[jira] [Commented] (WSS-294) Merlin doesn't support physical providers with no keystore file

Tue, 28 Jun 2011 23:06:03 -0700 

    [ 
https://issues.apache.org/jira/browse/WSS-294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13057018#comment-13057018
 ] 

rotem a commented on WSS-294:
-----------------------------

The bug is when you don't set the value of
org.apache.ws.security.crypto.merlin.keystore.file, Merlin won't initialize
the keystore (via the load method).
Smart card reader doesn't have keystore.file location, and can be loaded by
supplying null to the load method.
Because Merlin doesn't do so, the keystore is not loaded and an exception
will be thrown when we try to find the key alias in the keystore.

Rotem

On Tue, Jun 28, 2011 at 2:29 PM, Colm O hEigeartaigh (JIRA) <j...@apache.org



> Merlin doesn't support physical providers with no keystore file
> ---------------------------------------------------------------
>
>                 Key: WSS-294
>                 URL: https://issues.apache.org/jira/browse/WSS-294
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Handlers
>    Affects Versions: 1.6.1
>         Environment: using PKCS11 provider
>            Reporter: rotem a
>            Assignee: Colm O hEigeartaigh
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> At Merlin.loadProperties, in order for the load method to be called, there 
> must be a non null inputStream.
> In case of physical keystore (like smart card), there is no keystore 
> inputStream, the keystore is not loaded and later on we'll get an error when 
> we try
> to retrive a certificate from the keystore.
> The solution is to allow not getting a keystore file and in this case just 
> send a null inputStream to the load method (it works).
> There is a workaround: creating a new class which extends Merlin and just 
> override the loadProperties method (though it's not perfect cause we can't
> set the loadCACerts property (it's private).

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org
For additional commands, e-mail: dev-h...@ws.apache.org

Reply via email to