Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-8811

Support useReqSigCert for encrypting the responses from JAX-RS JOSE

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • None
    • None
    • JAX-RS Security
    • None
    • Unknown

    Description

      Cloned a similar issue. Is it possible to get this feature for endpoints using JAX-RS JOSE? That is, using the JwsSignatureVerifier used to validate the signature to encrypt the response.

      WS endpoints can get a ws.security.encryption.username property set to 'useReqSigCert', meaning that the specific client certificate use to create a signature of the payload needs to be used for encrypting the outbound payload.

      RS endpoints need to support this mode too. Additionally, the in signature and encryption interceptors on both the client and server ends need to default (two-way POSTs) to using the encryption properties for the signature validation and the signature properties for the decryption, in line with the way WS endpoints operate.

      Attachments

        Issue Links

          is a clone of

          Improvement - An improvement or enhancement to an existing feature or task. CXF-4274 Support useReqSigCert for encrypting the responses from JAX-RS endpoints

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #1303

          Activity

            People

              sergey_beryozkin Sergey Beryozkin
              markush Markus Haugsdal
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated: