Dallas Vaughan created CXF-6443:
-----------------------------------
Summary: CXF streaming-enabled web service cannot process
MTOM/XOP-optimized content within a CipherValue element
Key: CXF-6443
URL: https://issues.apache.org/jira/browse/CXF-6443
Project: CXF
Issue Type: Bug
Affects Versions: 3.0.5
Reporter: Dallas Vaughan
_The DOM-based fix for this issue was implemented for
[CXF-6409|https://issues.apache.org/jira/browse/CXF-6409]_
When a CXF WS-Security streaming-enabled web service endpoint is configured to
use WS-Security and MTOM, CXF cannot handle requests from .NET and Metro
clients because it cannot process {{xop:Include}} elements that are children of
{{enc:CipherValue}} elements, as both of these clients will optimize any large
encrypted (base64-encoded binary) content by serializing it as a MIME part.
For example, when a Metro MTOM-optimized WS-Security-based request is sent to a
CXF endpoint, the following exception is thrown within
{{org.apache.xml.security.stax.impl.processor.input.AbstractDecryptInputProcessor$DecryptionThread.run()}}:
{code}org.apache.xml.security.exceptions.XMLSecurityException: Unexpected
StAX-Event: START_ELEMENT{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
