Getting hold of the sign certificate

**kriand** · Jun 2nd, 2009, 06:11 AM

I need to create an EndpointInterceptor that extracts the certificate used to validate the signature a in previoulsy executed wss4j-interceptor.
Can the certificate be fetched from the MessageContext?

**dortman** · Jun 3rd, 2009, 12:41 PM

Originally Posted by kriand

I need to create an EndpointInterceptor that extracts the certificate used to validate the signature a in previoulsy executed wss4j-interceptor.
Can the certificate be fetched from the MessageContext?

If I am understanding what you are asking, Wss4jSecurityInterceptor seems to be doing just that. If you step through it, you can see it extract the certificate from the request.

Code:

    protected void validateMessage(SoapMessage soapMessage, MessageContext messageContext)
            throws WsSecurityValidationException {
        if (logger.isDebugEnabled()) {
            logger.debug("Validating message [" + soapMessage + "] with actions [" + validationActions + "]");
        }

        if (validationAction == WSConstants.NO_SECURITY) {
            return;
        }

        Document envelopeAsDocument = toDocument(soapMessage, messageContext);

        // Header processing
        WSSecurityEngine securityEngine = WSSecurityEngine.getInstance();

        try {
            Vector results = securityEngine
                    .processSecurityHeader(envelopeAsDocument, validationActor, validationCallbackHandler,
                            validationSignatureCrypto, validationDecryptionCrypto);

Thread: Getting hold of the sign certificate

Thread Tools

Display

Getting hold of the sign certificate

Posting Permissions