Hi,
WSS4J does not support proxy mode. A WSS4J server (the proxy has
a server and a client side) always tries to process _all_ security relevant
headers and information. Thus if the security header contains some
encryption related sub-headers WSS4J tries to decrypt it.
To support proxy mode WSS4J would need a specific driver similar
to the existion WSDoAll* drivers that would process only those parts
that are listed i the "action" parameters.
Currently WSS4J uses the action parameter at the server side to verify
if the actions match.
Regards,
Werner
________________________________
Von: Vijay Chiniwar (HCL Financial Services) [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 22. März 2007 16:19
An: [email protected]
Betreff: verifying signature at proxy
Hi,
I am having the following senarios
Senario1: The client sends the message using the (signature encrypt)
to the server directly
Senario2: Client sends the message to the proxy server, the proxy
server verifies only the signature and transfer the encrypted message to the
webservice, where it is decrypted
I was successfully able to complete senario1
However while execution of senario2
I am not able to verify only the signature, i cant have my private key
at the proxy server as its used in banking transactions,
When i try to verify the signature i get the error
"WSSecurityEngine: No crypto propery file supplied for decryption". I
have not specified any keys for decryption. however if i include my private key
in the keystore, things work smoothly. but i dont want to have the private key
of webservice at the proxy server, is there any way of achieving this
Thanks and Regards
Vijay Chiniwar
+49-69-910-61769
