cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-6409) CXF web service cannot process MTOM/XOP-optimized content within a CipherValue element
Date Fri, 22 May 2015 14:41:17 GMT

    [ https://issues.apache.org/jira/browse/CXF-6409?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14556243#comment-14556243
] 

Colm O hEigeartaigh commented on CXF-6409:
------------------------------------------


Thanks for information. Ok I've added some initial support for processing CipherValue Elements
containing xop:Include in the DOM code only in WSS4J 2.1.1-SNAPSHOT and 2.0.5-SNAPSHOT. Could
you grab the latest code (easiest to build the relevant branch yourself), and run the test
again? I expect it to fail as I haven't added support for it in BinarySecurityToken Elements
yet. I'm not entirely sure if I'm doing the right thing in terms of decryption, so it'd be
helpful to know where the processing fails.

Colm.

> CXF web service cannot process MTOM/XOP-optimized content within a CipherValue element
> --------------------------------------------------------------------------------------
>
>                 Key: CXF-6409
>                 URL: https://issues.apache.org/jira/browse/CXF-6409
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 3.0.4
>            Reporter: Dallas Vaughan
>            Assignee: Colm O hEigeartaigh
>
> When a CXF (WS-Security streaming-enabled) web service endpoint is configured to use
WS-Security and MTOM, CXF cannot handle requests from .NET and Metro clients because it cannot
process {{xop:Include}} elements that are children of {{enc:CipherValue}} elements, as both
of these clients will optimize any large encrypted (base64-encoded binary) content by serializing
it as a MIME part.
> For example, when a Metro MTOM-optimized WS-Security-based request is sent to a CXF endpoint,
the following exception is thrown within {{org.apache.xml.security.stax.impl.processor.input.AbstractDecryptInputProcessor$DecryptionThread.run()}}:
> {code}org.apache.xml.security.exceptions.XMLSecurityException: Unexpected StAX-Event:
START_ELEMENT{code}
> This makes it impossible for .NET and Metro clients to communicate with CXF endpoints
which have the MTOM and encryption policies specified.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message