[
https://issues.apache.org/jira/browse/CXF-8811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17778995#comment-17778995
]
Markus Haugsdal commented on CXF-8811:
--------------------------------------
[~coheigea] I looked at this a while ago while working with end-to-end
encryption. Are you aware if not having this feature is the intention with the
current implementation?
> Support useReqSigCert for encrypting the responses from JAX-RS JOSE
> ---------------------------------------------------------------------
>
> Key: CXF-8811
> URL: https://issues.apache.org/jira/browse/CXF-8811
> Project: CXF
> Issue Type: Improvement
> Components: JAX-RS Security
> Reporter: Markus Haugsdal
> Assignee: Sergey Beryozkin
> Priority: Minor
>
> Cloned a similar issue. Is it possible to get this feature for endpoints
> using JAX-RS JOSE? That is, using the JwsSignatureVerifier used to validate
> the signature to encrypt the response.
> WS endpoints can get a ws.security.encryption.username property set to
> 'useReqSigCert', meaning that the specific client certificate use to create a
> signature of the payload needs to be used for encrypting the outbound payload.
> RS endpoints need to support this mode too. Additionally, the in signature
> and encryption interceptors on both the client and server ends need to
> default (two-way POSTs) to using the encryption properties for the signature
> validation and the signature properties for the decryption, in line with the
> way WS endpoints operate.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
