[
https://issues.apache.org/jira/browse/CXF-6409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dallas Vaughan updated CXF-6409:
--------------------------------
Description:
When a CXF web service endpoint is configured to use WS-Security and MTOM, CXF
cannot handle requests from .NET and Metro clients because it cannot process
{{xop:Include}} elements that are children of {{enc:CipherValue}} elements, as
both of these clients will optimize any large encrypted (base64-encoded binary)
content by serializing it as a MIME part.
This makes it impossible for .NET and Metro clients to communicate with CXF
endpoints which have the MTOM and encryption policies specified.
was:
When a CXF (WS-Security streaming-enabled) web service endpoint is configured
to use WS-Security and MTOM, CXF cannot handle requests from .NET and Metro
clients because it cannot process {{xop:Include}} elements that are children of
{{enc:CipherValue}} elements, as both of these clients will optimize any large
encrypted (base64-encoded binary) content by serializing it as a MIME part.
For example, when a Metro MTOM-optimized WS-Security-based request is sent to a
CXF endpoint, the following exception is thrown within
{{org.apache.xml.security.stax.impl.processor.input.AbstractDecryptInputProcessor$DecryptionThread.run()}}:
{code}org.apache.xml.security.exceptions.XMLSecurityException: Unexpected
StAX-Event: START_ELEMENT{code}
This makes it impossible for .NET and Metro clients to communicate with CXF
endpoints which have the MTOM and encryption policies specified.
> CXF web service cannot process MTOM/XOP-optimized content within a
> CipherValue element
> --------------------------------------------------------------------------------------
>
> Key: CXF-6409
> URL: https://issues.apache.org/jira/browse/CXF-6409
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 3.0.4
> Reporter: Dallas Vaughan
> Assignee: Colm O hEigeartaigh
> Fix For: 3.1.1, 3.0.6
>
> Attachments: decrypt-xop.patch
>
>
> When a CXF web service endpoint is configured to use WS-Security and MTOM,
> CXF cannot handle requests from .NET and Metro clients because it cannot
> process {{xop:Include}} elements that are children of {{enc:CipherValue}}
> elements, as both of these clients will optimize any large encrypted
> (base64-encoded binary) content by serializing it as a MIME part.
> This makes it impossible for .NET and Metro clients to communicate with CXF
> endpoints which have the MTOM and encryption policies specified.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
