Wss4j Certificate Signature Authentication

[David Kerwick]

Hi all,
I have an example Spring WS version 2.0.1 app working that I'm trying to add security too, I have it accepting digital signatures by using this

Code:

<sws:interceptors>
    <bean id="securityInterceptor" class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
	<property name="validationActions" value="Signature"/>
	<property name="securementActions" value="NoSecurity"/>
	<property name="validationSignatureCrypto">
	    <bean class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
	        <property name="keyStorePassword" value="*****"/>
	        <property name="keyStoreLocation" value="classpath:/server.jks"/>
	    </bean>
	</property>
    </bean>
</sws:interceptors>

I would now like to authenticate the certificate but I can't find how to do it using wss4j. Is there an equivalent to SpringCertificateValidationCallbackHandler that XwsSecurityInterceptor uses?

The docs mention Certificate Authentication
http://static.springsource.org/sprin...y.html#d4e2706

But only gives an outbound example.

Is this possible with wss4j or is xwss the way forward in spring ws security?

Thanks
David

[David Kerwick]

So unless I'm missing something (very possible) there isn't a straight forward way of doing what I want with wss4j as these seem to be the only callbacks

http://static.springsource.org/sprin...e-summary.html

Which seems to have no certificate processing.

I guess XWSS is the more supported of the two and I'll have to go with that and the Maven pain that seems to cause.

David

[mpr]

I would now like to authenticate the certificate but I can't find how to do it using wss4j. Is there an equivalent to SpringCertificateValidationCallbackHandler that XwsSecurityInterceptor uses?

I would like to repeat this question or the question "Is there a reason why not ?" which was asked in http://forum.springsource.org/showth...DetailsService before.

Martin