Hi, You're right.
Just for the record, what i did was assume that de CN is the same as the keystore alias. Like this i managed to supress the usernameToken. Thanks again, António Lourinho On 1/17/07, Tomek Sztelak <[EMAIL PROTECTED]> wrote:
Hi No probably it isn't. I created this example just to demonstrate some approaches to solve problems, but ways showed in examples isn't the only ones or the best :). On 1/17/07, Antonio Lourinho <[EMAIL PROTECTED]> wrote: > Hi, > > Im developing a webservice which uses signature and cypher (two-way). > > It seems a bit odd that a usernameToken has to be sent to identify the > caller since the CN and serialNumber are also in the SOAP message, > which are enough to locate the certificate in the keystore. > > Is this really mandatory? > > Thanks in advance, > António Lourinho > > --------------------------------------------------------------------- > To unsubscribe from this list please visit: > > http://xircles.codehaus.org/manage_email > > -- ----- When one of our products stops working, we'll blame another vendor within 24 hours. --------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email
--------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email
