Reading a certificate (public key) from a keystore does not require a password - no callback (if my memory serves me right :-) )
Usualy you need a password for the private key only: - during creation of the Signature (signing is with private key) - decryption requires the private key of the receiver to decrypt the session key (sender encrypts this with public key of receiver) Regards, Werner > -----Ursprüngliche Nachricht----- > Von: ext Glen Mazza [mailto:[EMAIL PROTECTED] > Gesendet: Freitag, 25. Juli 2008 05:10 > An: [email protected] > Betreff: Re: Does WSS4J need key passwords to read public > keys from a truststore? > > > No, my goal is Sig/Encrypt/Timestamp. Anyway, I'll continue > coding it, and > let you know if it turns out that WSS4J is asking for a key > (not keystore) > password to obtain a public certificate in a truststore. I > don't think it > will though. > > Thanks, > Glen > > > Fred Dushin-4 wrote: > > > > Are you sure a callback is needed if your action is only Signature > > (and Timestamp)? Y/Our client.xml [1] has Encrypt as an action. > > > > You should not need a callback for signature only, I'm > pretty sure, > > though my experience has been writing against lower-level > WSS4J APIs. > > > > Sorry, should be reading the CXF lists more closely... > > > > -Fred > > > > [1] > > > http://svn.apache.org/viewvc/cxf/trunk/systests/src/test/java/ > org/apache/cxf/systest/ws/security/client.xml?revision=679390& view=markup > > > > On Jul 24, 2008, at 5:53 PM, Glen Mazza wrote: > > > >> > >> Hello, I asked this question this morning on the CXF list--no > >> response--but > >> since it seems to be at least as much WSS4J related as > CXF-related, > >> I was > >> wondering if anybody here could answer it: > >> > >> > http://www.nabble.com/KeystorePasswordCallback-in-CXF%27s-WS-S ecurity-sample-tc18631505.html > >> > >> Thanks, > >> Glen > >> -- > >> View this message in context: > >> > http://www.nabble.com/Does-WSS4J-need-key-passwords-to-read-pu blic-keys-from-a-truststore--tp18641318p18641318.html > >> Sent from the WSS4J mailing list archive at Nabble.com. > >> > >> > >> > --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > -- > View this message in context: > http://www.nabble.com/Does-WSS4J-need-key-passwords-to-read-pu blic-keys-from-a-truststore--tp18641318p18644439.html > Sent from the WSS4J mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
