'[jira] [Created] (WSS-551) Property passwordEncryptorInstance is not honored'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xmlrpc-user
Subject:    [jira] [Created] (WSS-551) Property passwordEncryptorInstance is not honored
From:       "Wladislaw Mitzel (JIRA)" <jira () apache ! org>
Date:       2015-08-22 1:22:46
Message-ID: JIRA.12858017.1440206564000.135977.1440206566079 () Atlassian ! JIRA
[Download RAW message or body]

Wladislaw Mitzel created WSS-551:
------------------------------------

             Summary: Property passwordEncryptorInstance is not honored
                 Key: WSS-551
                 URL: https://issues.apache.org/jira/browse/WSS-551
             Project: WSS4J
          Issue Type: Bug
    Affects Versions: 2.0.5
            Reporter: Wladislaw Mitzel
            Assignee: Colm O hEigeartaigh


The configuration documentation says
> > Tag name || Tag value || Tag meaning ||
> *WSS4J 2.0.0* PASSWORD_ENCRYPTOR_INSTANCE | passwordEncryptorInstance |	A \
> PasswordEncryptor instance used to decrypt encrypted passwords in Crypto properties \
> files. The default is the JasyptPasswordEncryptor. |

When configuring a {{passwordEncryptorInstance}} for {{WSS4JOutInterceptor}} (line \
20) the property is not honored.  {code:xml|linenumbers=true}
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" \
xmlns:jaxws="http://cxf.apache.org/jaxws"  \
xsi:schemaLocation="http://www.springframework.org/schema/beans \
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd  \
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">

  <jaxws:endpoint id="hello" address="/hello"
    implementor="de.wlami.wss4jexample.Service">
    <jaxws:outInterceptors>
      <bean id="TimestampSignEncrypt_Response"
        class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
        <constructor-arg>
          <map>
            <entry key="action" value="Timestamp Signature" />
            <entry key="user" value="servicekey" />
            <entry key="signaturePropFile" value="serviceKeystore.properties" />
            <entry key="encryptionPropFile" value="serviceKeystore.properties" />
            <entry key="encryptionUser" value="useReqSigCert" />
            <entry key="passwordCallbackClass" \
                value="de.wlami.wss4jexample.PasswordCallback" />
            <entry key="passwordEncryptorInstance" \
value-ref="customPasswordEncrypter" />  </map>
        </constructor-arg>
      </bean>
    </jaxws:outInterceptors>
  </jaxws:endpoint>

  <bean id="customPasswordEncrypter" \
class="de.wlami.wss4jexample.CustomPasswordEncrypter"></bean>

</beans>
{code}

The only code which seems to use the documented property is located in \
{{org.apache.wss4j.stax.ConfigurationConverter.parseCrypto(Map<String, Object>, \
WSSSecurityProperties)}}. However this method is only called from test classes as far \
as i could see. Using the given configuration the default {{JasyptPasswordEncryptor}} \
is created instead of the configured class. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic