'[jira] [Commented] (WSS-294) Merlin doesn't support physical'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xmlrpc-user
Subject:    [jira] [Commented] (WSS-294) Merlin doesn't support physical
From:       "rotem a (JIRA)" <jira () apache ! org>
Date:       2011-06-29 6:05:30
Message-ID: 617123902.1334.1309327530874.JavaMail.tomcat () hel ! zones ! apache ! org
[Download RAW message or body]


    [ https://issues.apache.org/jira/browse/WSS-294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13057018#comment-13057018 \
] 

rotem a commented on WSS-294:
-----------------------------

The bug is when you don't set the value of
org.apache.ws.security.crypto.merlin.keystore.file, Merlin won't initialize
the keystore (via the load method).
Smart card reader doesn't have keystore.file location, and can be loaded by
supplying null to the load method.
Because Merlin doesn't do so, the keystore is not loaded and an exception
will be thrown when we try to find the key alias in the keystore.

Rotem

On Tue, Jun 28, 2011 at 2:29 PM, Colm O hEigeartaigh (JIRA) <jira@apache.org



> Merlin doesn't support physical providers with no keystore file
> ---------------------------------------------------------------
> 
> Key: WSS-294
> URL: https://issues.apache.org/jira/browse/WSS-294
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Handlers
> Affects Versions: 1.6.1
> Environment: using PKCS11 provider
> Reporter: rotem a
> Assignee: Colm O hEigeartaigh
> Original Estimate: 1h
> Remaining Estimate: 1h
> 
> At Merlin.loadProperties, in order for the load method to be called, there must be \
> a non null inputStream. In case of physical keystore (like smart card), there is no \
> keystore inputStream, the keystore is not loaded and later on we'll get an error \
> when we try to retrive a certificate from the keystore.
> The solution is to allow not getting a keystore file and in this case just send a \
> null inputStream to the load method (it works). There is a workaround: creating a \
> new class which extends Merlin and just override the loadProperties method (though \
> it's not perfect cause we can't set the loadCACerts property (it's private).

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic