Hello all,
Suppose we have a Client, (called Client01), that
invokes a web service, (called Service01), secured with wss4j
both request and response.
If we want to encrypt request made from Client01 to
Service01 we should define in client-config.wsdd a sender handler with the
following parameters:
<parameter name="user"
value="user01"/>
<parameter name="encryptionUser"
value="server01"/>
...
On the other side, in order to encrypt the
response, server's sender handler should include the following
parameters:
<parameter name="user"
value="server01"/>
<parameter name="encryptionUser"
value="user01"/>
...
(server01 and user01 are aliases of server and
client certificates respectively)
So far so good...
but, what happens if this service is called from
several clients, each one with its own digital certificate?, how can I configure
server's handlers to use in the response client's certificate
received with service request?
Help would be appreciated.
Regards.
