We are evaluating to use JBoss WS-Security with PKI to publish a web service 
in an organization A. This web service will be consumed by others 
organizations. As we are planning to use PKI we are assuming that:
   i) organization A has its own keystore (including own private key and 
certificates of each consuming's ws organizations) residing in its box
  ii) each consuming's ws organizations has its own keystore (including its own 
private key and certificate and also certificate of organizarion A)

  Questions:
    1.- If we deploy the Web Service client jar in the same box where the Web 
Service was deployed (in organization A environment),  how the Web Service 
client can use the private key to sign the message if the keystore resides in 
each consuming's ws organizations to avoid expose its private key?
    2.- Does each consuming's ws organizations need to have a minimal JBoss 
instance where the WS client would be deployed? We arrive at this conclusion 
because if we don't do that each consuming's ws organizations would have to 
expose these own private keys to organization A. If there is another way, 
please tell me how

  If I'm not clear enough, please let me know.
  Thank in advance...  


View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3956284#3956284

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3956284

Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to