Sergey Beryozkin created CXF-4274:
-------------------------------------
Summary: Support useReqSigCert for encrypting the responses from
JAX-RS endpoints
Key: CXF-4274
URL: https://issues.apache.org/jira/browse/CXF-4274
Project: CXF
Issue Type: Improvement
Components: JAX-RS Security
Reporter: Sergey Beryozkin
Assignee: Sergey Beryozkin
Fix For: 2.6.1, 2.5.4
WS endpoints can get a ws.security.encryption.username property set to
'useReqSigCert', meaning that the specific client certificate use to create a
signature of the payload needs to be used for encrypting the outbound payload.
RS endpoints need to support this mode too. Additionally, the in signature and
encryption interceptors on both the client and server ends need to default
(two-way POSTs) to using the encryption properties for the signature validation
and the signature properties for the decryption, in line with the way WS
endpoints operate.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
