Question
I am using CXF for my webservice security. I have the following configuration:
https://stackoverflow.com/questions/23363138
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian <entry key="ws-security.callback-handler" value="PasswordCallbackHandler"/>
<entry key="ws-security.encryption.properties" value="WEB-INF/keystore.properties"/>
<entry key="ws-security.signature.properties" value="WEB-INF/keystore.properties"/>
<entry key="ws-security.encryption.username" value="useReqSigCert"/>
Currently we store the password in keystore.properties as plaintext password. I want to store an encrypted password and then have that used to log into the keystore.
Any idea what i need to do?
Thanks
Solution
CXF 3.0.0 supports using encrypted passwords in Crypto properties files. The CallbackHandler must supply the password used to decrypt the encrypted password in this scenario. See here for more information:
http://ws.apache.org/wss4j/newfeatures20.html
http://coheigea.blogspot.ie/2014/02/apache-wss4j-200-part-iv.html
Colm.
