[jbossws-issues] [JBoss JIRA] (JBWS-1814) Dynamic Encryption based on clients input

Dynamic Encryption based on clients input ----------------------------------------- Key: JBWS-1814 URL: https://issues.jboss.org/browse/JBWS-1814 Project: JBoss Web Services Issue Type: Feature Request Security Level: Public(Everyone can see) Components: ws-security Affects Versions: jbossws-1.2.1, jbossws-2.0.1 Reporter: Magesh Bojan Assignee: Alessio Soldano Fix For: jbossws-native-3.0.1 Let's say that Bob runs the web service and Alice has a client that uses the web service. Now John would also like to use the web service. John would create: johns.keystore ---------------- john - keyPair (pub+priv) bob - trustedCertEntry (pub) johns.truststore ---------------- john - trustedCertEntry (just john's public key) In addition, Bob's keystore would be updated to: bobs.keystore ---------------- bob - keyPair (public + private key) alice - trustedCertEntry (just alice's public key) john - trustedCertEntry (just john's public key) This does not pose a problem for encrypting the request from the client side since both Alice and John use Bob's public key to encrypt the message, and Bob of course uses his pirvate key to decrypt the message. But how is the response message encrypted? JBossWS apparently does not support multiple clients because the certificate used by the server to encrypt the response is specified statically in jboss-wsse-server.xml.