[ 
https://issues.apache.org/jira/browse/CXF-4052?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated CXF-4052:
-------------------------------------

    Attachment: cxf-4052.patch

Hi Alessio,

See attached for a patch for this issue against trunk. If you could review it 
and test it, that'd be great.

The basic idea is to override the way Crypto objects are loaded and cached in 
WSHandler. When Crypto objects are loaded via a property filename, we use the 
full path of the file as the key of the cache, rather than just the filename.

Colm.
                
> Crypto cache issues and the PolicyBasedWSS4JInInterceptor used as a singleton
> -----------------------------------------------------------------------------
>
>                 Key: CXF-4052
>                 URL: https://issues.apache.org/jira/browse/CXF-4052
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 2.4.5
>         Environment: JBossWS-CXF integration, using Apache CXF 2.4.x
>            Reporter: Alessio Soldano
>            Assignee: Colm O hEigeartaigh
>         Attachments: cxf-4052.patch
>
>
> When using WS-Policy to setup WS-Security interceptors, the 
> WSSecurityInterceptorProvider runs:
> {code}
> ...
> this.getInInterceptors().add(PolicyBasedWSS4JInInterceptor.INSTANCE);
> this.getInFaultInterceptors().add(PolicyBasedWSS4JInInterceptor.INSTANCE);
> ...
> {code}
> which causes the same instance of PolicyBasedWSS4JInInterceptor to be added 
> to any bus.
> Unfortunately, the PolicyBasedWSS4JInInterceptor ends up extending 
> org.apache.ws.security.handler.WSHandler which has a Map<String, Crypto> 
> attribute. That is used whenever loading a Crypto instance and caches 
> instances with keys basically given by the Merlin prop file name the user 
> specified for the endpoint.
> So, when having multiple deployments referencing properties files with the 
> same name, the first crypto instance is always used.
> If we want to keep the singleton approach on using the 
> PolicyBasedWSS4JInInterceptor, we should probably at least use a different 
> mechanism for creating keys so that prop files from different deployments are 
> kept separate.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Reply via email to