You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Wss4jSecurityInterceptor does not support setting a separate password for the signature. Currently, when configuring the interceptor with both UsernameToken and signature, it uses the same password for both (Wss4jSecurityInterceptor#setSecurementPassword), making it impossible to specify different passwords for the UsernameToken and the signature.
This limitation makes it difficult to implement security setups that require different credentials for username authentication and digital signatures.
Current workaround I found is to extend the Wss4jSecurityInterceptor and override the request data initialization by specifying the password callback handler.
However, it seems logical to add a dedicated setSecurementSignaturePassword() method, as it is already possible to specify a separate user for the certificate alias - setSecurementSignatureUser.
The text was updated successfully, but these errors were encountered:
The
Wss4jSecurityInterceptordoes not support setting a separate password for the signature. Currently, when configuring the interceptor with both UsernameToken and signature, it uses the same password for both (Wss4jSecurityInterceptor#setSecurementPassword), making it impossible to specify different passwords for the UsernameToken and the signature.This limitation makes it difficult to implement security setups that require different credentials for username authentication and digital signatures.
Current workaround I found is to extend the
Wss4jSecurityInterceptorand override the request data initialization by specifying the password callback handler.However, it seems logical to add a dedicated
setSecurementSignaturePassword()method, as it is already possible to specify a separate user for the certificate alias -setSecurementSignatureUser.The text was updated successfully, but these errors were encountered: