Encrypting Response w/Client's Public Key
I have a basic web service working using Spring-WS secured using XWS. Basically both the client and server require encryption and both require messages to be signed. So far I have been successful in doing this; the only problem is that in my server's XWS policy file, I have to hard code the alias of the entry in the keystore for encrypting the response. What I would *LIKE* to do is have the server automatically encrypt the response using the public key that is contained within the message from the client. The problem is, I don't know how to configure this, and I can't seem to find any information on how to do this.
I would appreciate any pointers regarding this. However I'm wondering...if there's no practical way of doing this (which doesn't seem plausible), should I instead just be using a shared symmetric key for performing encryption/decryption of the messages?