0 Replies Latest reply on Aug 3, 2015 7:52 AM by Kamil Roman

    WS-Security signature key depending on request data in EAP 6.1

    Kamil Roman Newbie

      Hi,

      is there a way of signing a response WS-Security signature-enabled endpoint with key selected based on request data?

      E.g. I have a request like

      <request keyAliast="alias">

      <!-- some other request data -->

      </request>

       

      and I want to sign the response with key called "alias". Now I get another request to the same endpoint

      <request keyAliast="someOtherKeyAlias">

      <!-- some other request data -->

      </request>

       

      and I sign the response with key called "someOtherKeyAlias"

       

      What I think of is to remove the standard signature config from the endpoint configuration and add the signature via an Interceptor. However, how can one access a magical Apache CXF method, which would add the signature, e.g. SomeCxfClass.addWsSecuritySignatureToRequest(request, keyAlias) ? Or is there some better way to achieve this?