cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Romain Manni-Bucau (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-7363) Support saaj-impl 1.4
Date Thu, 04 May 2017 09:40:04 GMT
Romain Manni-Bucau created CXF-7363:
---------------------------------------

             Summary: Support saaj-impl 1.4
                 Key: CXF-7363
                 URL: https://issues.apache.org/jira/browse/CXF-7363
             Project: CXF
          Issue Type: Bug
            Reporter: Romain Manni-Bucau


org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor (and actions like UsernameTokenAction)
don't build the dom correctly and it fails with saaj(impl 1.4, here a way to build correctly
the dom for the header appending:

{code}
new WSS4JOutInterceptor(outProps) {
            @Override
            protected void doSenderAction(final Document doc, final RequestData reqData,
                                          final List<HandlerAction> actions, final boolean
isRequest) throws WSSecurityException {
                final String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());

                Element header = XMLUtils.getDirectChildElement(doc.getDocumentElement(),
WSConstants.ELEM_HEADER, soapNamespace);
                final Element envelope = doc.getDocumentElement();
                if (header == null) {
                    header = createElementInSameNamespace(envelope.getOwnerDocument(), envelope,
WSConstants.ELEM_HEADER);
                    final Node firstChild = envelope.getFirstChild();
                    if (firstChild == null) {
                        envelope.appendChild(header);
                    } else {
                        envelope.insertBefore(header, firstChild);
                    }
                }

                Element securityHeader = WSSecurityUtil.getSecurityHeader(header, getString(WSHandlerConstants.ACTOR,
reqData.getMsgContext()), WSConstants.URI_SOAP12_ENV.equals(soapNamespace));
                if (securityHeader == null) {
                    securityHeader = header.getOwnerDocument().createElementNS(WSConstants.WSSE_NS,
"wsse:Security");
                    securityHeader.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsse", WSConstants.WSSE_NS);
                    final Node firstChild = header.getFirstChild();
                    if (firstChild == null) {
                        header.appendChild(securityHeader);
                    } else {
                        header.insertBefore(securityHeader, firstChild);
                    }
                }

                super.doSenderAction(doc, reqData, actions, isRequest);
            }

            private Element createElementInSameNamespace(final Document doc, final Element
parent, final String localName) {
                String qName = localName;
                String prefix = parent.getPrefix();
                if (prefix != null && prefix.length() > 0) {
                    qName = prefix + ":" + localName;
                }

                String nsUri = parent.getNamespaceURI();
                return doc.createElementNS(nsUri, qName);
            }
        }
{code}

Same kind of document fix should be done on the actions.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message