Axis2FlexibleMEPClient removal of addressing headers should be configurable
---------------------------------------------------------------------------
Key: SYNAPSE-422
URL: https://issues.apache.org/jira/browse/SYNAPSE-422
Project: Synapse
Issue Type: Bug
Components: Core
Affects Versions: 1.1.1, 1.2
Environment: Windows XP Professional. Synapse 1.1.1 and 1.2 proxy
mode and mediation mode
Reporter: Gary Snider
Priority: Critical
I've tried using synapse in proxy mode as well as non-proxy mode but here is
the scenario and why removing the headers is wrong for what we're doing:
1) A WS-Security message comes in to synapse (with wsa:MessageID signed &
referenced in the digital signature )
2) Synapse Axis2FlexibleMEPClient removes the wsa:MessageID in the original
message (Axis2FlexibleMEPClient.removeAddressingHeaders)
3) The endpoint gets the 'forwarded' request and it fails ws-security
validation because the wsa:MessageID which is referenced in the digital
signature has been removed.
The removal of addressing headers needs to be configurable since some
implementations might rely on the original wsa:messageID to be there. In our
case it is part of a digital signature.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
