Versions Compared

Old Version 11

changes.mady.by.user Colm O hEigeartaigh

Saved on

compared with

New Version 12

changes.mady.by.user Colm O hEigeartaigh

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

rs.security.signature.key.password.provider

A reference to a PrivateKeyPasswordProvider instance used to retrieve passwords to access keys for signature. If this is not specified it falls back to use the RSSEC_KEY_PSWD_PROVIDER"rs.security.key.password.provider".

rs.security.signature.algorithmThe signature algorithm to use. The default algorithm if not specified is 'RS256'.
rs.security.signature.out.properties

The signature properties file for compact signature creation. If not specified then it falls back to RSSEC_SIGNATURE_PROPS"rs.security.signature.properties".

rs.security.signature.in.properties

The signature properties file for compact signature verification. If not specified then it falls back to RSSEC_SIGNATURE_PROPS"rs.security.signature.properties".

rs.security.signature.propertiesThe signature properties file for compact signature creation/verification.
rs.security.signature.out.list.properties

The signature properties file for JSON Serialization signature creation. If not specified then it falls back to RSSEC_SIGNATURE_LIST_PROPS."rs.security.signature.list.properties".

rs.security.signature.in.list.properties

The signature properties file for JSON Serialization signature verification. If not specified then it falls back to RSSEC_SIGNATURE_LIST_PROPS"rs.security.signature.list.properties".

rs.security.signature.list.propertiesThe signature properties file for JSON Serialization signature creation/verification.
rs.security.signature.include.public.keyInclude the JWK public key for signature in the "jwk" header. If not specified then it falls back to "rs.security.include.public.key".
rs.security.signature.include.certInclude the X.509 certificate for signature in the "x5c" header. If not specified then it falls back to "rs.security.include.cert".
rs.security.signature.include.key.idInclude the JWK key id for signature in the "kid" header. If not specified then it falls back to "rs.security.include.key.id".
rs.security.signature.include.cert.sha1Include the X.509 certificate SHA-1 digest for signature in the "x5t" header. If not specified then it falls back to "rs.security.include.cert.sha1"/

Encrypting JWK stores

JAX-RS filters can read the keys from encrypted JWK stores. The stores are encrypted inline or in separate storages (files). By default the filters expect that the stores has been encrypted using

...