Announcement Announcement Module
No announcement yet.
WS-Security with own siging logic Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • WS-Security with own siging logic

    I have a backend service with the following services:
    - signing a message
    - validating a message signature

    I want (have to) to use the backend services to excute the signing and validating of a WS-Security webservice call.

    The only hook i could find in the signing mechanism is configuring my own CryptoProvider. However this option is not usable because i will never get the private key. (the private key is safely stored in the dep box)

    Does somebody know how to use my own siging services together with WS-Security?

  • #2
    Are you sure you want WS-Signature? Or do you just want XML-DSIG? In the latter case, it's pretty easy to write an EndpointInterceptor which does that...


    • #3
      Do I have to write my own soap headers (like ds:signature element in the SOAP-ENV:Header element) with XML-DSIG?


      • #4
        Not really. There is JSR 105 for XML DSig, see here You can use that API, for instance. Or use