Today I needed to supply cxf the password of my keystore and my certificate. I didn't want the password to stay in some config file saved as plane text. Since I'm doing everything through spring config xml (the cxf part), I wanted to check if I could invoke a method on a static class which decrypts the password, save the result and give it to cxf.
I ended up with this xml:
<bean id="decryptedPrivatePassword" class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetClass"><value>com.nottelling.SomeCryptoClass</value></property>
<property name="targetMethod"><value>decryptWithDefaultInstance</value></property>
<property name="arguments">
<list>
<value>${cert.private.pass}</value>
</list>
</property>
</bean>
This saves me the result of the description in the bean id "
decryptedPrivatePassword". Now to use this result in the cxf config part I just used the notation #{beanId} like this:
<sec:keyManagers keyPassword="#{decryptedPrivatePassword}" >
<sec:keyStore type="${cert.private.type}" password="#{decryptedPrivatePassword}" file="${cert.private.file}"/>
</sec:keyManagers>
Obviously #{beanid} resolves beans ${placeholder.name} resolves just placeholders (if you put a bean id it doesn't find it).
Spring documentation referring to this