+

Search Tips   |   Advanced Search

Key locator


The key locator retrieves keys for digital signature and encryption.

The JAAS Login Module implementation is used to...

Retrieve keys from one of the following sources, depending upon the implementation:

Key locators search for the key using some type of a clue.

The following types of clues are supported:

WAS Vs 6 and later support a secret key-based signature called HMAC-SHA1. If we use HMAC-SHA1, the SOAP message does not contain a binary security token. In this case, it is assumed that the key information within the message contains the key name used to specify the secret key within the keystore.

Because the key locators support the public key-based signature, the key for verification is embedded in the X.509 certificate as a <BinarySecurityToken> element in the incoming message. For example, key locators can obtain the identity of the caller from the context and can retrieve the public key of the caller for response encryption.

 

Key locators usage scenarios






 

Related concepts


Keys
Overview of platform configuration and bindings

 

Related


Key collection
Key settings