Uploaded image for project: 'WSS4J'
  1. WSS4J
  2. WSS-287

No longer use keystore for truststore purposes if the latter is explicitly specified.

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 1.6
    • 1.6.1
    • None
    • None

    Description

      According to this blog entry: http://coheigea.blogspot.com/2011/01/wss4j-16-crypto-property-change.html

      Quote: "One final note - when building a validation chain to validate a received credential, WSS4J uses both the truststore and the keystore. This is for backwards compatibility reasons, where the user does not specify a truststore using the new config."

      Recommend switching this algorithm to not use the keystore for validation if the truststore is explicitly validated.

      Attachments

        Activity

          People

            coheigea Colm O hEigeartaigh
            gmazza Glen Mazza
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: