WS-Security signed headers fail when schema validation enabled
--------------------------------------------------------------
Key: CXF-3453
URL: https://issues.apache.org/jira/browse/CXF-3453
Project: CXF
Issue Type: Bug
Components: WS-* Components
Affects Versions: 2.3.3, 2.3.1
Reporter: Ross M. Lodge
After turning on schema validation on a web-service with headers that are
signed, but not encrypted, the schema validation fails because the "wsu:Id" is
not allowed in the schema.
I've seen two forms of this: a complex type header fails with an error saying
that the "wsu:Id" attribute isn't allowed, and a simple type header fails
saying that no attributes are allowed (except for type, nill, schemaInstance,
etc.).
I think this is a bug, as I don't know anything in the WS-Security specs that
would prevent signing of simple type headers or prevent subsequent schema
validation.
I've worked around this by using complex types and adding "<xsd:anyAttribute
namespace="##any" processContents="skip"/>" to those types, but it doesn't seem
like this should be necessary, and doesn't fix the simple type problem.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
