cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Kulp (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (CXF-1904) CLONE -MTOM does not work when add WSS4J interceptors(UsernameToken and Timestamp)
Date Mon, 10 Nov 2008 13:58:44 GMT

     [ https://issues.apache.org/jira/browse/CXF-1904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Daniel Kulp resolved CXF-1904.
------------------------------

       Resolution: Won't Fix
    Fix Version/s:     (was: 2.0.8)
                       (was: 2.1.2)
                   Invalid



This is as designed, but it's controllable.   

For security reasons, WSS4JOutInterceptor turns off the MTOM support so that any data will
get properly encrypted.  WSS4J doesn't encrypt or sign attachments, thus, we turn off mtom
so it gets inlined and thus properly signed/encrypted.

However, with 2.1.3 you can turn off that behavoir.   The WSS4JOutInterceptor has a setAllowMTOM(boolean)
method that you can call to re-enable mtom. 


> CLONE -MTOM does not work when add WSS4J interceptors(UsernameToken and Timestamp)
> ----------------------------------------------------------------------------------
>
>                 Key: CXF-1904
>                 URL: https://issues.apache.org/jira/browse/CXF-1904
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 2.1
>         Environment: Windows Xp,
> JDK 1.5 update 11
> apache CXF 2.1 release
>            Reporter: naveen kumar
>            Assignee: Daniel Kulp
>             Fix For: Invalid
>
>   Original Estimate: 72h
>  Remaining Estimate: 72h
>
> I have wriitten an Apache CXF client with the following specification,
> 1. MTOM attachment enabled(implemented by refering http://cwiki.apache.org/CXF20DOC/mtom.html
link).
> 2. WS-Secuirty features namely, UsernameToken and Timestamp (implemented by refering
  http://cwiki.apache.org/CXF20DOC/ws-security.html link)
> As per my observation, i see that the MTOM attachment gets inlined in the soap body of
request, when i enable either of  WS-Security features(UsernameToken or Timestamp).But when
i disable WSS4J interceptors i see that client sends the data as MTOM attachment.
> I suspect  WSS4J interceptor is causing the problem.Kindly help me in this regard.
> Note: I added WSS4J interceptors programmatically.
> Thanks in advance,
> Navin Bhat
>  

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message