Major Description
The configuration documentation says
| Tag name | Tag value | Tag meaning |
|---|---|---|
| WSS4J 2.0.0 PASSWORD_ENCRYPTOR_INSTANCE | passwordEncryptorInstance | A PasswordEncryptor instance used to decrypt encrypted passwords in Crypto properties files. The default is the JasyptPasswordEncryptor. |
When configuring a passwordEncryptorInstance for WSS4JOutInterceptor (line 20) the property is not honored.
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> <jaxws:endpoint id="hello" address="/hello" implementor="de.wlami.wss4jexample.Service"> <jaxws:outInterceptors> <bean id="TimestampSignEncrypt_Response" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <constructor-arg> <map> <entry key="action" value="Timestamp Signature" /> <entry key="user" value="servicekey" /> <entry key="signaturePropFile" value="serviceKeystore.properties" /> <entry key="encryptionPropFile" value="serviceKeystore.properties" /> <entry key="encryptionUser" value="useReqSigCert" /> <entry key="passwordCallbackClass" value="de.wlami.wss4jexample.PasswordCallback" /> <entry key="passwordEncryptorInstance" value-ref="customPasswordEncrypter" /> </map> </constructor-arg> </bean> </jaxws:outInterceptors> </jaxws:endpoint> <bean id="customPasswordEncrypter" class="de.wlami.wss4jexample.CustomPasswordEncrypter"></bean> </beans>
The only code which seems to use the documented property is located in org.apache.wss4j.stax.ConfigurationConverter.parseCrypto(Map<String, Object>, WSSSecurityProperties). However this method is only called from test classes as far as i could see. Using the given configuration the default JasyptPasswordEncryptor is created instead of the configured class.