Now as there is property support: PrivateKey privateKey = KeyManagementUtils.loadPrivateKey(m, props);
There is probably no need for the PrivateKeyProvider interface? (and maybe no longer the public one either?) fre. 29. mar. 2019 kl. 13:09 skrev Colm O hEigeartaigh <[email protected] >: > Hi David, > > Also - should there be a PrivateKeyProvider: > > PrivateKey getKey(String keyId); > > > > +1. Please submit a PR. > > > > > > > > > > https://github.com/apache/cxf/tree/master/rt/rs/security/http-signature/src/main/java/org/apache/cxf/rs/security/httpsignature/filters > > > There are no ClientRequestInterceptor to do the digest which is crucial > > to > > > the security protocol: > > > https://tools.ietf.org/html/draft-cavage-http-signatures-10 > > > > > > Maybe that should be added as a WriterInterceptor (e.g. quite late in > the > > > chain) - as one of the required headers is the Date header? > > > > > > Also - should digest + sign maybe be in one filter - as they go > together > > > to implement the spec? > > > > Yeah I was leaving the digest part until after I did an initial cleanup of > the filters, and supported configuration via properties. I'll look at this > next, although feel free to work on it if you'd prefer. > > > > > > > > Can the interceptors and filters be made non-final - > > > > Done. > > Colm. > > > > > > -- > > > -- > > > David J. M. Karlsen - http://www.linkedin.com/in/davidkarlsen > > > > > > > > > -- > > -- > > David J. M. Karlsen - http://www.linkedin.com/in/davidkarlsen > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > -- -- David J. M. Karlsen - http://www.linkedin.com/in/davidkarlsen
