Can you have a look (google :-) ) for the option "useReqSigCert"? At least in the WSS4J Axis handler this oprion triggers a specical action. This could be the option you a looking for. Ther sever uses the clients's certificate to encrypt the response, the client uses its certificate to sign its request, the clients must use "DirectReference" to submit its certificate in the request. This works for any number of clients.
I don't know if this option is also available in CFX. Regards, Werner Cleber Moura schrieb: > Hi, > > I have the fallowing scenario: > > Server Side: > A webservice deployed on JBoss with CXF Stack for webservices. Using > ws-security for signing and encryptation of IN and OUT messages with X509 > certificates. > > Cliente Side: > Multiple clients also using ws-security for signing and encryptation of IN > and OUT messages. > > The question is: How can the server encrypt the OUT message with the same > certificate of the IN message? The samples I've found only have the 1-to-1 > scenario (one server to one client). > > Thanks! > > Cleber. > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
