Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-8230

WS-Security and MTOM: Flag org.apache.cxf.ws.security.SecurityConstants.STORE_BYTES_IN_ATTACHMENT not working as expected

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: 3.2.5
    • Fix Version/s: None
    • Component/s: WS-* Components
    • Labels:
      None
    • Estimated Complexity:
      Unknown

      Description

      Hi,

      by default an CXF client that uses MTOM and WS-Security sends the "BinarySecurityToken" and "SignatureValue" elements base64 encoded.

      I expect that "BinarySecurityToken" and "SignatureValue" are both sent as attachmentreferenced via XOP:INCLUDE, if I put the flag "org.apache.cxf.ws.security.SecurityConstants.STORE_BYTES_IN_ATTACHMENT=true".
      But this does not happen.
      If I put STORE_BYTES_IN_ATTACHMENT=true, only the BinarySecurityToken is attached while SignatureValue stays base64 encoded (see attched file "example_request_1.xml").

      IMHO the flag should also cause the SignatureValue to attached, shouldn't it?

       

      Background story:
      The use-case for this is that I want a CXF client to behave like a 3rd party client (SAP) with which we have an compatibility issue.
      The SAP client sends BinarySecurityToken, SignatureValue and the real data as MTOM attachment. A CXF client only sends BinarySecurityToken and the real data as MTOM atatchment.

      I have the suspision that a CXF service cannot handle a request that sends BinarySecurityToken, SignatureValue and the real data as MTOM attachment.
      But since the STORE_BYTES_IN_ATTACHMENT flag does not work as expected, I cannot even write a reproducer....

       

      Regards,

      Jochen

        Attachments

        1. example_request_1.xml
          6 kB
          Jochen Riedlinger

          Issue Links

            Activity

              People

              • Assignee:
                coheigea Colm O hEigeartaigh
                Reporter:
                j_ri Jochen Riedlinger
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: