Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-4049

Check external CryptoProvider from message context properties in Wss4jInInterceptor

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.5.1
    • Fix Version/s: 2.4.7, 2.5.3
    • Component/s: Core
    • Labels:
      None
    • Environment:

      Windows

    • Estimated Complexity:
      Unknown
    • CXF Fields:
      Blocked on External

      Description

      Hi,

      Just a small improvements in Wss4jInInterceptor.
      Normally CryptoProvider doesn't instantiated directly via CryptoFactory, but firstly tried to obtained from message context properties (SecurityConstants.ENCRYPT_CRYPTO, SecurityConstants.SIGNATURE_CRYPTO). And only if the properties are not set, CryptoProvider is instantiated via CryptoFactory. This gives the possibility to replace Merlin CryptoProvider to custom one (probably non keystore based).
      AbstractBindingBuilder, XmlSignHandler, SAMLUtils are working in this way.

      Unfortunatelly it is not the case for Wss4jInInterceptor. It doesn't initializes crypto provider in RequestData and crypto provider is always created via CryptoFactory. It makes impossible to use custom implementation of CryptoProvider in incoming chain.

      Patch is attached.

      Regards,
      Andrei.

        Attachments

        1. WSS4JInInterceptor.patch
          1 kB
          Andrei Shakirin
        2. WSS4JInInterceptor.patch
          1 kB
          Andrei Shakirin

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              ashakirin Andrei Shakirin
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: