Check external CryptoProvider from message context properties in
Wss4jInInterceptor
-----------------------------------------------------------------------------------
Key: CXF-4049
URL: https://issues.apache.org/jira/browse/CXF-4049
Project: CXF
Issue Type: Improvement
Components: Core
Affects Versions: 2.5.1
Environment: Windows
Reporter: Andrei Shakirin
Attachments: WSS4JInInterceptor.patch
Hi,
Just a small improvements in Wss4jInInterceptor.
Normally CryptoProvider doesn't instantiated directly via CryptoFactory, but
firstly tried to obtained from message context properties
(SecurityConstants.ENCRYPT_CRYPTO, SecurityConstants.SIGNATURE_CRYPTO). And
only if the properties are not set, CryptoProvider is instantiated via
CryptoFactory. This gives the possibility to replace Merlin CryptoProvider to
custom one (probably non keystore based).
AbstractBindingBuilder, XmlSignHandler, SAMLUtils are working in this way.
Unfortunatelly it is not the case for Wss4jInInterceptor. It doesn't
initializes crypto provider in RequestData and crypto provider is always
created via CryptoFactory. It makes impossible to use custom implementation of
CryptoProvider in incoming chain.
Patch is attached.
Regards,
Andrei.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
