Not sure that's right -- the keystore password is for the keystore. The signing password is for the (encrypted) key in the keystore.
-Fred Martin Kuba wrote: > Hi, > > I am trying to use WSS4J 1.5.0 for message signing, and I found the > following problem. I have to specify the keystore password twice, > first in callback class using client-config.wsdd: > > <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > <transport name="http" > pivot="java:org.apache.axis.transport.http.HTTPSender"/> > <globalConfiguration> > <requestFlow> > <handler > type="java:org.apache.ws.axis.security.WSDoAllSender"> > <parameter name="user" value="michal"/> > <parameter name="passwordCallbackClass" > value="cz.makub.PWCallback"/> > <parameter name="action" value="Signature"/> > <parameter name="signaturePropFile" > value="crypto.properties"/> > </handler> > </requestFlow> > </globalConfiguration> > </deployment> > > and then second time in crypto.properties: > > org.apache.ws.security.crypto.merlin.file=server1.p12 > org.apache.ws.security.crypto.merlin.keystore.type=PKCS12 > org.apache.ws.security.crypto.merlin.keystore.password=michal > > Only the one from crypto.properties is used ! But I have > to provide also the callback class, if I don't, I get > an exception: > > Exception in thread "main" org.apache.ws.security.WSSecurityException: > WSHandler: application provided null or empty password > > The callback class must be specified and it must provide a password, > but the password in not used then, as I can specify a wrong password > there and it still works. > > > Martin --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
