如何在WSS4J Spring Security中使用加密密码
[英]How to use encrypted password in WSS4J Spring Security
问题描述
我正在通过WSS4JSecurityInterceptor使用Spring WS Security。 但是,在验证签名时,我需要阅读密钥库密码。
密钥库密码将被加密。 能否在验证签名之前让我知道如何解密它?
我的配置如下:
<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
<property name="validationActions" value="Signature"/>
<property name="validationSignatureCrypto">
<bean class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
<property name="keyStorePassword" value="123456"/>
<property name="keyStoreLocation" value="classpath:/keystore.jks"/>
</bean>
</property>
</bean>
谢谢
1 个解决方案
解决方案1
4 已采纳 2013-03-07 13:51:54
使用Spring签名-Ws WSS4JSecurityInterceptor
生成的Keytool使用:
keytool -genkey -alias signFiles -keypass kpi135 -keystore akulastore.jks -storepass ab987c
生成Keytool的证书:
keytool -certreq -alias signFiles -keystore akulastore.jks -file cert.csr
将Keytool,证书放在客户端。
将Keytool放在服务器端
并进行如下配置:
Server Side Interceptor
<bean id="wsDigCerSecurityInterceptor"
class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
<property name="validationActions" value="Signature"/>
<property name="validationSignatureCrypto">
<bean
class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
<property name="keyStorePassword" value="ab987c"/>
<property name="keyStoreLocation" value="classpath:/akulastore.jks"/>
</bean>
</property>
</bean>
Client Side Interceptor
<bean id="wsDigCerSecurityInterceptor"
class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
<property name="securementActions" value="Signature"/>
<property name="securementUsername" value="signFiles"/>
<property name="securementPassword" value="kpi135"/>
<property name="securementSignatureCrypto">
<bean
class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
<property name="keyStorePassword" value="ab987c"/>
<property name="keyStoreLocation" value="classpath:/akulastore.jks"/>
</bean>
</property>
</bean>
如何在weblogic 12c上调用ws-security / wss4j CXF Webclient
[英]how to invoke ws-security/wss4j CXF webclient on weblogic 12c
使用Apache CXF注释的UsernameToken WS-Security(WSS4J)
[英]UsernameToken WS-Security with Apache CXF Annotations (WSS4J)
从我的耳朵项目开始,如何使用Apache CXF 3.X和WSS4J 2.X,而不使用JBoss 6.3.0 EAP模块中安装的CXF和WSS4J(旧)?
[英]How can I use Apache CXF 3.X and WSS4J 2.X as of my ear project and not CXF and WSS4J (older) that is installed in the modules of JBoss 6.3.0 EAP?
使用wss4j SimplePasswordValidationCallbackHandler验证选择性Spring Web服务
[英]Authenticating selective spring web serrvices using wss4j SimplePasswordValidationCallbackHandler
Signing SOAP header using Wss4j in Spring throwing errors “Caused by: java.security.UnrecoverableKeyException: Given final block not properly padded”
[英]Signing SOAP header using Wss4j in Spring throwing errors “Caused by: java.security.UnrecoverableKeyException: Given final block not properly padded”
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
如何在wss4j 1.6中验证没有密码的UsernameToken?
如何让WSS4J从回调中加载密钥库密码?
WSS4j 1.5:如何跳过密码验证?
如何在weblogic 12c上调用ws-security / wss4j CXF Webclient
wss4j的Apache CXF Web服务安全性问题
使用Apache CXF注释的UsernameToken WS-Security(WSS4J)
从我的耳朵项目开始,如何使用Apache CXF 3.X和WSS4J 2.X,而不使用JBoss 6.3.0 EAP模块中安装的CXF和WSS4J(旧)?
使用wss4j SimplePasswordValidationCallbackHandler验证选择性Spring Web服务
Signing SOAP header using Wss4j in Spring throwing errors “Caused by: java.security.UnrecoverableKeyException: Given final block not properly padded”
Apache CXF / WSS4J证书验证
相关标签