> Line 102 and Line 121, does the WSS4J Action here "Timestamp Signature > Encrypt" mean the same thing as "Use the X.509 Token Profile" I.e., those > three actions are used to activate X.509 profiles?
I don't follow you here. The X.509 Token Profile is largely about how to reference X.509 certificates, i.e. for the case of signature to point to the public key required to verify the signature. This can be configured via WSHandlerConstants.SIG_KEY_ID and WSHandlerConstants.ENC_KEY_ID. > But then tells us at the bottom what we need to do to subsequently sign > the message: > outProps.put(WSHandlerConstants.ACTION, "Signature"); The documentation should probably use WSHandlerConstants.SIGNATURE rather than "Signature". > Which would overwrite the previous value. What if we want both Username > Tokens *and* Signing--is it as simple as this: > outProps.put(WSHandlerConstants.ACTION, "UsernameToken Signature"); Yup that's it. The security config file you reference has: <entry key="action" value="Timestamp Signature Encrypt"/> Colm. -----Original Message----- From: Glen Mazza [mailto:[EMAIL PROTECTED] Sent: 04 July 2008 14:27 To: [email protected] Subject: Two more questions on CXF & WSS4J Hello, for the following CXF security config file: http://tinyurl.com/5mgyh5 Line 102 and Line 121, does the WSS4J Action here "Timestamp Signature Encrypt" mean the same thing as "Use the X.509 Token Profile" I.e., those three actions are used to activate X.509 profiles? Also, the CXF WS-Security UsernameToken guide, which I've been adding some updates to: http://cwiki.apache.org/CXF20DOC/ws-security.html#WS-Security-Configurin gWSSecurityActions Tells us to use this action for Username Tokens: outProps.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); But then tells us at the bottom what we need to do to subsequently sign the message: outProps.put(WSHandlerConstants.ACTION, "Signature"); Which would overwrite the previous value. What if we want both Username Tokens *and* Signing--is it as simple as this: outProps.put(WSHandlerConstants.ACTION, "UsernameToken Signature"); Thanks, Glen -- View this message in context: http://www.nabble.com/Two-more-questions-on-CXF---WSS4J-tp18279527p18279 527.html Sent from the WSS4J mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ---------------------------- IONA Technologies PLC (registered in Ireland) Registered Number: 171387 Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
