Hi, To choose certificates you can also use XKMS service: http://cxf.apache.org/docs/xml-key-management-service-xkms.html . It is implemented through the custom Crypto provider as well.
Regards, Andrei. > -----Original Message----- > From: Manfred Dohmen [mailto:[email protected]] > Sent: Freitag, 31. Oktober 2014 10:54 > To: [email protected] > Subject: WS-Security: dynamically choose key for response signature > > Hello, > > is there an (easy) way to dynamically choose a key/certificate that shall be > used > with CXF/WSS4J to sign the response to a SOAP request? > > Our service runs in an application where we configure explicitly ws- > security.signature.crypto with an instance of > org.apache.ws.security.components.crypto.Crypto. For now we choose the key > by the setting org.apache.ws.security.crypto.merlin.keystore.alias. > > Can we hook into CXF's chains or implement some factory? > > Thanks, > Manfred > >
