[prev in list] [next in list] [prev in thread] [next in thread]
List: xmlrpc-user
Subject: [jira] [Created] (WSS-551) Property passwordEncryptorInstance is not honored
From: "Wladislaw Mitzel (JIRA)" <jira () apache ! org>
Date: 2015-08-22 1:22:46
Message-ID: JIRA.12858017.1440206564000.135977.1440206566079 () Atlassian ! JIRA
[Download RAW message or body]
Wladislaw Mitzel created WSS-551:
------------------------------------
Summary: Property passwordEncryptorInstance is not honored
Key: WSS-551
URL: https://issues.apache.org/jira/browse/WSS-551
Project: WSS4J
Issue Type: Bug
Affects Versions: 2.0.5
Reporter: Wladislaw Mitzel
Assignee: Colm O hEigeartaigh
The configuration documentation says
> > Tag name || Tag value || Tag meaning ||
> *WSS4J 2.0.0* PASSWORD_ENCRYPTOR_INSTANCE | passwordEncryptorInstance | A \
> PasswordEncryptor instance used to decrypt encrypted passwords in Crypto properties \
> files. The default is the JasyptPasswordEncryptor. |
When configuring a {{passwordEncryptorInstance}} for {{WSS4JOutInterceptor}} (line \
20) the property is not honored. {code:xml|linenumbers=true}
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" \
xmlns:jaxws="http://cxf.apache.org/jaxws" \
xsi:schemaLocation="http://www.springframework.org/schema/beans \
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd \
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
<jaxws:endpoint id="hello" address="/hello"
implementor="de.wlami.wss4jexample.Service">
<jaxws:outInterceptors>
<bean id="TimestampSignEncrypt_Response"
class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Timestamp Signature" />
<entry key="user" value="servicekey" />
<entry key="signaturePropFile" value="serviceKeystore.properties" />
<entry key="encryptionPropFile" value="serviceKeystore.properties" />
<entry key="encryptionUser" value="useReqSigCert" />
<entry key="passwordCallbackClass" \
value="de.wlami.wss4jexample.PasswordCallback" />
<entry key="passwordEncryptorInstance" \
value-ref="customPasswordEncrypter" /> </map>
</constructor-arg>
</bean>
</jaxws:outInterceptors>
</jaxws:endpoint>
<bean id="customPasswordEncrypter" \
class="de.wlami.wss4jexample.CustomPasswordEncrypter"></bean>
</beans>
{code}
The only code which seems to use the documented property is located in \
{{org.apache.wss4j.stax.ConfigurationConverter.parseCrypto(Map<String, Object>, \
WSSSecurityProperties)}}. However this method is only called from test classes as far \
as i could see. Using the given configuration the default {{JasyptPasswordEncryptor}} \
is created instead of the configured class.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic