Index: /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/Constants.java =================================================================== --- /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/Constants.java (revision 5800) +++ /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/Constants.java (working copy) @@ -71,4 +71,6 @@ public static final String XENC_CONTENT_TYPE = EncryptionConstants.TYPE_CONTENT; public static final QName WSSE_HEADER_QNAME = new QName(WSSE_NS, "Security"); + + public static final String JBOSS_WSSE_X509_CERTIFICATES = JBOSS_WSSE_PREFIX + ".x509.certificates"; } Index: /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/KeyResolver.java =================================================================== --- /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/KeyResolver.java (revision 5800) +++ /opt/develop/jbossws-src/src/src/main/java/org/jboss/ws/extensions/security/KeyResolver.java (working copy) @@ -25,9 +25,15 @@ import java.security.PublicKey; import java.security.cert.X509Certificate; import java.util.HashMap; +import java.util.HashSet; +import java.util.Set; + +import javax.xml.ws.handler.MessageContext.Scope; import org.apache.xml.security.keys.KeyInfo; import org.jboss.util.NotImplementedException; +import org.jboss.ws.core.CommonMessageContext; +import org.jboss.ws.core.soap.MessageContextAssociation; import org.jboss.ws.extensions.security.element.BinarySecurityToken; import org.jboss.ws.extensions.security.element.DirectReference; import org.jboss.ws.extensions.security.element.KeyIdentifier; @@ -133,7 +139,9 @@ if (! (token instanceof X509Token)) throw new WSSecurityException("Expected X509Token, cache contained: " + token.getClass().getName()); - return ((X509Token)token).getCert(); + X509Certificate cert = ((X509Token)token).getCert(); + addCertificate(cert); + return cert; } public PublicKey resolvePublicKey(SecurityTokenReference reference) throws WSSecurityException @@ -165,4 +173,21 @@ { return resolvePrivateKey(extractSecurityTokenReference(info)); } + + private void addCertificate(X509Certificate cert) { + CommonMessageContext msgContext = MessageContextAssociation.peekMessageContext(); + Scope prevScope = msgContext.getCurrentScope(); + try { + msgContext.setCurrentScope(Scope.APPLICATION); + Set certs = (Set) msgContext.get(Constants.JBOSS_WSSE_X509_CERTIFICATES); + if (certs == null) { + certs = new HashSet(); + msgContext.put(Constants.JBOSS_WSSE_X509_CERTIFICATES, certs); + } + certs.add(cert); + } finally { + msgContext.setCurrentScope(prevScope); + } + + } }