Solved

Signing a XML request

Posted on 2011-03-15
2
564 Views
Last Modified: 2012-05-11
Hi, I want to sign a XMl request using Axis WSS4J framework, and I had a question related to this. Before that, here is what I have got:

A JKS keystore:
*******************
Keystore type: jks
Keystore provider: SUN

Alias name: business
Creation date: 7/03/2011
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Test Test, OU=Test, O=Test, L=Test, ST=Test, C=IN
Issuer: CN=Test Test, OU=Test, O=Test, L=Test, ST=Test, C=IN
Serial number: 4d74a0ac
Valid from: Mon Mar 07 20:09:00 EST 2011 until: Sun Jun 05 19:09:00 EST 2011
Certificate fingerprints:
         MD5:  09:55:E3:C2:A8:60:D6:4E:E2:56:6A:07:0D:57:4A:66
         SHA1: 30:9B:7C:CC:E2:D0:89:1A:43:34:E8:33:C7:8D:AD:FA:A6:CB:81:30
**************

a WSDD file with following entries (along with others)
**************
<requestFlow >
    <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
    <parameter name="action" value="Signature"/>
    <parameter name="signatureKeyIdentifier" value="DirectReference"/>
    <parameter name="user" value="business"/>
    <parameter name="SIG_PROP_FILE" value="crypto.properties"/>  
     </handler>
   </requestFlow >
*****************

crypto.properties
*********************

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=mykeystore
org.apache.ws.security.crypto.merlin.keystore.alias=business
org.apache.ws.security.crypto.merlin.file=<dir-name>/mykeystore
**********************

My keystore contains both the public key (embedded in the certificate) and the private key which is not visible (but it is there since I used -genkey option that creates the pair. I also verified by extracting the private key through java code).

My first question is whether <parameter name="user" value="business"/> property in the WSDD file enable handler to pick the private key for signing? I am asking because both the public and the private key are there and they are being referenced by the single alias i.e. "business". So, how would handler know which key to use to sign the XML request.

any help please?

Thanks a lot.
Leo

0
Comment
Question by:LeoKris
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 92

Accepted Solution

by:
objects earned 500 total points
ID: 35144975
> So, how would handler know which key to use to sign the XML request.

private keys are used for signing, not public keys
0
 

Author Closing Comment

by:LeoKris
ID: 35145056
Thanks objects.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
In this post we will learn different types of Android Layout and some basics of an Android App.
Viewers learn how to read error messages and identify possible mistakes that could cause hours of frustration. Coding is as much about debugging your code as it is about writing it. Define Error Message: Line Numbers: Type of Error: Break Down…
Viewers will learn about the different types of variables in Java and how to declare them. Decide the type of variable desired: Put the keyword corresponding to the type of variable in front of the variable name: Use the equal sign to assign a v…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question