2 Replies Latest reply on Apr 21, 2006 11:09 AM by tet tet


    nuno oliveira Newbie

      In the link http://wiki.jboss.org/wiki/Wiki.jsp?page=WSSecurity, under "Core features" there's a mention to
      "Username tokens with JBossSX/JAAS integration"

      but no corresponding statement about X.509 tokens, which are also supported. So I would just ask someone to confirm that this isn't a typo and that there is indeed no integration with JBossSX/JAAS for digital signatures authentication via X.509 tokens as there is for the username token (and HTTPS client auth).

      I already posted this question in the security forum but was redirected here by JBoss CTO so just hope he is right and any other of you guys can help me.


        • 1. Re: WSSecurity
          Jason Greene Master

          Currently X.509 tokens are validated against a truststore that is local to the ws-security deployment. There is full support for digital signatures and encryption using them. There is not yet support for mapping this to a principal, though it could be done. There is one problem with adding support for this, which is that a WS-Security message may contain many X.509 tokens (perhaps one for signature, and one for encryption), so we would have to somehow decide to pick one.

          I have assigned this feature here (in case you choose to monitor it)



          • 2. Re: WSSecurity
            tet tet Newbie

            I am trying to run the Jbossws examples with a axis wss4j based client. All my server side stuff seems working fine as the webservice is expecting a soap headers with the security. I am looking for the client side key store with the public key based certificate. In the examples, i am not finding the client related security information. Could you please tell me how to create the client side key store with the public key.