users@glassfish.java.net

Re: configuring both SSL and cert authentication on glassfish

From: <glassfish_at_javadesktop.org>
Date: Thu, 11 Dec 2008 12:52:39 PST

Also my application has webservice interfaces exposed. I see that

<message-security-config auth-layer="SOAP">
          <!-- turned off by default -->
          <provider-config class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" provider-id="XWS_ClientProvider" provider-type="client">
            <request-policy auth-source="content"/>
            <response-policy auth-source="content"/>
            <property name="encryption.key.alias" value="s1as"/>
            <property name="signature.key.alias" value="s1as"/>
            <property name="dynamic.username.password" value="false"/>
            <property name="debug" value="false"/>
          </provider-config>
          <provider-config class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" provider-id="ClientProvider" provider-type="client">
            <request-policy auth-source="content"/>
            <response-policy auth-source="content"/>
            <property name="encryption.key.alias" value="s1as"/>
            <property name="signature.key.alias" value="s1as"/>
            <property name="dynamic.username.password" value="false"/>
            <property name="debug" value="false"/>
            <property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml"/>
          </provider-config>
          <provider-config class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule" provider-id="XWS_ServerProvider" provider-type="server">
            <request-policy auth-source="content"/>
            <response-policy auth-source="content"/>
            <property name="encryption.key.alias" value="s1as"/>
            <property name="signature.key.alias" value="s1as"/>
            <property name="debug" value="false"/>
          </provider-config>
          <provider-config class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule" provider-id="ServerProvider" provider-type="server">
            <request-policy auth-source="content"/>
            <response-policy auth-source="content"/>
            <property name="encryption.key.alias" value="s1as"/>
            <property name="signature.key.alias" value="s1as"/>
            <property name="debug" value="false"/>
            <property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml"/>
          </provider-config>
        </message-security-config>

in the domain.xml. So if i have any different alias chaning s1as to that alias for both ServerSecurityAuthModule and ClientSecurityAuthModule should work fine right?
[Message sent by forum member 'eligetiv' (eligetiv)]

http://forums.java.net/jive/thread.jspa?messageID=321312
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.