key="encryptionUser" value="useReqSigCert"/>
<entry key="signatureKeyIdentifier"
value="DirectReference"/>
<entry key="passwordCallbackRef"
value-ref="serviceKeystorePasswordClass"/>
<entry key="signatureParts"
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
<entry key="encryptionParts"
value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
<entry key="encryptionSymAlgorithm"
value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
</map>
</constructor-arg>
</bean>
Colm O hEigeartaigh wrote:
>
>
> Could you attach the WSS4J config you're using on both the client and
> server side?
>
> Colm.
>
>
>
--
View this message in context:
http://www.nabble.com/WSSecurityEngine%3A-Callback-supplied-no-password-for%3A-null--when-using-useReqSigCert-for-encryptionUser-in-multiple-client-scenario.-tp22745189p22782797.html
Sent from the cxf-dev mailing list archive at Nabble.com.
