[CXF-5270] XKMS Crypto Client does not check local keystore for "locate" if the alias is actually a Subject DN - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.7.7
Component/s: Services
Labels:
None

Estimated Complexity:
Unknown

Description

The XKMS Crypto provider tries to get a Certificate for the value configured for "ws-security.encryption.username". WSS4J treats this as an "alias", and the XKMS Crypto Provider first tries to get the Certificate from a local keystore using this, before going off to the XKMS Server. However, if the encryption username is in the form of a Subject DN it will fail to retrieve the certificate locally, and always call out to the XKMS Server.

Attachments

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Colm O hEigeartaigh

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 11/Sep/13 09:50

Updated:: 27/Sep/13 18:18

Resolved:: 11/Sep/13 10:54