cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matthias Germann (JIRA)" <j...@apache.org>
Subject [jira] Created: (CXF-827) SOAP Header element is returned to the client even if detached in a JAXWS Handler
Date Tue, 24 Jul 2007 10:20:31 GMT
SOAP Header element is returned to the client even if detached in a JAXWS Handler
---------------------------------------------------------------------------------

                 Key: CXF-827
                 URL: https://issues.apache.org/jira/browse/CXF-827
             Project: CXF
          Issue Type: Bug
          Components: JAX-WS Runtime
    Affects Versions: 2.0
            Reporter: Matthias Germann


If a JAXWS Handler detaches a SOAP Header element with the the detachNode() Method of the
SOAPElement Class during inbound processing of a SOAP Message, the Header is still returned
to the client in the SOAP Response.

	public boolean handleMessage(SOAPMessageContext msgCtx) {
		if (isOutboundMessage(msgCtx)) {
                       return true;
                }

		try {
			SOAPHeader header = msgCtx.getMessage().getSOAPPart().getEnvelope().getHeader();
			if (header == null) {
				return true;
			}
	
			List<SOAPElement> toRemove = new ArrayList<SOAPElement>();
			for (Iterator iter = header.getChildElements(); iter.hasNext();) {
				Object obj = iter.next();
				if (obj instanceof SOAPElement) {
					SOAPElement element = (SOAPElement) obj;
	
					// Security Headers suchen
					Name name = element.getElementName();
					if (NsConstants.WSS.equals(name.getURI())
							&& HandlerConstants.WSS_SECURITY_ELEM.equals(name.getLocalName())) {
						log.debug("WSS Security Header found");
						toRemove.add(element);
					}
				}
			}
	
			// Security Headers, welche erfoglreich bearbeitet wurden, entfernen
			for (SOAPElement elem : toRemove) {
				elem.detachNode();
			}			
			return true;
		} catch(SOAPException e) {
			log.error("Can't remove security header", e);
			throw new RuntimeException("Can't remove security header", e);
		}
		
	}

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message