hi,
I am using a WSS4J with Axis 1.x to sign SOAP message on my web service
client.
The client works fine when I use PWcallback in client-config.wsdd and
hardcoded the password for
my private key in the PWcallback class.
But I would like to actually put the password of my private key in
crypto.properties as plain text. yes, I
understand this is not a good practice, but lets presume this is not an
issue in my case.
So I removed the 'user' and 'PWcallback' parameters in client-config.wsdd :
----------------------------------------
<handler
type="java:org.apache.ws.axis.security.WSDoAllSender">
<parameter name="action"
value="Signature" />
<!--
<parameter name="user" value="test" />
<parameter name="passwordCallbackClass"
value="test.sample.SamplePWCallback" />
-->
<parameter name="signatureKeyIdentifier"
value="IssuerSerial" />
<parameter name="signaturePropFile"
value="crypto.properties" />
</handler>
--------------------------------------------
and set them in my crypto.properties:
-----------------------------------------------------
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
org.apache.ws.security.crypto.merlin.keystore.alias=test
org.apache.ws.security.crypto.merlin.alias.password=xxxxx
org.apache.ws.security.crypto.merlin.file=xxx.p12
But the application complains it can't find the 'user' and 'password'
for the private key required for signing.
It appears the 'org.apache.ws.security.crypto.merlin.alias.password' and
'org.apache.ws.security.crypto.merlin.keystore.alias'
in crypto.properties simply won't work?
Many thanks,
Kang
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
