A JIRA (with a patch) would certainly be welcome. :-) Dan
On Jan 14, 2013, at 2:42 PM, ychawla <[email protected]> wrote: > Hello All, > In the CXF StaticSTSProperties, support for the private key password is > provided through the password callback handler class. > > It can be configured in the STS bean as follows: > > <bean id="transportSTSProperties" > class="org.apache.cxf.sts.StaticSTSProperties"> > <property name="signaturePropertiesFile" > value="stsKeystore.properties" /> > <property name="signatureUsername" > value="${STS.keystore.alias}" /> > <property name="callbackHandlerClass" > value="org.ojbc.ads.PasswordCallbackHandler" /> > <property name="issuer" value="myTokenIssuer" /> > </bean> > > I would like to use a dynamically configured Spring bean as a Callback > handler because then I can store the passwords for the private key in a > configuration on the server and not check it into source. > > The STS does check to see if CallbackHandler is an object so maybe the > callbackHandlerClass variable can be changed from a String to an Object > > private String callbackHandlerClass; > > callbackHandler = getCallbackHandler(callbackHandlerClass); > > private CallbackHandler getCallbackHandler(Object o) { > CallbackHandler handler = null; > if (o instanceof CallbackHandler) { > handler = (CallbackHandler)o; > } > > On the JaxWS endpoint, you can set a value-ref to a custom bean for the > password callback handler: > > <entry key="ws-security.callback-handler" value-ref="MyCallbackHandler" /> > > Did I miss how to configure this properly in StaticSTSProperties? Or should > I create a JIRA to support this? > > Thanks, > Yogesh > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/CXF-STS-callbackHandlerClass-dynamic-configuration-tp5721597.html > Sent from the cxf-user mailing list archive at Nabble.com. -- Daniel Kulp [email protected] - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
