[
https://issues.apache.org/jira/browse/CXF-5831?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kyle Lape updated CXF-5831:
---------------------------
Description:
Looking at the code and CXF-3453, it doesn't appear that the
{{WSUIDValidationHandler}} was intended to make CXF more strict in rejecting
validation events, e.g. extra elements within SOAP body or empty string values
for {{xs:int}}. Since that {{ValidationEventHandler}} returns {{false}} by
default, it causes JAXB to halt processing on various events that it wouldn't
by default.
Could we only install the {{WSUIDValidationHandler}} when schema validation and
(maybe) WS-Security are enabled?
was:
Looking at the code and CXF-3453, it doesn't appear that the
{{WSUIDValidationHandler}} was intended to make CXF more strict in rejecting
validation events, e.g. extra elements within SOAP body or empty string values
for {{xs:int}}.
Could we only install the {{WSUIDValidationHandler}} when schema validation and
(maybe) WS-Security are enabled?
> WSUIDValidationHandler is more strict than default behavior of JAXB
> -------------------------------------------------------------------
>
> Key: CXF-5831
> URL: https://issues.apache.org/jira/browse/CXF-5831
> Project: CXF
> Issue Type: Bug
> Components: JAXB Databinding
> Affects Versions: 2.7.11, 3.0.0
> Reporter: Kyle Lape
>
> Looking at the code and CXF-3453, it doesn't appear that the
> {{WSUIDValidationHandler}} was intended to make CXF more strict in rejecting
> validation events, e.g. extra elements within SOAP body or empty string
> values for {{xs:int}}. Since that {{ValidationEventHandler}} returns
> {{false}} by default, it causes JAXB to halt processing on various events
> that it wouldn't by default.
> Could we only install the {{WSUIDValidationHandler}} when schema validation
> and (maybe) WS-Security are enabled?
--
This message was sent by Atlassian JIRA
(v6.2#6252)
