Are you using WS-Security via the "action" approach or via WS-SecurityPolicy?
a) Action approach. Simply specify the following algorithms in the WSS4JOutInterceptor configuration: signatureDigestAlgorithm - http://www.w3.org/2001/04/xmlenc#sha256 signatureAlgorithm - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 b) WS-SecurityPolicy approach. Digest: Use one of the AlgorithmSuites that ends in "Sha256", e.g. "sp:Basic256Sha256". Signature: Set the JAX-WS property "ws-security.asymmetric.signature.algorithm" to " http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"; Colm. On Thu, Aug 13, 2015 at 12:58 AM, jsmith828 <jeffrey_sm...@putnam.com> wrote: > I actually have the same issue in that my sec engineering department will > not > allow any SHA-1 algorithms of any kind and require a minimum of SHA-256 for > the digest algorithm. I am using CXF-3.1.0 and I was hoping the ability to > override SHA-1 was now available and if so how can I do it. > > Thanks! > -Jeff > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/CXF-Security-policy-signature-method-tp5732250p5760020.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
