| Author |
Encrypt org.apache.ws.security.crypto.merlin.keystore.password
|
Ed Lee
Greenhorn
Joined: May 16, 2007
Posts: 5
|
|
Would it be possible to have the property field of org.apache.ws.security.crypto.merlin.keystore.password encrypted similarly to the passwordCallbackClass so the password is not hardcoded and visible in the services.xml?
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
<ramp:user>service</ramp:user>
<ramp:passwordCallbackClass>ServiceCallback</ramp:passwordCallbackClass>
<ramp:policyValidatorCbClass>CustomPolicyBasedResultsValidator</ramp:policyValidatorCbClass>
<ramp:signatureCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
</ramp:RampartConfig>
|
 |
R Srini
Ranch Hand
Joined: Feb 19, 2010
Posts: 215
|
|
Hi. I don't have experience with Rampart per se, but this type of thing is usually done by specifying a callback class, e.g. class PWCallback extends javax.security.auth.callback.CallbackHandler. A few links:
- Search for passwordCallbackClass in this page.
- Sun tutorial
- org.apache.ws.security.WSPasswordCallback - also has a nice example
Hope that helps.
|
|
 |
|
|
subject: Encrypt org.apache.ws.security.crypto.merlin.keystore.password
|
|
|
0
