V
Vijay Pandey
hello
I have a user name for certificate policy in web service and using wse 3.0.
I need to build a java client using wss4j.
My .Net policy looks like
<policy name="STEPPolicySignBeforeEncryptAndEncryptSignature">
<compressionAssertion compressionMode="GZip" threshold="0"/>
<usernameForCertificateSecurity establishSecurityContext="false"
renewExpiredSecurityContext="false" requireSignatureConfirmation="false"
messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
requireDerivedKeys="true" ttlInSeconds="300">
<serviceToken>
<x509 storeLocation="CurrentUser" storeName="My"
findValue="CN=STepCertficate" findType="FindBySubjectDistinguishedName" />
</serviceToken>
<protection>
<request signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="true" />
<response signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="true" />
<fault signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="false" />
</protection>
</usernameForCertificateSecurity>
<requireActionHeader />
</policy>
Can you please tell me how to generate corresponding policy (deployment
descriptor) for wss4j. I am able to make deployment descriptor for UserName
Token that is usernameOverTransportSecurity.
1. I have X.509 certificates installed in personal store, so I will need to
use this certificate for encryption.
Thank you in advance for any help.
I have a user name for certificate policy in web service and using wse 3.0.
I need to build a java client using wss4j.
My .Net policy looks like
<policy name="STEPPolicySignBeforeEncryptAndEncryptSignature">
<compressionAssertion compressionMode="GZip" threshold="0"/>
<usernameForCertificateSecurity establishSecurityContext="false"
renewExpiredSecurityContext="false" requireSignatureConfirmation="false"
messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
requireDerivedKeys="true" ttlInSeconds="300">
<serviceToken>
<x509 storeLocation="CurrentUser" storeName="My"
findValue="CN=STepCertficate" findType="FindBySubjectDistinguishedName" />
</serviceToken>
<protection>
<request signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="true" />
<response signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="true" />
<fault signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="false" />
</protection>
</usernameForCertificateSecurity>
<requireActionHeader />
</policy>
Can you please tell me how to generate corresponding policy (deployment
descriptor) for wss4j. I am able to make deployment descriptor for UserName
Token that is usernameOverTransportSecurity.
1. I have X.509 certificates installed in personal store, so I will need to
use this certificate for encryption.
Thank you in advance for any help.