Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
2.1.3
-
None
-
Apache CXF 3.1.2, WSS4J 2.1.3, Wildfly 10.0.0CR2
Description
If using MTOM with WS-Security enabled, ids for XOP attachments will be URL encoded containing an UID and the namespace.
If namespace contains characters that needs to be escaped WSS4J cannot find the correct attachment as content ID of attachment contains decoded namespace.
Example:
xopUri from soap body: cid:c6bc87d0-ba03-48b0-9141-396281c61989-3@urn%3Aa%3Ab%3Ac%3A1.0
content ID in attachment list: c6bc87d0-ba03-48b0-9141-396281c61989-3@urn:a:b:c:1.0
Solution: URL-decode the xopUri to find correct attachment in attachment list