jonatzin
Reputation: 972
CFX using encrypted password in properties file
I am using CXF for my webservice security. I have the following configuration:
<entry key="ws-security.callback-handler" value="PasswordCallbackHandler"/>
<entry key="ws-security.encryption.properties" value="WEB-INF/keystore.properties"/>
<entry key="ws-security.signature.properties" value="WEB-INF/keystore.properties"/>
<entry key="ws-security.encryption.username" value="useReqSigCert"/>
Currently we store the password in keystore.properties as plaintext password. I want to store an encrypted password and then have that used to log into the keystore.
Any idea what i need to do?
Thanks
Upvotes: 1
Views: 1075
Answers (1)
Colm O hEigeartaigh
Reputation: 1900
CXF 3.0.0 supports using encrypted passwords in Crypto properties files. The CallbackHandler must supply the password used to decrypt the encrypted password in this scenario. See here for more information:
http://ws.apache.org/wss4j/newfeatures20.html
http://coheigea.blogspot.ie/2014/02/apache-wss4j-200-part-iv.html
Colm.
Upvotes: 1
Related Questions
- WS-security (usernametoken) for CXF - encrypted passwords possible?
- Migrating to CXF 3.2.7 -> How to solve the password related security error during SOAP RQ processing?
- how to load the cxf wss4j crypto property file from external location other than the classpath
- CXF Service throws WSSecurityException: No certificates were found for decryption (KeyId)
- WS-Security. Server response encryption. Choose encryptionUser dinamically
- WS-Security not working with CXF
- Encrypting passwords in Crypto property files
- How to define a password to wsdl in cxf-maven-plugin
- Apache CXF and WS-Security - Password Callback
- How to encrypt config file ? desktop .NET