Hello,
I am using the WSS4J's SAML profile. Because of our infrastructure, we cannot use property files to initialize the security components for the WSS4J handlers. I was able to remove the property files dependency for the keystore by extending the WSS4JHandler.java class and overridding the functions that return the Crypto instances (loadEncryptionCrypto, loadDecryptionCrypto, loadSignatureCrypto).
The methods performSTAction and performST_SIGAction have private access. The code to load the SAML Assertion (using the property file) is located in this function. I was wonderinig if the piece of code that loads the SAML Assertion could be seperated from this methods, and put into a method with protected acces which returns SAML Assertion, like the crypto methods.
Thanks,
Ashok
