Announcement Announcement Module
Collapse
No announcement yet.
WS-Security with own siging logic Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • WS-Security with own siging logic

    I have a backend service with the following services:
    - signing a message
    - validating a message signature

    I want (have to) to use the backend services to excute the signing and validating of a WS-Security webservice call.

    The only hook i could find in the signing mechanism is configuring my own CryptoProvider. However this option is not usable because i will never get the private key. (the private key is safely stored in the dep box)

    Does somebody know how to use my own siging services together with WS-Security?

  • #2
    Are you sure you want WS-Signature? Or do you just want XML-DSIG? In the latter case, it's pretty easy to write an EndpointInterceptor which does that...

    Comment


    • #3
      Do I have to write my own soap headers (like ds:signature element in the SOAP-ENV:Header element) with XML-DSIG?

      Comment


      • #4
        Not really. There is JSR 105 for XML DSig, see here http://java.sun.com/developer/techni...ig_signatures/ You can use that API, for instance. Or use http://xml.apache.org/security/

        Comment

        Working...
        X