Encryption with a UsernameToken is (almost) broken
--------------------------------------------------
Key: WSS-228
URL: https://issues.apache.org/jira/browse/WSS-228
Project: WSS4J
Issue Type: Bug
Components: WSS4J Core
Affects Versions: 1.5.8
Reporter: Evan Leonard
Assignee: Ruchith Udayanga Fernando
We just upgraded from 1.5.2 to 1.5.8 and our code for encryption w/ a username
token broke.
Basically WSSecEncrypt now requires that prepare is called before getId. Our
code was not calling prepare in this case so getId was returning "null" which
obviously doesn't work.
Adding a call to prepare would be a simple fix if it didn't take an initialized
crypto instance. In the case of using a UsernameToken there is no certificates
involved, and we don't have any easily available in this code path. So I had to
come up with this ugly work around:
WSSecEncrypt builder = new WSSecEncrypt();
...
KeyStore keystore = KeyStore.getInstance("JKS");
CustomCrypto crypto = new CustomCrypto(keystore); //custom class to allow dire
KeyStore store = CryptoUtils.loadCaCerts(); //loads the JVM cacerts keystore.
Enumeration<String> aliases = store.aliases();
String anAlias = aliases.nextElement();
crypto.setKeyStore(store);
builder.setUserInfo(anAlias);
builder.prepare(doc,crypto);
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
