Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C7BAD18E54 for ; Wed, 1 Jul 2015 16:19:33 +0000 (UTC) Received: (qmail 74988 invoked by uid 500); 1 Jul 2015 16:19:33 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 74930 invoked by uid 500); 1 Jul 2015 16:19:33 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 74921 invoked by uid 99); 1 Jul 2015 16:19:33 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 01 Jul 2015 16:19:33 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 92A25DFBC8; Wed, 1 Jul 2015 16:19:33 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: coheigea@apache.org To: commits@cxf.apache.org Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: cxf git commit: Fixing MTOM warnings with WS-Security Date: Wed, 1 Jul 2015 16:19:33 +0000 (UTC) Repository: cxf Updated Branches: refs/heads/master e1d0a78fa -> b1c7e0eb4 Fixing MTOM warnings with WS-Security Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b1c7e0eb Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b1c7e0eb Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b1c7e0eb Branch: refs/heads/master Commit: b1c7e0eb4e37e8b49cc8fb78b91fd2f193e3adff Parents: e1d0a78 Author: Colm O hEigeartaigh Authored: Wed Jul 1 15:27:24 2015 +0100 Committer: Colm O hEigeartaigh Committed: Wed Jul 1 17:19:30 2015 +0100 ---------------------------------------------------------------------- .../ws/security/wss4j/WSS4JOutInterceptor.java | 38 ++++++++------------ .../org/apache/cxf/systest/ws/mtom/client.xml | 4 --- 2 files changed, 14 insertions(+), 28 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/b1c7e0eb/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java index 37cb572..5e07fdd 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java @@ -30,7 +30,7 @@ import java.util.logging.Logger; import javax.xml.soap.SOAPMessage; import org.w3c.dom.Document; - +import org.apache.cxf.attachment.AttachmentUtil; import org.apache.cxf.binding.soap.SoapFault; import org.apache.cxf.binding.soap.SoapMessage; import org.apache.cxf.binding.soap.SoapVersion; @@ -80,34 +80,15 @@ public class WSS4JOutInterceptor extends AbstractWSS4JInterceptor { setProperties(props); } + @Deprecated public boolean isAllowMTOM() { return mtomEnabled; } - /** - * Enable or disable mtom with WS-Security. MTOM is disabled if we are signing or - * encrypting the message Body, as otherwise attachments would not get encrypted - * or be part of the signature. - * @param mtomEnabled - */ + @Deprecated public void setAllowMTOM(boolean allowMTOM) { this.mtomEnabled = allowMTOM; } - - protected void handleSecureMTOM(SoapMessage mc, List actions) { - if (mtomEnabled) { - return; - } - - //must turn off mtom when using WS-Sec so binary is inlined so it can - //be properly signed/encrypted/etc... - String mtomKey = org.apache.cxf.message.Message.MTOM_ENABLED; - if (mc.get(mtomKey) == Boolean.TRUE) { - LOG.warning("MTOM will be disabled as the WSS4JOutInterceptor.mtomEnabled property" - + " is set to false"); - } - mc.put(mtomKey, Boolean.FALSE); - } @Override public Object getProperty(Object msgContext, String key) { @@ -213,8 +194,12 @@ public class WSS4JOutInterceptor extends AbstractWSS4JInterceptor { reqData.setMsgContext(mc); reqData.setAttachmentCallbackHandler(new AttachmentCallbackHandler(mc)); - handleSecureMTOM(mc, actions); - + if (AttachmentUtil.isMtomEnabled(mc) && hasAttachments(mc)) { + LOG.warning("MTOM is enabled with WS-Security. Please note that if an attachment is" + + "referenced in the SOAP Body, only the reference will be signed and not the" + + "SOAP Body!"); + } + /* * For every action we need a username, so get this now. The * username defined in the deployment descriptor takes precedence. @@ -306,6 +291,11 @@ public class WSS4JOutInterceptor extends AbstractWSS4JInterceptor { //nothing } + private boolean hasAttachments(SoapMessage mc) { + final Collection attachments = mc.getAttachments(); + return attachments != null && attachments.size() > 0; + } + private void configureActions(SoapMessage mc, boolean doDebug, SoapVersion version, WSSConfig config) { http://git-wip-us.apache.org/repos/asf/cxf/blob/b1c7e0eb/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/client.xml ---------------------------------------------------------------------- diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/client.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/client.xml index be8f8ec..b668025 100644 --- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/client.xml +++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/mtom/client.xml @@ -50,9 +50,6 @@ - - - @@ -69,7 +66,6 @@ -