[
https://issues.apache.org/jira/browse/WSS-228?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12869081#action_12869081
]
Colm O hEigeartaigh commented on WSS-228:
-----------------------------------------
Could you attach a code snippet to show how you were using WSSecEncrypt in
1.5.2 to encrypt with a UsernameToken?
Colm.
> Encryption with a UsernameToken is (almost) broken
> --------------------------------------------------
>
> Key: WSS-228
> URL: https://issues.apache.org/jira/browse/WSS-228
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 1.5.8
> Reporter: Evan Leonard
> Assignee: Ruchith Udayanga Fernando
>
> We just upgraded from 1.5.2 to 1.5.8 and our code for encryption w/ a
> username token broke.
> Basically WSSecEncrypt now requires that prepare is called before getId. Our
> code was not calling prepare in this case so getId was returning "null" which
> obviously doesn't work.
> Adding a call to prepare would be a simple fix if it didn't take an
> initialized crypto instance. In the case of using a UsernameToken there is no
> certificates involved, and we don't have any easily available in this code
> path. So I had to come up with this ugly work around:
> WSSecEncrypt builder = new WSSecEncrypt();
> ...
> KeyStore keystore = KeyStore.getInstance("JKS");
> CustomCrypto crypto = new CustomCrypto(keystore); //custom class to allow dire
> KeyStore store = CryptoUtils.loadCaCerts(); //loads the JVM cacerts keystore.
> Enumeration<String> aliases = store.aliases();
> String anAlias = aliases.nextElement();
> crypto.setKeyStore(store);
> builder.setUserInfo(anAlias);
> builder.prepare(doc,crypto);
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
