[
https://issues.apache.org/jira/browse/SYNAPSE-549?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12748237#action_12748237
]
Ruwan Linton commented on SYNAPSE-549:
--------------------------------------
I also had a look at the patch and did tested the security scenarios, which
seems to be working fine. Need to test addressing as well.
I agree with Andreas. Supun, can you please provide a separate patch for the
document??
Also some of the configurations are complete replacements, it is better if they
can be maded to just the differences so that the history persists nicely in the
svn. :-)
Thanks,
Ruwan
> Implement a smarter default policy for SOAP header removal/preservation
> -----------------------------------------------------------------------
>
> Key: SYNAPSE-549
> URL: https://issues.apache.org/jira/browse/SYNAPSE-549
> Project: Synapse
> Issue Type: Improvement
> Components: Proxy Services
> Reporter: Andreas Veithen
> Priority: Minor
> Fix For: 1.3.1
>
> Attachments: synapse-549.patch
>
>
> Currently, when sending a message out to the target service, by default the
> WS-Addressing headers are removed while all other headers are preserved.
> SYNAPSE-525 introduced the option to preserve WS-Addressing headers.
> The most reasonable default behavior would actually be as follows:
> - If the SOAP header has been processed by a module engaged on the proxy
> service, remove it when forwarding the message.
> - If the SOAP header has not been processed by a module engaged on the proxy
> service, preserve it and forward it to the target service.
> Note that since only addressing is engaged by default on proxy services, the
> current behavior is consistent with this default policy, except when security
> or RM is enabled. In those latter cases, samples 200 and 201 clearly show
> that the proposed behavior would be much more natural.
> We should also apply a similar default policy to responses sent back to the
> client:
> - If the SOAP header has been processed by a module engaged by
> Axis2FlexibleMEPClient, remove it when sending back the response.
> - If the SOAP header has not been processed by a module engaged by
> Axis2FlexibleMEPClient, preserve it.
> For this case, samples 100 and 101 are interesting.
> Note that since Axis2 keeps track of processed headers using the
> setProcessed/isProcessed methods in SOAPHeaderBlock, the proposed change
> could be implemented in a completely generic way.
> Since there will be cases where the proposed default policy is not
> appropriate, we should also add a generic mechanism to preserve/remove
> specific headers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
