I try to use this option already, but it doesn´t work. It raises an exception with the message: "No certificates for user useReqSigCert were found for encryption".
As a workaround I did override the method handleMessage from WSS4JOutInterceptor class to set the property "encriptionUser" with the same user from IN message. Thanks. 2009/6/6 Werner Dittmann <[email protected]> > Can you have a look (google :-) ) for the option "useReqSigCert"? > At least in the WSS4J Axis handler this oprion triggers a specical > action. This could be the option you a looking for. Ther sever > uses the clients's certificate to encrypt the response, the client > uses its certificate to sign its request, the clients must use > "DirectReference" to submit its certificate in the request. This > works for any number of clients. > > I don't know if this option is also available in CFX. > > Regards, > Werner > > Cleber Moura schrieb: > > Hi, > > > > I have the fallowing scenario: > > > > Server Side: > > A webservice deployed on JBoss with CXF Stack for webservices. Using > > ws-security for signing and encryptation of IN and OUT messages with X509 > > certificates. > > > > Cliente Side: > > Multiple clients also using ws-security for signing and encryptation of > IN > > and OUT messages. > > > > The question is: How can the server encrypt the OUT message with the same > > certificate of the IN message? The samples I've found only have the > 1-to-1 > > scenario (one server to one client). > > > > Thanks! > > > > Cleber. > > > >
