[ https://issues.apache.org/jira/browse/CXF-8811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17778995#comment-17778995 ]
Markus Haugsdal commented on CXF-8811: -------------------------------------- [~coheigea] I looked at this a while ago while working with end-to-end encryption. Are you aware if not having this feature is the intention with the current implementation? > Support useReqSigCert for encrypting the responses from JAX-RS JOSE > --------------------------------------------------------------------- > > Key: CXF-8811 > URL: https://issues.apache.org/jira/browse/CXF-8811 > Project: CXF > Issue Type: Improvement > Components: JAX-RS Security > Reporter: Markus Haugsdal > Assignee: Sergey Beryozkin > Priority: Minor > > Cloned a similar issue. Is it possible to get this feature for endpoints > using JAX-RS JOSE? That is, using the JwsSignatureVerifier used to validate > the signature to encrypt the response. > WS endpoints can get a ws.security.encryption.username property set to > 'useReqSigCert', meaning that the specific client certificate use to create a > signature of the payload needs to be used for encrypting the outbound payload. > RS endpoints need to support this mode too. Additionally, the in signature > and encryption interceptors on both the client and server ends need to > default (two-way POSTs) to using the encryption properties for the signature > validation and the signature properties for the decryption, in line with the > way WS endpoints operate. -- This message was sent by Atlassian Jira (v8.20.10#820010)