Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Signing a XML request

Posted on 2011-03-15
2
Medium Priority
?
574 Views
Last Modified: 2012-05-11
Hi, I want to sign a XMl request using Axis WSS4J framework, and I had a question related to this. Before that, here is what I have got:

A JKS keystore:
*******************
Keystore type: jks
Keystore provider: SUN

Alias name: business
Creation date: 7/03/2011
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Test Test, OU=Test, O=Test, L=Test, ST=Test, C=IN
Issuer: CN=Test Test, OU=Test, O=Test, L=Test, ST=Test, C=IN
Serial number: 4d74a0ac
Valid from: Mon Mar 07 20:09:00 EST 2011 until: Sun Jun 05 19:09:00 EST 2011
Certificate fingerprints:
         MD5:  09:55:E3:C2:A8:60:D6:4E:E2:56:6A:07:0D:57:4A:66
         SHA1: 30:9B:7C:CC:E2:D0:89:1A:43:34:E8:33:C7:8D:AD:FA:A6:CB:81:30
**************

a WSDD file with following entries (along with others)
**************
<requestFlow >
    <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
    <parameter name="action" value="Signature"/>
    <parameter name="signatureKeyIdentifier" value="DirectReference"/>
    <parameter name="user" value="business"/>
    <parameter name="SIG_PROP_FILE" value="crypto.properties"/>  
     </handler>
   </requestFlow >
*****************

crypto.properties
*********************

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=mykeystore
org.apache.ws.security.crypto.merlin.keystore.alias=business
org.apache.ws.security.crypto.merlin.file=<dir-name>/mykeystore
**********************

My keystore contains both the public key (embedded in the certificate) and the private key which is not visible (but it is there since I used -genkey option that creates the pair. I also verified by extracting the private key through java code).

My first question is whether <parameter name="user" value="business"/> property in the WSDD file enable handler to pick the private key for signing? I am asking because both the public and the private key are there and they are being referenced by the single alias i.e. "business". So, how would handler know which key to use to sign the XML request.

any help please?

Thanks a lot.
Leo

0
Comment
Question by:LeoKris
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 92

Accepted Solution

by:
objects earned 2000 total points
ID: 35144975
> So, how would handler know which key to use to sign the XML request.

private keys are used for signing, not public keys
0
 

Author Closing Comment

by:LeoKris
ID: 35145056
Thanks objects.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Viewers learn how to read error messages and identify possible mistakes that could cause hours of frustration. Coding is as much about debugging your code as it is about writing it. Define Error Message: Line Numbers: Type of Error: Break Down…
This theoretical tutorial explains exceptions, reasons for exceptions, different categories of exception and exception hierarchy.
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question