Andrei Shakirin created CXF-5926:
------------------------------------
Summary: Extend SSL KeyManagers with password callback handler
Key: CXF-5926
URL: https://issues.apache.org/jira/browse/CXF-5926
Project: CXF
Issue Type: Improvement
Components: Core
Reporter: Andrei Shakirin
Currently user can specify password for private key in SSL KeyManager
configuration only explicitly:
{code}
<http:conduit name="https://localhost:.*/customerservice/.*";>
<http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000" />
<http:tlsClientParameters>
<sec:keyManagers keyPassword="ckpass">
<sec:keyStore file="src/main/config/clientKeystore.jks"
password="cspass" type="JKS" />
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore file="src/main/config/clientKeystore.jks"
password="cspass" type="JKS" />
</sec:trustManagers>
</http:tlsClientParameters>
</http:conduit>
{code}
There are some users requests to support password callback handler as well.
Proposal is to introduce optional attribute keyPasswordCallbackHandler in
keyManagers element. This attribute will contain full class name implementing
JSE CallbackHandler interface and expecting PasswordCallback element in input
array. Path to keystore will be used as identifier in PasswordCallback.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
