[
https://issues.apache.org/jira/browse/CXF-3924?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved CXF-3924.
--------------------------------------
Resolution: Fixed
> Support to configure keystore per SAML realm
> --------------------------------------------
>
> Key: CXF-3924
> URL: https://issues.apache.org/jira/browse/CXF-3924
> Project: CXF
> Issue Type: Improvement
> Components: Services
> Affects Versions: 2.5
> Reporter: Oliver Wulff
> Assignee: Colm O hEigeartaigh
> Fix For: 2.5.1
>
> Attachments: git.diff.patch
>
>
> You can configure the keystore in the properties file you configure using the
> attribute signaturePropertiesFile of the StaticSTSProperties class which is
> shared by all SAMLRealms. If you store several keys in one keystore, you can
> configure the signatureAlias in each SAMLRealm.
> It's best practise to not share several private keys in a single java
> keystore. If you configure several realms in your STS deployment and each
> realm uses a different key to sign the saml assertion you must store all
> private keys in one java keystore.
> Enhancement description:
> Add the signaturePropertiesFile to the SAMLRealm too which is optional but if
> configured has higher priority than signaturePropertiesFile in
> StaticSTSProperties.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
