Colm O hEigeartaigh created CXF-8010:
----------------------------------------
Summary: Avoid applying the SAAJInInterceptor to unsecured
messages when using WS-SecurityPolicy
Key: CXF-8010
URL: https://issues.apache.org/jira/browse/CXF-8010
Project: CXF
Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Fix For: 3.3.2
It's possible to have a scenario where certain operations are secured using a
WS-SecurityPolicy, and some are not secured at all. Up til now, the
WSS4JInInterceptor will convert all messages to DOM form for WS-Security
processing, using the SAAJInInterceptor.
With this fix, if a message does not contain a security header, it will not be
converted using the SAAJInIntereptor. Instead the policies are evaluated
against an empty set. This should result in a performance boost for the
insecured message case. Note that this only applies when using
WS-SecurityPolicy, and not using the plain WSS4JInInterceptor with "action"
configuration.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
