I dont remember the validation process exactely (may be someone could
correct me if i am wrong).
If the given certificate is in the keystore the certificate is trusted.
OR , If the certificate that signed the given cert is present in the
keystore then the given certificate is trusted.
---as
Andrew Kinard wrote:
Thanks Ashok,
One more question: So if I have my server send a message with the
cert in the header, is the client still required to have the cert in
it's keystore to validate the sender? If not, what WSDD and
crypto.properties properties are required by the client?
Thanks for the help,
Andrew Kinard
AK;-)
On Jul 28, 2005, at 11:35 AM, Ashok Shah wrote:
Andrew,
You could set a parameter WSHandlerConstants.SIG_KEY_ID to
"DirectReference" in deplyoment file. This would attach the
cetificate as Binary data in the soap message.
Cheers,
Ashok.
Andrew Kinard wrote:
Hello All,
I have a project in which I would like to send a signed message to
a client and include a cert in the SOAP header. Basically, I have
a need to verify the identity of the sender without keeping a
local keystore. I have used WSS4J for sending a signed message,
but have not found any documentation on including the cert in the
SOAP header, which I think is covered by the XML- Signature spec.
Does anyone have any information on how I might do this?
Regards,
Andrew Kinard
AK;-)
